turtlebasket
/
michaelnet
mirror of https://github.com/turtlebasket/michaelnet
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

dockerize cloudflared on cuddlefish + ssh proxying test

master
michael 2023-06-19 11:27:48 -07:00
parent 9c1ed78fac
commit 76fda3f1d5
6 changed files with 118 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
README.md
View File

@ -1,18 +1,33 @@
# Homelab
## Hosts
## Hosts & Services
### Cuddlefish
Services:
| Service | Internal Ports | External Ports | URL |
| :------ | :------------- | :------------- | :--- |
| Gitea | `3000` | `80` | `git.michaellisano.com` |
- `git.michaellisano.com`
### Rocktiplex
| Service | Internal Ports | External Ports | URL |
| :--------------- | :------------- | :------------- | :--- |
| Fathom Analytics | `8080` | `80` | `analytics.michaellisano.com` |
- `analytics.michaellisano.com`
## Dockerized Cloudflared Notes
If a docker-compose file looks like this:
```yaml
services:
gitea-server:
image: gitea/gitea:1.19.3
...
gitea-cloudflared:
image: cloudflare/cloudflared
...
```
The name of the target services is `gitea-server`, and (per Docker's networking shenanigans), should be specified **directly by service name,** e.g.
```
https://git.michaellisano.com -> http://gitea-server:3000
```

0
cuddlefish/docker-compose.old.yaml → cuddlefish/archive/docker-compose.2022.yaml
View File

67
cuddlefish/archive/nginx.2022.conf Normal file
View File

@ -0,0 +1,67 @@
#/etc/nginx/nginx.conf
events {}
http {
server {
listen 80;
server_name git.turtlebasket.ml;
client_max_body_size 50m;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name analytics.turtlebasket.ml;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name md.turtlebasket.ml;
location / {
proxy_pass http://192.168.1.25:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name money.turtlebasket.ml;
location / {
proxy_pass http://192.168.1.25:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name iot.turtlebasket.ml;
location / {
proxy_pass http://192.168.1.25:8123;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Critical for websockets, which Home Assistant uses
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
}

13
cuddlefish/docker-compose.yaml
View File

@ -5,7 +5,8 @@ networks:
external: false
services:
server:
gitea-server:
image: gitea/gitea:1.19.3
container_name: gitea
environment:
@ -22,3 +23,13 @@ services:
- "3000:3000"
- "222:22"
gitea-cloudflared:
container_name: cloudflared-gitea
image: cloudflare/cloudflared
restart: unless-stopped
command: tunnel run --url http://server:3000
environment:
- TUNNEL_TOKEN=${GITEA_TUNNEL_TOKEN}
networks:
- gitea

4
cuddlefish/example.env
View File

@ -1,3 +1,7 @@
BACKUP_HOST=bob@1.2.3.4
BACKUP_KEYPATH=~/.ssh/id_backup
BACKUP_SSH_PORT=22
SSH_TUNNEL_TOKEN=...
GITEA_TUNNEL_TOKEN=...

70
cuddlefish/nginx.conf
View File

@ -1,67 +1,19 @@
#/etc/nginx/nginx.conf
#/etc/nginx/stream.conf
events {}
load_module /usr/lib64/nginx/modules/ngx_stream_module.so;
http {
server {
listen 80;
server_name git.turtlebasket.ml;
client_max_body_size 50m;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
stream {
map $ssl_preread_server_name $target_host {
cuddlefish.ssh.michael.com 127.0.0.1:22;
rocktiplex.ssh.michaellisano.com 192.168.1.19:22;
default 127.0.0.1:22;
}
}
server {
listen 80;
server_name analytics.turtlebasket.ml;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
server {
listen 2200;
proxy_pass $backend;
ssl_preread on
}
}
server {
listen 80;
server_name md.turtlebasket.ml;
location / {
proxy_pass http://192.168.1.25:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name money.turtlebasket.ml;
location / {
proxy_pass http://192.168.1.25:8080;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name iot.turtlebasket.ml;
location / {
proxy_pass http://192.168.1.25:8123;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Critical for websockets, which Home Assistant uses
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
}