From 8065b4b86c59f781e07b85bb4fd5579b60a898b0 Mon Sep 17 00:00:00 2001 From: Gitea Date: Wed, 26 Feb 2020 00:27:27 +1100 Subject: [PATCH] initial commit of jl-01 configuration for centos7 --- jl-01/etc/hosts | 11 ++++++++ jl-01/etc/systemd/system/soa_http.service | 16 ++++++++++++ jl-01/etc/systemd/system/soa_https.service | 16 ++++++++++++ jl-01/etc/wireguard/privatekey | 1 + jl-01/etc/wireguard/publickey | 1 + jl-01/etc/wireguard/wg0.conf | 29 ++++++++++++++++++++++ 6 files changed, 74 insertions(+) create mode 100644 jl-01/etc/hosts create mode 100644 jl-01/etc/systemd/system/soa_http.service create mode 100644 jl-01/etc/systemd/system/soa_https.service create mode 100644 jl-01/etc/wireguard/privatekey create mode 100644 jl-01/etc/wireguard/publickey create mode 100644 jl-01/etc/wireguard/wg0.conf diff --git a/jl-01/etc/hosts b/jl-01/etc/hosts new file mode 100644 index 0000000..3b50919 --- /dev/null +++ b/jl-01/etc/hosts @@ -0,0 +1,11 @@ +127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 +::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 + +207.148.80.140 soa +139.180.174.191 proxy +10.0.0.4 soaprivate + +103.195.6.218 supertraderfx.com www.supertraderfx.com supertraderfx.net +#112.213.35.133 supertraderfx.com www.supertraderfx.com abc.supertraderfx.com abc.com test.com 123.supertraderfx.com +#1.5.6.8 supertraderfx.com www.supertraderfx.com + diff --git a/jl-01/etc/systemd/system/soa_http.service b/jl-01/etc/systemd/system/soa_http.service new file mode 100644 index 0000000..1b3faaa --- /dev/null +++ b/jl-01/etc/systemd/system/soa_http.service @@ -0,0 +1,16 @@ +[Unit] +Description=Socat soa 80 +After=wg-quick@.service +Wants=wg-quick@.service + +[Service] +Type=simple +ExecStart=/usr/bin/socat -d -d -lmlocal2 TCP4-LISTEN:8001,bind=175.22.14.240,su=nobody,fork,reuseaddr TCP4:soaprivate:80 +User=root +Restart=always +RestartSec=20 +TimeoutSec=3 + +[Install] +WantedBy=multi-user.target + diff --git a/jl-01/etc/systemd/system/soa_https.service b/jl-01/etc/systemd/system/soa_https.service new file mode 100644 index 0000000..36dcb62 --- /dev/null +++ b/jl-01/etc/systemd/system/soa_https.service @@ -0,0 +1,16 @@ +[Unit] +Description=Socat soa 443 +After=wg-quick@.service +Wants=wg-quick@.service + +[Service] +Type=simple +ExecStart=/usr/bin/socat -d -d -lmlocal2 TCP4-LISTEN:8002,bind=175.22.14.240,su=nobody,fork,reuseaddr TCP4:soaprivate:443 +User=root +Restart=always +RestartSec=20 +TimeoutSec=3 + +[Install] +WantedBy=multi-user.target + diff --git a/jl-01/etc/wireguard/privatekey b/jl-01/etc/wireguard/privatekey new file mode 100644 index 0000000..15c151a --- /dev/null +++ b/jl-01/etc/wireguard/privatekey @@ -0,0 +1 @@ +aL823LKKh+I1VO0ohkQOq6e/RxkuEul84Elk57NTf3o= diff --git a/jl-01/etc/wireguard/publickey b/jl-01/etc/wireguard/publickey new file mode 100644 index 0000000..99286a5 --- /dev/null +++ b/jl-01/etc/wireguard/publickey @@ -0,0 +1 @@ +QA+OnRilwqWcNJkH+s9tEreO07vejqyU1WhaHAt+aWU= diff --git a/jl-01/etc/wireguard/wg0.conf b/jl-01/etc/wireguard/wg0.conf new file mode 100644 index 0000000..997307a --- /dev/null +++ b/jl-01/etc/wireguard/wg0.conf @@ -0,0 +1,29 @@ +[Interface] +Address = 10.0.0.1/24 +Address = fd86:ea04:1115::1/64 +Address = fe80::b028:6113:848c:2429/64 +Address = fe80::8bcf:d2c9:b9d5:403e/64 +Address = fe80::576:ea45:9a34:b0d0/64 +Address = fe80::33:1512:7608:6fff/64 +Address = fe80::72a4:1c42:f5e0:7e9f/64 +Address = fe80::dd9e:3dec:caaa:faae/64 +Address = fe80::46be:2df8:9ffe:c836/64 +Address = fe80::e450:f367:5ffa:59e4/64 +Address = fe80::df6b:9792:c2b0:8f70/64 +Address = fe80::8a03:aff3:d79:4eeb/64 +SaveConfig = true +PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE +ListenPort = 51820 +PrivateKey = aL823LKKh+I1VO0ohkQOq6e/RxkuEul84Elk57NTf3o= + +[Peer] +PublicKey = h/V6AmQ9Aaxxnk4CT3bk8auTHk240M1dak/diKeJ1Xw= +AllowedIPs = 10.0.0.2/32 +Endpoint = 115.64.88.12:47002 + +[Peer] +PublicKey = 0PdP/NjrCvVBpDEhu0wQ1gWYTLDyQy6xyqWElnmsSxs= +AllowedIPs = 10.0.0.4/32 +Endpoint = 207.148.80.140:54282 +