alexz
27c46542e8
Some checks failed
Test / test (push) Has been cancelled
- Add shared/host-routing.sh with nft for NAT masquerade - Add shared/install-host-services.sh to set up systemd watcher - Add shared/uninstall-host-services.sh for cleanup - Add /runtime volume mount for trigger file - Update entrypoint.sh to trigger host routing when VPN connects Run install-host-services.sh on host after app install. Requires image rebuild for entrypoint changes. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
25 lines
645 B
JSON
Executable File
25 lines
645 B
JSON
Executable File
{
|
|
"services": [
|
|
{
|
|
"name": "cistech-tunnel",
|
|
"image": "cistech-vpn:latest",
|
|
"isMain": true,
|
|
"internalPort": 6902,
|
|
"privileged": true,
|
|
"capAdd": ["NET_ADMIN"],
|
|
"devices": ["/dev/net/tun:/dev/net/tun"],
|
|
"environment": {
|
|
"OC_URL": "${OC_URL}",
|
|
"OC_SERVERCERT": "${OC_SERVERCERT}",
|
|
"OC_USER": "${OC_USER}",
|
|
"VNC_PASSWORD": "${VNC_PASSWORD}",
|
|
"NOVNC_PORT": "6902"
|
|
},
|
|
"volumes": [
|
|
{ "hostPath": "${APP_DATA_DIR}/data", "containerPath": "/root" },
|
|
{ "hostPath": "${APP_DATA_DIR}", "containerPath": "/runtime" }
|
|
]
|
|
}
|
|
]
|
|
}
|