rename fix-docker-iptabes to fix-docker-iptables, allow access to mirrors.fp.o and dl.phx2 on docker0
Signed-off-by: Adam Miller <admiller@redhat.com>
This commit is contained in:
Adam Miller
parent
a1bad30c03
commit
82ab248018
3 changed files with 19 additions and 10 deletions
|
|
@ -17,7 +17,7 @@ ExecStart=/bin/sh -c '/usr/bin/docker daemon \
|
|||
$DOCKER_NETWORK_OPTIONS \
|
||||
$INSECURE_REGISTRY \
|
||||
2>&1 | /usr/bin/forward-journald -tag docker'
|
||||
ExecStartPost=/usr/local/bin/fix-docker-iptabes
|
||||
ExecStartPost=/usr/local/bin/fix-docker-iptables
|
||||
LimitNOFILE=1048576
|
||||
LimitNPROC=1048576
|
||||
LimitCORE=infinity
|
||||
|
|
|
|||
|
|
@ -20,14 +20,6 @@ iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.217 --dport 443 -j ACCE
|
|||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.87 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.87 --dport 443 -j ACCEPT
|
||||
|
||||
# kojipkgs.stg
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.125.87 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.125.87 --dport 443 -j ACCEPT
|
||||
|
||||
# kojipkgs
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.125.36 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.125.36 --dport 443 -j ACCEPT
|
||||
|
||||
# pkgs.stg
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.83 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.83 --dport 443 -j ACCEPT
|
||||
|
|
@ -37,6 +29,23 @@ iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.83 --dport 9418 -j ACCE
|
|||
iptables -A FORWARD -i docker0 -p udp -m udp -d 10.5.126.21 --dport 53 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p udp -m udp -d 10.5.126.22 --dport 53 -j ACCEPT
|
||||
|
||||
# mirrors.fp.o
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.51 --dport 443 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.52 --dport 443 -j ACCEPT
|
||||
|
||||
# dl.phx2
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.93 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.93 --dport 443 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.94 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.94 --dport 443 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.95 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.95 --dport 443 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.96 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.96 --dport 443 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.97 --dport 80 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p tcp -m tcp -d 10.5.126.97 --dport 443 -j ACCEPT
|
||||
|
||||
|
||||
# Docker is CRAZY and forces Google DNS upon us.....
|
||||
iptables -A FORWARD -i docker0 -p udp -m udp -d 8.8.8.8 --dport 53 -j ACCEPT
|
||||
iptables -A FORWARD -i docker0 -p udp -m udp -d 8.8.4.4 --dport 53 -j ACCEPT
|
||||
|
|
@ -120,7 +120,7 @@
|
|||
when: osbs_export_dir is defined
|
||||
|
||||
- name: copy docker iptables script
|
||||
copy: src=fix-docker-iptables dest=/usr/local/bin/fix-docker-iptabes mode=0755
|
||||
copy: src=fix-docker-iptables dest=/usr/local/bin/fix-docker-iptables mode=0755
|
||||
|
||||
- name: copy docker service config
|
||||
copy: src=docker.service dest=/etc/systemd/system/docker.service
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue