From 7f797273dda7b9368fe9c646eb07b7077650a770 Mon Sep 17 00:00:00 2001 From: librelad Date: Tue, 26 May 2026 01:21:08 +0100 Subject: [PATCH] refactor(wireguard): inline the host-conflict guard, drop central allowed_install MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit dockerCheckAllowedInstall was a one-app `case` whose only active caller was the wireguard app itself — so inline its check (abort if a host WireGuard exists at /etc/wireguard/params, which would collide on the wg kernel module + UDP 51820) directly into containers/wireguard/wireguard.sh and delete scripts/docker/app/checks/allowed_install.sh. The protection is unchanged; wireguard is now fully self-contained and the last app name leaves central install code. Regenerated arrays. (The only remaining dockerCheckAllowedInstall references are in scripts/unused/ — retired apps, never sourced.) Co-Authored-By: Claude Opus 4.7 Signed-off-by: librelad --- containers/wireguard/wireguard.sh | 10 ++++- scripts/docker/app/checks/allowed_install.sh | 39 -------------------- scripts/source/files/arrays/files_docker.sh | 1 - 3 files changed, 9 insertions(+), 41 deletions(-) delete mode 100755 scripts/docker/app/checks/allowed_install.sh diff --git a/containers/wireguard/wireguard.sh b/containers/wireguard/wireguard.sh index 3045471..9005516 100755 --- a/containers/wireguard/wireguard.sh +++ b/containers/wireguard/wireguard.sh @@ -37,7 +37,15 @@ installWireguard() echo "---- $menu_number. Checking if $app_name can be installed." echo "" - dockerCheckAllowedInstall "$app_name" || return 1 + # Host-conflict guard: a host-level WireGuard (e.g. the angristan + # wireguard-install script — marker /etc/wireguard/params) collides with + # this container on the wg kernel module + UDP 51820. Abort if present. + if [[ -e /etc/wireguard/params ]]; then + isError "WireGuard is already installed on the host — this conflicts with the $app_name app." + isError "Installation is now aborting..." + dockerUninstallApp "$app_name" + return 1 + fi ((menu_number++)) echo "" diff --git a/scripts/docker/app/checks/allowed_install.sh b/scripts/docker/app/checks/allowed_install.sh deleted file mode 100755 index 0c6100d..0000000 --- a/scripts/docker/app/checks/allowed_install.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash - -dockerCheckAllowedInstall() -{ - local app_name="$1" - - #if [ "$status" == "installed" ]; then - #elif [ "$status" == "running" ]; then - #elif [ "$status" == "not_installed" ]; then - #elif [ "$status" == "invalid_flag" ]; then - - case "$app_name" in - "wireguard") - # Check if WireGuard is already installed and load params - if [[ -e /etc/wireguard/params ]]; then - isError "WireGuard is installed, this will conflict with $app_name." - isError "Installation is now aborting..." - dockerUninstallApp "$app_name" - return 1 - fi - ;; - #"mailcow") - #local status=$(dockerCheckAppInstalled "webmin" "linux" "check_active") - #if [ "$status" == "installed" ]; then - #isError "Virtualmin is installed, this will conflict with $app_name." - #isError "Installation is now aborting..." - #dockerUninstallApp "$app_name" - - #elif [ "$status" == "running" ]; then - #isError "Virtualmin is installed, this will conflict with $app_name." - #isError "Installation is now aborting..." - #dockerUninstallApp "$app_name" - - #fi - #;; - esac - - isSuccessful "Application is allowed to be installed." -} diff --git a/scripts/source/files/arrays/files_docker.sh b/scripts/source/files/arrays/files_docker.sh index 0390b8c..695e01b 100755 --- a/scripts/source/files/arrays/files_docker.sh +++ b/scripts/source/files/arrays/files_docker.sh @@ -4,7 +4,6 @@ # Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate docker_scripts=( - "docker/app/checks/allowed_install.sh" "docker/app/checks/app_installed.sh" "docker/app/checks/container_health_loop.sh" "docker/app/checks/container_health.sh"