remy
December 22, 2022, 12:43pm
1
Hi,
I am trying to install firezone via docker-compose or Oracle Linux 9 which is Red Hat Enterprise Linux release 9.1 (Plow), it dose not come with docker rather podman and podman-docker.
docker-compose up -d
ERROR: The Compose file ‘./docker-compose.yml’ is invalid because:
networks.firezone-network value ‘enable_ipv6’ does not match any of the regexes: ‘^x-’
networks.firezone-network.ipam.config value Additional properties are not allowed (‘gateway’ was unexpected)
docker-compose.yml
networks:
firezone-network:
enable_ipv6: true
driver: bridge
ipam:
config:
- subnet: 172.25.0.0/16
- subnet: 2001:3990:3990::/64
gateway: 2001:3990:3990::1
remy
December 22, 2022, 1:55pm
2
manage to complete the setup with below change
networks:
firezone-network:
driver: bridge
ipam:
config:
- subnet: 172.25.0.0/16
- subnet: 2001:3990:3990::/64
podman network inspect firezone_firezone-network
[
{
"name": "firezone_firezone-network",
"id": "5bb5011e71cb4571c998ea50394a872d986174ff8fbd12a9a451de43701b7ad9",
"driver": "bridge",
"network_interface": "podman1",
"created": "2022-12-22T13:23:09.519772945Z",
"subnets": [
{
"subnet": "172.25.0.0/16",
"gateway": "172.25.0.1"
},
{
"subnet": "2001:3990:3990::/64",
"gateway": "2001:3990:3990::1"
}
],
"ipv6_enabled": true,
"internal": false,
"dns_enabled": true,
"labels": {
"com.docker.compose.network": "firezone-network",
"com.docker.compose.project": "firezone",
"com.docker.compose.version": "2.14.2"
},
"options": {
"isolate": "true"
},
"ipam_options": {
"driver": "host-local"
}
}
]
jamil
December 22, 2022, 2:03pm
3
Thanks for the report. We haven’t investigated Podman support, but I’m glad you got it working. We have this issue open tracking Podman support: Podman Support · Issue #1105 · firezone/firezone · GitHub
Are IPv6 tunneling and masquerading working for you?
remy
December 22, 2022, 2:15pm
4
@jamil , I did not check IPv6 as it not required for my setup but I have 2 question
In my old setup (Omnibus) I have this
default[‘firezone’][‘wireguard’][‘ipv4’][‘network’] = ‘10.3.0.0/16’
/opt/firezone/embedded/sbin/nft delete chain inet firezone postrouting
How to get the above working in the new setup.
remy
December 22, 2022, 3:38pm
5
I was able to change the by setting the environment variables mentioned here
WIREGUARD_IPV4_ADDRESS=10.4.0.1
WIREGUARD_IPV4_MASQUERADE=false
WIREGUARD_IPV4_NETWORK=10.4.0.0/16
WIREGUARD_IPV6_ENABLED=false
Lawes
December 24, 2022, 3:40am
6
since such a long time nobody asking about podman, so I haven’t update to public about the change for a while.
yes Redhat/Fedora using podman and I like it rather than docker, here I keep update firezone_script with
podman command.
should you interest in podman (not docker-compose/podman-compose) with native pod support, you can try the script in the link at:
https://drive.google.com/file/d/1AuUAdOr2wejgBk9HjujuoF_meTwGTsoH/view?usp=share_link
the script support up to 0.6.13 , and, I have also put command env in the script, hence you can change the variable in the script during deployment.
Cheers,
Lawes
1 Like