Full tunnel for Vintage Story
This commit is contained in:
parent
173294b0d2
commit
38bea3ca19
5 changed files with 30 additions and 32 deletions
|
@ -73,10 +73,17 @@
|
||||||
option forwardfor
|
option forwardfor
|
||||||
option forwarded
|
option forwarded
|
||||||
server warsaw-ovh-01 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host)
|
server warsaw-ovh-01 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host)
|
||||||
|
|
||||||
|
frontend vintage-story
|
||||||
|
mode tcp
|
||||||
|
bind :42420
|
||||||
|
default_backend backend_tcp
|
||||||
|
backend backend_tcp
|
||||||
|
mode tcp
|
||||||
|
server vintage-story-wg 10.100.1.5
|
||||||
|
|
||||||
frontend tcp
|
frontend tcp
|
||||||
mode tcp
|
mode tcp
|
||||||
bind :42420
|
|
||||||
bind :25565
|
bind :25565
|
||||||
bind :4443
|
bind :4443
|
||||||
default_backend backend_tcp
|
default_backend backend_tcp
|
||||||
|
|
|
@ -65,6 +65,12 @@
|
||||||
allowedIPs = [ "10.100.1.3/32" ];
|
allowedIPs = [ "10.100.1.3/32" ];
|
||||||
persistentKeepalive = 5;
|
persistentKeepalive = 5;
|
||||||
}
|
}
|
||||||
|
{ # framework-server docker:wg-vintage-story
|
||||||
|
publicKey = "jv36MtY5XV18jirGm7nJTgePJEobhhVd1rf53EUxY1U=";
|
||||||
|
presharedKeyFile = "/run/secrets/preshared_key";
|
||||||
|
allowedIPs = [ "10.100.1.5/32" ];
|
||||||
|
persistentKeepalive = 5;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -76,7 +76,6 @@
|
||||||
|
|
||||||
frontend tcp
|
frontend tcp
|
||||||
mode tcp
|
mode tcp
|
||||||
bind :42420
|
|
||||||
bind :25565
|
bind :25565
|
||||||
bind :4443
|
bind :4443
|
||||||
default_backend backend_tcp
|
default_backend backend_tcp
|
||||||
|
@ -96,6 +95,14 @@
|
||||||
backend backend_mail
|
backend backend_mail
|
||||||
mode tcp
|
mode tcp
|
||||||
server mailserver-wg 10.100.1.3
|
server mailserver-wg 10.100.1.3
|
||||||
|
|
||||||
|
frontend vintage-story
|
||||||
|
mode tcp
|
||||||
|
bind :42420
|
||||||
|
default_backend backend_tcp
|
||||||
|
backend backend_tcp
|
||||||
|
mode tcp
|
||||||
|
server vintage-story-wg 10.100.1.5
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -65,9 +65,16 @@
|
||||||
allowedIPs = [ "10.100.1.3/32" ];
|
allowedIPs = [ "10.100.1.3/32" ];
|
||||||
persistentKeepalive = 5;
|
persistentKeepalive = 5;
|
||||||
}
|
}
|
||||||
|
{ # framework-server docker:wg-vintage-story
|
||||||
|
publicKey = "jv36MtY5XV18jirGm7nJTgePJEobhhVd1rf53EUxY1U=";
|
||||||
|
presharedKeyFile = "/run/secrets/preshared_key";
|
||||||
|
allowedIPs = [ "10.100.1.5/32" ];
|
||||||
|
persistentKeepalive = 5;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,29 +0,0 @@
|
||||||
{ ... }: {
|
|
||||||
services.cron = {
|
|
||||||
enable = false;
|
|
||||||
systemCronJobs = [
|
|
||||||
# Backups to nuc-docker01
|
|
||||||
''0 0 * * * root rsync --delete -avr /Storage/Data/Docker/sysctl.io/ root@nuc-docker01:/Storage/Data/Docker/sysctl.io/''
|
|
||||||
''0 3 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/InstantUpload/ root@nuc-docker01:/Storage/Media/Pictures/InstantUpload/''
|
|
||||||
''0 5 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Media/Pictures/Wallpapers''
|
|
||||||
# Back up the docker containers monthly:
|
|
||||||
''@monthly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done''
|
|
||||||
# Run the ClamAV scan
|
|
||||||
''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh''
|
|
||||||
# Archive Loki logs monthly
|
|
||||||
''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log''
|
|
||||||
# Run the Nextcloud cronjobs hourly
|
|
||||||
''@hourly root docker exec -uwww-data nextcloud php -f /var/www/html/cron.php''
|
|
||||||
# Run the Pixelfed scheduler
|
|
||||||
''* * * * * root docker exec pixelfed-app php artisan schedule:run''
|
|
||||||
# Update / CLean Mastodon caches
|
|
||||||
''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''
|
|
||||||
''@daily root docker exec mastodon-web tootctl media remove --days 7 --prune-profiles''
|
|
||||||
''@daily root docker exec mastodon-web tootctl accounts prune''
|
|
||||||
''@daily root docker exec mastodon-web tootctl statuses remove --days 7''
|
|
||||||
''@daily root docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 7''
|
|
||||||
''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''
|
|
||||||
''@daily root docker exec mastodon-web tootctl media remove-orphans''
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
Loading…
Reference in a new issue