eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-20 06:26:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10
all-in-one/Containers/docker-socket-proxy/haproxy.cfg
Simon L a56fbb6045 address review 
Signed-off-by: Simon L <szaimen@e.mail.de>
2023-08-30 15:13:08 +02:00

25 lines
1.1 KiB
INI
Raw Blame History

# Inspiration: https://github.com/Tecnativa/docker-socket-proxy/blob/master/haproxy.cfg
defaults
timeout connect 10s
timeout client 10s
timeout server 10s
frontend http
mode http
bind :2375
http-request deny unless { src 127.0.0.1 } || { src ::1 } || { src NC_IPV4_PLACEHOLDER } || { src NC_IPV6_PLACEHOLDER }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((start)|(stop)|(restart)|(kill)) }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/images }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/info }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/_ping }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/volumes }
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/version }
http-request deny
default_backend dockerbackend
backend dockerbackend
mode http
server dockersocket /var/run/docker.sock
Reference in a new issue View git blame Copy permalink