diff options
Diffstat (limited to 'applications/luci-app-dockerman/root/etc')
3 files changed, 71 insertions, 0 deletions
diff --git a/applications/luci-app-dockerman/root/etc/config/dockerman b/applications/luci-app-dockerman/root/etc/config/dockerman new file mode 100644 index 000000000..ae7239a78 --- /dev/null +++ b/applications/luci-app-dockerman/root/etc/config/dockerman @@ -0,0 +1,10 @@ +config section 'local' + option socket_path '/var/run/docker.sock' + option status_path '/tmp/.docker_action_status' + option debug 'false' + option debug_path '/tmp/.docker_debug' + option remote_endpoint 'false' + option daemon_ea 'true' + option daemon_data_root '/opt/docker' + option daemon_log_level 'warn' + list ac_allowed_interface 'br-lan' diff --git a/applications/luci-app-dockerman/root/etc/init.d/dockerman b/applications/luci-app-dockerman/root/etc/init.d/dockerman new file mode 100755 index 000000000..22629c193 --- /dev/null +++ b/applications/luci-app-dockerman/root/etc/init.d/dockerman @@ -0,0 +1,46 @@ +#!/bin/sh /etc/rc.common + +START=99 +DOCKERD_CONF="/etc/docker/daemon.json" + +config_load dockerman +config_get daemon_ea "local" daemon_ea + +init_dockerman_chain(){ + iptables -N DOCKER-MAN >/dev/null 2>&1 + iptables -F DOCKER-MAN >/dev/null 2>&1 + iptables -D DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1 + iptables -I DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1 +} + +add_allowed_interface(){ + iptables -A DOCKER-MAN -i $1 -o docker0 -j RETURN +} + +add_allowed_ip(){ + iptables -A DOCKER-MAN -d $1 -o docker0 -j RETURN +} + +handle_allowed_interface(){ + #config_list_foreach "local" allowed_ip add_allowed_ip + config_list_foreach "local" ac_allowed_interface add_allowed_interface + iptables -A DOCKER-MAN -m conntrack --ctstate ESTABLISHED,RELATED -o docker0 -j RETURN >/dev/null 2>&1 + iptables -A DOCKER-MAN -m conntrack --ctstate NEW,INVALID -o docker0 -j DROP >/dev/null 2>&1 + iptables -A DOCKER-MAN -j RETURN >/dev/null 2>&1 +} + +start(){ + [ ! -x "/etc/init.d/dockerd" ] && return 0 + init_dockerman_chain + if [ -n "$daemon_ea" ]; then + handle_allowed_interface + lua /usr/share/dockerman/dockerd-config.lua "$DOCKERD_CONF" && /etc/init.d/dockerd restart && sleep 5 || { + # 1 running, 0 stopped + STATE=$([ -n "$(ps |grep /usr/bin/dockerd | grep -v grep)" ] && echo 1 || echo 0) + [ "$STATE" == "0" ] && /etc/init.d/dockerd start && sleep 5 + } + lua /usr/share/dockerman/dockerd-ac.lua + else + /etc/init.d/dockerd stop + fi +} diff --git a/applications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman b/applications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman new file mode 100755 index 000000000..c5a54178e --- /dev/null +++ b/applications/luci-app-dockerman/root/etc/uci-defaults/luci-app-dockerman @@ -0,0 +1,15 @@ +#!/bin/sh + +uci -q batch <<-EOF >/dev/null + set uhttpd.main.script_timeout="360" + commit uhttpd + delete ucitrack.@dockerman[-1] + add ucitrack dockerman + set ucitrack.@dockerman[-1].exec='/etc/init.d/dockerman start' + commit ucitrack +EOF +[ -x "$(which dockerd)" ] && chmod +x /etc/init.d/dockerman && /etc/init.d/dockerd disable && /etc/init.d/dockerman enable >/dev/null 2>&1 +sed -i 's/self:cfgvalue(section) or {}/self:cfgvalue(section) or self.default or {}/' /usr/lib/lua/luci/view/cbi/dynlist.htm +/etc/init.d/uhttpd restart >/dev/null 2>&1 +rm -fr /tmp/luci-indexcache /tmp/luci-modulecache >/dev/null 2>&1 +exit 0 |