[osbs] add candidate registry to iptables

2020-06-23 13:27:41 +01:00 · 2020-06-23 13:27:41 +01:00 · 63ff40869c
commit 63ff40869c
parent 5e78f70118
1 changed files with 9 additions and 2 deletions
--- a/files/osbs/fix-docker-iptables.production
+++ b/files/osbs/fix-docker-iptables.production
@ -29,13 +29,20 @@ iptables -A FILTER_FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
 iptables -A FILTER_FORWARD --src 10.1.0.0/16 --dst 10.1.0.0/16 -j ACCEPT

 # Now insert access to allowed boxes
-# docker-registry
-#iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.5.125.56 --dport 443 -j ACCEPT
+# docker-registry aws cdn
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.34 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.23 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.73 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.88 --dport 80 -j ACCEPT
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.34 --dport 443 -j ACCEPT
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.23 --dport 443 -j ACCEPT
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.73 --dport 443 -j ACCEPT
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 54.230.74.88 --dport 443 -j ACCEPT

+# Candidate registry
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.169.102 --dport 80 -j ACCEPT
+iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.169.102 --dport 443 -j ACCEPT
+
 #koji.fp.o
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.169.104 --dport 80 -j ACCEPT
 iptables -A FILTER_FORWARD -p tcp -m tcp -d 10.3.169.104 --dport 443 -j ACCEPT