crappyrules
/
mistborn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge branch 'master' into 6-docs

merge-requests/14/head
Steven Foerster 6 years ago
parent
cbec48f745 7755c627b3
commit
fb4866368e
6 changed files with 13 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      scripts/install.sh
  2. 13
      scripts/services/Mistborn-base.service
  3. 2
      scripts/services/Mistborn-bitwarden.service
  4. 2
      scripts/services/Mistborn-rocketchat.service
  5. 4
      scripts/services/Mistborn-syncthing.service
  6. 2
      scripts/services/Mistborn-tor.service

2
scripts/install.sh
Unescape View File

@ -197,7 +197,7 @@ sudo systemctl disable dnsmasq 2>/dev/null || true
sudo grep -qF "$(hostname)" /etc/hosts && echo "$(hostname) already in /etc/hosts" || echo "127.0.1.1 $(hostname) $(hostname)" | sudo tee -a /etc/hosts sudo grep -qF "$(hostname)" /etc/hosts && echo "$(hostname) already in /etc/hosts" || echo "127.0.1.1 $(hostname) $(hostname)" | sudo tee -a /etc/hosts
# resolve all *.mistborn domains # resolve all *.mistborn domains
echo "address=/.mistborn/$IPV4_PUBLIC" | sudo tee ../mistborn_volumes/base/pihole/etc-dnsmasqd/02-lan.conf echo "address=/.mistborn/10.2.3.1" | sudo tee ../mistborn_volumes/base/pihole/etc-dnsmasqd/02-lan.conf
# ResolvConf (OpenResolv installed with Wireguard) # ResolvConf (OpenResolv installed with Wireguard)
sudo sed -i "s/#name_servers.*/name_servers=$IPV4_PUBLIC/" /etc/resolvconf.conf sudo sed -i "s/#name_servers.*/name_servers=$IPV4_PUBLIC/" /etc/resolvconf.conf

13
scripts/services/Mistborn-base.service
Unescape View File

@ -12,6 +12,7 @@ PermissionsStartOnly=true
ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml down ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml down
ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml build ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml build
ExecStartPre=-/sbin/ip address add 10.2.3.1/30 dev DIFACE
ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP
ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p tcp --dport 53 -j MISTBORN_LOG_DROP ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p tcp --dport 53 -j MISTBORN_LOG_DROP
ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p tcp --dport 80 -j MISTBORN_LOG_DROP ExecStartPre=/sbin/iptables -I DOCKER-USER -i DIFACE -p tcp --dport 80 -j MISTBORN_LOG_DROP
@ -24,12 +25,12 @@ ExecStart=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml up
# Stop container when unit is stopped # Stop container when unit is stopped
ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml down ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/base.yml down
# Post stop # Post stop
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 53 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 53 -j MISTBORN_LOG_DROP
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 80 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 80 -j MISTBORN_LOG_DROP
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 5555 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 5555 -j MISTBORN_LOG_DROP
ExecStopPost=/sbin/iptables -D OUTPUT -o DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D OUTPUT -o DIFACE -p udp --dport 53 -j MISTBORN_LOG_DROP
ExecStopPost=/sbin/ip6tables -D OUTPUT -p udp --dport 53 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/ip6tables -D OUTPUT -p udp --dport 53 -j MISTBORN_LOG_DROP
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

2
scripts/services/Mistborn-bitwarden.service
Unescape View File

@ -17,7 +17,7 @@ ExecStart=/usr/local/bin/docker-compose -f /opt/mistborn/extra/bitwarden.yml up
# Stop container when unit is stopped # Stop container when unit is stopped
ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/bitwarden.yml down ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/bitwarden.yml down
# Post stop # Post stop
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 3012 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 3012 -j MISTBORN_LOG_DROP
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

2
scripts/services/Mistborn-rocketchat.service
Unescape View File

@ -17,7 +17,7 @@ ExecStart=/usr/local/bin/docker-compose -f /opt/mistborn/extra/rocketchat.yml up
# Stop container when unit is stopped # Stop container when unit is stopped
ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/rocketchat.yml down ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/rocketchat.yml down
# Post stop # Post stop
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 3001 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 3001 -j MISTBORN_LOG_DROP
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

4
scripts/services/Mistborn-syncthing.service
Unescape View File

@ -18,8 +18,8 @@ ExecStart=/usr/local/bin/docker-compose -f /opt/mistborn/extra/syncthing.yml up
# Stop container when unit is stopped # Stop container when unit is stopped
ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/syncthing.yml down ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/syncthing.yml down
# Post stop # Post stop
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p udp --dport 21027 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p udp --dport 21027 -j MISTBORN_LOG_DROP
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 22000 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 22000 -j MISTBORN_LOG_DROP
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

2
scripts/services/Mistborn-tor.service
Unescape View File

@ -17,7 +17,7 @@ ExecStart=/usr/local/bin/docker-compose -f /opt/mistborn/extra/tor.yml up --buil
# Stop container when unit is stopped # Stop container when unit is stopped
ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/tor.yml down ExecStop=/usr/local/bin/docker-compose -f /opt/mistborn/extra/tor.yml down
# Post stop # Post stop
ExecStopPost=/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 9150 -j MISTBORN_LOG_DROP || true ExecStopPost=-/sbin/iptables -D DOCKER-USER -i DIFACE -p tcp --dport 9150 -j MISTBORN_LOG_DROP
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target

Write Preview
Loading…
Cancel
Save