我在云中拥有带有 docker 容器的虚拟机。 它有 2 个容器:wireguard 和 redmine。 我在 redmine 中有 LDAP 授权。 LDAP服务器位于私有LAN(NAT后面),并且我通过wireguard到该LAN有VPN。 我需要在Redmine容器中添加路由,以便Redmine可以通过Wireguard容器访问私有LAN。 现在我在容器启动后手工制作它我写
docker-compose exec redmine ip route add 192.168.42.0/23 via 172.20.0.50您能给我建议吗,如何将其实施到我的管道中?
附注redmine-container 已经在 Dockerfile 中具有入口点和 cmd 指令。
version: '3.9'
services:
wireguard:
image: linuxserver/wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
volumes:
- ./wireguard-config:/config
- /lib/modules:/lib/modules
networks:
default:
ipv4_address: 172.20.0.50
sysctls:
- net.ipv4.conf.all.src_valid_mark=1 # for clients mode
restart: unless-stopped
postgres:
image: postgres:14.2-alpine
volumes:
- postgres-data:/var/lib/postgresql/data
environment:
- 'POSTGRES_PASSWORD=MySUperSecret'
- 'POSTGRES_DB=redmine'
redmine:
image: redmine:5.0.1-alpine
cap_add:
- NET_ADMIN
volumes:
- redmine-files:/usr/src/redmine/files
- ./redmine-plugins:/usr/src/redmine/plugins
- ./configuration.yml:/usr/src/redmine/config/configuration.yml
ports:
- 80:3000
depends_on:
- postgres
environment:
- 'REDMINE_DB_POSTGRES=postgres'
- 'REDMINE_DB_DATABASE=redmine'
- 'REDMINE_DB_PASSWORD=MySUperSecret'
- 'REDMINE_PLUGINS_MIGRATE=true'
restart: unless-stopped
networks:
default:
ipam:
config:
- subnet: 172.20.0.0/24
volumes:
postgres-data:
redmine-files:
我解决了我的问题:
services:
wireguard:
image: linuxserver/wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
ports:
- 3000:3000
environment:
- TZ=Europe/Moscow
volumes:
- ./wireguard-config:/config
- /lib/modules:/lib/modules
sysctls:
- net.ipv4.conf.all.src_valid_mark=1 # for clients mode
restart: unless-stopped
postgres:
image: postgres:14.2-alpine
volumes:
- postgres-data:/var/lib/postgresql/data
environment:
- 'POSTGRES_PASSWORD=MySUperSecret'
- 'POSTGRES_DB=redmine'
redmine:
image: redmine:5.0.2-alpine
network_mode: service:wireguard
volumes:
- redmine-files:/usr/src/redmine/files
- ./redmine-plugins:/usr/src/redmine/plugins
- ./configuration.yml:/usr/src/redmine/config/configuration.yml
# ports:
# - 80:3000
depends_on:
- postgres
environment:
- 'REDMINE_DB_POSTGRES=postgres'
- 'REDMINE_DB_DATABASE=redmine'
- 'REDMINE_DB_PASSWORD=MySUperSecret'
- 'REDMINE_PLUGINS_MIGRATE=true'
restart: unless-stopped
volumes:
postgres-data:
redmine-files:
差异:
--- /tmp/a 2023-11-14 05:26:19.107003164 +0200
+++ /tmp/b 2023-11-14 05:26:48.177031304 +0200
@@ -1,17 +1,16 @@
-version: '3.9'
-
services:
wireguard:
image: linuxserver/wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
+ ports:
+ - 3000:3000
+ environment:
+ - TZ=Europe/Moscow
volumes:
- ./wireguard-config:/config
- /lib/modules:/lib/modules
- networks:
- default:
- ipv4_address: 172.20.0.50
sysctls:
- net.ipv4.conf.all.src_valid_mark=1 # for clients mode
restart: unless-stopped
@@ -25,15 +24,14 @@
- 'POSTGRES_DB=redmine'
redmine:
- image: redmine:5.0.1-alpine
- cap_add:
- - NET_ADMIN
+ image: redmine:5.0.2-alpine
+ network_mode: service:wireguard
volumes:
- redmine-files:/usr/src/redmine/files
- ./redmine-plugins:/usr/src/redmine/plugins
- ./configuration.yml:/usr/src/redmine/config/configuration.yml
- ports:
- - 80:3000
+ # ports:
+ # - 80:3000
depends_on:
- postgres
environment:
@@ -43,12 +41,6 @@
- 'REDMINE_PLUGINS_MIGRATE=true'
restart: unless-stopped
-networks:
- default:
- ipam:
- config:
- - subnet: 172.20.0.0/24
-
volumes:
postgres-data:
redmine-files: