add nordproxy (socks/ss/http/dns through nord)
This commit is contained in:
parent
673927cd4c
commit
f12d1c5fa3
117
nordproxy/deployment.yaml
Normal file
117
nordproxy/deployment.yaml
Normal file
|
@ -0,0 +1,117 @@
|
|||
# kubectl create cm openvpn-config --from-file=vpn.conf=$HOME/Downloads/us6902.nordvpn.com.udp.ovpn
|
||||
# kubectl create secret generic openvpn-auth --from-literal=VPN_AUTH='abcdefghijklmnop12345678;qrstuvwxyz0987654321abcd'
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: nordproxy
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: nordproxy
|
||||
name: nordproxy
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nordproxy
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nordproxy
|
||||
spec:
|
||||
terminationGracePeriodSeconds: 0
|
||||
containers:
|
||||
- image: ginuerzh/gost
|
||||
name: socks5
|
||||
command:
|
||||
- gost
|
||||
- -L
|
||||
- socks5://0.0.0.0:1080
|
||||
- image: ginuerzh/gost
|
||||
name: gost-auto
|
||||
command:
|
||||
- gost
|
||||
- -L
|
||||
- auto://0.0.0.0:4080
|
||||
- image: ginuerzh/gost
|
||||
name: http
|
||||
command:
|
||||
- gost
|
||||
- -L
|
||||
- http://0.0.0.0:8080
|
||||
- image: ginuerzh/gost
|
||||
name: dns
|
||||
command:
|
||||
- gost
|
||||
- -L
|
||||
- dns://:5353?mode=udp&dns=https://cloudflare-dns.com/dns-query
|
||||
- image: dperson/openvpn-client:latest
|
||||
name: vpn
|
||||
command: ["/bin/sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
mkdir -p /dev/net
|
||||
mknod /dev/net/tun c 10 200
|
||||
openvpn.sh
|
||||
env:
|
||||
- name: DNS
|
||||
value: "yes"
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: openvpn-auth
|
||||
volumeMounts:
|
||||
- mountPath: /vpn/vpn.conf
|
||||
name: config
|
||||
subPath: vpn.conf
|
||||
securityContext:
|
||||
capabilities:
|
||||
add: ["NET_ADMIN","SYS_TIME"]
|
||||
volumes:
|
||||
- configMap:
|
||||
defaultMode: 420
|
||||
name: openvpn-config
|
||||
name: config
|
||||
restartPolicy: Always
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
annotations:
|
||||
metallb.universe.tf/allow-shared-ip: 172.16.17.180
|
||||
metallb.universe.tf/loadBalancerIPs: 172.16.17.180
|
||||
labels:
|
||||
app: nordproxy
|
||||
name: nordproxy
|
||||
namespace: nordproxy
|
||||
spec:
|
||||
ipFamilies:
|
||||
- IPv4
|
||||
ipFamilyPolicy: SingleStack
|
||||
ports:
|
||||
- name: dns
|
||||
port: 53
|
||||
protocol: UDP
|
||||
targetPort: 5353
|
||||
- name: socks
|
||||
port: 1080
|
||||
protocol: TCP
|
||||
targetPort: 1080
|
||||
- name: gost-auto
|
||||
port: 4080
|
||||
protocol: TCP
|
||||
targetPort: 4080
|
||||
- name: http
|
||||
port: 8080
|
||||
protocol: TCP
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: nordproxy
|
||||
sessionAffinity: None
|
||||
type: LoadBalancer
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user