Dockerize, and switch back to main boringtun repo

2025-09-07 11:38:30 -04:00 · 2021-10-15 20:05:18 -04:00 · 2021-10-15 20:05:18 -04:00 · b4317dad1a
commit b4317dad1a
parent 006a1b0b4e
6 changed files with 51 additions and 4 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,5 @@
+/.git/
+/target
+/.idea
+.envrc
+/Dockerfile
--- a/Cargo.lock
+++ b/Cargo.lock
@ -85,7 +85,7 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 [[package]]
 name = "boringtun"
 version = "0.3.0"
-source = "git+https://github.com/aramperes/boringtun.git?branch=onetun#d93c5db55172ef6133b21301fbf07ec315e00e03"
+source = "git+https://github.com/cloudflare/boringtun?branch=master#fbcf2689e7776a5af805c5a38feb5c8988829980"
 dependencies = [
 "base64",
 "clap",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -6,7 +6,7 @@ edition = "2018"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

 [dependencies]
-boringtun = { git = "https://github.com/aramperes/boringtun.git", branch = "onetun" }
+boringtun = { git = "https://github.com/cloudflare/boringtun", branch = "master" }
 clap = { version = "2.33", default-features = false, features = ["suggestions"] }
 log = "0.4"
 pretty_env_logger = "0.3"
--- a/25
+++ b/25
@ -0,0 +1,25 @@
+FROM rust:1.55 as cargo-build
+RUN apt-get update
+
+WORKDIR /usr/src/onetun
+COPY Cargo.toml Cargo.toml
+
+# Placeholder to download dependencies and cache them using layering
+RUN mkdir src/
+RUN echo "fn main() {println!(\"if you see this, the build broke\")}" > src/main.rs
+RUN cargo build --release
+RUN rm -f target/x86_64-unknown-linux-musl/release/deps/myapp*
+
+# Build the actual project
+COPY . .
+RUN cargo build --release
+
+FROM debian:11-slim
+
+COPY --from=cargo-build /usr/src/onetun/target/release/onetun /usr/local/bin/onetun
+
+# Run as non-root
+RUN chown 1000 /usr/local/bin/onetun
+USER 1000
+
+ENTRYPOINT ["/usr/local/bin/onetun"]
--- a/src/config.rs
+++ b/src/config.rs
@ -14,6 +14,7 @@ pub struct Config {
    pub(crate) endpoint_addr: SocketAddr,
    pub(crate) source_peer_ip: IpAddr,
    pub(crate) keepalive_seconds: Option<u16>,
+    pub(crate) log: String,
 }

 impl Config {
@ -61,7 +62,14 @@ impl Config {
                    .takes_value(true)
                    .long("keep-alive")
                    .env("ONETUN_KEEP_ALIVE")
-                    .help("Configures a persistent keep-alive for the WireGuard tunnel, in seconds.")
+                    .help("Configures a persistent keep-alive for the WireGuard tunnel, in seconds."),
+                Arg::with_name("log")
+                    .required(false)
+                    .takes_value(true)
+                    .long("log")
+                    .env("ONETUN_LOG")
+                    .default_value("info")
+                    .help("Configures the log level and format.")
            ]).get_matches();

        Ok(Self {
@ -83,6 +91,7 @@ impl Config {
                .with_context(|| "Invalid source peer IP")?,
            keepalive_seconds: parse_keep_alive(matches.value_of("keep-alive"))
                .with_context(|| "Invalid keep-alive value")?,
+            log: matches.value_of("log").unwrap_or_default().into(),
        })
    }
 }
--- a/src/main.rs
+++ b/src/main.rs
@ -26,8 +26,8 @@ pub const MAX_PACKET: usize = 65536;

 #[tokio::main]
 async fn main() -> anyhow::Result<()> {
-    pretty_env_logger::try_init_timed_custom_env("ONETUN_LOG").unwrap();
    let config = Config::from_args().with_context(|| "Failed to read config")?;
+    init_logger(&config)?;
    let port_pool = Arc::new(PortPool::new());

    let wg = WireGuardTunnel::new(&config, port_pool.clone())
@ -379,3 +379,11 @@ async fn virtual_tcp_interface(
    abort.store(true, Ordering::Relaxed);
    Ok(())
 }
+
+fn init_logger(config: &Config) -> anyhow::Result<()> {
+    let mut builder = pretty_env_logger::formatted_builder();
+    builder.parse_filters(&config.log);
+    builder
+        .try_init()
+        .with_context(|| "Failed to initialize logger")
+}