refactor
This commit is contained in:
Nikita Bizyaev
@@ -1,3 +1,2 @@
|
|||||||
FROM netbirdio/netbird:latest
|
FROM netbirdio/netbird-server:latest
|
||||||
|
|
||||||
COPY config.yaml /etc/netbird/config.yaml
|
COPY config.yaml /etc/netbird/config.yaml
|
||||||
|
|||||||
14
config.yaml
14
config.yaml
@@ -1,13 +1,14 @@
|
|||||||
server:
|
server:
|
||||||
listenAddress: ":80"
|
listenAddress: ":80"
|
||||||
exposedAddress: "https://birdy.greact.online"
|
exposedAddress: "https://birdy.greact.online:443"
|
||||||
stunPorts:
|
stunPorts:
|
||||||
- 3478
|
- 3478
|
||||||
logLevel: "info"
|
logLevel: "info"
|
||||||
logFile: "console"
|
logFile: "console"
|
||||||
authSecret: "336c2d76-3d00-4863-abc5-afe55211a36a"
|
authSecret: "336c2d76-3d00-4863-abc5-afe55211a36a"
|
||||||
|
dataDir: "/var/lib/netbird"
|
||||||
|
|
||||||
auth: # ← ВЛОЖЕНО в server
|
auth: # ← вложено под server
|
||||||
issuer: "https://birdy.greact.online/oauth2"
|
issuer: "https://birdy.greact.online/oauth2"
|
||||||
localAuthDisabled: false
|
localAuthDisabled: false
|
||||||
signKeyRefreshEnabled: true
|
signKeyRefreshEnabled: true
|
||||||
@@ -17,6 +18,11 @@ server:
|
|||||||
cliRedirectURIs:
|
cliRedirectURIs:
|
||||||
- "http://localhost:53000/"
|
- "http://localhost:53000/"
|
||||||
|
|
||||||
store: # ← ВЛОЖЕНО в server
|
reverseProxy:
|
||||||
|
trustedHTTPProxies:
|
||||||
|
- "172.16.0.0/12" # Docker-подсеть (покрывает NPM-контейнер в сети proxy)
|
||||||
|
|
||||||
|
store: # ← вложено под server
|
||||||
engine: "sqlite"
|
engine: "sqlite"
|
||||||
encryptionKey: "336c2d76-3d00-4863-abc5-afe55211a36a"
|
encryptionKey: "336c2d76-3d00-4863-abc5-afe55211a36a"
|
||||||
|
|
||||||
11
dashboard.env
Normal file
11
dashboard.env
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
NETBIRD_MGMT_API_ENDPOINT=https://birdy.greact.online
|
||||||
|
NETBIRD_MGMT_GRPC_API_ENDPOINT=https://birdy.greact.online
|
||||||
|
|
||||||
|
AUTH_AUDIENCE=netbird-dashboard
|
||||||
|
AUTH_CLIENT_ID=netbird-dashboard
|
||||||
|
AUTH_CLIENT_SECRET=
|
||||||
|
AUTH_AUTHORITY=https://birdy.greact.online/oauth2
|
||||||
|
USE_AUTH0=false
|
||||||
|
AUTH_SUPPORTED_SCOPES=openid profile email groups
|
||||||
|
AUTH_REDIRECT_URI=/nb-auth
|
||||||
|
AUTH_SILENT_REDIRECT_URI=/nb-silent-auth
|
||||||
@@ -1,15 +1,28 @@
|
|||||||
|
version: "3.8"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
birdy:
|
netbird-server:
|
||||||
build:
|
build:
|
||||||
context: .
|
context: .
|
||||||
dockerfile: Dockerfile.netbird-server
|
dockerfile: Dockerfile.netbird-server
|
||||||
image: birdy/netbird:local
|
container_name: netbird-server
|
||||||
container_name: birdy-server
|
|
||||||
volumes:
|
|
||||||
- netbird_data:/var/lib/netbird
|
|
||||||
expose:
|
expose:
|
||||||
- "80"
|
- "80" # Management API + OAuth2 + Signal → внутрь proxy-сети
|
||||||
- "3478/udp"
|
ports:
|
||||||
|
- "3478:3478/udp" # STUN — публично (UDP нельзя проксировать через HTTP)
|
||||||
|
volumes:
|
||||||
|
- netbird_data:/var/lib/netbird # именованный volume (не bind-mount)
|
||||||
|
restart: unless-stopped
|
||||||
|
networks:
|
||||||
|
- proxy
|
||||||
|
|
||||||
|
netbird-dashboard:
|
||||||
|
image: netbirdio/dashboard:latest
|
||||||
|
container_name: netbird-dashboard
|
||||||
|
env_file:
|
||||||
|
- ./dashboard.env
|
||||||
|
expose:
|
||||||
|
- "80" # Web UI → внутрь proxy-сети
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
@@ -20,3 +33,4 @@ volumes:
|
|||||||
networks:
|
networks:
|
||||||
proxy:
|
proxy:
|
||||||
external: true
|
external: true
|
||||||
|
|
||||||
Reference in New Issue
Block a user