diff options
| author | Markus Heiser <markus.heiser@darmarit.de> | 2021-06-23 12:39:49 +0200 |
|---|---|---|
| committer | Markus Heiser <markus.heiser@darmarit.de> | 2021-06-23 12:47:52 +0200 |
| commit | c8a6548592ff4f6d223cc548978b77ef84a39981 (patch) | |
| tree | a9d81c3cabbe056f819fbe53d5ad8c88514d95e9 /utils | |
| parent | 056550d523ddf4e06821957e13623fc322cf4675 (diff) | |
| download | searxng-c8a6548592ff4f6d223cc548978b77ef84a39981.tar.gz searxng-c8a6548592ff4f6d223cc548978b77ef84a39981.zip | |
[mod] utils/lxc.sh: detect conflict of docker & LXC in the iptables
Docker is blocking network of existing LXC containers / there is a conflict in
the iptables setup of Docker & LXC. With this patch:
- utils/lxc.sh checks internet connectivity (instead of silently hang)
- Chapter "Internet Connectivity & Docker" describes the problem and made a
suggestion for a solution a solution
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
Diffstat (limited to 'utils')
| -rwxr-xr-x | utils/lxc.sh | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/utils/lxc.sh b/utils/lxc.sh index f065bf3c7..90c4949a6 100755 --- a/utils/lxc.sh +++ b/utils/lxc.sh @@ -5,6 +5,8 @@ # shellcheck source=utils/lib.sh source "$(dirname "${BASH_SOURCE[0]}")/lib.sh" source_dot_config +# shellcheck source=utils/brand.env +source "${REPO_ROOT}/utils/brand.env" # load environment of the LXC suite LXC_ENV="${LXC_ENV:-${REPO_ROOT}/utils/lxc-searx.env}" @@ -535,6 +537,9 @@ lxc_install_boilerplate() { if lxc start -q "${container_name}" &>/dev/null; then sleep 5 # guest needs some time to come up and get an IP fi + if ! check_connectivity "${container_name}"; then + die 42 "Container ${container_name} has no internet connectivity!" + fi lxc_init_container_env "${container_name}" info_msg "[${_BBlue}${container_name}${_creset}] install /.lxcenv.mk .." cat <<EOF | lxc exec "${container_name}" -- bash | prefix_stdout "[${_BBlue}${container_name}${_creset}] " @@ -554,6 +559,20 @@ EOF fi } +check_connectivity() { + local ret_val=0 + info_msg "check internet connectivity ..." + if ! lxc exec "${1}" -- ping -c 1 8.8.8.8 &>/dev/null; then + ret_val=1 + err_msg "no internet connectivity!" + info_msg "Most often the connectivity is blocked by a docker installation:" + info_msg "Whenever docker is started (reboot) it sets the iptables policy " + info_msg "for the FORWARD chain to DROP, see:" + info_msg " ${DOCS_URL}/utils/lxc.sh.html#internet-connectivity-docker" + iptables-save | grep ":FORWARD" + fi + return $ret_val +} # ---------------------------------------------------------------------------- main "$@" |