From 79f086ad23ed66ac2cb9de5712011723cb88b32f Mon Sep 17 00:00:00 2001 From: gyurix Date: Thu, 24 Mar 2022 14:59:30 +0000 Subject: [PATCH] Initial commit --- README.md | 0 ...lancer_wireguard_postrouting-27dhuwdh.json | 55 +++++++++++++++++++ ...alancer_wireguard_prerouting-27dhuwdh.json | 55 +++++++++++++++++++ wireguard-proxy-client.json | 44 +++++++++++++++ wireguard-proxy.json | 24 ++++++++ 5 files changed, 178 insertions(+) create mode 100644 README.md create mode 100644 firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json create mode 100644 firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json create mode 100644 wireguard-proxy-client.json create mode 100644 wireguard-proxy.json diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json b/firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json new file mode 100644 index 0000000..045ca6f --- /dev/null +++ b/firewall_loadbalancer_wireguard_postrouting-27dhuwdh.json @@ -0,0 +1,55 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "firewall_loadbalancer_wireguard_postrouting-27dhuwdh", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/var/run/docker.sock", + "DEST": "/var/run/docker.sock", + "TYPE": "rw" + }, + { + "SOURCE": "/usr/bin/docker", + "DEST": "/usr/bin/docker", + "TYPE": "ro" + }, + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/proc/", + "DEST": "/proc/", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENV_FILES": [ "/etc/user/config/wireguard-proxy.json" ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json b/firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json new file mode 100644 index 0000000..d1a20cd --- /dev/null +++ b/firewall_loadbalancer_wireguard_prerouting-27dhuwdh.json @@ -0,0 +1,55 @@ +{ + "main": { + "SERVICE_NAME": "firewalls", + "DOMAIN": "null" + }, + "containers": [ + { + "IMAGE": "registry.format.hu/firewall", + "NAME": "firewall_loadbalancer_wireguard_prerouting-27dhuwdh", + "MEMORY": "64M", + "IP": "null", + "NETWORK": "host", + "VOLUMES": [ + { + "SOURCE": "/var/run/docker.sock", + "DEST": "/var/run/docker.sock", + "TYPE": "rw" + }, + { + "SOURCE": "/usr/bin/docker", + "DEST": "/usr/bin/docker", + "TYPE": "ro" + }, + { + "SOURCE": "/run/", + "DEST": "/run/", + "TYPE": "rw" + }, + { + "SOURCE": "/proc/", + "DEST": "/proc/", + "TYPE": "ro" + }, + { + "SOURCE": "/etc/user/config/services", + "DEST": "/services", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENV_FILES": [ "/etc/user/config/wireguard-proxy.json" ], + "EXTRA": "--privileged", + "DEPEND": "null", + "START_ON_BOOT": "false", + "CMD": "null", + "PRE_START": "null", + "POST_START": "null" + } + ] +} diff --git a/wireguard-proxy-client.json b/wireguard-proxy-client.json new file mode 100644 index 0000000..0d3d52c --- /dev/null +++ b/wireguard-proxy-client.json @@ -0,0 +1,44 @@ +{ + "main": { + "SERVICE_NAME": "wireguard-client", + "DOMAIN": "null" + }, + "networks": [ + { + "NAME": "wireguard-proxy-client", + "DRIVER": "bridge", + "SUBNET": "172.16.0.0/24", + "RANGE": "172.16.0.0/24", + "GATEWAY": "172.16.0.1" + } + ], + "containers": [ + { + "IMAGE": "registry.format.hu/wireguard-server", + "NAME": "wireguard_proxy_client-edeg3e98", + "MEMORY": "64M", + "IP": "172.16.0.2", + "NETWORK": "wireguard-proxy-client", + "VOLUMES": [ + { + "SOURCE": "/etc/user/secret/wireguard-client/wg0.conf", + "DEST": "/etc/wireguard/wg0.conf", + "TYPE": "ro" + } + ], + "PORTS": [ ], + "READYNESS": [ + {"tcp": ""}, + {"HTTP": ""}, + {"EXEC": "/ready.sh"} + ], + "ENVS": "null", + "EXTRA": "--privileged --cap-add=NET_ADMIN --device=/dev/net/tun --cap-add MKNOD --cap-add NET_RAW", + "DEPEND": "null", + "START_ON_BOOT": "true", + "CMD": "null", + "PRE_START": "null", + "POST_START": [ "firewall_loadbalancer_wireguard_prerouting-27dhuwdh", "firewall_loadbalancer_wireguard_postrouting-27dhuwdh" ] + } + ] +} diff --git a/wireguard-proxy.json b/wireguard-proxy.json new file mode 100644 index 0000000..d7685cb --- /dev/null +++ b/wireguard-proxy.json @@ -0,0 +1,24 @@ +{ + "firewall_loadbalancer_wireguard_prerouting": { + "NAME": "wireguard_proxy_client", + "PREROUTING": "true", + "SOURCE_IP": "10.0.1.1", + "TARGET_IP": "172.18.100.2", + "TYPE": "tcp", + "SOURCE_PORT_1": "80", + "SOURCE_PORT_2": "443", + "TARGET_PORT_1": "80", + "TARGET_PORT_2": "443", + "COMMENT": "edeg3e98" + }, + "firewall_loadbalancer_wireguard_postrouting": { + "NAME": "wireguard_proxy_client", + "POSTROUTING": "true", + "TARGET_IP": "172.18.100.0", + "TARGET_PORT_1": "80", + "TARGET_PORT_2": "443", + "COMMENT": "edeg3e98" + } +} + +