diff --git a/.DS_Store b/.DS_Store index d20f367..9995b62 100644 Binary files a/.DS_Store and b/.DS_Store differ diff --git a/.gitignore b/.gitignore index e43b0f9..1b09780 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,4 @@ .DS_Store +files/.DS_Store +.DS_Store +files/.DS_Store diff --git a/files/.DS_Store b/files/.DS_Store index 5ca31be..36e5e24 100644 Binary files a/files/.DS_Store and b/files/.DS_Store differ diff --git a/files/192.168.31.100/Caddyfile b/files/192.168.31.101/Caddyfile similarity index 50% rename from files/192.168.31.100/Caddyfile rename to files/192.168.31.101/Caddyfile index 53997b3..6d307e8 100644 --- a/files/192.168.31.100/Caddyfile +++ b/files/192.168.31.101/Caddyfile @@ -12,26 +12,22 @@ # domain name. #:80 { -# # Set this path to your site's directory. -# root * /usr/share/caddy +# # Set this path to your site's directory. +# root * /usr/share/caddy # -# # Enable the static file server. -# file_server +# # Enable the static file server. +# file_server # -# # Another common task is to set up a reverse proxy: -# # reverse_proxy localhost:8080 +# # Another common task is to set up a reverse proxy: +# # reverse_proxy localhost:8080 # -# # Or serve a PHP site through php-fpm: -# # php_fastcgi localhost:9000 +# # Or serve a PHP site through php-fpm: +# # php_fastcgi localhost:9000 #} # Refer to the Caddy docs for more information: # https://caddyserver.com/docs/caddyfile -# ------------------------------ -# simpla.dev Services -# ------------------------------ - # 定义一个名为 (securityHeaders) 的可重用代码片段 (securityHeaders) { header { @@ -58,21 +54,35 @@ } } -simpla.dev { +# ------------------------------ +# 10000h.de Services +# ------------------------------ + +10000h.de { # 设置网站根目录 - root * /srv/simpla.dev + root * /srv/10000h.de # 开启文件服务 file_server import securityHeaders } -frps.simpla.dev { - reverse_proxy http://154.204.181.192:7001 +frps.10000h.de { + reverse_proxy http://192.238.204.39:7001 import securityHeaders } -pve.simpla.dev { +docker.10000h.de { + reverse_proxy http://192.238.204.39:51000 + # import securityHeaders +} + +ghcr.10000h.de { + reverse_proxy http://192.238.204.39:52000 + import securityHeaders +} + +pve.10000h.de { handle { reverse_proxy https://192.168.31.2:8006 { transport http { @@ -85,94 +95,149 @@ pve.simpla.dev { } } -fndav.simpla.dev { +pvel.10000h.de { + handle { + reverse_proxy https://192.168.31.2:8006 { + transport http { + tls_insecure_skip_verify + } + header_up Host {http.reverse_proxy.host} + header_up X-Forwarded-Host {host} + } + # import securityHeaders + } +} + +fndav.10000h.de { reverse_proxy http://192.168.31.3:5005 # import securityHeaders } -fnos.simpla.dev { +fnos.10000h.de { reverse_proxy http://192.168.31.3:5666 # import securityHeaders } -hugo.simpla.dev { - reverse_proxy http://192.168.31.100:1313 +fnosl.10000h.de { + reverse_proxy http://192.168.31.3:5666 # import securityHeaders } -gitea.simpla.dev { - reverse_proxy http://192.168.31.100:3000 - import securityHeaders -} - -lobe.simpla.dev { - reverse_proxy http://192.168.31.100:3210 +openwrt.10000h.de { + reverse_proxy http://192.168.31.4:80 # import securityHeaders } -openlist.simpla.dev { - reverse_proxy http://192.168.31.100:5244 +arch.10000h.de { + reverse_proxy http://192.168.31.4:10808 # import securityHeaders } -frpc.simpla.dev { - reverse_proxy http://192.168.31.100:7400 +duet.10000h.de { + reverse_proxy http://NUC:3389 + # import securityHeaders +} + +nuc.10000h.de { + reverse_proxy http://NUC:3389 + # import securityHeaders +} + +ddns.10000h.de { + reverse_proxy http://192.168.31.101:9876 import securityHeaders } -dify.simpla.dev { - reverse_proxy http://192.168.31.100:8080 +frpc.10000h.de { + reverse_proxy http://192.168.31.101:7400 import securityHeaders } -kubepi.simpla.dev { - reverse_proxy http://192.168.31.100:8090 +gotify.10000h.de { + reverse_proxy http://192.168.31.104:80 + # import securityHeaders +} + +lobe.10000h.de { + reverse_proxy http://192.168.31.105:3210 + # import securityHeaders +} + +dify.10000h.de { + reverse_proxy http://192.168.31.106:80 import securityHeaders } -ddns.simpla.dev { - reverse_proxy http://192.168.31.100:9876 +n8n.10000h.de { + reverse_proxy http://192.168.31.107:5678 import securityHeaders } -1panel.simpla.dev { - reverse_proxy http://192.168.31.100:21643 +affine.10000h.de { + reverse_proxy http://192.168.31.108:3010 + import securityHeaders +} + +valutwarden.10000h.de { + reverse_proxy http://192.168.31.109:8000 import securityHeaders } -gotify.simpla.dev { - reverse_proxy http://192.168.31.100:40266 +kubepi.10000h.de { + reverse_proxy http://192.168.31.110:80 import securityHeaders } -daed.simpla.dev { +openlist.10000h.de { + reverse_proxy http://192.168.31.111:5244 + # import securityHeaders +} + +sp.10000h.de { + reverse_proxy http://192.168.31.112:8080 + import securityHeaders + route /webdav* { + reverse_proxy http://192.168.31.112:2345 + } +} + +mattermost.10000h.de { + reverse_proxy http://192.168.31.113:8065 + # import securityHeaders +} + +rocketchat.10000h.de { + reverse_proxy http://192.168.31.114:3000 + import securityHeaders +} + +tts.10000h.de { + reverse_proxy http://192.168.31.115:8000 + # import securityHeaders +} + +daed.10000h.de { reverse_proxy http://192.168.31.200:2023 # import securityHeaders } -b.simpla.dev { - # 将所有收到的请求转发到目标网站 - reverse_proxy https://b.watch { - # (可选) 修改发送到目标服务器的 Host 请求头 - header_up Host {http.reverse_proxy.upstream.hostport} - } -} - # ------------------------------ # k3s Services # ------------------------------ -argocd.simpla.dev { +argocd.10000h.de { reverse_proxy http://192.168.31.201:80 import securityHeaders } -markword.simpla.dev { - reverse_proxy http://192.168.31.201:80 - import securityHeaders -} - -n8n.simpla.dev { +markword.10000h.de { reverse_proxy http://192.168.31.201:80 import securityHeaders } + +n8nk.10000h.de { + reverse_proxy http://192.168.31.201:80 + import securityHeaders +} + + diff --git a/files/192.168.31.100/frp/frpc.toml b/files/192.168.31.101/frp/frpc.toml similarity index 76% rename from files/192.168.31.100/frp/frpc.toml rename to files/192.168.31.101/frp/frpc.toml index 1f2799f..78d12d0 100644 --- a/files/192.168.31.100/frp/frpc.toml +++ b/files/192.168.31.101/frp/frpc.toml @@ -34,74 +34,67 @@ localPort = 5666 remotePort = 5666 [[proxies]] -name = "hugo" +name = "ddns" type = "tcp" -localIP = "192.168.31.100" -localPort = 1313 -remotePort = 1313 +localIP = "192.168.31.101" +localPort = 9876 +remotePort = 9876 [[proxies]] -name = "gitea" +name = "frpc" type = "tcp" -localIP = "192.168.31.100" -localPort = 3000 -remotePort = 3000 +localIP = "192.168.31.102" +localPort = 7400 +remotePort = 7400 [[proxies]] name = "lobe" type = "tcp" -localIP = "192.168.31.100" +localIP = "192.168.31.103" localPort = 3210 remotePort = 3210 [[proxies]] name = "openlist" type = "tcp" -localIP = "192.168.31.100" +localIP = "192.168.31.104" localPort = 5244 remotePort = 5244 [[proxies]] -name = "frpc" +name = "gotify" type = "tcp" -localIP = "192.168.31.100" -localPort = 7400 -remotePort = 7400 +localIP = "192.168.31.105" +localPort = 80 +remotePort = 40266 [[proxies]] name = "dify" type = "tcp" -localIP = "192.168.31.100" -localPort = 8080 +localIP = "192.168.31.106" +localPort = 80 remotePort = 10080 +[[proxies]] +name = "dify" +type = "tcp" +localIP = "192.168.31.107" +localPort = 5678 +remotePort = 5678 + [[proxies]] name = "kubepi" type = "tcp" -localIP = "192.168.31.100" -localPort = 8090 +localIP = "192.168.31.108" +localPort = 80 remotePort = 8090 [[proxies]] -name = "ddns" +name = "moontv" type = "tcp" -localIP = "192.168.31.100" -localPort = 9876 -remotePort = 9876 - -[[proxies]] -name = "1panel" -type = "tcp" -localIP = "192.168.31.100" -localPort = 21643 -remotePort = 21643 - -[[proxies]] -name = "gotify" -type = "tcp" -localIP = "192.168.31.100" -localPort = 40266 -remotePort = 40266 +localIP = "192.168.31.109" +localPort = 3000 +remotePort = 3000 [[proxies]] name = "daed" @@ -111,12 +104,19 @@ localPort = 2023 remotePort = 2023 [[proxies]] -name = "k8s" +name = "k8s-80" type = "tcp" localIP = "192.168.31.201" localPort = 80 remotePort = 20180 +[[proxies]] +name = "k8s-443" +type = "tcp" +localIP = "192.168.31.201" +localPort = 443 +remotePort = 20443 + # tls #transport.tls.certFile = "/etc/frp/ssl/client.crt" #transport.tls.keyFile = "/etc/frp/ssl/client.key" diff --git a/files/192.168.31.100/openlist/docker-compose.yml b/files/192.168.31.101/openlist/docker-compose.yml similarity index 100% rename from files/192.168.31.100/openlist/docker-compose.yml rename to files/192.168.31.101/openlist/docker-compose.yml diff --git a/files/154.204.181.192/Caddyfile b/files/192.238.204.39/Caddyfile similarity index 59% rename from files/154.204.181.192/Caddyfile rename to files/192.238.204.39/Caddyfile index 0e89adc..7d6834b 100644 --- a/files/154.204.181.192/Caddyfile +++ b/files/192.238.204.39/Caddyfile @@ -8,27 +8,9 @@ # this machine's public IP, then replace ":80" below with your # domain name. -#:80 { -# # Set this path to your site's directory. -# root * /usr/share/caddy -# -# # Enable the static file server. -# file_server -# -# # Another common task is to set up a reverse proxy: -# # reverse_proxy localhost:8080 -# -# # Or serve a PHP site through php-fpm: -# # php_fastcgi localhost:9000 -#} - # Refer to the Caddy docs for more information: # https://caddyserver.com/docs/caddyfile -# ------------------------------ -# simpla.dev Services -# ------------------------------ - # 定义一个名为 (securityHeaders) 的可重用代码片段 (securityHeaders) { header { @@ -55,61 +37,100 @@ } } -simpla.dev { +# ------------------------------ +# 10000h.de Services +# ------------------------------ + +10000h.de { # 设置网站根目录 - root * /srv/simpla.dev + root * /srv/10000h.de # 开启文件服务 file_server import securityHeaders } -hugo.simpla.dev { - reverse_proxy http://127.0.0.1:1313 - # import securityHeaders -} - -daed.simpla.dev { +daed.10000h.de { reverse_proxy http://127.0.0.1:2023 import securityHeaders } -gitea.simpla.dev { +rocketchat.10000h.de { reverse_proxy http://127.0.0.1:3000 import securityHeaders } -lobe.simpla.dev { - reverse_proxy http://127.0.0.1:3210 - # import securityHeaders +affine.10000h.de { + reverse_proxy http://127.0.0.1:3010 + import securityHeaders } -fndav.simpla.dev { +lobe.10000h.de { + reverse_proxy http://127.0.0.1:3210 { + transport http { + versions 1.1 # 👈 强制使用 HTTP/1.1 与后端通信 + } + } +} + +rdp.10000h.de { + reverse_proxy http://127.0.0.1:3389 +} + +fndav.10000h.de { reverse_proxy http://127.0.0.1:5005 # import securityHeaders } -openlist.simpla.dev { +openlist.10000h.de { reverse_proxy http://127.0.0.1:5244 # import securityHeaders } -fnos.simpla.dev { +fnos.10000h.de { reverse_proxy http://127.0.0.1:5666 # import securityHeaders } -frps.simpla.dev { +n8n.10000h.de { + reverse_proxy http://127.0.0.1:5678 + # import securityHeaders +} + +vnc.10000h.de { + reverse_proxy http://127.0.0.1:5900 +} + +couchdb.10000h.de { + reverse_proxy http://127.0.0.1:5984 +} + +frps.10000h.de { reverse_proxy http://127.0.0.1:7001 import securityHeaders } -frpc.simpla.dev { +frpc.10000h.de { reverse_proxy http://127.0.0.1:7400 import securityHeaders } -pve.simpla.dev { +vaulewarden.10000h.de { + reverse_proxy http://127.0.0.1:8000 + import securityHeaders +} + +tts.10000h.de { + reverse_proxy http://127.0.0.1:8001 + import securityHeaders +} + +openwrt.10000h.de { + reverse_proxy http://127.0.0.1:8002 + import securityHeaders +} + +pve.10000h.de { handle { reverse_proxy https://127.0.0.1:8006 { transport http { @@ -122,54 +143,73 @@ pve.simpla.dev { } } -kubepi.simpla.dev { - reverse_proxy http://127.0.0.1:8090 +gotify.10000h.de { + reverse_proxy http://127.0.0.1:8080 import securityHeaders } -ddns.simpla.dev { +dify.10000h.de { + reverse_proxy http://127.0.0.1:8081 + import securityHeaders +} + +mattermost.10000h.de { + reverse_proxy http://127.0.0.1:8065 + import securityHeaders +} + +sp.10000h.de { + reverse_proxy http://127.0.0.1:8082 + import securityHeaders + route /webdav* { + reverse_proxy http://127.0.0.1:2345 + } +} + +kubepi.10000h.de { + reverse_proxy http://127.0.0.1:8084 + import securityHeaders +} + +ddns.10000h.de { reverse_proxy http://127.0.0.1:9876 import securityHeaders } -dify.simpla.dev { - reverse_proxy http://127.0.0.1:10080 +arch.10000h.de { + reverse_proxy http://127.0.0.1:10808 import securityHeaders } -1panel.simpla.dev { - reverse_proxy http://127.0.0.1:21643 - import securityHeaders -} - -gotify.simpla.dev { - reverse_proxy http://127.0.0.1:40266 - import securityHeaders -} - -b.simpla.dev { - # 将所有收到的请求转发到目标网站 - reverse_proxy https://b.watch { - # (可选) 修改发送到目标服务器的 Host 请求头 - header_up Host {http.reverse_proxy.upstream.hostport} - } -} - # ------------------------------ # k3s Services # ------------------------------ -argocd.simpla.dev { - reverse_proxy http://127.0.0.1:20180 +argocd.10000h.de { + reverse_proxy http://127.0.0.1:20080 import securityHeaders } -markword.simpla.dev { - reverse_proxy http://127.0.0.1:20180 +markword.10000h.de { + reverse_proxy http://127.0.0.1:20080 import securityHeaders } -n8n.simpla.dev { - reverse_proxy http://127.0.0.1:20180 +n8nk.10000h.de { + reverse_proxy http://127.0.0.1:20080 import securityHeaders } + +docker.10000h.de { + reverse_proxy http://127.0.0.1:51000 + # import securityHeaders +} + +ghcr.10000h.de { + reverse_proxy http://127.0.0.1:52000 + import securityHeaders +} + + + + diff --git a/inventory.ini b/inventory.ini index 02d4454..7458236 100644 --- a/inventory.ini +++ b/inventory.ini @@ -1,9 +1,9 @@ [caddy_servers] # 本地 1panel 服务器 -192.168.31.100 +192.168.31.101 # 远程 Ubuntu 服务器 -154.204.181.192 +192.238.204.39 [all:vars] # 请替换成您登录服务器的用户名 @@ -11,7 +11,7 @@ ansible_user=root # --- 可选配置 --- # 如果您的本地服务器不需要通过SSH,而是直接在本机执行 -192.168.31.100 ansible_ssh_private_key_file=~/.ssh/id_ed25519.pub +192.168.31.101 ansible_ssh_private_key_file=~/.ssh/id_ed25519.pub # 如果您的远程服务器需要使用特定的SSH密钥 154.204.181.192 ansible_ssh_private_key_file=~/.ssh/id_ed25519.pub