Merge pull request #332 from JohannLange/master

.github/workflows/podman-udmp.yml

@@ -1,4 +1,4 @@
-name: UDMP Podman
+name: UDM-Pro Podman
 
 on:
   workflow_dispatch:
@@ -16,8 +16,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+    - name: Docker Setup QEMU
+      uses: docker/setup-qemu-action@v1.2.0
     - name: Build the Docker image
-      run: docker build --file podman-update/build/Dockerfile --tag boostchicken:udmp-podman podman-update/build/
+      run: docker build --file podman-update/build/Dockerfile --build-arg UDM_PLATFORM=UDM-Pro --tag boostchicken:udmp-podman podman-update/build/
     - name: Docker Extract
       id: extract
       uses: boostchicken-dev/actions-docker-extract@v2
@@ -31,4 +33,4 @@ jobs:
       with:
         path: ${{ steps.extract.outputs.destination }}
         name: podman-install.zip
- 
+

.github/workflows/podman-udmse.yml

@@ -1,4 +1,4 @@
-name: UDMPSE Podman
+name: UDM-SE Podman
 
 on:
   workflow_dispatch:
@@ -17,8 +17,10 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
+    - name: Docker Setup QEMU
+      uses: docker/setup-qemu-action@v1.2.0
     - name: Build the Docker image
-      run: docker build --file podman-update/build/Dockerfile.Se --tag boostchicken:udm-podman podman-update/build/
+      run: docker build --file podman-update/build/Dockerfile --build-arg UDM_PLATFORM=UDM-Pro --tag boostchicken:udm-podman podman-update/build/
     - name: Docker Extract
       id: extract
       uses: boostchicken-dev/actions-docker-extract@v2

CONTRIBUTING.md

@@ -1 +1,3 @@
-All pull requests on any content are welcome!  Anything you find useful.  I will review all PRs, just please include what your changes does and why you did it.
+All pull requests on any content are welcome!
+Anything you find useful.
+I will review all PRs, just please include what your changes does and why you did it.

README.md

@@ -1,20 +1,23 @@
 # udm-utilities [![Discord](https://img.shields.io:/discord/939817841107034172?label=Discord&logo=Discord&style=for-the-badge "Discord")](https://discord.gg/8zqrQJFghg)
 
-[![UDMP Podman](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmp.yml/badge.svg)](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmp.yml) [![UDMPSE Podman](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmse.yml/badge.svg?branch=master)](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmse.yml)
+[![UDM-Pro Podman](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmp.yml/badge.svg)](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmp.yml)
+[![UDM-SE Podman](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmse.yml/badge.svg?branch=master)](https://github.com/boostchicken/udm-utilities/actions/workflows/podman-udmse.yml)
 
 A collection of things to enhance the capabilities of your Unifi Dream Machine or Dream Machine Pro.
 
 ## Contributing
 
-Pull Requests welcome! If you use this functionality to do new cool stuff to your UDM/P please send a PR and share it with the community!
+Pull Requests welcome!
+If you use this functionality to do new cool stuff to your UDM/P please send a PR and share it with the community!
 
 ## Custom Kernel
 
-If you want to do a custom kernel with wireguard support, multicast, multipath routing that is now a possiblity.  Please see the repo and please use at your own risk. This a much larger change than anything in this repo.
+If you want to do a custom kernel with wireguard support, multicast, multipath routing that is now a possiblity.
+Please see the repo and please use at your own risk. This a much larger change than anything in this repo.
 
 [udm-kernel-tools](https://github.com/fabianishere/udm-kernel-tools)
 
-## Custom Podman Builds for UDMP-SE
+## Custom Podman Builds for UDM-SE
 
 <https://github.com/boostchicken/udm-utilities/actions>
 
@@ -25,17 +28,22 @@ Look at the assets on the Podman workflow.
 
 ### on-boot-script
 
-Do this first. Enables `init.d` style scripts to run on every boot of your UDM. Includes examples to run `wpa-supplicant/eap-proxy` and/or `ntop-ng` on startup. Follow this [readme](https://github.com/boostchicken/udm-utilities/blob/master/on-boot-script/README.md).
+Do this first. Enables `init.d` style scripts to run on every boot of your UDM.
+Includes examples to run `wpa-supplicant/eap-proxy` and/or `ntop-ng` on startup.
+Follow this [readme](https://github.com/boostchicken/udm-utilities/blob/master/on-boot-script/README.md).
 
 **It enables complete customization of your UDM/P and fills the gap that config.gateway.json left behind.**
 
 ### podman-update
 
-Updates Podman, conmon, and runc to a recent version.  This allows docker-compose usage as well.
+Updates Podman, conmon, and runc to a recent version.
+This allows docker-compose usage as well.
 
 ### container-common
 
-Apply this after on-boot-script. Updates container defaults to maintain **stable disk usage footprint** of custom containers. **Prevents logs filling up UDM storage full**.
+Apply this after on-boot-script.
+Updates container defaults to maintain **stable disk usage footprint** of custom containers.
+**Prevents logs filling up UDM storage full**.
 
 ### python
 
@@ -51,7 +59,9 @@ Script to presist ssh keys after reboot
 
 ### wireguard-go
 
-Run a Wireguard client/server on your UDM/P.  Utilizes wireguard-go, not linux kernel modules.  The performance will take a hit due to that.
+Run a Wireguard client/server on your UDM/P.
+Utilizes wireguard-go, not linux kernel modules.
+The performance will take a hit due to that.
 
 ### WireGuard kernel module for UDM/P
 
@@ -69,22 +79,31 @@ OpenConnect VPN Client for the UniFi Dream Machine Pro (Unofficial).
 
 <https://github.com/peacey/split-vpn>
 
-A split tunnel VPN script for the UDM with policy based routing. This helper script can be used on your UDM to route select VLANs, clients, or even domains through a VPN connection. It supports OpenVPN, WireGuard, and OpenConnect (Cisco AnyConnect) clients running directly on your UDM, and external VPN clients running on other servers on your network.
+A split tunnel VPN script for the UDM with policy based routing.
+This helper script can be used on your UDM to route select VLANs, clients, or even domains through a VPN connection.
+It supports OpenVPN, WireGuard, and OpenConnect (Cisco AnyConnect) clients running directly on your UDM, and external VPN clients running on other servers on your network.
 
 ## DNS Providers
 
-Install a DNS server that functions as a network-wide ad and tracker blocker, and which can also securely proxy encrypted DNS requests to an upstream DNS provider. Begin by following the instructions to setup [on-boot-script](https://github.com/boostchicken/udm-utilities/tree/master/on-boot-script) and [dns-common](https://github.com/boostchicken/udm-utilities/tree/master/dns-common/on_boot.d). Then, follow the guides below to setup either Pi-Hole, NextDNS, or AdGuard Home.
+Install a DNS server that functions as a network-wide ad and tracker blocker, and which can also securely proxy encrypted DNS requests to an upstream DNS provider.
+Begin by following the instructions to setup [on-boot-script](https://github.com/boostchicken/udm-utilities/tree/master/on-boot-script) and [dns-common](https://github.com/boostchicken/udm-utilities/tree/master/dns-common/on_boot.d).
+Then, follow the guides below to setup either Pi-Hole, NextDNS, or AdGuard Home.
 
 ### dns-common
 
-Base configuration for DNS server containers, both IPv4 and IPv6.  Utilizes MacVLAN CNI plugins to completely isolate the network stack.
+Base configuration for DNS server containers, both IPv4 and IPv6.
+Utilizes MacVLAN CNI plugins to completely isolate the network stack.
 
-### run-pihole [![!Docker Pulls](https://img.shields.io/docker/pulls/boostchicken/pihole.svg?color=green&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/u/boostchicken)
+### run-pihole
 
-PiHole w/ DoH Image 
-Run Pi-hole on your UDM with podman. Also contains custom image for Pi-hole with `cloudflared`.
+[![!Docker Pulls](https://img.shields.io/docker/pulls/boostchicken/pihole.svg?color=green&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/u/boostchicken)
 
-### PiHole with DoTe  [![!Docker Pulls](https://img.shields.io/docker/pulls/boostchicken/pihole-dote.svg?color=green&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/u/boostchicken)
+PiHole w/ DoH Image.
+Run Pi-hole on your UDM with podman.
+Also contains custom image for Pi-hole with `cloudflared`.
+
+### PiHole with DoTe
+[![!Docker Pulls](https://img.shields.io/docker/pulls/boostchicken/pihole-dote.svg?color=green&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=pulls&logo=docker)](https://hub.docker.com/u/boostchicken)
 
 Desigened by: <https://github.com/chrisstaite/DoTe/>
 
@@ -104,13 +123,15 @@ Update your cloudflare domains from your UDM with podman.
 
 <https://hub.docker.com/r/scyto/multicast-relay>
 
-This is a docker container that implements <https://github.com/alsmith/multicast-relay> to provide mDNS and SSDP on a unifi dream machine. It will likely work on any multi homed host.
+This is a docker container that implements <https://github.com/alsmith/multicast-relay> to provide mDNS and SSDP on a unifi dream machine.
+It will likely work on any multi homed host.
 
 ### ntopng
 
 <https://github.com/tusc/ntopng-udm>
 
-Much better network stats for your UDM/P!  Install this docker container and create an on_boot script to make sure it's always running.
+Much better network stats for your UDM/P!
+Install this docker container and create an on_boot script to make sure it's always running.
 
 ### LetsEncrypt SSL Certs
 
@@ -120,19 +141,24 @@ Provision and renew LetsEncrypt SSL certs from your UDM/P.
 
 <https://github.com/alxwolf/ubios-cert>
 
-Similar to `udm-le`, adding different providers for SSL/TLS certificates (LE, ZeroSSL, BuyPass) and DNS API (all-inkl.com) currently not supported by [LEGO]<https://go-acme.github.io/lego/dns/>.
+Similar to `udm-le`, adding different providers for SSL/TLS certificates (LE, ZeroSSL, BuyPass) and DNS API (all-inkl.com) currently not supported by [LEGO](https://go-acme.github.io/lego/dns/).
 
 ### Unifi API Browser
 
 <https://hub.docker.com/r/scyto/unifibrowser>
 
-This is a docker container that implements <https://github.com/Art-of-WiFi/UniFi-API-browser> to provide a graphical tool to inspect the data structures available via the unifi API.  Great if you are using the REST API for your own purposes and want to explore. Works with multiple controller versions.
+This is a docker container that implements <https://github.com/Art-of-WiFi/UniFi-API-browser> to provide a graphical tool to inspect the data structures available via the unifi API.
+Great if you are using the REST API for your own purposes and want to explore.
+Works with multiple controller versions.
 
 ### Unifi UDM-Pro auto fan speed
 
 <https://github.com/renedis/ubnt-auto-fan-speed>
 
-A shell script with the goal to make the UDM-Pro silenced while still having good thermal values. It stops the build in service that monitors the thermal values, fan speed and connection of a HDD/SSD. After that it sets the thermal/fan chip (adt7475) to automatic mode. Once that is done it changes the thermal and fan values specified in the script.
+A shell script with the goal to make the UDM-Pro silenced while still having good thermal values.
+It stops the build in service that monitors the thermal values, fan speed and connection of a HDD/SSD.
+After that it sets the thermal/fan chip (adt7475) to automatic mode.
+Once that is done it changes the thermal and fan values specified in the script.
 
 ### Jumbo Frames
 

podman-update/build/Dockerfile

@@ -1,40 +1,79 @@
 FROM golang:1.16-stretch
 
+# Currenrtly supported versions: UDM-Pro, UDM-SE
+ARG UDM_PLATFORM=UDM-Pro
 
-ARG DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && apt-get install -y zip git pkg-config libc6-arm64-cross libc6-dev-arm64-cross binutils-aarch64-linux-gnu libncurses5-dev build-essential bison flex libssl-dev bc gcc-aarch64-linux-gnu
-RUN dpkg --add-architecture arm64 && apt-get update && apt-get install -y libseccomp-dev:arm64  libglib2.0-dev:arm64 gperf:arm64
 ARG PODMAN_VERSION=v3.4.4
 ARG RUNC_VERSION=v1.1.0
 ARG CONMON_VERSION=v2.1.0
 
+ARG DEBIAN_FRONTEND=noninteractive
+
+# Install dependencies
+RUN apt-get update && apt-get install -y \
+    bc \
+    binutils-aarch64-linux-gnu \
+    bison \
+    build-essential \
+    flex \
+    gcc-aarch64-linux-gnu \
+    git \
+    libc6-arm64-cross \
+    libc6-dev-arm64-cross \
+    libncurses5-dev \
+    libssl-dev \
+    pkg-config \
+    systemd \
+    zip \
+  && rm -rf /var/lib/apt/lists/*
+RUN dpkg --add-architecture arm64
+RUN apt-get update && apt-get install -y \
+    gperf:arm64 \
+    libglib2.0-dev:arm64 \
+    libseccomp-dev:arm64 \
+    libsystemd-dev:arm64 \
+  && rm -rf /var/lib/apt/lists/*
+
 ENV GOOS=linux
 
-COPY ./podman.Makefile.patch /tmp
-COPY ./runc.Makefile.patch /tmp
-RUN mkdir -p /build && mkdir -p /tmp/release
+COPY ./podman.Makefile.${UDM_PLATFORM}.patch /tmp
+RUN mkdir -p /build \
+    && mkdir -p /tmp/release
 WORKDIR /build
-RUN  git clone https://github.com/containers/podman && git clone https://github.com/opencontainers/runc && git clone https://github.com/containers/conmon
+RUN git clone https://github.com/containers/podman.git \
+    && git clone https://github.com/opencontainers/runc.git \
+    && git clone https://github.com/containers/conmon.git
 WORKDIR /build/runc
 
-RUN git checkout $RUNC_VERSION && ./script/release_build.sh -a arm64 -r /tmp/release
+RUN git checkout ${RUNC_VERSION} \
+    && ./script/release_build.sh -a arm64 -r /tmp/release
 ENV PKG_CONFIG_PATH=/usr/lib/aarch64-linux-gnu/pkgconfig/
 ENV GOARCH=arm64
 ENV CC='aarch64-linux-gnu-gcc'
 WORKDIR /build/podman
-RUN git checkout $PODMAN_VERSION && patch Makefile /tmp/podman.Makefile.patch && make vendor local-cross && \
-    cp ./bin/podman.cross.linux.arm64 /tmp/release/podman-$PODMAN_VERSION && chmod +x /tmp/release/podman-$PODMAN_VERSION
-
+RUN git checkout ${PODMAN_VERSION} \
+    && patch Makefile /tmp/podman.Makefile.${UDM_PLATFORM}.patch \
+    && make vendor local-cross \
+    && cp ./bin/podman.cross.linux.arm64 /tmp/release/podman-${PODMAN_VERSION} \
+    && chmod +x /tmp/release/podman-${PODMAN_VERSION}
 
 WORKDIR /build/conmon
-RUN git checkout $CONMON_VERSION && make vendor bin/conmon && cp bin/conmon /tmp/release/conmon-$CONMON_VERSION && chmod +x /tmp/release/conmon-$CONMON_VERSION
+RUN git checkout ${CONMON_VERSION} \
+    && make vendor bin/conmon \
+    && cp bin/conmon /tmp/release/conmon-${CONMON_VERSION} \
+    && chmod +x /tmp/release/conmon-$CONMON_VERSION
 
-RUN mkdir -p /tmp/install/usr/bin && mkdir -p /tmp/install/usr/libexec/podman/ && mkdir -p /tmp/install/usr/share/containers/ && mkdir -p /tmp/install/etc/containers/
+RUN mkdir -p /tmp/install/usr/bin \
+    && mkdir -p /tmp/install/usr/libexec/podman/ \
+    && mkdir -p /tmp/install/usr/share/containers/ \
+    && mkdir -p /tmp/install/etc/containers/
 COPY seccomp.json /tmp/install/usr/share/containers/
 COPY containers.conf /tmp/install/etc/containers/
 
-RUN cp /tmp/release/podman-$PODMAN_VERSION /tmp/install/usr/bin/podman && cp /tmp/release/runc.arm64 /tmp/install/usr/bin/runc && cp /tmp/release/conmon-$CONMON_VERSION /tmp/install/usr/libexec/podman/conmon
+RUN cp /tmp/release/podman-${PODMAN_VERSION} /tmp/install/usr/bin/podman \
+    && cp /tmp/release/runc.arm64 /tmp/install/usr/bin/runc \
+    && cp /tmp/release/conmon-${CONMON_VERSION} /tmp/install/usr/libexec/podman/conmon
 WORKDIR /tmp/install
+
+# Zip up the files
 RUN zip -r /tmp/release/podman-install.zip *
-
-

podman-update/build/Dockerfile.Se

@@ -1,39 +0,0 @@
-FROM golang:1.16-stretch
-
-# Run build
-
-ARG DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && apt-get install -y systemd zip git pkg-config libc6-arm64-cross libc6-dev-arm64-cross binutils-aarch64-linux-gnu libncurses5-dev build-essential bison flex libssl-dev bc gcc-aarch64-linux-gnu
-RUN dpkg --add-architecture arm64 && apt-get update && apt-get install -y libseccomp-dev:arm64  && apt-get install -y libglib2.0-dev:arm64 && apt-get install -y libsystemd-dev:arm64
-ARG PODMAN_VERSION=v3.4.4
-ARG RUNC_VERSION=v1.1.0
-ARG CONMON_VERSION=v2.1.0
-
-ENV GOOS=linux
-
-COPY ./podman.Makefile.se.patch /tmp
-RUN mkdir -p /build && mkdir -p /tmp/release
-WORKDIR /build
-RUN  git clone https://github.com/containers/podman && git clone https://github.com/opencontainers/runc && git clone https://github.com/containers/conmon
-WORKDIR /build/runc
-
-RUN git checkout $RUNC_VERSION && ./script/release_build.sh -a arm64 -r /tmp/release
-ENV PKG_CONFIG_PATH=/usr/lib/aarch64-linux-gnu/pkgconfig/
-ENV GOARCH=arm64
-ENV CC='aarch64-linux-gnu-gcc'
-WORKDIR /build/podman
-RUN git checkout $PODMAN_VERSION && patch Makefile /tmp/podman.Makefile.patch && make vendor local-cross && \
-    cp ./bin/podman.cross.linux.arm64 /tmp/release/podman-$PODMAN_VERSION && chmod +x /tmp/release/podman-$PODMAN_VERSION
-
-
-WORKDIR /build/conmon
-RUN git checkout $CONMON_VERSION && make vendor bin/conmon && cp bin/conmon /tmp/release/conmon-$CONMON_VERSION && chmod +x /tmp/release/conmon-$CONMON_VERSION
-
-RUN mkdir -p /tmp/install/usr/bin && mkdir -p /tmp/install/usr/libexec/podman/ && mkdir -p /tmp/install/usr/share/containers/ && mkdir -p /tmp/install/etc/containers/
-COPY seccomp.json /tmp/install/usr/share/containers/
-COPY containers.conf /tmp/install/etc/containers/
-RUN cp /tmp/release/podman-$PODMAN_VERSION /tmp/install/usr/bin/podman && cp /tmp/release/runc.arm64 /tmp/install/usr/bin/runc && cp /tmp/release/conmon-$CONMON_VERSION /tmp/install/usr/libexec/podman/conmon
-WORKDIR /tmp/install
-RUN zip -r /tmp/release/podman-install.zip *
-
-