diff --git a/firewall-29eexhrh.json b/firewall-29eexhrh.json new file mode 100644 index 0000000..744bf38 --- /dev/null +++ b/firewall-29eexhrh.json @@ -0,0 +1,65 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "null", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.18.103.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.254.254" + }, + { + "NAME": "TYPE", + "VALUE": "tcp" + }, + { + "NAME": "TARGET_PORT", + "VALUE": "80" + }, + { + "NAME": "COMMENT", + "VALUE": "29eexhrh" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall-dns.json b/firewall-dns.json new file mode 100644 index 0000000..4a1f5b9 --- /dev/null +++ b/firewall-dns.json @@ -0,0 +1,72 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "firewall_dns-public", + "MEMORY": "64M", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.18.100.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.255.2" + }, + { + "NAME": "TYPE", + "VALUE": "udp" + }, + { + "NAME": "TARGET_PORT_1", + "VALUE": "53" + }, + { + "NAME": "TARGET_PORT_2", + "VALUE": "67" + }, + { + "NAME": "TARGET_PORT_3", + "VALUE": "68" + }, + { + "NAME": "COMMENT", + "VALUE": "behbeq37s6" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/letsencrypt.json b/letsencrypt.json new file mode 100644 index 0000000..2f2f245 --- /dev/null +++ b/letsencrypt.json @@ -0,0 +1,49 @@ +{ + "main": { + "SERVICE_NAME": "letsencrypt", + "DOMAIN": "null" + }, + "networks": [ + { + "NAME": "letsencrypt", + "DRIVER": "bridge", + "SUBNET": "172.18.254.0/24", + "RANGE": "172.18.254.0/24", + "GATEWAY": "172.18.254.1" + } + ], + "containers": [ + { + "IMAGE": "registry.format.hu/letsencrypt:latest", + "NAME": "letsencrypt-rz56t7ir", + "MEMORY": "64M", + "IP": "172.18.254.254", + "NETWORK": "letsencrypt", + "VOLUMES": [ + { + "SOURCE": "/etc/ssl/keys/", + "DEST": "/acme.sh/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/smarthost-domains", + "DEST": "/domains", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "ENV_FILES": [ "/etc/user/config/user.json" ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "EXTRA": "", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": [ "firewall-29eexhrh" ] + } + ] +} diff --git a/proxy-dns.json b/proxy-dns.json index 0d8436a..c871e27 100644 --- a/proxy-dns.json +++ b/proxy-dns.json @@ -5,7 +5,7 @@ }, "networks": [ { - "NAME": "proxy-dns", + "NAME": "proxy_dns-public", "DRIVER": "bridge", "SUBNET": "172.18.255.0/24", "RANGE": "172.18.255.0/24", @@ -18,15 +18,15 @@ "NAME": "proxy_dns-efhuh3g1", "MEMORY": "64M", "IP": "172.18.255.2", - "NETWORK": "proxy-dns", + "NETWORK": "proxy_dns-public", "VOLUMES": [ { - "SOURCE": "/etc/user/data/dnsmasq/", + "SOURCE": "/etc/system/data/proxy-dns/", "DEST": "/etc/dnsmasq.d/", - "TYPE": "ro" + "TYPE": "rw" }, { - "SOURCE": "/etc/system/log/dnsmasq/", + "SOURCE": "/etc/system/log/proxy-dns/", "DEST": "/var/log/dnsmasq/", "TYPE": "rw" } diff --git a/proxy_config b/proxy_config new file mode 100644 index 0000000..fdc84f7 --- /dev/null +++ b/proxy_config @@ -0,0 +1,21 @@ + }, + "proxy_scheduler_local": { + "DOCKER_REGISTRY_URL": "registry.format.hu", + "LETSENCRYPT_URL": "letsencrypt.org", + "LETSENCRYPT_SERVICE_NAME": "letsencrypt.json", + "CERT_DIR": "/keys", + "DOMAIN_DIR": "/domains", + "PROXY_SERVICE_FILE": "smarthost-proxy.json", + "PROXY_CONFIG_DIR": "/proxy_config", + "PROXY_TYPE": "", + "TIMEOUT": "5", + "RESTART": "3", + "ROLE": "smarthost-backend-proxy", + "SERVICE_NAME": "smarthost-proxy" + }, + "loadbalancer": { + "letsencrypt": "letsencrypt", + "backend1": "backend1", + "backend2": "backend2" + } +} diff --git a/smarthost-proxy-scheduler.json b/smarthost-proxy-scheduler.json new file mode 100644 index 0000000..21f4e2a --- /dev/null +++ b/smarthost-proxy-scheduler.json @@ -0,0 +1,67 @@ +{ + "main": { + "SERVICE_NAME": "smarthost-proxy-scheduler", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/proxy-scheduler:latest", + "NAME": "proxy_scheduler_local-ifhiwhth", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/etc/user/config/smarthost-domains", + "DEST": "/domains", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/ssl/keys", + "DEST": "/keys", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/ssl/certs/", + "DEST": "/etc/ssl/certs/", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/config/smarthost-proxy/nginx", + "DEST": "/proxy_config", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services/smarthost-proxy.json", + "DEST": "/smarthost-proxy.json", + "TYPE": "ro" + }, + { + "SOURCE": "/var/run/docker.sock", + "DEST": "/var/run/docker.sock", + "TYPE": "rw" + }, + { + "SOURCE": "/usr/bin/docker", + "DEST": "/usr/bin/docker", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + ], + "ENV_FILES": [ "/etc/system/config/proxy.json" ], + "EXTRA": "null", + "DEPEND": "null", + "START_ON_BOOT": "true", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/public-proxy.json b/smarthost-proxy.json similarity index 65% rename from public-proxy.json rename to smarthost-proxy.json index 9fbefe8..1ece990 100644 --- a/public-proxy.json +++ b/smarthost-proxy.json @@ -1,40 +1,40 @@ { "main": { - "SERVICE_NAME": "public-proxy", + "SERVICE_NAME": "smarthost-proxy", "DOMAIN": "null" }, "networks": [ { - "NAME": "loadbalancer", + "NAME": "smarthost-loadbalancer", "DRIVER": "bridge", - "SUBNET": "172.18.100.0/24", - "RANGE": "172.18.100.0/24", - "GATEWAY": "172.18.100.1" + "SUBNET": "172.18.103.0/24", + "RANGE": "172.18.103.0/24", + "GATEWAY": "172.18.103.1" }, { - "NAME": "backend-1", + "NAME": "smarthost_backend-1", "DRIVER": "bridge", - "SUBNET": "172.18.101.0/24", - "RANGE": "172.18.101.0/24", - "GATEWAY": "172.18.101.1" + "SUBNET": "172.18.104.0/24", + "RANGE": "172.18.104.0/24", + "GATEWAY": "172.18.104.1" }, { - "NAME": "backend-2", + "NAME": "smarthost_backend-2", "DRIVER": "bridge", - "SUBNET": "172.18.102.0/24", - "RANGE": "172.18.102.0/24", - "GATEWAY": "172.18.102.1" + "SUBNET": "172.18.105.0/24", + "RANGE": "172.18.105.0/24", + "GATEWAY": "172.18.105.1" } ], "containers": [ { "IMAGE": "registry.format.hu/haproxy:2.5.4", - "NAME": "loadbalancer-27dhuwdh", - "ROLES": "frontend-proxy", + "NAME": "loadbalancer-27dhuwth", + "ROLES": "smarthost-frontend-proxy", "MEMORY": "128M", - "IP": "172.18.100.2", - "NETWORK": "loadbalancer", - "DNS": [ "172.18.255.2" ], + "IP": "172.18.103.2", + "NETWORK": "smarthost-loadbalancer", + "DNS": [ "proxy_dns" ], "ENVS": [ { "NAME": "letsencrypt", @@ -42,11 +42,11 @@ }, { "NAME": "backend1", - "VALUE": "backend1" + "VALUE": "172.18.104.2" }, { "NAME": "backend2", - "VALUE": "backend2" + "VALUE": "172.18.105.2" } ], "READYNESS": [ @@ -56,19 +56,19 @@ ], "PORTS": [ { - "SOURCE": "80", + "SOURCE": "null", "DEST": "80", "TYPE": "tcp" }, { - "SOURCE": "443", + "SOURCE": "null", "DEST": "443", "TYPE": "tcp" } ], "VOLUMES": [ { - "SOURCE": "/etc/system/log/public-proxy/loadbalancer", + "SOURCE": "/etc/system/log/smarthost-proxy/loadbalancer", "DEST": "/var/log/haproxy", "TYPE": "rw" } @@ -82,16 +82,16 @@ "DEPEND": [ "proxy-dns" ], "START_ON_BOOT": "true", "CMD": "null", - "PRE_START": [ "firewall_dns-behbeq37s6" ], - "POST_START": [ "firewall_wireguard-27dhuwdh", "firewall_openvpn-27dhuwdi" ] + "PRE_START": [ "firewall_dns-behbeq37th" ], + "POST_START": [ "firewall-smarhost-loadbalancer" ] }, { "IMAGE": "registry.format.hu/nginx:1.21", - "NAME": "backend-zc93hh9u", - "ROLES": "backend-proxy", + "NAME": "backend-zc93hhth", + "ROLES": "smarthost-backend-proxy", "MEMORY": "64M", - "IP": "172.18.101.2", - "NETWORK": "backend-1", + "IP": "172.18.104.2", + "NETWORK": "smarthost_backend-1", "PORTS": [ { "SOURCE": "null", @@ -106,7 +106,7 @@ ], "VOLUMES": [ { - "SOURCE": "/etc/system/config/public-proxy/nginx", + "SOURCE": "/etc/system/config/smarthost-proxy/nginx", "DEST": "/etc/nginx/conf.d", "TYPE": "ro" }, @@ -116,7 +116,7 @@ "TYPE": "ro" }, { - "SOURCE": "/etc/system/log/public-proxy/backend-1", + "SOURCE": "/etc/system/log/smarthost-proxy/backend-1", "DEST": "/var/log/nginx", "TYPE": "rw" } @@ -131,15 +131,15 @@ "START_ON_BOOT": "true", "CMD": "null", "PRE_START": "null", - "POST_START": [ "firewall_backend1-zc93hh9u" ] + "POST_START": [ "firewall_backend1-zc93hhth" ] }, { "IMAGE": "registry.format.hu/nginx:1.21", - "NAME": "backend-g4rg38gr83", - "ROLES": "backend-proxy", + "NAME": "backend-g4rg38th", + "ROLES": "smarthost-backend-proxy", "MEMORY": "64M", - "IP": "172.18.102.2", - "NETWORK": "backend-2", + "IP": "172.18.105.2", + "NETWORK": "smarthost_backend-2", "PORTS": [ { "SOURCE": "null", @@ -154,7 +154,7 @@ ], "VOLUMES": [ { - "SOURCE": "/etc/system/config/public-proxy/nginx", + "SOURCE": "/etc/system/config/smarthost-proxy/nginx", "DEST": "/etc/nginx/conf.d", "TYPE": "ro" }, @@ -164,7 +164,7 @@ "TYPE": "ro" }, { - "SOURCE": "/etc/system/log/public-proxy/backend-2", + "SOURCE": "/etc/system/log/smarthost-proxy/backend-2", "DEST": "/var/log/nginx", "TYPE": "rw" } @@ -179,7 +179,7 @@ "START_ON_BOOT": "true", "CMD": "null", "PRE_START": "null", - "POST_START": [ "firewall_backend2-g4rg38gr83" ] + "POST_START": [ "firewall_backend2-g4rg38th" ] } ] } diff --git a/firewall_openvpn-27dhuwdi.json b/vpn/firewall_openvpn-27dhuwdi.json similarity index 100% rename from firewall_openvpn-27dhuwdi.json rename to vpn/firewall_openvpn-27dhuwdi.json diff --git a/firewall_wireguard-27dhuwdh.json b/vpn/firewall_wireguard-27dhuwdh.json similarity index 100% rename from firewall_wireguard-27dhuwdh.json rename to vpn/firewall_wireguard-27dhuwdh.json