Merge pull request #10823 from Security-Onion-Solutions/2.4/dockerips

2.4/dockerips
2025-12-06 09:12:45 +01:00 · 2023-07-25 08:39:49 -04:00
parent 71a83c1fe9 b20fad2839
commit c1190064ad
14 changed files with 34 additions and 99 deletions
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -254,15 +254,10 @@ collect_dns_domain() {
 collect_dockernet() {
 	if ! whiptail_dockernet_check; then
 		whiptail_dockernet_sosnet "172.17.1.0"
-		whiptail_dockernet_nososnet "172.17.0.0"

-		while ! valid_ip4 "$DOCKERNET"; do
+		while ! valid_ip4 "$DOCKERNET" || [[ $DOCKERNET =~ "172.17.0." ]]; do
 			whiptail_invalid_input
-			whiptail_dockernet_nonsosnet "$DOCKERNET"
-		done
-		while ! valid_ip4 "$DOCKERNET2"; do
-			whiptail_invalid_input
-			whiptail_dockernet_sosnet "$DOCKERNET2"
+			whiptail_dockernet_sosnet "$DOCKERNET"
 		done
 	fi
 }
@@ -1099,35 +1094,6 @@ disable_ipv6() {
 	} >> /etc/sysctl.conf
 }

-docker_registry() {
-
-	title "Setting up Docker Registry"
-	logCmd "mkdir -p /etc/docker"
-	# This will get applied so docker can attempt to start
-	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.0.0
-	fi
-	if [ -z "$DOCKERNET2" ]; then
-		DOCKERNET2=172.17.1.0
-	fi
-	# Make the host use the manager docker registry
-	DNETBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-	if [ -n "$TURBO" ]; then local proxy="$TURBO"; else local proxy="https://$MSRV"; fi
-	printf '%s\n'\
-		"{"\
-		"  \"registry-mirrors\": [ \"$proxy:5000\" ],"\
-		"  \"bip\": \"$DNETBIP\","\
-		"  \"default-address-pools\": ["\
-		"    {"\
-		"      \"base\" : \"$DOCKERNET/24\","\
-		"      \"size\" : 24"\
-		"    }"\
-		"  ]"\
-		"}" > /etc/docker/daemon.json
-	info "Docker Registry Setup - Complete"
-
-}
-
 docker_seed_update() {
 	local name=$1
 	local percent_delta=1
@@ -1490,16 +1456,6 @@ create_global() {
 		fi
 	fi

-	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.0.0
-		DOCKERNET2=172.17.1.0
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-		DOCKER2BIP=$(echo $DOCKERNET2 | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
-	else
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-		DOCKER2BIP=$(echo $DOCKERNET2 | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
-	fi
-
 	if [ -f "$global_pillar_file" ]; then
 		rm $global_pillar_file
 	fi
@@ -1560,12 +1516,15 @@ soctopus_pillar() {
 docker_pillar() {
 	title "Create the docker pillar file"
 	touch $adv_docker_pillar_file
-	printf '%s\n'\
-		"docker:"\
-		"  sorange: '$DOCKERNET2/24'"\
-		"  sobip: '$DOCKER2BIP'"\
-		"  range: '$DOCKERNET/24'"\
-		"  bip: '$DOCKERBIP'" > $docker_pillar_file
+	touch $docker_pillar_file
+
+	if [ ! -z "$DOCKERNET" ]; then
+		DOCKERGATEWAY=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
+		printf '%s\n'\
+			"docker:"\
+			"  range: '$DOCKERNET/24'"\
+			"  gateway: '$DOCKERGATEWAY'" > $docker_pillar_file
+	fi
 }

 redis_pillar() {