package tui import ( "fmt" "os/exec" "os/user" "path/filepath" "strings" "time" ) const networkName = "app-dono_app" func RunContainer(image string, name string, port int) error { cmd := exec.Command( "docker", "run", "-d", "--name", name, "-p", fmt.Sprintf("%d:%d", port, port), image, ) return cmd.Run() } func PullImage(image string) (string, error) { cmd := exec.Command("docker", "pull", image) out, err := cmd.CombinedOutput() return string(out), err } func ImageExists(image string) bool { cmd := exec.Command("docker", "image", "inspect", image) err := cmd.Run() return err == nil } func PushFileToContainer(container, filePath, destinationPath string) bool { dest := fmt.Sprintf("%s:%s", container, destinationPath) cmd := exec.Command("docker", "cp", filePath, dest) err := cmd.Run() return err == nil } func EnsureNetwork(name string) error { cmd := exec.Command("docker", "network", "inspect", name) if err := cmd.Run(); err == nil { return nil } cmd = exec.Command("docker", "network", "create", name) out, err := cmd.CombinedOutput() if err != nil { return fmt.Errorf("erro ao criar network %s: %w\noutput", name, err, string(out)) } return nil } func RunWireguardDockerContainer(envFilePath string, cv ConfigValues) error { containerName := "vproxy" removeExistingContainer(containerName) if err := EnsureNetwork(networkName); err != nil { return err } absPath, err := filepath.Abs(envFilePath) if err != nil { return fmt.Errorf("erro ao resolver caminho absoluto: %w", err) } args := []string{ "run", "-it", "-d", "--name", containerName, "--network", networkName, "--restart", "unless-stopped", "--cap-add=NET_ADMIN", "--device", "/dev/net/tun:/dev/net/tun", "--log-opt", "max-size=5m", "--log-opt", "max-file=1", "--env-file", absPath, } if cv.Server["seccomp_unconfined"] == "Sim" { args = append(args, "--security-opt", "seccomp=unconfined") } args = append(args, wireguardImageName) cmd := exec.Command("docker", args...) out, err := cmd.CombinedOutput() if err != nil { return fmt.Errorf("docker run falhou: %w\noutput: %s", err, string(out)) } time.Sleep(2 * time.Second) containerID := strings.TrimSpace(string(out)) return verifyContainerRunning(containerID) } func RunAppClienteContainer(image, containerName, configPath, configDestinationPath string, cv ConfigValues) error { removeExistingContainer(containerName) if err := EnsureNetwork(networkName); err != nil { return err } absPath, err := filepath.Abs(configPath) if err != nil { return fmt.Errorf("erro ao resolver caminho absoluto: %w", err) } currentUser, err := user.Current() if err != nil { return err } uidGid := fmt.Sprintf("%s:%s", currentUser.Uid, currentUser.Gid) args := []string{ "run", "-d", "-u", uidGid, "-p", fmt.Sprintf("%s:8080", cv.Server["port"]), "--name", containerName, "--network", "app-dono_app", "--restart", "unless-stopped", "-v", fmt.Sprintf("%s:%s", absPath, configDestinationPath), "-v", fmt.Sprintf("%s:/app/certs", cv.Cert["cert_dir_path"]), } if cv.Server["seccomp_unconfined"] == "Sim" { args = append(args, "--security-opt", "seccomp=unconfined") } args = append(args, image) cmd := exec.Command("docker", args...) out, err := cmd.CombinedOutput() if err != nil { return fmt.Errorf("docker run falhou: %w\noutput: %s", err, string(out)) } time.Sleep(2 * time.Second) containerID := strings.TrimSpace(string(out)) return verifyContainerRunning(containerID) } func removeExistingContainer(name string) { exec.Command("docker", "stop", name).Run() exec.Command("docker", "rm", name).Run() } func verifyContainerRunning(containerID string) error { cmd := exec.Command("docker", "inspect", "--format", "{{.State.Status}}", containerID) out, err := cmd.Output() if err != nil { return fmt.Errorf("erro ao inspecionar container: %w", err) } status := strings.TrimSpace(string(out)) if status != "running" { logCmd := exec.Command("docker", "logs", "--tail", "20", containerID) logs, _ := logCmd.CombinedOutput() return fmt.Errorf("container parou com status %q.\nlogs:\n%s", status, string(logs)) } return nil }