diff --git a/compose.nginx.yaml b/compose.nginx.yaml deleted file mode 100644 index bf9c480..0000000 --- a/compose.nginx.yaml +++ /dev/null @@ -1,13 +0,0 @@ -services: - nginx: - container_name: nginx - extra_hosts: - - host:192.168.2.150 - image: nginx:1.25.4 - restart: unless-stopped - volumes: - - /opt/nginx/etc/.htpasswd:/host/etc/.htpasswd - - /opt/nginx/etc/nginx/conf:/etc/nginx/conf - - /opt/nginx/etc/nginx/conf.d:/etc/nginx/conf.d - - /opt/nginx/var/log/nginx:/var/log/nginx - - /opt/seafile/seafile-server-latest/seahub/media:/host/var/www/seafile diff --git a/compose.openvpn-server.yaml b/compose.openvpn-server.yaml deleted file mode 100644 index 9c64c1c..0000000 --- a/compose.openvpn-server.yaml +++ /dev/null @@ -1,15 +0,0 @@ -services: - openvpn-server: - cap_add: - - NET_ADMIN - container_name: openvpn-server - extra_hosts: - - host:192.168.2.150 - image: kylemanna/openvpn:2.4 - network_mode: bridge - ports: - - 443:443 - privileged: true - restart: unless-stopped - volumes: - - /opt/openvpn-server:/etc/openvpn diff --git a/nginx/etc/.htpasswd b/nginx/etc/.htpasswd deleted file mode 100644 index 78b8e7b..0000000 --- a/nginx/etc/.htpasswd +++ /dev/null @@ -1 +0,0 @@ -user:$apr1$PUlYgSSM$cZbvFGsKVt4SsAsB5Bifr1 diff --git a/nginx/etc/nginx/conf.d/default.conf b/nginx/etc/nginx/conf.d/default.conf deleted file mode 100644 index e69de29..0000000 diff --git a/nginx/etc/nginx/conf.d/global.conf b/nginx/etc/nginx/conf.d/global.conf deleted file mode 100644 index 84b7667..0000000 --- a/nginx/etc/nginx/conf.d/global.conf +++ /dev/null @@ -1,27 +0,0 @@ -log_format seafileformat '$http_x_forwarded_for $remote_addr [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $upstream_response_time'; - -server { - listen 80; - location /seafile { - proxy_pass http://host:8000; - include /etc/nginx/conf/proxy.conf; - } - location /seafhttp { - rewrite ^/seafhttp(.*)$ $1 break; - proxy_pass http://host:8082; - client_max_body_size 0; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - proxy_connect_timeout 36000s; - proxy_read_timeout 36000s; - proxy_send_timeout 36000s; - send_timeout 36000s; - - access_log /var/log/nginx/seafhttp.access.log seafileformat; - error_log /var/log/nginx/seafhttp.error.log; - } - location /seafmedia { - rewrite ^/seafmedia(.*)$ $1 break; - root /host/var/www/seafile; - } -} diff --git a/nginx/etc/nginx/conf/proxy.conf b/nginx/etc/nginx/conf/proxy.conf deleted file mode 100644 index 78a948d..0000000 --- a/nginx/etc/nginx/conf/proxy.conf +++ /dev/null @@ -1,10 +0,0 @@ -# Proxy -proxy_redirect off; -proxy_set_header Host $host; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Ssl on; - -# Websocket -proxy_http_version 1.1; -proxy_set_header Upgrade $http_upgrade; -proxy_set_header Connection $http_connection; diff --git a/nginx/etc/nginx/conf/ssl.conf b/nginx/etc/nginx/conf/ssl.conf deleted file mode 100644 index c927b70..0000000 --- a/nginx/etc/nginx/conf/ssl.conf +++ /dev/null @@ -1,21 +0,0 @@ -# Enable SSL -ssl_certificate /host/etc/certs/certificate+intermediate.pem; -ssl_certificate_key /host/etc/certs/key.pem; -ssl_dhparam /host/etc/certs/dh.pem; - -# Increased security, from https://cipherli.st/ -ssl_protocols TLSv1 TLSv1.1 TLSv1.2; -ssl_prefer_server_ciphers on; -ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; -ssl_ecdh_curve secp384r1; -ssl_session_cache shared:SSL:10m; -ssl_session_tickets off; -ssl_stapling on; -ssl_stapling_verify on; -resolver_timeout 5s; -# add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"; -add_header X-Frame-Options DENY; -add_header X-Content-Type-Options nosniff; - -# Redirect HTTP trafic -error_page 497 https://$host:$server_port$request_uri; \ No newline at end of file diff --git a/openvpn-server/openvpn.conf b/openvpn-server/openvpn.conf deleted file mode 100644 index 97fa6c8..0000000 --- a/openvpn-server/openvpn.conf +++ /dev/null @@ -1,31 +0,0 @@ -server 192.168.255.0 255.255.255.0 -verb 3 -key /etc/openvpn/pki/private/herderin.veenboer.xyz.key -ca /etc/openvpn/pki/ca.crt -cert /etc/openvpn/pki/issued/herderin.veenboer.xyz.crt -dh /etc/openvpn/pki/dh.pem -tls-auth /etc/openvpn/pki/ta.key -key-direction 0 -keepalive 10 60 -persist-key -persist-tun - -proto tcp -# Rely on Docker to do port mapping, internally always 1194 -port 443 -dev tun0 -status /tmp/openvpn-status.log - -user nobody -group nogroup -comp-lzo no - -### Route Configurations Below -route 192.168.254.0 255.255.255.0 - -### Push Configurations Below -push "block-outside-dns" -push "dhcp-option DNS 192.168.2.150" -push "comp-lzo no" - -port-share host 444 diff --git a/openvpn-server/ovpn_env.sh b/openvpn-server/ovpn_env.sh deleted file mode 100644 index 66ce1fb..0000000 --- a/openvpn-server/ovpn_env.sh +++ /dev/null @@ -1,25 +0,0 @@ -declare -x OVPN_AUTH= -declare -x OVPN_CIPHER= -declare -x OVPN_CLIENT_TO_CLIENT= -declare -x OVPN_CN=herderin.veenboer.xyz -declare -x OVPN_COMP_LZO=0 -declare -x OVPN_DEFROUTE=1 -declare -x OVPN_DEVICE=tun -declare -x OVPN_DEVICEN=0 -declare -x OVPN_DISABLE_PUSH_BLOCK_DNS=0 -declare -x OVPN_DNS=1 -declare -x OVPN_DNS_SERVERS=([0]="8.8.8.8" [1]="8.8.4.4") -declare -x OVPN_ENV=/etc/openvpn/ovpn_env.sh -declare -x OVPN_EXTRA_CLIENT_CONFIG=() -declare -x OVPN_EXTRA_SERVER_CONFIG=() -declare -x OVPN_FRAGMENT= -declare -x OVPN_KEEPALIVE='10 60' -declare -x OVPN_MTU= -declare -x OVPN_NAT=0 -declare -x OVPN_PORT=1194 -declare -x OVPN_PROTO=tcp -declare -x OVPN_PUSH=() -declare -x OVPN_ROUTES=([0]="192.168.254.0/24") -declare -x OVPN_SERVER=192.168.255.0/24 -declare -x OVPN_SERVER_URL=tcp://herderin.veenboer.xyz -declare -x OVPN_TLS_CIPHER= diff --git a/openvpn-server/setup.sh b/openvpn-server/setup.sh deleted file mode 100755 index 2af5f13..0000000 --- a/openvpn-server/setup.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/usr/bin/bash -OVPN_DATA=/opt/openvpn-server -VERSION=2.4 -CLIENTNAME=herderin -docker run -v /$OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn:$VERSION ovpn_genconfig -u tcp://$CLIENTNAME.veenboer.xyz -docker run -v /$OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn:$VERSION ovpn_initpki -docker run -v /$OVPN_DATA:/etc/openvpn -d -p 443:443/tcp --cap-add=NET_ADMIN kylemanna/openvpn:$VERSION -docker run -v /$OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENTNAME nopass -docker run -v /$OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn:$VERSION ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn