update docker configuration

.gitignore

@@ -37,3 +37,4 @@ __pycache__/
 # Exclude .env file from all platforms
 */.env
 
+wg_config/wg_confs/

Dockerfile

@@ -1,6 +1,12 @@
 # TODO: investigate using -alpine in the future
 FROM python:3.11 
 
+# Install system dependencies and poetry
+RUN apt-get update && apt-get install -y \
+    iputils-ping \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
 WORKDIR /usr/src/app
 
 COPY ./pyproject.toml .

docker-compose.yaml

@@ -1,28 +1,28 @@
 services:
-  # multicaster:
+  multicaster:
-  #   # TODO: make this more restricitive in the future
+    container_name: multicaster
-  #   privileged: true        # Grants full access to all devices (for serial access)
+    # TODO: make this more restricitive in the future
-  #   restart: unless-stopped
+    privileged: true        # Grants full access to all devices (for serial access)
-  #   #ports:
+    restart: unless-stopped
-  #   #  - "5000:5000" # make the multicaster also reachable from the host
+    network_mode: service:wireguard
-  #   build:
+    #ports:
-  #     dockerfile: Dockerfile
+    #  - "5000:5000" 
-  #     ssh: 
+    build:
-  #       #- default=~/.ssh/id_ed25519 #lappi
+      dockerfile: Dockerfile
-  #       - default=~/.ssh/id_rsa #raspi
+      ssh: 
-  #   volumes:
+        - default=~/.ssh/id_ed25519 #lappi
-  #     - "/dev/serial:/dev/serial" 
+        #- default=~/.ssh/id_rsa #raspi
-  #   #devices:
+    volumes:
-  #     # - /dev/serial/by-id/usb-ZEPHYR_Zephyr_HCI_UART_sample_81BD14B8D71B5662-if00
+      - "/dev/serial:/dev/serial" 
-  #   environment:
+    #devices:
-  #     LOG_LEVEL: INFO
+      # - /dev/serial/by-id/usb-ZEPHYR_Zephyr_HCI_UART_sample_81BD14B8D71B5662-if00
+    environment:
+      LOG_LEVEL: INFO
     
-  #   network_mode: service:wireguard
+    #vpn only seems to initiate handshake after some outgoing connection is being made
-
+    command: >
-  #   command: python ./auracast/multicast_server.py
+      bash -c "(while true; do ping -c 1 vpn.pstruebi.xyz || echo 'Ping failed'; sleep 60; done) & python ./auracast/multicast_server.py"
-  #   #command: python ./auracast/multicast.py # continously streaming test app
+    #command: python ./auracast/multicast.py # continously streaming test app
-  #   #networks:
-  #   #  - default
 
   wireguard: # TODO: make all privileges in this compose file as tight as possible
     image: lscr.io/linuxserver/wireguard:latest
@@ -47,15 +47,14 @@ services:
       - ./wg_config:/config
       - /lib/modules:/lib/modules #optional
     ports:
-      - 51820:51820/udp # TODO: nececcarry ?
+      #- 51820:51820/udp
-      #- "5000:5000" # make the multicaster also reachable from the host
+      - 51821:51821/udp # just a workaround if another wireguard client is already running - make sure to change in .conf file too
-
+      #- 5000:5000 # make the multicaster also reachable from the host - TODO: this should be removed for production
     sysctls:
       - net.ipv4.conf.all.src_valid_mark=1
     networks:
       - default
-      #- vpn
+
+# place corresponding peer config for each peer in wg_confs
 # use docker compose up --build --remove-orphans
 
-networks:
-  vpn:

wg_config/wg_confs/peer_raspi.conf

@@ -1,11 +0,0 @@
-[Interface]
-Address = 10.13.13.2
-PrivateKey = WJkEh2FDxJxNnqvVyjOs7acI+RlT63zdQ3wrKbi1oE4=
-ListenPort = 51820
-DNS = 10.13.13.1
-
-[Peer]
-PublicKey = DnLs1PO3sPt61YY6BWOIuh4F8+DU0zHegG8QnpVqxU0=
-PresharedKey = YmLbW5O76gRlFvnA/ifRpk1Yiao+SilOJDya0K6bjBo=
-Endpoint = vpn-hinterwaldner.duckdns.org:51821
-AllowedIPs = 0.0.0.0/0