From 09d4a254b70865a3e57c2f89cfedbf020697e4f6 Mon Sep 17 00:00:00 2001 From: gyurix Date: Thu, 27 Apr 2023 09:29:29 +0000 Subject: [PATCH] Added new service files to repository --- firewall-vpn-proxy-postrouting.json | 70 ++++++++++++++++++ firewall-vpn-proxy-prerouting.json | 74 +++++++++++++++++++ firewall-vpn-smarthost-loadbalancer.json | 64 ++++++++++++++++ ...lancer_wireguard_postrouting-27dhuwdh.json | 55 -------------- ...alancer_wireguard_prerouting-27dhuwdh.json | 55 -------------- proxy.json | 24 ------ user.json | 6 -- wireguard-proxy-client.json => vpn-proxy.json | 23 +++--- 8 files changed, 217 insertions(+), 154 deletions(-) create mode 100644 firewall-vpn-proxy-postrouting.json create mode 100644 firewall-vpn-proxy-prerouting.json create mode 100644 firewall-vpn-smarthost-loadbalancer.json delete mode 100644 firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json delete mode 100644 firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json delete mode 100644 proxy.json delete mode 100644 user.json rename wireguard-proxy-client.json => vpn-proxy.json (64%) diff --git a/firewall-vpn-proxy-postrouting.json b/firewall-vpn-proxy-postrouting.json new file mode 100644 index 0000000..14a98da --- /dev/null +++ b/firewall-vpn-proxy-postrouting.json @@ -0,0 +1,70 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "UPDATE": "true", + "NAME": "firewall", + "SCALE": "0", + "MEMORY": "64M", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/proc/", + "DEST": "/proc/", + "TYPE": "rw" + }, + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + }, + { + "SOURCE": "/var/run/docker.sock", + "DEST": "/var/run/docker.sock", + "TYPE": "rw" + }, + { + "SOURCE": "/usr/bin/docker", + "DEST": "/usr/bin/docker", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/data/dns/hosts.local", + "DEST": "/etc/dns/hosts.local", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { "NSENTER": "true" }, + { "POSTROUTING": "true" }, + { "NAME": "NAME", "VALUE": "wireguardproxy" }, + { "TARGET": "smarthostloadbalancer" }, + { "TYPE": "tcp" }, + { "TARGET_PORT_1": "80" }, + { "TARGET_PORT_2": "443" }, + { "COMMENT": "client" } + ], + "EXTRA": "--privileged --rm", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall-vpn-proxy-prerouting.json b/firewall-vpn-proxy-prerouting.json new file mode 100644 index 0000000..bb10ee8 --- /dev/null +++ b/firewall-vpn-proxy-prerouting.json @@ -0,0 +1,74 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "UPDATE": "true", + "NAME": "wireguardfirewall", + "SCALE": "0", + "MEMORY": "64M", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/proc/", + "DEST": "/proc/", + "TYPE": "rw" + }, + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + }, + { + "SOURCE": "/var/run/docker.sock", + "DEST": "/var/run/docker.sock", + "TYPE": "rw" + }, + { + "SOURCE": "/usr/bin/docker", + "DEST": "/usr/bin/docker", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/data/dns/hosts.local", + "DEST": "/etc/dns/hosts.local", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { "NSENTER": "true" }, + { "PREROUTING": "true" }, + { "SOURCE_IFACE": "wg0" }, + { "TARGET": "smarthostloadbalancer" }, + { "NAME": "NAME", "VALUE": "wireguardproxy" }, + { "TYPE": "tcp" }, + { "SOURCE_PORT_1": "80" }, + { "SOURCE_PORT_2": "443" }, + { "TARGET_PORT_1": "80" }, + { "TARGET_PORT_2": "443" }, + { "COMMENT": "client" } + ], + "ENV_FILES": [ "/etc/user/config/user.json" ], + "EXTRA": "--privileged --rm", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall-vpn-smarthost-loadbalancer.json b/firewall-vpn-smarthost-loadbalancer.json new file mode 100644 index 0000000..f309324 --- /dev/null +++ b/firewall-vpn-smarthost-loadbalancer.json @@ -0,0 +1,64 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "UPDATE": "true", + "NAME": "firewall", + "MEMORY": "64M", + "NETWORK": "host", + "SCALE": "0", + "VOLUMES": [ + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/system/data/dns/hosts.local", + "DEST": "/etc/dns/hosts.local", + "TYPE": "ro" + }, + { + "SOURCE": "/var/run/docker.sock", + "DEST": "/var/run/docker.sock", + "TYPE": "rw" + }, + { + "SOURCE": "/usr/bin/docker", + "DEST": "/usr/bin/docker", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": [ + { "CHAIN": "DOCKER-USER" }, + { "SOURCE": "proxyvpnclient" }, + { "TARGET": "smarthostloadbalancer" }, + { "TYPE": "tcp" }, + { "TARGET_PORT_1": "80" }, + { "TARGET_PORT_2": "443" }, + { "COMMENT": "vpn access smarthost loadbalancer" } + ], + "EXTRA": "--privileged --rm", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json b/firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json deleted file mode 100644 index a9c7c36..0000000 --- a/firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "main": { - "SERVICE_NAME": "firewalls", - "DOMAIN": "null" - }, - "containers": [ - { - "IMAGE": "registry.format.hu/firewall", - "NAME": "firewall_loadbalancer_wireguard_postrouting-27dhuwdh", - "MEMORY": "64M", - "IP": "null", - "NETWORK": "host", - "VOLUMES": [ - { - "SOURCE": "/var/run/docker.sock", - "DEST": "/var/run/docker.sock", - "TYPE": "rw" - }, - { - "SOURCE": "/usr/bin/docker", - "DEST": "/usr/bin/docker", - "TYPE": "ro" - }, - { - "SOURCE": "/run/", - "DEST": "/run/", - "TYPE": "rw" - }, - { - "SOURCE": "/proc/", - "DEST": "/proc/", - "TYPE": "ro" - }, - { - "SOURCE": "/etc/user/config/services", - "DEST": "/services", - "TYPE": "ro" - } - ], - "PORTS": [ ], - "READYNESS": [ - {"tcp": ""}, - {"HTTP": ""}, - {"EXEC": "/ready.sh"} - ], - "ENV_FILES": [ "/etc/system/config/proxy.json" ], - "EXTRA": "--privileged", - "DEPEND": "null", - "START_ON_BOOT": "false", - "CMD": "null", - "PRE_START": "null", - "POST_START": "null" - } - ] -} diff --git a/firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json b/firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json deleted file mode 100644 index da0a625..0000000 --- a/firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json +++ /dev/null @@ -1,55 +0,0 @@ -{ - "main": { - "SERVICE_NAME": "firewalls", - "DOMAIN": "null" - }, - "containers": [ - { - "IMAGE": "registry.format.hu/firewall", - "NAME": "firewall_loadbalancer_wireguard_prerouting-27dhuwdh", - "MEMORY": "64M", - "IP": "null", - "NETWORK": "host", - "VOLUMES": [ - { - "SOURCE": "/var/run/docker.sock", - "DEST": "/var/run/docker.sock", - "TYPE": "rw" - }, - { - "SOURCE": "/usr/bin/docker", - "DEST": "/usr/bin/docker", - "TYPE": "ro" - }, - { - "SOURCE": "/run/", - "DEST": "/run/", - "TYPE": "rw" - }, - { - "SOURCE": "/proc/", - "DEST": "/proc/", - "TYPE": "ro" - }, - { - "SOURCE": "/etc/user/config/services", - "DEST": "/services", - "TYPE": "ro" - } - ], - "PORTS": [ ], - "READYNESS": [ - {"tcp": ""}, - {"HTTP": ""}, - {"EXEC": "/ready.sh"} - ], - "ENV_FILES": [ "/etc/user/config/user.json", "/etc/system/config/proxy.json" ], - "EXTRA": "--privileged", - "DEPEND": "null", - "START_ON_BOOT": "false", - "CMD": "null", - "PRE_START": "null", - "POST_START": "null" - } - ] -} diff --git a/proxy.json b/proxy.json deleted file mode 100644 index 04acf55..0000000 --- a/proxy.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "firewall_loadbalancer_wireguard_prerouting": { - "NAME": "wireguard_proxy_client", - "PREROUTING": "true", - "TARGET_IP": "172.18.100.2", - "TYPE": "tcp", - "SOURCE_PORT_1": "80", - "SOURCE_PORT_2": "443", - "TARGET_PORT_1": "80", - "TARGET_PORT_2": "443", - "COMMENT": "edeg3e98" - }, - "firewall_loadbalancer_wireguard_postrouting": { - "NAME": "wireguard_proxy_client", - "POSTROUTING": "true", - "TARGET_IP": "172.18.100.0", - "TARGET_PORT_1": "80", - "TARGET_PORT_2": "443", - "TYPE": "tcp", - "COMMENT": "edeg3e98" - } -} - - diff --git a/user.json b/user.json deleted file mode 100644 index 55ae456..0000000 --- a/user.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - }, - "firewall_loadbalancer_wireguard_prerouting": { - "SOURCE_IP": "10.0.1.1" - } -} diff --git a/wireguard-proxy-client.json b/vpn-proxy.json similarity index 64% rename from wireguard-proxy-client.json rename to vpn-proxy.json index 0d3d52c..be26829 100644 --- a/wireguard-proxy-client.json +++ b/vpn-proxy.json @@ -3,22 +3,13 @@ "SERVICE_NAME": "wireguard-client", "DOMAIN": "null" }, - "networks": [ - { - "NAME": "wireguard-proxy-client", - "DRIVER": "bridge", - "SUBNET": "172.16.0.0/24", - "RANGE": "172.16.0.0/24", - "GATEWAY": "172.16.0.1" - } - ], "containers": [ { - "IMAGE": "registry.format.hu/wireguard-server", - "NAME": "wireguard_proxy_client-edeg3e98", + "IMAGE": "registry.format.hu/wireguard-client", + "UPDATE": "true", + "NAME": "wireguardproxy-client", "MEMORY": "64M", - "IP": "172.16.0.2", - "NETWORK": "wireguard-proxy-client", + "SELECTOR": "proxyvpnclient", "VOLUMES": [ { "SOURCE": "/etc/user/secret/wireguard-client/wg0.conf", @@ -38,7 +29,11 @@ "START_ON_BOOT": "true", "CMD": "null", "PRE_START": "null", - "POST_START": [ "firewall_loadbalancer_wireguard_prerouting-27dhuwdh", "firewall_loadbalancer_wireguard_postrouting-27dhuwdh" ] + "POST_START": [ "firewall-vpn-smarthost-loadbalancer", + "firewall-vpn-proxy-postrouting", + "firewall-vpn-proxy-prerouting" + ] } ] } +