From 6d75f6c1d2b976618d8eda25f90f12768450a8a9 Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Mon, 29 Aug 2022 15:00:15 +0530 Subject: Run production in separate network namespace. The production container need interact with the outside world only through a single Unix socket file on which the GeneNetwork web server listens. Hide all other interfaces to it. * production-deploy.sh (container_script): Remove --network flag. --- production-deploy.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/production-deploy.sh b/production-deploy.sh index 19cb17f..c2c5055 100755 --- a/production-deploy.sh +++ b/production-deploy.sh @@ -21,7 +21,7 @@ # Build and install genenetwork production container on tux02. -container_script=$(guix system container --network \ +container_script=$(guix system container \ --verbosity=3 \ --share=/var/guix-containers/genenetwork/var/lib/virtuoso=/var/lib/virtuoso \ production.scm) -- cgit v1.2.3