aljaz/cyphernode
1
0
Fork 0
mirror of https://github.com/aljazceru/cyphernode.git synced 2025-12-26 09:05:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

read-only volumes and chown apps dir

Browse Source
This commit is contained in:
kexkey
2019-12-02 20:42:20 -05:00
committed by kexkey
parent 52403f9a0a
commit ebb6ea9784
2 changed files with 15 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
cyphernodeconf_docker/templates/installer/docker/docker-compose.yaml
View File

@@ -166,7 +166,7 @@ services:
<% } %>
volumes:
- "<%= otsclient_datapath %>:/otsfiles"
- "<%= bitcoin_datapath %>/bitcoin-client.conf:/.bitcoin/bitcoin.conf"
- "<%= bitcoin_datapath %>/bitcoin-client.conf:/.bitcoin/bitcoin.conf":ro
command: $USER /script/startotsclient.sh
networks:
- cyphernodenet
@@ -191,15 +191,15 @@ services:
- "<%= gatekeeper_port %>:<%= gatekeeper_port %>"
<% } %>
volumes:
- "<%= gatekeeper_datapath %>/certs:/etc/ssl/certs"
- "<%= gatekeeper_datapath %>/private:/etc/ssl/private"
- "<%= gatekeeper_datapath %>/keys.properties:/etc/nginx/conf.d/keys.properties"
- "<%= gatekeeper_datapath %>/api.properties:/etc/nginx/conf.d/api.properties"
- "<%= gatekeeper_datapath %>/default.conf:/etc/nginx/conf.d/default.conf"
- "<%= gatekeeper_datapath %>/htpasswd:/etc/nginx/conf.d/status/htpasswd"
- "<%= gatekeeper_datapath %>/installation.json:/etc/nginx/conf.d/s/stats/installation.json"
- "<%= gatekeeper_datapath %>/client.7z:/etc/nginx/conf.d/s/stats/client.7z"
- "<%= gatekeeper_datapath %>/config.7z:/etc/nginx/conf.d/s/stats/config.7z"
- "<%= gatekeeper_datapath %>/certs:/etc/ssl/certs":ro
- "<%= gatekeeper_datapath %>/private:/etc/ssl/private":ro
- "<%= gatekeeper_datapath %>/keys.properties:/etc/nginx/conf.d/keys.properties":ro
- "<%= gatekeeper_datapath %>/api.properties:/etc/nginx/conf.d/api.properties":ro
- "<%= gatekeeper_datapath %>/default.conf:/etc/nginx/conf.d/default.conf":ro
- "<%= gatekeeper_datapath %>/htpasswd:/etc/nginx/conf.d/status/htpasswd":ro
- "<%= gatekeeper_datapath %>/installation.json:/etc/nginx/conf.d/s/stats/installation.json":ro
- "<%= gatekeeper_datapath %>/client.7z:/etc/nginx/conf.d/s/stats/client.7z":ro
- "<%= gatekeeper_datapath %>/config.7z:/etc/nginx/conf.d/s/stats/config.7z":ro
networks:
- cyphernodenet
- cyphernodeappsnet
@@ -221,9 +221,9 @@ services:
- 443:443
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "<%= traefik_datapath%>/traefik.toml:/traefik.toml"
- "<%= traefik_datapath%>/traefik.toml:/traefik.toml":ro
- "<%= traefik_datapath%>/acme.json:/acme.json"
- "<%= traefik_datapath%>/htpasswd:/htpasswd/htpasswd"
- "<%= traefik_datapath%>/htpasswd:/htpasswd/htpasswd":ro
networks:
- cyphernodeappsnet
restart: always
@@ -247,7 +247,7 @@ services:
<% } %>
volumes:
- "<%= lightning_datapath %>:/.lightning"
- "<%= bitcoin_datapath %>/bitcoin-client.conf:/.bitcoin/bitcoin.conf"
- "<%= bitcoin_datapath %>/bitcoin-client.conf:/.bitcoin/bitcoin.conf":ro
- bitcoin_monitor:/bitcoin_monitor:ro
networks:
- cyphernodenet

2
dist/setup.sh vendored
View File

@@ -692,9 +692,11 @@ sanity_checks_pre_install() {
install_apps() {
if [ ! -d "$current_path/apps" ]; then
local user=$(id -u $RUN_AS_USER):$(id -g $RUN_AS_USER)
local apps_repo="https://github.com/SatoshiPortal/cypherapps.git"
echo " clone $apps_repo into apps"
docker run --rm -v "$current_path":/git --entrypoint git cyphernode/cyphernodeconf:$CONF_VERSION clone --single-branch -b ${CYPHERAPPS_VERSION} "$apps_repo" /git/apps > /dev/null 2>&1
sudo_if_required chown -R $user $current_path/apps
fi
}