feat: switch gateway container to host network mode and replace host.docker.internal with 127.0.0.1
Change gateway service from bridge networking to host network mode to enable direct access to host network interfaces. Replace host.docker.internal references with 127.0.0.1 in gateway URLs and backend host configuration. Remove port mapping, extra_hosts, and explicit network attachments since host mode provides direct network access.
This commit is contained in:
@@ -16,11 +16,11 @@ DEFAULT_GATEWAY_PUBLIC_KEY=replace-me
|
|||||||
GATEWAY_BOOTSTRAP_TOKEN=nexavpn-gateway-bootstrap
|
GATEWAY_BOOTSTRAP_TOKEN=nexavpn-gateway-bootstrap
|
||||||
NEXAVPN_GATEWAY_ID=
|
NEXAVPN_GATEWAY_ID=
|
||||||
NEXAVPN_GATEWAY_NAME=primary-gateway
|
NEXAVPN_GATEWAY_NAME=primary-gateway
|
||||||
NEXAVPN_GATEWAY_SYNC_URL=http://host.docker.internal:8080/api/v1/gateway-agent
|
NEXAVPN_GATEWAY_SYNC_URL=http://127.0.0.1:8080/api/v1/gateway-agent
|
||||||
NEXAVPN_GATEWAY_BOOTSTRAP_URL=http://host.docker.internal:8080/api/v1/gateway-agent/bootstrap
|
NEXAVPN_GATEWAY_BOOTSTRAP_URL=http://127.0.0.1:8080/api/v1/gateway-agent/bootstrap
|
||||||
NEXAVPN_API_TOKEN=
|
NEXAVPN_API_TOKEN=
|
||||||
NEXAVPN_GATEWAY_PRIVATE_KEY=
|
NEXAVPN_GATEWAY_PRIVATE_KEY=
|
||||||
NEXAVPN_GATEWAY_INTERFACE=wg0
|
NEXAVPN_GATEWAY_INTERFACE=wg0
|
||||||
NEXAVPN_UPLINK_INTERFACE=eth0
|
NEXAVPN_UPLINK_INTERFACE=eth0
|
||||||
NEXAVPN_ENABLE_MASQUERADE=true
|
NEXAVPN_ENABLE_MASQUERADE=true
|
||||||
NEXAVPN_BACKEND_HOST=host.docker.internal
|
NEXAVPN_BACKEND_HOST=127.0.0.1
|
||||||
|
|||||||
@@ -71,6 +71,7 @@ services:
|
|||||||
dockerfile: gateway/Dockerfile
|
dockerfile: gateway/Dockerfile
|
||||||
depends_on:
|
depends_on:
|
||||||
- backend
|
- backend
|
||||||
|
network_mode: host
|
||||||
sysctls:
|
sysctls:
|
||||||
net.ipv4.ip_forward: "1"
|
net.ipv4.ip_forward: "1"
|
||||||
cap_add:
|
cap_add:
|
||||||
@@ -78,17 +79,13 @@ services:
|
|||||||
- SYS_MODULE
|
- SYS_MODULE
|
||||||
devices:
|
devices:
|
||||||
- /dev/net/tun:/dev/net/tun
|
- /dev/net/tun:/dev/net/tun
|
||||||
extra_hosts:
|
|
||||||
- "host.docker.internal:host-gateway"
|
|
||||||
ports:
|
|
||||||
- "${GATEWAY_UDP_PORT:-51900}:${GATEWAY_UDP_PORT:-51900}/udp"
|
|
||||||
environment:
|
environment:
|
||||||
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
|
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
|
||||||
NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
|
NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
|
||||||
NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway}
|
NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway}
|
||||||
NEXAVPN_GATEWAY_LISTEN_PORT: ${GATEWAY_UDP_PORT:-51900}
|
NEXAVPN_GATEWAY_LISTEN_PORT: ${GATEWAY_UDP_PORT:-51900}
|
||||||
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://host.docker.internal:8080/api/v1/gateway-agent}
|
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://127.0.0.1:8080/api/v1/gateway-agent}
|
||||||
NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://host.docker.internal:8080/api/v1/gateway-agent/bootstrap}
|
NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://127.0.0.1:8080/api/v1/gateway-agent/bootstrap}
|
||||||
DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:${GATEWAY_UDP_PORT:-51900}}
|
DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:${GATEWAY_UDP_PORT:-51900}}
|
||||||
DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24}
|
DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24}
|
||||||
NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-}
|
NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-}
|
||||||
@@ -96,13 +93,10 @@ services:
|
|||||||
NEXAVPN_GATEWAY_INTERFACE: ${NEXAVPN_GATEWAY_INTERFACE:-wg0}
|
NEXAVPN_GATEWAY_INTERFACE: ${NEXAVPN_GATEWAY_INTERFACE:-wg0}
|
||||||
NEXAVPN_UPLINK_INTERFACE: ${NEXAVPN_UPLINK_INTERFACE:-eth0}
|
NEXAVPN_UPLINK_INTERFACE: ${NEXAVPN_UPLINK_INTERFACE:-eth0}
|
||||||
NEXAVPN_ENABLE_MASQUERADE: ${NEXAVPN_ENABLE_MASQUERADE:-true}
|
NEXAVPN_ENABLE_MASQUERADE: ${NEXAVPN_ENABLE_MASQUERADE:-true}
|
||||||
NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-host.docker.internal}
|
NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-127.0.0.1}
|
||||||
volumes:
|
volumes:
|
||||||
- ./scripts/gateway-entrypoint.sh:/scripts/gateway-entrypoint.sh:ro
|
- ./scripts/gateway-entrypoint.sh:/scripts/gateway-entrypoint.sh:ro
|
||||||
- gateway-state:/var/lib/nexavpn
|
- gateway-state:/var/lib/nexavpn
|
||||||
networks:
|
|
||||||
- gateway
|
|
||||||
- control
|
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
postgres-data:
|
postgres-data:
|
||||||
@@ -110,4 +104,3 @@ volumes:
|
|||||||
|
|
||||||
networks:
|
networks:
|
||||||
control:
|
control:
|
||||||
gateway:
|
|
||||||
|
|||||||
Reference in New Issue
Block a user