From cedc7c7b60b85511b330293709460fb0cd88400f Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 19:01:07 +0200 Subject: [PATCH 01/12] macvlan --- run/network.sh | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/run/network.sh b/run/network.sh index 888c276..665731d 100644 --- a/run/network.sh +++ b/run/network.sh @@ -79,6 +79,18 @@ configureDHCP() { echo "variable to your container: --device=/dev/vhost-net" && exit 22 fi + # Create macvlan to enable host <> guest communication + ip l add link eth0 macvlan0 type macvlan mode bridge + + IP=$(ip address show dev eth0 | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) + + ip address add "${IP}" dev macvlan0 + ip l set dev macvlan0 up + ip route flush dev eth0 + + GATEWAY=$(ip r | grep default | awk '{print $3}') + ip route add default via "${GATEWAY}" + NET_OPTS="-netdev tap,id=hostnet0,vhost=on,vhostfd=40,fd=30" } From 0fcc00f22aafbc062f6f140f017927760c9864d1 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 19:39:25 +0200 Subject: [PATCH 02/12] macvlan --- run/network.sh | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/run/network.sh b/run/network.sh index 665731d..8cc8e5f 100644 --- a/run/network.sh +++ b/run/network.sh @@ -30,8 +30,26 @@ configureDHCP() { echo "docker variable to your container: --device=/dev/vhost-net" && exit 85 fi + # Create macvlan to enable host <> guest communication + + GATEWAY=$(ip r | grep default | awk '{print $3}') + IP=$(ip address show dev eth0 | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) + NETWORK=$(ip -o route | grep eth0 | grep -v default | awk '{print $1}') + + ip l add link eth0 macvlan0 type macvlan mode bridge + + ip address add "${IP}" dev macvlan0 + ip link set dev macvlan0 up + + ip route flush dev eth0 + ip route flush dev macvlan0 + + ip route add $NETWORK dev macvlan0 metric 0 + ip route add default via "${GATEWAY}" + echo "Info: Retrieving IP via DHCP using MAC ${VM_NET_MAC}..." + # Create macvtap ip l add link eth0 name "${VM_NET_TAP}" address "${VM_NET_MAC}" type macvtap mode bridge || true ip l set "${VM_NET_TAP}" up @@ -79,18 +97,6 @@ configureDHCP() { echo "variable to your container: --device=/dev/vhost-net" && exit 22 fi - # Create macvlan to enable host <> guest communication - ip l add link eth0 macvlan0 type macvlan mode bridge - - IP=$(ip address show dev eth0 | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) - - ip address add "${IP}" dev macvlan0 - ip l set dev macvlan0 up - ip route flush dev eth0 - - GATEWAY=$(ip r | grep default | awk '{print $3}') - ip route add default via "${GATEWAY}" - NET_OPTS="-netdev tap,id=hostnet0,vhost=on,vhostfd=40,fd=30" } From 0fce3a3cf9d26d9b041a1d0f9ccd856a21ff3ba3 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:09:24 +0200 Subject: [PATCH 03/12] macvtap --- run/network.sh | 68 +++++++++++++++++++++++++------------------------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/run/network.sh b/run/network.sh index 8cc8e5f..bf88977 100644 --- a/run/network.sh +++ b/run/network.sh @@ -4,6 +4,7 @@ set -eu # Docker environment variabeles : ${VM_NET_TAP:='dsm'} +: ${VM_NET_DEV:='eth0'} : ${VM_NET_HOST:='VirtualDSM'} : ${VM_NET_MAC:='02:11:32:AA:BB:CC'} @@ -19,41 +20,28 @@ set -eu configureDHCP() { - # Create /dev/vhost-net - if [ ! -c /dev/vhost-net ]; then - mknod /dev/vhost-net c 10 238 - chmod 660 /dev/vhost-net - fi - - if [ ! -c /dev/vhost-net ]; then - echo -n "Error: VHOST interface not available. Please add the following " - echo "docker variable to your container: --device=/dev/vhost-net" && exit 85 - fi - - # Create macvlan to enable host <> guest communication - + VM_NET_VLAN="vlan" GATEWAY=$(ip r | grep default | awk '{print $3}') - IP=$(ip address show dev eth0 | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) - NETWORK=$(ip -o route | grep eth0 | grep -v default | awk '{print $1}') + NETWORK=$(ip -o route | grep "${VM_NET_DEV}" | grep -v default | awk '{print $1}') + IP=$(ip address show dev "${VM_NET_DEV}" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) - ip l add link eth0 macvlan0 type macvlan mode bridge + ip l add link "${VM_NET_DEV}" "${VM_NET_VLAN}" type macvlan mode bridge - ip address add "${IP}" dev macvlan0 - ip link set dev macvlan0 up + ip address add "${IP}" dev "${VM_NET_VLAN}" + ip link set dev "${VM_NET_VLAN}" up - ip route flush dev eth0 - ip route flush dev macvlan0 + ip route flush dev "${VM_NET_DEV}" + ip route flush dev "${VM_NET_VLAN}" - ip route add $NETWORK dev macvlan0 metric 0 + ip route add $NETWORK dev "${VM_NET_VLAN}" metric 0 ip route add default via "${GATEWAY}" echo "Info: Retrieving IP via DHCP using MAC ${VM_NET_MAC}..." - # Create macvtap - ip l add link eth0 name "${VM_NET_TAP}" address "${VM_NET_MAC}" type macvtap mode bridge || true + ip l add link "${VM_NET_DEV}" name "${VM_NET_TAP}" address "${VM_NET_MAC}" type macvtap mode bridge || true ip l set "${VM_NET_TAP}" up - ip a flush eth0 + ip a flush "${VM_NET_DEV}" ip a flush "${VM_NET_TAP}" DHCP_IP=$( dhclient -v "${VM_NET_TAP}" 2>&1 | grep ^bound | cut -d' ' -f3 ) @@ -64,11 +52,19 @@ configureDHCP() { echo "ERROR: Cannot retrieve IP from DHCP using MAC ${VM_NET_MAC}" && exit 16 fi - # Store IP for Docker healthcheck - echo "${DHCP_IP}" > "/var/dsm.ip" - ip a flush "${VM_NET_TAP}" + # Create /dev/vhost-net + if [ ! -c /dev/vhost-net ]; then + mknod /dev/vhost-net c 10 238 + chmod 660 /dev/vhost-net + fi + + if [ ! -c /dev/vhost-net ]; then + echo -n "Error: VHOST interface not available. Please add the following " + echo "docker variable to your container: --device=/dev/vhost-net" && exit 85 + fi + TAP_NR=$( "/var/dsm.ip" + NET_OPTS="-netdev tap,id=hostnet0,vhost=on,vhostfd=40,fd=30" } @@ -104,22 +103,20 @@ configureNAT () { VM_NET_IP='20.20.20.21' - # Store IP for Docker healthcheck - echo "${VM_NET_IP}" > "/var/dsm.ip" - #Create bridge with static IP for the VM guest brctl addbr dockerbridge ip addr add ${VM_NET_IP%.*}.1/24 broadcast ${VM_NET_IP%.*}.255 dev dockerbridge ip link set dockerbridge up + #QEMU Works with taps, set tap to the bridge created ip tuntap add dev "${VM_NET_TAP}" mode tap ip link set "${VM_NET_TAP}" up promisc on brctl addif dockerbridge "${VM_NET_TAP}" #Add internet connection to the VM - iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE - iptables -t nat -A PREROUTING -i eth0 -p tcp -j DNAT --to $VM_NET_IP - iptables -t nat -A PREROUTING -i eth0 -p udp -j DNAT --to $VM_NET_IP + iptables -t nat -A POSTROUTING -o "${VM_NET_DEV}" -j MASQUERADE + iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -p tcp -j DNAT --to $VM_NET_IP + iptables -t nat -A PREROUTING -i "${VM_NET_DEV}" -p udp -j DNAT --to $VM_NET_IP # Hack for guest VMs complaining about "bad udp checksums in 5 packets" iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM --checksum-fill || true @@ -134,6 +131,9 @@ configureNAT () { echo "0 $VM_NET_MAC $VM_NET_IP $VM_NET_HOST 01:${VM_NET_MAC}" > /var/lib/misc/dnsmasq.leases chmod 644 /var/lib/misc/dnsmasq.leases + # Store IP for Docker healthcheck + echo "${VM_NET_IP}" > "/var/dsm.ip" + NET_OPTS="-netdev tap,ifname=${VM_NET_TAP},script=no,downscript=no,id=hostnet0" # Build DNS options from container /etc/resolv.conf @@ -182,7 +182,7 @@ GATEWAY=$(ip r | grep default | awk '{print $3}') if [ "$DEBUG" = "Y" ]; then - IP=$(ip address show dev eth0 | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) + IP=$(ip address show dev "${VM_NET_DEV}" | grep inet | awk '/inet / { print $2 }' | cut -f1 -d/) echo "Info: Container IP is ${IP} with gateway ${GATEWAY}" ifconfig ip route From 95f74c9a434ec25c549c78c41f75cd93d371e87b Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:25:08 +0200 Subject: [PATCH 04/12] Redirect --- run/network.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/run/network.sh b/run/network.sh index bf88977..d19680f 100644 --- a/run/network.sh +++ b/run/network.sh @@ -205,7 +205,11 @@ else configureDHCP # Display the received IP on port 5000 - /run/server.sh 5000 "The location of DSM is http://${DHCP_IP}:5000" > /dev/null & + + HTML="The location of DSM is http://${DHCP_IP}:5000" + + /run/server.sh 5000 "${HTML}" > /dev/null & fi From 785cec352efeb4512a5d2e8ad8ddab17e7fec3f6 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:27:15 +0200 Subject: [PATCH 05/12] Shellcheck --- run/network.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run/network.sh b/run/network.sh index d19680f..7f9cb97 100644 --- a/run/network.sh +++ b/run/network.sh @@ -33,7 +33,7 @@ configureDHCP() { ip route flush dev "${VM_NET_DEV}" ip route flush dev "${VM_NET_VLAN}" - ip route add $NETWORK dev "${VM_NET_VLAN}" metric 0 + ip route add "${NETWORK}" dev "${VM_NET_VLAN}" metric 0 ip route add default via "${GATEWAY}" echo "Info: Retrieving IP via DHCP using MAC ${VM_NET_MAC}..." From 1479725824ae6a2a10b6b329566877fcce3f9201 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:28:18 +0200 Subject: [PATCH 06/12] Obsolete --- readme.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/readme.md b/readme.md index 2381b80..b2d9a6b 100644 --- a/readme.md +++ b/readme.md @@ -165,8 +165,6 @@ docker run -it --rm -p 5000:5000 --device=/dev/kvm --cap-add NET_ADMIN --stop-ti - 'c 510:* rwm' ``` - This will make DSM retrieve an IP from your router. This will not be the same as the macvlan IP of the container, so to determine which one was assigned to DSM please check the container logfile or use the devices page of your router for example. - NOTE: The exact cgroup rule may be different than `510` depending on your system, but the correct rule number will be printed to the logfile in case of error. * ### How do I install a specific version of vDSM? ### From 53bf1166b99ac1fed1ef515ea648d2c34e8f0ea6 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:30:21 +0200 Subject: [PATCH 07/12] Tab --- run/network.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/run/network.sh b/run/network.sh index 7f9cb97..3783c8d 100644 --- a/run/network.sh +++ b/run/network.sh @@ -205,9 +205,8 @@ else configureDHCP # Display the received IP on port 5000 - HTML="The location of DSM is http://${DHCP_IP}:5000" + setTimeout(function(){ window.location.replace("http://${DHCP_IP}:5000"); }, 2000);" /run/server.sh 5000 "${HTML}" > /dev/null & From c569439aa858c418ab45ff10e282d09193a8ac65 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:31:30 +0200 Subject: [PATCH 08/12] Space --- run/network.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run/network.sh b/run/network.sh index 3783c8d..e730407 100644 --- a/run/network.sh +++ b/run/network.sh @@ -159,7 +159,7 @@ configureNAT () { [ "$DEBUG" = "Y" ] && echo && echo "$DNSMASQ $DNSMASQ_OPTS" - $DNSMASQ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} + $DNSMASQ ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} } # ###################################### From 7ac8492e5d57bcfb92789ac0766fd1d9d4fd6d32 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:34:16 +0200 Subject: [PATCH 09/12] Quotes --- run/network.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/run/network.sh b/run/network.sh index e730407..69744ca 100644 --- a/run/network.sh +++ b/run/network.sh @@ -206,7 +206,7 @@ else # Display the received IP on port 5000 HTML="The location of DSM is http://${DHCP_IP}:5000" + setTimeout(function(){ window.location.replace('http://${DHCP_IP}:5000'); }, 2000);" /run/server.sh 5000 "${HTML}" > /dev/null & From d1cbe6b8ffb5008234f129a8adbc618c911fe8ac Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:38:33 +0200 Subject: [PATCH 10/12] Update readme.md --- readme.md | 1 - 1 file changed, 1 deletion(-) diff --git a/readme.md b/readme.md index b2d9a6b..4996d7e 100644 --- a/readme.md +++ b/readme.md @@ -46,7 +46,6 @@ services: - NET_ADMIN ports: - 5000:5000 - - 5001:5001 restart: on-failure stop_grace_period: 1m ``` From 8962499473f6952eb2078e3be50a368536b64914 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:39:03 +0200 Subject: [PATCH 11/12] Update Dockerfile --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b365c88..e37013f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -48,7 +48,6 @@ EXPOSE 139 EXPOSE 443 EXPOSE 445 EXPOSE 5000 -EXPOSE 5001 ENV URL "" ENV ALLOCATE "Y" From 125b637c4adab0fa39428d202f29ebfa2e85c356 Mon Sep 17 00:00:00 2001 From: Kroese Date: Fri, 21 Apr 2023 20:39:24 +0200 Subject: [PATCH 12/12] Update docker-compose.yml --- docker-compose.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index e630cff..11edab8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,7 +13,6 @@ services: - NET_ADMIN ports: - 5000:5000 - - 5001:5001 volumes: - /var/dsm:/storage restart: on-failure