New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TIP: How to host ZeroNet in a private IP container #103

Open
Fusion opened this Issue May 15, 2015 · 0 comments

Comments

Projects
None yet
1 participant
@Fusion

Fusion commented May 15, 2015

Not an issue, but I wasn't sure where to post this tip:

And, yes, I am aware that you may then want to protect your ZeroNet install(!)

Here is a typical configuration:

  • Host machine runs haproxy
  • ZeroNet in a Docker or OpenVZ container

1-Make the main UI available to the world:

In the container: python zeronet.py --ui_ip 0.0.0.0�

On the host, you need to configure this container's IP in haproxy -- for instance, edit haproxy.conf:

frontend http_in
    acl host_zeronet hdr(host) -i zeronet.example.com
    use_backend be_zeronet if host_zeronet

backend be_zeronet
    balance lastconn
    option httpclose
    server pub_zeronet <container ip>:43110 cookie pub_zeronet check

Restart haproxy.

2-Make the file server available:

I would recommend using NAT to avoid any surprise. In /etc/../iptables:

nat:

# we will nat incoming packets on port 15441
-A PREROUTING -i eth0 -p tcp -m tcp --dport 15441 -j DNAT --to-destination <container ip>:15441
-A PREROUTING -i eth0 -p udp -m udp --dport 15441 -j DNAT --to-destination <container ip>:15441�

filter:

# host forwards incoming container packets
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s <container network>/24 -i <bridge interface> -j ACCEPT�
# host accepts incoming container packets to its own services
-A INPUT -s <container nerwork>/24 -i <bridge interface> -j ACCEPT�

Cleanup your iptables configuration then iptable-restore < etc/../iptable

And you're good to go! (in theory)

@Fusion Fusion changed the title from How to host ZeroNet in a private IP container to TIP: How to host ZeroNet in a private IP container May 15, 2015

@shakna-israel shakna-israel referenced this issue Jun 18, 2015

Open

Update documents #56

14 of 19 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment