The configuration is now done in the docker-ce package.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
+++ /dev/null
-config section 'local'
- option socket_path '/var/run/docker.sock'
- option status_path '/tmp/.docker_action_status'
- option debug 'false'
- option debug_path '/tmp/.docker_debug'
- option remote_endpoint 'false'
- option daemon_ea 'true'
- option daemon_data_root '/opt/docker'
- option daemon_log_level 'warn'
- list ac_allowed_interface 'br-lan'
+++ /dev/null
-#!/bin/sh /etc/rc.common
-
-START=99
-DOCKERD_CONF="/etc/docker/daemon.json"
-
-init_dockerman_chain(){
- iptables -N DOCKER-MAN >/dev/null 2>&1
- iptables -F DOCKER-MAN >/dev/null 2>&1
- iptables -D DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1
- iptables -I DOCKER-USER -j DOCKER-MAN >/dev/null 2>&1
-}
-
-add_allowed_interface(){
- iptables -A DOCKER-MAN -i $1 -o docker0 -j RETURN
-}
-
-add_allowed_ip(){
- iptables -A DOCKER-MAN -d $1 -o docker0 -j RETURN
-}
-
-handle_allowed_interface(){
- #config_list_foreach "local" allowed_ip add_allowed_ip
- config_list_foreach "local" ac_allowed_interface add_allowed_interface
- iptables -A DOCKER-MAN -m conntrack --ctstate ESTABLISHED,RELATED -o docker0 -j RETURN >/dev/null 2>&1
- iptables -A DOCKER-MAN -m conntrack --ctstate NEW,INVALID -o docker0 -j DROP >/dev/null 2>&1
- iptables -A DOCKER-MAN -j RETURN >/dev/null 2>&1
-}
-
-start(){
- [ ! -x "/etc/init.d/dockerd" ] && return 0
-
- config_load dockerman
- config_get daemon_ea "local" daemon_ea
-
- init_dockerman_chain
- if [ -n "$daemon_ea" ]; then
- handle_allowed_interface
- lua /usr/share/dockerman/dockerd-config.lua "$DOCKERD_CONF" && /etc/init.d/dockerd restart && sleep 5 || {
- # 1 running, 0 stopped
- STATE=$([ -n "$(ps |grep /usr/bin/dockerd | grep -v grep)" ] && echo 1 || echo 0)
- [ "$STATE" == "0" ] && /etc/init.d/dockerd start && sleep 5
- }
- lua /usr/share/dockerman/dockerd-ac.lua
- else
- /etc/init.d/dockerd stop
- fi
-}
+++ /dev/null
-#!/bin/sh
-
-uci -q batch <<-EOF >/dev/null
- set uhttpd.main.script_timeout="360"
- commit uhttpd
- delete ucitrack.@dockerman[-1]
- add ucitrack dockerman
- set ucitrack.@dockerman[-1].exec='/etc/init.d/dockerman start'
- commit ucitrack
-EOF
-[ -x "$(which dockerd)" ] && chmod +x /etc/init.d/dockerman && /etc/init.d/dockerd disable && /etc/init.d/dockerman enable >/dev/null 2>&1
-sed -i 's/self:cfgvalue(section) or {}/self:cfgvalue(section) or self.default or {}/' /usr/lib/lua/luci/view/cbi/dynlist.htm
-/etc/init.d/uhttpd restart >/dev/null 2>&1
-rm -fr /tmp/luci-indexcache /tmp/luci-modulecache >/dev/null 2>&1
-exit 0
+++ /dev/null
-require "luci.util"
-docker = require "luci.docker"
-uci = (require "luci.model.uci").cursor()
-dk = docker.new({socket_path = "/var/run/docker.sock"})
-
-if dk:_ping().code ~= 200 then return end
-containers_list = dk.containers:list({query = {all=true}}).body
-allowed_container = uci:get("dockerman", "local", "ac_allowed_container")
-
-if not allowed_container or next(allowed_container)==nil then return end
-allowed_ip = {}
-for i, v in ipairs(containers_list) do
- for ii, vv in ipairs(allowed_container) do
- if v.Id:sub(1,12) == vv and v.NetworkSettings and v.NetworkSettings.Networks and v.NetworkSettings.Networks.bridge and v.NetworkSettings.Networks.bridge.IPAddress then
- print(v.NetworkSettings.Networks.bridge.IPAddress)
- luci.util.exec("iptables -I DOCKER-MAN -d "..v.NetworkSettings.Networks.bridge.IPAddress.." -o docker0 -j RETURN")
- table.remove(allowed_container, ii)
- end
- end
-end
+++ /dev/null
-require "luci.util"
-fs = require "nixio.fs"
-uci = (require "luci.model.uci").cursor()
-
-raw_file_dir = arg[1]
-
-raw_json_str = fs.readfile(raw_file_dir) or "[]"
-raw_json = luci.jsonc.parse(raw_json_str) or {}
-
-new_json = {}
-new_json["data-root"] = uci:get("dockerman", "local", "daemon_data_root")
-new_json["hosts"] = uci:get("dockerman", "local", "daemon_hosts") or {}
-new_json["registry-mirrors"] = uci:get("dockerman", "local", "daemon_registry_mirrors") or {}
-new_json["log-level"] = uci:get("dockerman", "local", "daemon_log_level")
-
-function comp(raw, new)
- for k, v in pairs(new) do
- if type(v) == "table" and raw[k] then
- if #v == #raw[k] then
- comp(raw[k], v)
- else
- changed = true
- raw[k] = v
- end
- elseif raw[k] ~= v then
- changed = true
- raw[k] = v
- end
- end
- for k, v in ipairs(new) do
- if type(v) == "table" and raw[k] then
- if #v == #raw[k] then
- comp(raw[k], v)
- else
- changed = true
- raw[k] = v
- end
- elseif raw[k] ~= v then
- changed = true
- raw[k] = v
- end
- end
-end
-comp(raw_json, new_json)
-if changed then
- if next(raw_json["registry-mirrors"]) == nil then raw_json["registry-mirrors"] = nil end
- if next(raw_json["hosts"]) == nil then raw_json["hosts"] = nil end
- fs.writefile(raw_file_dir, luci.jsonc.stringify(raw_json, true):gsub("\\", ""))
- os.exit(0)
-else
- os.exit(1)
-end
projects / project / luci.git / commitdiff