diff --git a/readme-vars.yml b/readme-vars.yml index c16c78ef..55751427 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -121,7 +121,7 @@ app_setup_block: | # changelog changelogs: - - { date: "12.10.22:", desc: "Add Alpine branch." } + - { date: "12.10.22:", desc: "Add Alpine branch. Optimize wg and coredns services." } - { date: "09.10.22:", desc: "Switch back to iptables-legacy due to issues on some hosts." } - { date: "04.10.22:", desc: "Rebase to Jammy. Upgrade to s6v3." } - { date: "16.05.22:", desc: "Improve NAT handling in server mode when multiple ethernet devices are present." } diff --git a/root/defaults/Corefile b/root/defaults/Corefile index c8e2152f..ded974e1 100644 --- a/root/defaults/Corefile +++ b/root/defaults/Corefile @@ -1,4 +1,5 @@ . { loop + health forward . /etc/resolv.conf } \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run index 214fcec0..5e770694 100755 --- a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run +++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run @@ -162,8 +162,7 @@ else echo "**** No client conf found. Provide your own client conf as \"/config/wg0.conf\" and restart the container. ****" sleep infinity fi - echo "**** Disabling CoreDNS ****" - rm -rf /etc/services.d/coredns + printf "false" > /run/s6/container_environment/USE_COREDNS fi # set up CoreDNS diff --git a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run index 4206c532..d1276534 100755 --- a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run +++ b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run @@ -1,11 +1,20 @@ #!/usr/bin/with-contenv bash if netstat -apn | grep -q ":53 "; then - echo "Another service is using port 53, disabling CoreDNS" - sleep infinity + USE_COREDNS="false" +fi + +if [[ ${USE_COREDNS} == "false" ]]; then + s6-notifyoncheck -d -n 300 -w 1000 -c "echo **** Disabling CoreDNS ****" \ + sleep infinity +elif grep -q "health" /config/coredns/Corefile; then + exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "redirfd -w 1 /dev/null curl -s http://localhost:8080/health" \ + cd /config/coredns \ + /app/coredns -dns.port=53 else - exec \ - s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z -u 127.0.0.1 53" \ - cd /config/coredns \ - /app/coredns -dns.port=53 + exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "nc -zu localhost 53" \ + cd /config/coredns \ + /app/coredns -dns.port=53 fi diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/down b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/down new file mode 100644 index 00000000..1bf02103 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/down @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/svc-wireguard/finish \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish new file mode 100755 index 00000000..3403cb90 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish @@ -0,0 +1,3 @@ +#!/usr/bin/with-contenv bash + +wg-quick down wg0 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run index 9ef15b46..8f4e38ae 100755 --- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run @@ -1,14 +1,3 @@ #!/usr/bin/with-contenv bash -_term() { - echo "Caught SIGTERM signal!" - wg-quick down wg0 -} - -trap _term SIGTERM - wg-quick up wg0 - -sleep infinity & - -wait diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type index 1780f9f4..3d92b15f 100644 --- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type @@ -1 +1 @@ -longrun \ No newline at end of file +oneshot \ No newline at end of file diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/up b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/up new file mode 100644 index 00000000..5689d7d7 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/svc-wireguard/run \ No newline at end of file