Latest
This commit is contained in:
parent
d8bcf73d37
commit
10485ad8f3
8 changed files with 191 additions and 42 deletions
|
@ -215,6 +215,7 @@ The following items have been reviewed but need to be revisited due to complexit
|
||||||
* [Title](https://flathub.org/apps/com.airtame.Client)
|
* [Title](https://flathub.org/apps/com.airtame.Client)
|
||||||
* [Title](https://github.com/Aloxaf/fzf-tab)
|
* [Title](https://github.com/Aloxaf/fzf-tab)
|
||||||
[Title](https://github.com/haproxy/haproxy)
|
[Title](https://github.com/haproxy/haproxy)
|
||||||
|
* [Title](https://frappeframework.com/docs/v14/user/en/installation)
|
||||||
|
|
||||||
## Docker Issue
|
## Docker Issue
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{{- if (ne .host.distro.family "windows") -}}
|
{{- if (ne .host.distro.family "windows") -}}
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
# @file CloudFlare WARP
|
# @file CloudFlare WARP and CloudFlare Argo Tunnels
|
||||||
# @brief Installs CloudFlare WARP, ensures proper security certificates are in place, and connects the device to CloudFlare WARP.
|
# @brief Installs CloudFlare WARP, ensures proper security certificates are in place, and connects the device to CloudFlare WARP. Also sets up Argo Tunnels.
|
||||||
# @description
|
# @description
|
||||||
# This script is intended to connect the device to CloudFlare's Zero Trust network with nearly all of its features unlocked.
|
# This script is intended to connect the device to CloudFlare's Zero Trust network with nearly all of its features unlocked.
|
||||||
# Homebrew is used to install the `warp-cli` on macOS. On Linux, it can install `warp-cli` on most Debian systems and some RedHat
|
# Homebrew is used to install the `warp-cli` on macOS. On Linux, it can install `warp-cli` on most Debian systems and some RedHat
|
||||||
|
@ -14,7 +14,7 @@
|
||||||
#
|
#
|
||||||
# 1. `CLOUDFLARE_TEAMS_CLIENT_ID` - The ID from a CloudFlare Teams service token. See [this article](https://developers.cloudflare.com/cloudflare-one/identity/service-tokens/).
|
# 1. `CLOUDFLARE_TEAMS_CLIENT_ID` - The ID from a CloudFlare Teams service token. See [this article](https://developers.cloudflare.com/cloudflare-one/identity/service-tokens/).
|
||||||
# 2. `CLOUDFLARE_TEAMS_CLIENT_SECRET` - The secret from a CloudFlare Teams service token.
|
# 2. `CLOUDFLARE_TEAMS_CLIENT_SECRET` - The secret from a CloudFlare Teams service token.
|
||||||
# 3. `CLOUDFLARE_TEAMS_ORG` - The ID of your Zero Trust organization. This variable must be passed in as an environment variable and is housed in the `home/.chezmoi.yaml.tmpl` file.
|
# 3. `CLOUDFLARE_TEAMS_ORG` - The ID of your Zero Trust organization. This variable must be passed in as an environment variable and is housed in the `home/.chezmoi.yaml.tmpl` file. If you do not want to pass an environment variable, you can change the default value in `home/.chezmoi.yaml.tmpl` on your own fork.
|
||||||
#
|
#
|
||||||
# The two variables above can be passed in using either of the methods described in the [Secrets documentation](https://install.doctor/docs/customization/secrets).
|
# The two variables above can be passed in using either of the methods described in the [Secrets documentation](https://install.doctor/docs/customization/secrets).
|
||||||
#
|
#
|
||||||
|
@ -154,43 +154,43 @@ if command -v warp-cli > /dev/null; then
|
||||||
# Application-specific certificate authority modification is currently commented out because
|
# Application-specific certificate authority modification is currently commented out because
|
||||||
# it is merely for traffic inspection and `npm install` fails when configured to use the CloudFlare
|
# it is merely for traffic inspection and `npm install` fails when configured to use the CloudFlare
|
||||||
# certificate and the WARP client is not running.
|
# certificate and the WARP client is not running.
|
||||||
# ### Git
|
### Git
|
||||||
# if command -v git > /dev/null; then
|
if command -v git > /dev/null; then
|
||||||
# logg info "Configuring git to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
logg info "Configuring git to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
||||||
# git config --global http.sslcainfo "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
git config --global http.sslcainfo "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
# ### NPM
|
### NPM
|
||||||
# if command -v npm > /dev/null; then
|
if command -v npm > /dev/null; then
|
||||||
# logg info "Configuring npm to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
logg info "Configuring npm to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
||||||
# npm config set cafile "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
npm config set cafile "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem"
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
# ### Python
|
### Python
|
||||||
# if command -v python3 > /dev/null; then
|
if command -v python3 > /dev/null; then
|
||||||
# logg info "Configuring python3 / python to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
logg info "Configuring python3 / python to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem""
|
||||||
# echo | cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> $(python3 -m certifi)
|
echo | cat - "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" >> $(python3 -m certifi)
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
# ### Google Cloud SDK
|
### Google Cloud SDK
|
||||||
# if command -v gcloud > /dev/null; then
|
if command -v gcloud > /dev/null; then
|
||||||
# logg info "Configuring gcloud to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" and "${XDG_DATA_HOME:-$HOME/.local/share}/curl/cacert.pem""
|
logg info "Configuring gcloud to use "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" and "${XDG_DATA_HOME:-$HOME/.local/share}/curl/cacert.pem""
|
||||||
# mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud"
|
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud"
|
||||||
# cat cacert.pem "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" > "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
cat cacert.pem "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" > "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
||||||
# gcloud config set core/custom_ca_certs_file "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
gcloud config set core/custom_ca_certs_file "${XDG_DATA_HOME:-$HOME/.local/share}/gcloud/ca.pem"
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
### Google Drive for desktop (macOS)
|
### Google Drive for desktop (macOS)
|
||||||
# if [ -d "/Applications/Google Drive.app" ]; then
|
if [ -d "/Applications/Google Drive.app" ]; then
|
||||||
# if [ -d "/Applications/Google Drive.app/Contents/Resources" ]; then
|
if [ -d "/Applications/Google Drive.app/Contents/Resources" ]; then
|
||||||
# logg info "Combining Google Drive roots.pem with CloudFlare certificate"
|
logg info "Combining Google Drive roots.pem with CloudFlare certificate"
|
||||||
# mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive"
|
mkdir -p "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive"
|
||||||
# cat "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" "/Applications/Google Drive.app/Contents/Resources/roots.pem" >> "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
cat "${XDG_DATA_HOME:-$HOME/.local/share}/warp/Cloudflare_CA.pem" "/Applications/Google Drive.app/Contents/Resources/roots.pem" >> "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||||
# sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootsCertsFile -string "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootsCertsFile -string "${XDG_DATA_HOME:-$HOME/.local/share}/google-drive/roots.pem"
|
||||||
# else
|
else
|
||||||
# logg warn 'Google Drive.app installed but roots.pem is not available yet'
|
logg warn 'Google Drive.app installed but roots.pem is not available yet'
|
||||||
# fi
|
fi
|
||||||
# fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
### Ensure MDM settings are applied (deletes after reboot on macOS)
|
### Ensure MDM settings are applied (deletes after reboot on macOS)
|
||||||
|
@ -221,6 +221,86 @@ if command -v warp-cli > /dev/null; then
|
||||||
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
|
logg info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
logg warn '`warp-cli` was not installed so CloudFlare Zero Trust cannot be joined'
|
logg warn '`warp-cli` was not installed so CloudFlare WARP cannot be joined'
|
||||||
|
fi
|
||||||
|
|
||||||
|
{{- $registrationToken := "" }}
|
||||||
|
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "cloudflared" .user.hostname)) -}}
|
||||||
|
{{- $registrationToken := (includeTemplate (joinPath "cloudflared" .user.hostname) | decrypt) -}}
|
||||||
|
{{- end }}
|
||||||
|
### Set up CloudFlare tunnels
|
||||||
|
if command -v cloudflared > /dev/null && [ -d "$HOME/.local/etc/cloudflared" ]; then
|
||||||
|
# Show warning message about ~/.cloudflared already existing
|
||||||
|
if [ -d "$HOME/.cloudflared" ]; then
|
||||||
|
logg warn '~/.cloudflared is already in the home directory - to ensure proper deployment, remove previous tunnel configuration folders'
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Copy over configuration files
|
||||||
|
logg info 'Copying over configuration files from ~/.local/etc/cloudflared to /usr/local/etc/cloudflared'
|
||||||
|
sudo cp -rf "$HOME/.local/etc/cloudflared/"* /usr/local/etc/cloudflared
|
||||||
|
|
||||||
|
# Register tunnel (if not already registered)
|
||||||
|
if cloudflared tunnel list | grep "host-{{ .user.hostname }}"; then
|
||||||
|
logg info 'CloudFlare tunnel is already registered'
|
||||||
|
else
|
||||||
|
logg info 'Creating a CloudFlare tunnel to this host'
|
||||||
|
sudo cloudflared tunnel create "host-{{ .user.hostname }}"
|
||||||
|
fi
|
||||||
|
TUNNEL_ID="$(cloudflared tunnel list | grep "host-{{ .user.hostname }}" | sed 's/ .*//')"
|
||||||
|
logg info "Tunnel ID: $TUNNEL_ID"
|
||||||
|
if [ -f "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" ]
|
||||||
|
logg info 'Symlinking tunnel configuration to /usr/local/etc/cloudflared/credentials.json'
|
||||||
|
rm -f /usr/local/etc/cloudflared/credentials.json
|
||||||
|
sudo ln -s "/usr/local/etc/cloudflared/${TUNNEL_ID}.json" /usr/local/etc/cloudflared/credentials.json
|
||||||
|
else
|
||||||
|
logg info 'Handling case where the tunnel registration is not present in /usr/local/etc/cloudflared'
|
||||||
|
{{ if eq $registrationToken "" -}}
|
||||||
|
logg warn 'Registration token is unavailable - you might have to delete the pre-existing tunnel or set up secrets properly'
|
||||||
|
{{- else -}}
|
||||||
|
logg info 'Registration token retrieved from encrypted blob stored at `home/.chezmoitemplates/cloudflared/{{ .host.hostname }}`'
|
||||||
|
{{ if eq (substr 0 1 $registrationToken) "{" -}}
|
||||||
|
logg info 'Registration token stored in credential file form'
|
||||||
|
echo -n '{{ $registrationToken }}' | sudo tee /usr/local/etc/cloudflared/credentials.json > /dev/null
|
||||||
|
{{ else }}
|
||||||
|
logg info 'Registration token is in token form - it will be used in conjunction with `sudo cloudflared service install`'
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Set up service
|
||||||
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
|
# System is macOS
|
||||||
|
if [ -f /Library/LaunchDaemons/com.cloudflare.cloudflared.plist ]; then
|
||||||
|
logg info '`cloudflared` service is already installed'
|
||||||
|
else
|
||||||
|
logg info 'Running `sudo cloudflared service install`'
|
||||||
|
sudo cloudflared service install{{ if and (ne $registrationToken "") (eq (substr 0 1 $registrationToken) "{") -}} {{ $registrationToken }}{{ end }}
|
||||||
|
fi
|
||||||
|
logg info 'Ensuring cloudflared service is installed'
|
||||||
|
sudo launchctl start com.cloudflare.cloudflared
|
||||||
|
elif [ -f /etc/os-release ]; then
|
||||||
|
# System is Linux
|
||||||
|
logg info 'Copying over configuration files from ~/.local/etc/cloudflared to /usr/local/etc/cloudflared'
|
||||||
|
sudo cp -rf "$HOME/.local/etc/cloudflared" /usr/local/etc/cloudflared
|
||||||
|
if systemctl --all --type service | grep -q "cloudflared" > /dev/null; then
|
||||||
|
logg info '`cloudflared` service is already available as a service'
|
||||||
|
else
|
||||||
|
logg info 'Running `sudo cloudflared service install`'
|
||||||
|
sudo cloudflared service install{{ if and (ne $registrationToken "") (eq (substr 0 1 $registrationToken) "{") -}} {{ $registrationToken }}{{ end }}
|
||||||
|
fi
|
||||||
|
logg info 'Ensuring cloudflared service is started'
|
||||||
|
sudo systemctl start cloudflared
|
||||||
|
logg info 'Enabling cloudflared as a boot systemctl service'
|
||||||
|
sudo systemctl enable cloudflared
|
||||||
|
else
|
||||||
|
# System is Windows
|
||||||
|
cloudflared service install
|
||||||
|
mkdir C:\Windows\System32\config\systemprofile\.cloudflared
|
||||||
|
# Copy same cert.pem as being used above
|
||||||
|
# copy C:\Users\%USERNAME%\.cloudflared\cert.pem C:\Windows\System32\config\systemprofile\.cloudflared\cert.pem
|
||||||
|
# https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/local/as-a-service/windows/
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
logg info '`cloudflared` was not installed so CloudFlare Tunnels cannot be enabled. (Or the ~/.local/etc/cloudflared folder is not present)'
|
||||||
fi
|
fi
|
||||||
{{ end -}}
|
{{ end -}}
|
10
home/.chezmoitemplates/cloudflared/C02X514PJG5M
Normal file
10
home/.chezmoitemplates/cloudflared/C02X514PJG5M
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxOFdoZHFuVFNhZVJyRnNU
|
||||||
|
V2dOaEQ0SmpoWEJmNzZPdEpWbzB3b2d5RVFjCjF0VkswRndldS9hU1RRanlWUGZw
|
||||||
|
TnpjT0p0RUJqUkwvSm1aR3lUYkJ4dDQKLS0tIFdVejhpY1paWGE4eHU1dDJtU3dr
|
||||||
|
OUVXcVo2ei9yMm9wYkxZSU9qU2EwdEUKQ7uBNViwqmt07/hpa9Pz++1PVwzn4thU
|
||||||
|
KtzWp48aLeYpOHoyvQuOOhXuC3l+SXtCHZxPXxNXpT/+UKcAQPKBXS/lSsuQji6b
|
||||||
|
BMaqAVc/QXcWuVvCWdkWdF4P14aEvKZjHqQ2PD2mVcOPd5fWhN8qPzKSZHoS3VQK
|
||||||
|
oBlRVGMcL44xIWFOUy7G315HGsipdKN7iI2HEoDBR3dn+Ld6wRECGCAZxk/nW/1I
|
||||||
|
G7OngsuN2RNX2VsszE1e5knJd9h2fB/6EcuNpXEQ4vJlaawO+iVZ+HVJafPN2WA7
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
19
home/Library/LaunchDaemons/com.cloudflare.warp.plist.tmpl
Normal file
19
home/Library/LaunchDaemons/com.cloudflare.warp.plist.tmpl
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||||
|
<plist version="1.0">
|
||||||
|
<dict>
|
||||||
|
<key>Label</key>
|
||||||
|
<string>com.cloudflare.warp</string>
|
||||||
|
<key>ProgramArguments</key>
|
||||||
|
<array>
|
||||||
|
<string>/usr/local/bin/bash</string>
|
||||||
|
<string>-c</string>
|
||||||
|
<string>cp -f "{{ .user.home }}/Library/Managed Preferences/com.cloudflare.warp.plist" "/Library/Managed Preferences/com.cloudflare.warp.plist" && plutil -convert binary1 "/Library/Managed Preferences/com.cloudflare.warp.plist"</string>
|
||||||
|
</array>
|
||||||
|
<key>StartCalendarInterval</key>
|
||||||
|
<dict>
|
||||||
|
<key>Minute</key>
|
||||||
|
<integer>0</integer>
|
||||||
|
</dict>
|
||||||
|
</dict>
|
||||||
|
</plist>
|
|
@ -1,10 +1,17 @@
|
||||||
#!/usr/bin/env bash
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
### Enable automated updates on macOS
|
|
||||||
if [ -d /Applications ] && [ -d /System ]; then
|
if [ -d /Applications ] && [ -d /System ]; then
|
||||||
|
### Enable automated updates on macOS
|
||||||
if [ -f "$HOME/Library/LaunchDaemons/com.apple.automatedupdates.plist" ] && [ ! -f "/Library/LaunchDaemons/com.apple.automatedupdates.plist" ]; then
|
if [ -f "$HOME/Library/LaunchDaemons/com.apple.automatedupdates.plist" ] && [ ! -f "/Library/LaunchDaemons/com.apple.automatedupdates.plist" ]; then
|
||||||
sudo mkdir -p /Library/LaunchDaemons
|
sudo mkdir -p /Library/LaunchDaemons
|
||||||
sudo cp -f "$HOME/Library/LaunchDaemons/com.apple.automatedupdates.plist" "/Library/LaunchDaemons/com.apple.automatedupdates.plist"
|
sudo cp -f "$HOME/Library/LaunchDaemons/com.apple.automatedupdates.plist" "/Library/LaunchDaemons/com.apple.automatedupdates.plist"
|
||||||
sudo launchctl load "/Library/LaunchDaemons/com.apple.automatedupdates.plist"
|
sudo launchctl load "/Library/LaunchDaemons/com.apple.automatedupdates.plist"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
### Enable CloudFlare WARP credentials auto-populate (since file is deleted when not managed with MDM)
|
||||||
|
if [ -f "$HOME/Library/LaunchDaemons/com.cloudflare.warp.plist" ] && [ ! -f "/Library/LaunchDaemons/com.cloudflare.warp.plist" ]; then
|
||||||
|
sudo mkdir -p /Library/LaunchDaemons
|
||||||
|
sudo cp -f "$HOME/Library/LaunchDaemons/com.cloudflare.warp.plist" '/Library/LaunchDaemons/com.cloudflare.warp.plist'
|
||||||
|
sudo launchctl load "/Library/LaunchDaemons/com.cloudflare.warp.plist"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
tunnel: The tunnel UUID
|
|
||||||
credentials-file: /path/your-tunnels-credentials-file.json
|
|
||||||
warp-routing:
|
|
||||||
enabled: true
|
|
|
@ -1,3 +1,3 @@
|
||||||
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "files" "cloudflared.pem")) -}}
|
{{- if and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "files" "cloudflared.pem")) -}}
|
||||||
{{ includeTemplate "files/cloudflared.pem" | decrypt -}}
|
{{ includeTemplate "files/cloudflared.pem" | decrypt -}}
|
||||||
{{ end -}}
|
{{- end -}}
|
36
home/dot_local/etc/cloudflared/config.yaml.tmpl
Normal file
36
home/dot_local/etc/cloudflared/config.yaml.tmpl
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
{{- $baseDomain := (join .host.hostname "." .host.domain) -}}
|
||||||
|
{{- if .host.qubes -}}
|
||||||
|
{{- $baseDomain := (join .host.hostname "-qube." .host.domain) -}}
|
||||||
|
{{- end -}}
|
||||||
|
---
|
||||||
|
tunnel: {{ if .host.qubes }}qube{{ else }}host{{ end }}-{{ .host.hostname }}
|
||||||
|
credentials-file: /usr/local/etc/cloudflared/credentials.json
|
||||||
|
|
||||||
|
warp-routing:
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
ingress:
|
||||||
|
- hostname: {{ $baseDomain }}
|
||||||
|
service: https://localhost:8014
|
||||||
|
- hostname: test.{{ $baseDomain }}
|
||||||
|
service: hello_world
|
||||||
|
- hostname: ssh.{{ $baseDomain }}
|
||||||
|
service: ssh://localhost:{{ .host.ssh.port }}
|
||||||
|
- hostname: rdp.{{ $baseDomain }}
|
||||||
|
service: rdp://localhost:3389
|
||||||
|
- hostname: samba.{{ $baseDomain }}
|
||||||
|
service: localhost:8445
|
||||||
|
- hostname: vnc.{{ $baseDomain }}
|
||||||
|
service: tcp://localhost:5901
|
||||||
|
# Example of an HTTP request over a Unix socket:
|
||||||
|
# - hostname: {{ $baseDomain }}
|
||||||
|
# service: unix:/home/production/echo.sock
|
||||||
|
# Tunnel the baked-in Hello World test app for testing purposes
|
||||||
|
# Rules can match the request's path to a regular expression:
|
||||||
|
# - hostname: static.example.com
|
||||||
|
# path: \.(jpg|png|css|js)$
|
||||||
|
# service: https://localhost:8001
|
||||||
|
# Rules can match the request's hostname to a wildcard character:
|
||||||
|
# - hostname: "*.example.com"
|
||||||
|
# service: https://localhost:8002
|
||||||
|
- service: http_status:404
|
Loading…
Reference in a new issue