allow to set allowed and denied interfaces

2020-05-17 20:32:21 +02:00 · 2020-05-17 20:32:21 +02:00 · 492b17045e
commit 492b17045e
parent a91b31b991
4 changed files with 49 additions and 11 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -9,29 +9,30 @@ stages:
 before_script:
  - docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY}
  - docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
  - export DOCKER_BUILD_ARGS="--build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` --build-arg VCS_REF=$CI_COMMIT_SHORT_SHA"
 build-amd64:
  stage: build
  script:
-    - docker build --build-arg ARCH=amd64 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-amd64 .
+    - docker build --build-arg ARCH=amd64 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-amd64 .
    - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-amd64
 build-arm32v6:
  stage: build
  script:
-    - docker build --build-arg ARCH=arm32v6 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v6 .
+    - docker build --build-arg ARCH=arm32v6 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v6 .
    - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v6
 build-arm32v7:
  stage: build
  script:
-    - docker build --build-arg ARCH=arm32v7 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v7 .
+    - docker build --build-arg ARCH=arm32v7 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v7 .
    - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm32v7
 build-arm64v8:
  stage: build
  script:
-    - docker build --build-arg ARCH=arm64v8 -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm64v8 .
+    - docker build --build-arg ARCH=arm64v8 $DOCKER_BUILD_ARGS -t ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm64v8 .
    - docker push ${CI_REGISTRY_IMAGE}:${CI_PIPELINE_ID}-arm64v8
 release:
--- a/31
+++ b/31
@ -1,18 +1,37 @@
-# Base image
+# base image
 ARG ARCH=amd64
-FROM $ARCH/alpine:3.10
+FROM $ARCH/alpine:3
-# Maintainer
+# args
-MAINTAINER Florian Schwab <me@ydkn.io>
+ARG VCS_REF
 ARG BUILD_DATE
 # labels
 LABEL maintainer="Florian Schwab <me@ydkn.io>" \
  org.label-schema.schema-version="1.0" \
  org.label-schema.name="ydkn/avahi" \
  org.label-schema.description="Simple Avahi docker image" \
  org.label-schema.version="0.1" \
  org.label-schema.url="https://hub.docker.com/r/ydkn/avahi" \
  org.label-schema.vcs-url="https://gitlab.com/ydkn/docker-avahi" \
  org.label-schema.vcs-ref=$VCS_REF \
  org.label-schema.build-date=$BUILD_DATE
 # install packages
 RUN apk --no-cache --no-progress add avahi avahi-tools
 # remove default services
 RUN rm /etc/avahi/services/*
 # disable d-bus
 RUN sed -i 's/.*enable-dbus=.*/enable-dbus=no/' /etc/avahi/avahi-daemon.conf
-# volumes
+# entrypoint
-VOLUME ["/etc/avahi/services"]
+ADD docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 ENTRYPOINT [ "docker-entrypoint.sh" ]
 # default command
 CMD ["avahi-daemon"]
 # volumes
 VOLUME ["/etc/avahi/services"]
--- a/README.md
+++ b/README.md
@ -4,8 +4,15 @@
 Put your service definition files in a directory and mount it as a volume to _/etc/avahi/services_.
 ### Options
 Configuration is done through environment variables.
 - **ALLOW_INTERFACES** set _allow-interfaces_ in avahi-daemon.conf
 - **DENY_INTERFACES** set _deny-interfaces_ in avahi-daemon.conf
 ## Start the container
 ```bash
-docker run -d --restart always --net=host -v $(pwd)/services:/etc/avahi/services ydkn/avahi:latest
+docker run -d --restart always --net=host -e ALLOW_INTERFACES=eth0 -v $(pwd)/services:/etc/avahi/services ydkn/avahi:latest
 ```
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -0,0 +1,11 @@
 #!/bin/sh -e
 if [ ! -z "${ALLOW_INTERFACES}" ]; then
  sed -i "s/.*allow-interfaces=.*/allow-interfaces=${ALLOW_INTERFACES}/" /etc/avahi/avahi-daemon.conf
 fi
 if [ ! -z "${DENY_INTERFACES}" ]; then
  sed -i "s/.*deny-interfaces=.*/deny-interfaces=${DENY_INTERFACES}/" /etc/avahi/avahi-daemon.conf
 fi
 exec "$@"