github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
19916590462cd28bb49c829783fc39d45c0fa5bf
firezone/rust/docker-init.sh
Jamil fa57d66965 Publish Releases (#2344) 
- rebuild and publish gateway and relay binaries to currently drafted
release
- re-tag current relay/gateway images and push to ghcr.io

Stacked on #2341 to prevent conflicts

Fixes #2223 
Fixes #2205 
Fixes #2202
Fixes #2239 

~~Still TODO: `arm64` images and binaries...~~ Edit: added via
`cross-rs`
2023-10-20 14:20:43 -07:00

29 lines
1.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
if [ "${ENABLE_MASQUERADE}" = "1" ]; then
IFACE="tun-firezone"
# TODO: Can we get away with not installing iptables? Nearly 20 MB.
iptables-nft -A FORWARD -i $IFACE -j ACCEPT
iptables-nft -A FORWARD -o $IFACE -j ACCEPT
iptables-nft -t nat -A POSTROUTING -o eth+ -j MASQUERADE
ip6tables-nft -A FORWARD -i $IFACE -j ACCEPT
ip6tables-nft -A FORWARD -o $IFACE -j ACCEPT
ip6tables-nft -t nat -A POSTROUTING -o eth+ -j MASQUERADE
fi
if [ "${LISTEN_ADDRESS_DISCOVERY_METHOD}" = "gce_metadata" ]; then
echo "Using GCE metadata to discover listen address"
if [ "${PUBLIC_IP4_ADDR:-}" == "" ]; then
export PUBLIC_IP4_ADDR=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip" -H "Metadata-Flavor: Google" -s)
echo "Discovered PUBLIC_IP4_ADDR: ${PUBLIC_IP4_ADDR}"
fi
if [ "${PUBLIC_IP6_ADDR:-}" == "" ]; then
export PUBLIC_IP6_ADDR=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ipv6s" -H "Metadata-Flavor: Google" -s)
echo "Discovered PUBLIC_IP6_ADDR: ${PUBLIC_IP6_ADDR}"
fi
fi
exec $@
Reference in New Issue View Git Blame Copy Permalink