Two latent issues uncovered while designing network-drift detection: - adoptDockerSubnet's comment claimed apps' IPs stay inside docker's subnet after adoption. False: IPs are pinned to the old subnet's first three octets, so adopting a different /24 base strands every app IP out-of-subnet. Document the real behaviour + the heal paths. - ipAllocation fell through from the existing-row branch to the unconditional INSERT, which would violate UNIQUE(app,type,service). Unreachable on today's reset path (rows are deleted first) but a hazard for any direct caller; add an explicit return after reuse/reset. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
55 lines
2.3 KiB
Bash
Executable File
55 lines
2.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# CFG↔docker subnet adoption: if the docker network already exists with a
|
|
# different subnet than CFG, treat docker's value as the truth and update CFG.
|
|
# This realigns CFG ONLY — it does NOT touch already-allocated per-app IPs.
|
|
# Because IPs are pinned to the first three octets of the old subnet
|
|
# (ipFindAvailable), adopting a different /24 base strands every existing app
|
|
# IP outside docker's real subnet. Those apps need re-IPing from the corrected
|
|
# subnet: automatically via the network-drift detector + `libreportal system
|
|
# network heal`, or manually per app via `libreportal app install <name>
|
|
# --reset-network` (fresh compose + fresh IPs through the idempotent install).
|
|
adoptDockerSubnet()
|
|
{
|
|
local current_subnet="$1"
|
|
[[ -z "$current_subnet" ]] && return 0
|
|
updateConfigOption "CFG_NETWORK_SUBNET" "$current_subnet"
|
|
CFG_NETWORK_SUBNET="$current_subnet"
|
|
isSuccessful "Adopted docker's subnet into CFG: $current_subnet"
|
|
}
|
|
|
|
checkDockerNetworkRequirement()
|
|
{
|
|
if [[ $CFG_REQUIREMENT_DOCKER_NETWORK == "true" ]]; then
|
|
if [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
|
|
if dockerCommandRun "docker network inspect $CFG_NETWORK_NAME > /dev/null 2>&1"; then
|
|
local current_subnet=$(dockerCommandRun "docker network inspect $CFG_NETWORK_NAME --format '{{range .IPAM.Config}}{{.Subnet}}{{end}}' 2>/dev/null")
|
|
|
|
if [[ "$current_subnet" == "$CFG_NETWORK_SUBNET" ]]; then
|
|
isSuccessful "Docker Network $CFG_NETWORK_NAME exists with matching subnet"
|
|
else
|
|
adoptDockerSubnet "$current_subnet"
|
|
fi
|
|
else
|
|
isNotice "Docker Network $CFG_NETWORK_NAME not found."
|
|
DOCKER_NETWORK_SETUP_NEEDED="true"
|
|
((preinstallneeded++))
|
|
fi
|
|
elif [[ $CFG_DOCKER_INSTALL_TYPE == "rooted" ]]; then
|
|
if runFileOp docker network inspect $CFG_NETWORK_NAME > /dev/null 2>&1; then
|
|
local current_subnet=$(runFileOp docker network inspect $CFG_NETWORK_NAME --format '{{range .IPAM.Config}}{{.Subnet}}{{end}}' 2>/dev/null)
|
|
|
|
if [[ "$current_subnet" == "$CFG_NETWORK_SUBNET" ]]; then
|
|
isSuccessful "Docker Network $CFG_NETWORK_NAME exists with matching subnet"
|
|
else
|
|
adoptDockerSubnet "$current_subnet"
|
|
fi
|
|
else
|
|
isNotice "Docker Network $CFG_NETWORK_NAME not found."
|
|
DOCKER_NETWORK_SETUP_NEEDED="true"
|
|
((preinstallneeded++))
|
|
fi
|
|
fi
|
|
fi
|
|
}
|