Last active
December 26, 2015 17:29
-
-
Save ryanseys/faf2dcd8daa88f3c20dd to your computer and use it in GitHub Desktop.
deploy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
set -e | |
echo 'Deploying...' | |
apt-get install -y nginx | |
service nginx start | |
update-rc.d nginx defaults | |
docker build -t ryanseys/hello github.com/ryanseys/node-helloworld | |
docker run -d ryanseys/hello | |
docker ps | |
ufw default deny incoming | |
ufw default deny outgoing | |
ufw limit ssh | |
ufw allow in http # access nginx | |
ufw allow out http | |
ufw allow out 53 # allow apt-get to work | |
ufw allow out on docker0 | |
ufw allow in on docker0 | |
sed -i.bak 's/DEFAULT_FORWARD_POLICY=".*"/DEFAULT_FORWARD_POLICY="ACCEPT"/' /etc/default/ufw | |
sed -r -i.bak 's/^#(net\/ipv4\/ip_forward=1|net\/ipv6\/conf\/default\/forwarding=1|net\/ipv6\/conf\/all\/forwarding=1)$/\1/' /etc/ufw/sysctl.conf | |
ufw disable | |
ufw --force enable |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment