Allow unecrypted admin connections from CUPS_TRUSTED_PROXY address(es).

2023-03-23 22:29:23 +01:00
parent 6c57adafeb
commit 9c8b7c31c8
2 changed files with 12 additions and 2 deletions
--- a/4
+++ b/4
@@ -14,7 +14,8 @@ ENV ADMIN_PASSWORD_SECRET=samba-admin-password \
    SERVER_STRING="Samba Member Server" \
    TZ=UTC \
    WINBIND_USE_DEFAULT_DOMAIN=yes \
-    WORKGROUP=AD
+    WORKGROUP=AD \
+    CUPS_TRUSTED_PROXY=

 COPY *.sh /

@@ -52,7 +53,6 @@ RUN apt-get -y update && \
 	rmdir /etc/cups/ppd && \
 	ln -s /etc/cups-persist/ppd /etc/cups/ppd && \
 	sed -i "s:Listen localhost\:631:Port 631\nServerAlias \*:" /etc/cups/cupsd.conf && \
-	sed -E -i "s:(Order allow\,deny):\1\n  Allow all:" /etc/cups/cupsd.conf && \
 	useradd guest

 #RUN chmod 777 /home
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -94,6 +94,16 @@ fi
 mkdir -p /etc/cups-persist/ppd
 touch /etc/cups-persist/printers.conf
 sed -i -E "s:^(lpadmin\:x\:[0-9]+\:)(.*)$:\1$ADMIN_ACCOUNT\,\2:" /etc/group
+sed -i -E "s:^(lpadmin\:x\:[0-9]+\:)(.*)$:\1$ADMIN_ACCOUNT\,\2:" /etc/group
+
+if [ -z "$CUPS_TRUSTED_PROXY" ]; then
+	sed -E -i "s:(Order allow\,deny):\1\n  Allow $CUPS_TRUSTED_PROXY:" /etc/cups/cupsd.conf
+	echo -e "\n" >> /etc/cups/cupsd.conf
+	echo "DefaultEncryption Never" >> /etc/cups/cupsd.conf
+else
+	sed -E -i "s:(Order allow\,deny):\1\n  Allow all:" /etc/cups/cupsd.conf
+fi
+

 echo 'Restarting Samba using supervisord'
 exec "$@"