jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
infrastructure/scripts/mikrotik-containers-bridge-setup.rsc
XTRM-Unraid e5e76871bb
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
Add Tailscale container and bridge setup 
- Added mikrotik-containers-bridge-setup.rsc for shared container networking
- Added mikrotik-tailscale-setup.rsc for Tailscale container
- Added docs/10-MIKROTIK-TAILSCALE.md with full documentation
- Both containers now use containers-br bridge (172.17.0.1/24)
- AdGuard: 172.17.0.2, Tailscale: 172.17.0.3
2026-01-25 15:33:34 +02:00

44 lines
1.9 KiB
Plaintext
Raw Permalink Blame History

# MikroTik Container Bridge Setup Script
# Created: 2026-01-25
# Repository: https://git.xtrm-lab.org/jazzymc/infrastructure
#
# Run this FIRST before setting up containers
# Creates shared bridge for all containers
#------------------------------------------------------------
# Variables
#------------------------------------------------------------
:local bridgeName "containers-br"
:local bridgeIP "172.17.0.1"
:local bridgeNet "172.17.0.0/24"
:local wanInterface "eth1_WAN"
#------------------------------------------------------------
# 1. Create bridge for containers
#------------------------------------------------------------
/interface bridge add name=$bridgeName
#------------------------------------------------------------
# 2. Add IP address to bridge
#------------------------------------------------------------
/ip address add address=$bridgeIP/24 interface=$bridgeName
#------------------------------------------------------------
# 3. Firewall - Allow container network traffic
#------------------------------------------------------------
# Input chain
/ip firewall filter add chain=input action=accept dst-address=$bridgeNet comment="Allow container network"
/ip firewall filter add chain=input action=accept src-address=$bridgeNet comment="Allow from container network"
# Forward chain
/ip firewall filter add chain=forward action=accept dst-address=$bridgeNet comment="Allow to container network"
/ip firewall filter add chain=forward action=accept src-address=$bridgeNet comment="Allow from container network"
#------------------------------------------------------------
# 4. NAT - Masquerade for container outbound traffic
#------------------------------------------------------------
/ip firewall nat add chain=srcnat action=masquerade src-address=$bridgeNet out-interface=$wanInterface comment="Container outbound NAT"
:log info "Container bridge setup complete"
:log info "Bridge: $bridgeName with IP $bridgeIP/24"
Reference in New Issue View Git Blame Copy Permalink