diff options
author | Markus Heiser <markus.heiser@darmarIT.de> | 2021-06-25 08:23:40 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-06-25 08:23:40 +0000 |
commit | d19869b9f73c99d5573024c1dfcd76b6b5356120 (patch) | |
tree | 286eb53050bbeca62e8bec1777be047dd95ed5b3 /utils | |
parent | c91603dae9d89c10b67b58c5c52385b75e89379c (diff) | |
parent | c8a6548592ff4f6d223cc548978b77ef84a39981 (diff) | |
download | searxng-d19869b9f73c99d5573024c1dfcd76b6b5356120.tar.gz searxng-d19869b9f73c99d5573024c1dfcd76b6b5356120.zip |
Merge pull request #173 from return42/fix-lxc-iptables
[mod] utils/lxc.sh: detect conflict of docker & LXC in the iptables
Diffstat (limited to 'utils')
-rwxr-xr-x | utils/lxc.sh | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/utils/lxc.sh b/utils/lxc.sh index f065bf3c7..90c4949a6 100755 --- a/utils/lxc.sh +++ b/utils/lxc.sh @@ -5,6 +5,8 @@ # shellcheck source=utils/lib.sh source "$(dirname "${BASH_SOURCE[0]}")/lib.sh" source_dot_config +# shellcheck source=utils/brand.env +source "${REPO_ROOT}/utils/brand.env" # load environment of the LXC suite LXC_ENV="${LXC_ENV:-${REPO_ROOT}/utils/lxc-searx.env}" @@ -535,6 +537,9 @@ lxc_install_boilerplate() { if lxc start -q "${container_name}" &>/dev/null; then sleep 5 # guest needs some time to come up and get an IP fi + if ! check_connectivity "${container_name}"; then + die 42 "Container ${container_name} has no internet connectivity!" + fi lxc_init_container_env "${container_name}" info_msg "[${_BBlue}${container_name}${_creset}] install /.lxcenv.mk .." cat <<EOF | lxc exec "${container_name}" -- bash | prefix_stdout "[${_BBlue}${container_name}${_creset}] " @@ -554,6 +559,20 @@ EOF fi } +check_connectivity() { + local ret_val=0 + info_msg "check internet connectivity ..." + if ! lxc exec "${1}" -- ping -c 1 8.8.8.8 &>/dev/null; then + ret_val=1 + err_msg "no internet connectivity!" + info_msg "Most often the connectivity is blocked by a docker installation:" + info_msg "Whenever docker is started (reboot) it sets the iptables policy " + info_msg "for the FORWARD chain to DROP, see:" + info_msg " ${DOCS_URL}/utils/lxc.sh.html#internet-connectivity-docker" + iptables-save | grep ":FORWARD" + fi + return $ret_val +} # ---------------------------------------------------------------------------- main "$@" |