Added code to handle Warp Connector (#26)

* Added code to handle Warp Connector Signed-off-by: Ramasubramanian M <[email protected]> * Fixed review comments Signed-off-by: Ramasubramanian M <[email protected]> * Fix WARP case Signed-off-by: Ramasubramanian M <[email protected]> --------- Signed-off-by: Ramasubramanian M <[email protected]>
cmj2002 · Aug 5, 2024 · 9ee31cb · 9ee31cb
1 parent 29246bc
commit 9ee31cb
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 14 deletions.
diff --git a/README.md b/README.md
@@ -44,11 +44,11 @@ If the output contains `warp=on` or `warp=plus`, the container is working proper
 ### Configuration
 
 You can configure the container through the following environment variables:
-  
+
 - `WARP_SLEEP`: The time to wait for the WARP daemon to start, in seconds. The default is 2 seconds. If the time is too short, it may cause the WARP daemon to not start before using the proxy, resulting in the proxy not working properly. If the time is too long, it may cause the container to take too long to start. If your server has poor performance, you can increase this value appropriately.
 
 - `WARP_LICENSE_KEY`: The license key of the WARP client, which is optional. If you have subscribed to WARP+ service, you can fill in the key in this environment variable. If you have not subscribed to WARP+ service, you can ignore this environment variable.
-  
+
 Data persistence: Use the host volume `./data` to persist the data of the WARP client. You can change the location of this directory or use other types of volumes. If you modify the `WARP_LICENSE_KEY`, please delete the `./data` directory so that the client can detect and register again.
 
 ### Change proxy type
@@ -68,6 +68,44 @@ HEALTHCHECK --interval=15s --timeout=5s --start-period=30s --retries=3 \
 
 If you don't want the container to restart automatically, you can remove `restart: always` from the `docker-compose.yml`. You can also modify the parameters of the health check through the `docker-compose.yml`.
 
+### Setting up as WARP connector
+
+If you want to setup [WARP Connector](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/warp-connector)
+
+> [!NOTE]
+> If you have already started the container, stop it and delete the data directory.
+
+1. Create mdm.xml as explained in Cloudflare WARP Connector [step 4](https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/private-net/warp-connector/#4-install-a-warp-connector)
+2. Mount the mdm.xml to path `/var/lib/cloudflare-warp/mdm.xml`
+3. Start the container
+
+<details>
+
+```yaml
+services:
+  warp:
+    image: caomingjun/warp
+    container_name: warp
+    restart: always
+    ports:
+      - '1080:1080'
+    environment:
+      - WARP_SLEEP=2
+      # - WARP_LICENSE_KEY= # optional
+    cap_add:
+      - NET_ADMIN
+    sysctls:
+      - net.ipv6.conf.all.disable_ipv6=0
+      - net.ipv4.conf.all.src_valid_mark=1
+      - net.ipv4.ip_forward=1
+    volumes:
+      - ./data:/var/lib/cloudflare-warp
+      - ./config/warp/mdm.xml:/var/lib/cloudflare-warp/mdm.xml
+```
+
+<summary><i>Sample Docker Compose File</i></summary  >
+</details>
+
 ### Use with Cloudflare Zero Trust
 
 If you want to use the WARP client with Cloudflare Zero Trust, just start the container without specifying license key, use `docker exec -it warp bash` to get into the container and follow these steps:
@@ -100,10 +138,10 @@ You can use Github Actions to build the image yourself.
 
 1. Fork this repository.
 2. Create necessary variables and secrets in the repository settings:
-  1. variable `REGISTRY`: for example, `docker.io` (Docker Hub)
-  2. variable `IMAGE_NAME`: for example, `caomingjun/warp`
-  3. variable `DOCKER_USERNAME`: for example, `caomingjun`
-  4. secret `DOCKER_PASSWORD`: generate a token in Docker Hub and fill in the token
+   1. variable `REGISTRY`: for example, `docker.io` (Docker Hub)
+   2. variable `IMAGE_NAME`: for example, `caomingjun/warp`
+   3. variable `DOCKER_USERNAME`: for example, `caomingjun`
+   4. secret `DOCKER_PASSWORD`: generate a token in Docker Hub and fill in the token
 3. Manually trigger the workflow `Build and push image` in the Actions tab.
 
 This will build the image with the latest version of WARP client and GOST and push it to the specified registry. You can also specify the version of GOST by giving input to the workflow. Building image with custom WARP client version is not supported yet.

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -11,7 +11,7 @@ sudo chmod 600 /dev/net/tun
 # start dbus
 sudo mkdir -p /run/dbus
 if [ -f /run/dbus/pid ]; then
-  sudo rm /run/dbus/pid
+    sudo rm /run/dbus/pid
 fi
 sudo dbus-daemon --config-file=/usr/share/dbus-1/system.conf
 
@@ -21,16 +21,19 @@ sudo warp-svc --accept-tos &
 # sleep to wait for the daemon to start, default 2 seconds
 sleep "$WARP_SLEEP"
 
-# if /var/lib/cloudflare-warp/reg.json not exists, register the warp client
+# if /var/lib/cloudflare-warp/reg.json not exists, setup new warp client
 if [ ! -f /var/lib/cloudflare-warp/reg.json ]; then
-    warp-cli registration new && echo "Warp client registered!"
-    # if a license key is provided, register the license
-    if [ -n "$WARP_LICENSE_KEY" ]; then
-        echo "License key found, registering license..."
-        warp-cli registration license "$WARP_LICENSE_KEY" && echo "Warp license registered!"
+    # if /var/lib/cloudflare-warp/mdm.xml not exists, register the warp client
+    if [ ! -f /var/lib/cloudflare-warp/mdm.xml ]; then
+        warp-cli registration new && echo "Warp client registered!"
+        # if a license key is provided, register the license
+        if [ -n "$WARP_LICENSE_KEY" ]; then
+            echo "License key found, registering license..."
+            warp-cli registration license "$WARP_LICENSE_KEY" && echo "Warp license registered!"
+        fi
     fi
     # connect to the warp server
-    warp-cli connect
+    warp-cli --accept-tos connect
 else
     echo "Warp client already registered, skip registration"
 fi