Viyurz/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Added Syncthing

Browse source
This commit is contained in:
Viyurz 2023-12-01 12:33:10 +00:00
parent 97af5ecee2
commit 249f37b860
5 changed files with 41 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
nftables.conf
View file

@ -11,8 +11,9 @@ table inet filter {
ct state invalid drop ct state invalid drop
ct state { established, related } accept ct state { established, related } accept
# HTTP # HTTP & Syncthing Relay
tcp dport { http, https } limit rate 5/second accept tcp dport { http, https, 5432, 22000 } limit rate 5/second accept
udp dport 22000 limit rate 5/second accept
# SSH # SSH
tcp dport 995 limit rate 15/minute accept tcp dport 995 limit rate 15/minute accept
@ -24,6 +25,8 @@ table inet filter {
chain forward { chain forward {
type filter hook forward priority 0; policy accept; type filter hook forward priority 0; policy accept;
iif eth0 drop
} }
chain output { chain output {

2
nginx-rp/nginx.conf
View file

@ -74,8 +74,6 @@ http {
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Client-Port $remote_port;
proxy_set_header X-SSL-Cert $ssl_client_cert;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;

2
nginx-rp/reverse-proxy.conf
View file

@ -127,6 +127,8 @@ server {
location / { location / {
proxy_pass http://stdisco.viyurz.fr; proxy_pass http://stdisco.viyurz.fr;
proxy_set_header X-Client-Port $remote_port;
proxy_set_header X-SSL-Cert $ssl_client_cert;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection; proxy_set_header Connection $http_connection;
} }

4
ports.txt
View file

@ -1,8 +1,12 @@
80/443 -> NGINX reverse proxy 80/443 -> NGINX reverse proxy
995 -> SSH 995 -> SSH
5432 -> Syncthing
8008 -> Synapse 8008 -> Synapse
8080 -> Nextcloud AIO 8080 -> Nextcloud AIO
8081 -> Vaultwarden 8081 -> Vaultwarden
8082 -> nginx-www 8082 -> nginx-www
8083 -> SearXNG 8083 -> SearXNG
8384 -> Syncthing Web UI
8443 -> stdisco
11000 -> Nextcloud 11000 -> Nextcloud
22000 -> Syncthing

30
syncthing/docker-compose.yaml Normal file
View file

@ -0,0 +1,30 @@
services:
syncthing:
image: syncthing/syncthing:latest
container_name: syncthing
restart: always
environment:
- PUID=1003
- PGID=1003
ports:
- "[::1]:8384:8384" # Web UI
- 22000:22000/tcp # TCP file transfers
- 22000:22000/udp # QUIC file transfers
- 5432:22000/tcp
volumes:
- /mnt/syncthing:/var/syncthing
stdiscosrv:
image: syncthing/discosrv:latest
container_name: stdiscosrv
restart: always
entrypoint:
- "/bin/entrypoint.sh"
- "/bin/stdiscosrv"
- "-http"
- "-debug"
environment:
- PUID=1002
- PGID=1002
ports:
- "[::1]:8443:8443"