add configuration for tor / haproxy compatibility (PROXY protocol V1 to PROXY protocol v2)

2024-11-16 09:29:17 +00:00 · 2024-11-16 09:29:17 +00:00 · e1be1dd320
commit e1be1dd320
parent ef1f793a64
8 changed files with 82 additions and 1 deletions
--- a/haproxy/Dockerfile
+++ b/haproxy/Dockerfile
@ -0,0 +1,23 @@
+ARG UBUNTU_VERSION="noble"
+
+FROM ubuntu:${UBUNTU_VERSION}
+
+RUN apt -y update
+
+RUN apt -y install haproxy
+
+RUN groupadd docker-haproxy
+
+RUN useradd --system --shell /bin/bash docker-haproxy -g docker-haproxy
+
+RUN mkdir -p /var/lib/haproxy/ -p /etc/haproxy
+
+ADD haproxy.cfg /etc/haproxy
+
+RUN chown -R docker-haproxy:docker-haproxy /etc/haproxy /var/lib/haproxy
+
+VOLUME /var/lib/haproxy
+
+USER docker-haproxy
+
+CMD haproxy -f /etc/haproxy/haproxy.cfg
--- a/haproxy/docker-compose.yml
+++ b/haproxy/docker-compose.yml
@ -0,0 +1,7 @@
+services:
+  haproxy:
+    restart: on-failure:3
+    build:
+      context: .
+    image: haproxy
+    network_mode: "host"
--- a/haproxy/haproxy.cfg
+++ b/haproxy/haproxy.cfg
@ -0,0 +1,6 @@
+frontend tor-north
+  bind 127.0.0.1:19818 accept-proxy
+  default_backend inspircd-south
+
+backend inspircd-south
+  server inspircd 127.0.0.1:7001 check send-proxy-v2
--- a/include.conf.example
+++ b/include.conf.example
@ -316,3 +316,4 @@

 #<module name="antiknocker">

+#<module name="starttls">
--- a/modules.conf
+++ b/modules.conf
@ -175,7 +175,6 @@
 <module name="sslinfo">
 <module name="sslmodes">
 <module name="sslrehashsignal">
-<module name="starttls">
 <module name="stats_unlinked">
 <module name="stripcolor">
 <module name="svshold">
--- a/tor/Dockerfile
+++ b/tor/Dockerfile
@ -0,0 +1,23 @@
+ARG UBUNTU_VERSION="noble"
+
+FROM ubuntu:${UBUNTU_VERSION}
+
+RUN apt -y update
+
+RUN apt -y install tor
+
+RUN groupadd docker-tor
+
+RUN useradd --system --shell /bin/bash docker-tor -g docker-tor
+
+RUN mkdir -p /var/lib/tor/ -p /etc/tor
+
+ADD torrc /etc/tor
+
+RUN chown -R docker-tor:docker-tor /etc/tor /var/lib/tor
+
+VOLUME /var/lib/tor
+
+USER docker-tor
+
+CMD tor -f /etc/tor/torrc
--- a/tor/docker-compose.yml
+++ b/tor/docker-compose.yml
@ -0,0 +1,12 @@
+services:
+  tor:
+    restart: on-failure:3
+    build:
+      context: .
+    image: tor
+    network_mode: "host"
+    volumes:
+      - data:/var/lib/inspircd
+volumes:
+  data:
+    name: tor_data
--- a/tor/torrc
+++ b/tor/torrc
@ -0,0 +1,10 @@
+RunAsDaemon                         0
+DataDirectory                       /var/lib/tor
+HiddenServiceDir                    /var/lib/tor/ircd
+HiddenServicePort                   6667 127.0.0.1:19818
+HiddenServiceMaxStreams             10240
+HiddenServiceExportCircuitID        haproxy
+CookieAuthentication                0
+ControlPort                         127.0.0.1:9051
+HardwareAccel                       1
+Log                                 notice stderr