Full tunnel for Vintage Story

This commit is contained in:
albert 2024-08-26 21:46:56 +09:00
parent 173294b0d2
commit 38bea3ca19
Signed by: albert
GPG key ID: 3895DD267CA11BA9
5 changed files with 30 additions and 32 deletions

View file

@ -73,10 +73,17 @@
option forwardfor
option forwarded
server warsaw-ovh-01 10.100.0.2:443 ssl verify required ca-file ${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt sni req.hdr(Host)
frontend vintage-story
mode tcp
bind :42420
default_backend backend_tcp
backend backend_tcp
mode tcp
server vintage-story-wg 10.100.1.5
frontend tcp
mode tcp
bind :42420
bind :25565
bind :4443
default_backend backend_tcp

View file

@ -65,6 +65,12 @@
allowedIPs = [ "10.100.1.3/32" ];
persistentKeepalive = 5;
}
{ # framework-server docker:wg-vintage-story
publicKey = "jv36MtY5XV18jirGm7nJTgePJEobhhVd1rf53EUxY1U=";
presharedKeyFile = "/run/secrets/preshared_key";
allowedIPs = [ "10.100.1.5/32" ];
persistentKeepalive = 5;
}
];
};
};

View file

@ -76,7 +76,6 @@
frontend tcp
mode tcp
bind :42420
bind :25565
bind :4443
default_backend backend_tcp
@ -96,6 +95,14 @@
backend backend_mail
mode tcp
server mailserver-wg 10.100.1.3
frontend vintage-story
mode tcp
bind :42420
default_backend backend_tcp
backend backend_tcp
mode tcp
server vintage-story-wg 10.100.1.5
'';
};
}

View file

@ -65,9 +65,16 @@
allowedIPs = [ "10.100.1.3/32" ];
persistentKeepalive = 5;
}
{ # framework-server docker:wg-vintage-story
publicKey = "jv36MtY5XV18jirGm7nJTgePJEobhhVd1rf53EUxY1U=";
presharedKeyFile = "/run/secrets/preshared_key";
allowedIPs = [ "10.100.1.5/32" ];
persistentKeepalive = 5;
}
];
};
};
};
}

View file

@ -1,29 +0,0 @@
{ ... }: {
services.cron = {
enable = false;
systemCronJobs = [
# Backups to nuc-docker01
''0 0 * * * root rsync --delete -avr /Storage/Data/Docker/sysctl.io/ root@nuc-docker01:/Storage/Data/Docker/sysctl.io/''
''0 3 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/InstantUpload/ root@nuc-docker01:/Storage/Media/Pictures/InstantUpload/''
''0 5 * * * root rsync -avr /Storage/Data/Docker/sysctl.io/nextcloud/html/data/albert/files/Wallpapers/ root@nuc-docker01:/Storage/Media/Pictures/Wallpapers''
# Back up the docker containers monthly:
''@monthly root ssh nuc-docker01 "rm -rf /Storage/Backups/Docker/sysctl.io/*"; for i in $(docker ps --format '{{.Names}}'); do docker export $i | gzip -cf | ssh root@nuc-docker01 "cat > /Storage/Backups/Docker/sysctl.io/$i.tar.gz"; done''
# Run the ClamAV scan
''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/clamscan-cron.sh''
# Archive Loki logs monthly
''@monthly root /Storage/Data/docker-compose/sysctl.io/scripts/backup-logs.sh >> /Storage/Data/Temporary/log_backups.log''
# Run the Nextcloud cronjobs hourly
''@hourly root docker exec -uwww-data nextcloud php -f /var/www/html/cron.php''
# Run the Pixelfed scheduler
''* * * * * root docker exec pixelfed-app php artisan schedule:run''
# Update / CLean Mastodon caches
''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''
''@daily root docker exec mastodon-web tootctl media remove --days 7 --prune-profiles''
''@daily root docker exec mastodon-web tootctl accounts prune''
''@daily root docker exec mastodon-web tootctl statuses remove --days 7''
''@daily root docker exec mastodon-web tootctl media remove --remove-headers --include-follows --days 7''
''@daily root docker exec mastodon-web tootctl preview_cards remove --days 7''
''@daily root docker exec mastodon-web tootctl media remove-orphans''
];
};
}