From 4fc0732fc75e50bd6e6628905859802e334b5ede Mon Sep 17 00:00:00 2001
From: Darren <27513732@qq.com>
Date: Thu, 28 Sep 2023 18:52:35 +0800
Subject: [PATCH] firewall for Docker

---
 install/install.sh        |  2 +-
 install/install_docker.sh | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/install/install.sh b/install/install.sh
index 8fbca5eb..af15ef0c 100644
--- a/install/install.sh
+++ b/install/install.sh
@@ -194,7 +194,7 @@ install_backends() {
     fi
 
     container_names=$(docker ps -a --format "{{.Names}}" --filter "name=websoft9")
-    sudo docker compose down
+    sudo docker compose -p websoft9 down
     
     # delete some dead containers that docker compose cannot deleted
     if [ ! -z "$container_names" ]; then
diff --git a/install/install_docker.sh b/install/install_docker.sh
index f59f6516..4768b9e8 100644
--- a/install/install_docker.sh
+++ b/install/install_docker.sh
@@ -113,6 +113,22 @@ fi
 }
 
 
+Set_Firewall(){
+  echo "$echo_prefix_cockpit Set Firewalld for Docker"
+  if command -v firewall-cmd &> /dev/null; then
+     if ! systemctl is-active --quiet firewalld; then
+        sudo systemctl start firewalld
+        sudo firewall-cmd --zone=trusted --remove-interface=docker0 --permanent
+        sudo firewall-cmd --reload
+        sudo systemctl stop firewalld
+     else
+        sudo firewall-cmd --zone=trusted --remove-interface=docker0 --permanent
+        sudo firewall-cmd --reload
+     fi
+
+  fi
+}
+
 Set_Docker(){
 # should have Docker server and Docker cli
 if docker_exist; then
@@ -121,6 +137,7 @@ if docker_exist; then
     sudo systemctl restart docker
     if ! docker network inspect websoft9 > /dev/null 2>&1; then
       sudo docker network create websoft9
+      sudo systemctl restart docker
     fi
 else
    echo "Docker settings failed, exit..."
@@ -129,4 +146,5 @@ fi
 }
 
 Upgrade_Docker
+Set_Firewall
 Set_Docker
\ No newline at end of file