davinTI/tuio
11
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
009c4bc8d133cb4209590c5991aeae1e5172fe59
tuio/internal/tui/docker.go
T
tkinaba 009c4bc8d1 fix: adicionar opção de segurança para compatibilidade 
deu pau pra rodar no vdm
2026-05-29 14:51:44 -03:00

170 lines
4.1 KiB
Go
Raw Blame History

package tui
import (
"fmt"
"os/exec"
"os/user"
"path/filepath"
"strings"
"time"
)
const networkName = "app-dono_app"
func RunContainer(image string, name string, port int) error {
cmd := exec.Command(
"docker", "run",
"-d",
"--name", name,
"-p", fmt.Sprintf("%d:%d", port, port),
image,
)
return cmd.Run()
}
func PullImage(image string) (string, error) {
cmd := exec.Command("docker", "pull", image)
out, err := cmd.CombinedOutput()
return string(out), err
}
func ImageExists(image string) bool {
cmd := exec.Command("docker", "image", "inspect", image)
err := cmd.Run()
return err == nil
}
func PushFileToContainer(container, filePath, destinationPath string) bool {
dest := fmt.Sprintf("%s:%s", container, destinationPath)
cmd := exec.Command("docker", "cp", filePath, dest)
err := cmd.Run()
return err == nil
}
func EnsureNetwork(name string) error {
cmd := exec.Command("docker", "network", "inspect", name)
if err := cmd.Run(); err == nil {
return nil
}
cmd = exec.Command("docker", "network", "create", name)
out, err := cmd.CombinedOutput()
if err != nil {
return fmt.Errorf("erro ao criar network %s: %w\noutput", name, err, string(out))
}
return nil
}
func RunWireguardDockerContainer(envFilePath string, cv ConfigValues) error {
containerName := "vproxy"
removeExistingContainer(containerName)
if err := EnsureNetwork(networkName); err != nil {
return err
}
absPath, err := filepath.Abs(envFilePath)
if err != nil {
return fmt.Errorf("erro ao resolver caminho absoluto: %w", err)
}
args := []string{
"run", "-it", "-d",
"--name", containerName,
"--network", networkName,
"--restart", "unless-stopped",
"--cap-add=NET_ADMIN",
"--device", "/dev/net/tun:/dev/net/tun",
"--log-opt", "max-size=5m",
"--log-opt", "max-file=1",
"--env-file", absPath,
}
if cv.Server["seccomp_unconfined"] == "Sim" {
args = append(args, "--security-opt", "seccomp=unconfined")
}
args = append(args, wireguardImageName)
cmd := exec.Command("docker", args...)
out, err := cmd.CombinedOutput()
if err != nil {
return fmt.Errorf("docker run falhou: %w\noutput: %s", err, string(out))
}
time.Sleep(2 * time.Second)
containerID := strings.TrimSpace(string(out))
return verifyContainerRunning(containerID)
}
func RunAppClienteContainer(image, containerName, configPath, configDestinationPath string, cv ConfigValues) error {
removeExistingContainer(containerName)
if err := EnsureNetwork(networkName); err != nil {
return err
}
absPath, err := filepath.Abs(configPath)
if err != nil {
return fmt.Errorf("erro ao resolver caminho absoluto: %w", err)
}
currentUser, err := user.Current()
if err != nil {
return err
}
uidGid := fmt.Sprintf("%s:%s", currentUser.Uid, currentUser.Gid)
args := []string{
"run", "-d",
"-u", uidGid,
"-p", fmt.Sprintf("%s:8080", cv.Server["port"]),
"--name", containerName,
"--network", "app-dono_app",
"--restart", "unless-stopped",
"-v", fmt.Sprintf("%s:%s", absPath, configDestinationPath),
"-v", fmt.Sprintf("%s:/app/certs", cv.Cert["cert_dir_path"]),
}
if cv.Server["seccomp_unconfined"] == "Sim" {
args = append(args, "--security-opt", "seccomp=unconfined")
}
args = append(args, image)
cmd := exec.Command("docker", args...)
out, err := cmd.CombinedOutput()
if err != nil {
return fmt.Errorf("docker run falhou: %w\noutput: %s", err, string(out))
}
time.Sleep(2 * time.Second)
containerID := strings.TrimSpace(string(out))
return verifyContainerRunning(containerID)
}
func removeExistingContainer(name string) {
exec.Command("docker", "stop", name).Run()
exec.Command("docker", "rm", name).Run()
}
func verifyContainerRunning(containerID string) error {
cmd := exec.Command("docker", "inspect", "--format", "{{.State.Status}}", containerID)
out, err := cmd.Output()
if err != nil {
return fmt.Errorf("erro ao inspecionar container: %w", err)
}
status := strings.TrimSpace(string(out))
if status != "running" {
logCmd := exec.Command("docker", "logs", "--tail", "20", containerID)
logs, _ := logCmd.CombinedOutput()
return fmt.Errorf("container parou com status %q.\nlogs:\n%s", status, string(logs))
}
return nil
}
Reference in New Issue View Git Blame Copy Permalink