ac50d9c37c
note that at the moment the iptables calls complete successfully but the container isn't actually exposed. We'll probably need to use the ambassador pattern to do this properly.
23 lines
760 B
Bash
Executable File
23 lines
760 B
Bash
Executable File
#!/usr/bin/env bash
|
|
set -eo pipefail; [[ $DOKKU_TRACE ]] && set -x
|
|
source "$(dirname "$0")/config"
|
|
|
|
if ! docker images | grep -e "^$PLUGIN_IMAGE " | grep -q $PLUGIN_IMAGE_VERSION ; then
|
|
docker pull $PLUGIN_IMAGE:$PLUGIN_IMAGE_VERSION
|
|
fi
|
|
|
|
mkdir -p $PLUGIN_DATA_ROOT || echo "Failed to create $PLUGIN_SERVICE directory"
|
|
chown dokku:dokku $PLUGIN_DATA_ROOT
|
|
|
|
case "$DOKKU_DISTRO" in
|
|
ubuntu)
|
|
echo "%dokku ALL=(ALL) NOPASSWD:/sbin/iptables -t nat -A DOCKER -p tcp *, /sbin/iptables -t nat -D DOCKER -p tcp *" > /etc/sudoers.d/dokku-redis
|
|
;;
|
|
|
|
opensuse)
|
|
echo "%dokku ALL=(ALL) NOPASSWD:/sbin/iptables -t nat -A DOCKER -p tcp *, /sbin/iptables -t nat -D DOCKER -p tcp *" > /etc/sudoers.d/dokku-redis
|
|
;;
|
|
esac
|
|
|
|
chmod 0440 /etc/sudoers.d/dokku-redis
|