Merge branch 'support-podman' into support_podman

Checking presence Sudo and Docker on the server.
Checking the status of the Docker service.

client/core/controllers/serverController.cpp

@@ -409,8 +409,10 @@ ErrorCode ServerController::installDockerWorker(const ServerCredentials &credent
     qDebug().noquote() << "ServerController::installDockerWorker" << stdOut;
     if (stdOut.contains("lock"))
         return ErrorCode::ServerPacketManagerError;
-    if (stdOut.contains("command not found"))
+    if (stdOut.contains("sudo:") && stdOut.contains("not found"))
         return ErrorCode::ServerDockerFailedError;
+    if (stdOut.contains("Failed docker status"))
+        return ErrorCode::ServerDockerStatusNotActive;
 
     return error;
 }

client/core/defs.h

@@ -58,6 +58,7 @@ namespace amnezia
         ServerUserDirectoryNotAccessible = 208,
         ServerUserNotAllowedInSudoers = 209,
         ServerUserPasswordRequired = 210,
+        ServerDockerStatusNotActive = 211,
 
         // Ssh connection errors
         SshRequestDeniedError = 300,

client/core/errorstrings.cpp

@@ -26,6 +26,7 @@ QString errorString(ErrorCode code) {
     case(ErrorCode::ServerUserDirectoryNotAccessible): errorMessage = QObject::tr("The server user's home directory is not accessible"); break;
     case(ErrorCode::ServerUserNotAllowedInSudoers): errorMessage = QObject::tr("Action not allowed in sudoers"); break;
     case(ErrorCode::ServerUserPasswordRequired): errorMessage = QObject::tr("The user's password is required"); break;
+    case(ErrorCode::ServerDockerStatusNotActive): errorMessage = QObject::tr("Docker service status is not active"); break;
 
     // Libssh errors
     case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("SSH request was denied"); break;

client/server_scripts/awg/run_container.sh

@@ -11,8 +11,13 @@ sudo docker run -d \
 --name $CONTAINER_NAME \
 $CONTAINER_NAME
 
+# Create service for podman
+if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then \
+  sudo sh -c "podman generate systemd --restart-policy=always -t 1 --name $CONTAINER_NAME 2>/dev/null > $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service";\
+  sudo sh -c "systemctl enable --now $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service && docker update --restart no $CONTAINER_NAME > /dev/null";\
+fi
+
 sudo docker network connect amnezia-dns-net $CONTAINER_NAME
 
 # Prevent to route packets outside of the container in case if server behind of the NAT
 #sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up"
-

client/server_scripts/build_container.sh

@@ -1 +1,18 @@
+if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then sudo sh -c "\
+  test -d /var/cache/containers || mkdir -m 700 -p /var/cache/containers;\
+  test -f /var/cache/containers/short-name-aliases.conf || chmod 600 /var/cache/containers/short-name-aliases.conf>>/var/cache/containers/short-name-aliases.conf;\
+  grep -q '\[aliases\]' /var/cache/containers/short-name-aliases.conf || echo '[aliases]' >> /var/cache/containers/short-name-aliases.conf;\
+  grep -q '  # Amnezia start' /var/cache/containers/short-name-aliases.conf || printf '%s\n' \
+    '  # Amnezia start' \
+    '  \"3proxy/3proxy\" = \"docker.io/3proxy/3proxy\"' \
+    '  \"amneziavpn/amnezia-wg\" = \"docker.io/amneziavpn/amnezia-wg\"' \
+    '  \"amneziavpn/amneziawg-go\" = \"docker.io/amneziavpn/amneziawg-go\"' \
+    '  \"amneziavpn/ipsec-server\" = \"docker.io/amneziavpn/ipsec-server\"' \
+    '  \"amneziavpn/torpress\" = \"docker.io/amneziavpn/torpress\"' \
+    '  \"atmoz/sftp\" = \"docker.io/atmoz/sftp\"' \
+    '  \"mvance/unbound\" = \"docker.io/mvance/unbound\"' \
+    '  \"alpine\" = \"docker.io/library/alpine\"' \
+    '  # Amnezia finish' \
+    >> /var/cache/containers/short-name-aliases.conf";\
+fi;\
 sudo docker build --no-cache --pull -t $CONTAINER_NAME $DOCKERFILE_FOLDER

client/server_scripts/install_docker.sh

@@ -1,23 +1,37 @@
-if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); silent_inst="-yq install"; check_pkgs="-yq update"; docker_pkg="docker.io"; dist="debian";\
+if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); silent_inst="-yq install"; check_pkgs="-yq update"; wh_pkg="-s install"; docker_pkg="docker.io"; check_srv="docker"; dist="debian";\
-elif which dnf > /dev/null 2>&1; then pm=$(which dnf); silent_inst="-yq install"; check_pkgs="-yq check-update"; docker_pkg="docker"; dist="fedora";\
+elif which dnf > /dev/null 2>&1; then pm=$(which dnf); silent_inst="-yq install"; check_pkgs="-yq check-update"; wh_pkg="--assumeno install --setopt=tsflags=test"; docker_pkg="docker"; check_srv="docker"; dist="fedora";\
-elif which yum > /dev/null 2>&1; then pm=$(which yum); silent_inst="-y -q install"; check_pkgs="-y -q check-update"; docker_pkg="docker"; dist="centos";\
+elif which yum > /dev/null 2>&1; then pm=$(which yum); silent_inst="-y -q install"; check_pkgs="-y -q check-update"; wh_pkg="--assumeno install --setopt=tsflags=test"; docker_pkg="docker"; check_srv="docker"; dist="centos";\
-elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="-S --noconfirm --noprogressbar --quiet"; check_pkgs="-Sup"; docker_pkg="docker"; dist="archlinux";\
+elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="-S --noconfirm --noprogressbar --quiet"; check_pkgs="-Sup"; wh_pkg="-Sp"; docker_pkg="docker"; check_srv="docker"; dist="archlinux";\
 else echo "Packet manager not found"; exit 1; fi;\
-echo "Dist: $dist, Packet manager: $pm, Install command: $silent_inst, Check pkgs command: $check_pkgs, Docker pkg: $docker_pkg";\
+echo "Dist: $dist, Packet manager: $pm, Install command: $silent_inst, Check pkgs command: $check_pkgs, What pkg command: $wh_pkg, Docker pkg: $docker_pkg, Check service: $check_srv";\
 if [ "$dist" = "debian" ]; then export DEBIAN_FRONTEND=noninteractive; fi;\
+echo $LANG | grep -qE '^(en_US.UTF-8|C.UTF-8|C)$' || export LC_ALL=C;\
 if ! command -v sudo > /dev/null 2>&1; then $pm $check_pkgs; $pm $silent_inst sudo; fi;\
 if ! command -v fuser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst psmisc; fi;\
 if ! command -v lsof > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst lsof; fi;\
 if ! command -v docker > /dev/null 2>&1; then \
-  sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\
+  sudo $pm $check_pkgs;\
-  sleep 5; sudo systemctl enable --now docker; sleep 5;\
+  if [ -n "$(sudo $pm $wh_pkg $docker_pkg 2>/dev/null | grep moby-engine)" ]; \
+  then echo "Docker is not supported"; exit 1;\
+  else sudo $pm $silent_inst $docker_pkg;\
+  fi;\
+  if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then docker_pkg="podman-docker"; check_srv="podman.socket podman";\
+    if [ -n "$(sudo docker --version 2>&1 | grep /etc/containers/nodocker)" ]; then sudo touch /etc/containers/nodocker; fi;\
+  fi;\
+  sleep 5; sudo systemctl enable --now $check_srv 2>/dev/null; sleep 5;\
+fi;\
+if [ -n "$(sudo docker --version 2>&1 | grep moby-engine)" ]; then echo "Docker is not supported"; exit 1;\
+elif [ -n "$(sudo docker --version 2>&1 | grep podman)" ]; then check_srv="podman.socket podman"; docker_pkg="podman-docker";\
+  if [ -n "$(sudo docker --version 2>&1 | grep /etc/containers/nodocker)" ]; then sudo touch /etc/containers/nodocker; fi;\
 fi;\
 if [ "$(cat /sys/module/apparmor/parameters/enabled 2>/dev/null)" = "Y" ]; then \
   if ! command -v apparmor_parser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst apparmor; fi;\
 fi;\
-if [ "$(systemctl is-active docker)" != "active" ]; then \
+if [ "$(systemctl is-active $check_srv | head -n1)" != "active" ]; then \
   sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\
-  sleep 5; sudo systemctl start docker; sleep 5;\
+  sleep 5; sudo systemctl start $check_srv; sleep 5;\
+  if [ "$(systemctl is-active $check_srv | head -n1)" != "active" ]; then echo "Failed docker status"; fi;\
 fi;\
-if ! command -v sudo > /dev/null 2>&1; then echo "Failed to install sudo, command not found"; exit 1; fi;\
+sudo docker --version
-docker --version
+
+# To allow autoinstallation of podman-docker, remove ' || [ -n "$(sudo $pm $wh_pkg $docker_pkg 2>/dev/null | grep podman-docker)" ]' and ' || [ -n "$(sudo docker --version 2>&1 | grep podman)" ]'

client/server_scripts/remove_all_containers.sh

@@ -1,4 +1,8 @@
 sudo docker ps -a | grep amnezia | awk '{print $1}' | xargs sudo docker stop;\
+sudo docker --version 2>/dev/null | grep -q podman && \
+  sudo systemctl list-units | grep amnezia | awk '{print $1}' | xargs sudo systemctl disable --now && \
+  sudo systemctl daemon-reload && sudo systemctl reset-failed && \
+  sudo sed -i '/^  # Amnezia start/,/^  # Amnezia finish$/d' /var/cache/containers/short-name-aliases.conf;\
 sudo docker ps -a | grep amnezia | awk '{print $1}' | xargs sudo docker rm -fv;\
 sudo docker images -a | grep amnezia | awk '{print $3}' | xargs sudo docker rmi;\
 sudo docker network ls | grep amnezia-dns-net | awk '{print $1}' | xargs sudo docker network rm;\

client/server_scripts/remove_container.sh

@@ -1,3 +1,7 @@
 sudo docker stop $CONTAINER_NAME;\
+sudo docker --version 2>/dev/null | grep -q podman && \
+  sudo systemctl disable --now container-$CONTAINER_NAME.service && \
+  sudo systemctl daemon-reload && sudo systemctl reset-failed && \
+  sudo rm -f $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service;\
 sudo docker rm -fv $CONTAINER_NAME;\
 sudo docker rmi $CONTAINER_NAME

client/server_scripts/xray/run_container.sh

@@ -12,6 +12,12 @@ sudo docker network connect amnezia-dns-net $CONTAINER_NAME
 # Create tun device if not exist
 sudo docker exec -i $CONTAINER_NAME bash -c 'mkdir -p /dev/net; if [ ! -c /dev/net/tun ]; then mknod /dev/net/tun c 10 200; fi'
 
+# Create service for podman
+if [ -n "$(sudo docker --version 2>/dev/null | grep podman)" ]; then \
+  sudo sh -c "podman generate systemd --new --name $CONTAINER_NAME 2>/dev/null > $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service";\
+  sudo mv $DOCKERFILE_FOLDER/container-$CONTAINER_NAME.service /etc/systemd/system/
+  sudo systemctl daemon-reload && sudo systemctl enable --now container-$CONTAINER_NAME.service;\
+fi
+
 # Prevent to route packets outside of the container in case if server behind of the NAT
 #sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS netmask 255.255.255.255 up"
-