Skip to content

Commit c481766

Browse files
bmpandradepcnc
bmpandrade
authored and
pcnc
committed
chore: ensure fail2ban stays disabled when FAIL2BAN_DISABLED is set (#796)
* chore: ensure fail2ban stays disabled when FAIL2BAN_DISABLED is set * chore: update docker aio entrypoint with extra validation on env vars check
1 parent a71ed62 commit c481766

File tree

2 files changed

+11
-9
lines changed

2 files changed

+11
-9
lines changed

docker/all-in-one/Dockerfile

+1
Original file line numberDiff line numberDiff line change
@@ -179,6 +179,7 @@ COPY --chown=postgres:postgres docker/all-in-one/etc/postgresql.schema.sql /etc/
179179
# Customizations for postgres_exporter
180180
COPY --chown=postgres:postgres docker/all-in-one/opt/postgres_exporter/queries.yml /opt/postgres_exporter/queries.yml
181181

182+
# Customizations for fail2ban
182183
COPY docker/all-in-one/etc/fail2ban/filter.d /etc/fail2ban/filter.d/
183184
COPY docker/all-in-one/etc/fail2ban/jail.d /etc/fail2ban/jail.d/
184185

docker/all-in-one/entrypoint.sh

+10-9
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,8 @@ function enable_autoshutdown {
101101
}
102102

103103
function disable_fail2ban {
104-
sed -i "s/autostart=.*/autostart=false/" /etc/supervisor/services/fail2ban.conf
104+
sed -i "s/autostart=.*/autostart=false/" /etc/supervisor/services/fail2ban.conf
105+
sed -i "s/autorestart=.*/autorestart=false/" /etc/supervisor/services/fail2ban.conf
105106
}
106107

107108
function setup_postgres {
@@ -274,25 +275,25 @@ find /etc/supervisor/ -type d -exec chmod 0770 {} +
274275
find /etc/supervisor/ -type f -exec chmod 0660 {} +
275276

276277
# Start services in the background
277-
if [ -z "${POSTGRES_ONLY:-}" ]; then
278-
sed -i "s| # - postgrest| - postgrest|g" /etc/adminapi/adminapi.yaml
279-
sed -i "s|files = db-only/\*.conf|files = services/\*.conf db-only/\*.conf|g" $SUPERVISOR_CONF
280-
configure_services
281-
else
278+
if [ "${POSTGRES_ONLY:-}" == "true" ]; then
282279
sed -i "s| - postgrest| # - postgrest|g" /etc/adminapi/adminapi.yaml
283280
sed -i "s|files = services/\*.conf db-only/\*.conf|files = db-only/\*.conf|g" $SUPERVISOR_CONF
284281
/init/configure-adminapi.sh
282+
else
283+
sed -i "s| # - postgrest| - postgrest|g" /etc/adminapi/adminapi.yaml
284+
sed -i "s|files = db-only/\*.conf|files = services/\*.conf db-only/\*.conf|g" $SUPERVISOR_CONF
285+
configure_services
285286
fi
286287

287-
if [ "${AUTOSHUTDOWN_ENABLED:-}" ]; then
288+
if [ "${AUTOSHUTDOWN_ENABLED:-}" == "true" ]; then
288289
enable_autoshutdown
289290
fi
290291

291-
if [ "${FAIL2BAN_DISABLED:-}" ]; then
292+
if [ "${FAIL2BAN_DISABLED:-}" == "true" ]; then
292293
disable_fail2ban
293294
fi
294295

295-
if [ "${PLATFORM_DEPLOYMENT:-}" ]; then
296+
if [ "${PLATFORM_DEPLOYMENT:-}" == "true" ]; then
296297
enable_swap
297298
create_lsn_checkpoint_file
298299

0 commit comments

Comments
 (0)