LibrePortal/scripts/docker/network/network_randomize_subnet.sh
librelad 875a60f90f LibrePortal v0.1.0 — initial release
A free, open, self-hosted app platform (GNU AGPLv3): one-click app deploys,
Traefik reverse proxy with automatic SSL, rootless Docker support, gluetun
VPN routing, and a web dashboard to manage it all.

Free & open forever to self-host; optional paid hosted services fund it.
See PROMISE.md.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-21 20:37:54 +01:00

34 lines
1.3 KiB
Bash
Executable File

#!/bin/bash
updateDockerNetworkSubnet()
{
if [[ "$CFG_NETWORK_SUBNET" == *"$default_subnet"* ]]; then
# Generate random subnet, retrying if it ever collides with the
# wireguard tunnel subnet. Belt and braces — wireguard uses the
# 200-250 second-octet range and we use 100-149 here, so they
# can't overlap by design, but the explicit check guards future
# changes to either range.
local new_subnet=""
local _attempts=0
while (( _attempts < 50 )); do
local random_second=$(( RANDOM % 50 + 100 )) # 100-149
local random_third=$(( RANDOM % 256 )) # 0-255
new_subnet="10.${random_second}.${random_third}.0/24"
if [[ -z "$CFG_WIREGUARD_SUBNET" ]] \
|| [[ "${new_subnet%/*}" != "${CFG_WIREGUARD_SUBNET}" ]]; then
break
fi
((_attempts++))
done
# Update configuration using our standard updater
updateConfigOption "CFG_NETWORK_SUBNET" "$new_subnet"
checkSuccess "Randomized network subnet to: $new_subnet"
# Update the global variable for current session
CFG_NETWORK_SUBNET="$new_subnet"
else
isNotice "Network subnet already customized: $CFG_NETWORK_SUBNET"
fi
}