update node selector in Drone configuration and add nftables to Dockerfile
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
gyurix
@@ -3,7 +3,7 @@ type: kubernetes
|
||||
name: default
|
||||
|
||||
node_selector:
|
||||
physical-node: dev2
|
||||
physical-node: dev1
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
FROM alpine
|
||||
|
||||
RUN apk add --update --no-cache iptables iptables-legacy openssl jq curl ca-certificates busybox-extras docker-cli
|
||||
RUN apk add --update --no-cache iptables iptables-legacy openssl jq curl ca-certificates busybox-extras docker-cli nftables
|
||||
COPY firewall/ /firewall/
|
||||
CMD firewall/iptables-wrapper-installer.sh && /firewall/firewall-add
|
||||
|
||||
@@ -484,6 +484,9 @@ for source_ip_index in $(seq 1 $COUNT_SOURCE_IP); do
|
||||
else
|
||||
debug "$IPTABLES -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT"
|
||||
$IPTABLES -w -I $CHAIN -p $PROTOCOL $IPTABLES_OPTIONS -m comment --comment "$COMMENT" -j ACCEPT
|
||||
if [ "$IPTABLES" == "/usr/sbin/iptables" ]; then
|
||||
/usr/sbin/nft delete table ip raw 2>/dev/null || true
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
#############################
|
||||
|
||||
Reference in New Issue
Block a user