From fe8599961daef94f3c134e36b9e741478838f72e Mon Sep 17 00:00:00 2001 From: Michael Mayer Date: Thu, 5 Aug 2021 23:47:47 +0200 Subject: [PATCH] Docker: Add enable_firewall.sh script to cloud config --- docker/examples/cloud/enable_firewall.sh | 12 ++++++++++++ docker/examples/cloud/install_photoprism.sh | 11 ++++++++++- 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100755 docker/examples/cloud/enable_firewall.sh mode change 100644 => 100755 docker/examples/cloud/install_photoprism.sh diff --git a/docker/examples/cloud/enable_firewall.sh b/docker/examples/cloud/enable_firewall.sh new file mode 100755 index 000000000..e0f36388f --- /dev/null +++ b/docker/examples/cloud/enable_firewall.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +# Install ufw package if needed: +apt-get update && apt-get install -y --no-install-recommends ufw && apt-get autoclean && apt-get autoremove + +# Basic ufw firewall setup allowing ssh, http, and https: +ufw default deny incoming +ufw default allow outgoing +ufw allow ssh +ufw allow http +ufw allow https +ufw --force enable diff --git a/docker/examples/cloud/install_photoprism.sh b/docker/examples/cloud/install_photoprism.sh old mode 100644 new mode 100755 index 691c293e5..a4af6ace6 --- a/docker/examples/cloud/install_photoprism.sh +++ b/docker/examples/cloud/install_photoprism.sh @@ -11,7 +11,16 @@ # # cd /var/lib/cloud/scripts/per-instance # curl -fsSL https://dl.photoprism.org/docker/cloud/install_photoprism.sh > install_photoprism.sh -# chmod 700 install_photoprism.sh +# curl -fsSL https://dl.photoprism.org/docker/cloud/enable_firewall.sh > enable_firewall.sh +# chmod 700 install_photoprism.sh enable_firewall.sh +# ./enable_firewall.sh +# +# Installing the ufw firewall as shown above is optional but recommended. +# +# When building a reusable image for DigitalOcean, you also need to run the following scripts: +# +# bash <(curl -s https://raw.githubusercontent.com/digitalocean/marketplace-partners/master/scripts/90-cleanup.sh) +# bash <(curl -s https://raw.githubusercontent.com/digitalocean/marketplace-partners/master/scripts/99-img-check.sh) # # Enjoy!