Skip to content
Snippets Groups Projects
Commit 085fd0a2 authored by Sam McLeod's avatar Sam McLeod
Browse files

feat: add options for allowing stop and start

parent 41d6a276
Branches
Tags
No related merge requests found
...@@ -125,6 +125,9 @@ extremely critical but can expose some information that your service does not ne ...@@ -125,6 +125,9 @@ extremely critical but can expose some information that your service does not ne
- `COMMIT` - `COMMIT`
- `CONFIGS` - `CONFIGS`
- `CONTAINERS` - `CONTAINERS`
- `ALLOW_START` (containers/`id`/`start`)
- `ALLOW_STOP` (containers/`id`/`stop`)
- `ALLOW_RESTARTS` (containers/`id`/`stop`|`restart`|`kill`)
- `DISTRIBUTION` - `DISTRIBUTION`
- `EXEC` - `EXEC`
- `GRPC` - `GRPC`
......
...@@ -47,6 +47,8 @@ frontend dockerfrontend ...@@ -47,6 +47,8 @@ frontend dockerfrontend
bind :2375 bind :2375
http-request deny unless METH_GET || { env(POST) -m bool } http-request deny unless METH_GET || { env(POST) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/start } { env(ALLOW_START) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/stop } { env(ALLOW_STOP) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool } http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment