Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
mirrors
/
mailcow-dockerized
-ын хуулбар https://github.com/mailcow/mailcow-dockerized
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: af61c82077
Салаанууд Тагууд
mailcow-dockeri...
/
_modules
/
scripts
/
ipv6_controller.sh

ipv6_controller.sh 6.2 KB
Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 
  1. #!/usr/bin/env bash
    2. 

  2. # _modules/scripts/ipv6_controller.sh
    3. 

  3. # THIS SCRIPT IS DESIGNED TO BE RUNNING BY MAILCOW SCRIPTS ONLY!
    4. 

  4. # DO NOT, AGAIN, NOT TRY TO RUN THIS SCRIPT STANDALONE!!!!!!
    5. 

  5. 

  6. # 1) Check if the host supports IPv6
    7. 

  7. get_ipv6_support() {
    8. 

  8.   if grep -qs '^1' /proc/sys/net/ipv6/conf/all/disable_ipv6 2>/dev/null \
    9. 

  9.     || ! ip -6 route show default &>/dev/null; then
    10. 

  10.     DETECTED_IPV6=false
    11. 

  11.     echo -e "${YELLOW}IPv6 not detected on host – ${LIGHT_RED}disabling IPv6 support${YELLOW}.${NC}"
    12. 

  12.   else
    13. 

  13.     DETECTED_IPV6=true
    14. 

  14.     echo -e "IPv6 detected on host – ${LIGHT_GREEN}leaving IPv6 support enabled${YELLOW}.${NC}"
    15. 

  15.   fi
    16. 

  16. }
    17. 

  17. 

  18. # 2) Ensure Docker daemon.json has (or create) the required IPv6 settings
    19. 

  19. docker_daemon_edit(){
    20. 

  20.   DOCKER_DAEMON_CONFIG="/etc/docker/daemon.json"
    21. 

  21.   MISSING=()
    22. 

  22. 

  23.   _has_kv() { grep -Eq "\"$1\"\s*:\s*$2" "$DOCKER_DAEMON_CONFIG" 2>/dev/null; }
    24. 

  24. 

  25.   if [[ -f "$DOCKER_DAEMON_CONFIG" ]]; then
    26. 

  26. 

  27.     # reject empty or whitespace-only file immediately
    28. 

  28.     if [[ ! -s "$DOCKER_DAEMON_CONFIG" ]] || ! grep -Eq '[{}]' "$DOCKER_DAEMON_CONFIG"; then
    29. 

  29.       echo -e "${RED}ERROR: $DOCKER_DAEMON_CONFIG exists but is empty or contains no JSON braces – please initialize it with valid JSON (e.g. {}).${NC}"
    30. 

  30.       exit 1
    31. 

  31.     fi
    32. 

  32. 

  33.     # Validate JSON if jq is present
    34. 

  34.     if command -v jq &>/dev/null && ! jq empty "$DOCKER_DAEMON_CONFIG" &>/dev/null; then
    35. 

  35.       echo -e "${RED}ERROR: Invalid JSON in $DOCKER_DAEMON_CONFIG – please correct manually.${NC}"
    36. 

  36.       exit 1
    37. 

  37.     fi
    38. 

  38. 

  39.     # Gather missing keys
    40. 

  40.     ! _has_kv ipv6 true       && MISSING+=("ipv6: true")
    41. 

  41.     ! grep -Eq '"fixed-cidr-v6"\s*:\s*".+"' "$DOCKER_DAEMON_CONFIG" \
    42. 

  42.                               && MISSING+=('fixed-cidr-v6: "fd00:dead:beef:c0::/80"')
    43. 

  43.     if [[ -n "$docker_version" && "$docker_version" -ge 27 ]]; then
    44. 

  44.       _has_kv ipv6 true && ! _has_kv ip6tables true && MISSING+=("ip6tables: true")
    45. 

  45.       ! _has_kv experimental true                 && MISSING+=("experimental: true")
    46. 

  46.     fi
    47. 

  47. 

  48.     # Fix if needed
    49. 

  49.     if ((${#MISSING[@]}>0)); then
    50. 

  50.       echo -e "${MAGENTA}Your daemon.json is missing: ${YELLOW}${MISSING[*]}${NC}"
    51. 

  51.       if [[ -n "$FORCE" ]]; then
    52. 

  52.         ans=Y
    53. 

  53.       else
    54. 

  54.         read -p "Would you like to update $DOCKER_DAEMON_CONFIG now? [Y/n] " ans
    55. 

  55.         ans=${ans:-Y}
    56. 

  56.       fi
    57. 

  57. 

  58.       if [[ $ans =~ ^[Yy]$ ]]; then
    59. 

  59.         cp "$DOCKER_DAEMON_CONFIG" "${DOCKER_DAEMON_CONFIG}.bak"
    60. 

  60.         if command -v jq &>/dev/null; then
    61. 

  61.           TMP=$(mktemp)
    62. 

  62.           JQ_FILTER='.ipv6 = true | .["fixed-cidr-v6"] = "fd00:dead:beef:c0::/80"'
    63. 

  63.           [[ "$DOCKER_MAJOR" && "$DOCKER_MAJOR" -lt 27 ]] \
    64. 

  64.             && JQ_FILTER+=' | .ip6tables = true | .experimental = true'
    65. 

  65.           jq "$JQ_FILTER" "$DOCKER_DAEMON_CONFIG" >"$TMP" && mv "$TMP" "$DOCKER_DAEMON_CONFIG"
    66. 

  66.           echo -e "${LIGHT_GREEN}daemon.json updated. Restarting Docker...${NC}"
    67. 

  67.           (command -v systemctl &>/dev/null && systemctl restart docker) || service docker restart
    68. 

  68.           echo -e "${YELLOW}Docker restarted.${NC}"
    69. 

  69.         else
    70. 

  70.           echo -e "${RED}Please install jq or manually update daemon.json and restart Docker.${NC}"
    71. 

  71.           exit 1
    72. 

  72.         fi
    73. 

  73.       else
    74. 

  74.         echo -e "${YELLOW}User declined Docker update – please insert these changes manually:${NC}"
    75. 

  75.         echo "${MISSING[*]}"
    76. 

  76.         exit 1
    77. 

  77.       fi
    78. 

  78.     fi
    79. 

  79. 

  80.   else
    81. 

  81.     # Create new daemon.json if missing
    82. 

  82.     if [[ -n "$FORCE" ]]; then
    83. 

  83.       ans=Y
    84. 

  84.     else
    85. 

  85.       read -p "$DOCKER_DAEMON_CONFIG not found. Create it with IPv6 settings? [Y/n] " ans
    86. 

  86.       ans=${ans:-Y}
    87. 

  87.     fi
    88. 

  88. 

  89.     if [[ $ans =~ ^[Yy]$ ]]; then
    90. 

  90.       DOCKER_MAJOR=$(docker version --format '{{.Server.Version}}' 2>/dev/null | cut -d. -f1)
    91. 

  91.       if [[ -n "$DOCKER_MAJOR" && "$DOCKER_MAJOR" -lt 27 ]]; then
    92. 

  92.         cat > "$DOCKER_DAEMON_CONFIG" <<EOF
    93. 

  93. {
    94. 

  94.   "ipv6": true,
    95. 

  95.   "fixed-cidr-v6": "fd00:dead:beef:c0::/80",
    96. 

  96.   "ip6tables": true,
    97. 

  97.   "experimental": true
    98. 

  98. }
    99. 

  99. EOF
    100. 

  100.       else
    101. 

  101.         cat > "$DOCKER_DAEMON_CONFIG" <<EOF
    102. 

  102. {
    103. 

  103.   "ipv6": true,
    104. 

  104.   "fixed-cidr-v6": "fd00:dead:beef:c0::/80"
    105. 

  105. }
    106. 

  106. EOF
    107. 

  107.       fi
    108. 

  108.       echo "${GREEN}Created $DOCKER_DAEMON_CONFIG with IPv6 settings.${NC}"
    109. 

  109.       echo "Restarting Docker..."
    110. 

  110.       (command -v systemctl &>/dev/null && systemctl restart docker) || service docker restart
    111. 

  111.       echo "Docker restarted."
    112. 

  112.     else
    113. 

  113.       echo "User declined to create daemon.json – please manually merge the docker daemon with these configs:"
    114. 

  114.       echo "${MISSING[*]}"
    115. 

  115.       exit 1
    116. 

  116.     fi
    117. 

  117.   fi
    118. 

  118. }
    119. 

  119. 

  120. # 3) Main wrapper for generate_config.sh and update.sh
    121. 

  121. configure_ipv6() {
    122. 

  122.   # detect manual override if mailcow.conf is present
    123. 

  123.   if [[ -n "$MAILCOW_CONF" && -f "$MAILCOW_CONF" ]] && grep -q '^ENABLE_IPV6=' "$MAILCOW_CONF"; then
    124. 

  124.     MANUAL_SETTING=$(grep '^ENABLE_IPV6=' "$MAILCOW_CONF" | cut -d= -f2)
    125. 

  125.   elif [[ -z "$MAILCOW_CONF" ]] && [[ ! -z "${ENABLE_IPV6:-}" ]]; then
    126. 

  126.     MANUAL_SETTING="$ENABLE_IPV6"
    127. 

  127.   else
    128. 

  128.     MANUAL_SETTING=""
    129. 

  129.   fi
    130. 

  130. 

  131.   get_ipv6_support
    132. 

  132. 

  133.   # if user manually set it, check for mismatch
    134. 

  134.   if [[ -n "$MANUAL_SETTING" ]]; then
    135. 

  135.     if [[ "$MANUAL_SETTING" == "false" && "$DETECTED_IPV6" == "true" ]]; then
    136. 

  136.       echo -e "${RED}ERROR: You have ENABLE_IPV6=false but your host and Docker support IPv6.${NC}"
    137. 

  137.       echo -e "${RED}This can create an open relay. Please set ENABLE_IPV6=true in your mailcow.conf and re-run.${NC}"
    138. 

  138.       exit 1
    139. 

  139.     elif [[ "$MANUAL_SETTING" == "true" && "$DETECTED_IPV6" == "false" ]]; then
    140. 

  140.       echo -e "${RED}ERROR: You have ENABLE_IPV6=true but your host does not support IPv6.${NC}"
    141. 

  141.       echo -e "${RED}Please disable or fix your host/Docker IPv6 support, or set ENABLE_IPV6=false.${NC}"
    142. 

  142.       exit 1
    143. 

  143.     else
    144. 

  144.       echo "Manual ENABLE_IPV6=$MANUAL_SETTING detected and matches system status—no changes applied."
    145. 

  145.       return
    146. 

  146.     fi
    147. 

  147.   fi
    148. 

  148. 

  149.   # no manual override: proceed to set or export
    150. 

  150.   if [[ "$DETECTED_IPV6" == "true" ]]; then
    151. 

  151.     docker_daemon_edit
    152. 

  152.   else
    153. 

  153.     echo "Skipping Docker IPv6 configuration because host does not support IPv6."
    154. 

  154.   fi
    155. 

  155. 

  156.   # now write into mailcow.conf or export
    157. 

  157.   if [[ -n "$MAILCOW_CONF" && -f "$MAILCOW_CONF" ]]; then
    158. 

  158.     LINE="ENABLE_IPV6=$DETECTED_IPV6"
    159. 

  159.     if grep -q '^ENABLE_IPV6=' "$MAILCOW_CONF"; then
    160. 

  160.       sed -i "s/^ENABLE_IPV6=.*/$LINE/" "$MAILCOW_CONF"
    161. 

  161.     else
    162. 

  162.       echo "$LINE" >> "$MAILCOW_CONF"
    163. 

  163.     fi
    164. 

  164.   else
    165. 

  165.     export IPV6_BOOL="$DETECTED_IPV6"
    166. 

  166.   fi
    167. 

  167. 

  168.   echo "IPv6 configuration complete: ENABLE_IPV6=$DETECTED_IPV6"
    169. 

  169. }
    170.