From a586a44219ad6e0e16f657298e68562b1074fd79 Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Sun, 9 Oct 2022 16:15:09 -0400
Subject: [PATCH 1/5] streamline wireguard service

---
 root/etc/s6-overlay/s6-rc.d/svc-wireguard/down   |  1 +
 root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish |  3 +++
 root/etc/s6-overlay/s6-rc.d/svc-wireguard/run    | 11 -----------
 root/etc/s6-overlay/s6-rc.d/svc-wireguard/type   |  2 +-
 root/etc/s6-overlay/s6-rc.d/svc-wireguard/up     |  1 +
 5 files changed, 6 insertions(+), 12 deletions(-)
 create mode 100644 root/etc/s6-overlay/s6-rc.d/svc-wireguard/down
 create mode 100755 root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
 create mode 100644 root/etc/s6-overlay/s6-rc.d/svc-wireguard/up

diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/down b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/down
new file mode 100644
index 00000000..1bf02103
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/down
@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
new file mode 100755
index 00000000..3403cb90
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/finish
@@ -0,0 +1,3 @@
+#!/usr/bin/with-contenv bash
+
+wg-quick down wg0
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run
index 9ef15b46..8f4e38ae 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/run
@@ -1,14 +1,3 @@
 #!/usr/bin/with-contenv bash
 
-_term() {
-  echo "Caught SIGTERM signal!"
-  wg-quick down wg0
-}
-
-trap _term SIGTERM
-
 wg-quick up wg0
-
-sleep infinity &
-
-wait
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type
index 1780f9f4..3d92b15f 100644
--- a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/type
@@ -1 +1 @@
-longrun
\ No newline at end of file
+oneshot
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-wireguard/up b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/up
new file mode 100644
index 00000000..5689d7d7
--- /dev/null
+++ b/root/etc/s6-overlay/s6-rc.d/svc-wireguard/up
@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/svc-wireguard/run
\ No newline at end of file

From 727d2de608b2929a625fe1eed55e745f8dce6bab Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Sun, 9 Oct 2022 16:19:59 -0400
Subject: [PATCH 2/5] improve coredns health check, enable health plugin

---
 root/defaults/Corefile                      |  1 +
 root/etc/s6-overlay/s6-rc.d/svc-coredns/run | 11 ++++++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/root/defaults/Corefile b/root/defaults/Corefile
index c8e2152f..ded974e1 100644
--- a/root/defaults/Corefile
+++ b/root/defaults/Corefile
@@ -1,4 +1,5 @@
 . {
     loop
+    health
     forward . /etc/resolv.conf
 }
\ No newline at end of file
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
index 4206c532..9bd21778 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
@@ -3,9 +3,14 @@
 if netstat -apn | grep -q ":53 "; then
   echo "Another service is using port 53, disabling CoreDNS"
   sleep infinity
-else
+elif grep -q "health" /config/coredns/Corefile; then
+  exec \
+    s6-notifyoncheck -d -n 300 -w 1000 -c "redirfd -w 1 /dev/null curl -s http://localhost:8080/health" \
+      cd /config/coredns \
+      /app/coredns -dns.port=53
+else  
   exec \
     s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z -u 127.0.0.1 53" \
-        cd /config/coredns \
-        /app/coredns -dns.port=53
+      cd /config/coredns \
+      /app/coredns -dns.port=53
 fi

From e4f61af9e7848bc92906311af9c4daefe849d427 Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Sun, 9 Oct 2022 20:35:27 -0400
Subject: [PATCH 3/5] fix service health check, and properly disable coredns

---
 .../s6-rc.d/init-wireguard-confs/run          |  3 +--
 root/etc/s6-overlay/s6-rc.d/svc-coredns/run   | 26 +++++++++++--------
 2 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
index 214fcec0..5e770694 100755
--- a/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
+++ b/root/etc/s6-overlay/s6-rc.d/init-wireguard-confs/run
@@ -162,8 +162,7 @@ else
     echo "**** No client conf found. Provide your own client conf as \"/config/wg0.conf\" and restart the container. ****"
     sleep infinity
   fi
-  echo "**** Disabling CoreDNS ****"
-  rm -rf /etc/services.d/coredns
+  printf "false" > /run/s6/container_environment/USE_COREDNS
 fi
 
 # set up CoreDNS
diff --git a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
index 9bd21778..150f4241 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
@@ -1,16 +1,20 @@
 #!/usr/bin/with-contenv bash
 
 if netstat -apn | grep -q ":53 "; then
-  echo "Another service is using port 53, disabling CoreDNS"
-  sleep infinity
+    USE_COREDNS="false"
+fi
+
+if [[ ${USE_COREDNS} == "false" ]]; then
+    s6-notifyoncheck -d -n 300 -w 1000 -c "echo **** Disabling CoreDNS ****" \
+        sleep infinity
 elif grep -q "health" /config/coredns/Corefile; then
-  exec \
-    s6-notifyoncheck -d -n 300 -w 1000 -c "redirfd -w 1 /dev/null curl -s http://localhost:8080/health" \
-      cd /config/coredns \
-      /app/coredns -dns.port=53
-else  
-  exec \
-    s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z -u 127.0.0.1 53" \
-      cd /config/coredns \
-      /app/coredns -dns.port=53
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "redirfd -w 1 /dev/null curl -s http://localhost:8080/health" \
+            cd /config/coredns \
+            /usr/bin/coredns -dns.port=53
+else
+    exec \
+        s6-notifyoncheck -d -n 300 -w 1000 -c "nc -zu localhost 53" \
+            cd /config/coredns \
+            /usr/bin/coredns -dns.port=53
 fi

From 5f9a045cb34c4af414d11964f60d7cf74c1cc4f5 Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Mon, 10 Oct 2022 10:00:49 -0400
Subject: [PATCH 4/5] fix copy/pasta error

---
 root/etc/s6-overlay/s6-rc.d/svc-coredns/run | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
index 150f4241..d1276534 100755
--- a/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
+++ b/root/etc/s6-overlay/s6-rc.d/svc-coredns/run
@@ -11,10 +11,10 @@ elif grep -q "health" /config/coredns/Corefile; then
     exec \
         s6-notifyoncheck -d -n 300 -w 1000 -c "redirfd -w 1 /dev/null curl -s http://localhost:8080/health" \
             cd /config/coredns \
-            /usr/bin/coredns -dns.port=53
+            /app/coredns -dns.port=53
 else
     exec \
         s6-notifyoncheck -d -n 300 -w 1000 -c "nc -zu localhost 53" \
             cd /config/coredns \
-            /usr/bin/coredns -dns.port=53
+            /app/coredns -dns.port=53
 fi

From a42d5f643293bc77f0c890fa427dd4e378c0039d Mon Sep 17 00:00:00 2001
From: aptalca <aptalca@users.noreply.github.com>
Date: Wed, 12 Oct 2022 09:30:47 -0400
Subject: [PATCH 5/5] add changelog entry

---
 readme-vars.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/readme-vars.yml b/readme-vars.yml
index 2465fc1b..675913d7 100644
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -121,6 +121,7 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "12.10.22:", desc: "Optimize wg and coredns services." }
   - { date: "09.10.22:", desc: "Switch back to iptables-legacy due to issues on some hosts." }
   - { date: "04.10.22:", desc: "Rebase to Jammy. Upgrade to s6v3." }
   - { date: "16.05.22:", desc: "Improve NAT handling in server mode when multiple ethernet devices are present." }