Compare commits
11 Commits
6b2fb5c0d7
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
70459a4533 | ||
|
|
f44dd33f71 | ||
|
|
025b8c1bb4 | ||
| dc73bffa54 | |||
| d9f5e07a21 | |||
| 0687287436 | |||
| 2aafd3adb8 | |||
| 207311ddbe | |||
| 3cc178f690 | |||
| bd43aaea64 | |||
| 2d4fad9532 |
47
.drone.yml
Normal file
47
.drone.yml
Normal file
@@ -0,0 +1,47 @@
|
|||||||
|
kind: pipeline
|
||||||
|
type: kubernetes
|
||||||
|
name: default
|
||||||
|
|
||||||
|
node_selector:
|
||||||
|
physical-node: dev1
|
||||||
|
|
||||||
|
trigger:
|
||||||
|
branch:
|
||||||
|
- master
|
||||||
|
event:
|
||||||
|
- push
|
||||||
|
workspace:
|
||||||
|
path: /drone/src
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: build multiarch from dev
|
||||||
|
image: docker.io/owncloudci/drone-docker-buildx:4
|
||||||
|
privileged: true
|
||||||
|
settings:
|
||||||
|
cache-from: [ "registry.dev.format.hu/wireguard-proxy-client" ]
|
||||||
|
registry: registry.dev.format.hu
|
||||||
|
repo: registry.dev.format.hu/wireguard-proxy-client
|
||||||
|
tags: latest
|
||||||
|
dockerfile: Dockerfile
|
||||||
|
username:
|
||||||
|
from_secret: dev-hu-registry-username
|
||||||
|
password:
|
||||||
|
from_secret: dev-hu-registry-password
|
||||||
|
platforms:
|
||||||
|
- linux/amd64
|
||||||
|
- linux/arm64
|
||||||
|
|
||||||
|
- name: pull image to dockerhub
|
||||||
|
image: docker.io/owncloudci/drone-docker-buildx:4
|
||||||
|
privileged: true
|
||||||
|
settings:
|
||||||
|
cache-from: [ "safebox/wireguard-proxy-client" ]
|
||||||
|
repo: safebox/wireguard-proxy-client
|
||||||
|
tags: latest
|
||||||
|
username:
|
||||||
|
from_secret: dockerhub-username
|
||||||
|
password:
|
||||||
|
from_secret: dockerhub-password
|
||||||
|
platforms:
|
||||||
|
- linux/amd64
|
||||||
|
- linux/arm64
|
||||||
@@ -1,10 +1,10 @@
|
|||||||
FROM alpine:latest
|
FROM alpine:latest
|
||||||
|
|
||||||
RUN apk add --no-cache alpine-sdk rustup \
|
RUN apk add --no-cache alpine-sdk rustup \
|
||||||
&& rustup-init -y --target x86_64-unknown-linux-musl --default-toolchain beta --profile minimal \
|
&& rustup-init -y --default-toolchain beta --profile minimal \
|
||||||
#&& curl https://sh.rustup.rs -sSf | sh -s -- -y --default-host x86_64-unknown-linux-musl --profile minimal \
|
#&& curl https://sh.rustup.rs -sSf | sh -s -- -y --default-host x86_64-unknown-linux-musl --profile minimal \
|
||||||
&& source ~/.cargo/env \
|
&& source ~/.cargo/env \
|
||||||
&& cargo install --target x86_64-unknown-linux-musl boringtun-cli
|
&& cargo install boringtun-cli
|
||||||
|
|
||||||
FROM alpine:latest
|
FROM alpine:latest
|
||||||
|
|
||||||
@@ -24,4 +24,5 @@ VOLUME ["/etc/wireguard"]
|
|||||||
|
|
||||||
ENV WG_QUICK_USERSPACE_IMPLEMENTATION=boringtun LOGNAME=nobody INTERFACE=wg0
|
ENV WG_QUICK_USERSPACE_IMPLEMENTATION=boringtun LOGNAME=nobody INTERFACE=wg0
|
||||||
COPY set_gateway.sh /etc/wireguard/
|
COPY set_gateway.sh /etc/wireguard/
|
||||||
|
COPY persistentkeepalive.sh /etc/wireguard/
|
||||||
ENTRYPOINT ["/sbin/tini", "--", "/bin/sh", "-c", "test -f \"/etc/wireguard/$INTERFACE.conf\" || ( umask 077 && printf '%s\\n' '[Interface]' 'Address = 10.8.0.1/24' 'PostUp = iptables --table nat --append POSTROUTING --jump MASQUERADE' 'PostDown = iptables --table nat --delete POSTROUTING --jump MASQUERADE' 'ListenPort = 51820' \"PrivateKey = $(wg genkey)\" | tee \"/etc/wireguard/$INTERFACE.conf\" ) && test -c /dev/net/tun || { mkdir -p /dev/net && mknod -m 666 /dev/net/tun c 10 200; } && exec wg-quick up \"$INTERFACE\"", "--"]
|
ENTRYPOINT ["/sbin/tini", "--", "/bin/sh", "-c", "test -f \"/etc/wireguard/$INTERFACE.conf\" || ( umask 077 && printf '%s\\n' '[Interface]' 'Address = 10.8.0.1/24' 'PostUp = iptables --table nat --append POSTROUTING --jump MASQUERADE' 'PostDown = iptables --table nat --delete POSTROUTING --jump MASQUERADE' 'ListenPort = 51820' \"PrivateKey = $(wg genkey)\" | tee \"/etc/wireguard/$INTERFACE.conf\" ) && test -c /dev/net/tun || { mkdir -p /dev/net && mknod -m 666 /dev/net/tun c 10 200; } && exec wg-quick up \"$INTERFACE\"", "--"]
|
||||||
|
|||||||
@@ -1,70 +1,88 @@
|
|||||||
{
|
{
|
||||||
"main": {
|
"main": {
|
||||||
"SERVICE_NAME": "firewalls",
|
"SERVICE_NAME": "firewalls",
|
||||||
"DOMAIN": "null"
|
"DOMAIN": "null"
|
||||||
},
|
},
|
||||||
"containers": [
|
"containers": [
|
||||||
{
|
{
|
||||||
"IMAGE": "registry.format.hu/firewall",
|
"IMAGE": "registry.format.hu/firewall",
|
||||||
"UPDATE": "true",
|
"UPDATE": "true",
|
||||||
"NAME": "firewall",
|
"NAME": "firewall",
|
||||||
"SCALE": "0",
|
"SCALE": "0",
|
||||||
"MEMORY": "64M",
|
"MEMORY": "64M",
|
||||||
"NETWORK": "host",
|
"NETWORK": "host",
|
||||||
"VOLUMES": [
|
"VOLUMES": [
|
||||||
{
|
{
|
||||||
"SOURCE": "/proc/",
|
"SOURCE": "/proc/",
|
||||||
"DEST": "/proc/",
|
"DEST": "/proc/",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/run/",
|
"SOURCE": "/run/",
|
||||||
"DEST": "/run/",
|
"DEST": "/run/",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/etc/user/config/services",
|
"SOURCE": "/etc/user/config/services",
|
||||||
"DEST": "/services",
|
"DEST": "/services",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/var/run/docker.sock",
|
"SOURCE": "/var/run/docker.sock",
|
||||||
"DEST": "/var/run/docker.sock",
|
"DEST": "/var/run/docker.sock",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/usr/bin/docker",
|
"SOURCE": "/etc/system/data/dns/hosts.local",
|
||||||
"DEST": "/usr/bin/docker",
|
"DEST": "/etc/dns/hosts.local",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
},
|
}
|
||||||
{
|
],
|
||||||
"SOURCE": "/etc/system/data/dns/hosts.local",
|
"PORTS": [],
|
||||||
"DEST": "/etc/dns/hosts.local",
|
"READYNESS": [
|
||||||
"TYPE": "ro"
|
{
|
||||||
}
|
"tcp": ""
|
||||||
],
|
},
|
||||||
"PORTS": [ ],
|
{
|
||||||
"READYNESS": [
|
"HTTP": ""
|
||||||
{"tcp": ""},
|
},
|
||||||
{"HTTP": ""},
|
{
|
||||||
{"EXEC": "/ready.sh"}
|
"EXEC": "/ready.sh"
|
||||||
],
|
}
|
||||||
"ENVS": [
|
],
|
||||||
{ "NSENTER": "true" },
|
"ENVS": [
|
||||||
{ "POSTROUTING": "true" },
|
{
|
||||||
{ "NAME": "NAME", "VALUE": "wireguardproxy" },
|
"NSENTER": "true"
|
||||||
{ "TARGET": "smarthostloadbalancer" },
|
},
|
||||||
{ "TYPE": "tcp" },
|
{
|
||||||
{ "TARGET_PORT_1": "80" },
|
"POSTROUTING": "true"
|
||||||
{ "TARGET_PORT_2": "443" },
|
},
|
||||||
{ "COMMENT": "client" }
|
{
|
||||||
],
|
"NAME": "NAME",
|
||||||
"EXTRA": "--privileged --rm",
|
"VALUE": "wireguardproxy"
|
||||||
"DEPEND": "null",
|
},
|
||||||
"START_ON_BOOT": "false",
|
{
|
||||||
"CMD": "null",
|
"TARGET": "smarthostloadbalancer"
|
||||||
"PRE_START": "null",
|
},
|
||||||
"POST_START": "null"
|
{
|
||||||
}
|
"TYPE": "tcp"
|
||||||
]
|
},
|
||||||
}
|
{
|
||||||
|
"TARGET_PORT_1": "80"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TARGET_PORT_2": "443"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"COMMENT": "client"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"EXTRA": "--privileged --rm",
|
||||||
|
"DEPEND": "null",
|
||||||
|
"START_ON_BOOT": "false",
|
||||||
|
"CMD": "null",
|
||||||
|
"PRE_START": "null",
|
||||||
|
"POST_START": "null"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
@@ -1,74 +1,100 @@
|
|||||||
{
|
{
|
||||||
"main": {
|
"main": {
|
||||||
"SERVICE_NAME": "firewalls",
|
"SERVICE_NAME": "firewalls",
|
||||||
"DOMAIN": "null"
|
"DOMAIN": "null"
|
||||||
},
|
},
|
||||||
"containers": [
|
"containers": [
|
||||||
{
|
{
|
||||||
"IMAGE": "registry.format.hu/firewall",
|
"IMAGE": "registry.format.hu/firewall",
|
||||||
"UPDATE": "true",
|
"UPDATE": "true",
|
||||||
"NAME": "wireguardfirewall",
|
"NAME": "wireguardfirewall",
|
||||||
"SCALE": "0",
|
"SCALE": "0",
|
||||||
"MEMORY": "64M",
|
"MEMORY": "64M",
|
||||||
"NETWORK": "host",
|
"NETWORK": "host",
|
||||||
"VOLUMES": [
|
"VOLUMES": [
|
||||||
{
|
{
|
||||||
"SOURCE": "/proc/",
|
"SOURCE": "/proc/",
|
||||||
"DEST": "/proc/",
|
"DEST": "/proc/",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/run/",
|
"SOURCE": "/run/",
|
||||||
"DEST": "/run/",
|
"DEST": "/run/",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/etc/user/config/services",
|
"SOURCE": "/etc/user/config/services",
|
||||||
"DEST": "/services",
|
"DEST": "/services",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/var/run/docker.sock",
|
"SOURCE": "/var/run/docker.sock",
|
||||||
"DEST": "/var/run/docker.sock",
|
"DEST": "/var/run/docker.sock",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/usr/bin/docker",
|
"SOURCE": "/etc/system/data/dns/hosts.local",
|
||||||
"DEST": "/usr/bin/docker",
|
"DEST": "/etc/dns/hosts.local",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
},
|
}
|
||||||
{
|
],
|
||||||
"SOURCE": "/etc/system/data/dns/hosts.local",
|
"PORTS": [],
|
||||||
"DEST": "/etc/dns/hosts.local",
|
"READYNESS": [
|
||||||
"TYPE": "ro"
|
{
|
||||||
}
|
"tcp": ""
|
||||||
],
|
},
|
||||||
"PORTS": [ ],
|
{
|
||||||
"READYNESS": [
|
"HTTP": ""
|
||||||
{"tcp": ""},
|
},
|
||||||
{"HTTP": ""},
|
{
|
||||||
{"EXEC": "/ready.sh"}
|
"EXEC": "/ready.sh"
|
||||||
],
|
}
|
||||||
"ENVS": [
|
],
|
||||||
{ "NSENTER": "true" },
|
"ENVS": [
|
||||||
{ "PREROUTING": "true" },
|
{
|
||||||
{ "SOURCE_IFACE": "wg0" },
|
"NSENTER": "true"
|
||||||
{ "TARGET": "smarthostloadbalancer" },
|
},
|
||||||
{ "NAME": "NAME", "VALUE": "wireguardproxy" },
|
{
|
||||||
{ "TYPE": "tcp" },
|
"PREROUTING": "true"
|
||||||
{ "SOURCE_PORT_1": "80" },
|
},
|
||||||
{ "SOURCE_PORT_2": "443" },
|
{
|
||||||
{ "TARGET_PORT_1": "80" },
|
"SOURCE_IFACE": "wg0"
|
||||||
{ "TARGET_PORT_2": "443" },
|
},
|
||||||
{ "COMMENT": "client" }
|
{
|
||||||
],
|
"TARGET": "smarthostloadbalancer"
|
||||||
"ENV_FILES": [ "/etc/user/config/user.json" ],
|
},
|
||||||
"EXTRA": "--privileged --rm",
|
{
|
||||||
"DEPEND": "null",
|
"NAME": "NAME",
|
||||||
"START_ON_BOOT": "false",
|
"VALUE": "wireguardproxy"
|
||||||
"CMD": "null",
|
},
|
||||||
"PRE_START": "null",
|
{
|
||||||
"POST_START": "null"
|
"TYPE": "tcp"
|
||||||
}
|
},
|
||||||
]
|
{
|
||||||
}
|
"SOURCE_PORT_1": "80"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"SOURCE_PORT_2": "443"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TARGET_PORT_1": "80"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"TARGET_PORT_2": "443"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"COMMENT": "client"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"ENV_FILES": [
|
||||||
|
"/etc/user/config/user.json"
|
||||||
|
],
|
||||||
|
"EXTRA": "--privileged --rm",
|
||||||
|
"DEPEND": "null",
|
||||||
|
"START_ON_BOOT": "false",
|
||||||
|
"CMD": "null",
|
||||||
|
"PRE_START": "null",
|
||||||
|
"POST_START": "null"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
@@ -1,64 +1,79 @@
|
|||||||
{
|
{
|
||||||
"main": {
|
"main": {
|
||||||
"SERVICE_NAME": "firewalls",
|
"SERVICE_NAME": "firewalls",
|
||||||
"DOMAIN": "null"
|
"DOMAIN": "null"
|
||||||
},
|
},
|
||||||
"containers": [
|
"containers": [
|
||||||
{
|
{
|
||||||
"IMAGE": "registry.format.hu/firewall",
|
"IMAGE": "registry.format.hu/firewall",
|
||||||
"UPDATE": "true",
|
"UPDATE": "true",
|
||||||
"NAME": "firewall",
|
"NAME": "firewall",
|
||||||
"MEMORY": "64M",
|
"MEMORY": "64M",
|
||||||
"NETWORK": "host",
|
"NETWORK": "host",
|
||||||
"SCALE": "0",
|
"SCALE": "0",
|
||||||
"VOLUMES": [
|
"VOLUMES": [
|
||||||
{
|
{
|
||||||
"SOURCE": "/run/",
|
"SOURCE": "/run/",
|
||||||
"DEST": "/run/",
|
"DEST": "/run/",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/etc/user/config/services",
|
"SOURCE": "/etc/user/config/services",
|
||||||
"DEST": "/services",
|
"DEST": "/services",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/etc/system/data/dns/hosts.local",
|
"SOURCE": "/etc/system/data/dns/hosts.local",
|
||||||
"DEST": "/etc/dns/hosts.local",
|
"DEST": "/etc/dns/hosts.local",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"SOURCE": "/var/run/docker.sock",
|
"SOURCE": "/var/run/docker.sock",
|
||||||
"DEST": "/var/run/docker.sock",
|
"DEST": "/var/run/docker.sock",
|
||||||
"TYPE": "rw"
|
"TYPE": "rw"
|
||||||
},
|
}
|
||||||
{
|
],
|
||||||
"SOURCE": "/usr/bin/docker",
|
"PORTS": [],
|
||||||
"DEST": "/usr/bin/docker",
|
"READYNESS": [
|
||||||
"TYPE": "ro"
|
{
|
||||||
}
|
"tcp": ""
|
||||||
],
|
},
|
||||||
"PORTS": [ ],
|
{
|
||||||
"READYNESS": [
|
"HTTP": ""
|
||||||
{"tcp": ""},
|
},
|
||||||
{"HTTP": ""},
|
{
|
||||||
{"EXEC": "/ready.sh"}
|
"EXEC": "/ready.sh"
|
||||||
],
|
}
|
||||||
"ENVS": [
|
],
|
||||||
{ "CHAIN": "DOCKER-USER" },
|
"ENVS": [
|
||||||
{ "SOURCE": "proxyvpnclient" },
|
{
|
||||||
{ "TARGET": "smarthostloadbalancer" },
|
"CHAIN": "DOCKER-USER"
|
||||||
{ "TYPE": "tcp" },
|
},
|
||||||
{ "TARGET_PORT_1": "80" },
|
{
|
||||||
{ "TARGET_PORT_2": "443" },
|
"SOURCE": "wireguardproxy"
|
||||||
{ "COMMENT": "vpn access smarthost loadbalancer" }
|
},
|
||||||
],
|
{
|
||||||
"EXTRA": "--privileged --rm",
|
"TARGET": "smarthostloadbalancer"
|
||||||
"DEPEND": "null",
|
},
|
||||||
"START_ON_BOOT": "false",
|
{
|
||||||
"CMD": "null",
|
"TYPE": "tcp"
|
||||||
"PRE_START": "null",
|
},
|
||||||
"POST_START": "null"
|
{
|
||||||
}
|
"TARGET_PORT_1": "80"
|
||||||
]
|
},
|
||||||
}
|
{
|
||||||
|
"TARGET_PORT_2": "443"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"COMMENT": "vpn access smarthost loadbalancer"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"EXTRA": "--privileged --rm",
|
||||||
|
"DEPEND": "null",
|
||||||
|
"START_ON_BOOT": "false",
|
||||||
|
"CMD": "null",
|
||||||
|
"PRE_START": "null",
|
||||||
|
"POST_START": "null"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
6
persistentkeepalive.sh
Executable file
6
persistentkeepalive.sh
Executable file
@@ -0,0 +1,6 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
sleep 15;
|
||||||
|
PERSISTENT_KEEP_ALIVE=$(cat /etc/wireguard/wg0.conf | grep PersistentKeepalive | awk '{print $3}');
|
||||||
|
WG_SERVER_IP="$(cat /etc/wireguard/wg0.conf | grep Address | awk '{print $3}' | cut -d . -f1-3).1";
|
||||||
|
ping -s 0 -I wg0 -i $PERSISTENT_KEEP_ALIVE $WG_SERVER_IP
|
||||||
@@ -1,5 +1,7 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
ENDPOINT=$(cat /etc/wireguard/wg0.conf | grep Endpoint | awk '{print $3}' |cut -d ':' -f1)
|
ENDPOINT=$(cat /etc/wireguard/wg0.conf | grep Endpoint | awk '{print $3}' |cut -d ':' -f1);
|
||||||
IP_GATEWAY=$(route -n | grep 'UG[ \t]' | awk '{print $2}');
|
IP_GATEWAY=$(route -n | grep 'UG[ \t]' | awk '{print $2}');
|
||||||
route add -host $ENDPOINT gw $IP_GATEWAY
|
route add -host $ENDPOINT gw $IP_GATEWAY;
|
||||||
|
|
||||||
|
/etc/wireguard/persistentkeepalive.sh &
|
||||||
|
|||||||
@@ -1,39 +1,45 @@
|
|||||||
{
|
{
|
||||||
"main": {
|
"main": {
|
||||||
"SERVICE_NAME": "wireguard-client",
|
"SERVICE_NAME": "wireguard-client",
|
||||||
"DOMAIN": "null"
|
"DOMAIN": "null"
|
||||||
},
|
},
|
||||||
"containers": [
|
"containers": [
|
||||||
{
|
{
|
||||||
"IMAGE": "registry.format.hu/wireguard-client",
|
"IMAGE": "safebox/wireguard-proxy-client",
|
||||||
"UPDATE": "true",
|
"UPDATE": "true",
|
||||||
"NAME": "wireguardproxy-client",
|
"NAME": "wireguardproxy-client",
|
||||||
"MEMORY": "64M",
|
"MEMORY": "64M",
|
||||||
"SELECTOR": "proxyvpnclient",
|
"SELECTOR": "wireguardproxy",
|
||||||
"VOLUMES": [
|
"VOLUMES": [
|
||||||
{
|
{
|
||||||
"SOURCE": "/etc/user/secret/vpn-proxy/wg0.conf",
|
"SOURCE": "/etc/user/secret/vpn-proxy/wg0.conf",
|
||||||
"DEST": "/etc/wireguard/wg0.conf",
|
"DEST": "/etc/wireguard/wg0.conf",
|
||||||
"TYPE": "ro"
|
"TYPE": "ro"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"PORTS": [ ],
|
"PORTS": [],
|
||||||
"READYNESS": [
|
"READYNESS": [
|
||||||
{"tcp": ""},
|
{
|
||||||
{"HTTP": ""},
|
"tcp": ""
|
||||||
{"EXEC": "/ready.sh"}
|
},
|
||||||
],
|
{
|
||||||
"ENVS": "null",
|
"HTTP": ""
|
||||||
"EXTRA": "--privileged --cap-add=NET_ADMIN --device=/dev/net/tun --cap-add MKNOD --cap-add NET_RAW",
|
},
|
||||||
"DEPEND": "null",
|
{
|
||||||
"START_ON_BOOT": "true",
|
"EXEC": "/ready.sh"
|
||||||
"CMD": "null",
|
}
|
||||||
"PRE_START": "null",
|
],
|
||||||
"POST_START": [ "firewall-vpn-smarthost-loadbalancer",
|
"ENVS": "null",
|
||||||
"firewall-vpn-proxy-postrouting",
|
"EXTRA": "--restart unless-stopped --privileged --cap-add=NET_ADMIN --device=/dev/net/tun --cap-add MKNOD --cap-add NET_RAW",
|
||||||
"firewall-vpn-proxy-prerouting"
|
"DEPEND": "null",
|
||||||
]
|
"START_ON_BOOT": "true",
|
||||||
}
|
"CMD": "null",
|
||||||
]
|
"PRE_START": "null",
|
||||||
}
|
"POST_START": [
|
||||||
|
"firewall-vpn-smarthost-loadbalancer",
|
||||||
|
"firewall-vpn-proxy-postrouting",
|
||||||
|
"firewall-vpn-proxy-prerouting"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user