Openwrt配置Cloudflare Tunnel(cloudflared)及自启动脚本

描述

在Openwrt中使用cloudflared,可直接使用二进制文件进行配置。自启动相关脚本参考ubuntu下cloudflared service创建的脚本内容修改而来。

相关资料

配置及脚本

  1. 安装procps-ng-ps
    opkg update && opkg install procps-ng-ps
  2. 下载cloudflared到/usr/bin下,添加可执行权限
  3. 创建Openwrt启动脚本/etc/init.d/cloudflared,配置token,相关内容如下
    #!/bin/sh /etc/rc.common
    # For RedHat and cousins:
    # chkconfig: 2345 99 01
    # description: cloudflared
    # processname: /usr/bin/cloudflared
    ### BEGIN INIT INFO
    # Provides:          /usr/bin/cloudflared
    # Required-Start:
    # Required-Stop:
    # Default-Start:     2 3 4 5
    # Default-Stop:      0 1 6
    # Short-Description: cloudflared
    # Description:       cloudflared agent
    ### END INIT INFO
    name=cloudflared
    cmd="/usr/bin/cloudflared --pidfile /var/run/$name.pid --autoupdate-freq 24h0m0s tunnel run --token <token>" #replace <token>
    pid_file="/var/run/$name.pid"
    stdout_log="/var/log/$name.log"
    stderr_log="/var/log/$name.err"
    [ -e /etc/sysconfig/$name ] && . /etc/sysconfig/$name
    get_pid() {
    cat "$pid_file"
    }
    is_running() {
    [ -f "$pid_file" ] && ps $(get_pid) > /dev/null 2>&1
    }
    START=99
    start() {
        if is_running; then
            echo "Already started"
        else
            echo "Starting $name"
            $cmd >> "$stdout_log" 2>> "$stderr_log" &
            echo $! > "$pid_file"
        fi
    }
    stop() {
        if is_running; then
            echo -n "Stopping $name.."
            kill $(get_pid)
            for i in {1..10}
            do
                if ! is_running; then
                    break
                fi
                echo -n "."
                sleep 1
            done
            echo
            if is_running; then
                echo "Not stopped; may still be shutting down or shutdown may have failed"
                exit 1
            else
                echo "Stopped"
                if [ -f "$pid_file" ]; then
                    rm "$pid_file"
                fi
            fi
        else
            echo "Not running"
        fi
    }
  4. 启动服务 /etc/init.d/cloudflared start

TrueNAS-SCALE qcow2镜像写入虚拟机Zvol存储

前言

使用TrueNAS-SCALE的时候配置HomeAssistant的时候,需要将官方的qcow2镜像转换为TrueNAS中的Zvol,资料存档。

安装资料

TrueNAS Community

操作步骤

  1. TrueNAS-SCALE中,System-Setting->Shell输入命令
    qemu-img convert -O raw <qcow2文件> /dev/<存储池vm路径>/<Zvol名称>
  2. 等待转换完成
  3. 创建虚拟机

TrueNAS-SCALE创建Open vSwitch网桥-虚拟机桥接

前言

使用TrueNAS-SCALE的时候可能需要两个虚拟机内部互联的时候,发现TrueNAS-SCALE自带的网桥配置需要强制绑定网卡,Open vSwitch对虚拟化性能好一点,所以考虑安装Open vSwitch进行互联,资料存档。

安装资料

Open vSwitch

操作步骤

  1. TrueNAS-SCALE中,System-Setting->Shell输入命令
    apt install -y openvswitch-switch
  2. 等待安装完成
  3. 使用下面命令创建ovs网桥,创建完成之后就可以在Network中发现网桥
    ovs-vsctl add-br ovsbr
  4. 选择虚拟机,设置Devices中NIC attach: ovsbr
  5. 到此配置完成,如果有其它需求可参考上方给出的资料

Nginx(SSL)+WordPress容器化部署

安装需求

需求环境

需求镜像

安装步骤

配置Nginx-conf

web.conf

server {
    listen 80;
    listen [::]:80;
    server_name example.site; #域名
    return 301 https://$http_host$request_uri;
}
server {

    listen 443 ssl;
    ssl_certificate    /etc/ssl/domain-certificate.pem; #域名ssl-certificate
    ssl_certificate_key    /etc/ssl/domain-key.key; #域名ssl_certificate_key

    server_name example.site; #域名

    index index.php;

    root /var/www/html;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ [^/]\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }
        fastcgi_pass wordpress:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    }

}

参考链接

创建Docker Compose file

wordpress.yml

version: "3.9"

services:

  nginx:
    image: nginx
    volumes:
        - ~/nginx-setting/web.conf:/etc/nginx/conf.d/default.conf #nginx-conf挂载路径
        - wordpress:/var/www/html
        - ~/ssl:/etc/ssl:ro #证书挂载路径
    ports:
        - "80:80"
        - "443:443"
    links:
        - "wordpress:wordpress"

  wordpress:
    image: wordpress:php8.0-fpm-alpine
    environment:
      WORDPRESS_DB_HOST: db
      WORDPRESS_DB_USER: exampleuser
      WORDPRESS_DB_PASSWORD: examplepass
      WORDPRESS_DB_NAME: exampledb
    volumes:
      - wordpress:/var/www/html
    links:
      - "db:db"

  db:
    image: mysql:5.7
    environment:
      MYSQL_DATABASE: exampledb
      MYSQL_USER: exampleuser
      MYSQL_PASSWORD: examplepass
      MYSQL_RANDOM_ROOT_PASSWORD: '1'
    volumes:
      - db:/var/lib/mysql

volumes:
    wordpress:
    db:

参考链接
WordPress

容器启动

 docker-compose -f ./wordpress.yml up -d