From 94c273e368d8f9d5b4dc9bfd1d84997c46ebad05 Mon Sep 17 00:00:00 2001 From: Alex Denes Date: Wed, 17 Feb 2021 15:32:10 +0000 Subject: [PATCH] Add services and adapt haproxy config --- config/haproxy/APKBUILD | 6 +++--- config/haproxy/main.cfg | 17 +++++++++-------- config/unbound/APKBUILD | 4 ++-- config/unbound/zones/crxn | 38 ++++++++++++++++++++++++++++++++++++-- 4 files changed, 50 insertions(+), 15 deletions(-) diff --git a/config/haproxy/APKBUILD b/config/haproxy/APKBUILD index b4f4567..2f62210 100644 --- a/config/haproxy/APKBUILD +++ b/config/haproxy/APKBUILD @@ -4,8 +4,8 @@ _svcname=haproxy . ../APKBUILD-config.common -pkgver=2021.01.30 -pkgrel=2 +pkgver=2021.02.17 +pkgrel=1 depends="redxen-secret-letsencrypt-full redxen-data-haproxy-errorpages" #checkdepends="haproxy" source="main.cfg" @@ -14,4 +14,4 @@ source="main.cfg" # haproxy -c -f main.cfg # Certificates aren't readable by the building user #} -sha512sums="4dde4c5a43c83668a812225907e3e588fe9e9d3ee93be0b119641d754b6c7c9cba37c4e045a1d42304106e7c43bf0ccc9fd21bdfb9377579f9f8466e38819731 main.cfg" +sha512sums="1caa12adfffcc33ede82c53471c54100908034f869febcced5bf60d6ed8f2fd0fdd5168621d41b454ee83f52da5be69c5849a38834cd1d6a2da9eb1a2ded9982 main.cfg" diff --git a/config/haproxy/main.cfg b/config/haproxy/main.cfg index d0cdc7c..0ed2542 100644 --- a/config/haproxy/main.cfg +++ b/config/haproxy/main.cfg @@ -52,15 +52,16 @@ frontend http acl root path / - redirect prefix /web code 302 if { hdr_beg(host) -i seed } root - use_backend backend-transmission if { hdr_beg(host) -i seed } + acl seedbox hdr_beg(host) -i seed.redxen + use_backend backend-transmission if seedbox + redirect prefix /web code 302 if seedbox root - use_backend backend-root if { hdr(host) -i redxen.eu } - use_backend backend-grafana if { hdr_beg(host) -i stats } -# use_backend backend-pleroma if { hdr_beg(host) -i social } - use_backend backend-gitea if { hdr_beg(host) -i git } - use_backend backend-seedown if { hdr_beg(host) -i sd } - use_backend backend-packages if { hdr_beg(host) -i packages } + use_backend backend-root if { hdr_beg(host) -i redxen } + use_backend backend-grafana if { hdr_beg(host) -i stats.redxen } +# use_backend backend-pleroma if { hdr_beg(host) -i social.redxen } + use_backend backend-gitea if { hdr_beg(host) -i git.redxen } + use_backend backend-seedown if { hdr_beg(host) -i sd.redxen } + use_backend backend-packages if { hdr_beg(host) -i packages.redxen } http-response set-header X-Forwarded-Proto https http-response set-header X-XSS-Protection 1;\ mode=block diff --git a/config/unbound/APKBUILD b/config/unbound/APKBUILD index 47b7232..ec77119 100644 --- a/config/unbound/APKBUILD +++ b/config/unbound/APKBUILD @@ -5,7 +5,7 @@ _svcname=unbound . ../APKBUILD-config.common pkgver=2021.02.17 -pkgrel=2 +pkgrel=4 depends="alpine-baselayout ca-certificates-bundle dns-root-hints dnssec-root" makedepends="redxen-secret-opendkim-dns" checkdepends="bind-tools unbound" @@ -73,4 +73,4 @@ d94ad338e2ea43c3ecdc62c861eddc0bb706807b738dd985309bcdf0b5fb435d7260bf272e2bbe40 28c917fe7f69643887097553312c4f1ffc747dffdbf150430e6c4b2e5833567922810716cb59a27887915664777ac3263be3c826956f504499f0ebdcc0b3aac5 auth-redxen.conf 91847e65c48e585f298bb766b2b20c43f5380686b594233da3b722962b03f2f4c858bf299b745027dadd184408a87b1e85ebf03b027196756455afea69f79cf9 auth-crxn.conf b82efa5e5c796a5cadf08ac5bf54a79211318662680eb48e4d680655deecd88c5aabc4bd674fd24a402900adeaad3703af2aee5af221a0baec8e422b4e1017d3 redxen.eu -68263b82e6fd302ebdea492922b1514ceae73f45108a2b42875b5e9b2f8b07097e708f8f0f73a9686500cc1ca44aff2ed0a907c06320f934b1cca47cf9090e4e crxn" +5811c16899b9d3463836ef9f58ae97cb62b32d305ae9e2e9933e76f9463ff33bf47c21e491559fbe4bbd5842c4c164c8bb53f692c9e145206c38f4f576f55cdf crxn" diff --git a/config/unbound/zones/crxn b/config/unbound/zones/crxn index df8c6fe..9ae8884 100644 --- a/config/unbound/zones/crxn +++ b/config/unbound/zones/crxn @@ -4,13 +4,43 @@ @ IN SOA 9804624.nbg1-dc3.hetzner.redxen admin.redxen.eu. 2021021701 ( 1800 120 604800 3600 ) +; ; RedXen +; @ IN NS 9804624.nbg1-dc3.hetzner.redxen dns 10800 IN CNAME 9804624.nbg1-dc3.hetzner.redxen -taro.nurnberg.hetzner.redxen 86400 IN CNAME 9804624.nbg1-dc3.hetzner.redxen -9804624.nbg1-dc3.hetzner.redxen 86400 IN AAAA fd8a:6111:3b1a:dddd::1 +; Friendly names +lain.nurnberg.hetzner.redxen 86400 IN CNAME 8101153.nbg1-dc3.hetzner.redxen +arisu.falkenstein.hetzner.redxen 86400 IN CNAME 8201371.fsn1-dc14.hetzner.redxen +chisa.falkenstein.hetzner.redxen 86400 IN CNAME 9013723.fsn1-dc14.hetzner.redxen +masami.nurnberg.hetzner.redxen 86400 IN CNAME 9227948.nbg1-dc3.hetzner.redxen +taro.nurnberg.hetzner.redxen 86400 IN CNAME 9804624.nbg1-dc3.hetzner.redxen + +; Uniquie identifiers +9804624.nbg1-dc3.hetzner.redxen 86400 IN AAAA fd8a:6111:3b1a:dddd::1 +9227948.nbg1-dc3.hetzner.redxen 86400 IN AAAA fd8a:6111:3b1a:dddd::2 +9013723.fsn1-dc14.hetzner.redxen 86400 IN AAAA fd8a:6111:3b1a:dddd::3 +8201371.fsn1-dc14.hetzner.redxen 86400 IN AAAA fd8a:6111:3b1a:dddd::4 +8101153.nbg1-dc3.hetzner.redxen 86400 IN AAAA fd8a:6111:3b1a:dddd::5 + +; Frontend +redxen 10800 IN AAAA fd8a:6111:3b1a:dddd::4 +redxen 10800 IN AAAA fd8a:6111:3b1a:dddd::5 + +; Services +git.redxen 10800 IN CNAME redxen +stats.redxen 10800 IN CNAME redxen +sd.redxen 10800 IN CNAME redxen +packages.redxen 10800 IN CNAME redxen +seed.redxen 10800 IN CNAME redxen +mumble.redxen 10800 IN CNAME 8201371.fsn1-dc14.hetzner.redxen +mail.redxen 10800 IN CNAME 9227948.nbg1-dc3.hetzner.redxen +xonotic.redxen 10800 IN CNAME 9804624.nbg1-dc3.hetzner.redxen + +; ; deavmi +; bester.deavmi IN A 10.0.0.2 bester.deavmi IN AAAA fd8a:6111:3b1a:bbbb::2 jaco.deavmi IN A 10.0.0.7 @@ -23,10 +53,14 @@ personal.deavmi IN A 10.1.0.2 lockdown.bnet.deavmi IN A 10.1.0.3 router3.deavmi IN A 10.6.3.1 +; ; Gustav +; excalibur.gustav IN A 10.6.4.1 arthur.gustav IN A 10.6.4.3 +; ; zhoreeq +; ceo-of-mesh.zhoreeq IN A 10.18.1.7 lofi.zhoreeq IN A 10.18.1.1