Skip to content

hidemire/home-lab-compose-stack

BranchesTags

Repository files navigation

Home Lab Compose Stack

docker network create --subnet=172.28.241.0/24 backend
ROOT_DOMAIN=example.com docker-compose up -d
cd network && mkdir certs && cd certs
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
  -keyout cert.key -out cert.crt -subj "/CN=localhost" \
  -addext "subjectAltName=DNS:localhost,DNS:*.hidemire.localhost,IP:127.0.0.1"

wg-portal setup

PostUp

iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

PostDown

iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

Server IP address

10.15.0.1/24

DNS Servers

172.28.241.11

Crowdsec

Add host firewall https://doc.crowdsec.net/docs/bouncers/firewall/

api_url: http://172.28.241.110:8080/
api_key:
disable_ipv6: true
iptables_chains:
  - INPUT
#  - FORWARD
  - DOCKER-USER

docker-compose exec crowdsec cscli hub update
docker-compose exec crowdsec cscli hub upgrade

docker-compose exec crowdsec cscli bouncers add bouncer-traefik
docker-compose exec crowdsec cscli bouncers add bouncer-firewall
docker-compose exec crowdsec cscli decisions add --ip 192.168.0.101
docker-compose exec crowdsec cscli decisions delete --ip 192.168.0.101

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages