6 changed files with 25 additions and 106 deletions
--- a/ipnat/build/Dockerfile
+++ b/ipnat/build/Dockerfile
@ -1,33 +0,0 @@
 FROM debian:bullseye
 USER root
 # Install all packages
 ENV DEBIAN_FRONTEND noninteractive
 RUN apt-get update --yes && \
 	apt-get upgrade --yes && \
 	apt-get install --yes --no-install-recommends \
 	bash \
 	#tini \
 	locales \
 	iptables \
 	&& \
 	# Clean up and generate locales
 	apt-get clean && rm -rf /var/lib/apt/lists/* && \
 	echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \
 	locale-gen
 # Requires cap-add NET_ADMIN NET_RAW
 EXPOSE 33
 EXPOSE 993
 EXPOSE 587
 COPY start.sh /start.sh
 COPY iptables.sh /iptables.sh
 #ENTRYPOINT ["tini", "-g", "--"]
 ENTRYPOINT ["bash"]
 CMD ["start.sh"]
--- a/ipnat/build/iptables.sh
+++ b/ipnat/build/iptables.sh
@ -1,28 +0,0 @@
 nat () {
    # All traffic to $THIS_PORT on this container
    # will be redirected to $THAT_PORT on $THAT_IP
    $THAT_IP=$1
    THIS_PORT=$2
    THAT_PORT=$3
    # Accept forward incoming traffic
    iptables -I FORWARD -d $FWD_IP -m tcp -p tcp --dport $THAT_PORT -j ACCEPT
    # Accept forward return traffic
    iptables -I FORWARD -s $FWD_IP -m tcp -p tcp --sport $THAT_PORT -j ACCEPT
    # Redirect packets to remote
    iptables -t nat -I PREROUTING -m tcp -p tcp --dport $THIS_PORT -j DNAT --to-destination $THAT_IP:$THAT_PORT
 }
 NAT_IP=10.143.0.20
 nat $NAT_IP 33 10013
 nat $NAT_IP 993 10015
 nat $NAT_IP 587 10016
 # Include this line ONCE, at the end.
 iptables -t nat -I POSTROUTING -d $FWD_IP -j MASQUERADE
--- a/ipnat/build/start.sh
+++ b/ipnat/build/start.sh
@ -1,11 +0,0 @@
 #!/bin/bash
 touch /var/log/iptables.log
 bash /iptables.sh
 iptables -A INPUT -j LOG --log-prefix "[I]iptables: "
 iptables -A OUTPUT -j LOG --log-prefix "[O]iptables: "
 iptables -A FORWARD -j LOG --log-prefix "[F]iptables: "
 tail -f /var/log/iptables.log
--- a/ipnat/docker-compose.yml
+++ b/ipnat/docker-compose.yml
@ -1,14 +0,0 @@
 version: "2"
 services:
  ipnat:
    build: ./build
    container_name: ipnat
    restart: unless-stopped
    ports:
      - "10010:10010"
    cap_add:
     - NET_ADMIN
     - NET_RAW
--- a/syncthing/build/Dockerfile
+++ b/syncthing/build/Dockerfile
@ -8,33 +8,19 @@ LABEL maintiner="Mark <mark@betalupi.com>"
 # The package will create its own syncthing user if one does not exist.
 # We need to do it manually, to control uid and gid.
-ARG ST_GID="1000"
+RUN groupadd -g 1000 syncthing && \
-ARG ST_UID="1000"
+	useradd -g 1000 -u 1000 syncthing -d /stdata && \
 RUN groupadd -g ${ST_GID} syncthing && \
 	useradd -g ${ST_GID} -u ${ST_UID} syncthing -d /stdata && \
 	pacman -Fyy --noconfirm && \
 	pacman -Syu --noconfirm && \
 	pacman -S --noconfirm syncthing syncthing-relaysrv
-RUN mkdir /stdata && \
+VOLUME /syncthing
 	mkdir /stconfig && \
 	mkdir /stconfig/config && \
 	chown -R syncthing:syncthing /stdata && \
 	chmod -R 774 /stdata && \
 	chown -R syncthing:syncthing /stconfig && \
 	chmod -R 774 /stconfig
 VOLUME /stdata
 VOLUME /stconfig
 # Syncthing
 EXPOSE 8384
 # Relay
 EXPOSE 22067
-
+COPY start.sh /start.sh
 USER ${ST_UID}
 WORKDIR "/stdata"
 ENTRYPOINT ["/bin/bash", "start.sh"]
--- a/syncthing/build/start.sh
+++ b/syncthing/build/start.sh
@ -1,5 +1,22 @@
 #!/bin/bash
 # Files go here
 mkdir /stdata
 # Configs go here
 mkdir /stconfig
 mkdir /stconfig/config
 chown -R syncthing:syncthing /stdata
 chmod -R 774 /stdata
 chown -R syncthing:syncthing /stconfig
 chmod -R 774 /stconfig
 su - syncthing -c '
 cd /stconfig
 syncthing-relaysrv \
 	-pools="" \
 	-keys="/stconfig" \
@ -7,11 +24,13 @@ syncthing-relaysrv \
 	-ping-interval="30s" \
 	-protocol="tcp4" \
 	-provided-by="Betalupi" \
-	-status-srv="" &
+	-status-srv=""' &
 su - syncthing -c '
 syncthing \
 	-gui-address=0.0.0.0:8384 \
 	-home="/stconfig/config" \
 	--no-browser
 '