feat(firewall): node specific port-forwarding for ingress.tjo.cloud

2024-11-07 22:11:11 +01:00 · 2024-11-07 22:11:11 +01:00 · 07a1da4410
commit 07a1da4410
parent 955d18f078
4 changed files with 33 additions and 0 deletions
--- a/12
+++ b/12
@ -29,11 +29,23 @@ deploy-config node ipv4_subnet ipv6_subnet:
  for file in {{justfile_directory()}}/openwrt/etc/config/*
  do
    # Skip node specific configs
    if [[ "$file" == *\.* ]]
    then
      continue
    fi
    echo "Deploying /etc/config/$(basename $file)"
    export IPV4_SUBNET="{{ipv4_subnet}}"
    export IPV6_SUBNET="{{ipv6_subnet}}"
    export HOSTNAME="{{node}}.network.tjo.cloud"
    cat $file | envsubst | tailscale ssh "root@{{node}}-network-tjo-cloud" "cat > /etc/config/$(basename $file)"
    # Deploy node specific configs
    if [ -f "${file}.{{node}}" ]
    then
      cat "${file}.{{node}}" | envsubst | tailscale ssh "root@{{node}}-network-tjo-cloud" "cat >> /etc/config/$(basename $file)"
    fi
  done
  echo "Reboot router in 5 seconds..."
--- a/openwrt/etc/config/firewall.batuu
+++ b/openwrt/etc/config/firewall.batuu
@ -0,0 +1,7 @@
 config redirect
 	option dest 'lan'
 	option target 'DNAT'
 	option name 'batuu.ingress.tjo.cloud'
 	option src 'wan'
 	option src_dport '1-1000'
 	option dest_ip '10.0.19.126'
--- a/openwrt/etc/config/firewall.jakku
+++ b/openwrt/etc/config/firewall.jakku
@ -0,0 +1,7 @@
 config redirect
 	option dest 'lan'
 	option target 'DNAT'
 	option name 'jakku.ingress.tjo.cloud'
 	option src 'wan'
 	option src_dport '1-1000'
 	option dest_ip '10.0.32.19'
--- a/openwrt/etc/config/firewall.nevaroo
+++ b/openwrt/etc/config/firewall.nevaroo
@ -0,0 +1,7 @@
 config redirect
 	option dest 'lan'
 	option target 'DNAT'
 	option name 'nevaroo.ingress.tjo.cloud'
 	option src 'wan'
 	option src_dport '1-1000'
 	option dest_ip '10.0.49.171'