build: Update Dockerfile (#518)

* feat: Detect default interface

Dockerfile

@@ -44,12 +44,7 @@ COPY --from=builder /qemu-host.bin /run/host.bin
 RUN chmod +x /run/*.sh && chmod +x /run/*.bin
 
 VOLUME /storage
-
-EXPOSE 22
-EXPOSE 80
-EXPOSE 139
-EXPOSE 445
-EXPOSE 5000
+EXPOSE 22 80 139 445 5000
 
 ENV RAM_SIZE "1G"
 ENV DISK_SIZE "16G"

src/check.sh

@@ -1,12 +1,12 @@
 #!/usr/bin/env bash
 set -Eeuo pipefail
 
-: ${VM_NET_DEV:='eth0'}
-
-[ ! -f "/run/qemu.pid" ] && echo "QEMU not running yet.." && exit 0
-[ -f "/run/qemu.count" ] && echo "QEMU is shutting down.." && exit 1
+[ -f "/run/qemu.end" ] && echo "QEMU is shutting down.." && exit 1
+[ ! -f "/run/qemu.pid" ] && echo "QEMU is not running yet.." && exit 0
 
 file="/run/dsm.url"
+address="/run/qemu.ip"
+
 [ ! -f  "$file" ] && echo "DSM has not enabled networking yet.." && exit 1
 
 location=$(cat "$file")
@@ -19,7 +19,7 @@ if ! curl -m 20 -ILfSs "http://$location/" > /dev/null; then
     echo "Failed to reach DSM at port $port"
   else
     echo "Failed to reach DSM at http://$location"
-    ip=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
+    ip="$(cat "$address")"
   fi
 
   echo "You might need to whitelist IP $ip in the DSM firewall." && exit 1

src/config.sh

@@ -14,6 +14,8 @@ if [[ "$GPU" == [Yy1]* ]] && [[ "$ARCH" == "amd64" ]]; then
   DEF_OPTS="$DEF_OPTS -device virtio-vga,id=video0,max_outputs=1,bus=pcie.0,addr=0x1"
 fi
 
+[[ "$CONSOLE" != [Yy]* ]] && DEF_OPTS="$DEF_OPTS -daemonize -D $QEMU_LOG"
+
 ARGS="$DEF_OPTS $CPU_OPTS $RAM_OPTS $MAC_OPTS $MON_OPTS $SERIAL_OPTS $NET_OPTS $DISK_OPTS $EXTRA_OPTS $ARGUMENTS"
 ARGS=$(echo "$ARGS" | sed 's/\t/ /g' | tr -s ' ')
 

src/entry.sh

@@ -19,16 +19,14 @@ cd /run
 trap - ERR
 
 if [[ "$CONSOLE" == [Yy]* ]]; then
-  exec qemu-system-x86_64 -pidfile "$QEMU_PID" ${ARGS:+ $ARGS}
-  exit $?
+  exec qemu-system-x86_64 ${ARGS:+ $ARGS}
 fi
 
-set -m
-(
-  [[ "$DEBUG" == [Yy1]* ]] && info "$VERS" && set -x
-  qemu-system-x86_64 ${ARGS:+ $ARGS} & echo $! > "$QEMU_PID"
-  { set +x; } 2>/dev/null
-)
-set +m
+[[ "$DEBUG" == [Yy1]* ]] && info "$VERS" && set -x
+msg=$(qemu-system-x86_64 ${ARGS:+ $ARGS})
 
-tail --pid "$(cat "$QEMU_PID")" --follow /dev/null & wait $!
+{ set +x; } 2>/dev/null && terminal "$msg"
+tail -fn +0 "$QEMU_LOG" 2>/dev/null &
+cat "$QEMU_TERM" 2>/dev/null & wait $! || true
+
+sleep 1 && finish 0

src/network.sh

@@ -6,8 +6,8 @@ set -Eeuo pipefail
 : ${DHCP:='N'}
 : ${MAC:='02:11:32:AA:BB:CC'}
 
+: ${VM_NET_DEV:=''}
 : ${VM_NET_TAP:='dsm'}
-: ${VM_NET_DEV:='eth0'}
 : ${VM_NET_MAC:="$MAC"}
 : ${VM_NET_HOST:='VirtualDSM'}
 
@@ -69,7 +69,7 @@ configureDHCP() {
   return 0
 }
 
-configureDNS () {
+configureDNS() {
 
   # dnsmasq configuration:
   DNSMASQ_OPTS="$DNSMASQ_OPTS --dhcp-range=$VM_NET_IP,$VM_NET_IP --dhcp-host=$VM_NET_MAC,,$VM_NET_IP,$VM_NET_HOST,infinite --dhcp-option=option:netmask,255.255.255.0"
@@ -90,7 +90,27 @@ configureDNS () {
   return 0
 }
 
-configureNAT () {
+configureNAT() {
+
+  # Create the necessary file structure for /dev/net/tun
+  if [ ! -c /dev/net/tun ]; then
+    [ ! -d /dev/net ] && mkdir -m 755 /dev/net
+    if mknod /dev/net/tun c 10 200; then
+      chmod 666 /dev/net/tun
+    fi
+  fi
+
+  if [ ! -c /dev/net/tun ]; then
+    error "TUN device missing. $ADD_ERR --cap-add NET_ADMIN" && exit 25
+  fi
+
+  # Check port forwarding flag
+  if [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then
+    { sysctl -w net.ipv4.ip_forward=1 ; rc=$?; } || :
+    if (( rc != 0 )); then
+      error "IP forwarding is disabled. $ADD_ERR --sysctl net.ipv4.ip_forward=1" && exit 24
+    fi
+  fi
 
   # Create a bridge with a static IP for the VM guest
 
@@ -121,6 +141,9 @@ configureNAT () {
   ip link set dev "$VM_NET_TAP" master dockerbridge
 
   # Add internet connection to the VM
+  update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null
+  update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null
+
   iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE
   iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp  -j DNAT --to "$VM_NET_IP"
   iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp  -j DNAT --to "$VM_NET_IP"
@@ -133,14 +156,6 @@ configureNAT () {
   { set +x; } 2>/dev/null
   [[ "$DEBUG" == [Yy1]* ]] && echo
 
-  # Check port forwarding flag
-  if [[ $(< /proc/sys/net/ipv4/ip_forward) -eq 0 ]]; then
-    { sysctl -w net.ipv4.ip_forward=1 ; rc=$?; } || :
-    if (( rc != 0 )); then
-      error "IP forwarding is disabled. $ADD_ERR --sysctl net.ipv4.ip_forward=1" && exit 24
-    fi
-  fi
-
   NET_OPTS="-netdev tap,ifname=$VM_NET_TAP,script=no,downscript=no,id=hostnet0"
 
   { exec 40>>/dev/vhost-net; rc=$?; } 2>/dev/null || :
@@ -151,21 +166,21 @@ configureNAT () {
   return 0
 }
 
-closeNetwork () {
+closeNetwork() {
 
   exec 30<&- || true
   exec 40<&- || true
 
   if [[ "$DHCP" == [Yy1]* ]]; then
 
-    { pkill -f server.sh || true; } 2>/dev/null
+    fKill "server.sh"
 
     ip link set "$VM_NET_TAP" down || true
     ip link delete "$VM_NET_TAP" || true
 
   else
 
-    { pkill -f dnsmasq || true; } 2>/dev/null
+    fKill "dnsmasq"
 
     ip link set "$VM_NET_TAP" down promisc off || true
     ip link delete "$VM_NET_TAP" || true
@@ -174,43 +189,57 @@ closeNetwork () {
     ip link delete dockerbridge || true
 
   fi
+
+  return 0
+}
+
+getInfo() {
+
+  if [ -z "$VM_NET_DEV" ]; then
+    # Automaticly detect the default network interface
+    VM_NET_DEV=$(awk '$2 == 00000000 { print $1 }' /proc/net/route)
+    [ -z "$VM_NET_DEV" ] && VM_NET_DEV="eth0"
+  fi
+
+  if [ ! -d "/sys/class/net/$VM_NET_DEV" ]; then
+    error "Network interface '$VM_NET_DEV' does not exist inside the container!"
+    error "$ADD_ERR -e \"VM_NET_DEV=NAME\" to specify another interface name." && exit 27
+  fi
+
+  VM_NET_MAC="${VM_NET_MAC//-/:}"
+  if [[ ${#VM_NET_MAC} == 12 ]]; then
+    m="$VM_NET_MAC"
+    VM_NET_MAC="${m:0:2}:${m:2:2}:${m:4:2}:${m:6:2}:${m:8:2}:${m:10:2}"
+  fi
+
+  if [[ ${#VM_NET_MAC} != 17 ]]; then
+    error "Invalid mac address: '$VM_NET_MAC', should be 12 or 17 digits long!" && exit 28
+  fi
+
+  GATEWAY=$(ip r | grep default | awk '{print $3}')
+  IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
+  echo "$IP" > /run/qemu.ip
+
+  if [[ "$DEBUG" == [Yy1]* ]]; then
+    info "Container IP is $IP with gateway $GATEWAY on interface $VM_NET_DEV" && echo
+  fi
+
+  return 0
 }
 
 # ######################################
 #  Configure Network
 # ######################################
 
-{ pkill -f server.sh || true; } 2>/dev/null
+fKill "server.sh"
 
-# Create the necessary file structure for /dev/net/tun
-if [ ! -c /dev/net/tun ]; then
-  [ ! -d /dev/net ] && mkdir -m 755 /dev/net
-  if mknod /dev/net/tun c 10 200; then
-    chmod 666 /dev/net/tun
-  fi
-fi
-
-if [ ! -c /dev/net/tun ]; then
-  error "TUN device missing. $ADD_ERR --cap-add NET_ADMIN" && exit 25
-fi
-
-# Create the necessary file structure for /dev/vhost-net
 if [ ! -c /dev/vhost-net ]; then
   if mknod /dev/vhost-net c 10 238; then
     chmod 660 /dev/vhost-net
   fi
 fi
 
-update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null
-update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null
-
-VM_NET_MAC="${VM_NET_MAC//-/:}"
-GATEWAY=$(ip r | grep default | awk '{print $3}')
-IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
-
-if [[ "$DEBUG" == [Yy1]* ]]; then
-  info "Container IP is $IP with gateway $GATEWAY" && echo
-fi
+getInfo
 
 if [[ "$DHCP" == [Yy1]* ]]; then
 

src/power.sh

@@ -3,38 +3,125 @@ set -Eeuo pipefail
 
 # Configure QEMU for graceful shutdown
 
+API_CMD=6
+API_TIMEOUT=50
+API_HOST="127.0.0.1:2210"
+
+QEMU_TERM=""
 QEMU_PORT=7100
-QEMU_TIMEOUT=55
+QEMU_TIMEOUT=50
 QEMU_PID="/run/qemu.pid"
-QEMU_COUNT="/run/qemu.count"
+QEMU_LOG="/run/qemu.log"
+QEMU_END="/run/qemu.end"
+
+if [[ "$KVM" == [Nn]* ]]; then
+  API_TIMEOUT=$(( API_TIMEOUT*2 ))
+  QEMU_TIMEOUT=$(( QEMU_TIMEOUT*2 ))
+fi
 
 rm -f "$QEMU_PID"
-rm -f "$QEMU_COUNT"
+rm -f "$QEMU_LOG"
+rm -f "$QEMU_END"
+touch "$QEMU_LOG"
 
-_trap(){
-    func="$1" ; shift
-    for sig ; do
-        trap "$func $sig" "$sig"
+_trap() {
+  func="$1" ; shift
+  for sig ; do
+    trap "$func $sig" "$sig"
+  done
+}
+
+finish() {
+
+  local pid
+  local reason=$1
+
+  if [ -f "$QEMU_PID" ]; then
+
+    pid="$(cat "$QEMU_PID")"
+    echo && error "Forcefully terminating QEMU process, reason: $reason..."
+    { kill -15 "$pid" || true; } 2>/dev/null
+
+    while isAlive "$pid"; do
+      sleep 1
+      # Workaround for zombie pid
+      [ ! -f "$QEMU_PID" ] && break
     done
+  fi
+
+  fKill "print.sh"
+  fKill "host.bin"
+
+  closeNetwork
+
+  sleep 1
+  echo && echo "❯ Shutdown completed!"
+
+  exit "$reason"
+}
+
+terminal() {
+
+  local msg=$1
+
+  if [[ "${msg,,}" != "char"* ||  "$msg" != *"serial0)" ]]; then
+    echo "$msg"
+  fi
+
+  local dev="${msg#*/dev/p}"
+  dev="/dev/p${dev%% *}"
+
+  if [ ! -c "$dev" ]; then
+    dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$QEMU_PORT" | tr -d '\000')
+    dev="${dev#*charserial0}"
+    dev="${dev#*pty:}"
+    dev="${dev%%$'\n'*}"
+    dev="${dev%%$'\r'*}"
+  fi
+
+  if [ ! -c "$dev" ]; then
+    error "Device '$dev' not found!"
+    finish 34 && return 34
+  fi
+
+  QEMU_TERM="$dev"
+  return 0
 }
 
 _graceful_shutdown() {
 
+  local cnt=0
+  local code=$?
+  local pid url response
+
   set +e
-  local cnt response
 
-  [ ! -f "$QEMU_PID" ] && exit 130
-  [ -f "$QEMU_COUNT" ] && return
+  if [ -f "$QEMU_END" ]; then
+    echo && info "Received $1 signal while already shutting down..."
+    return
+  fi
 
-  echo 0 > "$QEMU_COUNT"
+  touch "$QEMU_END"
   echo && info "Received $1 signal, sending shutdown command..."
 
+  if [ ! -f "$QEMU_PID" ]; then
+    echo && error "QEMU PID file does not exist?"
+    finish "$code" && return "$code"
+  fi
+
+  pid="$(cat "$QEMU_PID")"
+
+  if ! isAlive "$pid"; then
+    echo && error "QEMU process does not exist?"
+    finish "$code" && return "$code"
+  fi
+
   # Don't send the powerdown signal because vDSM ignores ACPI signals
   # echo 'system_powerdown' | nc -q 1 -w 1 localhost "${QEMU_PORT}" > /dev/null
 
   # Send shutdown command to guest agent via serial port
-  url="http://127.0.0.1:2210/read?command=6&timeout=50"
-  response=$(curl -sk -m 52 -S "$url" 2>&1)
+  url="http://$API_HOST/read?command=$API_CMD&timeout=$API_TIMEOUT"
+  response=$(curl -sk -m "$(( API_TIMEOUT+2 ))" -S "$url" 2>&1)
 
   if [[ "$response" =~ "\"success\"" ]]; then
 
@@ -43,45 +130,37 @@ _graceful_shutdown() {
   else
 
     response="${response#*message\"\: \"}"
-    echo && error "Failed to send shutdown command: ${response%%\"*}"
-
-    kill -15 "$(cat "$QEMU_PID")"
-    pkill -f qemu-system-x86_64 || true
+    [ -z "$response" ] && response="second signal"
+    echo && error "Forcefully terminating because of: ${response%%\"*}"
+    { kill -15 "$pid" || true; } 2>/dev/null
 
   fi
 
-  while [ "$(cat $QEMU_COUNT)" -lt "$QEMU_TIMEOUT" ]; do
+  while [ "$cnt" -lt "$QEMU_TIMEOUT" ]; do
 
-    # Try to connect to qemu
-    if ! echo 'info version'| nc -q 1 -w 1 localhost "$QEMU_PORT" >/dev/null 2>&1 ; then
-      break
-    fi
+    ! isAlive "$pid" && break
 
-    # Increase the counter
-    cnt=$(($(cat $QEMU_COUNT)+1))
-    echo $cnt > "$QEMU_COUNT"
+    sleep 1
+    cnt=$((cnt+1))
 
     [[ "$DEBUG" == [Yy1]* ]] && info "Shutting down, waiting... ($cnt/$QEMU_TIMEOUT)"
 
+    # Workaround for zombie pid
+    [ ! -f "$QEMU_PID" ] && break
+
   done
 
-  if [ "$(cat $QEMU_COUNT)" -ge "$QEMU_TIMEOUT" ]; then
-    echo && error "Shutdown timeout reached, forcefully quitting.."
-  else
-    echo && echo "❯ Quitting..."
+  if [ "$cnt" -ge "$QEMU_TIMEOUT" ]; then
+    echo && error "Shutdown timeout reached, aborting..."
   fi
 
-  echo 'quit' | nc -q 1 -w 1 localhost "$QEMU_PORT" >/dev/null 2>&1 || true
-
-  { pkill -f print.sh || true; } 2>/dev/null
-  { pkill -f host.bin || true; } 2>/dev/null
-
-  closeNetwork
-  sleep 1
-
-  return
+  finish "$code" && return "$code"
 }
 
-_trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
+if [[ "$CONSOLE" != [Yy]* ]]; then
+  _trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
+fi
 
-MON_OPTS="-monitor telnet:localhost:$QEMU_PORT,server,nowait,nodelay"
+MON_OPTS="\
+        -pidfile $QEMU_PID \
+        -monitor telnet:localhost:$QEMU_PORT,server,nowait,nodelay"

src/print.sh

@@ -2,16 +2,17 @@
 set -Eeuo pipefail
 
 : ${DHCP:='N'}
-: ${VM_NET_DEV:='eth0'}
 
 info () { printf "%b%s%b" "\E[1;34m❯ \E[1;36m" "$1" "\E[0m\n" >&2; }
 error () { printf "%b%s%b" "\E[1;31m❯ " "ERROR: $1" "\E[0m\n" >&2; }
 
 file="/run/dsm.url"
-shutdown="/run/qemu.count"
+address="/run/qemu.ip"
+shutdown="/run/qemu.end"
 url="http://127.0.0.1:2210/read?command=10"
 
 resp_err="Guest returned an invalid response:"
+curl_err="Failed to connect to guest: curl error"
 jq_err="Failed to parse response from guest: jq error"
 
 while [ ! -f  "$file" ]
@@ -29,7 +30,7 @@ do
   { json=$(curl -m 20 -sk "$url"); rc=$?; } || :
 
   [ -f "$shutdown" ] && exit 1
-  (( rc != 0 )) && error "Failed to connect to guest: curl error $rc" && continue
+  (( rc != 0 )) && error "$curl_err $rc" && continue
 
   { result=$(echo "$json" | jq -r '.status'); rc=$?; } || :
   (( rc != 0 )) && error "$jq_err $rc ( $json )" && continue
@@ -68,7 +69,7 @@ if [[ "$location" != "20.20"* ]]; then
 
 else
 
-  ip=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
+  ip="$(cat "$address")"
   port="${location##*:}"
 
   if [[ "$ip" == "172."* ]]; then

src/reset.sh

@@ -38,8 +38,10 @@ STORAGE="/storage"
 # Cleanup files
 
 rm -f /run/dsm.url
+rm -f /run/qemu.ip
+rm -f /run/qemu.log
 rm -f /run/qemu.pid
-rm -f /run/qemu.count
+rm -f /run/qemu.end
 
 # Cleanup dirs
 
@@ -49,8 +51,41 @@ rm -rf "$STORAGE/tmp"
 
 # Helper functions
 
-getCountry () {
+isAlive() {
+  local pid=$1
 
+  if kill -0 "$pid" 2>/dev/null; then
+    return 0
+  fi
+
+  return 1
+}
+
+pKill() {
+  local pid=$1
+
+  { kill -15 "$pid" || true; } 2>/dev/null
+
+  while isAlive "$pid"; do
+    sleep 0.1
+  done
+
+  return 0
+}
+
+fKill() {
+  local name=$1
+
+  { pkill -f "$name" || true; } 2>/dev/null
+
+  while pgrep -f -l "$name" >/dev/null; do
+    sleep 0.1
+  done
+
+  return 0
+}
+
+getCountry() {
   local url=$1
   local query=$2
   local rc json result
@@ -69,7 +104,7 @@ getCountry () {
   return 0
 }
 
-setCountry () {
+setCountry() {
 
   [[ "${TZ,,}" == "asia/harbin" ]] && COUNTRY="CN"
   [[ "${TZ,,}" == "asia/beijing" ]] && COUNTRY="CN"
@@ -86,8 +121,7 @@ setCountry () {
   return 0
 }
 
-addPackage () {
-
+addPackage() {
   local pkg=$1
   local desc=$2
 

src/serial.sh

@@ -47,10 +47,10 @@ done
 # Configure serial ports
 
 SERIAL_OPTS="\
-        -serial mon:stdio \
-        -device virtio-serial-pci,id=virtio-serial0,bus=pcie.0,addr=0x3 \
+        -serial none \
         -chardev pty,id=charserial0 \
         -device isa-serial,chardev=charserial0,id=serial0 \
+        -device virtio-serial-pci,id=virtio-serial0,bus=pcie.0,addr=0x3 \
         -chardev socket,id=charchannel0,host=127.0.0.1,port=12345,reconnect=10 \
         -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=vchannel"