|
345 |
cert_dir = '/etc/univention/ssl/%s.%s' % (ucr_get('hostname'), ucr_get('domainname')) |
345 |
cert_dir = '/etc/univention/ssl/%s.%s' % (ucr_get('hostname'), ucr_get('domainname')) |
346 |
cert_volume = '%s:%s:ro' % (cert_dir, cert_dir) |
346 |
cert_volume = '%s:%s:ro' % (cert_dir, cert_dir) |
347 |
volumes.add(cert_volume) |
347 |
volumes.add(cert_volume) |
|
|
348 |
volumes.add('/sys/fs/cgroup:/sys/fs/cgroup:ro') |
348 |
env_file = self.ucr_filter_env_file(env) |
349 |
env_file = self.ucr_filter_env_file(env) |
349 |
command = shlex.split(self.app.docker_script_init) |
350 |
command = shlex.split(self.app.docker_script_init) |
350 |
args = shlex.split(ucr_get(self.app.ucr_docker_params_key, '')) |
351 |
args = shlex.split(ucr_get(self.app.ucr_docker_params_key, '')) |
|
|
352 |
args.extend(["--stop-signal", "SIGRTMIN+3"]) |
353 |
for tmpfs in ("/run", "/tmp"): |
354 |
args.extend(["--tmpfs", tmpfs]) |
355 |
args.append("--cap-add=SYS_ADMIN") |
356 |
args.extend(["-e", "container=docker"]) |
351 |
container = create(self.image, command, hostname, ports, volumes, env_file, args) |
357 |
container = create(self.image, command, hostname, ports, volumes, env_file, args) |
352 |
ucr_save({self.app.ucr_container_key: container}) |
358 |
ucr_save({self.app.ucr_container_key: container}) |
353 |
self.container = container |
359 |
self.container = container |