FEATURE: allow publishing docker dev either locally or net wide

Previously we had no control over how internal ports in the containter got
published.

Following UNICORN_BIND_ALL=true setting this broke docker dev env and exposed
this weakness.

The new `d/boot_dev` will only export on localhost, if you wish to export
network with use `d/boot_dev -p`
This commit is contained in:
Sam Saffron 2019-11-04 12:51:35 +11:00
parent 7eb26e5bbb
commit ff33899323
1 changed files with 10 additions and 4 deletions

View File

@ -13,11 +13,13 @@ Usage: ${0##*/} [-e VAR=VAL] [--env VAR=VAL] [--env-file filename] [-h] [--init]
-e, --env set environment variables -e, --env set environment variables
--env-file pass in a file containing a list of environment variable assignments --env-file pass in a file containing a list of environment variable assignments
--init perform first-time initialization --init perform first-time initialization
-p --net-public publish ports on container on 0.0.0.0 (less secure as users on LAN may see dev env)
EOF EOF
} }
initialize="" initialize=""
ENV_ARGS="" ENV_ARGS=""
local_publish="127.0.0.1"
while [ "${#@}" -ne "0" ]; do while [ "${#@}" -ne "0" ]; do
case "$1" in case "$1" in
@ -28,6 +30,9 @@ while [ "${#@}" -ne "0" ]; do
-i | --init) -i | --init)
initialize="initialize" initialize="initialize"
;; ;;
-p | --net-public)
local_publish="0.0.0.0"
;;
-e | --env) -e | --env)
if [ -z "$2" ]; then if [ -z "$2" ]; then
show_help show_help
@ -76,12 +81,13 @@ done
docker pull discourse/discourse_dev:release docker pull discourse/discourse_dev:release
docker run -d \ docker run -d \
-p 1080:1080 \ -p $local_publish:1080:1080 \
-p 3000:3000 \ -p $local_publish:3000:3000 \
-p 9292:9292 \ -p $local_publish:9292:9292 \
-p 9405:9405 \ -p $local_publish:9405:9405 \
-v "$DATA_DIR:/shared/postgres_data:delegated" \ -v "$DATA_DIR:/shared/postgres_data:delegated" \
-v "$SOURCE_DIR:/src:delegated" \ -v "$SOURCE_DIR:/src:delegated" \
-e UNICORN_BIND_ALL=true \
$mount_plugin_symlinks \ $mount_plugin_symlinks \
$ENV_ARGS \ $ENV_ARGS \
--hostname=discourse \ --hostname=discourse \