Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add IPv6 config to docker-compose.yml #2256

Merged
merged 3 commits into from
Jan 18, 2024
Merged

Add IPv6 config to docker-compose.yml #2256

merged 3 commits into from
Jan 18, 2024

Conversation

stephanie0x00
Copy link
Contributor

Changes

Adds IPv6 to the docker compose file to enable IPv6 scanning.

Note: this requires something like this in /etc/docker/daemon.json to enable IPv6 for docker itself.

{
	"experimental": true,
	"ip6tables": true
}

Code Checklist

  • All the commits in this PR are properly PGP-signed and verified;
  • This PR only contains functionality relevant to the issue; tickets have been created for newly discovered issues.
  • I have written unit tests for the changes or fixes I made.
  • For any non-trivial functionality, I have added integration and/or end-to-end tests.
  • I have performed a self-review of my code and refactored it to the best of my abilities.

Communication

  • I have informed others of any required .env changes files if required and changed the .env-dist accordingly.
  • I have made corresponding changes to the documentation, if necessary.

Checklist for code reviewers:

Copy-paste the checklist from the docs/source/templates folder into your comment.

Checklist for QA:

Copy-paste the checklist from the docs/source/templates folder into your comment.

@stephanie0x00 stephanie0x00 requested a review from a team as a code owner January 2, 2024 16:12
@ammar92
Copy link
Contributor

ammar92 commented Jan 18, 2024

Checklist for QA:

  • I have checked out this branch, and successfully ran a fresh make reset.
  • I confirmed that there are no unintended functional regressions in this branch:
    • I have managed to pass the onboarding flow
    • Objects and Findings are created properly
    • Tasks are created and completed properly
  • I confirmed that the PR's advertised feature or hotfix works as intended.

What works:

  • Seems to work for me (doesn't break on a network without IPv6 capabilities)

@dekkers dekkers merged commit f0ca017 into main Jan 18, 2024
12 checks passed
@dekkers dekkers deleted the feat/ipv6-docker branch January 18, 2024 12:52
jpbruinsslot added a commit that referenced this pull request Jan 18, 2024
@jpbruinsslot
Merge branch 'main' into feature/mula/flexible-scheduling
8e78f9c 
* main: (21 commits)
  Add IPv6 config to docker-compose.yml (#2256)
  Remove IPs with zero vulnerabilities (#2319)
  Translations update from Hosted Weblate (#2311)
  Chore/update pr template with comments (#2305)
  Sector report summary - Best and worst scoring security checks (#2312)
  Remove icons from compliance issue table (#2340)
  More ulimits for buggy celery (#2338)
  Remove smartphone from bug report template (#2334)
  add meta / cache hash for rpki boefje to raw output (#2255)
  Add max fds ulimit to octopoes api worker (#2327)
  Fix multiple Debian issues (#2283)
  Fix/upgrade jinja2 (#2326)
  Remove preselection from multireport flow (#2318)
  Updated template file to respect environment prefixes in docs (#2317)
  fix zero division (#2298)
  List item behaviour (#2281)
  Translations update from Hosted Weblate (#2279)
  Fixed invalid type usage in `get_rabbit_channel` and `close_rabbit_channel` (#2280)
  Translations update from Hosted Weblate (#2261)
  Fix export buttons report (#2259)
  ...
@underdarknl
Copy link
Contributor

This addition breaks rollout on services where ipv6 is not available. For example GitPod. Removing this makes the setup run again.

Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error running hook #0: error running hook: exit status 1, stdout: , stderr: failed to add interface veth012dbd4 to sandbox: error setting interface "veth012dbd4" IPv6 to fc42:ca7::2/64: failed to enable ipv6: failed to enable IPv6 forwarding for container's interface eth0: open /proc/sys/net/ipv6/conf/eth0/disable_ipv6: read-only file system: unknown

@underdarknl underdarknl mentioned this pull request Jan 24, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dekkers dekkers dekkers approved these changes

Assignees

@dekkers dekkers

@stephanie0x00 stephanie0x00

Labels
None yet
Projects
KAT
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@stephanie0x00 @ammar92 @underdarknl @dekkers