roof/pic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: split-horizon DNS zone uses WireGuard IP, not Docker bridge IP
Unit Tests / test (push) Successful in 7m31s
Details

Browse Source 
VPN peers can reach Caddy via the host's WireGuard interface (10.0.0.1),
not via the Docker bridge IP (172.20.0.2) which is unreachable outside
the container network. _bootstrap_dns now calls _get_wg_server_ip()
instead of ip_utils.get_service_ips() so the internal zone returns a
routable address for service subdomains.

Also log config save failures instead of silently swallowing them —
the silent PermissionError/OSError was masking write failures and
making it impossible to diagnose why installed services disappeared
after container restarts.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Dmitrii Iurco
2026-06-08 02:11:01 -04:00
parent e4c80149f4
commit bd71466a87
4 changed files with 94 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
api/config_manager.py
+2 -2
View File
@@ -163,8 +163,8 @@ class ConfigManager:
f.flush()
os.fsync(f.fileno())
os.replace(tmp, self.config_file)
except (PermissionError, OSError):
pass
except (PermissionError, OSError) as e:
logger.error('_save_all_configs: write failed — config NOT persisted to disk: %s', e)
def get_service_config(self, service: str) -> Dict[str, Any]:
"""Get configuration for a specific service"""