From 07fb6c2a4d3cadd9996ed436b991c8413aafce49 Mon Sep 17 00:00:00 2001
From: Aaron Dewes <aaron@runcitadel.space>
Date: Mon, 14 Aug 2023 08:25:58 +0200
Subject: [PATCH 1/3] Load nf_tables in preparation of Alpine 3.19

https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/47102 changes the default iptables backend to nf_tables. To prepare for the change (and to make sure it's not forgotten once DinD is updated), load nf_tables into the kernel.
---
 24/dind/dockerd-entrypoint.sh    | 1 +
 25-rc/dind/dockerd-entrypoint.sh | 1 +
 dockerd-entrypoint.sh            | 1 +
 3 files changed, 3 insertions(+)

diff --git a/24/dind/dockerd-entrypoint.sh b/24/dind/dockerd-entrypoint.sh
index 00819384b..60a4f5627 100755
--- a/24/dind/dockerd-entrypoint.sh
+++ b/24/dind/dockerd-entrypoint.sh
@@ -148,6 +148,7 @@ if [ "$1" = 'dockerd' ]; then
 		# https://github.com/docker-library/docker/issues/350
 		# https://github.com/moby/moby/issues/26824
 		modprobe ip_tables || :
+		modprobe nf_tables || :
 	fi
 
 	uid="$(id -u)"
diff --git a/25-rc/dind/dockerd-entrypoint.sh b/25-rc/dind/dockerd-entrypoint.sh
index 00819384b..60a4f5627 100755
--- a/25-rc/dind/dockerd-entrypoint.sh
+++ b/25-rc/dind/dockerd-entrypoint.sh
@@ -148,6 +148,7 @@ if [ "$1" = 'dockerd' ]; then
 		# https://github.com/docker-library/docker/issues/350
 		# https://github.com/moby/moby/issues/26824
 		modprobe ip_tables || :
+		modprobe nf_tables || :
 	fi
 
 	uid="$(id -u)"
diff --git a/dockerd-entrypoint.sh b/dockerd-entrypoint.sh
index 00819384b..60a4f5627 100755
--- a/dockerd-entrypoint.sh
+++ b/dockerd-entrypoint.sh
@@ -148,6 +148,7 @@ if [ "$1" = 'dockerd' ]; then
 		# https://github.com/docker-library/docker/issues/350
 		# https://github.com/moby/moby/issues/26824
 		modprobe ip_tables || :
+		modprobe nf_tables || :
 	fi
 
 	uid="$(id -u)"

From 4c2674df4f40c965cdb8ccc77b8ce9dbc247a6c9 Mon Sep 17 00:00:00 2001
From: Jesper Noordsij <jesper.noordsij@gmail.com>
Date: Thu, 14 Dec 2023 10:13:53 +0100
Subject: [PATCH 2/3] Remove ip_tables in favor of nf_tables in dockerd
 entrypoint fallback

---
 24/dind/dockerd-entrypoint.sh    | 2 +-
 25-rc/dind/dockerd-entrypoint.sh | 2 +-
 dockerd-entrypoint.sh            | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/24/dind/dockerd-entrypoint.sh b/24/dind/dockerd-entrypoint.sh
index 60a4f5627..056ee2ae0 100755
--- a/24/dind/dockerd-entrypoint.sh
+++ b/24/dind/dockerd-entrypoint.sh
@@ -147,7 +147,7 @@ if [ "$1" = 'dockerd' ]; then
 		# if iptables fails to run, chances are high the necessary kernel modules aren't loaded (perhaps the host is using nftables with the translating "iptables" wrappers, for example)
 		# https://github.com/docker-library/docker/issues/350
 		# https://github.com/moby/moby/issues/26824
-		modprobe ip_tables || :
+		# https://github.com/docker-library/docker/pull/437#issuecomment-1854900620
 		modprobe nf_tables || :
 	fi
 
diff --git a/25-rc/dind/dockerd-entrypoint.sh b/25-rc/dind/dockerd-entrypoint.sh
index 60a4f5627..056ee2ae0 100755
--- a/25-rc/dind/dockerd-entrypoint.sh
+++ b/25-rc/dind/dockerd-entrypoint.sh
@@ -147,7 +147,7 @@ if [ "$1" = 'dockerd' ]; then
 		# if iptables fails to run, chances are high the necessary kernel modules aren't loaded (perhaps the host is using nftables with the translating "iptables" wrappers, for example)
 		# https://github.com/docker-library/docker/issues/350
 		# https://github.com/moby/moby/issues/26824
-		modprobe ip_tables || :
+		# https://github.com/docker-library/docker/pull/437#issuecomment-1854900620
 		modprobe nf_tables || :
 	fi
 
diff --git a/dockerd-entrypoint.sh b/dockerd-entrypoint.sh
index 60a4f5627..056ee2ae0 100755
--- a/dockerd-entrypoint.sh
+++ b/dockerd-entrypoint.sh
@@ -147,7 +147,7 @@ if [ "$1" = 'dockerd' ]; then
 		# if iptables fails to run, chances are high the necessary kernel modules aren't loaded (perhaps the host is using nftables with the translating "iptables" wrappers, for example)
 		# https://github.com/docker-library/docker/issues/350
 		# https://github.com/moby/moby/issues/26824
-		modprobe ip_tables || :
+		# https://github.com/docker-library/docker/pull/437#issuecomment-1854900620
 		modprobe nf_tables || :
 	fi
 

From 18bbfb7d201fc854d6bf9ee589f55290a543f209 Mon Sep 17 00:00:00 2001
From: Jesper Noordsij <jesper@sslleiden.nl>
Date: Thu, 7 Dec 2023 10:54:36 +0100
Subject: [PATCH 3/3] Update to Alpine 3.19

---
 24/cli/Dockerfile       | 2 +-
 25-rc/cli/Dockerfile    | 2 +-
 Dockerfile-cli.template | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/24/cli/Dockerfile b/24/cli/Dockerfile
index 3f2960ac4..f385b9608 100644
--- a/24/cli/Dockerfile
+++ b/24/cli/Dockerfile
@@ -4,7 +4,7 @@
 # PLEASE DO NOT EDIT IT DIRECTLY.
 #
 
-FROM alpine:3.18
+FROM alpine:3.19
 
 RUN apk add --no-cache \
 		ca-certificates \
diff --git a/25-rc/cli/Dockerfile b/25-rc/cli/Dockerfile
index 759ac327a..b1ac0aa74 100644
--- a/25-rc/cli/Dockerfile
+++ b/25-rc/cli/Dockerfile
@@ -4,7 +4,7 @@
 # PLEASE DO NOT EDIT IT DIRECTLY.
 #
 
-FROM alpine:3.18
+FROM alpine:3.19
 
 RUN apk add --no-cache \
 		ca-certificates \
diff --git a/Dockerfile-cli.template b/Dockerfile-cli.template
index 1ae00e841..05c75697b 100644
--- a/Dockerfile-cli.template
+++ b/Dockerfile-cli.template
@@ -1,5 +1,5 @@
 {{ include "shared" -}}
-FROM alpine:3.18
+FROM alpine:3.19
 
 RUN apk add --no-cache \
 		ca-certificates \