Container-plane docker now routes through the mode-aware helpers instead of sudo: simple calls (exec/ps/run/build/images/inspect/port/logs across ~15 app/check scripts) -> runFileOp docker (rootless socket as the install user; rooted via the docker group). The cd && docker compose paths drop the sudo on the rooted branch (the rootless branch already used dockerCommandRunInstallUser -- byte-identical now, manager-ready later); gluetun, which had no rootless branch, now uses dockerCommandRun so force-recreate works in both modes. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
65 lines
2.5 KiB
Bash
65 lines
2.5 KiB
Bash
#!/bin/bash
|
|
|
|
# Force-recreates every installed app whose `CFG_<APP>_NETWORK=gluetun`
|
|
# so they re-resolve `network_mode: container:gluetun-service` against
|
|
# the *current* gluetun container ID.
|
|
#
|
|
# Background: Docker resolves `container:<name>` once at start time. If
|
|
# gluetun is later recreated (port-forward change, version bump, manual
|
|
# `docker compose up`), every routed app keeps the *old* container ID
|
|
# embedded in its NetworkMode and ends up in its own private netns —
|
|
# the host port mapping silently stops reaching anything because the
|
|
# app's HTTP server is no longer in gluetun's namespace.
|
|
#
|
|
# Call this whenever you've just touched gluetun in a way that recreates
|
|
# its container — see tagsProcessorGluetunForwardedPorts and the gluetun
|
|
# install lifecycle for the two existing wiring sites.
|
|
appGluetunRecreateRouted()
|
|
{
|
|
if ! command -v sqlite3 >/dev/null 2>&1; then
|
|
return 0
|
|
fi
|
|
if [[ ! -f "$docker_dir/$db_file" ]]; then
|
|
return 0
|
|
fi
|
|
|
|
local installed_apps
|
|
installed_apps=$(runInstallOp sqlite3 "$docker_dir/$db_file" \
|
|
"SELECT name FROM apps WHERE status = 1 ORDER BY name;" 2>/dev/null)
|
|
|
|
if ! runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^gluetun-service$'; then
|
|
# Nothing to re-attach against; gluetun isn't running.
|
|
return 0
|
|
fi
|
|
|
|
local recreated=0
|
|
while IFS= read -r app; do
|
|
[[ -z "$app" || "$app" == "gluetun" ]] && continue
|
|
local app_config_file="${containers_dir}${app}/${app}.config"
|
|
[[ -f "$app_config_file" ]] || continue
|
|
|
|
local net
|
|
net=$(grep -E "^CFG_${app^^}_NETWORK=" "$app_config_file" 2>/dev/null \
|
|
| cut -d'=' -f2 | tr -d '"')
|
|
[[ "$net" != "gluetun" ]] && continue
|
|
|
|
local app_compose="${containers_dir}${app}/docker-compose.yml"
|
|
[[ -f "$app_compose" ]] || continue
|
|
|
|
# Skip apps with no running/created container — recreate would
|
|
# do nothing useful and we'd just emit noise.
|
|
if ! runFileOp docker ps -a --format '{{.Names}}' 2>/dev/null \
|
|
| grep -q "^${app}-service$"; then
|
|
continue
|
|
fi
|
|
|
|
isNotice "Re-attaching ${app} to gluetun's namespace (force-recreate)..."
|
|
dockerCommandRun "cd ${containers_dir}${app} && docker compose up -d --force-recreate ${app}-service" >/dev/null 2>&1 || true
|
|
((recreated++))
|
|
done <<< "$installed_apps"
|
|
|
|
if (( recreated > 0 )); then
|
|
isSuccessful "Re-attached ${recreated} gluetun-routed app(s) to the new gluetun namespace."
|
|
fi
|
|
}
|