Caddy with Docker: sending WoL needs enhancements

[diewellenlaenge]

I'm using Caddy in a Docker container which is not using host networking mode. This results in the WoL packet being eaten by some network layer (I am no expert in this).

I found this article to build a workaround: https://www.devwithimagination.com/2020/06/15/homebridge-docker-and-wake-on-lan/

Sadly this plugin is unable to use this workaround as the source and broadcast in the WoL packet can't be set using the Caddyfile but are rather calculated on the fly.

Can you add this option to the Caddyfile?

[dulli]

Thanks for the suggestion (and directly linking the guide you are working with)!

I just pushed a change that adds a config option for the broadcast address, just specify it after the target's mac address. This should include the port, so e.g. "192.168.0.255:9". Unfortunately, I won't be able to set up the docker containers to test this until later this week, could you check if this works without explicitly defining the source already (which I think it should) and let me know? :smile:

[diewellenlaenge]

Thanks for the quick addition! Sadly, it can't work when the source address can't be set. I tried it and the packet won't go through :-/

[dulli]

That's weird, I got around to test everything now and got it to work without needing to specify the source address. I also tested this with a real MAC address afterwards and the device woke up correctly.

For your reference, I also added the dockertest.sh script and the caddyfile and dockerfile I used to test this to this repo. I hope this helps and will close this issue now, but please let me know if you got it to work and feel free to re-open it if necessary!

[diewellenlaenge]

Thank you, the reference scripts helped in me understanding it better. It works now! Thank you very much for helping on this.

[phlourishdev]

I had issues with WOL with docker as well. Found this thread and would just like to add something: WOL with docker only works when using the hosts networking [1] (network_mode: host in compose and --network host). This solved my issue.

This removes the network isolation of the container, of course. In general, malicious containers could take advantage of this. Also: Using the hosts networking should only be done with an active firewall to not have additional security risks that could be introduced due to exposing every port of the container to the internet.

1: https://stackoverflow.com/questions/33101603/send-a-wake-on-lan-packet-from-a-docker-container

[dulli]

Thanks for the additional context, @yohzu, and I agree that setting the network_mode to host is by far the easiest way to solve this problem.

But it is actually possible to use WOL with Docker without reverting to host networking - in fact, this is what this issue was all about as it makes it possible to specify a broadcasting address on another subnet. To double check this, I just took the time to convert my self-hosting setup to use a single docker network as its backend, using the same techniques as the ones linked above. You can have a look at the docker-compose file I am using now for caddy, which contains all the information you need on setting this up. All the other stacks (e.g. this one) join the network provided by the caddy stack.

Maybe I should add this to the project's read me 😄