2 LuCI - Lua Configuration Interface
3 Copyright 2019 lisaac <https://github.com/lisaac/luci-app-dockerman>
7 local uci = luci.model.uci.cursor()
8 local docker = require "luci.model.docker"
9 local dk = docker.new()
10 local cmd_line = table.concat(arg, '/')
11 local create_body = {}
13 local images = dk.images:list().body
14 local networks = dk.networks:list().body
15 local containers = dk.containers:list({query = {all=true}}).body
17 local is_quot_complete = function(str)
19 if not str then return true end
21 for w in str:gmatch("\"") do
24 if math.fmod(num, 2) ~= 0 then return false end
26 for w in str:gmatch("\'") do
29 if math.fmod(num, 2) ~= 0 then return false end
33 local resolve_cli = function(cmd_line)
34 local config = {advance = 1}
35 local key_no_val = '|t|d|i|tty|rm|read_only|interactive|init|help|detach|privileged|P|publish_all|'
36 local key_with_val = '|sysctl|add_host|a|attach|blkio_weight_device|cap_add|cap_drop|device|device_cgroup_rule|device_read_bps|device_read_iops|device_write_bps|device_write_iops|dns|dns_option|dns_search|e|env|env_file|expose|group_add|l|label|label_file|link|link_local_ip|log_driver|log_opt|network_alias|p|publish|security_opt|storage_opt|tmpfs|v|volume|volumes_from|blkio_weight|cgroup_parent|cidfile|cpu_period|cpu_quota|cpu_rt_period|cpu_rt_runtime|c|cpu_shares|cpus|cpuset_cpus|cpuset_mems|detach_keys|disable_content_trust|domainname|entrypoint|gpus|health_cmd|health_interval|health_retries|health_start_period|health_timeout|h|hostname|ip|ip6|ipc|isolation|kernel_memory|log_driver|mac_address|m|memory|memory_reservation|memory_swap|memory_swappiness|mount|name|network|no_healthcheck|oom_kill_disable|oom_score_adj|pid|pids_limit|restart|runtime|shm_size|sig_proxy|stop_signal|stop_timeout|ulimit|u|user|userns|uts|volume_driver|w|workdir|'
37 local key_abb = {net='network',a='attach',c='cpu-shares',d='detach',e='env',h='hostname',i='interactive',l='label',m='memory',p='publish',P='publish_all',t='tty',u='user',v='volume',w='workdir'}
38 local key_with_list = '|sysctl|add_host|a|attach|blkio_weight_device|cap_add|cap_drop|device|device_cgroup_rule|device_read_bps|device_read_iops|device_write_bps|device_write_iops|dns|dns_option|dns_search|e|env|env_file|expose|group_add|l|label|label_file|link|link_local_ip|log_driver|log_opt|network_alias|p|publish|security_opt|storage_opt|tmpfs|v|volume|volumes_from|'
44 cmd_line = cmd_line:match("^DOCKERCLI%s+(.+)")
45 for w in cmd_line:gmatch("[^%s]+") do
47 elseif not key and not _key and not is_cmd then
49 key, val = w:match("^%-%-([%lP%-]-)=(.+)")
52 key = w:match("^%-%-([%lP%-]+)")
55 key = w:match("^%-([%lP%-]+)")
58 if key:match("i") or key:match("t") or key:match("d") then
59 if key:match("i") then
60 config[key_abb["i"]] = true
63 if key:match("t") then
64 config[key_abb["t"]] = true
67 if key:match("d") then
68 config[key_abb["d"]] = true
71 if key:match("P") then
72 config[key_abb["P"]] = true
75 if key == "" then key = nil end
81 key = key:gsub("-","_")
82 key = key_abb[key] or key
83 if key_no_val:match("|"..key.."|") then
87 elseif key_with_val:match("|"..key.."|") then
88 -- if key == "cap_add" then config.privileged = true end
99 elseif (key or _key) and not is_cmd then
100 if key == "mount" then
101 -- we need resolve mount options here
102 -- type=bind,source=/source,target=/app
103 local _type = w:match("^type=([^,]+),") or "bind"
104 local source = (_type ~= "tmpfs") and (w:match("source=([^,]+),") or w:match("src=([^,]+),")) or ""
105 local target = w:match(",target=([^,]+)") or w:match(",dst=([^,]+)") or w:match(",destination=([^,]+)") or ""
106 local ro = w:match(",readonly") and "ro" or nil
107 if source and target then
108 if _type ~= "tmpfs" then
110 local bind_propagation = (_type == "bind") and w:match(",bind%-propagation=([^,]+)") or nil
111 val = source..":"..target .. ((ro or bind_propagation) and (":" .. (ro and ro or "") .. (((ro and bind_propagation) and "," or "") .. (bind_propagation and bind_propagation or ""))or ""))
114 local tmpfs_mode = w:match(",tmpfs%-mode=([^,]+)") or nil
115 local tmpfs_size = w:match(",tmpfs%-size=([^,]+)") or nil
117 val = target .. ((tmpfs_mode or tmpfs_size) and (":" .. (tmpfs_mode and ("mode=" .. tmpfs_mode) or "") .. ((tmpfs_mode and tmpfs_size) and "," or "") .. (tmpfs_size and ("size=".. tmpfs_size) or "")) or "")
118 if not config[key] then config[key] = {} end
119 table.insert( config[key], val )
128 config["command"] = (config["command"] and (config["command"] .. " " )or "") .. w
130 if (key or _key) and val then
132 if key_with_list:match("|"..key.."|") then
133 if not config[key] then config[key] = {} end
135 config[key][#config[key]] = config[key][#config[key]] .. " " .. w
137 table.insert( config[key], val )
139 if is_quot_complete(config[key][#config[key]]) then
140 -- clear quotation marks
141 config[key][#config[key]] = config[key][#config[key]]:gsub("[\"\']", "")
147 config[key] = (config[key] and (config[key] .. " ") or "") .. val
148 if is_quot_complete(config[key]) then
149 -- clear quotation marks
150 config[key] = config[key]:gsub("[\"\']", "")
162 -- reslvo default config
163 local default_config = {}
164 if cmd_line and cmd_line:match("^DOCKERCLI.+") then
165 default_config = resolve_cli(cmd_line)
166 elseif cmd_line and cmd_line:match("^duplicate/[^/]+$") then
167 local container_id = cmd_line:match("^duplicate/(.+)")
168 create_body = dk:containers_duplicate_config({id = container_id}) or {}
169 if not create_body.HostConfig then create_body.HostConfig = {} end
170 if next(create_body) ~= nil then
171 default_config.name = nil
172 default_config.image = create_body.Image
173 default_config.hostname = create_body.Hostname
174 default_config.tty = create_body.Tty and true or false
175 default_config.interactive = create_body.OpenStdin and true or false
176 default_config.privileged = create_body.HostConfig.Privileged and true or false
177 default_config.restart = create_body.HostConfig.RestartPolicy and create_body.HostConfig.RestartPolicy.name or nil
178 -- default_config.network = create_body.HostConfig.NetworkMode == "default" and "bridge" or create_body.HostConfig.NetworkMode
179 -- if container has leave original network, and add new network, .HostConfig.NetworkMode is INcorrect, so using first child of .NetworkingConfig.EndpointsConfig
180 default_config.network = create_body.NetworkingConfig and create_body.NetworkingConfig.EndpointsConfig and next(create_body.NetworkingConfig.EndpointsConfig) or nil
181 default_config.ip = default_config.network and default_config.network ~= "bridge" and default_config.network ~= "host" and default_config.network ~= "null" and create_body.NetworkingConfig.EndpointsConfig[default_config.network].IPAMConfig and create_body.NetworkingConfig.EndpointsConfig[default_config.network].IPAMConfig.IPv4Address or nil
182 default_config.link = create_body.HostConfig.Links
183 default_config.env = create_body.Env
184 default_config.dns = create_body.HostConfig.Dns
185 default_config.volume = create_body.HostConfig.Binds
186 default_config.cap_add = create_body.HostConfig.CapAdd
187 default_config.publish_all = create_body.HostConfig.PublishAllPorts
189 if create_body.HostConfig.Sysctls and type(create_body.HostConfig.Sysctls) == "table" then
190 default_config.sysctl = {}
191 for k, v in pairs(create_body.HostConfig.Sysctls) do
192 table.insert( default_config.sysctl, k.."="..v )
196 if create_body.HostConfig.LogConfig and create_body.HostConfig.LogConfig.Config and type(create_body.HostConfig.LogConfig.Config) == "table" then
197 default_config.log_opt = {}
198 for k, v in pairs(create_body.HostConfig.LogConfig.Config) do
199 table.insert( default_config.log_opt, k.."="..v )
203 if create_body.HostConfig.PortBindings and type(create_body.HostConfig.PortBindings) == "table" then
204 default_config.publish = {}
205 for k, v in pairs(create_body.HostConfig.PortBindings) do
206 table.insert( default_config.publish, v[1].HostPort..":"..k:match("^(%d+)/.+").."/"..k:match("^%d+/(.+)") )
210 default_config.user = create_body.User or nil
211 default_config.command = create_body.Cmd and type(create_body.Cmd) == "table" and table.concat(create_body.Cmd, " ") or nil
212 default_config.advance = 1
213 default_config.cpus = create_body.HostConfig.NanoCPUs
214 default_config.cpu_shares = create_body.HostConfig.CpuShares
215 default_config.memory = create_body.HostConfig.Memory
216 default_config.blkio_weight = create_body.HostConfig.BlkioWeight
218 if create_body.HostConfig.Devices and type(create_body.HostConfig.Devices) == "table" then
219 default_config.device = {}
220 for _, v in ipairs(create_body.HostConfig.Devices) do
221 table.insert( default_config.device, v.PathOnHost..":"..v.PathInContainer..(v.CgroupPermissions ~= "" and (":" .. v.CgroupPermissions) or "") )
224 if create_body.HostConfig.Tmpfs and type(create_body.HostConfig.Tmpfs) == "table" then
225 default_config.tmpfs = {}
226 for k, v in pairs(create_body.HostConfig.Tmpfs) do
227 table.insert( default_config.tmpfs, k .. (v~="" and ":" or "")..v )
233 local m = SimpleForm("docker", translate("Docker"))
234 m.redirect = luci.dispatcher.build_url("admin", "docker", "containers")
239 docker_status = m:section(SimpleSection)
240 docker_status.template = "dockerman/apply_widget"
241 docker_status.err=docker:read_status()
242 docker_status.err=docker_status.err and docker_status.err:gsub("\n","<br>"):gsub(" "," ")
243 if docker_status.err then docker:clear_status() end
245 local s = m:section(SimpleSection, translate("New Container"))
249 local d = s:option(DummyValue,"cmd_line", translate("Resolve CLI"))
251 d.template = "dockerman/newcontainer_resolve"
253 d = s:option(Value, "name", translate("Container Name"))
255 d.default = default_config.name or nil
257 d = s:option(Flag, "interactive", translate("Interactive (-i)"))
261 d.default = default_config.interactive and 1 or 0
263 d = s:option(Flag, "tty", translate("TTY (-t)"))
267 d.default = default_config.tty and 1 or 0
269 d = s:option(Value, "image", translate("Docker Image"))
271 d.default = default_config.image or nil
272 for _, v in ipairs (images) do
274 d:value(v.RepoTags[1], v.RepoTags[1])
278 d = s:option(Flag, "_force_pull", translate("Always pull image first"))
284 d = s:option(Flag, "privileged", translate("Privileged"))
288 d.default = default_config.privileged and 1 or 0
290 d = s:option(ListValue, "restart", translate("Restart Policy"))
294 d:value("unless-stopped", "Unless stopped")
295 d:value("always", "Always")
296 d:value("on-failure", "On failure")
297 d.default = default_config.restart or "unless-stopped"
299 local d_network = s:option(ListValue, "network", translate("Networks"))
300 d_network.rmempty = true
301 d_network.default = default_config.network or "bridge"
303 local d_ip = s:option(Value, "ip", translate("IPv4 Address"))
304 d_ip.datatype="ip4addr"
305 d_ip:depends("network", "nil")
306 d_ip.default = default_config.ip or nil
308 d = s:option(DynamicList, "link", translate("Links with other containers"))
309 d.placeholder = "container_name:alias"
311 d:depends("network", "bridge")
312 d.default = default_config.link or nil
314 d = s:option(DynamicList, "dns", translate("Set custom DNS servers"))
315 d.placeholder = "8.8.8.8"
317 d.default = default_config.dns or nil
319 d = s:option(Value, "user", translate("User(-u)"), translate("The user that commands are run as inside the container.(format: name|uid[:group|gid])"))
320 d.placeholder = "1000:1000"
322 d.default = default_config.user or nil
324 d = s:option(DynamicList, "env", translate("Environmental Variable(-e)"), translate("Set environment variables to inside the container"))
325 d.placeholder = "TZ=Asia/Shanghai"
327 d.default = default_config.env or nil
329 d = s:option(DynamicList, "volume", translate("Bind Mount(-v)"), translate("Bind mount a volume"))
330 d.placeholder = "/media:/media:slave"
332 d.default = default_config.volume or nil
334 local d_publish = s:option(DynamicList, "publish", translate("Exposed Ports(-p)"), translate("Publish container's port(s) to the host"))
335 d_publish.placeholder = "2200:22/tcp"
336 d_publish.rmempty = true
337 d_publish.default = default_config.publish or nil
339 d = s:option(Value, "command", translate("Run command"))
340 d.placeholder = "/bin/sh init.sh"
342 d.default = default_config.command or nil
344 d = s:option(Flag, "advance", translate("Advance"))
348 d.default = default_config.advance or 0
350 d = s:option(Value, "hostname", translate("Host Name"), translate("The hostname to use for the container"))
352 d.default = default_config.hostname or nil
353 d:depends("advance", 1)
355 d = s:option(Flag, "publish_all", translate("Exposed All Ports(-P)"), translate("Allocates an ephemeral host port for all of a container's exposed ports"))
359 d.default = default_config.publish_all and 1 or 0
360 d:depends("advance", 1)
362 d = s:option(DynamicList, "device", translate("Device(--device)"), translate("Add host device to the container"))
363 d.placeholder = "/dev/sda:/dev/xvdc:rwm"
365 d:depends("advance", 1)
366 d.default = default_config.device or nil
368 d = s:option(DynamicList, "tmpfs", translate("Tmpfs(--tmpfs)"), translate("Mount tmpfs directory"))
369 d.placeholder = "/run:rw,noexec,nosuid,size=65536k"
371 d:depends("advance", 1)
372 d.default = default_config.tmpfs or nil
374 d = s:option(DynamicList, "sysctl", translate("Sysctl(--sysctl)"), translate("Sysctls (kernel parameters) options"))
375 d.placeholder = "net.ipv4.ip_forward=1"
377 d:depends("advance", 1)
378 d.default = default_config.sysctl or nil
380 d = s:option(DynamicList, "cap_add", translate("CAP-ADD(--cap-add)"), translate("A list of kernel capabilities to add to the container"))
381 d.placeholder = "NET_ADMIN"
383 d:depends("advance", 1)
384 d.default = default_config.cap_add or nil
386 d = s:option(Value, "cpus", translate("CPUs"), translate("Number of CPUs. Number is a fractional number. 0.000 means no limit"))
387 d.placeholder = "1.5"
389 d:depends("advance", 1)
391 d.default = default_config.cpus or nil
393 d = s:option(Value, "cpu_shares", translate("CPU Shares Weight"), translate("CPU shares relative weight, if 0 is set, the system will ignore the value and use the default of 1024"))
394 d.placeholder = "1024"
396 d:depends("advance", 1)
397 d.datatype="uinteger"
398 d.default = default_config.cpu_shares or nil
400 d = s:option(Value, "memory", translate("Memory"), translate("Memory limit (format: <number>[<unit>]). Number is a positive integer. Unit can be one of b, k, m, or g. Minimum is 4M"))
401 d.placeholder = "128m"
403 d:depends("advance", 1)
404 d.default = default_config.memory or nil
406 d = s:option(Value, "blkio_weight", translate("Block IO Weight"), translate("Block IO weight (relative weight) accepts a weight value between 10 and 1000"))
407 d.placeholder = "500"
409 d:depends("advance", 1)
410 d.datatype="uinteger"
411 d.default = default_config.blkio_weight or nil
413 d = s:option(DynamicList, "log_opt", translate("Log driver options"), translate("The logging configuration for this container"))
414 d.placeholder = "max-size=1m"
416 d:depends("advance", 1)
417 d.default = default_config.log_opt or nil
419 for _, v in ipairs (networks) do
421 local parent = v.Options and v.Options.parent or nil
422 local ip = v.IPAM and v.IPAM.Config and v.IPAM.Config[1] and v.IPAM.Config[1].Subnet or nil
423 ipv6 = v.IPAM and v.IPAM.Config and v.IPAM.Config[2] and v.IPAM.Config[2].Subnet or nil
424 local network_name = v.Name .. " | " .. v.Driver .. (parent and (" | " .. parent) or "") .. (ip and (" | " .. ip) or "").. (ipv6 and (" | " .. ipv6) or "")
425 d_network:value(v.Name, network_name)
427 if v.Name ~= "none" and v.Name ~= "bridge" and v.Name ~= "host" then
428 d_ip:depends("network", v.Name)
431 if v.Driver == "bridge" then
432 d_publish:depends("network", v.Name)
437 m.handle = function(self, state, data)
438 if state ~= FORM_VALID then return end
440 local name = data.name or ("luci_" .. os.date("%Y%m%d%H%M%S"))
441 local hostname = data.hostname
442 local tty = type(data.tty) == "number" and (data.tty == 1 and true or false) or default_config.tty or false
443 local publish_all = type(data.publish_all) == "number" and (data.publish_all == 1 and true or false) or default_config.publish_all or false
444 local interactive = type(data.interactive) == "number" and (data.interactive == 1 and true or false) or default_config.interactive or false
445 local image = data.image
446 local user = data.user
447 if image and not image:match(".-:.+") then
448 image = image .. ":latest"
450 local privileged = type(data.privileged) == "number" and (data.privileged == 1 and true or false) or default_config.privileged or false
451 local restart = data.restart
454 local cap_add = data.cap_add
457 if type(tmp) == "table" then
458 for i, v in ipairs(tmp) do
459 local k,v1 = v:match("(.-)=(.+)")
467 if type(tmp) == "table" then
468 for i, v in ipairs(tmp) do
469 local k,v1 = v:match("(.-)=(.+)")
475 local network = data.network
476 local ip = (network ~= "bridge" and network ~= "host" and network ~= "none") and data.ip or nil
477 local volume = data.volume
478 local memory = data.memory or 0
479 local cpu_shares = data.cpu_shares or 0
480 local cpus = data.cpus or 0
481 local blkio_weight = data.blkio_weight or 500
483 local portbindings = {}
484 local exposedports = {}
487 if type(tmp) == "table" then
488 for i, v in ipairs(tmp)do
489 local k= v:match("([^:]+)")
490 local v1 = v:match(".-:([^:]+)") or ""
499 if type(tmp) == "table" then
500 for i, v in ipairs(tmp) do
502 local _,_, h, c, p = v:find("(.-):(.-):(.+)")
505 t['PathInContainer'] = c
506 t['CgroupPermissions'] = p or "rwm"
508 local _,_, h, c = v:find("(.-):(.+)")
511 t['PathInContainer'] = c
512 t['CgroupPermissions'] = "rwm"
515 t['PathInContainer'] = v
516 t['CgroupPermissions'] = "rwm"
519 if next(t) ~= nil then
520 table.insert( device, t )
525 tmp = data.publish or {}
526 for i, v in ipairs(tmp) do
527 for v1 ,v2 in string.gmatch(v, "(%d+):([^%s]+)") do
528 local _,_,p= v2:find("^%d+/(%w+)")
532 portbindings[v2] = {{HostPort=v1}}
533 exposedports[v2] = {HostPort=v1}
537 local link = data.link
541 for v in string.gmatch(tmp, "[^%s]+") do
542 command[#command+1] = v
546 _,_,n,unit = memory:find("([%d%.]+)([%l%u]+)")
548 unit = unit and unit:sub(1,1):upper() or "B"
550 memory = tonumber(n) * 1024 * 1024
551 elseif unit == "G" then
552 memory = tonumber(n) * 1024 * 1024 * 1024
553 elseif unit == "K" then
554 memory = tonumber(n) * 1024
561 create_body.Hostname = network ~= "host" and (hostname or name) or nil
562 create_body.Tty = tty and true or false
563 create_body.OpenStdin = interactive and true or false
564 create_body.User = user
565 create_body.Cmd = command
566 create_body.Env = env
567 create_body.Image = image
568 create_body.ExposedPorts = exposedports
569 create_body.HostConfig = create_body.HostConfig or {}
570 create_body.HostConfig.Dns = dns
571 create_body.HostConfig.Binds = volume
572 create_body.HostConfig.RestartPolicy = { Name = restart, MaximumRetryCount = 0 }
573 create_body.HostConfig.Privileged = privileged and true or false
574 create_body.HostConfig.PortBindings = portbindings
575 create_body.HostConfig.Memory = tonumber(memory)
576 create_body.HostConfig.CpuShares = tonumber(cpu_shares)
577 create_body.HostConfig.NanoCPUs = tonumber(cpus) * 10 ^ 9
578 create_body.HostConfig.BlkioWeight = tonumber(blkio_weight)
579 create_body.HostConfig.PublishAllPorts = publish_all
580 if create_body.HostConfig.NetworkMode ~= network then
581 -- network mode changed, need to clear duplicate config
582 create_body.NetworkingConfig = nil
584 create_body.HostConfig.NetworkMode = network
586 if create_body.NetworkingConfig and create_body.NetworkingConfig.EndpointsConfig and type(create_body.NetworkingConfig.EndpointsConfig) == "table" then
587 -- ip + duplicate config
588 for k, v in pairs (create_body.NetworkingConfig.EndpointsConfig) do
589 if k == network and v.IPAMConfig and v.IPAMConfig.IPv4Address then
590 v.IPAMConfig.IPv4Address = ip
592 create_body.NetworkingConfig.EndpointsConfig = { [network] = { IPAMConfig = { IPv4Address = ip } } }
597 -- ip + no duplicate config
598 create_body.NetworkingConfig = { EndpointsConfig = { [network] = { IPAMConfig = { IPv4Address = ip } } } }
600 elseif not create_body.NetworkingConfig then
601 -- no ip + no duplicate config
602 create_body.NetworkingConfig = nil
604 create_body["HostConfig"]["Tmpfs"] = tmpfs
605 create_body["HostConfig"]["Devices"] = device
606 create_body["HostConfig"]["Sysctls"] = sysctl
607 create_body["HostConfig"]["CapAdd"] = cap_add
608 create_body["HostConfig"]["LogConfig"] = next(log_opt) ~= nil and { Config = log_opt } or nil
610 if network == "bridge" then
611 create_body["HostConfig"]["Links"] = link
613 local pull_image = function(image)
614 local json_stringify = luci.jsonc and luci.jsonc.stringify
615 docker:append_status("Images: " .. "pulling" .. " " .. image .. "...\n")
616 local res = dk.images:create({query = {fromImage=image}}, docker.pull_image_show_status_cb)
617 if res and res.code == 200 and (res.body[#res.body] and not res.body[#res.body].error and res.body[#res.body].status and (res.body[#res.body].status == "Status: Downloaded newer image for ".. image or res.body[#res.body].status == "Status: Image is up to date for ".. image)) then
618 docker:append_status("done\n")
620 res.code = (res.code == 200) and 500 or res.code
621 docker:append_status("code:" .. res.code.." ".. (res.body[#res.body] and res.body[#res.body].error or (res.body.message or res.message)).. "\n")
622 luci.http.redirect(luci.dispatcher.build_url("admin/docker/newcontainer"))
625 docker:clear_status()
626 local exist_image = false
628 for _, v in ipairs (images) do
629 if v.RepoTags and v.RepoTags[1] == image then
634 if not exist_image then
636 elseif data._force_pull == 1 then
641 create_body = docker.clear_empty_tables(create_body)
642 docker:append_status("Container: " .. "create" .. " " .. name .. "...")
643 local res = dk.containers:create({name = name, body = create_body})
644 if res and res.code == 201 then
645 docker:clear_status()
646 luci.http.redirect(luci.dispatcher.build_url("admin/docker/containers"))
648 docker:append_status("code:" .. res.code.." ".. (res.body.message and res.body.message or res.message))
649 luci.http.redirect(luci.dispatcher.build_url("admin/docker/newcontainer"))