AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Implementing podman support (#867)

Browse source 
Еnable podman.socket
Disabling message: Emulate Docker CLI using podman.
Check which containerization application will be installed.
The default value for the verification service is set to docker
Add creation of aliases for podman for users with sudo
Removing AmneziaVPN aliases for podman-docker when cleaning the server.
Docker version with sudo for podman
Creating systemd service to autostart container when the server is rebooted, when using podman-docker
Clearing server for podman and removing container for podman
This commit is contained in:
lunardunno 2025-03-18 19:06:33 +04:00 committed by GitHub
parent ecf5b7c68f
commit bb6de0c22a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 48 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

7
client/server_scripts/awg/run_container.sh
View file

@ -11,8 +11,13 @@ sudo docker run -d \
--name $CONTAINER_NAME \ --name $CONTAINER_NAME \
$CONTAINER_NAME $CONTAINER_NAME
# Create service for podman
if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then \
sudo sh -c "podman generate systemd --restart-policy=always -t 1 --name $CONTAINER_NAME 2>/dev/null > $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service";\
sudo sh -c "systemctl enable --now $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service && docker update --restart no $CONTAINER_NAME > /dev/null";\
fi
sudo docker network connect amnezia-dns-net $CONTAINER_NAME sudo docker network connect amnezia-dns-net $CONTAINER_NAME
# Prevent to route packets outside of the container in case if server behind of the NAT # Prevent to route packets outside of the container in case if server behind of the NAT
#sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up" #sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up"

17
client/server_scripts/build_container.sh
View file

@ -1 +1,18 @@
if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then sudo sh -c "\
test -d /var/cache/containers || mkdir -m 700 -p /var/cache/containers;\
test -f /var/cache/containers/short-name-aliases.conf || chmod 600 /var/cache/containers/short-name-aliases.conf>>/var/cache/containers/short-name-aliases.conf;\
grep -q '\[aliases\]' /var/cache/containers/short-name-aliases.conf || echo '[aliases]' >> /var/cache/containers/short-name-aliases.conf;\
grep -q ' # Amnezia start' /var/cache/containers/short-name-aliases.conf || printf '%s\n' \
' # Amnezia start' \
' \"3proxy/3proxy\" = \"docker.io/3proxy/3proxy\"' \
' \"amneziavpn/amnezia-wg\" = \"docker.io/amneziavpn/amnezia-wg\"' \
' \"amneziavpn/amneziawg-go\" = \"docker.io/amneziavpn/amneziawg-go\"' \
' \"amneziavpn/ipsec-server\" = \"docker.io/amneziavpn/ipsec-server\"' \
' \"amneziavpn/torpress\" = \"docker.io/amneziavpn/torpress\"' \
' \"atmoz/sftp\" = \"docker.io/atmoz/sftp\"' \
' \"mvance/unbound\" = \"docker.io/mvance/unbound\"' \
' \"alpine\" = \"docker.io/library/alpine\"' \
' # Amnezia finish' \
>> /var/cache/containers/short-name-aliases.conf";\
fi;\
sudo docker build --no-cache --pull -t $CONTAINER_NAME $DOCKERFILE_FOLDER sudo docker build --no-cache --pull -t $CONTAINER_NAME $DOCKERFILE_FOLDER

21
client/server_scripts/install_docker.sh
View file

@ -10,15 +10,28 @@ if ! command -v sudo > /dev/null 2>&1; then $pm $check_pkgs; $pm $silent_inst su
if ! command -v fuser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst psmisc; fi;\ if ! command -v fuser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst psmisc; fi;\
if ! command -v lsof > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst lsof; fi;\ if ! command -v lsof > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst lsof; fi;\
if ! command -v docker > /dev/null 2>&1; then \ if ! command -v docker > /dev/null 2>&1; then \
sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\ sudo $pm $check_pkgs;\
sleep 5; sudo systemctl enable --now $check_srv; sleep 5;\ if [ -n "$(sudo $pm $wh_pkg $docker_pkg 2>/dev/null | grep moby-engine)" ]; \
then echo "Docker is not supported"; exit 1;\
else sudo $pm $silent_inst $docker_pkg;\
fi;\
if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then docker_pkg="podman-docker"; check_srv="podman.socket podman";\
if [ -n "$(sudo docker --version 2>&1 | grep /etc/containers/nodocker)" ]; then sudo touch /etc/containers/nodocker; fi;\
fi;\
sleep 5; sudo systemctl enable --now $check_srv 2>/dev/null; sleep 5;\
fi;\
if [ -n "$(sudo docker --version 2>&1 | grep moby-engine)" ]; then echo "Docker is not supported"; exit 1;\
elif [ -n "$(sudo docker --version 2>&1 | grep podman)" ]; then check_srv="podman.socket podman"; docker_pkg="podman-docker";\
if [ -n "$(sudo docker --version 2>&1 | grep /etc/containers/nodocker)" ]; then sudo touch /etc/containers/nodocker; fi;\
fi;\ fi;\
if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = "Y" ]; then \ if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = "Y" ]; then \
if ! command -v apparmor_parser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst apparmor; fi;\ if ! command -v apparmor_parser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst apparmor; fi;\
fi;\ fi;\
if [ "$(systemctl is-active $check_srv)" != "active" ]; then \ if [ "$(systemctl is-active $check_srv | head -n1)" != "active" ]; then \
sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\ sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\
sleep 5; sudo systemctl start $check_srv; sleep 5;\ sleep 5; sudo systemctl start $check_srv; sleep 5;\
if [ "$(systemctl is-active $check_srv)" != "active" ]; then echo "Failed docker status"; fi;\ if [ "$(systemctl is-active $check_srv | head -n1)" != "active" ]; then echo "Failed docker status"; fi;\
fi;\ fi;\
sudo docker --version sudo docker --version
# To allow autoinstallation of podman-docker, remove ' || [ -n "$(sudo $pm $wh_pkg $docker_pkg 2>/dev/null | grep podman-docker)" ]' and ' || [ -n "$(sudo docker --version 2>&1 | grep podman)" ]'

4
client/server_scripts/remove_all_containers.sh
View file

@ -1,4 +1,8 @@
sudo docker ps -a | grep amnezia | awk '{print $1}' | xargs sudo docker stop;\ sudo docker ps -a | grep amnezia | awk '{print $1}' | xargs sudo docker stop;\
sudo docker --version 2>/dev/null | grep -q podman && \
sudo systemctl list-units | grep amnezia | awk '{print $1}' | xargs sudo systemctl disable --now && \
sudo systemctl daemon-reload && sudo systemctl reset-failed && \
sudo sed -i '/^ # Amnezia start/,/^ # Amnezia finish$/d' /var/cache/containers/short-name-aliases.conf;\
sudo docker ps -a | grep amnezia | awk '{print $1}' | xargs sudo docker rm -fv;\ sudo docker ps -a | grep amnezia | awk '{print $1}' | xargs sudo docker rm -fv;\
sudo docker images -a | grep amnezia | awk '{print $3}' | xargs sudo docker rmi;\ sudo docker images -a | grep amnezia | awk '{print $3}' | xargs sudo docker rmi;\
sudo docker network ls | grep amnezia-dns-net | awk '{print $1}' | xargs sudo docker network rm;\ sudo docker network ls | grep amnezia-dns-net | awk '{print $1}' | xargs sudo docker network rm;\

4
client/server_scripts/remove_container.sh
View file

@ -1,3 +1,7 @@
sudo docker stop $CONTAINER_NAME;\ sudo docker stop $CONTAINER_NAME;\
sudo docker --version 2>/dev/null | grep -q podman && \
sudo systemctl disable --now container-$CONTAINER_NAME.service && \
sudo systemctl daemon-reload && sudo systemctl reset-failed && \
sudo rm -f $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service;\
sudo docker rm -fv $CONTAINER_NAME;\ sudo docker rm -fv $CONTAINER_NAME;\
sudo docker rmi $CONTAINER_NAME sudo docker rmi $CONTAINER_NAME