wintersolutions wintersolutions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| config: | |
| limits.cpu: "2" | |
| limits.memory: 4GB | |
| limits.memory.swap: "false" | |
| linux.kernel_modules: ip_tables,ip6_tables,nf_nat,overlay,br_netfilter | |
| raw.lxc: "lxc.apparmor.profile=unconfined\nlxc.cap.drop= \nlxc.cgroup.devices.allow=a\nlxc.mount.auto=proc:rw | |
| sys:rw" | |
| security.privileged: "true" | |
| security.nesting: "true" | |
| description: LXD profile for Kubernetes |
wintersolutions
/ ddnss.sh
Last active
February 11, 2021 04:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| ip=$(ip addr show eth0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1) | |
| /usr/bin/wget -qO- "https://www.ddnss.de/upd.php?key=API_KEY&host=HOST&ip=$ip" |
wintersolutions
/ ipforward.sh
Last active
February 2, 2021 03:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # outside connections | |
| /usr/sbin/iptables -w -t nat -A PREROUTING -d EXTERNALIP -p tcp --dport 80 -j DNAT --to-destination INGRESSIP:80 | |
| /usr/sbin/iptables -w -t nat -A PREROUTING -d EXTERNALIP -p tcp --dport 443 -j DNAT --to-destination INGRESSIP:443 | |
| /usr/sbin/iptables -w -t nat -A PREROUTING -d EXTERNALIP -p tcp --dport 6443 -j DNAT --to-destination K8IP:6443 | |
| # host | |
| /usr/sbin/iptables -w -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination INGRESSIP:80 | |
| /usr/sbin/iptables -w -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination INGRESSIP:443 |
wintersolutions
/ bootstrap-kube.sh
Last active
January 30, 2021 02:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script has been tested on Ubuntu 20.04 | |
| # For other versions of Ubuntu, you might need some tweaking | |
| echo "[TASK 1] Install containerd runtime" | |
| apt update -qq >/dev/null 2>&1 | |
| apt install -qq -y containerd apt-transport-https >/dev/null 2>&1 | |
| mkdir /etc/containerd | |
| containerd config default > /etc/containerd/config.toml |
wintersolutions
/ gist:b4280724e09c75655d199f4db6b41bb0
Last active
January 30, 2021 04:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: cert-manager.io/v1 | |
| kind: ClusterIssuer | |
| metadata: | |
| name: letsencrypt-prod | |
| namespace: cert-manager | |
| spec: | |
| acme: | |
| server: https://acme-v02.api.letsencrypt.org/directory | |
| email: MYEMAIL | |
| privateKeySecretRef: |
wintersolutions
/ ipforward.service
Last active
February 1, 2021 21:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description = Port forward to services | |
| Before=network.target | |
| [Service] | |
| Type=oneshot | |
| ExecStart=/root/config/ipforward-start.sh | |
| ExecStop=/root/config/ipforward-stop.sh | |
| RemainAfterExit=true | |
| StandardOutput=journal |
wintersolutions
/ metallb-config.yaml
Last active
January 30, 2021 03:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| namespace: metallb-system | |
| name: config | |
| data: | |
| config: | | |
| address-pools: | |
| - name: default | |
| protocol: layer2 |
wintersolutions
/ lxd-host-dns.service
Created
January 29, 2021 00:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=LXD host DNS service | |
| After=multi-user.target | |
| [Service] | |
| Type=simple | |
| ExecStart=/usr/local/bin/lxdhostdns_start.sh | |
| RemainAfterExit=true | |
| ExecStop=/usr/local/bin/lxdhostdns_stop.sh | |
| StandardOutput=journal |
wintersolutions
/ lxdhostdns_stop.sh
Created
January 29, 2021 00:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| LXDINTERFACE=lxdbr0 | |
| /usr/bin/systemd-resolve --interface ${LXDINTERFACE} --revert |
wintersolutions
/ lxdhostdns_start.sh
Created
January 29, 2021 00:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| LXDINTERFACE=lxdbr0 | |
| LXDDOMAIN=lxd | |
| LXDDNSIP=`ip addr show lxdbr0 | grep -Po 'inet \K[\d.]+'` | |
| /usr/bin/systemd-resolve --interface ${LXDINTERFACE} \ | |
| --set-dns ${LXDDNSIP} \ | |
| --set-domain ${LXDDOMAIN} |
NewerOlder