From 5b5f49b00bb2a69174962e083d2cc3a3ecacab9e Mon Sep 17 00:00:00 2001
From: Andrey Borysenko <andrey18106x@gmail.com>
Date: Wed, 16 Apr 2025 16:58:02 +0300
Subject: [PATCH] feat: add image inspect rule

Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
---
 Containers/docker-socket-proxy/haproxy.cfg | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Containers/docker-socket-proxy/haproxy.cfg b/Containers/docker-socket-proxy/haproxy.cfg
index defccda5..ba0eb75c 100644
--- a/Containers/docker-socket-proxy/haproxy.cfg
+++ b/Containers/docker-socket-proxy/haproxy.cfg
@@ -14,6 +14,8 @@ frontend http
     http-request deny unless { src 127.0.0.1 } || { src ::1 } || { src NC_IPV4_PLACEHOLDER } || { src NC_IPV6_PLACEHOLDER }
     # docker system _ping
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/_ping$ } METH_GET
+    # docker inspect image: GET images/%s/json
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/images/.*/json } METH_GET
     # container inspect: GET containers/%s/json
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/nc_app_[a-zA-Z0-9_.-]+/json } METH_GET
     # container inspect: GET containers/%s/logs