Добавил WireGuard и nginx proxy для Flask
This commit is contained in:
parent
539e301d94
commit
ff5115d489
|
|
@ -14,15 +14,30 @@ services:
|
||||||
- "host.docker.internal:host-gateway"
|
- "host.docker.internal:host-gateway"
|
||||||
restart: always
|
restart: always
|
||||||
|
|
||||||
web:
|
wireguard:
|
||||||
build: .
|
image: linuxserver/wireguard
|
||||||
container_name: flask-dev
|
container_name: wg-client
|
||||||
ports:
|
cap_add:
|
||||||
- "5205:5205" # Пробрасываем порт наружу
|
- NET_ADMIN
|
||||||
volumes:
|
- SYS_MODULE
|
||||||
# Главная строка: монтируем текущую папку с кодом (.)
|
|
||||||
# в папку /app внутри контейнера
|
|
||||||
- .:/app
|
|
||||||
environment:
|
environment:
|
||||||
- FLASK_DEBUG=1 # Дополнительная страховка для включения дебага
|
- PUID=1000
|
||||||
- PYTHONUNBUFFERED=1 # Чтобы логи выводились сразу, а не кэшировались
|
- PGID=1000
|
||||||
|
- TZ=Europe/Amsterdam
|
||||||
|
volumes:
|
||||||
|
- ./wireguard:/config
|
||||||
|
- /lib/modules:/lib/modules
|
||||||
|
sysctls:
|
||||||
|
- net.ipv4.conf.all.src_valid_mark=1
|
||||||
|
restart: unless-stopped
|
||||||
|
networks:
|
||||||
|
- app_net
|
||||||
|
|
||||||
|
web:
|
||||||
|
build: ./web
|
||||||
|
container_name: flask-dev
|
||||||
|
network_mode: "service:wireguard" # весь трафик через WireGuard
|
||||||
|
environment:
|
||||||
|
- FLASK_ENV=development
|
||||||
|
depends_on:
|
||||||
|
- wireguard
|
||||||
|
|
@ -6,7 +6,7 @@ server {
|
||||||
ssl_certificate_key /etc/letsencrypt/live/wstkeys.top/privkey.pem;
|
ssl_certificate_key /etc/letsencrypt/live/wstkeys.top/privkey.pem;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://host.docker.internal:5205;
|
proxy_pass http://wireguard:5205;
|
||||||
|
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,15 @@
|
||||||
|
[Interface]
|
||||||
|
PrivateKey = yNlGhRShhVe9Jf+9PYA5cL1OcQq2K2rT8KsPGPfG50o=
|
||||||
|
Address = 10.66.66.15/32,fd42:42:42::15/128
|
||||||
|
DNS = 1.1.1.1,1.0.0.1
|
||||||
|
|
||||||
|
# Uncomment the next line to set a custom MTU
|
||||||
|
# This might impact performance, so use it only if you know what you are doing
|
||||||
|
# See https://github.com/nitred/nr-wg-mtu-finder to find your optimal MTU
|
||||||
|
# MTU = 1420
|
||||||
|
|
||||||
|
[Peer]
|
||||||
|
PublicKey = bcJDrYlhWls25zz9+bJcWiONw8Qfx1tai504+vKLcgQ=
|
||||||
|
PresharedKey = 40DSkC0TTySjBFyUj19++ngCdYxAHZaLnsrz8Ck9R2Q=
|
||||||
|
Endpoint = 85.208.110.167:50395
|
||||||
|
AllowedIPs = 0.0.0.0/0,::/0
|
||||||
Loading…
Reference in New Issue