Collection of my Personal Servers inspired from linuxserver.io
- Wireguard
- Openvpn-AS
Ubuntu 22.04
- Any Fedora based distro
- Official Raspberry pi OS 11,12
Podman
- Root Containers
- Rootless Containers
- Cron-job to auto update the target host & container images on every week
- Slack notification about the updates
- Root & Rootless container support for all servers
- Deployment of servers on Raspberry pi. Tested on Raspberry Pi 3B+ with Official os 11(Bullseye). Should work on other models as well.
To deploy this project on x86 hosts
- Create ansible container image
cd x-servers
./build.sh "amd64" "baseimage-ubuntu ."
./start.sh
ansible-playbook -i <path_to_inventory_file>, setup-xserver.yml -u <non-root-user>- Create ansible inventory file with target host details
- Copy & Update xserver configs. Refer here for detailed information about configs
cp var_xserver.yml.template var_xserver.yml
vi var_xserver.yml- Run ansible playbook
ansible-playbook -i <path_to_inventory_file>, setup-xserver.yml -u <non-root-user>Currently shell scripts are used for deployment which in future can be moved to kubernetes based resources like deploy/pod yaml.
- Rootless openvpn-as server requires "container_use_devices" sebool to be enabled
sudo setsebool -P container_use_devices on- Rootless openvpn-as server also needs this custom selinux module to allow "tun_tap_devices" for containers
- Rootless Wireguard server requires MTU value to be updated in containers.conf for slirp4netns
sed -i -e '/^#network_cmd_options/a network_cmd_options=["mtu=1500"]' /usr/share/containers/containers.conf- The default interface used in Rootless containers are "tap" interfaces and so any iptable rules that needs to be updated should point to this interface rather than the generic "eth" type.
Contributions & Suggestions are always welcome :)
If you have any feedback, please update in this issue