rego-tunnel: default TSCLIENT to APP_DATA_DIR + auto-mount 9p

2025-12-29 00:57:47 +00:00
parent 0ab6bb934d
commit 6c790f84aa
4 changed files with 57 additions and 7 deletions
--- a/apps/rego-tunnel/build/start-vm.sh
+++ b/apps/rego-tunnel/build/start-vm.sh
@@ -28,6 +28,56 @@ TAP_NAME="${TAP_NAME:-tap0}"
 # Optional: provide a dedicated 9p export for host app-data (bind-mounted into the container at /shared/app-data)
 TSCLIENT_PATH="/hostshare"
 TSCLIENT_TAG="${TSCLIENT_TAG:-TSCLIENT}"
 SHARED_TAG="${SHARED_TAG:-shared}"
 # Ensure the VM auto-mounts the 9p shares without manual steps.
 # This edits the QCOW2 from the outside (idempotent) before QEMU boots.
 AUTO_MOUNT_9P="${AUTO_MOUNT_9P:-1}"
 if [ "$AUTO_MOUNT_9P" = "1" ]; then
 	QCOW2_PATH="/vm/linux-vm.qcow2"
 	NBD_DEV="${NBD_DEV:-/dev/nbd0}"
 	VMROOT_MNT="/mnt/vmroot"
 	if [ -e "$QCOW2_PATH" ] && [ -e "$NBD_DEV" ]; then
 		echo "[rego-tunnel] Ensuring guest fstab mounts 9p tags ($SHARED_TAG, $TSCLIENT_TAG)"
 		modprobe nbd max_part=16 >/dev/null 2>&1 || true
 		qemu-nbd --disconnect "$NBD_DEV" >/dev/null 2>&1 || true
 		qemu-nbd --connect "$NBD_DEV" "$QCOW2_PATH"
 		sleep 1
 		mkdir -p "$VMROOT_MNT"
 		ROOT_PART=""
 		for part in "${NBD_DEV}"p*; do
 			[ -e "$part" ] || continue
 			# Try mount and detect a Linux root by presence of /etc/fstab and /etc/os-release
 			if mount "$part" "$VMROOT_MNT" >/dev/null 2>&1; then
 				if [ -f "$VMROOT_MNT/etc/fstab" ] && [ -f "$VMROOT_MNT/etc/os-release" ]; then
 					ROOT_PART="$part"
 					break
 				fi
 				umount "$VMROOT_MNT" >/dev/null 2>&1 || true
 			fi
 		done
 		if [ -n "$ROOT_PART" ]; then
 			# already mounted from loop above
 			mkdir -p "$VMROOT_MNT/shared" "$VMROOT_MNT/mnt/TSCLIENT"
 			FSTAB="$VMROOT_MNT/etc/fstab"
 			# Add entries only if missing
 			grep -qE "^[[:space:]]*${SHARED_TAG}[[:space:]]+" "$FSTAB" || echo "${SHARED_TAG} /shared 9p trans=virtio,version=9p2000.L,msize=262144,_netdev,nofail,x-systemd.automount 0 0" >> "$FSTAB"
 			grep -qE "^[[:space:]]*${TSCLIENT_TAG}[[:space:]]+" "$FSTAB" || echo "${TSCLIENT_TAG} /mnt/TSCLIENT 9p trans=virtio,version=9p2000.L,msize=262144,_netdev,nofail,x-systemd.automount 0 0" >> "$FSTAB"
 			umount "$VMROOT_MNT" >/dev/null 2>&1 || true
 		else
 			echo "[rego-tunnel] WARN: could not locate guest root partition; skipping auto-mount setup"
 		fi
 		qemu-nbd --disconnect "$NBD_DEV" >/dev/null 2>&1 || true
 	else
 		echo "[rego-tunnel] WARN: missing $QCOW2_PATH or $NBD_DEV; skipping auto-mount setup"
 	fi
 fi
 exec qemu-system-x86_64 \
 	-enable-kvm \
@@ -36,7 +86,7 @@ exec qemu-system-x86_64 \
 	-smp ${VM_CPUS:-4} \
 	-hda /vm/linux-vm.qcow2 \
 	-fsdev local,id=fsdev0,path=/shared,security_model=none,multidevs=remap \
-	-device virtio-9p-pci,fsdev=fsdev0,mount_tag=shared \
+	-device virtio-9p-pci,fsdev=fsdev0,mount_tag="$SHARED_TAG" \
 	-fsdev local,id=fsdev1,path="$TSCLIENT_PATH",security_model=none,multidevs=remap \
 	-device virtio-9p-pci,fsdev=fsdev1,mount_tag="$TSCLIENT_TAG" \
 	-netdev tap,id=net0,ifname="$TAP_NAME",script=no,downscript=no \
--- a/apps/rego-tunnel/config.json
+++ b/apps/rego-tunnel/config.json
@@ -116,10 +116,10 @@
      "type": "text",
      "label": "Host share directory",
      "hint": "Directory on the host to share with the VM (exported to the VM as 9p tag TSCLIENT)",
-      "placeholder": "/etc/runtipi/app-data",
+      "placeholder": "${APP_DATA_DIR}",
      "required": false,
      "env_variable": "TSCLIENT",
-      "default": "/etc/runtipi/app-data"
+      "default": "${APP_DATA_DIR}"
    }
  ],
  "supported_architectures": ["amd64"]
--- a/apps/rego-tunnel/docker-compose.json
+++ b/apps/rego-tunnel/docker-compose.json
@@ -51,7 +51,7 @@
        },
        {
          "key": "TSCLIENT",
-          "value": "${TSCLIENT:-/etc/runtipi/app-data}"
+          "value": "${TSCLIENT:-${APP_DATA_DIR}}"
        }
      ],
      "internalPort": 8006,
@@ -71,7 +71,7 @@
          "private": false
        },
        {
-          "hostPath": "${TSCLIENT:-/etc/runtipi/app-data}",
+          "hostPath": "${TSCLIENT:-${APP_DATA_DIR}}",
          "containerPath": "/hostshare",
          "readOnly": false,
          "shared": false,
--- a/apps/rego-tunnel/docker-compose.yml
+++ b/apps/rego-tunnel/docker-compose.yml
@@ -24,11 +24,11 @@ services:
      - VM_MAC=${VM_MAC:-52:54:00:12:34:56}
      - DNS_SERVERS=${DNS_SERVERS:-1.1.1.1,8.8.8.8}
      - LEASE_TIME=${LEASE_TIME:-12h}
-      - TSCLIENT=${TSCLIENT:-/etc/runtipi/app-data}
+      - TSCLIENT=${TSCLIENT:-${APP_DATA_DIR}}
    volumes:
      - /etc/runtipi/user-config/runtipi/rego-tunnel/storage/linux-vm.qcow2:/vm/linux-vm.qcow2
      - /etc/runtipi/user-config/runtipi/rego-tunnel/shared:/shared
-      - ${TSCLIENT:-/etc/runtipi/app-data}:/hostshare
+      - ${TSCLIENT:-${APP_DATA_DIR}}:/hostshare
    networks:
      - tipi_main_network
    sysctls: