From ff33899323f71ca750c0e555ce8f71d8896a3b3a Mon Sep 17 00:00:00 2001 From: Sam Saffron Date: Mon, 4 Nov 2019 12:51:35 +1100 Subject: [PATCH] FEATURE: allow publishing docker dev either locally or net wide Previously we had no control over how internal ports in the containter got published. Following UNICORN_BIND_ALL=true setting this broke docker dev env and exposed this weakness. The new `d/boot_dev` will only export on localhost, if you wish to export network with use `d/boot_dev -p` --- bin/docker/boot_dev | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/bin/docker/boot_dev b/bin/docker/boot_dev index 679608866ca..be8d17dc5c3 100755 --- a/bin/docker/boot_dev +++ b/bin/docker/boot_dev @@ -13,11 +13,13 @@ Usage: ${0##*/} [-e VAR=VAL] [--env VAR=VAL] [--env-file filename] [-h] [--init] -e, --env set environment variables --env-file pass in a file containing a list of environment variable assignments --init perform first-time initialization + -p --net-public publish ports on container on 0.0.0.0 (less secure as users on LAN may see dev env) EOF } initialize="" ENV_ARGS="" +local_publish="127.0.0.1" while [ "${#@}" -ne "0" ]; do case "$1" in @@ -28,6 +30,9 @@ while [ "${#@}" -ne "0" ]; do -i | --init) initialize="initialize" ;; + -p | --net-public) + local_publish="0.0.0.0" + ;; -e | --env) if [ -z "$2" ]; then show_help @@ -76,12 +81,13 @@ done docker pull discourse/discourse_dev:release docker run -d \ - -p 1080:1080 \ - -p 3000:3000 \ - -p 9292:9292 \ - -p 9405:9405 \ + -p $local_publish:1080:1080 \ + -p $local_publish:3000:3000 \ + -p $local_publish:9292:9292 \ + -p $local_publish:9405:9405 \ -v "$DATA_DIR:/shared/postgres_data:delegated" \ -v "$SOURCE_DIR:/src:delegated" \ + -e UNICORN_BIND_ALL=true \ $mount_plugin_symlinks \ $ENV_ARGS \ --hostname=discourse \