Merge claude/1

This commit is contained in:
librelad 2026-05-26 10:43:49 +01:00
commit 447b9432f0
8 changed files with 38 additions and 49 deletions

View File

@ -12,5 +12,5 @@ appSetupComposeTags_gluetun() {
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_WIREGUARD_ADDRESSES_TAG" "$CFG_GLUETUN_WIREGUARD_ADDRESSES"
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_HEALTH_TARGETS_TAG" "${CFG_GLUETUN_HEALTH_TARGETS:-mullvad.net:443,eff.org:443}"
tagsManagerUpdateUniversalTag "$full_file_path" "GLUETUN_HEALTH_ICMP_IPS_TAG" "${CFG_GLUETUN_HEALTH_ICMP_IPS:-9.9.9.9}"
tagsProcessorGluetunForwardedPorts
appNetworkRegisterPorts_gluetun
}

View File

@ -1,22 +1,18 @@
#!/bin/bash
# Toggles a per-app compose between default networking and gluetun-routed
# networking by editing marker regions: GLUETUN_OFF_* and GLUETUN_ON_*.
#
# default → keep OFF region as-is, ON region stays commented (no-op).
# gluetun → comment out everything in OFF region, uncomment ON region,
# force traefik.enable to false (app reached via gluetun ports).
tagsProcessorNetworkMode()
# Gluetun network-routing provider hooks. An app routes through gluetun by setting
# CFG_<APP>_NETWORK=gluetun; the central compose templater + uninstall flow call
# these by convention (appNetworkApplyMode_<provider> / appNetworkRegisterPorts_
# <provider>) with no provider name hardcoded centrally — so this lives with the
# app that owns it.
# Switch a routed app's compose between default and gluetun networking by editing
# its marker regions (GLUETUN_OFF_* / GLUETUN_ON_*) and forcing traefik off (the
# app is reached via gluetun's published ports instead).
appNetworkApplyMode_gluetun()
{
local file="$1"
local mode="$2"
if [[ -z "$file" || ! -f "$file" ]]; then
return 0
fi
if [[ "$mode" != "gluetun" ]]; then
return 0
fi
[[ -z "$file" || ! -f "$file" ]] && return 0
local tmp="${file}.netmode.$$"
runFileOp awk '
@ -51,10 +47,10 @@ tagsProcessorNetworkMode()
tagsManagerUpdateUniversalTag "$file" "TRAEFIK_ENABLE_TAG" "false"
}
# Rebuilds gluetun's GLUETUN_FORWARDED_PORTS region from every installed
# app whose CFG_<APP>_NETWORK is gluetun. Region is fully rewritten on every
# call so removed apps drop out automatically.
tagsProcessorGluetunForwardedPorts()
# Rebuild gluetun's GLUETUN_FORWARDED_PORTS region from every installed app whose
# CFG_<APP>_NETWORK is gluetun. Region is fully rewritten on every call so removed
# apps drop out automatically. Self-skips if gluetun isn't installed.
appNetworkRegisterPorts_gluetun()
{
local gluetun_compose="${containers_dir}gluetun/docker-compose.yml"
if [[ ! -f "$gluetun_compose" ]]; then return 0; fi
@ -107,10 +103,9 @@ tagsProcessorGluetunForwardedPorts()
if runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^gluetun-service$'; then
isNotice "Gluetun forwarded ports changed; recreating gluetun-service to apply."
(cd "${containers_dir}gluetun" && runFileOp docker compose up -d --force-recreate gluetun-service >/dev/null 2>&1) || true
# Recreating gluetun gives it a new container ID, which orphans
# every `network_mode: container:gluetun-service` reference. Re-
# attach all routed apps so they share the new netns instead of
# silently getting their own.
# Recreating gluetun gives it a new container ID, which orphans every
# `network_mode: container:gluetun-service` reference. Re-attach all
# routed apps so they share the new netns instead of getting their own.
appGluetunRecreateRouted
fi
else

View File

@ -12,7 +12,7 @@
# app's HTTP server is no longer in gluetun's namespace.
#
# Call this whenever you've just touched gluetun in a way that recreates
# its container — see tagsProcessorGluetunForwardedPorts and the gluetun
# its container — see appNetworkRegisterPorts_gluetun and the gluetun
# install lifecycle for the two existing wiring sites.
appGluetunRecreateRouted()
{

View File

@ -118,13 +118,20 @@ dockerConfigSetupFileWithData()
fi
###############################################
# Network mode (gluetun routing)
# Network mode (route through a gateway provider, e.g. gluetun)
###############################################
# An app may route through a gateway named in CFG_<APP>_NETWORK. The
# provider owns the wiring via hooks in containers/<provider>/scripts/:
# appNetworkApplyMode_<provider> "$file" — switch this app's compose
# appNetworkRegisterPorts_<provider> — refresh the provider's ports
# so no provider name is hardcoded here.
local network_var="CFG_${app_name^^}_NETWORK"
local network_mode="${!network_var:-default}"
tagsProcessorNetworkMode "$full_file_path" "$network_mode"
if [[ "$network_mode" == "gluetun" && "$app_name" != "gluetun" ]]; then
tagsProcessorGluetunForwardedPorts
if [[ "$network_mode" != "default" && "$network_mode" != "$app_name" ]]; then
declare -F "appNetworkApplyMode_${network_mode}" >/dev/null 2>&1 \
&& "appNetworkApplyMode_${network_mode}" "$full_file_path"
declare -F "appNetworkRegisterPorts_${network_mode}" >/dev/null 2>&1 \
&& "appNetworkRegisterPorts_${network_mode}"
fi
else

View File

@ -82,9 +82,13 @@ dockerUninstallApp()
webuiContainerSetup $stored_app_name uninstall;
if [[ $(dockerCheckAppInstalled "gluetun" "docker") == "installed" ]]; then
tagsProcessorGluetunForwardedPorts
fi
# A removed app may have been routed through a network gateway (e.g.
# gluetun); let each provider refresh its forwarded-port registration.
# Each hook self-skips when its provider isn't installed.
local _np_fn
for _np_fn in $(compgen -A function 2>/dev/null | grep '^appNetworkRegisterPorts_'); do
"$_np_fn"
done
if [[ "$delete_tasks" == "true" ]]; then
((menu_number++))

View File

@ -6,14 +6,11 @@ files_libreportal_app=(
"${backup_scripts[@]}"
"${checks_scripts[@]}"
"${cli_scripts[@]}"
"${command_scripts[@]}"
"${config_scripts[@]}"
"${crontab_scripts[@]}"
"${database_scripts[@]}"
"${docker_scripts[@]}"
"${function_scripts[@]}"
"${gluetun_scripts[@]}"
"${headscale_scripts[@]}"
"${install_scripts[@]}"
"${logs_scripts[@]}"
"${menu_scripts[@]}"
@ -24,12 +21,7 @@ files_libreportal_app=(
"${setup_scripts[@]}"
"${source_scripts[@]}"
"${ssh_scripts[@]}"
"${ssl_scripts[@]}"
"${start_scripts[@]}"
"${swapfile_scripts[@]}"
"${ufw_scripts[@]}"
"${ufwd_scripts[@]}"
"${update_scripts[@]}"
"${user_scripts[@]}"
"${webui_scripts[@]}"
)

View File

@ -43,7 +43,6 @@ config_scripts=(
"config/tags/processors/tags_processor_app_url.sh"
"config/tags/processors/tags_processor_docker_installation.sh"
"config/tags/processors/tags_processor_healthcheck.sh"
"config/tags/processors/tags_processor_network_mode.sh"
"config/tags/processors/tags_processor_password_generation.sh"
"config/tags/processors/tags_processor_random_user.sh"
"config/tags/processors/tags_processor_socket_configuration.sh"

View File

@ -6,14 +6,11 @@ files_libreportal_cli=(
"${backup_scripts[@]}"
"${checks_scripts[@]}"
"${cli_scripts[@]}"
"${command_scripts[@]}"
"${config_scripts[@]}"
"${crontab_scripts[@]}"
"${database_scripts[@]}"
"${docker_scripts[@]}"
"${function_scripts[@]}"
"${gluetun_scripts[@]}"
"${headscale_scripts[@]}"
"${install_scripts[@]}"
"${logs_scripts[@]}"
"${menu_scripts[@]}"
@ -24,12 +21,7 @@ files_libreportal_cli=(
"${setup_scripts[@]}"
"${source_scripts[@]}"
"${ssh_scripts[@]}"
"${ssl_scripts[@]}"
"${start_scripts[@]}"
"${swapfile_scripts[@]}"
"${ufw_scripts[@]}"
"${ufwd_scripts[@]}"
"${update_scripts[@]}"
"${user_scripts[@]}"
"${webui_scripts[@]}"
)