diff --git a/homenetwork/nas/gateway.yml b/homenetwork/gateway/gateway.yml similarity index 80% rename from homenetwork/nas/gateway.yml rename to homenetwork/gateway/gateway.yml index 6c4c348..9094a04 100644 --- a/homenetwork/nas/gateway.yml +++ b/homenetwork/gateway/gateway.yml @@ -8,15 +8,17 @@ services: - PUID=1000 - PGID=100 - TZ=Etc/UTC - - URL=vbchaos.nl +# - URL=vbchaos.nl + - URL=mitscherlich.nl - VALIDATION=http - - SUBDOMAINS=nc,esp,git,grafana,registry,registrybrowser,svn,vpn,vaultwarden,collabora + - SUBDOMAINS=nc,esp,git,jenkins,registry,registrybrowser,svn,vpn,vaultwarden,collabora - CERTPROVIDER= #optional - DNSPLUGIN=cloudflare #optional - PROPAGATION= #optional - EMAIL= matthias.mitscherlich@gmail.com - - ONLY_SUBDOMAINS=false #optional - - EXTRA_DOMAINS= #optional +# - ONLY_SUBDOMAINS=false #optional + - ONLY_SUBDOMAINS=true +# - EXTRA_DOMAINS=*.vbchaos.nl #optional - STAGING=false #optional volumes: - /docker_config/swag:/config @@ -70,12 +72,12 @@ services: - /dev/net/tun restart: always - docker_config: - image: registry.vbchaos.nl/rclone - container_name: backup_docker_config - environment: - - COMMAND=rclone copy -v /backup/ stackstorage:/docker/gateway - - CRON_SCHEDULE=0 1-23/4 * * * + go-transip-dyndns: + build: + context: ./transip +# image: jlentink/go-transip-dyndns:latest +# container_name: go-transip-dyndns volumes: - - ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf - - /docker_config:/backup + - ./go-transip-dyndns.toml:/etc/go-transip-dyndns.toml + restart: unless-stopped + diff --git a/homenetwork/gateway/go-transip-dyndns.toml b/homenetwork/gateway/go-transip-dyndns.toml new file mode 100644 index 0000000..03b843d --- /dev/null +++ b/homenetwork/gateway/go-transip-dyndns.toml @@ -0,0 +1,133 @@ +[general] +# +# Enable verbose mode (debugging information). +# Disabled by default. +# +verbose = true + +# +# Pull in your public IPv4 address. +# +IPv4 = true + +# +# Pull in your public IPv6 address. +# Only use when you have an IPv6 address. +# +IPv6 = false + +# +# Update in keep running mode every x (in minutes) +# +update-frequency = 10 + +[account] +# +# Your account name on transip. +# +username = "vbchaos" +# +# Private key to get access the API. +# Create your own key here: https://www.transip.nl/cp/account/api/. +# +# You have two options here. +# Include the private key in the configuration file. +# +# Example: +# private-key = """-----BEGIN PRIVATE KEY----- +#...Your certificate data... +#-----END PRIVATE KEY-----""" +# +# or +# +# provide the path to the file that contains the private key. +# +# Example: +# private-key = "/path/to/key.pem" +# +# Mind the """content""" (3x) quote for including the key in the config and the "path" (1) for the path... +# +private-key = """-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD5474i9JqiG3Kg +xhGB5wJE3BosGfMXX46Ct3Y9t1v7i0tGuu977RDRw/IvekLbYhBWSozk5Rsg/gZy +a0hPelJ/N0L17GUwu8YWudRSc/51E2Xik10yDH99CDZAdI7dQYgW2uXhiYcxzNNJ +XnBdv1UejV/zYpRWqXJppHlQzYU2tVFVeXrfXBOuHsXE8kFy1Vi9wUZ9zbuAKu2M +HzmMQNdnZMb/cf+4iSkla4vYhZbXTwxlcOzr/zyhvQuIxM6h/nK/wwHiozVij2bl +zzdx83t4HRUXRjwyUTrvCRqV54LGL5BZLyVwvqsJQCrw8Yot9tfExfzB3UH56WcZ +qIgqXLvhAgMBAAECggEAEqgjQP7cMLA17bT8B6PUsolwVsyVLrCOtkm2RUNUVcJ/ +m0dHrAv2DoM/qLXLGhAHQjoMrOZCEUOF/bLu0ihC0oawtCWzJGFQl8/F/2XzoJAT +MkhoU91FA3PCgStyoyhKXdJ4CU+4TUqKl9a6MvWfCEnr2QMKKjI6fZKvEA5YHM5l +AIqBng/jFD2VKBLu8Le9nmM8GvA+exdi8DkyuS7ui23VqpRwvoiEK6my+qxom7e5 +t1hOUn5SJWZHBoleB+g5mdmzDQat1cqcHDYZkbWoyoxNecIp3CPOU3L7Lwf/drRj +pJM4w6WrTliehcdCkCXTy6K8QbLew+X+KfrqVmDKRQKBgQD+K+o8TbiwDHzYNDOf +CI9PYIqO7EGWulQya3kRmyHIXg1GWTyqwOyf0QHeiiJzImJLLGwpXPfDSuBTrlrf +xGFMrqdRxcyxbGX4mMRkOfG8IbhEMA9k74S5bi9kYQcGHMey2wA0+1GRPyVSGEK4 +F7u4GmX+PytZUyuq9kQ1POniMwKBgQD7r/EtsTaBL2+7kNg3zlNO4+RkedQPq6Iz +U38g29hjnlQLYRan18mZYesHpImUZYnZE6lGNhq/GJRj48+PeP1j55pb5HOWF4S7 +2RdJ48KfrFmeTpB7/+ZGa81HZJU5tUo77oVNH6bPzwbeKYcyYs51cg0gIRy4ok6A +Bj7mFlsdmwKBgQCnZw0TQq1NZiwjyd3l9KFOymr3zysztu0VeCt5KQ+LBEcB+mw2 +mnI+oE324EvoQNE0acGjTJPykDJHayJ3FsRu2OlitkAm6xoOLa/Lw04vdpYCcxTw +icCE0Mlt92nE4Ne2OP9d5djHLSvLcicfUKJWkyxx0/EdF+Y+54vs9H2meQKBgBds +KUK6Ujs1ge1vrl+LKP+Xf8LF/7ExpNen9pXFP98Ndf7VGzmlgFJw5WGBs3gG9wwn +o0IweM6959lf8woEFXi9rgTNPuCB8c1Vh7BNrOgVLwXng9S2XOTC1YjGWIjVUUJA +kVE7F9gRCS+Vp8pNna8aXRRXYIfiOvH5ItNg0zvvAoGBAJi0XYBJl9N5M6X5I1ZQ +t14eETqhvqUfZh/q+VTit5cu1mbz/qkf4+Ok6FfqwV5pWzwNiT1fo5p/NQXTb6ee +NCULDTwiV3x26LJXgQ/Nap7UI7v4UTAI6FPcyuEqhxe2zchiE+eh2J1VPvru1Dii +FM37lMkICyTFFIc/s1x86VNX +-----END PRIVATE KEY-----""" + +# +# The DNS record you want to update. +# You can have as many as you want. +# +#[[record]] +# +# the domain name where the record should be updated. +# +#hostname = "example.com" +# +# The entry key for the domain +# in this example my-home.example.com is the full dns entry we are creating here. +# +# use @ if you want to redirect the root domain. +# +#entry = "my-home" +# +# The caching time in seconds. +# +#ttl = 60 +# +# The record type. +# A for IPv4 +# AAAA for IPv6 +# but can also be MX TXT SRV +# +#type = "A" +# +# content that will be pushed into the record. +# this value is ignored for A and AAAA records. +# for other records you can use the placeholders {{.IPv4}} and {{.IPv6}} +# to inject the IP's +# +# content = "" + +[[record]] +hostname = "mitscherlich.nl" +entry = "*" +ttl = 300 +type = "A" +content = "" + +[[record]] +hostname = "vbchaos.nl" +entry = "*" +ttl = 300 +type = "A" +content = "" + +[[record]] +hostname = "vbchaos.nl" +entry = "@" +ttl = 300 +type = "A" +content = "" diff --git a/homenetwork/gateway/transip/Dockerfile b/homenetwork/gateway/transip/Dockerfile new file mode 100644 index 0000000..e22d7ec --- /dev/null +++ b/homenetwork/gateway/transip/Dockerfile @@ -0,0 +1,5 @@ +FROM alpine:latest + +RUN apk add --no-cache tzdata +COPY go-transip-dyndns /usr/bin +CMD ["/usr/bin/go-transip-dyndns", "update", "-k"] diff --git a/homenetwork/gateway/transip/go-transip-dyndns b/homenetwork/gateway/transip/go-transip-dyndns new file mode 100755 index 0000000..ea411f6 Binary files /dev/null and b/homenetwork/gateway/transip/go-transip-dyndns differ diff --git a/homenetwork/nas/openvpn.sh b/homenetwork/nas/openvpn.sh index ebba12d..683cec0 100755 --- a/homenetwork/nas/openvpn.sh +++ b/homenetwork/nas/openvpn.sh @@ -1,13 +1,16 @@ OVPN_DATA="ovpn_data" CLIENTNAME="matthias" +IMAGE=giggio/openvpn-arm +#IMAGE=kylemanna/openvpn + # Create the docker volume to store certificates and configuration -docker volume create --opt type=none --opt o=bind --opt device=/srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/docker_config/openvpn --name $OVPN_DATA -docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://vpn.vbchaos.nl -docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki +docker volume create --opt type=none --opt o=bind --opt device=/docker_config/openvpn --name $OVPN_DATA +docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_genconfig -u udp://vpn.vbchaos.nl +docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE ovpn_initpki -docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --name OpenVPN --cap-add=NET_ADMIN --device=/dev/net/tun kylemanna/openvpn +docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --name OpenVPN --cap-add=NET_ADMIN --device=/dev/net/tun $IMAGE -docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENTNAME nopass +docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE easyrsa build-client-full $CLIENTNAME nopass -docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn +docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn