schiwagoa/ufw-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add service name in the env variable

Browse Source
This commit is contained in:
Chai Feng 2018-10-05 18:05:20 +08:00
parent 7e659b23c9
commit 8712595939
No known key found for this signature in database
GPG Key ID: 2DCD9A24E523FFD2
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker-entrypoint.sh
View File

@ -23,7 +23,7 @@ function update-ufw-rules() {
-e 's/="/ /' \ -e 's/="/ /' \
-e 's/"$//' | -e 's/"$//' |
while read id port; do while read id port; do
ufw-allow-or-deny-service "${id}" "${port}" ufw-allow-or-deny-service "${id}" "${port%*/}"
done done
} }

17
ufw-docker
View File

@ -161,6 +161,11 @@ function ufw-docker--get-service-id() {
docker service inspect "${service_name}" --format "{{.ID}}" docker service inspect "${service_name}" --format "{{.ID}}"
} }
function ufw-docker--get-service-name() {
declare service_name="$1"
docker service inspect "${service_name}" --format "{{.Spec.Name}}"
}
function ufw-docker--service-allow() { function ufw-docker--service-allow() {
declare service_name="$1" declare service_name="$1"
declare service_port="$2" declare service_port="$2"
@ -177,7 +182,8 @@ function ufw-docker--service-allow() {
service_port="${service_port%/*}" service_port="${service_port%/*}"
fi fi
service_id="$(ufw-docker--get-service-id "${service_name}")" declare service_id="$(ufw-docker--get-service-id "${service_name}")"
service_name="$(ufw-docker--get-service-name "${service_name}")"
declare -a service_env declare -a service_env
@ -185,7 +191,7 @@ function ufw-docker--service-allow() {
--format '{{range .Endpoint.Spec.Ports}}{{.PublishedPort}} {{.TargetPort}}/{{.Protocol}}{{"\n"}}{{end}}') --format '{{range .Endpoint.Spec.Ports}}{{.PublishedPort}} {{.TargetPort}}/{{.Protocol}}{{"\n"}}{{end}}')
while read -u 9 port target_port; do while read -u 9 port target_port; do
if [[ "$target_port" = "${service_port}/${service_proto}" ]]; then if [[ "$target_port" = "${service_port}/${service_proto}" ]]; then
service_env="ufw_public_${service_id}=${port}/${service_proto}" service_env="ufw_public_${service_id}=${service_name}/${port}/${service_proto}"
break; break;
fi fi
done done
@ -216,10 +222,11 @@ function ufw-docker--service-allow() {
} }
function ufw-docker--service-delete() { function ufw-docker--service-delete() {
service_name="$1" declare service_name="$1"
service_id="$(ufw-docker--get-service-id "${service_name}")" declare service_id="$(ufw-docker--get-service-id "${service_name}")"
service_env="ufw_public_${service_id}=deny" service_name="$(ufw-docker--get-service-name "${service_name}")"
declare service_env="ufw_public_${service_id}=${service_name}/deny"
docker service update --update-parallelism=0 \ docker service update --update-parallelism=0 \
--env-add ufw_docker_agent_image="${ufw_docker_agent_image}" \ --env-add ufw_docker_agent_image="${ufw_docker_agent_image}" \