senset/helm
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

wireguard-proxy

Browse Source
This commit is contained in:
Sense T 2023-09-06 04:40:10 +00:00
parent 669c63ee4b
commit 738564f747
3 changed files with 21 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
wg-socks/deployment.yaml
View File

@ -6,39 +6,38 @@ spec:
selector:
matchLabels:
app: wireguard-socks
type: proxy
template:
spec:
volumes:
- name: wireguard
hostPath:
path: /data/wireguard
- name: module
hostPath:
path: /lib/modules
- name: config
secret:
secretName: wireguard
initContainers:
- name: setup
image: busybox
command:
- sysctl
- -w
- net.ipv4.conf.all.src_valid_mark=1
securityContext:
privileged: true
containers:
- name: wireguard
image: neilpang/wgcf-docker:alpine
image: linuxserver/wireguard:amd64-1.0.20210914
resources:
limits:
cpu: 200m
memory: 128Mi
imagePullPolicy: IfNotPresent
securityContext:
#sysctls:
# - name: net.ipv6.conf.all.disable_ipv6
# value: '0'
privileged: true
privileged: false
capabilities:
add:
- NET_ADMIN
allowPrivilegeEscalation: true
readOnlyRootFilesystem: false
- SYS_MODULE
volumeMounts:
- mountPath: /wgcf
name: wireguard
- mountPath: /lib/modules
name: module
- name: config
mountPath: /config
- name: socks5
image: netbyte/socks5-server
args:

4
wg-socks/kustomization.yaml
View File

@ -5,3 +5,7 @@ resources:
commonLabels:
app: wireguard-socks
type: proxy
secretGenerator:
- name: wireguard
files:
- config/wg0.conf

11
wg-socks/wg0.conf
View File

@ -1,11 +0,0 @@
[Interface]
PrivateKey = qHAma2P6+Q3vbublEoBhULwVdzXeQne4YMnXeLxG6Wo=
Address = 172.16.0.2/32
Address = 2606:4700:110:81a7:4036:8234:a94:4254/128
DNS = 1.1.1.1
MTU = 1280
[Peer]
PublicKey = bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=
AllowedIPs = 0.0.0.0/0
AllowedIPs = ::/0
Endpoint = engage.cloudflareclient.com:2408