Compare commits
3 commits
fb1a41e63f
...
ad32fa5866
Author | SHA1 | Date | |
---|---|---|---|
ad32fa5866 | |||
c3d87fcfba | |||
85d6931593 |
6 changed files with 209 additions and 3 deletions
40
print/Dockerfile
Normal file
40
print/Dockerfile
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
ARG MAINTAINER
|
||||||
|
FROM debian:bullseye
|
||||||
|
MAINTAINER $MAINTAINER
|
||||||
|
|
||||||
|
# Install Packages (basic tools, cups, basic drivers, HP drivers)
|
||||||
|
RUN apt-get update \
|
||||||
|
&& apt-get install -y \
|
||||||
|
sudo \
|
||||||
|
whois \
|
||||||
|
usbutils \
|
||||||
|
cups \
|
||||||
|
cups-client \
|
||||||
|
cups-bsd \
|
||||||
|
cups-filters \
|
||||||
|
foomatic-db-compressed-ppds \
|
||||||
|
printer-driver-all \
|
||||||
|
openprinting-ppds \
|
||||||
|
hpijs-ppds \
|
||||||
|
hp-ppd \
|
||||||
|
hplip \
|
||||||
|
smbclient \
|
||||||
|
printer-driver-cups-pdf \
|
||||||
|
&& apt-get clean \
|
||||||
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
# Add user and disable sudo password checking
|
||||||
|
RUN useradd \
|
||||||
|
--groups=sudo,lp,lpadmin \
|
||||||
|
--create-home \
|
||||||
|
--home-dir=/home/print \
|
||||||
|
--shell=/bin/bash \
|
||||||
|
--password=$(mkpasswd print) \
|
||||||
|
print \
|
||||||
|
&& sed -i '/%sudo[[:space:]]/ s/ALL[[:space:]]*$/NOPASSWD:ALL/' /etc/sudoers
|
||||||
|
|
||||||
|
# Copy the default configuration file
|
||||||
|
COPY --chown=root:lp cupsd.conf /etc/cups/cupsd.conf
|
||||||
|
|
||||||
|
# Default shell
|
||||||
|
CMD ["/usr/sbin/cupsd", "-f"]
|
135
print/cupsd.conf
Normal file
135
print/cupsd.conf
Normal file
|
@ -0,0 +1,135 @@
|
||||||
|
LogLevel warn
|
||||||
|
PageLogFormat
|
||||||
|
MaxLogSize 0
|
||||||
|
ErrorPolicy retry-job
|
||||||
|
# Allow remote access
|
||||||
|
Port 631
|
||||||
|
Listen /run/cups/cups.sock
|
||||||
|
# Share local printers on the local network.
|
||||||
|
Browsing On
|
||||||
|
BrowseLocalProtocols dnssd
|
||||||
|
DefaultAuthType Basic
|
||||||
|
WebInterface Yes
|
||||||
|
DefaultEncryption IfRequested
|
||||||
|
<Location />
|
||||||
|
# Allow shared printing and remote administration...
|
||||||
|
Order allow,deny
|
||||||
|
Allow all
|
||||||
|
</Location>
|
||||||
|
<Location /admin>
|
||||||
|
# Allow remote administration...
|
||||||
|
Order allow,deny
|
||||||
|
Allow all
|
||||||
|
</Location>
|
||||||
|
<Location /admin/conf>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
# Allow remote access to the configuration files...
|
||||||
|
Order allow,deny
|
||||||
|
Allow all
|
||||||
|
</Location>
|
||||||
|
<Location /admin/log>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
# Allow remote access to the log files...
|
||||||
|
Order allow,deny
|
||||||
|
Allow all
|
||||||
|
</Location>
|
||||||
|
<Policy default>
|
||||||
|
JobPrivateAccess default
|
||||||
|
JobPrivateValues default
|
||||||
|
SubscriptionPrivateAccess default
|
||||||
|
SubscriptionPrivateValues default
|
||||||
|
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit All>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
</Policy>
|
||||||
|
<Policy authenticated>
|
||||||
|
JobPrivateAccess default
|
||||||
|
JobPrivateValues default
|
||||||
|
SubscriptionPrivateAccess default
|
||||||
|
SubscriptionPrivateValues default
|
||||||
|
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||||
|
AuthType Default
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||||
|
AuthType Default
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||||
|
AuthType Default
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit All>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
</Policy>
|
||||||
|
<Policy kerberos>
|
||||||
|
JobPrivateAccess default
|
||||||
|
JobPrivateValues default
|
||||||
|
SubscriptionPrivateAccess default
|
||||||
|
SubscriptionPrivateValues default
|
||||||
|
<Limit Create-Job Print-Job Print-URI Validate-Job>
|
||||||
|
AuthType Negotiate
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
|
||||||
|
AuthType Negotiate
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
|
||||||
|
AuthType Default
|
||||||
|
Require user @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit Cancel-Job CUPS-Authenticate-Job>
|
||||||
|
AuthType Negotiate
|
||||||
|
Require user @OWNER @SYSTEM
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
<Limit All>
|
||||||
|
Order deny,allow
|
||||||
|
</Limit>
|
||||||
|
</Policy>
|
||||||
|
|
||||||
|
ServerAlias *
|
29
print/docker-compose.yaml
Normal file
29
print/docker-compose.yaml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
version: "3.3"
|
||||||
|
|
||||||
|
services:
|
||||||
|
|
||||||
|
cups:
|
||||||
|
image: olbat/cupsd
|
||||||
|
volumes:
|
||||||
|
- /var/run/dbus:/var/run/dbus
|
||||||
|
- ${VOLUMES_PATH}/cups:/etc/cups
|
||||||
|
devices:
|
||||||
|
- /dev/usblp0
|
||||||
|
privileged: true
|
||||||
|
network_mode: host
|
||||||
|
# networks:
|
||||||
|
# - web
|
||||||
|
# ports:
|
||||||
|
# - 631:631
|
||||||
|
labels:
|
||||||
|
- "traefik.enable=true"
|
||||||
|
- "traefik.http.routers.cups.rule=Host(`print.${DOMAIN}`)"
|
||||||
|
- "traefik.http.routers.cups.entrypoints=web"
|
||||||
|
- "traefik.http.services.cups.loadbalancer.server.port=631"
|
||||||
|
- "docker.group=print"
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
networks:
|
||||||
|
web:
|
||||||
|
external: true
|
||||||
|
|
|
@ -10,8 +10,8 @@ services:
|
||||||
- "443:443"
|
- "443:443"
|
||||||
networks:
|
networks:
|
||||||
- web
|
- web
|
||||||
|
- dockersocket
|
||||||
volumes:
|
volumes:
|
||||||
- "/var/run/docker.sock:/var/run/docker.sock:ro"
|
|
||||||
- "$PWD/traefik.yml:/etc/traefik/traefik.yml"
|
- "$PWD/traefik.yml:/etc/traefik/traefik.yml"
|
||||||
- "$PWD/extraProviders/:/extraProviders:ro"
|
- "$PWD/extraProviders/:/extraProviders:ro"
|
||||||
labels:
|
labels:
|
||||||
|
@ -22,6 +22,8 @@ services:
|
||||||
- "docker.group=proxy"
|
- "docker.group=proxy"
|
||||||
extra_hosts:
|
extra_hosts:
|
||||||
- host.docker.internal:172.17.0.1
|
- host.docker.internal:172.17.0.1
|
||||||
|
depends_on:
|
||||||
|
- docker-socket-proxy
|
||||||
|
|
||||||
|
|
||||||
docker-socket-proxy:
|
docker-socket-proxy:
|
||||||
|
|
|
@ -10,7 +10,7 @@ api:
|
||||||
providers:
|
providers:
|
||||||
docker:
|
docker:
|
||||||
exposedbydefault: false
|
exposedbydefault: false
|
||||||
endpoint: "unix:///var/run/docker.sock"
|
endpoint: "tcp://docker-socket-proxy:2375"
|
||||||
|
|
||||||
file:
|
file:
|
||||||
directory: /extraProviders
|
directory: /extraProviders
|
||||||
|
|
|
@ -13,4 +13,4 @@ up dashboard;
|
||||||
up download;
|
up download;
|
||||||
up portainer;
|
up portainer;
|
||||||
up torrent;
|
up torrent;
|
||||||
|
up print;
|
||||||
|
|
Loading…
Reference in a new issue