BurgerGames/NetBirdMSP-Appliance
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(updater): add --privileged to helper container to bypass user namespace restrictions

Browse Source
This commit is contained in:
Sascha Lustenberger
2026-02-22 15:46:09 +01:00
parent c40b7d3bc6
commit 95ec6765c1
4 changed files with 43 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/services/update_service.py
View File

@@ -299,7 +299,7 @@ def trigger_update(config: Any, db_path: str) -> dict:
own_image = "netbirdmsp-appliance-netbird-msp-appliance:latest"
helper_cmd = [
"docker", "run", "-d",
"docker", "run", "-d", "--privileged",
"--name", "msp-updater",
"-v", "/var/run/docker.sock:/var/run/docker.sock:z",
"-v", f"{host_source_dir}:{host_source_dir}:ro,z",

18
containers.txt
View File

@@ -1,9 +1,9 @@
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6ac6e489f490 netbirdmsp-appliance-netbird-msp-appliance:latest "sh -c 'sleep 3 && d…" About a minute ago Exited (1) About a minute ago msp-updater
45635ac38499 669dad48d4d2 "uvicorn app.main:ap…" 8 minutes ago Up 8 minutes (healthy) 0.0.0.0:8000->8000/tcp, [::]:8000->8000/tcp netbird-msp-appliance
878efa979680 caddy:2-alpine "caddy run --config …" 3 hours ago Up 2 hours 443/tcp, 2019/tcp, 443/udp, 0.0.0.0:9001->80/tcp, [::]:9001->80/tcp netbird-kunde1-caddy
564c613f112a netbirdio/signal:latest "/go/bin/netbird-sig…" 3 hours ago Up 2 hours netbird-kunde1-signal
a98852970815 netbirdio/dashboard:latest "/usr/bin/supervisor…" 3 hours ago Up 2 hours 80/tcp, 443/tcp netbird-kunde1-dashboard
11e100e21d81 netbirdio/relay:latest "/go/bin/netbird-rel…" 3 hours ago Up 2 hours 0.0.0.0:3478->3478/udp, [::]:3478->3478/udp netbird-kunde1-relay
aeae96bf691e netbirdio/management:latest "/go/bin/netbird-mgm…" 3 hours ago Up 2 hours netbird-kunde1-management
9cdda4d58e36 tecnativa/docker-socket-proxy:latest "docker-entrypoint.s…" 3 days ago Up 2 hours 2375/tcp docker-socket-proxy
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b25f16030139 netbirdmsp-appliance-netbird-msp-appliance:latest "sh -c 'sleep 3 && d…" 2 minutes ago Exited (1) 2 minutes ago msp-updater
c7acab75017f f4446ac34896 "uvicorn app.main:ap…" 11 minutes ago Up 11 minutes (healthy) 0.0.0.0:8000->8000/tcp, [::]:8000->8000/tcp netbird-msp-appliance
878efa979680 caddy:2-alpine "caddy run --config …" 3 hours ago Up 2 hours 443/tcp, 2019/tcp, 443/udp, 0.0.0.0:9001->80/tcp, [::]:9001->80/tcp netbird-kunde1-caddy
564c613f112a netbirdio/signal:latest "/go/bin/netbird-sig…" 3 hours ago Up 2 hours netbird-kunde1-signal
a98852970815 netbirdio/dashboard:latest "/usr/bin/supervisor…" 3 hours ago Up 2 hours 80/tcp, 443/tcp netbird-kunde1-dashboard
11e100e21d81 netbirdio/relay:latest "/go/bin/netbird-rel…" 3 hours ago Up 2 hours 0.0.0.0:3478->3478/udp, [::]:3478->3478/udp netbird-kunde1-relay
aeae96bf691e netbirdio/management:latest "/go/bin/netbird-mgm…" 3 hours ago Up 2 hours netbird-kunde1-management
9cdda4d58e36 tecnativa/docker-socket-proxy:latest "docker-entrypoint.s…" 3 days ago Up 2 hours 2375/tcp docker-socket-proxy

60
logs.txt
View File

@@ -1,30 +1,30 @@
INFO: 172.18.0.1:54920 - "GET /api/customers?page=1&per_page=25 HTTP/1.1" 200 OK
INFO: 172.18.0.1:38426 - "GET /api/settings/system HTTP/1.1" 200 OK
INFO: 172.18.0.1:38426 - "GET /api/auth/mfa/status HTTP/1.1" 200 OK
2026-02-22 14:26:24,600 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/branches/unstable "HTTP/1.1 200 OK"
2026-02-22 14:26:24,610 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/tags?limit=1 "HTTP/1.1 200 OK"
INFO: 172.18.0.1:53830 - "GET /api/settings/version HTTP/1.1" 200 OK
INFO: 127.0.0.1:46712 - "GET /api/health HTTP/1.1" 200 OK
2026-02-22 14:26:51,522 [INFO] app.services.update_service: Database backed up to /app/backups/netbird_msp_20260222_142651.db
2026-02-22 14:26:51,823 [INFO] app.services.update_service: git pull succeeded: Already up to date.
2026-02-22 14:26:51,846 [INFO] app.services.update_service: Rebuilding with GIT_TAG=alpha-1.6 GIT_COMMIT=6bc11d4 GIT_BRANCH=unstable
2026-02-22 14:26:51,847 [INFO] app.services.update_service: Phase A: building new image …
2026-02-22 14:29:45,287 [INFO] app.services.update_service: Phase A complete — image built successfully.
2026-02-22 14:29:45,305 [INFO] app.services.update_service: Host source directory: /home/sascha/NetBirdMSP-Appliance
2026-02-22 14:29:46,017 [INFO] app.services.update_service: Phase B: updater container started — this container will restart in ~5s.
2026-02-22 14:29:46,017 [INFO] app.routers.settings: Update triggered by admin.
INFO: 127.0.0.1:34660 - "GET /api/health HTTP/1.1" 200 OK
INFO: 172.18.0.1:41348 - "GET /api/monitoring/status HTTP/1.1" 200 OK
INFO: 172.18.0.1:41362 - "GET /api/customers?page=1&per_page=25 HTTP/1.1" 200 OK
2026-02-22 14:29:46,083 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/branches/unstable "HTTP/1.1 200 OK"
2026-02-22 14:29:46,090 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/tags?limit=1 "HTTP/1.1 200 OK"
INFO: 172.18.0.1:41362 - "GET /api/settings/system HTTP/1.1" 200 OK
INFO: 172.18.0.1:41362 - "GET /api/auth/mfa/status HTTP/1.1" 200 OK
2026-02-22 14:29:51,064 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/branches/unstable "HTTP/1.1 200 OK"
2026-02-22 14:29:51,071 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/tags?limit=1 "HTTP/1.1 200 OK"
INFO: 172.18.0.1:41362 - "GET /api/settings/version HTTP/1.1" 200 OK
INFO: 127.0.0.1:39688 - "GET /api/health HTTP/1.1" 200 OK
2026-02-22 14:30:21,600 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/branches/unstable "HTTP/1.1 200 OK"
2026-02-22 14:30:21,606 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/tags?limit=1 "HTTP/1.1 200 OK"
INFO: 172.18.0.1:34698 - "GET /api/settings/version HTTP/1.1" 200 OK
INFO: 127.0.0.1:48454 - "GET /api/health HTTP/1.1" 200 OK
INFO: 172.18.0.1:34414 - "GET /lang/de.json HTTP/1.1" 304 Not Modified
INFO: 172.18.0.1:34414 - "GET /favicon.ico HTTP/1.1" 404 Not Found
INFO: 172.18.0.1:34424 - "GET /api/settings/branding HTTP/1.1" 200 OK
INFO: 172.18.0.1:34424 - "GET /api/auth/azure/config HTTP/1.1" 200 OK
INFO: 172.18.0.1:34424 - "GET /api/auth/me HTTP/1.1" 200 OK
INFO: 172.18.0.1:34424 - "GET /api/monitoring/status HTTP/1.1" 200 OK
INFO: 172.18.0.1:34414 - "GET /api/customers?page=1&per_page=25 HTTP/1.1" 200 OK
INFO: 127.0.0.1:34422 - "GET /api/health HTTP/1.1" 200 OK
INFO: 172.18.0.1:34042 - "GET /api/settings/system HTTP/1.1" 200 OK
INFO: 172.18.0.1:34042 - "GET /api/auth/mfa/status HTTP/1.1" 200 OK
2026-02-22 14:40:01,292 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/branches/unstable "HTTP/1.1 200 OK"
2026-02-22 14:40:01,301 [INFO] httpx: HTTP Request: GET https://git.0x26.ch/api/v1/repos/BurgerGames/NetBirdMSP-Appliance/tags?limit=1 "HTTP/1.1 200 OK"
INFO: 172.18.0.1:49812 - "GET /api/settings/version HTTP/1.1" 200 OK
INFO: 127.0.0.1:54492 - "GET /api/health HTTP/1.1" 200 OK
INFO: 127.0.0.1:36052 - "GET /api/health HTTP/1.1" 200 OK
2026-02-22 14:40:57,656 [INFO] app.services.update_service: Database backed up to /app/backups/netbird_msp_20260222_144057.db
2026-02-22 14:40:57,971 [INFO] app.services.update_service: git pull succeeded: Already up to date.
2026-02-22 14:40:57,988 [INFO] app.services.update_service: Rebuilding with GIT_TAG=alpha-1.7 GIT_COMMIT=c40b7d3 GIT_BRANCH=unstable
2026-02-22 14:40:57,988 [INFO] app.services.update_service: Phase A: building new image …
2026-02-22 14:42:44,434 [INFO] app.services.update_service: Phase A complete — image built successfully.
2026-02-22 14:42:44,461 [INFO] app.services.update_service: Host source directory: /home/sascha/NetBirdMSP-Appliance
2026-02-22 14:42:44,973 [INFO] app.services.update_service: Phase B: updater container started — this container will restart in ~5s.
2026-02-22 14:42:44,973 [INFO] app.routers.settings: Update triggered by admin.
INFO: 172.18.0.1:46292 - "POST /api/settings/update HTTP/1.1" 200 OK
INFO: 127.0.0.1:54584 - "GET /api/health HTTP/1.1" 200 OK
INFO: 127.0.0.1:33600 - "GET /api/health HTTP/1.1" 200 OK
INFO: 127.0.0.1:35272 - "GET /api/health HTTP/1.1" 200 OK
INFO: 127.0.0.1:44226 - "GET /api/health HTTP/1.1" 200 OK
INFO: 127.0.0.1:48574 - "GET /api/health HTTP/1.1" 200 OK
INFO: 127.0.0.1:53686 - "GET /api/health HTTP/1.1" 200 OK

6
out.txt
View File

@@ -1,4 +1,4 @@
[unstable 6bc11d4] alpha-1.6: test final update
[unstable c40b7d3] alpha-1.7: final test
remote:
remote: Create a new pull request for 'unstable':
remote: https://git.0x26.ch/BurgerGames/NetBirdMSP-Appliance/pulls/new/unstable
@@ -6,5 +6,5 @@ remote:
remote: .. Processing 2 references
remote: Processed 2 references in total
To https://git.0x26.ch/BurgerGames/NetBirdMSP-Appliance.git
e0aa51b..6bc11d4 unstable -> unstable
* [new tag] alpha-1.6 -> alpha-1.6
525b056..c40b7d3 unstable -> unstable
* [new tag] alpha-1.7 -> alpha-1.7