LibrePortal/scripts/app/containers/gluetun/gluetun_recreate_routed.sh
librelad 3ecf213cab refactor(de-sudo): docker calls via runFileOp/dockerCommandRun, drop sudo
Container-plane docker now routes through the mode-aware helpers instead of
sudo: simple calls (exec/ps/run/build/images/inspect/port/logs across ~15
app/check scripts) -> runFileOp docker (rootless socket as the install user;
rooted via the docker group). The cd && docker compose paths drop the sudo on
the rooted branch (the rootless branch already used dockerCommandRunInstallUser
-- byte-identical now, manager-ready later); gluetun, which had no rootless
branch, now uses dockerCommandRun so force-recreate works in both modes.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 16:29:22 +01:00

65 lines
2.5 KiB
Bash

#!/bin/bash
# Force-recreates every installed app whose `CFG_<APP>_NETWORK=gluetun`
# so they re-resolve `network_mode: container:gluetun-service` against
# the *current* gluetun container ID.
#
# Background: Docker resolves `container:<name>` once at start time. If
# gluetun is later recreated (port-forward change, version bump, manual
# `docker compose up`), every routed app keeps the *old* container ID
# embedded in its NetworkMode and ends up in its own private netns —
# the host port mapping silently stops reaching anything because the
# app's HTTP server is no longer in gluetun's namespace.
#
# Call this whenever you've just touched gluetun in a way that recreates
# its container — see tagsProcessorGluetunForwardedPorts and the gluetun
# install lifecycle for the two existing wiring sites.
appGluetunRecreateRouted()
{
if ! command -v sqlite3 >/dev/null 2>&1; then
return 0
fi
if [[ ! -f "$docker_dir/$db_file" ]]; then
return 0
fi
local installed_apps
installed_apps=$(runInstallOp sqlite3 "$docker_dir/$db_file" \
"SELECT name FROM apps WHERE status = 1 ORDER BY name;" 2>/dev/null)
if ! runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^gluetun-service$'; then
# Nothing to re-attach against; gluetun isn't running.
return 0
fi
local recreated=0
while IFS= read -r app; do
[[ -z "$app" || "$app" == "gluetun" ]] && continue
local app_config_file="${containers_dir}${app}/${app}.config"
[[ -f "$app_config_file" ]] || continue
local net
net=$(grep -E "^CFG_${app^^}_NETWORK=" "$app_config_file" 2>/dev/null \
| cut -d'=' -f2 | tr -d '"')
[[ "$net" != "gluetun" ]] && continue
local app_compose="${containers_dir}${app}/docker-compose.yml"
[[ -f "$app_compose" ]] || continue
# Skip apps with no running/created container — recreate would
# do nothing useful and we'd just emit noise.
if ! runFileOp docker ps -a --format '{{.Names}}' 2>/dev/null \
| grep -q "^${app}-service$"; then
continue
fi
isNotice "Re-attaching ${app} to gluetun's namespace (force-recreate)..."
dockerCommandRun "cd ${containers_dir}${app} && docker compose up -d --force-recreate ${app}-service" >/dev/null 2>&1 || true
((recreated++))
done <<< "$installed_apps"
if (( recreated > 0 )); then
isSuccessful "Re-attached ${recreated} gluetun-routed app(s) to the new gluetun namespace."
fi
}