Added firewall service file

2023-06-13 11:30:05 +00:00 · 2023-06-13 11:29:19 +00:00
3 changed files with 67 additions and 2 deletions
--- a/1
+++ b/1
@@ -1,4 +1,5 @@
 FROM proxy-scheduler:latest
 COPY scripts /scripts
+COPY firewall-letsencrypt.json /firewall-files

 ENTRYPOINT ["/scripts/scheduler.sh"]
--- a/firewall-letsencrypt.json
+++ b/firewall-letsencrypt.json
@@ -0,0 +1,62 @@
+{
+	"main": {
+		"SERVICE_NAME": "firewalls",
+		"DOMAIN": "null" 
+	},
+	"containers": [
+		{ 
+			"IMAGE": "registry.format.hu/firewall",
+			"NAME": "firewall",
+			"MEMORY": "64M",
+			"NETWORK": "host",
+			"SCALE": "0",
+			"VOLUMES": [
+				{
+				"SOURCE": "/run/",
+				"DEST": "/run/",
+				"TYPE": "rw"
+				},
+				{
+				"SOURCE": "/etc/user/config/services",
+				"DEST": "/services",
+				"TYPE": "ro"
+				},
+				{
+                                "SOURCE": "/etc/system/data/dns/hosts.local", 
+                                "DEST": "/etc/dns/hosts.local",
+                                "TYPE": "ro"
+                                },
+				{
+                                 "SOURCE": "/var/run/docker.sock",
+                                 "DEST": "/var/run/docker.sock",
+                                 "TYPE": "rw"
+                                 },
+                                 {
+                                 "SOURCE": "/usr/bin/docker",
+                                 "DEST": "/usr/bin/docker",
+                                 "TYPE": "ro"
+                                 }
+				],
+			"PORTS": [ ],
+			"READYNESS": [
+			        {"tcp": ""},
+			        {"HTTP": ""},
+				{"EXEC": "/ready.sh"}
+				],
+                        "ENVS": [ 
+               			{ "CHAIN": "DOCKER-USER" },
+                                { "SOURCE": "smarthostloadbalancer" },
+                                { "TARGET": "letsencrypt" },
+                                { "TYPE": "tcp" },
+                                { "TARGET_PORT": "80" },
+                                { "COMMENT": "letsencrypt" }
+                                ], 
+			"EXTRA": "--privileged --rm",
+			"DEPEND": "null",
+			"START_ON_BOOT": "false",
+			"CMD": "null",
+			"PRE_START": "null",
+			"POST_START": "null"
+		}
+	]
+}
--- a/scripts/check_certificates.sh
+++ b/scripts/check_certificates.sh
@@ -72,7 +72,8 @@ letsencrypt_certificates() {
 			LETS_ENCRYPT_VALUE="$(docker ps | grep letsencrypt | grep Up | wc -l)";
 			if [[ $LETS_ENCRYPT_VALUE -eq 0 ]] ; then
 				echo "Starting letsencrypt process";
-				LETSENCRYPT_TEMP_SERVICE_FILE=$(mktemp -p /tmp/);
+				cp -av /firewall-files/firewall-letsencrypt.json /tmp/;
+				LETSENCRYPT_TEMP_SERVICE_FILE=$(mktemp -p /tmp/)".json";
 				ENVS='[
 					{"DOMAIN": "'$DOMAIN'"},
 					{"TIMEOUT": "'$TIMEOUT'"},
@@ -86,7 +87,8 @@ letsencrypt_certificates() {
 					}
 				';
 				jq '.containers[0].ENVS |='"$ENVS"' | .containers[0].VOLUMES[.containers[0].VOLUMES|length]|='"$VOLUMES" $SERVICE_FILES/$LETSENCRYPT_SERVICE_NAME > $LETSENCRYPT_TEMP_SERVICE_FILE;
-				$service_exec $(basename $LETSENCRYPT_TEMP_SERVICE_FILE) start info;
+				$service_exec $(basename ${LETSENCRYPT_TEMP_SERVICE_FILE%.*}) start info;
+				rm -v /tmp/firewall-letsencrypt.json ;
 				break;
 			else
 				echo "Waiting "$TIMEOUT" second for previous letsencrypt process ending";
Author	SHA1	Message	Date
gyurix	3be0ce5c32	Added firewall service file	2023-06-13 11:30:05 +00:00
gyurix	8b9d83fff7	Added firewall service file	2023-06-13 11:29:19 +00:00