The apps SQLite DB ($docker_dir/$db_file) is owned by the manager user, so read/write it AS the manager via runInstallOp instead of sudo (root). 48 call sites across 28 scripts. In rooted this drops root->manager (correct owner); in rootless it's the manager too (using runFileOp/dockerinstall here was the 'unable to open database' bug). The broken 'command -v sudo sqlite3' check lines are left untouched (separate pre-existing issue). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
67 lines
2.5 KiB
Bash
67 lines
2.5 KiB
Bash
#!/bin/bash
|
|
|
|
# Force-recreates every installed app whose `CFG_<APP>_NETWORK=gluetun`
|
|
# so they re-resolve `network_mode: container:gluetun-service` against
|
|
# the *current* gluetun container ID.
|
|
#
|
|
# Background: Docker resolves `container:<name>` once at start time. If
|
|
# gluetun is later recreated (port-forward change, version bump, manual
|
|
# `docker compose up`), every routed app keeps the *old* container ID
|
|
# embedded in its NetworkMode and ends up in its own private netns —
|
|
# the host port mapping silently stops reaching anything because the
|
|
# app's HTTP server is no longer in gluetun's namespace.
|
|
#
|
|
# Call this whenever you've just touched gluetun in a way that recreates
|
|
# its container — see tagsProcessorGluetunForwardedPorts and the gluetun
|
|
# install lifecycle for the two existing wiring sites.
|
|
appGluetunRecreateRouted()
|
|
{
|
|
if ! command -v sqlite3 >/dev/null 2>&1; then
|
|
return 0
|
|
fi
|
|
if [[ ! -f "$docker_dir/$db_file" ]]; then
|
|
return 0
|
|
fi
|
|
|
|
local installed_apps
|
|
installed_apps=$(runInstallOp sqlite3 "$docker_dir/$db_file" \
|
|
"SELECT name FROM apps WHERE status = 1 ORDER BY name;" 2>/dev/null)
|
|
|
|
if ! sudo docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^gluetun-service$'; then
|
|
# Nothing to re-attach against; gluetun isn't running.
|
|
return 0
|
|
fi
|
|
|
|
local recreated=0
|
|
while IFS= read -r app; do
|
|
[[ -z "$app" || "$app" == "gluetun" ]] && continue
|
|
local app_config_file="${containers_dir}${app}/${app}.config"
|
|
[[ -f "$app_config_file" ]] || continue
|
|
|
|
local net
|
|
net=$(grep -E "^CFG_${app^^}_NETWORK=" "$app_config_file" 2>/dev/null \
|
|
| cut -d'=' -f2 | tr -d '"')
|
|
[[ "$net" != "gluetun" ]] && continue
|
|
|
|
local app_compose="${containers_dir}${app}/docker-compose.yml"
|
|
[[ -f "$app_compose" ]] || continue
|
|
|
|
# Skip apps with no running/created container — recreate would
|
|
# do nothing useful and we'd just emit noise.
|
|
if ! sudo docker ps -a --format '{{.Names}}' 2>/dev/null \
|
|
| grep -q "^${app}-service$"; then
|
|
continue
|
|
fi
|
|
|
|
isNotice "Re-attaching ${app} to gluetun's namespace (force-recreate)..."
|
|
(cd "${containers_dir}${app}" \
|
|
&& sudo docker compose up -d --force-recreate "${app}-service" \
|
|
>/dev/null 2>&1) || true
|
|
((recreated++))
|
|
done <<< "$installed_apps"
|
|
|
|
if (( recreated > 0 )); then
|
|
isSuccessful "Re-attached ${recreated} gluetun-routed app(s) to the new gluetun namespace."
|
|
fi
|
|
}
|