lostecho/ansible_management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
YuanHui
2025-07-11 15:48:18 +08:00
commit 1d7f6cc8fc
12 changed files with 743 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
files/.DS_Store vendored Normal file
View File

Binary file not shown.

175
files/154.204.181.192/Caddyfile Normal file
View File

@@ -0,0 +1,175 @@
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.
#:80 {
# # Set this path to your site's directory.
# root * /usr/share/caddy
#
# # Enable the static file server.
# file_server
#
# # Another common task is to set up a reverse proxy:
# # reverse_proxy localhost:8080
#
# # Or serve a PHP site through php-fpm:
# # php_fastcgi localhost:9000
#}
# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile
# ------------------------------
# simpla.dev Services
# ------------------------------
# 定义一个名为 (securityHeaders) 的可重用代码片段
(securityHeaders) {
header {
# Strict-Transport-Security (HSTS)
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# X-Frame-Options
X-Frame-Options "SAMEORIGIN"
# X-Content-Type-Options
X-Content-Type-Options "nosniff"
# Referrer-Policy
Referrer-Policy "strict-origin-when-cross-origin"
# Permissions-Policy
Permissions-Policy "camera=(), microphone=(), geolocation=()"
# Content-Security-Policy (CSP) - 通用起点
Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;"
# 移除 Server 标识
-Server
}
}
simpla.dev {
# 设置网站根目录
root * /srv/simpla.dev
# 开启文件服务
file_server
import securityHeaders
}
hugo.simpla.dev {
reverse_proxy http://127.0.0.1:1313
# import securityHeaders
}
daed.simpla.dev {
reverse_proxy http://127.0.0.1:2023
import securityHeaders
}
gitea.simpla.dev {
reverse_proxy http://127.0.0.1:3000
import securityHeaders
}
lobe.simpla.dev {
reverse_proxy http://127.0.0.1:3210
# import securityHeaders
}
fndav.simpla.dev {
reverse_proxy http://127.0.0.1:5005
# import securityHeaders
}
openlist.simpla.dev {
reverse_proxy http://127.0.0.1:5244
# import securityHeaders
}
fnos.simpla.dev {
reverse_proxy http://127.0.0.1:5666
# import securityHeaders
}
frps.simpla.dev {
reverse_proxy http://127.0.0.1:7001
import securityHeaders
}
frpc.simpla.dev {
reverse_proxy http://127.0.0.1:7400
import securityHeaders
}
pve.simpla.dev {
handle {
reverse_proxy https://127.0.0.1:8006 {
transport http {
tls_insecure_skip_verify
}
header_up Host {http.reverse_proxy.host}
header_up X-Forwarded-Host {host}
}
# import securityHeaders
}
}
kubepi.simpla.dev {
reverse_proxy http://127.0.0.1:8090
import securityHeaders
}
ddns.simpla.dev {
reverse_proxy http://127.0.0.1:9876
import securityHeaders
}
dify.simpla.dev {
reverse_proxy http://127.0.0.1:10080
import securityHeaders
}
1panel.simpla.dev {
reverse_proxy http://127.0.0.1:21643
import securityHeaders
}
gotify.simpla.dev {
reverse_proxy http://127.0.0.1:40266
import securityHeaders
}
b.simpla.dev {
# 将所有收到的请求转发到目标网站
reverse_proxy https://b.watch {
# (可选) 修改发送到目标服务器的 Host 请求头
header_up Host {http.reverse_proxy.upstream.hostport}
}
}
# ------------------------------
# k3s Services
# ------------------------------
argocd.simpla.dev {
reverse_proxy http://127.0.0.1:20180
import securityHeaders
}
markword.simpla.dev {
reverse_proxy http://127.0.0.1:20180
import securityHeaders
}
n8n.simpla.dev {
reverse_proxy http://127.0.0.1:20180
import securityHeaders
}

178
files/192.168.31.100/Caddyfile Normal file
View File

@@ -0,0 +1,178 @@
# Caddy's configuration file
# see: https://caddyserver.com/docs/caddyfile
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.
#:80 {
# # Set this path to your site's directory.
# root * /usr/share/caddy
#
# # Enable the static file server.
# file_server
#
# # Another common task is to set up a reverse proxy:
# # reverse_proxy localhost:8080
#
# # Or serve a PHP site through php-fpm:
# # php_fastcgi localhost:9000
#}
# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile
# ------------------------------
# simpla.dev Services
# ------------------------------
# 定义一个名为 (securityHeaders) 的可重用代码片段
(securityHeaders) {
header {
# Strict-Transport-Security (HSTS)
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
# X-Frame-Options
X-Frame-Options "SAMEORIGIN"
# X-Content-Type-Options
X-Content-Type-Options "nosniff"
# Referrer-Policy
Referrer-Policy "strict-origin-when-cross-origin"
# Permissions-Policy
Permissions-Policy "camera=(), microphone=(), geolocation=()"
# Content-Security-Policy (CSP) - 通用起点
Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;"
# 移除 Server 标识
-Server
}
}
simpla.dev {
# 设置网站根目录
root * /srv/simpla.dev
# 开启文件服务
file_server
import securityHeaders
}
frps.simpla.dev {
reverse_proxy http://154.204.181.192:7001
import securityHeaders
}
pve.simpla.dev {
handle {
reverse_proxy https://192.168.31.2:8006 {
transport http {
tls_insecure_skip_verify
}
header_up Host {http.reverse_proxy.host}
header_up X-Forwarded-Host {host}
}
# import securityHeaders
}
}
fndav.simpla.dev {
reverse_proxy http://192.168.31.3:5005
# import securityHeaders
}
fnos.simpla.dev {
reverse_proxy http://192.168.31.3:5666
# import securityHeaders
}
hugo.simpla.dev {
reverse_proxy http://192.168.31.100:1313
# import securityHeaders
}
gitea.simpla.dev {
reverse_proxy http://192.168.31.100:3000
import securityHeaders
}
lobe.simpla.dev {
reverse_proxy http://192.168.31.100:3210
# import securityHeaders
}
openlist.simpla.dev {
reverse_proxy http://192.168.31.100:5244
# import securityHeaders
}
frpc.simpla.dev {
reverse_proxy http://192.168.31.100:7400
import securityHeaders
}
dify.simpla.dev {
reverse_proxy http://192.168.31.100:8080
import securityHeaders
}
kubepi.simpla.dev {
reverse_proxy http://192.168.31.100:8090
import securityHeaders
}
ddns.simpla.dev {
reverse_proxy http://192.168.31.100:9876
import securityHeaders
}
1panel.simpla.dev {
reverse_proxy http://192.168.31.100:21643
import securityHeaders
}
gotify.simpla.dev {
reverse_proxy http://192.168.31.100:40266
import securityHeaders
}
daed.simpla.dev {
reverse_proxy http://192.168.31.200:2023
# import securityHeaders
}
b.simpla.dev {
# 将所有收到的请求转发到目标网站
reverse_proxy https://b.watch {
# (可选) 修改发送到目标服务器的 Host 请求头
header_up Host {http.reverse_proxy.upstream.hostport}
}
}
# ------------------------------
# k3s Services
# ------------------------------
argocd.simpla.dev {
reverse_proxy http://192.168.31.201:80
import securityHeaders
}
markword.simpla.dev {
reverse_proxy http://192.168.31.201:80
import securityHeaders
}
n8n.simpla.dev {
reverse_proxy http://192.168.31.201:80
import securityHeaders
}

123
files/192.168.31.100/frp/frpc.toml Normal file
View File

@@ -0,0 +1,123 @@
serverAddr = "154.204.181.192"
serverPort = 15443
auth.method = "token"
auth.token = "lostecho"
webServer.addr = "0.0.0.0"
webServer.port = 7400
webServer.user = "lostecho"
webServer.password = "Yuanhui1234!"
webServer.pprofEnable = false
loginFailExit=false
[[proxies]]
name = "pve"
type = "tcp"
localIP = "192.168.31.2"
localPort = 8006
remotePort = 8006
[[proxies]]
name = "fndav"
type = "tcp"
localIP = "192.168.31.3"
localPort = 5005
remotePort = 5005
[[proxies]]
name = "fnos"
type = "tcp"
localIP = "192.168.31.3"
localPort = 5666
remotePort = 5666
[[proxies]]
name = "hugo"
type = "tcp"
localIP = "192.168.31.100"
localPort = 1313
remotePort = 1313
[[proxies]]
name = "gitea"
type = "tcp"
localIP = "192.168.31.100"
localPort = 3000
remotePort = 3000
[[proxies]]
name = "lobe"
type = "tcp"
localIP = "192.168.31.100"
localPort = 3210
remotePort = 3210
[[proxies]]
name = "openlist"
type = "tcp"
localIP = "192.168.31.100"
localPort = 5244
remotePort = 5244
[[proxies]]
name = "frpc"
type = "tcp"
localIP = "192.168.31.100"
localPort = 7400
remotePort = 7400
[[proxies]]
name = "dify"
type = "tcp"
localIP = "192.168.31.100"
localPort = 8080
remotePort = 10080
[[proxies]]
name = "kubepi"
type = "tcp"
localIP = "192.168.31.100"
localPort = 8090
remotePort = 8090
[[proxies]]
name = "ddns"
type = "tcp"
localIP = "192.168.31.100"
localPort = 9876
remotePort = 9876
[[proxies]]
name = "1panel"
type = "tcp"
localIP = "192.168.31.100"
localPort = 21643
remotePort = 21643
[[proxies]]
name = "gotify"
type = "tcp"
localIP = "192.168.31.100"
localPort = 40266
remotePort = 40266
[[proxies]]
name = "daed"
type = "tcp"
localIP = "192.168.31.200"
localPort = 2023
remotePort = 2023
[[proxies]]
name = "k8s"
type = "tcp"
localIP = "192.168.31.201"
localPort = 80
remotePort = 20180
# tls
#transport.tls.certFile = "/etc/frp/ssl/client.crt"
#transport.tls.keyFile = "/etc/frp/ssl/client.key"
#transport.tls.trustedCaFile = "/etc/frp/ssl/ca.crt"

14
files/192.168.31.100/openlist/docker-compose.yml Normal file
View File

@@ -0,0 +1,14 @@
version: '3.3'
services:
openlist:
image: 'openlistteam/openlist:latest'
container_name: openlist
volumes:
- './data:/opt/openlist/data'
ports:
- '5244:5244'
environment:
- PUID=0
- PGID=0
- UMASK=022
restart: unless-stopped