fix: Port forwarding (#525 )

* fix: Port forwarding
fix: QEMU monitor (#524 )
2025-11-06 18:13:43 +08:00 · 2023-12-30 00:01:12 +01:00 · 2023-12-29 19:05:51 +01:00 · 2023-12-29 18:27:51 +01:00 · 2023-12-29 18:15:39 +01:00 · 2023-12-29 17:34:23 +01:00
9 changed files with 84 additions and 33 deletions
--- a/src/config.sh
+++ b/src/config.sh
@@ -1,22 +1,15 @@
 #!/usr/bin/env bash
 set -Eeuo pipefail

-DEF_OPTS="-nographic -nodefaults -boot strict=on -display none"
+DEF_OPTS="-nodefaults -boot strict=on"
 RAM_OPTS=$(echo "-m $RAM_SIZE" | sed 's/MB/M/g;s/GB/G/g;s/TB/T/g')
 CPU_OPTS="-cpu $CPU_MODEL -smp $CPU_CORES,sockets=1,dies=1,cores=$CPU_CORES,threads=1"
 MAC_OPTS="-machine type=q35,usb=off,dump-guest-core=off,hpet=off${KVM_OPTS}"
-EXTRA_OPTS="-device virtio-balloon-pci,id=balloon0,bus=pcie.0,addr=0x4"
-EXTRA_OPTS="$EXTRA_OPTS -object rng-random,id=objrng0,filename=/dev/urandom"
-EXTRA_OPTS="$EXTRA_OPTS -device virtio-rng-pci,rng=objrng0,id=rng0,bus=pcie.0,addr=0x1c"
+DEV_OPTS="-device virtio-balloon-pci,id=balloon0,bus=pcie.0,addr=0x4"
+DEV_OPTS="$DEV_OPTS -object rng-random,id=objrng0,filename=/dev/urandom"
+DEV_OPTS="$DEV_OPTS -device virtio-rng-pci,rng=objrng0,id=rng0,bus=pcie.0,addr=0x1c"

-if [[ "$GPU" == [Yy1]* ]] && [[ "$ARCH" == "amd64" ]]; then
-  DEF_OPTS="-nodefaults -boot strict=on -display egl-headless,rendernode=/dev/dri/renderD128"
-  DEF_OPTS="$DEF_OPTS -device virtio-vga,id=video0,max_outputs=1,bus=pcie.0,addr=0x1"
-fi
-
-[[ "$CONSOLE" != [Yy]* ]] && DEF_OPTS="$DEF_OPTS -daemonize -D $QEMU_LOG"
-
-ARGS="$DEF_OPTS $CPU_OPTS $RAM_OPTS $MAC_OPTS $MON_OPTS $SERIAL_OPTS $NET_OPTS $DISK_OPTS $EXTRA_OPTS $ARGUMENTS"
+ARGS="$DEF_OPTS $CPU_OPTS $RAM_OPTS $MAC_OPTS $DISPLAY_OPTS $MON_OPTS $SERIAL_OPTS $NET_OPTS $DISK_OPTS $DEV_OPTS $ARGUMENTS"
 ARGS=$(echo "$ARGS" | sed 's/\t/ /g' | tr -s ' ')

 return 0
--- a/src/disk.sh
+++ b/src/disk.sh
@@ -5,10 +5,10 @@ set -Eeuo pipefail

 : ${DISK_IO:='native'}          # I/O Mode, can be set to 'native', 'threads' or 'io_turing'
 : ${DISK_FMT:='raw'}            # Disk file format, 'raw' by default for best performance
+: ${DISK_FLAGS:=''}             # Specifies the options for use with the qcow2 disk format
 : ${DISK_CACHE:='none'}         # Caching mode, can be set to 'writeback' for better performance
 : ${DISK_DISCARD:='on'}         # Controls whether unmap (TRIM) commands are passed to the host.
 : ${DISK_ROTATION:='1'}         # Rotation rate, set to 1 for SSD storage and increase for HDD
-: ${DISK_FLAGS:=''}             # Specifies the options for use with the qcow2 disk format

 BOOT="$STORAGE/$BASE.boot.img"
 SYSTEM="$STORAGE/$BASE.system.img"
@@ -17,11 +17,11 @@ SYSTEM="$STORAGE/$BASE.system.img"
 [ ! -f "$SYSTEM" ] && error "Virtual DSM system-image does not exist ($SYSTEM)" && exit 82

 DISK_OPTS="\
-    -object iothread,id=io1 -object iothread,id=io2 \
-    -device virtio-scsi-pci,id=hw-synoboot,iothread=io1,bus=pcie.0,addr=0xa \
+    -object iothread,id=io2 \
+    -device virtio-scsi-pci,id=hw-synoboot,iothread=io2,bus=pcie.0,addr=0xa \
    -drive file=$BOOT,if=none,id=drive-synoboot,format=raw,cache=$DISK_CACHE,aio=$DISK_IO,discard=$DISK_DISCARD,detect-zeroes=on \
    -device scsi-hd,bus=hw-synoboot.0,channel=0,scsi-id=0,lun=0,drive=drive-synoboot,id=synoboot0,rotation_rate=$DISK_ROTATION,bootindex=1 \
-    -device virtio-scsi-pci,id=hw-synosys,iothread=io1,bus=pcie.0,addr=0xb \
+    -device virtio-scsi-pci,id=hw-synosys,iothread=io2,bus=pcie.0,addr=0xb \
    -drive file=$SYSTEM,if=none,id=drive-synosys,format=raw,cache=$DISK_CACHE,aio=$DISK_IO,discard=$DISK_DISCARD,detect-zeroes=on \
    -device scsi-hd,bus=hw-synosys.0,channel=0,scsi-id=0,lun=0,drive=drive-synosys,id=synosys0,rotation_rate=$DISK_ROTATION,bootindex=2"

--- a/src/display.sh
+++ b/src/display.sh
@@ -1,10 +1,27 @@
 #!/usr/bin/env bash
 set -Eeuo pipefail

+# Docker environment variables
+
+: ${GPU:='N'}           # GPU passthrough
+: ${DISPLAY:='none'}  # Display type
+
+case "${DISPLAY,,}" in
+  vnc)
+    DISPLAY_OPTS="-display vnc=:0 -vga virtio"
+    ;;
+  *)
+    DISPLAY_OPTS="-display $DISPLAY -vga none"
+    ;;
+esac
+
 if [[ "$GPU" != [Yy1]* ]] || [[ "$ARCH" != "amd64" ]]; then
  return 0
 fi

+DISPLAY_OPTS="-display egl-headless,rendernode=/dev/dri/renderD128 -vga virtio"
+[[ "${DISPLAY,,}" == "vnc" ]] && DISPLAY_OPTS="$DISPLAY_OPTS -vnc :0"
+
 [ ! -d /dev/dri ] && mkdir -m 755 /dev/dri

 if [ ! -c /dev/dri/card0 ]; then
--- a/src/entry.sh
+++ b/src/entry.sh
@@ -9,9 +9,9 @@ cd /run
 . reset.sh      # Initialize system
 . install.sh    # Run installation
 . disk.sh       # Initialize disks
+. display.sh    # Initialize graphics
 . network.sh    # Initialize network
-. gpu.sh        # Initialize graphics
-. cpu.sh        # Initialize processor
+. proc.sh       # Initialize processor
 . serial.sh     # Initialize serialport
 . power.sh      # Configure shutdown
 . config.sh     # Configure arguments
--- a/src/network.sh
+++ b/src/network.sh
@@ -4,6 +4,7 @@ set -Eeuo pipefail
 # Docker environment variables

 : ${DHCP:='N'}
+: ${HOST_PORTS:=''}
 : ${MAC:='02:11:32:AA:BB:CC'}

 : ${VM_NET_DEV:=''}
@@ -90,6 +91,40 @@ configureDNS() {
  return 0
 }

+getPorts() {
+
+  local list=$1
+  local args=""
+  local vnc="5900"
+
+  list="${list//,/ }"
+  list="${list## }"
+  list="${list%% }"
+
+  if [[ "${DISPLAY,,}" == "vnc" ]] && [[ "$list" != *"$vnc"* ]]; then
+    if [ -z "$list" ]; then
+      list="$vnc"
+    else
+      list="$list $vnc"
+    fi
+  fi
+
+  if [ -n "$list" ]; then
+    if [[ "$list" != *" "* ]]; then
+      args=" ! --dport $list"
+    else
+      args=" -m multiport ! --dports "
+      for port in $list; do
+        args="${args}${port},"
+      done
+      args="${args%?}"
+    fi
+  fi
+
+  echo "$args"
+  return 0
+}
+
 configureNAT() {

  # Create the necessary file structure for /dev/net/tun
@@ -144,8 +179,11 @@ configureNAT() {
  update-alternatives --set iptables /usr/sbin/iptables-legacy > /dev/null
  update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy > /dev/null

+  exclude="$(getPorts "$HOST_PORTS")"
+
  iptables -t nat -A POSTROUTING -o "$VM_NET_DEV" -j MASQUERADE
-  iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp  -j DNAT --to "$VM_NET_IP"
+  # shellcheck disable=SC2086
+  iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p tcp${exclude} -j DNAT --to "$VM_NET_IP"
  iptables -t nat -A PREROUTING -i "$VM_NET_DEV" -d "$IP" -p udp  -j DNAT --to "$VM_NET_IP"

  if (( KERNEL > 4 )); then
@@ -220,10 +258,6 @@ getInfo() {
  IP=$(ip address show dev "$VM_NET_DEV" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/)
  echo "$IP" > /run/qemu.ip

-  if [[ "$DEBUG" == [Yy1]* ]]; then
-    info "Container IP is $IP with gateway $GATEWAY on interface $VM_NET_DEV" && echo
-  fi
-
  return 0
 }

@@ -241,6 +275,10 @@ fi

 getInfo

+if [[ "$DEBUG" == [Yy1]* ]]; then
+  info "Container IP is $IP with gateway $GATEWAY on interface $VM_NET_DEV" && echo
+fi
+
 if [[ "$DHCP" == [Yy1]* ]]; then

  if [[ "$GATEWAY" == "172."* ]]; then
--- a/src/power.sh
+++ b/src/power.sh
@@ -73,7 +73,7 @@ terminal() {

  if [ ! -c "$dev" ]; then
    dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$QEMU_PORT" | tr -d '\000')
-    dev="${dev#*charserial0}"
+    dev="${dev#*serial0}"
    dev="${dev#*pty:}"
    dev="${dev%%$'\n'*}"
    dev="${dev%%$'\r'*}"
@@ -157,10 +157,16 @@ _graceful_shutdown() {
  finish "$code" && return "$code"
 }

-if [[ "$CONSOLE" != [Yy]* ]]; then
-  _trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
-fi
-
 MON_OPTS="\
        -pidfile $QEMU_PID \
        -monitor telnet:localhost:$QEMU_PORT,server,nowait,nodelay"
+
+if [[ "$CONSOLE" != [Yy]* ]]; then
+
+  MON_OPTS="$MON_OPTS -daemonize -D $QEMU_LOG"
+
+  _trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
+
+fi
+
+return 0
--- a/src/proc.sh
+++ b/src/proc.sh
@@ -3,6 +3,7 @@ set -Eeuo pipefail

 # Docker environment variables

+: ${KVM:='Y'}
 : ${HOST_CPU:=''}
 : ${CPU_MODEL:='host'}
 : ${CPU_FEATURES:='+ssse3,+sse4.1,+sse4.2'}
--- a/src/reset.sh
+++ b/src/reset.sh
@@ -12,8 +12,6 @@ trap 'error "Status $? while: $BASH_COMMAND (line $LINENO/$BASH_LINENO)"' ERR
 # Docker environment variables

 : ${TZ:=''}             # System local timezone
-: ${GPU:='N'}           # Disable GPU passthrough
-: ${KVM:='Y'}           # Enable KVM acceleration
 : ${DEBUG:='N'}         # Disable debugging mode
 : ${COUNTRY:=''}        # Country code for mirror
 : ${CONSOLE:='N'}       # Disable console mode
--- a/src/serial.sh
+++ b/src/serial.sh
@@ -47,9 +47,7 @@ done
 # Configure serial ports

 SERIAL_OPTS="\
-        -serial none \
-        -chardev pty,id=charserial0 \
-        -device isa-serial,chardev=charserial0,id=serial0 \
+        -serial pty \
        -device virtio-serial-pci,id=virtio-serial0,bus=pcie.0,addr=0x3 \
        -chardev socket,id=charchannel0,host=127.0.0.1,port=12345,reconnect=10 \
        -device virtserialport,bus=virtio-serial0.0,nr=1,chardev=charchannel0,id=channel0,name=vchannel"
Author	SHA1	Message	Date
Kroese	0862cad2ce	fix: Port forwarding (#525 ) * fix: Port forwarding	2023-12-30 00:01:12 +01:00
Kroese	5ae4f59315	fix: QEMU monitor (#524 )	2023-12-29 19:05:51 +01:00
Kroese	3fc3005ba5	fix: Processor (#523 ) * fix: Processor	2023-12-29 18:27:51 +01:00
Kroese	20f48edd00	fix: Serial port (#522 ) * fix: Serial port	2023-12-29 18:15:39 +01:00
Kroese	b854aad830	fix: Use single IO thread (#521 )	2023-12-29 17:34:23 +01:00
Kroese	6cbe03f656	fix: Port forwarding (#520 )	2023-12-29 17:20:18 +01:00
Kroese	63cac9a75e	fix: Display config (#519 ) * fix: Display config	2023-12-29 16:56:49 +01:00