From 492b17045e593af5c6f72f93205373d84c25546a Mon Sep 17 00:00:00 2001 From: Florian Schwab Date: Sun, 17 May 2020 20:32:21 +0200 Subject: [PATCH] allow to set allowed and denied interfaces --- .gitlab-ci.yml | 9 +++++---- Dockerfile | 31 +++++++++++++++++++++++++------ README.md | 9 ++++++++- docker-entrypoint.sh | 11 +++++++++++ 4 files changed, 49 insertions(+), 11 deletions(-) create mode 100755 docker-entrypoint.sh diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6e389ac..c644807 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -9,29 +9,30 @@ stages: before_script: - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY} - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes + - export DOCKER_BUILD_ARGS="--build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` --build-arg VCS_REF=$CI_COMMIT_SHORT_SHA" build-amd64: stage: build script: - - docker build --build-arg ARCH=amd64 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-amd64 . + - docker build --build-arg ARCH=amd64 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-amd64 . - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-amd64 build-arm32v6: stage: build script: - - docker build --build-arg ARCH=arm32v6 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v6 . + - docker build --build-arg ARCH=arm32v6 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v6 . - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v6 build-arm32v7: stage: build script: - - docker build --build-arg ARCH=arm32v7 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v7 . + - docker build --build-arg ARCH=arm32v7 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v7 . - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v7 build-arm64v8: stage: build script: - - docker build --build-arg ARCH=arm64v8 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm64v8 . + - docker build --build-arg ARCH=arm64v8 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm64v8 . - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm64v8 release: diff --git a/Dockerfile b/Dockerfile index 87c1c24..3ab8f47 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,18 +1,37 @@ -# Base image +# base image ARG ARCH=amd64 -FROM $ARCH/alpine:3.10 +FROM $ARCH/alpine:3 -# Maintainer -MAINTAINER Florian Schwab +# args +ARG VCS_REF +ARG BUILD_DATE + +# labels +LABEL maintainer="Florian Schwab " \ + org.label-schema.schema-version="1.0" \ + org.label-schema.name="ydkn/avahi" \ + org.label-schema.description="Simple Avahi docker image" \ + org.label-schema.version="0.1" \ + org.label-schema.url="https://hub.docker.com/r/ydkn/avahi" \ + org.label-schema.vcs-url="https://gitlab.com/ydkn/docker-avahi" \ + org.label-schema.vcs-ref=$VCS_REF \ + org.label-schema.build-date=$BUILD_DATE # install packages RUN apk --no-cache --no-progress add avahi avahi-tools +# remove default services +RUN rm /etc/avahi/services/* + # disable d-bus RUN sed -i 's/.*enable-dbus=.*/enable-dbus=no/' /etc/avahi/avahi-daemon.conf -# volumes -VOLUME ["/etc/avahi/services"] +# entrypoint +ADD docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh +ENTRYPOINT [ "docker-entrypoint.sh" ] # default command CMD ["avahi-daemon"] + +# volumes +VOLUME ["/etc/avahi/services"] \ No newline at end of file diff --git a/README.md b/README.md index e0f2a11..2233242 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,15 @@ Put your service definition files in a directory and mount it as a volume to _/etc/avahi/services_. +### Options + +Configuration is done through environment variables. + +- **ALLOW_INTERFACES** set _allow-interfaces_ in avahi-daemon.conf +- **DENY_INTERFACES** set _deny-interfaces_ in avahi-daemon.conf + ## Start the container ```bash -docker run -d --restart always --net=host -v $(pwd)/services:/etc/avahi/services ydkn/avahi:latest +docker run -d --restart always --net=host -e ALLOW_INTERFACES=eth0 -v $(pwd)/services:/etc/avahi/services ydkn/avahi:latest ``` diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100755 index 0000000..854fa8e --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,11 @@ +#!/bin/sh -e + +if [ ! -z "${ALLOW_INTERFACES}" ]; then + sed -i "s/.*allow-interfaces=.*/allow-interfaces=${ALLOW_INTERFACES}/" /etc/avahi/avahi-daemon.conf +fi + +if [ ! -z "${DENY_INTERFACES}" ]; then + sed -i "s/.*deny-interfaces=.*/deny-interfaces=${DENY_INTERFACES}/" /etc/avahi/avahi-daemon.conf +fi + +exec "$@"