diff --git a/code-ssh/Dockerfile b/code-ssh/Dockerfile deleted file mode 100644 index 17c35a8..0000000 --- a/code-ssh/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM debian:stable-slim - -RUN sed -i 's/deb.debian.org/mirrors.aliyun.com/g' /etc/apt/sources.list && \ - apt-get update && \ - apt-get install -y zsh dropbear-bin python3 python3-pip python3-virtualenv vim sudo curl git && \ - mkdir -p /etc/dropbear && \ - useradd -s /bin/zsh -u 1000 coder && \ - echo 'coder ALL=(ALL:ALL) NOPASSWD:ALL' >> /etc/sudoers && \ - apt-get clean - -CMD [ "/usr/sbin/dropbear", "-swEF" ] diff --git a/code-ssh/build.sh b/code-ssh/build.sh deleted file mode 100755 index b4a8db6..0000000 --- a/code-ssh/build.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -docker build -t tonychee7000/code-ssh:$1 . -docker push tonychee7000/code-ssh:$1 \ No newline at end of file diff --git a/code-ssh/config/dropbear_ed25519_host_key b/code-ssh/config/dropbear_ed25519_host_key deleted file mode 100644 index 3f1f762..0000000 Binary files a/code-ssh/config/dropbear_ed25519_host_key and /dev/null differ diff --git a/code-ssh/config/dropbear_ed25519_host_key.base64 b/code-ssh/config/dropbear_ed25519_host_key.base64 deleted file mode 100644 index 3f2be8c..0000000 --- a/code-ssh/config/dropbear_ed25519_host_key.base64 +++ /dev/null @@ -1,2 +0,0 @@ -AAAAC3NzaC1lZDI1NTE5AAAAQKtWqf+I28KI3ZLGK78bEjhcMkt1s4OtwxtDClF8oyT4Yjtobr3p -Nm0gkElJn/MqjMpsb08iboaFbz2KqsA9mE8= \ No newline at end of file diff --git a/code-ssh/deployment.yaml b/code-ssh/deployment.yaml deleted file mode 100644 index 6095f75..0000000 --- a/code-ssh/deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: code-ssh -spec: - selector: - matchLabels: - app: code-ssh - template: - metadata: - labels: - app: code-ssh - spec: - volumes: - - name: data - hostPath: - path: /data/code-server - - name: config - secret: - secretName: code-ssh-host-key - optional: false - containers: - - name: code-ssh - image: linuxserver/openssh-server:latest - volumeMounts: - - mountPath: /home/coder - name: data - - mountPath: /etc/dropbear - name: config - readOnly: true - resources: - limits: - cpu: 500m - memory: 4Gi - requests: - cpu: 100m - memory: 256Mi - readinessProbe: - tcpSocket: - port: ssh - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - livenessProbe: - tcpSocket: - port: ssh - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - ports: - - containerPort: 22 - name: ssh - \ No newline at end of file diff --git a/code-ssh/kustomization.yaml b/code-ssh/kustomization.yaml deleted file mode 100644 index 5b1846f..0000000 --- a/code-ssh/kustomization.yaml +++ /dev/null @@ -1,17 +0,0 @@ -# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json - -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -resources: - - deployment.yaml - - service.yaml -commonLabels: - app: code-ssh -images: - - name: linuxserver/openssh-server - newName: tonychee7000/code-ssh - newTag: '20220814-1' -secretGenerator: - - name: code-ssh-host-key - files: - - config/dropbear_ed25519_host_key \ No newline at end of file diff --git a/code-ssh/service.yaml b/code-ssh/service.yaml deleted file mode 100644 index 13aa4a0..0000000 --- a/code-ssh/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: code-ssh - annotations: - holepunch/punch-external: 'false' -spec: - selector: - app: code-ssh - ports: - - port: 2333 - targetPort: ssh - name: ssh - protocol: TCP - type: LoadBalancer - ipFamilyPolicy: PreferDualStack - ipFamilies: - - IPv4 - - IPv6 diff --git a/factorio/deployment.yaml b/factorio/deployment.yaml index e55b808..12a8803 100644 --- a/factorio/deployment.yaml +++ b/factorio/deployment.yaml @@ -15,6 +15,10 @@ spec: - name: config configMap: name: factorio + items: + - key: t + path: t + - name: data hostPath: path: /data/factorio diff --git a/goproxy/deployment.yaml b/goproxy/deployment.yaml new file mode 100644 index 0000000..ce956d3 --- /dev/null +++ b/goproxy/deployment.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: goproxy +spec: + selector: + matchLabels: + apps: goproxy + template: + metadata: + apps: goproxy + spec: + containers: + - name: goproxy + image: goproxy + args: + - 'tcp' + - '-p' + - ':33080' + - '-T' + - 'udp' + - '-P' + - 'ksp.midymidy.tk:8800' + resources: + limits: + cpu: '200m' + memory: 128Mi \ No newline at end of file diff --git a/goproxy/kustomization.yaml b/goproxy/kustomization.yaml new file mode 100644 index 0000000..782819c --- /dev/null +++ b/goproxy/kustomization.yaml @@ -0,0 +1,12 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +nameSuffix: -ksp +resources: + - deployment.yaml + - service.yaml +images: + - name: goproxy + newName: snail007/goproxy + newTag: v11.8 \ No newline at end of file diff --git a/goproxy/service.yaml b/goproxy/service.yaml new file mode 100644 index 0000000..e1b3b93 --- /dev/null +++ b/goproxy/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: goproxy +spec: + selector: + app: goproxy + ports: + - port: 33080 + targetPort: 33080 + ipFamilies: + - IPv4 + - IPv6 + ipFamilyPolicy: PerferDualStack + type: LoadBalancer \ No newline at end of file diff --git a/resilio/deployment.yaml b/resilio/deployment.yaml new file mode 100644 index 0000000..1803276 --- /dev/null +++ b/resilio/deployment.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: resilio-sync +spec: + strategy: + type: Recreate + selector: + matchLabels: + app: resilio-sync + template: + metadata: + labels: + app: resilio-sync + spec: + volumes: + - name: data + hostPath: + path: /data/resilio-sync + containers: + - name: resilio-sync + image: resilio/sync:2.7.3 + resources: + limits: + cpu: 500m + memory: 512Mi + volumeMounts: + - name: data + mountPath: /mnt/sync \ No newline at end of file diff --git a/resilio/kustomization.yaml b/resilio/kustomization.yaml new file mode 100644 index 0000000..3ead957 --- /dev/null +++ b/resilio/kustomization.yaml @@ -0,0 +1,7 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - service.yaml \ No newline at end of file diff --git a/resilio/service.yaml b/resilio/service.yaml new file mode 100644 index 0000000..a9cd413 --- /dev/null +++ b/resilio/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: resilio-sync +spec: + type: LoadBalancer + ipFamilyPolicy: PreferDualStack + ipFamilies: + - IPv4 + - IPv6 + selector: + app: resilio-sync + ports: + - name: web + port: 8888 + targetPort: 8888 + - name: sync + port: 55555 + targetPort: 55555 \ No newline at end of file diff --git a/vaultwarden/deployment.yaml b/vaultwarden/deployment.yaml new file mode 100644 index 0000000..fe2c39f --- /dev/null +++ b/vaultwarden/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: vaultwarden +spec: + selector: + matchLabels: + app: vaultwarden + template: + metadata: + labels: + app: vaultwarden + spec: + volumes: + - name: data + persistentVolumeClaim: + claimName: vaultwarden + containers: + - name: vaultwarden + image: vaultwarden + env: + - name: DATABASE_URL + valueFrom: + configMapKeyRef: + key: database-url + name: vaultwarden + - name: ADMIN_TOKEN + valueFrom: + secretKeyRef: + key: admin-token + name: vaultwarden + - name: DOMAIN + valueFrom: + configMapKeyRef: + key: domain + name: vaultwarden + - name: PASSWORD_HINTS_ALLOWED + valueFrom: + configMapKeyRef: + key: password-hints-allowed + name: vaultwarden + - name: SIGNUPS_ALLOWED + valueFrom: + configMapKeyRef: + key: signups-allowed + name: vaultwarden + - name: WEBSOCKET_ENABLED + valueFrom: + configMapKeyRef: + key: websocket-enabled + name: vaultwarden + resources: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "32Mi" + cpu: "100m" + ports: + - containerPort: 80 + name: http + - containerPort: 3012 + name: ws + volumeMounts: + - mountPath: /data + name: data diff --git a/vaultwarden/ingress.yaml b/vaultwarden/ingress.yaml new file mode 100644 index 0000000..bc5d45a --- /dev/null +++ b/vaultwarden/ingress.yaml @@ -0,0 +1,32 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: vaultwarden + labels: + name: vaultwarden +spec: + rules: + - host: pass.sense-t.eu.org + http: + paths: + - pathType: Prefix + path: "/notifications/hub/negotiate" + backend: + service: + name: vaultwarden + port: + number: 80 + - pathType: Prefix + path: "/notifications/hub" + backend: + service: + name: vaultwarden + port: + number: 3012 + - pathType: Prefix + path: "/" + backend: + service: + name: vaultwarden + port: + number: 80 diff --git a/vaultwarden/kustomization.yaml b/vaultwarden/kustomization.yaml new file mode 100644 index 0000000..2d4c4a5 --- /dev/null +++ b/vaultwarden/kustomization.yaml @@ -0,0 +1,27 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: default +resources: + - deployment.yaml + - pvc.yaml + - services.yaml + - ingress.yaml +configMapGenerator: + - name: vaultwarden + files: + - config/database-url + - config/domain + - config/password-hints-allowed + - config/signups-allowed + - config/websocket-enabled +secretGenerator: + - name: vaultwarden + files: + - config/admin-token +images: + - name: vaultwarden + newName: vaultwarden/server + newTag: 1.28.1-alpine + \ No newline at end of file diff --git a/vaultwarden/pvc.yaml b/vaultwarden/pvc.yaml new file mode 100644 index 0000000..268eac7 --- /dev/null +++ b/vaultwarden/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: vaultwarden +spec: + resources: + requests: + storage: 1Gi + volumeMode: Filesystem + storageClassName: nfs-client + accessModes: + - ReadWriteOnce diff --git a/vaultwarden/services.yaml b/vaultwarden/services.yaml new file mode 100644 index 0000000..a10f978 --- /dev/null +++ b/vaultwarden/services.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: vaultwarden +spec: + ipFamilyPolicy: PreferDualStack + ipFamilies: + - IPv4 + - IPv6 + selector: + app: vaultwarden + ports: + - port: 80 + targetPort: http + name: http + - port: 3012 + targetPort: ws + name: ws diff --git a/vintage-os/macos/kustomization.yaml b/vintage-os/macos/kustomization.yaml new file mode 100644 index 0000000..41fd7b4 --- /dev/null +++ b/vintage-os/macos/kustomization.yaml @@ -0,0 +1,12 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +nameSuffix: macos +commonLabels: + app: qemu-macos +namespace: vintage-os +resources: + - ../base +images: + - newName: tonychee7000/qemu-macos9 + newTag: "20221026-1" + name: system diff --git a/vintage-os/win98/kustomization.yaml b/vintage-os/win98/kustomization.yaml new file mode 100644 index 0000000..1aeb630 --- /dev/null +++ b/vintage-os/win98/kustomization.yaml @@ -0,0 +1,12 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +nameSuffix: windows98 +commonLabels: + app: qemu-windows98 +namespace: vintage-os +resources: + - ../base +images: + - newName: tonychee7000/qemu-windows98 + newTag: "20221025" + name: system diff --git a/vless/config.json b/vless/config.json new file mode 100644 index 0000000..38fa8c9 --- /dev/null +++ b/vless/config.json @@ -0,0 +1,31 @@ +{ + "log": { + "loglevel": "warning" + }, + "outbounds": [ + { + "protocol": "freedom" + } + ], + "inbounds": [ + { + "port": 8080, + "protocol": "vless", + "settings": { + "clients": [ + { + "id": "3883e684-6971-11ed-a53b-f388e0649c3d" + } + ], + "decryption": "none" + }, + "streamSettings": { + "network": "ws", + "security": "none", + "wsSettings": { + "path": "/KnockOut" + } + } + } + ] +} \ No newline at end of file diff --git a/vless/deployment.yaml b/vless/deployment.yaml new file mode 100644 index 0000000..4c5bc29 --- /dev/null +++ b/vless/deployment.yaml @@ -0,0 +1,27 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: v2ray +spec: + selector: + matchLabels: + app: v2ray + template: + metadata: + labels: + app: v2ray + spec: + volumes: + - name: config + configMap: + name: v2ray + containers: + - name: v2ray + image: v2fly/v2fly-core:v5.1.0 + resources: + limits: + memory: 32Mi + cpu: 200m + volumeMounts: + - name: config + mountPath: /etc/v2ray diff --git a/vless/ingress.yaml b/vless/ingress.yaml new file mode 100644 index 0000000..38e9728 --- /dev/null +++ b/vless/ingress.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: v2ray + labels: + name: v2ray + annotations: + cert-manager.io/cluster-issuer: letsencrypt + kubernetes.io/ingress.class: traefik + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: 'true' +spec: + tls: + - hosts: + - '*.wetofu.me' + secretName: wetofu-me-certs + rules: + - host: dev.wetofu.me + http: + paths: + - pathType: ImplementationSpecific + path: "/KnockOut" + backend: + service: + name: v2ray + port: + number: 8080 diff --git a/vless/kustomization.yaml b/vless/kustomization.yaml new file mode 100644 index 0000000..1a45666 --- /dev/null +++ b/vless/kustomization.yaml @@ -0,0 +1,11 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +resources: + - deployment.yaml + - service.yaml + - ingress.yaml +configMapGenerator: + - name: v2ray + files: + - config.json +nameSuffix: -server \ No newline at end of file diff --git a/vless/service.yaml b/vless/service.yaml new file mode 100644 index 0000000..443e840 --- /dev/null +++ b/vless/service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: v2ray +spec: + selector: + app: v2ray + ports: + - port: 8080 + targetPort: 8080 diff --git a/wg-socks/deployment.yaml b/wg-socks/deployment.yaml new file mode 100644 index 0000000..7f5a51d --- /dev/null +++ b/wg-socks/deployment.yaml @@ -0,0 +1,51 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wireguard-socks +spec: + selector: + matchLabels: + app: wireguard-socks + type: proxy + template: + spec: + volumes: + - name: wireguard + hostPath: + path: /data/wireguard + - name: module + hostPath: + path: /lib/modules + containers: + - name: wireguard + image: neilpang/wgcf-docker:alpine + resources: + limits: + cpu: 200m + memory: 128Mi + imagePullPolicy: IfNotPresent + securityContext: + #sysctls: + # - name: net.ipv6.conf.all.disable_ipv6 + # value: '0' + privileged: true + capabilities: + add: + - NET_ADMIN + allowPrivilegeEscalation: true + readOnlyRootFilesystem: false + volumeMounts: + - mountPath: /wgcf + name: wireguard + - mountPath: /lib/modules + name: module + - name: socks5 + image: netbyte/socks5-server + args: + - '-l' + - ':1089' + imagePullPolicy: IfNotPresent + resources: + limits: + cpu: 200m + memory: 128Mi \ No newline at end of file diff --git a/wg-socks/kustomization.yaml b/wg-socks/kustomization.yaml new file mode 100644 index 0000000..40193cb --- /dev/null +++ b/wg-socks/kustomization.yaml @@ -0,0 +1,7 @@ +# yaml-language-server: $schema=https://json.schemastore.org/kustomization.json + +resources: + - deployment.yaml +commonLabels: + app: wireguard-socks + type: proxy diff --git a/wg-socks/wg0.conf b/wg-socks/wg0.conf new file mode 100644 index 0000000..664cda0 --- /dev/null +++ b/wg-socks/wg0.conf @@ -0,0 +1,11 @@ +[Interface] +PrivateKey = qHAma2P6+Q3vbublEoBhULwVdzXeQne4YMnXeLxG6Wo= +Address = 172.16.0.2/32 +Address = 2606:4700:110:81a7:4036:8234:a94:4254/128 +DNS = 1.1.1.1 +MTU = 1280 +[Peer] +PublicKey = bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo= +AllowedIPs = 0.0.0.0/0 +AllowedIPs = ::/0 +Endpoint = engage.cloudflareclient.com:2408 \ No newline at end of file