From 1ad9dd25519006543678a385eb774a7b800f5051 Mon Sep 17 00:00:00 2001
From: folex <0xdxdy@gmail.com>
Date: Fri, 20 Sep 2019 15:53:39 +0300
Subject: [PATCH] Add DELETE methods for networks, containers, images and
 volumes

---
 Dockerfile  |  6 +++++-
 haproxy.cfg | 23 +++++++++++++++--------
 2 files changed, 20 insertions(+), 9 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4a3474b..97b9f09 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -43,7 +43,11 @@ ENV ALLOW_RESTARTS=0 \
     NETWORKS_CREATE=0 \
     NETWORKS_PRUNE=0 \
     NETWORKS_CONNECT=0 \
-    NETWORKS_DISCONNECT=0
+    NETWORKS_DISCONNECT=0 \
+    NETWORKS_DELETE=0 \
+    CONTAINERS_DELETE=0 \
+    IMAGES_DELETE=0 \
+    VOLUMES_DELETE=0
     
 COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
 
diff --git a/haproxy.cfg b/haproxy.cfg
index 5079f4d..bdf4c83 100644
--- a/haproxy.cfg
+++ b/haproxy.cfg
@@ -28,20 +28,20 @@ defaults
     load-server-state-from-file global
 
     # Use provided example error pages
-    errorfile 400 /usr/local/etc/haproxy/errors/400.http
-    errorfile 403 /usr/local/etc/haproxy/errors/403.http
-    errorfile 408 /usr/local/etc/haproxy/errors/408.http
-    errorfile 500 /usr/local/etc/haproxy/errors/500.http
-    errorfile 502 /usr/local/etc/haproxy/errors/502.http
-    errorfile 503 /usr/local/etc/haproxy/errors/503.http
-    errorfile 504 /usr/local/etc/haproxy/errors/504.http
+    # errorfile 400 /usr/local/etc/haproxy/errors/400.http
+    # errorfile 403 /usr/local/etc/haproxy/errors/403.http
+    # errorfile 408 /usr/local/etc/haproxy/errors/408.http
+    # errorfile 500 /usr/local/etc/haproxy/errors/500.http
+    # errorfile 502 /usr/local/etc/haproxy/errors/502.http
+    # errorfile 503 /usr/local/etc/haproxy/errors/503.http
+    # errorfile 504 /usr/local/etc/haproxy/errors/504.http
 
 backend dockerbackend
     server dockersocket /var/run/docker.sock
 
 frontend dockerfrontend
     bind :2375
-    http-request deny unless METH_GET || { env(POST) -m bool }
+    http-request deny unless METH_GET || METH_POST { env(POST) -m bool } || METH_DELETE { env(DELETE) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool }
@@ -84,5 +84,12 @@ frontend dockerfrontend
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/prune } { env(NETWORKS_PRUNE) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/[a-zA-Z0-9_.-]+/connect } { env(NETWORKS_CONNECT) -m bool } 
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/[a-zA-Z0-9_.-]+/disconnect } { env(NETWORKS_DISCONNECT) -m bool } 
+    
+    # DELETE requests
+    http-request allow if METH_DELETE { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/[a-zA-Z0-9_.-]+ } { env(NETWORKS_DELETE) -m bool }
+    http-request allow if METH_DELETE { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+ } { env(CONTAINERS_DELETE) -m bool }
+    http-request allow if METH_DELETE { path,url_dec -m reg -i ^(/v[\d\.]+)?/images/[a-zA-Z0-9_.-]+ } { env(IMAGES_DELETE) -m bool }
+    http-request allow if METH_DELETE { path,url_dec -m reg -i ^(/v[\d\.]+)?/volumes/[a-zA-Z0-9_.-]+ } { env(VOLUMES_DELETE) -m bool }
+
     http-request deny
     default_backend dockerbackend