remove "force add"
This commit is contained in:
Chai Feng
parent
4ab8060b92
commit
36afb81244
@ -31,7 +31,6 @@ function run-ufw-docker() {
|
|||||||
declare -a docker_opts=(run --rm -t --name "ufw-docker-agent-${RANDOM}-$(date '+%Y%m%d%H%M%S')"
|
declare -a docker_opts=(run --rm -t --name "ufw-docker-agent-${RANDOM}-$(date '+%Y%m%d%H%M%S')"
|
||||||
--cap-add NET_ADMIN --network host
|
--cap-add NET_ADMIN --network host
|
||||||
--env "DEBUG=${DEBUG}"
|
--env "DEBUG=${DEBUG}"
|
||||||
--env "UFW_DOCKER_FORCE_ADD=yes"
|
|
||||||
-v /var/run/docker.sock:/var/run/docker.sock
|
-v /var/run/docker.sock:/var/run/docker.sock
|
||||||
-v /etc/ufw:/etc/ufw "${ufw_docker_agent_image}" "$@")
|
-v /etc/ufw:/etc/ufw "${ufw_docker_agent_image}" "$@")
|
||||||
docker "${docker_opts[@]}"
|
docker "${docker_opts[@]}"
|
||||||
|
|||||||
@ -51,13 +51,6 @@ function ufw-docker--allow() {
|
|||||||
|
|
||||||
mapfile -t PORT_PROTO_LIST < <(docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}}{{with $conf}}{{$p}}{{"\n"}}{{end}}{{end}}' "$INSTANCE_NAME" | remove_blank_lines)
|
mapfile -t PORT_PROTO_LIST < <(docker inspect --format='{{range $p, $conf := .NetworkSettings.Ports}}{{with $conf}}{{$p}}{{"\n"}}{{end}}{{end}}' "$INSTANCE_NAME" | remove_blank_lines)
|
||||||
|
|
||||||
if [[ "${UFW_DOCKER_FORCE_ADD:-}" = "yes" ]]; then
|
|
||||||
for IP in "${INSTANCE_IP_ADDRESSES[@]}"; do
|
|
||||||
ufw-docker--add-rule "$INSTANCE_NAME" "$IP" "${INSTANCE_PORT}" "${PROTO}"
|
|
||||||
done
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ -z "${PORT_PROTO_LIST:-}" ]]; then
|
if [[ -z "${PORT_PROTO_LIST:-}" ]]; then
|
||||||
err "\"$INSTANCE_NAME\" doesn't have any published ports."
|
err "\"$INSTANCE_NAME\" doesn't have any published ports."
|
||||||
return 1
|
return 1
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user