Compare commits
3 commits
fb1a41e63f
...
ad32fa5866
Author | SHA1 | Date | |
---|---|---|---|
ad32fa5866 | |||
c3d87fcfba | |||
85d6931593 |
6 changed files with 209 additions and 3 deletions
40
print/Dockerfile
Normal file
40
print/Dockerfile
Normal file
|
@ -0,0 +1,40 @@
|
|||
ARG MAINTAINER
|
||||
FROM debian:bullseye
|
||||
MAINTAINER $MAINTAINER
|
||||
|
||||
# Install Packages (basic tools, cups, basic drivers, HP drivers)
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y \
|
||||
sudo \
|
||||
whois \
|
||||
usbutils \
|
||||
cups \
|
||||
cups-client \
|
||||
cups-bsd \
|
||||
cups-filters \
|
||||
foomatic-db-compressed-ppds \
|
||||
printer-driver-all \
|
||||
openprinting-ppds \
|
||||
hpijs-ppds \
|
||||
hp-ppd \
|
||||
hplip \
|
||||
smbclient \
|
||||
printer-driver-cups-pdf \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Add user and disable sudo password checking
|
||||
RUN useradd \
|
||||
--groups=sudo,lp,lpadmin \
|
||||
--create-home \
|
||||
--home-dir=/home/print \
|
||||
--shell=/bin/bash \
|
||||
--password=$(mkpasswd print) \
|
||||
print \
|
||||
&& sed -i '/%sudo[[:space:]]/ s/ALL[[:space:]]*$/NOPASSWD:ALL/' /etc/sudoers
|
||||
|
||||
# Copy the default configuration file
|
||||
COPY --chown=root:lp cupsd.conf /etc/cups/cupsd.conf
|
||||
|
||||
# Default shell
|
||||
CMD ["/usr/sbin/cupsd", "-f"]
|
135
print/cupsd.conf
Normal file
135
print/cupsd.conf
Normal file
|
@ -0,0 +1,135 @@
|
|||
LogLevel warn
|
||||
PageLogFormat
|
||||
MaxLogSize 0
|
||||
ErrorPolicy retry-job
|
||||
# Allow remote access
|
||||
Port 631
|
||||
Listen /run/cups/cups.sock
|
||||
# Share local printers on the local network.
|
||||
Browsing On
|
||||
BrowseLocalProtocols dnssd
|
||||
DefaultAuthType Basic
|
||||
WebInterface Yes
|
||||
DefaultEncryption IfRequested
|
||||
<Location />
|
||||
# Allow shared printing and remote administration...
|
||||
Order allow,deny
|
||||
Allow all
|
||||
</Location>
|
||||
<Location /admin>
|
||||
# Allow remote administration...
|
||||
Order allow,deny
|
||||
Allow all
|
||||
</Location>
|
||||
<Location /admin/conf>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
# Allow remote access to the configuration files...
|
||||
Order allow,deny
|
||||
Allow all
|
||||
</Location>
|
||||
<Location /admin/log>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
# Allow remote access to the log files...
|
||||
Order allow,deny
|
||||
Allow all
|
||||
</Location>
|
||||
<Policy default>
|
||||
JobPrivateAccess default
|
||||
JobPrivateValues default
|
||||
SubscriptionPrivateAccess default
|
||||
SubscriptionPrivateValues default
|
||||
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||
Require user @OWNER @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||
Require user @OWNER @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit All>
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
</Policy>
|
||||
<Policy authenticated>
|
||||
JobPrivateAccess default
|
||||
JobPrivateValues default
|
||||
SubscriptionPrivateAccess default
|
||||
SubscriptionPrivateValues default
|
||||
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||
AuthType Default
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||
AuthType Default
|
||||
Require user @OWNER @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||
AuthType Default
|
||||
Require user @OWNER @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit All>
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
</Policy>
|
||||
<Policy kerberos>
|
||||
JobPrivateAccess default
|
||||
JobPrivateValues default
|
||||
SubscriptionPrivateAccess default
|
||||
SubscriptionPrivateValues default
|
||||
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||
AuthType Negotiate
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||
AuthType Negotiate
|
||||
Require user @OWNER @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||
AuthType Default
|
||||
Require user @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||
AuthType Negotiate
|
||||
Require user @OWNER @SYSTEM
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
<Limit All>
|
||||
Order deny,allow
|
||||
</Limit>
|
||||
</Policy>
|
||||
|
||||
ServerAlias *
|
29
print/docker-compose.yaml
Normal file
29
print/docker-compose.yaml
Normal file
|
@ -0,0 +1,29 @@
|
|||
version: "3.3"
|
||||
|
||||
services:
|
||||
|
||||
cups:
|
||||
image: olbat/cupsd
|
||||
volumes:
|
||||
- /var/run/dbus:/var/run/dbus
|
||||
- ${VOLUMES_PATH}/cups:/etc/cups
|
||||
devices:
|
||||
- /dev/usblp0
|
||||
privileged: true
|
||||
network_mode: host
|
||||
# networks:
|
||||
# - web
|
||||
# ports:
|
||||
# - 631:631
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.routers.cups.rule=Host(`print.${DOMAIN}`)"
|
||||
- "traefik.http.routers.cups.entrypoints=web"
|
||||
- "traefik.http.services.cups.loadbalancer.server.port=631"
|
||||
- "docker.group=print"
|
||||
restart: unless-stopped
|
||||
|
||||
networks:
|
||||
web:
|
||||
external: true
|
||||
|
|
@ -10,8 +10,8 @@ services:
|
|||
- "443:443"
|
||||
networks:
|
||||
- web
|
||||
- dockersocket
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
||||
- "$PWD/traefik.yml:/etc/traefik/traefik.yml"
|
||||
- "$PWD/extraProviders/:/extraProviders:ro"
|
||||
labels:
|
||||
|
@ -22,6 +22,8 @@ services:
|
|||
- "docker.group=proxy"
|
||||
extra_hosts:
|
||||
- host.docker.internal:172.17.0.1
|
||||
depends_on:
|
||||
- docker-socket-proxy
|
||||
|
||||
|
||||
docker-socket-proxy:
|
||||
|
|
|
@ -10,7 +10,7 @@ api:
|
|||
providers:
|
||||
docker:
|
||||
exposedbydefault: false
|
||||
endpoint: "unix:///var/run/docker.sock"
|
||||
endpoint: "tcp://docker-socket-proxy:2375"
|
||||
|
||||
file:
|
||||
directory: /extraProviders
|
||||
|
|
|
@ -13,4 +13,4 @@ up dashboard;
|
|||
up download;
|
||||
up portainer;
|
||||
up torrent;
|
||||
|
||||
up print;
|
||||
|
|
Loading…
Reference in a new issue