nicolas
/
podman-quadlet-cookbook
mirror of https://github.com/nmasse-itix/podman-quadlet-cookbook.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add nftables rules for quay

main
Nicolas Massé 4 weeks ago
parent
3f1dc105fd
commit
1800e0e4e3
2 changed files with 8 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      cookbooks/quay/Makefile
  2. 7
      cookbooks/quay/other/nftables/50-quay.nft

2
cookbooks/quay/Makefile
View File

@ -6,7 +6,7 @@
PROJECT_UID = 10026 PROJECT_UID = 10026
PROJECT_GID = 10000 PROJECT_GID = 10000
DEPENDENCIES = postgresql lego DEPENDENCIES = postgresql lego nftables
# Include common Makefile # Include common Makefile
include ../../scripts/common.mk include ../../scripts/common.mk

7
cookbooks/quay/other/nftables/50-quay.nft
View File

@ -0,0 +1,7 @@
#!/usr/sbin/nft -f
# Lego listens on port 80 and Quay on port 8443
add rule inet itix-fw input tcp dport { 80, 8443 } counter accept
# Redirect port 443 to 8443 (Quay)
add rule inet itix-nat prerouting tcp dport 443 counter redirect to 8443
Write Preview
Loading…
Cancel
Save