pvlx/homelab
1
0
Fork 0
mirror of https://github.com/pvlnes/homelab.git synced 2026-06-03 20:13:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: pvlx:4d82289609cb6c427b6f39cb7ad777d4d5832b96
Branches Tags
pvlx:master
pvlx:burko_kabluko
pvlx:feat/arkhip_mtproxy
..
compare: pvlx:38680dbffdc7e0b294944aba6701af0d596539b9
Branches Tags
pvlx:master
pvlx:burko_kabluko
pvlx:feat/arkhip_mtproxy

No commits in common. "4d82289609cb6c427b6f39cb7ad777d4d5832b96" and "38680dbffdc7e0b294944aba6701af0d596539b9" have entirely different histories.
4d82289609 ... 38680dbffd

2 changed files with 0 additions and 148 deletions
Show Stats Expand all files Collapse all files

124
services/telemt/deployer.sh
View File

@ -1,124 +0,0 @@
#!/usr/bin/env bash
set -Eeuo pipefail
# В tls_domain указываем на что фейкуем.
NODES=(
remn-fin
#remn-sweden
#remn-nl-02
#remn-msk
#remn-riga
#remn-nl-01
#remn-paris
)
REMOTE_DIR="/opt/telemt"
CONFIG_TOML='[general]
prefer_ipv6 = false
fast_mode = true
use_middle_proxy = false
[network]
ipv4 = true
ipv6 = true
prefer = 4
multipath = false
[general.modes]
classic = false
secure = false
tls = true
[server]
port = 443
listen_addr_ipv4 = "0.0.0.0"
listen_addr_ipv6 = "::"
[[server.listeners]]
ip = "0.0.0.0"
[[server.listeners]]
ip = "::"
[general.links]
show = "*"
[timeouts]
client_handshake = 15
tg_connect = 10
client_keepalive = 60
client_ack = 300
[censorship]
tls_domain = "max.ru"
mask = true
mask_port = 443
fake_cert_len = 2048
[access]
replay_check_len = 65536
ignore_time_skew = false
[access.users]
SECRET_PLACEHOLDER
[[upstreams]]
type = "direct"
enabled = true
weight = 10'
DOCKER_COMPOSE='services:
telemt:
image: ghcr.io/telemt/telemt:latest
restart: unless-stopped
ports:
- "8443:443"
volumes:
- ./config.toml:/app/config.toml:ro
environment:
- RUST_LOG=info
cap_drop:
- ALL
cap_add:
- NET_BIND_SERVICE
ulimits:
nofile:
soft: 65536
hard: 65536'
for node in "${NODES[@]}"; do
echo "=== Installing telemt on ${node} ==="
# Создаем секрет
SECRET=$(openssl rand -hex 16)
FINAL_CONFIG="${CONFIG_TOML/SECRET_PLACEHOLDER/main = \"${SECRET}\"}"
# Костыль чтобы в output дать внешний IP, а не IP docker подсети
PUBLIC_IP=$(ssh "$node" "ip -4 addr show eth0 | grep -oP '(?<=inet\s)\d+(\.\d+){3}'")
if ssh "$node" "sudo mkdir -p ${REMOTE_DIR}"; then
#config.toml and docker-compose.yml
echo "$FINAL_CONFIG" | ssh "$node" "sudo tee ${REMOTE_DIR}/config.toml > /dev/null"
echo "$DOCKER_COMPOSE" | ssh "$node" "sudo tee ${REMOTE_DIR}/docker-compose.yml > /dev/null"
if ssh "$node" "cd ${REMOTE_DIR} && sudo docker compose pull && sudo docker compose up -d"; then
# Крафтим линку tg:// URL manually
SECRET_HEX="ee${SECRET}"
TLS_DOMAIN_HEX=$(echo -n "max.ru" | xxd -p)
FULL_SECRET="${SECRET_HEX}${TLS_DOMAIN_HEX}"
echo "=== ${node}: OK ==="
echo " Node IP : ${PUBLIC_IP}"
echo " Port : 8443"
echo " Secret : ${FULL_SECRET}"
echo " MTProto : tg://proxy?server=${PUBLIC_IP}&port=8443&secret=${FULL_SECRET}"
else
echo "=== ${node}: FAILED (docker compose) ==="
fi
else
echo "=== ${node}: FAILED (ssh/mkdir) ==="
fi
echo
done

24
services/telemt/updater.sh
View File

@ -1,24 +0,0 @@
#!/usr/bin/env bash
set -Eeuo pipefail
NODES=(
remn-fin
#remn-sweden
#remn-nl-02
#remn-msk
#remn-riga
#remn-nl-01
#remn-paris
)
REMOTE_DIR="/opt/telemt"
for node in "${NODES[@]}"; do
echo "=== Updating ${node} ==="
if ssh "$node" "cd ${REMOTE_DIR} && sudo docker compose pull && sudo docker compose up -d"; then
echo "=== ${node}: OK ==="
else
echo "=== ${node}: FAILED ==="
fi
echo
done