From 84144a30f77fe9bd60de1a14f730e71960172aad Mon Sep 17 00:00:00 2001
From: kev <vimagick@gmail.com>
Date: Sun, 14 Jun 2015 15:15:04 +0800
Subject: [PATCH] fix /dev/net/tun

---
 tinc/Dockerfile         | 16 ++++++++++------
 tinc/README.md          |  9 +++------
 tinc/docker-compose.yml |  6 +++---
 3 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/tinc/Dockerfile b/tinc/Dockerfile
index 2160e45..5d18c67 100644
--- a/tinc/Dockerfile
+++ b/tinc/Dockerfile
@@ -9,10 +9,11 @@ ENV NETNAME netname
 ENV PIDFILE /run/tinc.$NETNAME.pid
 ENV VERBOSE 2
 ENV ADDRESS 10.0.0.1
+ENV NETWORK 10.0.0.0/24
 ENV NETMASK 255.255.255.0
 
 RUN apt-get update \
-    && apt-get install -y net-tools tinc \
+    && apt-get install -y iptables net-tools tinc \
     && rm -rf /var/lib/apt/lists/* \
     && mkdir -p /etc/tinc/$NETNAME/hosts
 
@@ -26,10 +27,13 @@ RUN /bin/echo -e "Name=server\\nAddressFamily=ipv4\\nInterface=tun0" > tinc.conf
     && chmod +x tinc-up tinc-down
 
 VOLUME /etc/tinc
-EXPOSE 655/udp
+EXPOSE 655
 
-CMD tincd --no-detach \
-          --net $NETNAME \
-          --pidfile $PIDFILE \
-          --debug $VERBOSE
+CMD mkdir -p /dev/net \
+    && [ -e /dev/net/tun ] || mknod /dev/net/tun c 10 200 \
+    && iptables -t nat -A POSTROUTING -s $NETWORK -o eth0 -j MASQUERADE \
+    && tincd --no-detach \
+             --net $NETNAME \
+             --pidfile $PIDFILE \
+             --debug $VERBOSE
 
diff --git a/tinc/README.md b/tinc/README.md
index bb2c893..6df09c8 100644
--- a/tinc/README.md
+++ b/tinc/README.md
@@ -32,21 +32,18 @@ To use this image, you need to:
 server:
   image: vimagick/tinc
   ports:
-    - "655:655/udp"
+    - "655:655"
   volumes:
     - tinc:/etc/tinc
-  net: host
-  privileged: true
+  cap_add:
+    - NET_ADMIN
   restart: always
 ```
 
-> TODO: I haven't figure out how to make `net: bridge` work yet!
-
 ## server
 
 ```
 $ fig up -d
-$ iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE
 ```
 
 [1]: http://tinc-vpn.org/
diff --git a/tinc/docker-compose.yml b/tinc/docker-compose.yml
index e3402c7..255bffe 100644
--- a/tinc/docker-compose.yml
+++ b/tinc/docker-compose.yml
@@ -1,9 +1,9 @@
 server:
   image: vimagick/tinc
   ports:
-    - "655:655/udp"
+    - "655:655"
   volumes:
     - tinc:/etc/tinc
-  net: host
-  privileged: true
+  cat_add:
+    - NET_ADMIN
   restart: always