delete wg interfaces on netclient docker shutdown

.github/workflows/publish-netclient-docker-go.yml → .github/workflows/publish-netclient-docker-userspace.yml

@@ -1,4 +1,4 @@
-name: Publish Netclient-go Docker
+name: Publish Netclient-Userspace Docker
 
 on:
   workflow_dispatch:
@@ -39,23 +39,13 @@ jobs:
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - 
-        name: Build x86 and export to Docker
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          load: true
-          platforms: linux/amd64
-          file: ./docker/Dockerfile-netclient-multiarch-go
-          tags: ${{ env.TAG }}
-          build-args: version=${{ env.TAG }}  
       -
         name: Build and push
         uses: docker/build-push-action@v2
         with:
           context: .
           platforms: linux/amd64
-          file: ./docker/Dockerfile-netclient-multiarch-go
+          file: ./docker/Dockerfile-netclient-multiarch-userspace
           push: true
-          tags: gravitl/netclient-go:${{ env.TAG }}, gravitl/netclient-go:latest
+          tags: gravitl/netclient-go:${{ env.TAG }}, gravitl/netclient-userspace:latest
           build-args: version=${{ env.TAG }}  

docker/Dockerfile-builder

@@ -1,23 +0,0 @@
-FROM alpine:3.15.2
-
-RUN apk add --no-cache --virtual .build-deps bash gcc musl-dev openssl go 
-
-RUN wget -O go.tgz https://go.dev/dl/go1.18.linux-amd64.tar.gz
-
-RUN tar -C /usr/local -xzf go.tgz 
-
-WORKDIR /usr/local/go/src
-
-RUN chmod +x make.bash
-
-RUN ./make.bash 
-
-ENV PATH="/usr/local/go/bin:$PATH"
-
-ENV GOPATH=/opt/go/ 
-
-ENV PATH=$PATH:$GOPATH/bin 
-
-RUN apk del .build-deps
-
-RUN apk add build-base

docker/Dockerfile-full

@@ -1,36 +0,0 @@
-#first stage - builder
-
-FROM golang:latest as builder
-
-COPY . /app
-
-WORKDIR /app
-
-ENV GO111MODULE=auto
-
-RUN GOARCH=amd64 CGO_ENABLED=1 GOOS=linux go build -ldflags="-w -s" -o app main.go
-
-WORKDIR /app/netclient
-
-ENV GO111MODULE=auto
-
-RUN GOARCH=amd64 CGO_ENABLED=0 GOOS=linux go build -ldflags="-w -s" -o netclient main.go
-
-#second stage
-
-FROM debian:latest
-
-RUN apt-get update && apt-get -y install systemd procps
-
-WORKDIR /root/
-
-COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-
-COPY --from=builder /app .
-COPY --from=builder /app/config config
-COPY --from=builder /app/netclient netclient
-
-EXPOSE 8081
-EXPOSE 50051
-
-CMD ["./app"]

docker/Dockerfile-netclient

@@ -1,22 +0,0 @@
-FROM gravitl/builder:latest as builder
-# add glib support daemon manager
-WORKDIR /app
-
-COPY . .
-
-ENV GO111MODULE=auto
-
-RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 /usr/local/go/bin/go build -ldflags="-w -s" -o netclient-app netclient/main.go
-
-FROM alpine:3.15.2
-
-RUN apk add gcompat iptables && mkdir -p /etc/netclient
-# set the working directory
-WORKDIR /root/
-
-COPY --from=builder /app/netclient-app /etc/netclient/netclient
-COPY --from=builder /app/scripts/netclient.sh .
-
-RUN chmod 0755 /etc/netclient/netclient && chmod 0755 netclient.sh
-
-ENTRYPOINT ["./netclient.sh"]

docker/Dockerfile-netclient-doks

@@ -36,4 +36,4 @@ COPY --from=builder /app/netclient-app ./netclient
 COPY --from=builder /app/scripts/netclient.sh .
 RUN chmod 0755 netclient && chmod 0755 netclient.sh
 
-ENTRYPOINT ["/bin/sh", "./netclient.sh"]
+ENTRYPOINT ["/bin/bash", "./netclient.sh"]

docker/Dockerfile-netclient-doks-uspace

@@ -54,4 +54,4 @@ RUN chmod 0755 netclient && chmod 0755 netclient.sh
 
 ENV WG_QUICK_USERSPACE_IMPLEMENTATION=wireguard-go
 
-ENTRYPOINT ["/bin/sh", "./netclient.sh"]
+ENTRYPOINT ["/bin/bash", "./netclient.sh"]

docker/Dockerfile-netclient-full

@@ -1,39 +0,0 @@
-FROM gravitl/builder:latest as builder
-# add glib support daemon manager
-WORKDIR /app
-
-COPY . .
-
-ENV GO111MODULE=auto
-
-RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 /usr/local/go/bin/go build -ldflags="-w -s" -o netclient-app netclient/main.go
-
-WORKDIR /root/
-
-RUN apk add --update git build-base libmnl-dev iptables
-
-RUN git clone https://git.zx2c4.com/wireguard-go && \
-    cd wireguard-go && \
-    make && \
-    make install
-
-ENV WITH_WGQUICK=yes
-RUN git clone https://git.zx2c4.com/wireguard-tools && \
-    cd wireguard-tools && \
-    cd src && \
-    make && \
-    make install
-
-FROM alpine:3.15.2
-
-WORKDIR /root/
-
-RUN apk add --no-cache --update bash libmnl gcompat iptables openresolv iproute2
-COPY --from=builder /usr/bin/wireguard-go /usr/bin/wg* /usr/bin/
-COPY --from=builder /app/netclient-app ./netclient
-COPY --from=builder /app/scripts/netclient.sh .
-RUN chmod 0755 netclient && chmod 0755 netclient.sh
-
-ENV WG_QUICK_USERSPACE_IMPLEMENTATION=wireguard-go
-
-ENTRYPOINT ["/bin/sh", "./netclient.sh"]

docker/Dockerfile-netclient-kernel

@@ -1,39 +0,0 @@
-FROM debian:buster as builder
-# add glib support daemon manager
-
-RUN apt update -y && apt install -y wget bash gcc musl-dev openssl golang git build-essential libmnl-dev iptables
-
-RUN wget -O go.tgz https://go.dev/dl/go1.18.linux-amd64.tar.gz
-
-RUN tar -C /usr/local -xzf go.tgz
-
-WORKDIR /usr/local/go/src
-
-RUN chmod +x make.bash
-
-RUN ./make.bash
-
-ENV PATH="/usr/local/go/bin:$PATH"
-
-ENV GOPATH=/opt/go/
-
-ENV PATH=$PATH:$GOPATH/bin
-
-WORKDIR /app
-
-COPY . .
-
-ENV GO111MODULE=auto
-
-RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 /usr/local/go/bin/go build -ldflags="-w -s" -o netclient-app netclient/main.go
-
-FROM debian:buster
-
-WORKDIR /root/
-
-RUN apt update -y && apt install -y bash curl wget traceroute procps dnsutils iptables openresolv iproute2
-COPY --from=builder /app/netclient-app ./netclient
-COPY --from=builder /app/scripts/netclient.sh .
-RUN chmod 0755 netclient && chmod 0755 netclient.sh
-
-ENTRYPOINT ["/bin/sh", "./netclient.sh"]

docker/Dockerfile-netclient-multiarch

@@ -19,4 +19,4 @@ COPY --from=builder /app/scripts/netclient.sh .
 RUN chmod 0755 netclient && chmod 0755 netclient.sh
 
 
-ENTRYPOINT ["/bin/sh", "./netclient.sh"]
+ENTRYPOINT ["/bin/bash", "./netclient.sh"]

docker/Dockerfile-netclient-multiarch-go → docker/Dockerfile-netclient-multiarch-userspace

@@ -36,4 +36,4 @@ RUN chmod 0755 netclient && chmod 0755 netclient.sh
 
 ENV WG_QUICK_USERSPACE_IMPLEMENTATION=wireguard-go
 
-ENTRYPOINT ["/bin/sh", "./netclient.sh"]
+ENTRYPOINT ["/bin/bash", "./netclient.sh"]

docker/Dockerfile-netmaker-slim

@@ -1,26 +0,0 @@
-#first stage - builder
-FROM gravitl/builder as builder
-
-WORKDIR /app
-
-COPY . .
-
-ENV GO111MODULE=auto
-
-RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=1 /usr/local/go/bin/go build -ldflags="-w -s" -o netmaker main.go
-
-FROM alpine:3.15.2
-# add a c lib
-RUN apk add gcompat iptables wireguard-tools
-# set the working directory
-WORKDIR /root/
-
-RUN mkdir -p /etc/netclient/config
-
-COPY --from=builder /app/netmaker .
-COPY --from=builder /app/config config
-
-EXPOSE 8081
-EXPOSE 50051
-
-ENTRYPOINT ["./netmaker"]

docker/Dockerfile-userspace

@@ -1,26 +0,0 @@
-ARG NM_VERSION=
-
-FROM gravitl/builder as builder
-
-RUN apk add --update git build-base libmnl-dev iptables
-
-WORKDIR /root/
-RUN git clone https://git.zx2c4.com/wireguard-go && \
-    cd wireguard-go && \
-    make && \
-    make install
-
-ENV WITH_WGQUICK=yes
-RUN git clone https://git.zx2c4.com/wireguard-tools && \
-    cd wireguard-tools && \
-    cd src && \
-    make && \
-    make install
-
-FROM gravitl/netmaker:${NM_VERSION}
-
-RUN apk add --no-cache --update bash libmnl iptables openresolv iproute2
-COPY --from=builder /usr/bin/wireguard-go /usr/bin/wg* /usr/bin/
-COPY scripts/netclient.sh ./entrypoint.sh
-
-ENTRYPOINT ["/bin/sh", "./entrypoint.sh"]

scripts/netclient.sh

@@ -1,4 +1,16 @@
-#!/bin/sh
+#!/bin/bash
+
+#Define cleanup
+cleanup() {
+    nets=($(wg show interfaces))
+    for net in ${nets[@]}; do
+        echo "deleting interface" $net
+        ip link del $net
+    done
+}
+
+#Trap SigTerm
+trap 'cleanup' SIGTERM
 
 echo "[netclient] joining network"
 
@@ -11,11 +23,12 @@ if [ "$TOKEN" != "" ]; then
     TOKEN_CMD="-t $TOKEN"
 fi
 
-/root/netclient join $TOKEN_CMD -daemon off -dnson no -udpholepunch no
+/root/netclient join $TOKEN_CMD -dnson no -udpholepunch no
 if [ $? -ne 0 ]; then { echo "Failed to join, quitting." ; exit 1; } fi
 
 echo "[netclient] Starting netclient daemon"
 
-/root/netclient daemon
+/root/netclient daemon &
 
+wait $!
 echo "[netclient] exiting"