path: root/sysutils/docker-freebsd/files/docker.in

#!/bin/sh

# PROVIDE: docker
# REQUIRE: DAEMON
# KEYWORD: nojail shutdown

. /etc/rc.subr

name="docker"
rcvar="docker_enable"

stop_cmd="docker_stop"
start_cmd="docker_start"
command="%%PREFIX%%/bin/docker"

load_rc_config $name

: ${docker_enable=NO}
: ${docker_dir=/usr/docker}
: ${docker_nat_pf=YES}
: ${docker_nat_iface=NONE}

docker_start()
{
	if [ ! -d "${docker_dir}" ] ; then
		echo "Missing ${docker_dir}! Please create / mount a ZFS dataset at this location."
		exit 1
	fi

	if [ -e "/var/run/docker.pid" ] ; then
		pgrep -F /var/run/docker.pid 2>/dev/null >/dev/null
		if [ $? -eq 0 ] ; then
			echo "Docker already running? /var/run/docker.pid"
			exit 1
		fi
	fi

	echo "Starting docker..."
	daemon -p /var/run/docker.pid ${command} -d -e jail -s zfs -g ${docker_dir} -D >/var/log/docker.log 2>/var/log/docker.log

	# Check for linux 64bit support and enable
	kldstat | grep -q 'linux64'
	if [ $? -ne 0 -a -e "/boot/kernel/linux64.ko" ] ; then
		kldload linux64
	fi

	# Check for NAT support via PF
	# This is an ugly experimental hack for now, eventually will go away
	if [ "${docker_nat_pf}" != "YES" ] ; then return ; fi

	# Load PF if not already
	kldstat | grep -q 'pf.ko'
	if [ $? -ne 0 -a -e "/boot/kernel/pf.ko" ] ; then
		kldload pf
	fi

	# Check if PF rules already loaded
	/sbin/pfctl -s nat 2>/dev/null | grep -q 172.17
	if [ $? -eq 0 ] ; then return ; fi

	if [ "${docker_nat_iface}" != "NONE" ] ; then
		iface="${docker_nat_iface}"
	else
		iface=`/usr/bin/netstat -f inet -nrW | grep '^default' | awk '{ print $6 }'`
	fi
	echo "nat on ${iface} from 172.17.0.0/16 to any -> (${iface})" > /tmp/pf-nat-docker.$$
	/sbin/pfctl -f /tmp/pf-nat-docker.$$ 2>/dev/null
	/sbin/pfctl -e 2>/dev/null
	rm /tmp/pf-nat-docker.$$

}

docker_stop()
{
	if [ -e "/var/run/docker.pid" ] ; then
		echo "Stopping docker..."
		pkill -F /var/run/docker.pid
	fi
}

run_rc_command "$1"