Skip to content

Commit

Permalink
Adds ability to use a specific gateway network
Browse files Browse the repository at this point in the history
  • Loading branch information
justin-russell committed Aug 8, 2024
1 parent 3ca655a commit a455fb4
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 8 deletions.
10 changes: 6 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,22 +1,24 @@
.PHONY: docker link setup gateway ci

GATEWAY_NETWORK=gateway

docker:
docker build -t fractalnetworks/selfhosted-gateway:latest ./src/gateway/
docker build -t fractalnetworks/gateway-link:latest ./src/gateway-link/
docker build -t fractalnetworks/gateway-client:latest ./src/client-link/
docker build -t fractalnetworks/gateway-cli:latest ./src/create-link/

setup:
docker network create gateway
docker network create $(GATEWAY_NETWORK)

gateway: docker
docker run --network gateway --restart unless-stopped -p 80:80 -p 443:443 -e NGINX_ENVSUBST_OUTPUT_DIR=/etc/nginx -it -d fractalnetworks/selfhosted-gateway:latest
docker run --network $(GATEWAY_NETWORK) --restart unless-stopped -p 80:80 -p 443:443 -e NGINX_ENVSUBST_OUTPUT_DIR=/etc/nginx -it -d fractalnetworks/selfhosted-gateway:latest

link:
docker run -e SSH_AGENT_PID=$$SSH_AGENT_PID -e SSH_AUTH_SOCK=$$SSH_AUTH_SOCK -v $$SSH_AUTH_SOCK:$$SSH_AUTH_SOCK -v "$$PWD:/workdir" --rm -it fractalnetworks/gateway-cli:latest $(GATEWAY) $(FQDN) $(EXPOSE)
docker run -e GATEWAY_NETWORK=$(GATEWAY_NETWORK) -e SSH_AGENT_PID=$$SSH_AGENT_PID -e SSH_AUTH_SOCK=$$SSH_AUTH_SOCK -v $$SSH_AUTH_SOCK:$$SSH_AUTH_SOCK -v "$$PWD:/workdir" --rm -it fractalnetworks/gateway-cli:latest $(GATEWAY) $(FQDN) $(EXPOSE)

link-macos:
docker run -v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock -e SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" -v "$$PWD:/workdir" --rm -it fractalnetworks/gateway-cli:latest $(GATEWAY) $(FQDN) $(EXPOSE)
docker run -v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock -e GATEWAY_NETWORK=$(GATEWAY_NETWORK) -e SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" -v "$$PWD:/workdir" --rm -it fractalnetworks/gateway-cli:latest $(GATEWAY) $(FQDN) $(EXPOSE)

link-ci:
./ci/create-link-ci.sh $(GATEWAY) $(FQDN) nginx:80
4 changes: 3 additions & 1 deletion src/create-link/entrypoint.sh
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ function fqdn_to_container_name() {

SSH_HOST=$1
SSH_PORT=22
GATEWAY_NETWORK=${GATEWAY_NETWORK:-gateway}

# split port from SSH_HOST if SSH_HOST contains :
if [[ $SSH_HOST == *":"* ]]; then
IFS=':' read -ra ADDR <<< "$SSH_HOST"
Expand All @@ -44,7 +46,7 @@ GATEWAY_IP=$(getent ahostsv4 "$LINK_DOMAIN" | awk '{print $1; exit}')

LINK_CLIENT_WG_PUBKEY=$(echo $WG_PRIVKEY|wg pubkey)
# LINK_ENV=$(ssh -o StrictHostKeyChecking=accept-new $SSH_HOST -p $SSH_PORT "bash -s" -- < ./remote.sh $CONTAINER_NAME $LINK_CLIENT_WG_PUBKEY > /dev/null 2>&1)
LINK_ENV=$(ssh -o StrictHostKeyChecking=accept-new -o LogLevel=ERROR $SSH_HOST -p $SSH_PORT "bash -s" -- < ./remote.sh $CONTAINER_NAME $LINK_CLIENT_WG_PUBKEY)
LINK_ENV=$(ssh -o StrictHostKeyChecking=accept-new -o LogLevel=ERROR $SSH_HOST -p $SSH_PORT "bash -s" -- < ./remote.sh $CONTAINER_NAME $LINK_CLIENT_WG_PUBKEY $GATEWAY_NETWORK)

# convert to array
RESULT=($LINK_ENV)
Expand Down
7 changes: 4 additions & 3 deletions src/create-link/remote.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,17 +4,18 @@ set -e

CONTAINER_NAME=$1
LINK_CLIENT_WG_PUBKEY=$2
GATEWAY_NETWORK=$3

# create gateway-link container
CONTAINER_ID=$(docker run --name $CONTAINER_NAME --network gateway -p 18521/udp --cap-add NET_ADMIN --restart unless-stopped -it -e LINK_CLIENT_WG_PUBKEY=$LINK_CLIENT_WG_PUBKEY -d fractalnetworks/gateway-link:latest)
CONTAINER_ID=$(docker run --name $CONTAINER_NAME --network $GATEWAY_NETWORK -p 18521/udp --cap-add NET_ADMIN --restart unless-stopped -it -e LINK_CLIENT_WG_PUBKEY=$LINK_CLIENT_WG_PUBKEY -d fractalnetworks/gateway-link:latest)
# get randomly assigned WireGuard port
WIREGUARD_PORT=$(docker port $CONTAINER_NAME 18521/udp| head -n 1| sed "s/0\.0\.0\.0://")

docker rm -f $CONTAINER_ID 2>& 1>NUL

# create gateway-link container
CONTAINER_ID=$(docker run --name $CONTAINER_NAME --network gateway -p $WIREGUARD_PORT:18521/udp --cap-add NET_ADMIN --restart unless-stopped -it -e LINK_CLIENT_WG_PUBKEY=$LINK_CLIENT_WG_PUBKEY -d fractalnetworks/gateway-link:latest)
# get gateway-link WireGuard pubkey
CONTAINER_ID=$(docker run --name $CONTAINER_NAME --network $GATEWAY_NETWORK -p $WIREGUARD_PORT:18521/udp --cap-add NET_ADMIN --restart unless-stopped -it -e LINK_CLIENT_WG_PUBKEY=$LINK_CLIENT_WG_PUBKEY -d fractalnetworks/gateway-link:latest)
# get gateway-link WireGuard pubkey
GATEWAY_LINK_WG_PUBKEY=$(docker exec $CONTAINER_NAME bash -c 'cat /etc/wireguard/link0.key |wg pubkey')
# get randomly assigned WireGuard port
#WIREGUARD_PORT=$(docker port $CONTAINER_NAME 18521/udp| head -n 1| sed "s/0\.0\.0\.0://")
Expand Down

0 comments on commit a455fb4

Please sign in to comment.