diff --git a/README.md b/README.md index 3ed4aeef..8d2651da 100644 --- a/README.md +++ b/README.md @@ -3,10 +3,10 @@ This mod gives SWAG the ability to auto-detect running containers via labels and automatically enable reverse proxy for them. ## Requirements: -- This mod needs the [universal-docker mod](https://github.com/linuxserver/docker-mods/tree/universal-docker) installed and set up with either mapping `docker.sock` or setting the environment variable `DOCKER_HOST=remoteaddress`. +- This mod needs either mapping `docker.sock` or setting the environment variable `DOCKER_HOST=remoteaddress` (see section below for [security consideration](#security-consideration)). - Other containers to be auto-detected and reverse proxied should be in the same [user defined bridge network](https://docs.linuxserver.io/general/swag#docker-networking) as SWAG. - Containers to be auto-detected and reverse proxied must have a label `swag=enable` at a minimum. -- To benefit from curated preset proxy confs we provide, the container name must match the container names that are suggested in our readme examples (ie. `radarr` and not `Radarr-4K`). +- To benefit from curated preset proxy confs we provide, either the container name must match the container names that are suggested in our readme examples (ie. `radarr` and not `Radarr-4K`), or the `swag_preset_conf` label must be set. ## Labels: - `swag=enable` - required for auto-detection @@ -21,7 +21,7 @@ This mod gives SWAG the ability to auto-detect running containers via labels and - `swag_preset_conf=confname` - *optional* - allows defining a preset conf to use if the container name does not match one (if the conf name is `radarr.subdomain.conf.sample`, set this value to `radarr`). If the container name matches an existing conf, this var will be ignored. -In SWAG docker arguments, set an environment variable `DOCKER_MODS=linuxserver/mods:universal-docker|linuxserver/mods:swag-auto-proxy` and either add a volume mapping for `/var/run/docker.sock:/var/run/docker.sock:ro`, or set an environment var `DOCKER_HOST=remoteaddress`. +In SWAG docker arguments, set an environment variable `DOCKER_MODS=linuxserver/mods:swag-auto-proxy` and either add a volume mapping for `/var/run/docker.sock:/var/run/docker.sock:ro`, or set an environment var `DOCKER_HOST=remoteaddress`. ## Security Consideration: Mapping the `docker.sock`, especially in a publicly accessible container is a security liability. Since this mod only needs read-only access to the docker api, the recommended method is to proxy the `docker.sock` via a solution like [our docker socket proxy](https://github.com/linuxserver/docker-socket-proxy), limit the access, and set `DOCKER_HOST=` to point to the proxy address. diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/dependencies.d/init-mod-universal-docker-setup b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/dependencies.d/init-mods similarity index 100% rename from root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/dependencies.d/init-mod-universal-docker-setup rename to root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/dependencies.d/init-mods diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/run b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/run new file mode 100755 index 00000000..de8792b8 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/run @@ -0,0 +1,12 @@ +#!/usr/bin/with-contenv bash + +if grep -q "linuxserver/mods:universal-docker" /run/s6/container_environment/DOCKER_MODS; then + until [ -f /usr/local/bin/docker ]; do + sleep 3 + done + echo "**** Using docker binary from the universal-docker mod ****" +else + echo "**** Adding docker-cli to package install list ****" + echo "\ + docker-cli" >> /mod-repo-packages-to-install.list +fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/type b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/type new file mode 100644 index 00000000..3d92b15f --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/type @@ -0,0 +1 @@ +oneshot \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/up b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/up new file mode 100644 index 00000000..fe416edf --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-add-package/run \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/dependencies.d/init-mods-package-install b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/dependencies.d/init-mods-package-install new file mode 100644 index 00000000..e69de29b diff --git a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/run b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/run index 3f67b2ff..59d7a909 100755 --- a/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/run +++ b/root/etc/s6-overlay/s6-rc.d/init-mod-swag-auto-proxy-setup/run @@ -1,7 +1,7 @@ #!/usr/bin/with-contenv bash if [ ! -S /var/run/docker.sock ] && [ -z "$DOCKER_HOST" ]; then - echo "**** Docker mod not set up properly, skipping SWAG auto-proxy ****" + echo "**** Docker service access not set up properly, skipping SWAG auto-proxy, please map either the docker socket or set the DOCKER_HOST var. ****" exit 0 fi diff --git a/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/dependencies.d/init-mod-swag-auto-proxy-add-package b/root/etc/s6-overlay/s6-rc.d/init-mods-package-install/dependencies.d/init-mod-swag-auto-proxy-add-package new file mode 100644 index 00000000..e69de29b diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mod-swag-auto-proxy-add-package b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-mod-swag-auto-proxy-add-package new file mode 100644 index 00000000..e69de29b