From d7053447058784caebad7fe3cf58166284146b2a Mon Sep 17 00:00:00 2001 From: Eugene Blikh Date: Tue, 19 May 2026 12:37:00 +0300 Subject: [PATCH] =?UTF-8?q?patches:=20ubuntu/genimg=20=E2=80=94=20fix=20gu?= =?UTF-8?q?est=20DNS=20(SLIRP=20proxy)=20and=20-p1=20hint?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- patches/builds-images-ubuntu-genimg.patch | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/patches/builds-images-ubuntu-genimg.patch b/patches/builds-images-ubuntu-genimg.patch index 25e27cbe186690fd63e80595d7aaa7a8388fe070..b650510bb4241ed01bcc0b792d5c7aedb95bf6df 100644 --- a/patches/builds-images-ubuntu-genimg.patch +++ b/patches/builds-images-ubuntu-genimg.patch @@ -27,10 +27,21 @@ fail on any host that doesn't happen to satisfy their hidden assumptions. so there's no risk of binding the wrong one. Rename the file to drop the stale interface-name hint. +4) Hard-coded public DNS (`8.8.8.8` / `9.9.9.9` / `1.1.1.1`) in the guest's + `/etc/resolv.conf` makes the VM resolve internal hostnames (e.g. + `git.srht.bigb.es`) to their *public* address. On a self-hosted forge whose + public IP routes back through the user's own ISP, the worker container + can't NAT-hairpin to itself and every `git clone` from a build dies with + "Couldn't connect to server". Use QEMU SLIRP's built-in DNS proxy + (`10.0.2.3`) instead: SLIRP forwards each query through the host process's + `/etc/resolv.conf`, which inside the worker container is Docker's embedded + resolver, which knows the LAN DNS — so internal hostnames resolve to the + LAN IP and the path stays entirely on-LAN. + Apply when refreshing the apk recipe tree on the image-builder host: cd /var/lib/images - patch -p0 < builds-images-ubuntu-genimg.patch + patch -p1 < builds-images-ubuntu-genimg.patch --- a/ubuntu/genimg +++ b/ubuntu/genimg @@ -42,11 +53,12 @@ Apply when refreshing the apk recipe tree on the image-builder host: trap cleanup EXIT if [ "$arch" = "amd64" ] -@@ -85,9 +86,9 @@ +@@ -85,9 +86,8 @@ rm -f /mnt/etc/resolv.conf - echo 'nameserver 8.8.8.8' >/mnt/etc/resolv.conf - echo 'nameserver 8.8.4.4' >>/mnt/etc/resolv.conf +-echo 'nameserver 8.8.8.8' >/mnt/etc/resolv.conf +-echo 'nameserver 8.8.4.4' >>/mnt/etc/resolv.conf -cat >/mnt/etc/systemd/network/25-ens3.network </mnt/etc/resolv.conf +cat >/mnt/etc/systemd/network/25-ethernet.network <