From 11da827e5227c04260a2169957e4865b672d7179 Mon Sep 17 00:00:00 2001 From: Xavor Date: Thu, 4 Sep 2025 23:19:05 +0200 Subject: [PATCH] =?UTF-8?q?configurado=20external,=20dynu-updater,=20repo?= =?UTF-8?q?=20y=20coredns=20con=20cari=C3=B1o?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- coredns/configmap-coredns.yaml | 12 +++--- dynu-updater/kustomization.yaml | 1 + external/configmaps/configmap.yaml | 53 ++++++++++++++++++--------- external/ingress/wireguarddotcom.yaml | 1 + readme.md | 22 +++++------ 5 files changed, 54 insertions(+), 35 deletions(-) diff --git a/coredns/configmap-coredns.yaml b/coredns/configmap-coredns.yaml index c421bcd..5e63b45 100644 --- a/coredns/configmap-coredns.yaml +++ b/coredns/configmap-coredns.yaml @@ -36,11 +36,11 @@ data: 192.168.0.100 heimdall.c2et.net # === dotcom ) === - 192.168.0.40 cockpit.c2et.com - 192.168.0.40 git.c2et.com - 192.168.0.40 harbor.c2et.com - 192.168.0.40 wireguard.c2et.com - 192.168.0.40 proxy.c2et.com + 192.168.0.100 cockpit.c2et.com + 192.168.0.100 git.c2et.com + 192.168.0.100 harbor.c2et.com + 192.168.0.100 wireguard.c2et.com + 192.168.0.100 proxy.c2et.com 192.168.0.80 backend.apolo.c2et.com 192.168.0.80 portal.apolo.c2et.com 192.168.0.80 colossus.apolo.c2et.com @@ -63,7 +63,7 @@ data: fallthrough } - forward . /etc/resolv.conf + forward . 8.8.8.8 1.1.1.1 cache 120 # prometheus 0.0.0.0:9153 # <- activa si quieres métricas } diff --git a/dynu-updater/kustomization.yaml b/dynu-updater/kustomization.yaml index bd573aa..cdef5cd 100644 --- a/dynu-updater/kustomization.yaml +++ b/dynu-updater/kustomization.yaml @@ -1,3 +1,4 @@ resources: + - harbor-regcred.yaml - namespace.yaml - cronjob.yaml diff --git a/external/configmaps/configmap.yaml b/external/configmaps/configmap.yaml index dd2aa47..2110886 100644 --- a/external/configmaps/configmap.yaml +++ b/external/configmaps/configmap.yaml @@ -4,6 +4,20 @@ metadata: name: nginx-router-config namespace: external data: + _common.conf: | + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_read_timeout 3600; + proxy_send_timeout 3600; + client_max_body_size 0; + proxy_redirect off; + proxy_ssl_server_name on; + router.conf: | server { listen 80 default_server; @@ -36,40 +50,43 @@ data: gitdotcom.conf: | server { - listen 3001; + listen 80; server_name git.c2et.com; location / { - proxy_pass https://192.168.0.40; - proxy_ssl_verify off; - } - } - - harbordotcom.conf: | - server { - listen 85; - server_name harbor.c2et.com; - location / { - proxy_pass https://192.168.0.40; - proxy_ssl_verify off; + include /etc/nginx/conf.d/_common.conf; + proxy_pass http://192.168.0.40:3001; } } wireguarddotcom.conf: | server { - listen 51821; + listen 80; server_name wireguard.c2et.com; location / { - proxy_pass https://192.168.0.40; - proxy_ssl_verify off; + include /etc/nginx/conf.d/_common.conf; + proxy_pass http://192.168.0.40:51821; + } + } + + + harbordotcom.conf: | + server { + listen 80; + server_name harbor.c2et.com; + location / { + include /etc/nginx/conf.d/_common.conf; + proxy_pass http://192.168.0.40:85; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; } } cockpitdotcom.conf: | server { - listen 9090; + listen 80; server_name cockpit.c2et.com; location / { - proxy_pass https://192.168.0.40; + proxy_pass https://192.168.0.40:9090; proxy_ssl_verify off; } } diff --git a/external/ingress/wireguarddotcom.yaml b/external/ingress/wireguarddotcom.yaml index b66a81b..001bf0e 100644 --- a/external/ingress/wireguarddotcom.yaml +++ b/external/ingress/wireguarddotcom.yaml @@ -8,6 +8,7 @@ metadata: nginx.ingress.kubernetes.io/backend-protocol: "HTTP" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/upstream-vhost: "wireguard.c2et.com" spec: ingressClassName: nginx tls: diff --git a/readme.md b/readme.md index dc3c5c1..535d6dd 100644 --- a/readme.md +++ b/readme.md @@ -166,19 +166,19 @@ Este repositorio contiene los **manifiestos, scripts y documentación** para des | `Volumenes persistentes` | ✅ Completado | Rook Ceph a 4 nodos, falta ampliar a 5 nodos | [https://ceph.c2et.net](https://ceph.c2et.net/) | admin / Pozuelo12345 | | `Volumenes persistentes` | ✅ Completado | Driver para las cabinas de almacenamiendo DEEL Powervault | | | | `Maquinas Virtuales` | ✅ Completado | Desplegado kubevirt, dashboard e isoserver | [https://kubevirt.c2et.net](https://kubevirt.c2et.net/)
[https://isoserver.c2et.net](https://isoserver.c2et.net/) | - | -| `Wireguard` | ✅ Completado | Funcionando | [https://wireguard.c2et.net](https://wireguard.c2et.net/) | Pozuelo12345 | -| `CoreDNS` | ✅ Completado | Funcionando | | | -| `Apolo` | ✅ Completado | Funcionando | [https://portal.apolo.c2et.net](https://portal.apolo.c2et.net/) | admin / 123456 | +| `Wireguard` | ✅ Completado | version con acceso a 0.0 y a 200.0 | [https://wireguard.c2et.net](https://wireguard.c2et.net/) | Pozuelo12345 | +| `CoreDNS` | ✅ Completado | Split DNS interno configurado en los host fisicos | | | +| `Apolo` | ✅ Completado | Funcionando, falta probar streaming | [https://portal.apolo.c2et.net](https://portal.apolo.c2et.net/) | admin / 123456 | | `Gitea` | ✅ Completado | Funcionando | [https://git.c2et.net](https://git.c2et.net) | | -| `Harbor` | ✅ Completado | Funcionando | [https://harbor.c2et.net](https://harbor.c2et.net) | | -| `Guacamole` | ✅ Completado | Funcionando | [https://heimdall.c2et.net](https://heimdall.c2et.net) | guacadmin / guacadmin | +| `Harbor` | ✅ Completado | Funcionando pero no esta Ismael (solo estoy yo)| [https://harbor.c2et.net](https://harbor.c2et.net) | | +| `Guacamole` | ✅ Completado | Funcionando, pero esta en blanco (hay que crear los hosts) | [https://heimdall.c2et.net](https://heimdall.c2et.net) | guacadmin / guacadmin | | `VSCode` | ✅ Completado | Funcionando | [https://vscode.c2et.net](https://vscode.c2et.net) | Pozuelo12345 | -| `Tileserver-GL` | ✅ Completado | Funcionando | [https://mapas.c2et.net](https://mapas.c2et.net) | | -| `External` | ✅ Completado | Funcionando | [https://admin.firewall.c2et.net](https://admin.firewall.c2et.net)
[https://admin.powervault1.c2et.net](https://admin.powervault1.c2et.net)
[https://admin.powervault2.c2et.net](https://admin.powervault2.c2et.net) | | -| `Argos Core` | ✅ Completado | Funcionando | [https://argos.panel.c2et.net/](https://argos.panel.c2et.net) | | -| `Velero` | ✅ Completado | Funcionando | | | -| `Dynu-updater` | | En espera de recuperar la conectividad | | | -| `Repo` | | En espera de recuperar la conectividad | [http://repo.c2et.net/](https://repo.c2et.net) | | +| `Tileserver-GL` | ✅ Completado | Funcionando con mapa de España de prueba | [https://mapas.c2et.net](https://mapas.c2et.net) | | +| `External` | ✅ Completado | Funcionando los servicios de docker | [https://admin.firewall.c2et.net](https://admin.firewall.c2et.net)
[https://admin.powervault1.c2et.net](https://admin.powervault1.c2et.net)
[https://admin.powervault2.c2et.net](https://admin.powervault2.c2et.net) | | +| `Argos Core` | ✅ Completado | Funcionando sin clientes configurados | [https://argos.panel.c2et.net/](https://argos.panel.c2et.net) | | +| `Velero` | ✅ Completado | Copia de seguridad diaria de dynu y semanal de todo | | | +| `Dynu-updater` | ✅ Completado | Funcionando, actualiza el grupo "Trabajo" | | | +| `Repo` | ✅ Completado | Probando a ver si funciona | [http://repo.c2et.net/](https://repo.c2et.net) | | ---