From 3f4b08b8be4419f6befd19933aa24d5bfc76de1b Mon Sep 17 00:00:00 2001
From: Yurii Vlasov <yv@itsvit.org>
Date: Fri, 27 Jan 2023 10:57:35 +0200
Subject: [PATCH] Added ipv6 control script

---
 Dockerfile                             |  3 ++-
 docker/ipv6-disable.sh                 | 24 +++++++++++++++---------
 docker/templates/default.conf.template |  2 +-
 3 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 1f65f6c27c..199cba529c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -64,6 +64,7 @@ COPY --from=builder /build/dist ./
 # manage permissions
 RUN chmod 0755 /docker-entrypoint.d/*.sh /etc/nginx/templates && \
     chmod -R 0644 /etc/nginx/nginx.conf && \
-    chown -R nginx:nginx ./ /etc/nginx/conf.d /etc/nginx/templates
+    chown -R nginx:nginx ./ /etc/nginx/conf.d /etc/nginx/templates && \
+    rm -f /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
 # unprivileged user
 USER nginx
diff --git a/docker/ipv6-disable.sh b/docker/ipv6-disable.sh
index 4a9172b54c..5d0d00f463 100644
--- a/docker/ipv6-disable.sh
+++ b/docker/ipv6-disable.sh
@@ -1,13 +1,19 @@
 #!/usr/bin/env sh
 set -e
 
-DEFAULT_CONF_FILE="etc/nginx/conf.d/default.conf"
-
-if [ -f "/proc/net/if_inet6" ]; then
-    echo "info: IPv6 available."
-    exit 0
+if [ ! -f "/proc/net/if_inet6" ]; then
+  echo "info: IPv6 is not available! Removing IPv6 listen configuration"
+  find /etc/nginx/conf.d -name '*.conf' -type f | \
+  while IFS= read -r CONFIG; do
+    sed -r '/^\s*listen\s*\[::\]:.+$/d' "$CONFIG" > "$CONFIG.temp"
+    if ! diff -U 5 "$CONFIG" "$CONFIG.temp" > "$CONFIG.diff"; then
+      echo "info: Removing IPv6 lines from $CONFIG" | \
+      cat - "$CONFIG.diff"
+      echo "# IPv6 is disabled because /proc/net/if_inet6 was not found" | \
+      cat - "$CONFIG.temp" > "$CONFIG"
+    else
+      echo "info: Skipping $CONFIG because it does not have IPv6 listen"
+    fi
+    rm -f "$CONFIG.temp" "$CONFIG.diff"
+  done
 fi
-
-echo "info: IPv6 not available!"
-echo "info: Removing IPv6 lines from /$DEFAULT_CONF_FILE"
-sed -i 's/\(listen\s*\[::\].*\)$/#\1 # Disabled IPv6/' /${DEFAULT_CONF_FILE}
diff --git a/docker/templates/default.conf.template b/docker/templates/default.conf.template
index b68dfe2bbc..50b2e6cef6 100644
--- a/docker/templates/default.conf.template
+++ b/docker/templates/default.conf.template
@@ -1,7 +1,7 @@
 server {
   listen      ${VIKUNJA_HTTP_PORT};
   listen      [::]:${VIKUNJA_HTTP_PORT};
-   ## Needed when behind HAProxy with SSL termination + HTTP/2 support
+  ## Needed when behind HAProxy with SSL termination + HTTP/2 support
   listen      ${VIKUNJA_HTTP2_PORT}  default_server http2 proxy_protocol;
   listen      [::]:${VIKUNJA_HTTP2_PORT} default_server http2 proxy_protocol;