AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: set iptables rules after reboot

Browse source
This commit is contained in:
Peter Galonza 2025-03-29 22:59:12 +03:00
parent 2a6e6a1e24
commit 92296188af
No known key found for this signature in database
GPG key ID: C85D94460DBECFA2
2 changed files with 49 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

14
client/core/controllers/serverController.cpp
View file

@ -417,8 +417,18 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent
ErrorCode ServerController::prepareHostWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config) ErrorCode ServerController::prepareHostWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)
{ {
// create folder on host QString sctiptFileName = QString("/opt/amnezia/setup_host_firewall.sh")
return runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::prepare_host), genVarsForScript(credentials, container))); errorCode = uploadFileToHost(credentials, amnezia::scriptData(SharedScriptType::setup_host_firewall).toUtf8(), sctiptFileName);
if (errorCode)
return errorCode;
ErrorCode errorCode = runScript(credentials, replaceVars(amnezia::scriptData(SharedScriptType::prepare_host), genVarsForScript(credentials, container)));
if (errorCode)
return errorCode;
return errorCode
} }
ErrorCode ServerController::buildContainerWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config) ErrorCode ServerController::buildContainerWorker(const ServerCredentials &credentials, DockerContainer container, const QJsonObject &config)

37
client/server_scripts/prepare_host.sh
View file

@ -7,3 +7,40 @@ if ! sudo docker network ls | grep -q amnezia-dns-net; then sudo docker network
--opt com.docker.network.bridge.name=amn0 \ --opt com.docker.network.bridge.name=amn0 \
amnezia-dns-net;\ amnezia-dns-net;\
fi fi
if ! grep -q "#!/bin/bash" /opt/amnezia/setup_host_firewall.sh; then
sudo sed -i '1i\#!/bin/bash\n' /opt/amnezia/setup_host_firewall.sh
fi
if lsmod | grep -qw nf_tables; then
sudo update-alternatives --set iptables /usr/sbin/iptables-nft
sudo cat > /etc/systemd/system/setup-host-firewall.service << EOF
[Unit]
Description=Run setup_host_firewall.sh
PartOf=nftables.service
After=nftables.service
[Service]
Type=oneshot
ExecStart=/opt/amnezia/setup_host_firewall.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
else
sudo cat > /etc/systemd/system/setup-host-firewall.service << EOF
[Unit]
Description=Run setup_host_firewall.sh
[Service]
Type=oneshot
ExecStart=/opt/amnezia/setup_host_firewall.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF
fi
sudo systemctl enable setup-host-firewall.service