Compare commits
6 commits
| Author | SHA1 | Date | |
|---|---|---|---|
| b5cec5cf4c | |||
| 23813ac048 | |||
| 890b90a7c2 | |||
| 62037c2495 | |||
| 9dbfdeeb7a | |||
| ac2e41e257 |
3 changed files with 94 additions and 1 deletions
|
|
@ -0,0 +1,27 @@
|
|||
server {
|
||||
listen 80;
|
||||
server_name fz.ixvd.net;
|
||||
|
||||
location /live/websocket {
|
||||
proxy_pass http://firezone:13000;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection upgrade;
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header Host $host;
|
||||
proxy_pass http://firezone:13000;
|
||||
client_max_body_size 0;
|
||||
}
|
||||
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
}
|
||||
66
servers/apoc/docker-compose.d/docker-compose.firezone.yml
Normal file
66
servers/apoc/docker-compose.d/docker-compose.firezone.yml
Normal file
|
|
@ -0,0 +1,66 @@
|
|||
version: '2.2'
|
||||
# Example compose file for production deployment on Linux.
|
||||
#
|
||||
# Note: This file is meant to serve as a template. Please modify it
|
||||
# according to your needs. Read more about Docker Compose:
|
||||
#
|
||||
# https://docs.docker.com/compose/compose-file/
|
||||
#
|
||||
#
|
||||
x-deploy: &default-deploy
|
||||
restart_policy:
|
||||
condition: unless-stopped
|
||||
delay: 5s
|
||||
window: 120s
|
||||
update_config:
|
||||
order: start-first
|
||||
|
||||
services:
|
||||
firezone:
|
||||
image: firezone/firezone:${VERSION:-latest}
|
||||
ports:
|
||||
- 51820:51820/udp
|
||||
environment:
|
||||
EXTERNAL_URL: "https://fz.ixvd.net/"
|
||||
DATABASE_HOST: "fz-postgres"
|
||||
DATABASE_USER: "firezone"
|
||||
DATABASE_PASSWORD: "firezone"
|
||||
env_file:
|
||||
- /etc/ixvd/secrets/env/firezone.env
|
||||
volumes:
|
||||
- /srv/firezone/config:/var/firezone
|
||||
cap_add:
|
||||
- NET_ADMIN
|
||||
- SYS_MODULE
|
||||
sysctls:
|
||||
- net.ipv6.conf.all.disable_ipv6=0
|
||||
- net.ipv4.ip_forward=1
|
||||
- net.ipv6.conf.all.forwarding=1
|
||||
depends_on:
|
||||
- postgres
|
||||
networks:
|
||||
proxy:
|
||||
fz-internal:
|
||||
ipv4_address: 172.90.0.10
|
||||
ipv6_address: fcff:3990:3990::99
|
||||
|
||||
fz-postgres:
|
||||
image: postgres:15
|
||||
volumes:
|
||||
- /srv/firezone/data:/var/lib/postgresql/data
|
||||
environment:
|
||||
POSTGRES_DB: firezone
|
||||
POSTGRES_USER: firezone
|
||||
POSTGRES_PASSWORD: firezone
|
||||
networks:
|
||||
- fz-internal
|
||||
|
||||
networks:
|
||||
fz-internal:
|
||||
enable_ipv6: true
|
||||
driver: bridge
|
||||
ipam:
|
||||
config:
|
||||
- subnet: 172.90.0.0/16
|
||||
- subnet: fcff:3990:3990::/64
|
||||
gateway: fcff:3990:3990::1
|
||||
|
|
@ -7,7 +7,7 @@ services:
|
|||
build: custom/nginx
|
||||
environment:
|
||||
CERTBOT_EMAIL: "webmaster@ixvd.net"
|
||||
CERTBOT_DOMAINS: "apoc.ixvd.net,mail.ixvd.net,git.ixvd.net,my.ixvd.net,ci.ixvd.net,baikal.ixvd.net,pg.ixvd.net,snipe.ixvd.net"
|
||||
CERTBOT_DOMAINS: "apoc.ixvd.net,mail.ixvd.net,git.ixvd.net,my.ixvd.net,ci.ixvd.net,baikal.ixvd.net,pg.ixvd.net,snipe.ixvd.net,fz.ixvd.net"
|
||||
volumes:
|
||||
- /srv/certbot/data:/etc/letsencrypt
|
||||
- /srv/certbot/other/www:/var/www/certbot
|
||||
|
|
|
|||
Loading…
Reference in a new issue