From 7530d8c9a07477ee791f006294aab9e22dc9aac0 Mon Sep 17 00:00:00 2001
From: Bohdan Shulha <bv.shulha@gmail.com>
Date: Sat, 9 Nov 2024 16:03:14 +0100
Subject: [PATCH] feat: #263 add registry firewall rule

---
 scripts/self-hosted/install-agent.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/scripts/self-hosted/install-agent.sh b/scripts/self-hosted/install-agent.sh
index 4a95bd4..ed21def 100755
--- a/scripts/self-hosted/install-agent.sh
+++ b/scripts/self-hosted/install-agent.sh
@@ -121,6 +121,12 @@ if [ -z "$SKIP_CORE_INSTALL" ]; then
     iptables -I DOCKER-USER -p tcp -s 127.0.0.1 --dport 2019 -j ACCEPT
     iptables -I DOCKER-USER -p tcp --dport 2019 -j REJECT --reject-with tcp-reset
 
+    # Allow access to internal Docker Registry port
+    # Docker Registry will be available at registry.ptah.local:5000 on the overlay ptah_net network
+    iptables -I DOCKER-USER -p tcp -s 127.0.0.1 --dport 5050 -j ACCEPT
+    iptables -I DOCKER-USER -p tcp --dport 5050 -j REJECT --reject-with tcp-reset
+    echo '127.0.0.1 registry.ptah.local' >> /etc/hosts
+
     netfilter-persistent save
 
     rm -f /tmp/ptah-agent