Docker and iptables persistence
We added an easier documentation to maintain firewall and cluster management that might help with your firewall configuration Please Check it Here. While this still is a valid configuration, there are flaws that might require your attention.
In this article we will provide instruction on how to get our pre-configured firewall script that sets up Docker to run with Entermedia Server.
Please Note that if you have other services with docker exposing ports will override INPUT firewall rules
First, enter the appropriate folder (of your choice) and run the following command to download the script from our servers.
wget -O /root/firewall.sh https://raw.githubusercontent.com/entermedia-community/entermediadb-docker/master/scripts/firewall.sh && chmod +x /root/firewall.sh
Second, we'll be creating your own iptables unix service:
sudo vi /etc/systemd/system/org.entermediadb-firewall.service
[Unit] Description=dam.entermediadb.org Firewall Config After=docker.service After=nginx.service After=firewalld.service [Service] Type=oneshot ExecStart=/root/firewall.sh [Install] WantedBy=multi-user.target
Third, set the enable the service start at your machine's boot sequence.
systemctl enable --now org.entermediadb-firewall.service
*** Tested on CentOS/RHEL 7.6 && iptables v1.4.21 ***