safebox/proxy-scheduler
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

update letsencrypt and firewall configurations to use 'safebox' registry and improve formatting

Browse Source
This commit is contained in:
gyurix
2025-03-05 23:05:39 +01:00
parent 4f048de3bc
commit 3dded502e7
4 changed files with 249 additions and 211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
firewall-letsencrypt.json
View File

@@ -1,52 +1,70 @@
{ {
"main": { "main": {
"SERVICE_NAME": "firewalls", "SERVICE_NAME": "firewalls",
"DOMAIN": "null" "DOMAIN": "null"
}, },
"containers": [ "containers": [
{ {
"IMAGE": "registry.format.hu/firewall", "IMAGE": "safebox/firewall",
"NAME": "firewall", "NAME": "firewall",
"MEMORY": "64M", "MEMORY": "64M",
"NETWORK": "host", "NETWORK": "host",
"SCALE": "0", "SCALE": "0",
"VOLUMES": [ "VOLUMES": [
{ {
"SOURCE": "/run/", "SOURCE": "/run/",
"DEST": "/run/", "DEST": "/run/",
"TYPE": "rw" "TYPE": "rw"
}, },
{ {
"SOURCE": "/etc/user/config/services", "SOURCE": "/etc/user/config/services",
"DEST": "/services", "DEST": "/services",
"TYPE": "ro" "TYPE": "ro"
}, },
{ {
"SOURCE": "/etc/system/data/dns/hosts.local", "SOURCE": "/etc/system/data/dns/hosts.local",
"DEST": "/etc/dns/hosts.local", "DEST": "/etc/dns/hosts.local",
"TYPE": "ro" "TYPE": "ro"
} }
], ],
"PORTS": [ ], "PORTS": [],
"READYNESS": [ "READYNESS": [
{"tcp": ""}, {
{"HTTP": ""}, "tcp": ""
{"EXEC": "/ready.sh"} },
], {
"ENVS": [ "HTTP": ""
{ "CHAIN": "DOCKER-USER" }, },
{ "SOURCE": "smarthostloadbalancer" }, {
{ "TARGET": "letsencrypt" }, "EXEC": "/ready.sh"
{ "TYPE": "tcp" }, }
{ "TARGET_PORT": "80" }, ],
{ "COMMENT": "letsencrypt" } "ENVS": [
], {
"EXTRA": "--privileged --rm", "CHAIN": "DOCKER-USER"
"DEPEND": "null", },
"START_ON_BOOT": "false", {
"CMD": "null", "SOURCE": "smarthostloadbalancer"
"PRE_START": "null", },
"POST_START": "null" {
} "TARGET": "letsencrypt"
] },
} {
"TYPE": "tcp"
},
{
"TARGET_PORT": "80"
},
{
"COMMENT": "letsencrypt"
}
],
"EXTRA": "--privileged --rm",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "null",
"PRE_START": "null",
"POST_START": "null"
}
]
}

106
letsencrypt.json
View File

@@ -1,49 +1,59 @@
{ {
"main": { "main": {
"SERVICE_NAME": "letsencrypt", "SERVICE_NAME": "letsencrypt",
"DOMAIN": "null" "DOMAIN": "null"
}, },
"networks": [ "networks": [
{ {
"NAME": "letsencrypt", "NAME": "letsencrypt",
"DRIVER": "bridge", "DRIVER": "bridge",
"SUBNET": "172.18.254.0/24", "SUBNET": "172.18.254.0/24",
"RANGE": "172.18.254.0/24", "RANGE": "172.18.254.0/24",
"GATEWAY": "172.18.254.1" "GATEWAY": "172.18.254.1"
} }
], ],
"containers": [ "containers": [
{ {
"IMAGE": "registry.format.hu/letsencrypt", "IMAGE": "safebox/letsencrypt",
"NAME": "letsencrypt", "NAME": "letsencrypt",
"MEMORY": "64M", "MEMORY": "64M",
"IP": "172.18.254.254", "IP": "172.18.254.254",
"NETWORK": "letsencrypt", "NETWORK": "letsencrypt",
"VOLUMES": [ "VOLUMES": [
{ {
"SOURCE": "/etc/system/ssl/keys/", "SOURCE": "/etc/system/ssl/keys/",
"DEST": "/acme.sh/", "DEST": "/acme.sh/",
"TYPE": "rw" "TYPE": "rw"
}, },
{ {
"SOURCE": "/etc/user/config/domains", "SOURCE": "/etc/user/config/domains",
"DEST": "/domains", "DEST": "/domains",
"TYPE": "ro" "TYPE": "ro"
} }
], ],
"PORTS": [ ], "PORTS": [],
"ENV_FILES": [ "/etc/user/config/user.json" ], "ENV_FILES": [
"READYNESS": [ "/etc/user/config/user.json"
{"tcp": ""}, ],
{"HTTP": ""}, "READYNESS": [
{"EXEC": "/ready.sh"} {
], "tcp": ""
"EXTRA": "", },
"DEPEND": "null", {
"START_ON_BOOT": "false", "HTTP": ""
"CMD": "null", },
"PRE_START": "null", {
"POST_START": [ "firewall-29eexhrh" ] "EXEC": "/ready.sh"
} }
] ],
} "EXTRA": "",
"DEPEND": "null",
"START_ON_BOOT": "false",
"CMD": "null",
"PRE_START": "null",
"POST_START": [
"firewall-letsencrypt"
]
}
]
}

138
proxy-scheduler.json
View File

@@ -1,67 +1,77 @@
{ {
"main": { "main": {
"SERVICE_NAME": "proxy-scheduler", "SERVICE_NAME": "proxy-scheduler",
"DOMAIN": "null" "DOMAIN": "null"
}, },
"containers": [ "containers": [
{
"IMAGE": "safebox/proxy-scheduler:latest",
"NAME": "proxy_scheduler-ifhiwhhg",
"MEMORY": "64M",
"IP": "null",
"NETWORK": "host",
"VOLUMES": [
{ {
"IMAGE": "registry.format.hu/proxy-scheduler:latest", "SOURCE": "/etc/user/config/services",
"NAME": "proxy_scheduler-ifhiwhhg", "DEST": "/etc/user/config/services",
"MEMORY": "64M", "TYPE": "rw"
"IP": "null", },
"NETWORK": "host", {
"VOLUMES": [ "SOURCE": "/etc/user/config/domains",
{ "DEST": "/domains",
"SOURCE": "/etc/user/config/services", "TYPE": "ro"
"DEST": "/etc/user/config/services", },
"TYPE": "rw" {
}, "SOURCE": "/etc/system/data/ssl/keys",
{ "DEST": "/keys",
"SOURCE": "/etc/user/config/domains", "TYPE": "rw"
"DEST": "/domains", },
"TYPE": "ro" {
}, "SOURCE": "/etc/system/data/ssl/certs/",
{ "DEST": "/etc/ssl/certs/",
"SOURCE": "/etc/system/data/ssl/keys", "TYPE": "ro"
"DEST": "/keys", },
"TYPE": "rw" {
}, "SOURCE": "/etc/system/config/public-proxy/nginx",
{ "DEST": "/proxy_config",
"SOURCE": "/etc/system/data/ssl/certs/", "TYPE": "rw"
"DEST": "/etc/ssl/certs/", },
"TYPE": "ro" {
}, "SOURCE": "/etc/user/config/services/public-proxy.json",
{ "DEST": "/public-proxy.json",
"SOURCE": "/etc/system/config/public-proxy/nginx", "TYPE": "ro"
"DEST": "/proxy_config", },
"TYPE": "rw" {
}, "SOURCE": "/var/run/docker.sock",
{ "DEST": "/var/run/docker.sock",
"SOURCE": "/etc/user/config/services/public-proxy.json", "TYPE": "rw"
"DEST": "/public-proxy.json",
"TYPE": "ro"
},
{
"SOURCE": "/var/run/docker.sock",
"DEST": "/var/run/docker.sock",
"TYPE": "rw"
}
],
"PORTS": [ ],
"READYNESS": [
{"tcp": ""},
{"HTTP": ""},
{"EXEC": "/ready.sh"}
],
"ENVS": [
],
"ENV_FILES": [ "/etc/system/config/proxy.json" ],
"EXTRA": "null",
"DEPEND": [ "public-proxy.networks.loadbalancer", "public-proxy.containers.loadbalancer-27dhuwdh" ],
"START_ON_BOOT": "true",
"CMD": "null",
"PRE_START": "null",
"POST_START": "null"
} }
] ],
} "PORTS": [],
"READYNESS": [
{
"tcp": ""
},
{
"HTTP": ""
},
{
"EXEC": "/ready.sh"
}
],
"ENVS": [],
"ENV_FILES": [
"/etc/system/config/proxy.json"
],
"EXTRA": "null",
"DEPEND": [
"public-proxy.networks.loadbalancer",
"public-proxy.containers.loadbalancer-27dhuwdh"
],
"START_ON_BOOT": "true",
"CMD": "null",
"PRE_START": "null",
"POST_START": "null"
}
]
}

96
proxy.json
View File

@@ -1,49 +1,49 @@
{ {
"firewall_loadbalancer_wireguard_prerouting": { "firewall_loadbalancer_wireguard_prerouting": {
"NAME": "wireguard_proxy_client", "NAME": "wireguard_proxy_client",
"PREROUTING": "true", "PREROUTING": "true",
"TARGET_IP": "172.18.100.2", "TARGET_IP": "172.18.100.2",
"TYPE": "tcp", "TYPE": "tcp",
"SOURCE_PORT_1": "80", "SOURCE_PORT_1": "80",
"SOURCE_PORT_2": "443", "SOURCE_PORT_2": "443",
"TARGET_PORT_1": "80", "TARGET_PORT_1": "80",
"TARGET_PORT_2": "443", "TARGET_PORT_2": "443",
"COMMENT": "edeg3e98" "COMMENT": "edeg3e98"
}, },
"firewall_loadbalancer_wireguard_postrouting": { "firewall_loadbalancer_wireguard_postrouting": {
"NAME": "wireguard_proxy_client", "NAME": "wireguard_proxy_client",
"POSTROUTING": "true", "POSTROUTING": "true",
"TARGET_IP": "172.18.100.0", "TARGET_IP": "172.18.100.0",
"TARGET_PORT_1": "80", "TARGET_PORT_1": "80",
"TARGET_PORT_2": "443", "TARGET_PORT_2": "443",
"TYPE": "tcp", "TYPE": "tcp",
"COMMENT": "edeg3e98" "COMMENT": "edeg3e98"
}, },
"proxy_scheduler": { "proxy_scheduler": {
"DOCKER_REGISTRY_URL": "registry.format.hu", "DOCKER_REGISTRY_URL": "safebox",
"CERT_DIR": "/keys", "CERT_DIR": "/keys",
"DOMAIN_DIR": "/domains", "DOMAIN_DIR": "/domains",
"PROXY_SERVICE_FILE": "public-proxy.json", "PROXY_SERVICE_FILE": "public-proxy.json",
"PROXY_CONFIG_DIR": "/proxy_config", "PROXY_CONFIG_DIR": "/proxy_config",
"PROXY_TYPE": "haproxy", "PROXY_TYPE": "haproxy",
"TIMEOUT": "5", "TIMEOUT": "5",
"RESTART": "3", "RESTART": "3",
"ROLE": "backend-proxy", "ROLE": "backend-proxy",
"SERVICE_NAME": "public-proxy" "SERVICE_NAME": "public-proxy"
}, },
"proxy_scheduler_local": { "proxy_scheduler_local": {
"DOCKER_REGISTRY_URL": "registry.format.hu", "DOCKER_REGISTRY_URL": "safebox",
"PROXY_TYPE": "", "PROXY_TYPE": "",
"GENERATE_CERTIFICATE": "true", "GENERATE_CERTIFICATE": "true",
"LETSENCRYPT_URL": "letsencrypt.org", "LETSENCRYPT_URL": "letsencrypt.org",
"LETSENCRYPT_SERVICE_NAME": "letsencrypt.json", "LETSENCRYPT_SERVICE_NAME": "letsencrypt.json",
"CERT_DIR": "/keys", "CERT_DIR": "/keys",
"DOMAIN_DIR": "/domains", "DOMAIN_DIR": "/domains",
"PROXY_SERVICE_FILE": "public-proxy.json", "PROXY_SERVICE_FILE": "public-proxy.json",
"PROXY_CONFIG_DIR": "/proxy_config", "PROXY_CONFIG_DIR": "/proxy_config",
"TIMEOUT": "5", "TIMEOUT": "5",
"RESTART": "3", "RESTART": "3",
"ROLE": "backend-proxy", "ROLE": "backend-proxy",
"SERVICE_NAME": "public-proxy" "SERVICE_NAME": "public-proxy"
} }
} }