created dedicated gateway directory
made transip GO dockerfile to run it on ARM (needs more tweaking, because now it only runs on ARM)
This commit is contained in:
@@ -8,15 +8,17 @@ services:
|
|||||||
- PUID=1000
|
- PUID=1000
|
||||||
- PGID=100
|
- PGID=100
|
||||||
- TZ=Etc/UTC
|
- TZ=Etc/UTC
|
||||||
- URL=vbchaos.nl
|
# - URL=vbchaos.nl
|
||||||
|
- URL=mitscherlich.nl
|
||||||
- VALIDATION=http
|
- VALIDATION=http
|
||||||
- SUBDOMAINS=nc,esp,git,grafana,registry,registrybrowser,svn,vpn,vaultwarden,collabora
|
- SUBDOMAINS=nc,esp,git,jenkins,registry,registrybrowser,svn,vpn,vaultwarden,collabora
|
||||||
- CERTPROVIDER= #optional
|
- CERTPROVIDER= #optional
|
||||||
- DNSPLUGIN=cloudflare #optional
|
- DNSPLUGIN=cloudflare #optional
|
||||||
- PROPAGATION= #optional
|
- PROPAGATION= #optional
|
||||||
- EMAIL= matthias.mitscherlich@gmail.com
|
- EMAIL= matthias.mitscherlich@gmail.com
|
||||||
- ONLY_SUBDOMAINS=false #optional
|
# - ONLY_SUBDOMAINS=false #optional
|
||||||
- EXTRA_DOMAINS= #optional
|
- ONLY_SUBDOMAINS=true
|
||||||
|
# - EXTRA_DOMAINS=*.vbchaos.nl #optional
|
||||||
- STAGING=false #optional
|
- STAGING=false #optional
|
||||||
volumes:
|
volumes:
|
||||||
- /docker_config/swag:/config
|
- /docker_config/swag:/config
|
||||||
@@ -70,12 +72,12 @@ services:
|
|||||||
- /dev/net/tun
|
- /dev/net/tun
|
||||||
restart: always
|
restart: always
|
||||||
|
|
||||||
docker_config:
|
go-transip-dyndns:
|
||||||
image: registry.vbchaos.nl/rclone
|
build:
|
||||||
container_name: backup_docker_config
|
context: ./transip
|
||||||
environment:
|
# image: jlentink/go-transip-dyndns:latest
|
||||||
- COMMAND=rclone copy -v /backup/ stackstorage:/docker/gateway
|
# container_name: go-transip-dyndns
|
||||||
- CRON_SCHEDULE=0 1-23/4 * * *
|
|
||||||
volumes:
|
volumes:
|
||||||
- ${PWD}/rclone.conf:/root/.config/rclone/rclone.conf
|
- ./go-transip-dyndns.toml:/etc/go-transip-dyndns.toml
|
||||||
- /docker_config:/backup
|
restart: unless-stopped
|
||||||
|
|
||||||
@@ -0,0 +1,133 @@
|
|||||||
|
[general]
|
||||||
|
#
|
||||||
|
# Enable verbose mode (debugging information).
|
||||||
|
# Disabled by default.
|
||||||
|
#
|
||||||
|
verbose = true
|
||||||
|
|
||||||
|
#
|
||||||
|
# Pull in your public IPv4 address.
|
||||||
|
#
|
||||||
|
IPv4 = true
|
||||||
|
|
||||||
|
#
|
||||||
|
# Pull in your public IPv6 address.
|
||||||
|
# Only use when you have an IPv6 address.
|
||||||
|
#
|
||||||
|
IPv6 = false
|
||||||
|
|
||||||
|
#
|
||||||
|
# Update in keep running mode every x (in minutes)
|
||||||
|
#
|
||||||
|
update-frequency = 10
|
||||||
|
|
||||||
|
[account]
|
||||||
|
#
|
||||||
|
# Your account name on transip.
|
||||||
|
#
|
||||||
|
username = "vbchaos"
|
||||||
|
#
|
||||||
|
# Private key to get access the API.
|
||||||
|
# Create your own key here: https://www.transip.nl/cp/account/api/.
|
||||||
|
#
|
||||||
|
# You have two options here.
|
||||||
|
# Include the private key in the configuration file.
|
||||||
|
#
|
||||||
|
# Example:
|
||||||
|
# private-key = """-----BEGIN PRIVATE KEY-----
|
||||||
|
#...Your certificate data...
|
||||||
|
#-----END PRIVATE KEY-----"""
|
||||||
|
#
|
||||||
|
# or
|
||||||
|
#
|
||||||
|
# provide the path to the file that contains the private key.
|
||||||
|
#
|
||||||
|
# Example:
|
||||||
|
# private-key = "/path/to/key.pem"
|
||||||
|
#
|
||||||
|
# Mind the """content""" (3x) quote for including the key in the config and the "path" (1) for the path...
|
||||||
|
#
|
||||||
|
private-key = """-----BEGIN PRIVATE KEY-----
|
||||||
|
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD5474i9JqiG3Kg
|
||||||
|
xhGB5wJE3BosGfMXX46Ct3Y9t1v7i0tGuu977RDRw/IvekLbYhBWSozk5Rsg/gZy
|
||||||
|
a0hPelJ/N0L17GUwu8YWudRSc/51E2Xik10yDH99CDZAdI7dQYgW2uXhiYcxzNNJ
|
||||||
|
XnBdv1UejV/zYpRWqXJppHlQzYU2tVFVeXrfXBOuHsXE8kFy1Vi9wUZ9zbuAKu2M
|
||||||
|
HzmMQNdnZMb/cf+4iSkla4vYhZbXTwxlcOzr/zyhvQuIxM6h/nK/wwHiozVij2bl
|
||||||
|
zzdx83t4HRUXRjwyUTrvCRqV54LGL5BZLyVwvqsJQCrw8Yot9tfExfzB3UH56WcZ
|
||||||
|
qIgqXLvhAgMBAAECggEAEqgjQP7cMLA17bT8B6PUsolwVsyVLrCOtkm2RUNUVcJ/
|
||||||
|
m0dHrAv2DoM/qLXLGhAHQjoMrOZCEUOF/bLu0ihC0oawtCWzJGFQl8/F/2XzoJAT
|
||||||
|
MkhoU91FA3PCgStyoyhKXdJ4CU+4TUqKl9a6MvWfCEnr2QMKKjI6fZKvEA5YHM5l
|
||||||
|
AIqBng/jFD2VKBLu8Le9nmM8GvA+exdi8DkyuS7ui23VqpRwvoiEK6my+qxom7e5
|
||||||
|
t1hOUn5SJWZHBoleB+g5mdmzDQat1cqcHDYZkbWoyoxNecIp3CPOU3L7Lwf/drRj
|
||||||
|
pJM4w6WrTliehcdCkCXTy6K8QbLew+X+KfrqVmDKRQKBgQD+K+o8TbiwDHzYNDOf
|
||||||
|
CI9PYIqO7EGWulQya3kRmyHIXg1GWTyqwOyf0QHeiiJzImJLLGwpXPfDSuBTrlrf
|
||||||
|
xGFMrqdRxcyxbGX4mMRkOfG8IbhEMA9k74S5bi9kYQcGHMey2wA0+1GRPyVSGEK4
|
||||||
|
F7u4GmX+PytZUyuq9kQ1POniMwKBgQD7r/EtsTaBL2+7kNg3zlNO4+RkedQPq6Iz
|
||||||
|
U38g29hjnlQLYRan18mZYesHpImUZYnZE6lGNhq/GJRj48+PeP1j55pb5HOWF4S7
|
||||||
|
2RdJ48KfrFmeTpB7/+ZGa81HZJU5tUo77oVNH6bPzwbeKYcyYs51cg0gIRy4ok6A
|
||||||
|
Bj7mFlsdmwKBgQCnZw0TQq1NZiwjyd3l9KFOymr3zysztu0VeCt5KQ+LBEcB+mw2
|
||||||
|
mnI+oE324EvoQNE0acGjTJPykDJHayJ3FsRu2OlitkAm6xoOLa/Lw04vdpYCcxTw
|
||||||
|
icCE0Mlt92nE4Ne2OP9d5djHLSvLcicfUKJWkyxx0/EdF+Y+54vs9H2meQKBgBds
|
||||||
|
KUK6Ujs1ge1vrl+LKP+Xf8LF/7ExpNen9pXFP98Ndf7VGzmlgFJw5WGBs3gG9wwn
|
||||||
|
o0IweM6959lf8woEFXi9rgTNPuCB8c1Vh7BNrOgVLwXng9S2XOTC1YjGWIjVUUJA
|
||||||
|
kVE7F9gRCS+Vp8pNna8aXRRXYIfiOvH5ItNg0zvvAoGBAJi0XYBJl9N5M6X5I1ZQ
|
||||||
|
t14eETqhvqUfZh/q+VTit5cu1mbz/qkf4+Ok6FfqwV5pWzwNiT1fo5p/NQXTb6ee
|
||||||
|
NCULDTwiV3x26LJXgQ/Nap7UI7v4UTAI6FPcyuEqhxe2zchiE+eh2J1VPvru1Dii
|
||||||
|
FM37lMkICyTFFIc/s1x86VNX
|
||||||
|
-----END PRIVATE KEY-----"""
|
||||||
|
|
||||||
|
#
|
||||||
|
# The DNS record you want to update.
|
||||||
|
# You can have as many as you want.
|
||||||
|
#
|
||||||
|
#[[record]]
|
||||||
|
#
|
||||||
|
# the domain name where the record should be updated.
|
||||||
|
#
|
||||||
|
#hostname = "example.com"
|
||||||
|
#
|
||||||
|
# The entry key for the domain
|
||||||
|
# in this example my-home.example.com is the full dns entry we are creating here.
|
||||||
|
#
|
||||||
|
# use @ if you want to redirect the root domain.
|
||||||
|
#
|
||||||
|
#entry = "my-home"
|
||||||
|
#
|
||||||
|
# The caching time in seconds.
|
||||||
|
#
|
||||||
|
#ttl = 60
|
||||||
|
#
|
||||||
|
# The record type.
|
||||||
|
# A for IPv4
|
||||||
|
# AAAA for IPv6
|
||||||
|
# but can also be MX TXT SRV
|
||||||
|
#
|
||||||
|
#type = "A"
|
||||||
|
#
|
||||||
|
# content that will be pushed into the record.
|
||||||
|
# this value is ignored for A and AAAA records.
|
||||||
|
# for other records you can use the placeholders {{.IPv4}} and {{.IPv6}}
|
||||||
|
# to inject the IP's
|
||||||
|
#
|
||||||
|
# content = ""
|
||||||
|
|
||||||
|
[[record]]
|
||||||
|
hostname = "mitscherlich.nl"
|
||||||
|
entry = "*"
|
||||||
|
ttl = 300
|
||||||
|
type = "A"
|
||||||
|
content = ""
|
||||||
|
|
||||||
|
[[record]]
|
||||||
|
hostname = "vbchaos.nl"
|
||||||
|
entry = "*"
|
||||||
|
ttl = 300
|
||||||
|
type = "A"
|
||||||
|
content = ""
|
||||||
|
|
||||||
|
[[record]]
|
||||||
|
hostname = "vbchaos.nl"
|
||||||
|
entry = "@"
|
||||||
|
ttl = 300
|
||||||
|
type = "A"
|
||||||
|
content = ""
|
||||||
@@ -0,0 +1,5 @@
|
|||||||
|
FROM alpine:latest
|
||||||
|
|
||||||
|
RUN apk add --no-cache tzdata
|
||||||
|
COPY go-transip-dyndns /usr/bin
|
||||||
|
CMD ["/usr/bin/go-transip-dyndns", "update", "-k"]
|
||||||
BIN
Binary file not shown.
@@ -1,13 +1,16 @@
|
|||||||
OVPN_DATA="ovpn_data"
|
OVPN_DATA="ovpn_data"
|
||||||
CLIENTNAME="matthias"
|
CLIENTNAME="matthias"
|
||||||
|
|
||||||
|
IMAGE=giggio/openvpn-arm
|
||||||
|
#IMAGE=kylemanna/openvpn
|
||||||
|
|
||||||
# Create the docker volume to store certificates and configuration
|
# Create the docker volume to store certificates and configuration
|
||||||
docker volume create --opt type=none --opt o=bind --opt device=/srv/dev-disk-by-uuid-17e88007-4d0c-45e0-8757-cacfcc458630/docker_config/openvpn --name $OVPN_DATA
|
docker volume create --opt type=none --opt o=bind --opt device=/docker_config/openvpn --name $OVPN_DATA
|
||||||
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://vpn.vbchaos.nl
|
docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_genconfig -u udp://vpn.vbchaos.nl
|
||||||
docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki
|
docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE ovpn_initpki
|
||||||
|
|
||||||
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --name OpenVPN --cap-add=NET_ADMIN --device=/dev/net/tun kylemanna/openvpn
|
docker run -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --name OpenVPN --cap-add=NET_ADMIN --device=/dev/net/tun $IMAGE
|
||||||
|
|
||||||
docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENTNAME nopass
|
docker run -v $OVPN_DATA:/etc/openvpn --rm -it $IMAGE easyrsa build-client-full $CLIENTNAME nopass
|
||||||
|
|
||||||
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn
|
docker run -v $OVPN_DATA:/etc/openvpn --rm $IMAGE ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn
|
||||||
|
|||||||
Reference in New Issue
Block a user