3d57b2b47c
docker: loop through the ip net addr output
...
all of a sudden, my linux box has the actual address in [1].
ip -f inet -j addr show wlp2s0
[{
"addr_info": [{}]
},{
"ifindex": 3,
"ifname": "wlp2s0",
"flags": ["BROADCAST","MULTICAST","UP","LOWER_UP"],
"mtu": 1500,
"qdisc": "mq",
"operstate": "UP",
"group": "default",
"txqlen": 1000,
"addr_info": [{
"family": "inet",
"local": "192.168.1.8",
"prefixlen": 24,
"broadcast": "192.168.1.255",
"scope": "global",
"dynamic": true,
"noprefixroute": true,
"label": "wlp2s0",
"valid_life_time": 78146,
"preferred_life_time": 78146
}]
},{
"addr_info": [{}]
},{
"addr_info": [{}]
}
]
2021-12-22 16:48:00 -08:00
683ac9b16e
remove support for manifest version 1
...
this is long untested by now
2021-12-06 17:44:09 -08:00
7413ccd22e
Fix some more crashes
2021-08-26 21:29:40 -07:00
f5c169f881
Fix service status
2021-08-26 21:18:20 -07:00
42774eac8c
docker.js and services.js: async'ify
2021-08-26 18:23:31 -07:00
62eb4ab90e
Fix addon crash
...
getAddonConfigByName returns null now when not found
2021-08-22 15:41:42 -07:00
a4b5219706
more removal of unused functions
2021-08-20 09:11:38 -07:00
c5fff756d1
move addon config db code to addonconfigs.js
2021-08-19 22:08:31 -07:00
411cc7daa1
merge settingsdb into settings code
2021-08-19 17:45:40 -07:00
4cd5137292
mailer: fix error handling
...
previous mailer code has no callback and thus no way to pass back errors.
now with asyncification it passes back the error
2021-08-19 12:40:53 -07:00
5dd6f85025
reverseproxy: async'ify
2021-08-17 14:34:55 -07:00
1e665b6323
Use the addresses of all available interfaces
...
See https://forum.cloudron.io/topic/5481/special-treatment-of-port-53-does-not-work-in-all-cases
2021-08-10 22:20:35 -07:00
fa81491bf3
Fix uninstall of apps with bad docker images names
...
Some day we can implement https://github.com/distribution/distribution/blob/main/reference/regexp.go
2021-06-16 11:55:23 -07:00
938b88d61b
Fix crash
2021-05-13 22:52:41 -07:00
fc52cd7e0c
volumes: async'ify
2021-05-12 11:46:04 -07:00
44ac406e57
admin -> dashboard
2021-05-05 12:29:04 -07:00
7f6a0555b2
store custom app certificates in subdomains table
...
the REST route and model code is still ununsed as before since there
is no way to set the certs from the UI.
2021-05-05 10:58:20 -07:00
199eda82d1
Use Array.isArray instead
2021-05-02 11:26:47 -07:00
53cb9b1f7a
fix registry config setter
...
* default registry provider is noop
* when testing config, skip noop provider
2021-03-02 18:34:06 -08:00
a304c7f4a5
implement tls addon
2021-02-17 23:20:08 -08:00
6bd87485c6
rename addons.js to services.js
...
services is the named container (services view)
addons is more like a heroku concept
2021-01-21 11:31:35 -08:00
4d482d11ee
add apps.getMemoryLimit
2021-01-20 19:16:21 -08:00
a14dbbe77a
refactor into docker.update
2021-01-20 18:58:23 -08:00
0d535d2d5c
allocate swap size for containers based on system ratio
2021-01-20 18:41:51 -08:00
ce86cb892d
the ip is now available in the appdb
2020-12-03 11:48:25 -08:00
77b965cada
Add DNS to app containers as well
...
infra has to be bumped since we removed httpPort and moved to containerIp
2020-11-25 12:04:59 -08:00
c0b0029935
statically allocate app container IPs
...
We removed httpPort with the assumption that docker allocated IPs
and kept them as long as the container is around. This turned out
to be not true because the IP changes on even container restart.
So we now allocate IPs statically. The iprange makes sure we don't
overlap with addons and other CI app or JupyterHub apps.
https://github.com/moby/moby/issues/6743
https://github.com/moby/moby/pull/19001
2020-11-20 16:19:59 -08:00
fd965072c5
Remove custom dns when creating app container
2020-11-19 01:10:50 -08:00
d703d1cd13
remove httpPort
...
we can just use container IP instead of all this httpPort exporting magic.
this is also required for exposing httpPaths feature (we have to otherwise
have multiple httpPorts).
2020-11-19 00:38:52 -08:00
bd9c664b1a
Free up port 53
...
It's all very complicated.
Approach 1: Simple move unbound to not listen on 0.0.0.0 and only the internal
ones. However, docker has no way to bind only to the "public" interface.
Approach 2: Move the internal unbound to some other port. This required a PR
for haraka - https://github.com/haraka/Haraka/pull/2863 . This works and we use
systemd-resolved by default. However, it turns out systemd-resolved with hog the
lo and thus docker cannot bind again to port 53.
Approach 3: Get rid of systemd-resolved and try to put the dns server list in
/etc/resolv.conf. This is surprisingly hard because the DNS listing can come from
DHCP or netplan or wherever. We can hardcode some public DNS servers but this seems
not a good idea for privacy.
Approach 4: So maybe we don't move the unbound away to different port after all.
However, all the work for approach 2 is done and it's quite nice that the default
resolver is used with the default dns server of the network (probably a caching
server + also maybe has some home network firewalled dns).
So, the final solution is to bind to the make docker bind to the IP explicity.
It's unclear what will happen if the IP changes, maybe it needs a restart.
2020-11-18 23:25:56 -08:00
fa4392df09
Fix docker.getBinds()
2020-10-29 11:47:37 -07:00
f8d6fd80d5
Do not crash if app.volumes does not exist
2020-10-29 12:09:15 +01:00
6a3df679fa
Add volume management
...
the volumes table can later have backup flag, mount options etc
2020-10-28 15:31:21 -07:00
546e381325
skip downloading image if image present locally
...
if we use build service app locally (without push), then we can skip
the download altogether.
2020-10-19 22:22:29 -07:00
b075140e76
/dev/dri may not exist
...
In ubuntu 16, it doesn't exist.
See also https://forum.cloudron.io/topic/3189/error-server-error-http-code-500-server-error
2020-09-21 15:59:17 -07:00
cc591e399d
scheduler: make the container run in same networking space to prevent further churn
...
idea comes from https://github.com/moby/moby/pull/9402#issuecomment-67259655
and https://github.com/moby/moby/pull/9402#issuecomment-67224239
see also:
https://github.com/moby/moby/issues/9098
https://github.com/moby/moby/pull/9167
https://github.com/moby/moby/issues/12899#issuecomment-97816048 (exec mem leak)
https://github.com/moby/moby/pull/38704
part of #732
2020-08-18 23:44:53 -07:00
879a6b4202
do not error if container already exists
2020-08-18 21:15:54 -07:00
2ebdf9673d
Add VAAPI caps for transcoding
2020-08-14 18:48:53 -07:00
7ddbabf781
Make the error message clearer
2020-07-30 11:29:43 -07:00
0f103ccce1
Add ping capability (for statping)
2020-06-30 07:40:17 -07:00
84f41e08cf
Add mlock capability to manifest (for vault app)
2020-06-26 09:27:35 -07:00
d2cd78c5cb
more debug() removal
2020-05-24 12:30:48 -07:00
67a931c4b8
Remove verbose logs
2020-05-24 11:33:53 -07:00
2f89e7e2b4
drop NET_RAW since this allows packet sniffing
...
this however breaks ping
2020-05-15 12:47:36 -07:00
9bdeff0a39
Always use constants.SECRET_PLACEHOLDER
2020-05-14 23:02:02 +02:00
e9d0ed8e1e
Add binds support to containers
2020-04-29 22:51:46 -07:00
66f66fd14f
docker: clean up volume API
2020-04-29 21:28:49 -07:00
2cdf68379b
Revert "add volume support"
...
This reverts commit b8bb69f730
2020-04-27 22:55:43 -07:00
b8bb69f730
add volume support
...
part of #668 , #569
2020-04-24 22:09:07 -07:00
7a63fd4711
Failed quickly if docker image not found
2020-03-06 16:39:20 -08:00
Girish Ramakrishnan