Site Tools


Hotfix release available: 2025-05-14b "Librarian". upgrade now! [56.2] (what's this?)
boshi

boshi

Primarni namen je dokumentacija (tale, ki jo beres), DNS streznik za lokalni network, ki promet ocisti reklam, predvsem pa kot Wireguard VPN endpoint za vse nase online naprave (telefoni, pcji,..).

Je fizicnen streznik oz. mini PC - Raspberry PI 3B+ z 4xCPU in 1GB RAM.

Skrit je v shrambi pod stropom/knaufom.

Poleg SD kartice, na kateri je Debian Linux OS, je mountan tudi:

  • 2x 16GB USB kljucek v RAID1, za pomembne zadeve (/storage/raid)
  • 1x 500GB zunanji USB disk, za backup podatkov iz gecko (/storage/disk) - <color red>ZREL ZA ZAMENJAVO!!</color>
wireguard
pi@boshi:~ $ sudo cat /etc/wireguard/wg0.conf
[Interface]
Address = 10.168.100.1/24
ListenPort = 1607
PrivateKey = cCtb1PM7XLsP41LffRAgGSDdtjVUTnOcYkPex7HgLm0= 
#PreUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PreUp = iptables -t nat -A POSTROUTING -s 10.168.100.0/24  -o eth0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -s 10.168.100.0/24  -o eth0 -j MASQUERADE



# tine gsm
[Peer]
PublicKey = M8oR/AuU7IqO2XiDmFAf1B+dRrrNVZ0oJQNphn30e20= 
AllowedIPs = 10.168.100.2/32

### kump-nb laptop
[Peer]
PublicKey = UpXYC7nZaISFUL2pnflWYNtsttJZTg4jJHcyJbFTfCE= 
AllowedIPs = 10.168.100.3/32

### main pc - job
[Peer]
PublicKey = CQwKZprTkIq0NKIKvdFRb8zc17rZ4tjNSqg3gADujEk=
AllowedIPs = 10.168.100.4/32

### kump-nb-t490
[Peer]
PublicKey = fOXG/P1PCGTtycD+7bD6cdvrSQyR5/Swbdh0rJA++0o=
AllowedIPs = 10.168.100.5/32

### test job vm
[Peer]
PublicKey = veru9wmJKKr/29sCedW3HZ9b+5FOAWKEeudKSysGaUk=
AllowedIPs = 10.168.100.10/32

Kljuci

  • android_mobile_private.key: mMxvGb0dDuR6LCQ7z4Vi+2lsu/SrqeJj1AKHQp7vBnY=
  • android_mobile_public.key: M8oR/AuU7IqO2XiDmFAf1B+dRrrNVZ0oJQNphn30e20=
  • job_private.key: SNEnGnEEHTdJn5WU3g6fTdfhVLJGMRKdMYz+SU5MYX4=
  • job_public.key: CQwKZprTkIq0NKIKvdFRb8zc17rZ4tjNSqg3gADujEk=
  • kump-nb_private.key: ADdmMB4l5au1rFBcUwGmCWN+8b0/NPalrsSoTxR+ZXc=
  • kump-nb_public.key: UpXYC7nZaISFUL2pnflWYNtsttJZTg4jJHcyJbFTfCE=
  • raspberrypi_private.key: cCtb1PM7XLsP41LffRAgGSDdtjVUTnOcYkPex7HgLm0=
  • raspberrypi_public.key: +/Vny4dUx9TbIaT7uLRTclp0ZEnSqPZwBxohlP7Y52E=
  • test_private.key: 2CD8f3NQxliokeLjefu5Gi3XcoUzpzrJzHIsCaN/aGc=
  • test_public.key: veru9wmJKKr/29sCedW3HZ9b+5FOAWKEeudKSysGaUk=
  • kump-nb_t490_private.key: qH2qNapvJJvcCnj7lIHGuHN4WLBCjhAid98TDxMlfUU=
  • kump-nb_t490_public.key: fOXG/P1PCGTtycD+7bD6cdvrSQyR5/Swbdh0rJA++0o=
Docker servisi
pi@boshi:/storage/raid/docker $ cat docker-compose.yml 
version: "2"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "81:80/tcp"
      - "443:443/tcp"
    environment:
      TZ: 'Europe/Ljubljana'
      WEBPASSWORD: 'pajhole42'
    # Volumes store your data between container upgrades
    volumes:
       - '/storage/raid/pi-hole/etc-pihole/:/etc/pihole/'
       - '/storage/raid/pi-hole/etc-dnsmasq.d/:/etc/dnsmasq.d/'
    dns:
      - 127.0.0.1
      - 1.1.1.1
    restart: unless-stopped

  dokuwiki:
    image: dtroncy/rpi-dokuwiki 
    container_name: dokuwiki
    ports:
      - 80:80
#      - 8081:81
    volumes:
      - /etc/timezone:/etc/timezone
      - /etc/localtime:/etc/localtime
      - /storage/raid/dokuwiki_data:/var/www/dokuwiki/data/pages
      - /storage/raid/dokuwiki_conf:/var/www/dokuwiki/conf
    restart: unless-stopped

  unifi:
   image: ryansch/unifi-rpi:latest
   container_name: unifi
   restart: always
   network_mode: host
    # Uncomment the following to set java options
    # environment:
    #   JAVA_OPTS: -Xmx512M
   ports:
      - 8080:8080
      - 8443:8443
      - 3478:3478/udp
      - 10001:10001/udp
   volumes:
      # Unifi v5.0.7 creates all of these directories (some remain empty)
      - /storage/raid/unifi/config:/var/lib/unifi
      - /storage/raid/unifi/log:/usr/lib/unifi/logs
      - /storage/raid/unifi/log2:/var/log/unifi
      - /storage/raid/unifi/run:/usr/lib/unifi/run
      - /storage/raid/unifi/run2:/run/unifi
      - /storage/raid/unifi/work:/usr/lib/unifi/work
boshi.txt · Last modified: by 192.168.100.58 · Currently locked by: 192.168.100.200

Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki