Code cleanup for server mounts; mount more timezone data; closes pterodactyl/panel#2073
This commit is contained in:
parent
9d350d845f
commit
a9c81f37b2
|
@ -716,49 +716,25 @@ func (d *DockerEnvironment) Create() error {
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
mounts := []mount.Mount{
|
mounts, err := d.getContainerMounts()
|
||||||
{
|
if err != nil {
|
||||||
Target: "/home/container",
|
return errors.WithMessage(err, "could not build container mount points slice")
|
||||||
Source: d.Server.Filesystem.Path(),
|
|
||||||
Type: mount.TypeBind,
|
|
||||||
ReadOnly: false,
|
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var mounted bool
|
customMounts, err := d.getCustomMounts()
|
||||||
for _, m := range d.Server.Config().Mounts {
|
if err != nil {
|
||||||
mounted = false
|
return errors.WithMessage(err, "could not build custom container mount points slice")
|
||||||
source := filepath.Clean(m.Source)
|
}
|
||||||
target := filepath.Clean(m.Target)
|
|
||||||
|
|
||||||
for _, allowed := range config.Get().AllowedMounts {
|
if len(customMounts) > 0 {
|
||||||
if !strings.HasPrefix(source, allowed) {
|
mounts = append(mounts, customMounts...)
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
mounts = append(mounts, mount.Mount{
|
for _, m := range customMounts {
|
||||||
Type: mount.TypeBind,
|
d.Server.Log().WithFields(log.Fields{
|
||||||
|
"source_path": m.Source,
|
||||||
Source: source,
|
"target_path": m.Target,
|
||||||
Target: target,
|
"read_only": m.ReadOnly,
|
||||||
ReadOnly: m.ReadOnly,
|
}).Debug("attaching custom server mount point to container")
|
||||||
})
|
|
||||||
|
|
||||||
mounted = true
|
|
||||||
break
|
|
||||||
}
|
|
||||||
|
|
||||||
logger := log.WithFields(log.Fields{
|
|
||||||
"server": d.Server.Id(),
|
|
||||||
"source_path": source,
|
|
||||||
"target_path": target,
|
|
||||||
"read_only": m.ReadOnly,
|
|
||||||
})
|
|
||||||
|
|
||||||
if mounted {
|
|
||||||
logger.Debug("attaching mount to server's container")
|
|
||||||
} else {
|
|
||||||
logger.Warn("skipping mount because it isn't allowed")
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -809,6 +785,90 @@ func (d *DockerEnvironment) Create() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Returns the default container mounts for the server instance. This includes the data directory
|
||||||
|
// for the server as well as any timezone related files if they exist on the host system so that
|
||||||
|
// servers running within the container will use the correct time.
|
||||||
|
func (d *DockerEnvironment) getContainerMounts() ([]mount.Mount, error) {
|
||||||
|
var m []mount.Mount
|
||||||
|
|
||||||
|
m = append(m, mount.Mount{
|
||||||
|
Target: "/home/container",
|
||||||
|
Source: d.Server.Filesystem.Path(),
|
||||||
|
Type: mount.TypeBind,
|
||||||
|
ReadOnly: false,
|
||||||
|
})
|
||||||
|
|
||||||
|
// Try to mount in /etc/localtime and /etc/timezone if they exist on the host system.
|
||||||
|
if _, err := os.Stat("/etc/localtime"); err != nil {
|
||||||
|
if !os.IsNotExist(err) {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
m = append(m, mount.Mount{
|
||||||
|
Target: "/etc/localtime",
|
||||||
|
Source: "/etc/localtime",
|
||||||
|
Type: mount.TypeBind,
|
||||||
|
ReadOnly: true,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
if _, err := os.Stat("/etc/timezone"); err != nil {
|
||||||
|
if !os.IsNotExist(err) {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
m = append(m, mount.Mount{
|
||||||
|
Target: "/etc/timezone",
|
||||||
|
Source: "/etc/timezone",
|
||||||
|
Type: mount.TypeBind,
|
||||||
|
ReadOnly: true,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
return m, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Returns the custom mounts for a given server after verifying that they are within a list of
|
||||||
|
// allowed mount points for the node.
|
||||||
|
func (d *DockerEnvironment) getCustomMounts() ([]mount.Mount, error) {
|
||||||
|
var mounts []mount.Mount
|
||||||
|
|
||||||
|
// TODO: probably need to handle things trying to mount directories that do not exist.
|
||||||
|
for _, m := range d.Server.Config().Mounts {
|
||||||
|
source := filepath.Clean(m.Source)
|
||||||
|
target := filepath.Clean(m.Target)
|
||||||
|
|
||||||
|
logger := d.Server.Log().WithFields(log.Fields{
|
||||||
|
"source_path": source,
|
||||||
|
"target_path": target,
|
||||||
|
"read_only": m.ReadOnly,
|
||||||
|
})
|
||||||
|
|
||||||
|
mounted := false
|
||||||
|
for _, allowed := range config.Get().AllowedMounts {
|
||||||
|
if !strings.HasPrefix(source, allowed) {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
mounted = true
|
||||||
|
mounts = append(mounts, mount.Mount{
|
||||||
|
Source: source,
|
||||||
|
Target: target,
|
||||||
|
Type: mount.TypeBind,
|
||||||
|
ReadOnly: m.ReadOnly,
|
||||||
|
})
|
||||||
|
|
||||||
|
break
|
||||||
|
}
|
||||||
|
|
||||||
|
if !mounted {
|
||||||
|
logger.Warn("skipping custom server mount, not in list of allowed mount points")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return mounts, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Sends the specified command to the stdin of the running container instance. There is no
|
// Sends the specified command to the stdin of the running container instance. There is no
|
||||||
// confirmation that this data is sent successfully, only that it gets pushed into the stdin.
|
// confirmation that this data is sent successfully, only that it gets pushed into the stdin.
|
||||||
func (d *DockerEnvironment) SendCommand(c string) error {
|
func (d *DockerEnvironment) SendCommand(c string) error {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user