fickit: add helper script to simplify nsenter

configs/nsenter_iptables.sh

@@ -0,0 +1,19 @@
+#!/bin/sh
+
+if [ -d /containers/onboot/004-admin-ip-setup ]; then
+    LOWER=/containers/onboot/004-admin-ip-setup
+elif [ -d /containers/onboot/004-nginx-ip-setup ]; then
+    LOWER=/containers/onboot/004-nginx-ip-setup
+else
+    nsenter -t 1 -a "$0" $@
+    exit $?
+fi
+
+mount -t tmpfs none $LOWER/run
+
+chroot $LOWER iptables $@
+EXIT=$?
+
+umount $LOWER/run
+
+exit ${EXIT}

configs/nsenter_mysql.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+
+nsenter -t $(pgrep mysql | head -1) -a mysql $@

configs/nsenter_process.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+PROC="$1"
+shift
+
+nsenter -t $(pgrep "$PROC" | head -1) $@
+exit $?

fickit-backend.yml

@@ -237,6 +237,9 @@ services:
     binds:
       - /etc/hosts:/etc/hosts:ro
       - /root/.ssh/:/root/.ssh/:ro
+      - /usr/bin/iptables:/usr/bin/iptables:ro
+      - /usr/bin/mysql:/usr/bin/mysql:ro
+      - /usr/bin/pnsenter:/usr/bin/pnsenter:ro
       - /var/lib/fic/outofsync:/var/lib/fic/outofsync
       - /var/lib/fic/raw_files:/mnt/fic
     capabilities:
@@ -280,6 +283,16 @@ files:
     source: configs/id_ed25519
     mode: "0400"
 
+  - path: usr/bin/iptables
+    source: configs/nsenter_iptables.sh
+    mode: "0755"
+  - path: usr/bin/mysql
+    source: configs/nsenter_mysql.sh
+    mode: "0755"
+  - path: usr/bin/pnsenter
+    source: configs/nsenter_process.sh
+    mode: "0755"
+
   - path: etc/mysql/conf.d/max-conn.cnf
     contents: |
       [mysqld]

fickit-frontend.yml

@@ -405,6 +405,13 @@ files:
     source: frontend/static/robots.txt
     mode: "0644"
 
+  - path: usr/bin/iptables
+    source: configs/nsenter_iptables.sh
+    mode: "0755"
+  - path: usr/bin/pnsenter
+    source: configs/nsenter_process.sh
+    mode: "0755"
+
   - path: etc/dhcpcd.conf
     contents: |
       allowinterfaces internet