Revert "Merge pull request #72 from ameir/patch-1"

This reverts commit ee022cc, reversing
changes made to 46113df.

Author: aminvakil

Dockerfile

@@ -3,8 +3,6 @@ FROM alpine:3.20.1
 LABEL maintainer="Amin Vakil <[email protected]>, Dmitry Romashov <[email protected]>"
 
 ENV OC_VERSION=1.3.0
-ENV OC_IPV4_NETWORK="192.168.99.0"
-ENV OC_IPV4_NETMASK="255.255.255.0"
 
 RUN apk add --no-cache bash
 
@@ -47,28 +45,26 @@ RUN buildDeps=( \
 			| sort -u \
 		)" \
 	&& readarray runDepsArr <<< "$runDeps" \
-	&& apk add --virtual .run-deps "${runDepsArr[@]}" gnutls-utils iptables libnl3 readline libseccomp-dev lz4-dev gettext-envsubst \
+	&& apk add --virtual .run-deps "${runDepsArr[@]}" gnutls-utils iptables libnl3 readline libseccomp-dev lz4-dev \
 	&& apk del .build-deps \
 	&& rm -rf /var/cache/apk/*
 
 # Setup config
 COPY routes.txt /tmp/
-
-# hadolint ignore=SC2016
 RUN set -x \
-	&& sed -e 's/\.\/sample\.passwd/\/etc\/ocserv\/ocpasswd/' \
-	    -e 's/\(max-same-clients = \)2/\110/' \
-	    -e 's/\.\.\/tests/\/etc\/ocserv/' \
-	    -e 's/#\(compression.*\)/\1/' \
-	    -e '/^ipv4-network = /{s/192.168.1.0/${OC_IPV4_NETWORK}/}' \
-	    -e '/^ipv4-netmask = /{s/255.255.255.0/${OC_IPV4_NETMASK}/}' \
-	    -e 's/192.168.1.2/8.8.8.8/' \
-	    -e 's/^route/#route/' \
-	    -e 's/^no-route/#no-route/' \
-	    -e '/\[vhost:www.example.com\]/,$d' \
-	    -e '/^cookie-timeout = /{s/300/3600/}' \
-	    -e 's/^isolate-workers/#isolate-workers/' /etc/ocserv/ocserv.conf > /tmp/ocserv.conf \
-	&& cat /tmp/routes.txt >> /tmp/ocserv.conf
+	&& sed -i 's/\.\/sample\.passwd/\/etc\/ocserv\/ocpasswd/' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/\(max-same-clients = \)2/\110/' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/\.\.\/tests/\/etc\/ocserv/' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/#\(compression.*\)/\1/' /etc/ocserv/ocserv.conf \
+	&& sed -i '/^ipv4-network = /{s/192.168.1.0/192.168.99.0/}' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/192.168.1.2/8.8.8.8/' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/^route/#route/' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/^no-route/#no-route/' /etc/ocserv/ocserv.conf \
+	&& sed -i '/\[vhost:www.example.com\]/,$d' /etc/ocserv/ocserv.conf \
+	&& sed -i '/^cookie-timeout = /{s/300/3600/}' /etc/ocserv/ocserv.conf \
+	&& sed -i 's/^isolate-workers/#isolate-workers/' /etc/ocserv/ocserv.conf \
+	&& cat /tmp/routes.txt >> /etc/ocserv/ocserv.conf \
+	&& rm -rf /tmp/routes.txt
 
 WORKDIR /etc/ocserv
 

docker-entrypoint.sh

@@ -63,16 +63,13 @@ fi
 sysctl -w net.ipv4.ip_forward=1
 
 # Enable NAT forwarding
-iptables -t nat -A POSTROUTING -j MASQUERADE -s "${OC_IPV4_NETWORK}"/"${OC_IPV4_NETMASK}"
+iptables -t nat -A POSTROUTING -j MASQUERADE
 iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
 
 # Enable TUN device
 mkdir -p /dev/net
 mknod /dev/net/tun c 10 200
 chmod 600 /dev/net/tun
 
-# Update config
-envsubst < /tmp/ocserv.conf > /etc/ocserv/ocserv.conf
-
 # Run OpennConnect Server
 exec "$@"

routes.txt

@@ -1,5 +1,5 @@
 route=default
-route = ${OC_IPV4_NETWORK}/${OC_IPV4_NETMASK}
+route = 192.168.99.0/255.255.255.0
 no-route = 192.168.0.0/255.255.0.0
 no-route = 10.0.0.0/255.0.0.0
 no-route = 172.16.0.0/255.240.0.0