nessi/NexaVPN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: switch gateway container to host network mode and replace host.docker.internal with 127.0.0.1

Browse Source 
Change gateway service from bridge networking to host network mode to enable direct access to host network interfaces. Replace host.docker.internal references with 127.0.0.1 in gateway URLs and backend host configuration. Remove port mapping, extra_hosts, and explicit network attachments since host mode provides direct network access.
This commit is contained in:
Sascha Nesterovic
2026-03-18 08:28:33 +01:00
parent aeb0b8f8b4
commit 4b16e0d4fc
2 changed files with 7 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
deploy/docker-compose.yml
View File

@@ -71,6 +71,7 @@ services:
dockerfile: gateway/Dockerfile
depends_on:
- backend
network_mode: host
sysctls:
net.ipv4.ip_forward: "1"
cap_add:
@@ -78,17 +79,13 @@ services:
- SYS_MODULE
devices:
- /dev/net/tun:/dev/net/tun
extra_hosts:
- "host.docker.internal:host-gateway"
ports:
- "${GATEWAY_UDP_PORT:-51900}:${GATEWAY_UDP_PORT:-51900}/udp"
environment:
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway}
NEXAVPN_GATEWAY_LISTEN_PORT: ${GATEWAY_UDP_PORT:-51900}
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://host.docker.internal:8080/api/v1/gateway-agent}
NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://host.docker.internal:8080/api/v1/gateway-agent/bootstrap}
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://127.0.0.1:8080/api/v1/gateway-agent}
NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://127.0.0.1:8080/api/v1/gateway-agent/bootstrap}
DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:${GATEWAY_UDP_PORT:-51900}}
DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24}
NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-}
@@ -96,13 +93,10 @@ services:
NEXAVPN_GATEWAY_INTERFACE: ${NEXAVPN_GATEWAY_INTERFACE:-wg0}
NEXAVPN_UPLINK_INTERFACE: ${NEXAVPN_UPLINK_INTERFACE:-eth0}
NEXAVPN_ENABLE_MASQUERADE: ${NEXAVPN_ENABLE_MASQUERADE:-true}
NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-host.docker.internal}
NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-127.0.0.1}
volumes:
- ./scripts/gateway-entrypoint.sh:/scripts/gateway-entrypoint.sh:ro
- gateway-state:/var/lib/nexavpn
networks:
- gateway
- control
volumes:
postgres-data:
@@ -110,4 +104,3 @@ volumes:
networks:
control:
gateway: