From 6131bcaba929d0ef9a361a04fe8452a82349c168 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D1=82=D0=BE=D0=BD?= Date: Sat, 7 Feb 2026 14:07:47 +0300 Subject: [PATCH] fix dev tun and sysctl ip_forward error --- APP_PROFILER/entrypoint.sh | 15 ++++++--------- docker-compose.yml | 3 +++ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/APP_PROFILER/entrypoint.sh b/APP_PROFILER/entrypoint.sh index 48b4b54..1473004 100644 --- a/APP_PROFILER/entrypoint.sh +++ b/APP_PROFILER/entrypoint.sh @@ -7,23 +7,20 @@ if [ ! -c /dev/net/tun ]; then chmod 600 /dev/net/tun fi -# Enable IP forwarding -sysctl -w net.ipv4.ip_forward=1 || true - +# Enable IP forwarding (moved to docker-compose.yml sysctls) +# sysctl -w net.ipv4.ip_forward=1 || true # NAT MASQUERADE iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # MSS Clamping (Path MTU Tuning) -# Works for both directions in one rule on the FORWARD chain iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu - -# Start OpenRC (needed for rc-service if we use it, but better to start openvpn directly or via rc) -# Since we are in Alpine, we can try to start the service if configured, -# but Container 4 main.py might expect rc-service to work. -openrc default +# Minimal OpenRC initialization to allow rc-service to work in Alpine +mkdir -p /run/openrc +touch /run/openrc/softlevel # Start the APP_PROFILER API + # We use 0.0.0.0 to be reachable from other containers python main.py diff --git a/docker-compose.yml b/docker-compose.yml index 7521895..8d6fe2a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,10 @@ services: container_name: ovp-profiler cap_add: - NET_ADMIN + sysctls: + - net.ipv4.ip_forward=1 devices: + - "/dev/net/tun:/dev/net/tun" ports: - "8000:8000"