feat(pterodactyl_wings): add ipv6 support (opt-in) (#24)

maxhoesel-ansible · Jan 21, 2022 · bfbccb1 · bfbccb1
1 parent dec5bc4
commit bfbccb1
Show file tree

Hide file tree

Showing 6 changed files with 99 additions and 0 deletions.
diff --git a/roles/pterodactyl_wings/README.md b/roles/pterodactyl_wings/README.md
@@ -8,6 +8,7 @@ This role follows the official installation instructions on the pterodactyl [doc
 
 - The following distributions are currently supported:
   - Ubuntu 18.04 LTS or newer
+  - Newer debian distros should work too
   - There are no plans to support CentOS/RHEL-based distros right now
 - This role requires root access. Make sure to run this role with `become: yes` or equivalent
 - Docker is required to run Wings. If docker is not present, this role will install it automatically
@@ -40,6 +41,24 @@ This role follows the official installation instructions on the pterodactyl [doc
 - If this value is changed later, the role will automatically switch the installed Docker version. Note that this may cause downtime
 - Default: `stable`
 
+##### `pterodactyl_wings_docker_ipv6`
+- Whether to enable IPv6 support in docker using [docker-ipv6NAT](https://github.com/robbertkl/docker-ipv6nat#usage).
+  This allows you to connect to your containers using IPv6, as long as you have a correct allocation in pterodactyl
+  (0.0.0.0 works for me). See [this comment](https://github.com/pterodactyl/panel/issues/1778#issuecomment-619457907) for more details.
+- **WARNING**: Enabling IPv6 support using this approach requires a reboot - the role will perform this automatically.
+  **This may cause some downtime on the first run**.
+- Due to the "hacky" nature of this approach, it is disabled by default
+- Default: `false`
+
+##### `pterodactyl_wings_docker_ipv6_cidr`
+- CIDR range to use for the internal IPv6 ULA addresses
+- Has no effect if `pterodactyl_wings_docker_ipv6` is disabled
+- Default: `"fd00::/80"`
+
+##### `pterodactyl_wings_docker_ipv6nat_version`
+- Use the specified ipv6nat container tag
+- Default: `latest`
+
 ### Wings Configuration
 
 The `pterodactyl_wings_config` is a dictionary representing the configuration file of the wings daemon. This configuration

diff --git a/roles/pterodactyl_wings/defaults/main.yml b/roles/pterodactyl_wings/defaults/main.yml
@@ -27,3 +27,6 @@ pterodactyl_wings_config:
 
 pterodactyl_wings_docker_install: true
 pterodactyl_wings_docker_source: stable
+pterodactyl_wings_docker_ipv6: false
+pterodactyl_wings_docker_ipv6_cidr: "fd00::/80"
+pterodactyl_wings_docker_ipv6nat_version: "latest"
diff --git a/roles/pterodactyl_wings/handlers/main.yml b/roles/pterodactyl_wings/handlers/main.yml
@@ -4,3 +4,11 @@
   systemd:
     name: wings.service
     state: restarted
+
+- name: reload docker
+  systemd:
+    name: docker.service
+    state: reloaded
+
+- name: restart host
+  reboot:
diff --git a/roles/pterodactyl_wings/tasks/docker.yml b/roles/pterodactyl_wings/tasks/docker.yml
@@ -1,6 +1,10 @@
 - name: Install docker from {{ pterodactyl_wings_docker_source }}
   include_tasks: "docker_{{ pterodactyl_wings_docker_source }}.yml"
 
+- name: Enable IPv6 suppport
+  include_tasks: docker_ipv6.yml
+  when: pterodactyl_wings_docker_ipv6
+
 - name: Docker is enabled and running
   systemd:
     name: docker

diff --git a/roles/pterodactyl_wings/tasks/docker_ipv6.yml b/roles/pterodactyl_wings/tasks/docker_ipv6.yml
@@ -0,0 +1,52 @@
+- name: Look for existing daemon.json
+  stat:
+    path: /etc/docker/daemon.json
+  register: _pterodactyl_wings_docker_daemon_config_file
+
+- name: Get existing daemon.json
+  command: cat /etc/docker/daemon.json
+  register: _pterodactyl_wings_docker_daemon_config
+  when: _pterodactyl_wings_docker_daemon_config_file.stat.exists
+
+- name: Apply required configuration options
+  set_fact:
+    _pterodactyl_wings_docker_daemon_config: "{{ current_config | combine(ipv6_config) }}"
+  vars:
+    current_config: "{{ _pterodactyl_wings_docker_daemon_config is skipped | ternary({}, (_pterodactyl_wings_docker_daemon_config.stdout)|d('{}')|from_json) }}"
+    ipv6_config:
+      userland-proxy: false
+      ipv6: true
+      fixed-cidr-v6: "{{ pterodactyl_wings_docker_ipv6_cidr }}"
+
+- name: Docker config directory exists
+  file:
+    path: /etc/docker
+    state: directory
+    owner: root
+    group: root
+    mode: "644"
+
+- name: daemon.json is present
+  copy:
+    content: "{{ _pterodactyl_wings_docker_daemon_config | to_nice_json }}"
+    dest: /etc/docker/daemon.json
+    owner: root
+    group: root
+    mode: "644"
+  notify: reload docker
+
+- name: ipv6NAT container unit file is present
+  template:
+    src: docker-ipv6nat.service.j2
+    dest: /etc/systemd/system/docker-ipv6nat.service
+    owner: root
+    group: root
+    mode: "644"
+
+- name: ipv6NAT unit is enabled and started
+  systemd:
+    name: docker-ipv6nat.service
+    state: started
+    enabled: yes
+    daemon_reload: yes
+  notify: restart host
diff --git a/roles/pterodactyl_wings/templates/docker-ipv6nat.service.j2 b/roles/pterodactyl_wings/templates/docker-ipv6nat.service.j2
@@ -0,0 +1,13 @@
+[Unit]
+Description=IPv6 NAT for Docker containers
+After=docker.service
+Requires=docker.service
+PartOf=docker.service
+
+[Service]
+User=root
+ExecStart=/usr/bin/docker run --rm --name ipv6nat --privileged --network host -v /var/run/docker.sock:/var/run/docker.sock:ro -v /lib/modules:/lib/modules:ro robbertkl/ipv6nat:{{ pterodactyl_wings_docker_ipv6nat_version}}
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target