Skip to content

Instantly share code, notes, and snippets.

@ryanseys
Last active December 26, 2015 17:29
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ryanseys/faf2dcd8daa88f3c20dd to your computer and use it in GitHub Desktop.
Save ryanseys/faf2dcd8daa88f3c20dd to your computer and use it in GitHub Desktop.
deploy
#!/bin/sh
set -e
echo 'Deploying...'
apt-get install -y nginx
service nginx start
update-rc.d nginx defaults
docker build -t ryanseys/hello github.com/ryanseys/node-helloworld
docker run -d ryanseys/hello
docker ps
ufw default deny incoming
ufw default deny outgoing
ufw limit ssh
ufw allow in http # access nginx
ufw allow out http
ufw allow out 53 # allow apt-get to work
ufw allow out on docker0
ufw allow in on docker0
sed -i.bak 's/DEFAULT_FORWARD_POLICY=".*"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw
sed -r -i.bak 's/^#(net\/ipv4\/ip_forward=1|net\/ipv6\/conf\/default\/forwarding=1|net\/ipv6\/conf\/all\/forwarding=1)$/\1/' /etc/ufw/sysctl.conf
ufw disable
ufw --force enable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment