From 20feaa39e84d28322d6c1098b6384153fe8b7583 Mon Sep 17 00:00:00 2001
From: sholdee <sholdee@gmail.com>
Date: Thu, 4 Jul 2024 13:31:24 -0500
Subject: [PATCH] add http health check

---
 Dockerfile     |  8 ++++++--
 Makefile       |  2 +-
 README.md      |  8 ++++++++
 entrypoint.sh  |  5 ++++-
 healthcheck.go | 35 +++++++++++++++++++++++++++++++++++
 5 files changed, 54 insertions(+), 4 deletions(-)
 create mode 100644 healthcheck.go

diff --git a/Dockerfile b/Dockerfile
index db5684d..125e645 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,25 +8,29 @@ ARG wg_tools_tag=v1.0.20210914
 
 RUN apk add --update git build-base libmnl-dev iptables
 
-RUN git clone https://git.zx2c4.com/wireguard-go && \
+RUN git clone https://github.com/WireGuard/wireguard-go && \
     cd wireguard-go && \
     git checkout $wg_go_tag && \
     make && \
     make install
 
 ENV WITH_WGQUICK=yes
-RUN git clone https://git.zx2c4.com/wireguard-tools && \
+RUN git clone https://github.com/WireGuard/wireguard-tools && \
     cd wireguard-tools && \
     git checkout $wg_tools_tag && \
     cd src && \
     make && \
     make install
 
+COPY healthcheck.go /go/src/healthcheck.go
+RUN go build -o /go/bin/healthcheck /go/src/healthcheck.go
+
 FROM alpine:${ALPINE_VERSION}
 
 RUN apk add --no-cache --update bash libmnl iptables openresolv iproute2
 
 COPY --from=builder /usr/bin/wireguard-go /usr/bin/wg* /usr/bin/
+COPY --from=builder /go/bin/healthcheck /usr/bin/healthcheck
 COPY entrypoint.sh /entrypoint.sh
 
 CMD ["/entrypoint.sh"]
diff --git a/Makefile b/Makefile
index 1d47d3f..8640ca4 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 .PHONY: buildx_container build_and_push
 
-DOCKER_REGISTRY ?= masipcat/wireguard-go
+DOCKER_REGISTRY ?= sholdee/wireguard-go-docker
 
 buildx_container:
 	docker buildx create \
diff --git a/README.md b/README.md
index 6aa4b0b..ac353a1 100644
--- a/README.md
+++ b/README.md
@@ -134,6 +134,14 @@ spec:
           - containerPort: 51820
             protocol: UDP
             name: wireguard
+          - containerPort: 8080
+            protocol: TCP
+            name: healthcheck
+          livenessProbe: &probe
+            httpGet:
+              path: /
+              port: healthcheck
+          readinessProbe: *probe
           env:
           - name: LOG_LEVEL
             value: info
diff --git a/entrypoint.sh b/entrypoint.sh
index cb33c0a..20a3d72 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -8,6 +8,9 @@ trap finish SIGTERM SIGINT SIGQUIT
 
 wg-quick up /etc/wireguard/wg0.conf
 
-# Inifinite sleep
+# Infinite sleep
 sleep infinity &
+
+# Health check
+/usr/bin/healthcheck &
 wait $!
diff --git a/healthcheck.go b/healthcheck.go
new file mode 100644
index 0000000..67f5b79
--- /dev/null
+++ b/healthcheck.go
@@ -0,0 +1,35 @@
+package main
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"strings"
+)
+
+func isLinkUp(interfaceName string) bool {
+	content, err := ioutil.ReadFile("/sys/class/net/" + interfaceName + "/carrier")
+	if err != nil {
+		return false
+	}
+	return strings.TrimSpace(string(content)) == "1"
+}
+
+func healthCheckHandler(w http.ResponseWriter, r *http.Request) {
+	if isLinkUp("wg0") {
+		w.WriteHeader(http.StatusOK)
+		fmt.Fprintf(w, "status: OK\n")
+	} else {
+		w.WriteHeader(http.StatusServiceUnavailable)
+		fmt.Fprintf(w, "status: KO\n")
+	}
+}
+
+func main() {
+	http.HandleFunc("/", healthCheckHandler)
+	if err := http.ListenAndServe(":8080", nil); err != nil {
+		fmt.Printf("Failed to start server: %v\n", err)
+		os.Exit(1)
+	}
+}