Closed ameir closed 3 months ago
Thanks for this PR, but local IP cannot be hardcoded in entrypoint.sh
as one may change it cause of different needs they might have.
Could you please change it, so it reads ipv4-network
from ocserv.conf
and put it in a variable, and then use it?
Thanks for this PR, but local IP cannot be hardcoded in
entrypoint.sh
as one may change it cause of different needs they might have.Could you please change it, so it reads
ipv4-network
fromocserv.conf
and put it in a variable, and then use it?
This subnet is already hardcoded in two other places, so it doesn't seem very configurable as it stands. I can update it as you suggest, though; no problem.
$ fgrep -nr '192.168.99'
./Dockerfile:59: && sed -i '/^ipv4-network = /{s/192.168.1.0/192.168.99.0/}' /etc/ocserv/ocserv.conf \
./routes.txt:2:route = 192.168.99.0/255.255.255.0
@aminvakil I've updated the PR to allow the network/netmask to be configurable (via env var). Please let me know if you have any questions/feedback.
@aminvakil I need to make a change actually; please hold on merging if you could, please. Thank you!
Sure.
I should have put the envsubst in the entrypoint so that users can supply the network params via env var at runtime and not need to rebuild the image. I just pushed the commit to make that happen. Thank you!
Thank you for doing this!
When running in some environments, e.g. Kubernetes, the iptables command can cause the CNI to have issues. In my case, both calico-typha and calico-node began to fail health checks once the original iptables command was executed. Adding the ocserv network to the command allowed it to work as expected.