fic
/
server
2
0
Fork 0
Code Issues Pull Requests 10 Releases Wiki Activity

fickit: Fix whitelist of remote sync IP

This commit is contained in:
nemunaire 2024-03-27 21:36:47 +01:00
parent c0188e6d52
commit d98aa1c269
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fickit-frontend.yml
View File

@ -121,10 +121,11 @@ onboot:
- name: firewall-frontal
image: linuxkit/ip:v1.0.0
command: ["/bin/bash", "-c", "/sbin/iptables-restore < /etc/iptables/rules-frontal.v4; /sbin/ip6tables-restore < /etc/iptables/rules.v6; [ -f /run/config/remote_sync/destination ] && /sbin/iptables -I OUTPUT 7 -o bond-frontal -d $(cat /run/config/remote_sync/destination | tr -d '\n') -p tcp -m tcp --dport https -J ACCEPT;" ]
command: ["/bin/bash", "-c", "/sbin/iptables-restore < /etc/iptables/rules-frontal.v4; /sbin/ip6tables-restore < /etc/iptables/rules.v6; [ -f /run/config/remote_sync/destination ] && /sbin/iptables -I OUTPUT 7 -o bond-frontal -d $(cat /run/config/remote_sync/destination | tr -d '\n') -p tcp -m tcp --dport https -j ACCEPT;" ]
binds:
- /etc/iptables/rules-frontal.v4:/etc/iptables/rules-frontal.v4:ro
- /etc/iptables/rules.v6:/etc/iptables/rules.v6:ro
- /etc/resolv.conf:/etc/resolv.conf:ro
- /run/config/remote_sync/:/run/config/remote_sync/:ro
net: /run/netns/nginx
- name: firewall-sshd