From 8d7733fa15d8c2b61b9c520e076f06cc29d923ab Mon Sep 17 00:00:00 2001 From: gyurix Date: Fri, 4 Mar 2022 07:39:02 +0100 Subject: [PATCH] Added smarthost-proxy files --- firewall_backend1-zc93hh9u.json | 69 +++++++++++ firewall_backend2-g4rg38gr83.json | 69 +++++++++++ firewall_dns-behbeq37s6.json | 73 ++++++++++++ firewall_openvpn-27dhuwdi.json | 69 +++++++++++ firewall_wireguard-27dhuwdh.json | 69 +++++++++++ proxy-dns.json | 66 +++++++++++ public-proxy.json | 185 ++++++++++++++++++++++++++++++ 7 files changed, 600 insertions(+) create mode 100644 firewall_backend1-zc93hh9u.json create mode 100644 firewall_backend2-g4rg38gr83.json create mode 100644 firewall_dns-behbeq37s6.json create mode 100644 firewall_openvpn-27dhuwdi.json create mode 100644 firewall_wireguard-27dhuwdh.json create mode 100644 proxy-dns.json create mode 100644 public-proxy.json diff --git a/firewall_backend1-zc93hh9u.json b/firewall_backend1-zc93hh9u.json new file mode 100644 index 0000000..7e2b636 --- /dev/null +++ b/firewall_backend1-zc93hh9u.json @@ -0,0 +1,69 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "null", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.18.100.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.101.2" + }, + { + "NAME": "TYPE", + "VALUE": "tcp" + }, + { + "NAME": "TARGET_PORT_1", + "VALUE": "80" + }, + { + "NAME": "TARGET_PORT_2", + "VALUE": "443" + }, + { + "NAME": "COMMENT", + "VALUE": "zc93hh9u" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall_backend2-g4rg38gr83.json b/firewall_backend2-g4rg38gr83.json new file mode 100644 index 0000000..9bc0ef6 --- /dev/null +++ b/firewall_backend2-g4rg38gr83.json @@ -0,0 +1,69 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "null", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.18.100.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.102.2" + }, + { + "NAME": "TYPE", + "VALUE": "tcp" + }, + { + "NAME": "TARGET_PORT_1", + "VALUE": "80" + }, + { + "NAME": "TARGET_PORT_2", + "VALUE": "443" + }, + { + "NAME": "COMMENT", + "VALUE": "g4rg38gr83" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall_dns-behbeq37s6.json b/firewall_dns-behbeq37s6.json new file mode 100644 index 0000000..34295b1 --- /dev/null +++ b/firewall_dns-behbeq37s6.json @@ -0,0 +1,73 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "null", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.18.100.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.255.2" + }, + { + "NAME": "TYPE", + "VALUE": "udp" + }, + { + "NAME": "TARGET_PORT_1", + "VALUE": "53" + }, + { + "NAME": "TARGET_PORT_2", + "VALUE": "67" + }, + { + "NAME": "TARGET_PORT_3", + "VALUE": "68" + }, + { + "NAME": "COMMENT", + "VALUE": "behbeq37s6" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall_openvpn-27dhuwdi.json b/firewall_openvpn-27dhuwdi.json new file mode 100644 index 0000000..3a57c7d --- /dev/null +++ b/firewall_openvpn-27dhuwdi.json @@ -0,0 +1,69 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "null", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.22.0.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.100.2" + }, + { + "NAME": "TYPE", + "VALUE": "tcp" + }, + { + "NAME": "TARGET_PORT_1", + "VALUE": "80" + }, + { + "NAME": "TARGET_PORT_2", + "VALUE": "443" + }, + { + "NAME": "COMMENT", + "VALUE": "27dhuwdh" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall_wireguard-27dhuwdh.json b/firewall_wireguard-27dhuwdh.json new file mode 100644 index 0000000..7537fcd --- /dev/null +++ b/firewall_wireguard-27dhuwdh.json @@ -0,0 +1,69 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "null", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { + "NAME": "CHAIN", + "VALUE": "DOCKER-USER" + }, + { + "NAME": "SOURCE_IP", + "VALUE": "172.16.0.2" + }, + { + "NAME": "TARGET_IP", + "VALUE": "172.18.100.2" + }, + { + "NAME": "TYPE", + "VALUE": "tcp" + }, + { + "NAME": "TARGET_PORT_1", + "VALUE": "80" + }, + { + "NAME": "TARGET_PORT_2", + "VALUE": "443" + }, + { + "NAME": "COMMENT", + "VALUE": "27dhuwdh" + } + ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/proxy-dns.json b/proxy-dns.json new file mode 100644 index 0000000..0d8436a --- /dev/null +++ b/proxy-dns.json @@ -0,0 +1,66 @@ +{ + "main": { + "SERVICE_NAME": "proxy-dns", + "DOMAIN": "null" + }, + "networks": [ + { + "NAME": "proxy-dns", + "DRIVER": "bridge", + "SUBNET": "172.18.255.0/24", + "RANGE": "172.18.255.0/24", + "GATEWAY": "172.18.255.1" + } + ], + "containers": [ + { + "IMAGE": "registry.format.hu/dnsmasq:latest", + "NAME": "proxy_dns-efhuh3g1", + "MEMORY": "64M", + "IP": "172.18.255.2", + "NETWORK": "proxy-dns", + "VOLUMES": [ + { + "SOURCE": "/etc/user/data/dnsmasq/", + "DEST": "/etc/dnsmasq.d/", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/log/dnsmasq/", + "DEST": "/var/log/dnsmasq/", + "TYPE": "rw" + } + ], + "PORTS": [ + { + "SOURCE": "null", + "DEST": "53", + "TYPE": "udp" + }, + { + "SOURCE": "null", + "DEST": "67", + "TYPE": "udp" + }, + { + "SOURCE": "null", + "DEST": "68", + "TYPE": "udp" + } + ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + ], + "EXTRA": "null", + "DEPEND": "null", + "START_ON_BOOT": "true", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/public-proxy.json b/public-proxy.json new file mode 100644 index 0000000..ee17fd2 --- /dev/null +++ b/public-proxy.json @@ -0,0 +1,185 @@ +{ + "main": { + "SERVICE_NAME": "public-proxy", + "DOMAIN": "null" + }, + "networks": [ + { + "NAME": "loadbalancer", + "DRIVER": "bridge", + "SUBNET": "172.18.100.0/24", + "RANGE": "172.18.100.0/24", + "GATEWAY": "172.18.100.1" + }, + { + "NAME": "backend-1", + "DRIVER": "bridge", + "SUBNET": "172.18.101.0/24", + "RANGE": "172.18.101.0/24", + "GATEWAY": "172.18.101.1" + }, + { + "NAME": "backend-2", + "DRIVER": "bridge", + "SUBNET": "172.18.102.0/24", + "RANGE": "172.18.102.0/24", + "GATEWAY": "172.18.102.1" + } + ], + "containers": [ + { + "IMAGE": "registry.format.hu/haproxy:2.2.5", + "NAME": "loadbalancer-27dhuwdh", + "ROLES": "frontend-proxy", + "MEMORY": "128M", + "IP": "172.18.100.2", + "NETWORK": "loadbalancer", + "DNS": [ "172.18.255.2" ], + "ENVS": [ + { + "NAME": "letsencrypt", + "VALUE": "letsencrypt" + }, + { + "NAME": "backend1", + "VALUE": "backend1" + }, + { + "NAME": "backend2", + "VALUE": "backend2" + } + ], + "READYNESS": [ + {"tcp": "80"}, + {"HTTP": "8080"}, + {"EXEC": "/ready.sh"} + ], + "PORTS": [ + { + "SOURCE": "80", + "DEST": "80", + "TYPE": "tcp" + }, + { + "SOURCE": "443", + "DEST": "443", + "TYPE": "tcp" + } + ], + "VOLUMES": [ + { + "SOURCE": "/etc/system/log/public-proxy/loadbalancer", + "DEST": "/var/log/haproxy", + "TYPE": "rw" + } + ], + "READYNESS": [ + {"tcp": "80"}, + {"HTTP": "8080"}, + {"EXEC": "/ready.sh"} + ], + "EXTRA": "--label ROLES=loadbalancer" , + "DEPEND": [ "proxy-dns" ], + "START_ON_BOOT": "true", + "CMD": "null", + "PRE_START": [ "firewall_dns-behbeq37s6" ], + "POST_START": [ "firewall_wireguard-27dhuwdh", "firewall_openvpn-27dhuwdi" ] + }, + { + "IMAGE": "registry.format.hu/nginx:1.21", + "NAME": "backend-zc93hh9u", + "ROLES": "backend-proxy", + "MEMORY": "64M", + "IP": "172.18.101.2", + "NETWORK": "backend-1", + "PORTS": [ + { + "SOURCE": "null", + "DEST": "80", + "TYPE": "tcp" + }, + { + "SOURCE": "null", + "DEST": "443", + "TYPE": "tcp" + } + ], + "VOLUMES": [ + { + "SOURCE": "/etc/system/config/public-proxy/nginx", + "DEST": "/etc/nginx/conf.d", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/ssl/keys", + "DEST": "/etc/ssl/keys", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/log/public-proxy/backend-1", + "DEST": "/var/log/nginx", + "TYPE": "rw" + } + ], + "READYNESS": [ + {"tcp": "80"}, + {"HTTP": "8080"}, + {"EXEC": "/ready.sh"} + ], + "EXTRA": "null", + "DEPEND": "null", + "START_ON_BOOT": "true", + "CMD": "null", + "PRE_START": "null", + "POST_START": [ "firewall_backend1-zc93hh9u" ] + }, + { + "IMAGE": "registry.format.hu/nginx:1.21", + "NAME": "backend-g4rg38gr83", + "ROLES": "backend-proxy", + "MEMORY": "64M", + "IP": "172.18.102.2", + "NETWORK": "backend-2", + "PORTS": [ + { + "SOURCE": "null", + "DEST": "80", + "TYPE": "tcp" + }, + { + "SOURCE": "null", + "DEST": "443", + "TYPE": "tcp" + } + ], + "VOLUMES": [ + { + "SOURCE": "/etc/system/config/public-proxy/nginx", + "DEST": "/etc/nginx/conf.d", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/ssl/keys", + "DEST": "/etc/ssl/keys", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/log/public-proxy/backend-2", + "DEST": "/var/log/nginx", + "TYPE": "rw" + } + ], + "READYNESS": [ + {"tcp": "80"}, + {"HTTP": "8080"}, + {"EXEC": "/ready.sh"} + ], + "EXTRA": "null", + "DEPEND": "null", + "START_ON_BOOT": "true", + "CMD": "null", + "PRE_START": "null", + "POST_START": [ "firewall_backend2-g4rg38gr83" ] + } + ] +}