eichehome/Network-Setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: eichehome:6afbfc87156d0799c07ce9e7e71e8528e0964b5c
Branches Tags
eichehome:main
...
compare: eichehome:da56d477595f3e2601057cd738cab2f42711268f
Branches Tags
eichehome:main

3 commits
6afbfc8715 ... da56d47759

Author SHA1 Message Date
eichehome
da56d47759 Corefile-Notizen 2022-02-25 18:32:24 +01:00
eichehome
de33269452 Unverschlüsselter CoreDNS-Server first config 2022-02-25 18:30:15 +01:00
eichehome
96fdfb1112 Gitea Dockerfile first Version 2022-02-25 16:47:43 +01:00
3 changed files with 197 additions and 35 deletions
Show stats Expand all files Collapse all files

80
Container/Gitea/Dockerfile Normal file
View file

@ -0,0 +1,80 @@
#FROM golang:1.17-alpine3.15 AS build-env
#
#ARG GOPROXY
#ENV GOPROXY ${GOPROXY:-direct}
#
#ARG GITEA_VERSION
#ARG TAGS="sqlite sqlite_unlock_notify"
#ENV TAGS "bindata timetzdata $TAGS"
#ARG CGO_EXTRA_CFLAGS
#
##Build deps
#RUN apk --no-cache add build-base git nodejs npm
#
##Setup repo
#COPY . ${GOPATH}/src/code.gitea.io/gitea
#WORKDIR ${GOPATH}/src/code.gitea.io/gitea
#
##Checkout version if set
#RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
# && make clean-all build
#
## Begin env-to-ini build
#RUN go build contrib/environment-to-ini/environment-to-ini.go
#
#FROM alpine:3.15
#LABEL maintainer="maintainers@gitea.io"
#
#EXPOSE 2222 3000
#
#RUN apk --no-cache add \
# bash \
# ca-certificates \
# gettext \
# git \
# curl \
# gnupg
#
#RUN addgroup \
# -S -g 1000 \
# git && \
# adduser \
# -S -H -D \
# -h /var/lib/gitea/git \
# -s /bin/bash \
# -u 1000 \
# -G git \
# git
#
#RUN mkdir -p /var/lib/gitea /etc/gitea
#RUN chown git:git /var/lib/gitea /etc/gitea
#
#COPY docker/rootless /
#COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
#COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
#RUN chmod 755 /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-setup.sh /app/gitea/gitea /usr/local/bin/gitea /usr/local/bin/environment-to-ini
#
##git:git
#USER 1000:1000
#ENV GITEA_WORK_DIR /var/lib/gitea
#ENV GITEA_CUSTOM /var/lib/gitea/custom
#ENV GITEA_TEMP /tmp/gitea
#ENV TMPDIR /tmp/gitea
#
##TODO add to docs the ability to define the ini to load (usefull to test and revert a config)
#ENV GITEA_APP_INI /etc/gitea/app.ini
#ENV HOME "/var/lib/gitea/git"
#VOLUME ["/var/lib/gitea", "/etc/gitea"]
#WORKDIR /var/lib/gitea
#
#ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
#CMD []
#----
#FROM golang:1.17-alpine as build-env
#LABEL maintainer="eichehome@gmx.de eichehome"
#RUN apk --no-cache add git
#RUN git clone https://
#---
FROM docker.io/gitea/gitea:1.16.2-rootless

99
CoreDNS/Corefile
View file

@ -1,53 +1,82 @@
tls
sign
file/root
loadbalance
forward
bind
loop
dns://.:53 {
bind eth0
loadbalance round_robin
forward . 127.0.0.1:5051 127.0.0.1:5052
forward . 5.1.66.255:53 [2001:678:e68:f000::]:53 185.150.99.255 [2001:678:ed0:f000::]:53 91.239.100.100 [2001:67c:28a4::]:53 89.233.43.71 [2a01:3a0:53:53::]:53 {
prefer_udp
policy round_robin
}
cache {
success 5000
denial 2500
}
}
dns://.:5353 {
forward . 127.0.0.1:5051 127.0.0.1:5052 127.0.0.1:5053 127.0.0.1:5054 127.0.0.1:5055 127.0.0.1:5056 127.0.0.1:5057 {
policy round_robin
}
cache {
success 5000
denial 2500
}
}
tls://.:853 {}
https://.:443 {}
##########
127.0.0.1:5051 {
forward . tls://8.8.8.8 tls://8.8.4.4 {
tls_servername dns.google
forward . tls://[2a01:4f8:251:554::2] tls://5.9.164.112 {
tls_servername dns3.digitalcourage.de
prefer_udp
policy round_robin
}
}
127.0.0.1:5052 {
forward . 1.1.1.1 1.0.0.1 {
tls_servername cloudflare-dns.com
forward . tls://5.1.66.255 tls://185.150.99.255 tls://[2001:678:ed0:f000::] tls://[2001:678:e68:f000::] {
tls_servername dot.ffmuc.net
prefer_udp
policy round_robin
}
}
tls://.:853 {
tls cert.pem key.pem ca.pem
127.0.0.1:5053 {
forward . tls://185.95.218.43 tls://185.95.218.42 tls://[2a05:fc84::43] tls://[2a05:fc84::42] {
tls_servername dns.digitale-gesellschaft.ch
prefer_udp
policy round_robin
}
}
https://.:443 {
tls cert.pem key.pem ca.pem
127.0.0.1:5054 {
forward . tls://89.233.43.71 tls://[2a01:3a0:53:53::] {
tls_servername unicast.censurfridns.dk
prefer_udp
policy round_robin
}
}
. {
bind eth0
loop
loadbalance round_robin
forward . 8.8.8.8 9.9.9.9
forward . tls://9.9.9.9 {
tls_servername dns.quad9.net
health_check 5s
127.0.0.1:5055 {
forward . tls://91.239.100.100 tls://[2001:67c:28a4::] {
tls_servername anycast.censurfridns.dk
prefer_udp
policy round_robin
}
cache 30
hosts {
10.0.0.1 example.org
falltrough
}
127.0.0.1:5056 {
forward . tls://91.239.100.100 tls://[2001:67c:28a4::] {
tls_servername anycast.uncensoreddns.org
prefer_udp
policy round_robin
}
}
127.0.0.1:5057 {
forward . tls://89.233.43.71 tls://[2a01:3a0:53:53::] {
tls_servername unicast.uncensoreddns.org
prefer_udp
policy round_robin
}
hosts
hosts /etc/hosts example.org
}

53
CoreDNS/Corefile-bsp Normal file
View file

@ -0,0 +1,53 @@
tls
sign
file/root
loadbalance
forward
bind
loop
dns://.:53 {
bind eth0
loadbalance round_robin
forward . 127.0.0.1:5051 127.0.0.1:5052
}
127.0.0.1:5051 {
forward . tls://8.8.8.8 tls://8.8.4.4 {
tls_servername dns.google
}
}
127.0.0.1:5052 {
forward . 1.1.1.1 1.0.0.1 {
tls_servername cloudflare-dns.com
}
}
tls://.:853 {
tls cert.pem key.pem ca.pem
}
https://.:443 {
tls cert.pem key.pem ca.pem
}
. {
bind eth0
loop
loadbalance round_robin
forward . 8.8.8.8 9.9.9.9
forward . tls://9.9.9.9 {
tls_servername dns.quad9.net
health_check 5s
}
cache 30
hosts {
10.0.0.1 example.org
falltrough
}
hosts
hosts /etc/hosts example.org
}