neilbartley

{{- if . }}
{{- range . }}
<h3>Target <code>{{ escapeXML .Target }}</code></h3>
{{- if (eq (len .Vulnerabilities) 0) }}
<h4>No Vulnerabilities found</h4>
{{- else }}
<h4>Vulnerabilities ({{ len .Vulnerabilities }})</h4>
<table>
    <tr>
        <th>Package</th>

neilbartley

Configure Andrews & Arnold L2TP on OpenWRT 19.07

Andrews & Arnold offer a L2TP Service for people like me, who are trapped behind a CGNAT system.

The following was sourced from here, here and a bit of experimentation.

/etc/config/network

Add following:

neilbartley

docker run -it --rm redis:5.0.6 bash
apt update; apt install stunnel procps

cat > /etc/stunnel/redis-cli.conf
setuid = root
setgid = root
pid = /var/run/stunnel.pid
debug = 7
options = NO_SSLv2
options = NO_SSLv3

neilbartley

version: '3.7'

x-reflector: &reflector
  image: neilbartley/ysfreflector:latest
  container_name: reflector1
  ports:
    - "42000:42000/udp"
  environment:
    REFLECTOR_NAME: "YOUR_NAME_HERE"
    REFLECTOR_DESCRIPTION: "YOUR_DESCRIPTION_HERE"

neilbartley

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBF4TqVABEADEJTbOKj3zU0orDbuUcWstQ2Cr9e7ZAq1nAIWmTiknEuCZNeAX
WKdR05e/QO8sBZTrKuCJb/P4r/EkZrl3JBQe6TVrJ6H0mduSvVkql7B2XQY07/ac
nEAxHSbq6mLHngn67zsGphm+0n2i0iShTW2reNjSe/ybq3i/zxQaPrC/jzp1cSiI
WDtXb4eOw/HwffXMQviFTKG0xakaUiaZRNd3LFIurCdXg7nP+ISqzw95L1gqFsIT
fb1YWbi81yMUGofQX6yvZaSLNrylbPjYXqTdBSTn0mGLbcKRBvv9+HR26UrvyeMK
6hj8nGzq50sh8gTAzV55DZ+AGipFOt7+542VUGP6BMVVy903jleP7roC7FHFxHk3
KkBcbfWINvXdG8LWxdyd0KxGbOcQK62ShjedJw3Us8yEgeCaU3aEc/C5aK4JWm9h
iCnHYaMxCjHo+U7Tlol6fadt49CQHUxBmt9//WnuVN9p0ygzKxGoG/rTePGFPxty

neilbartley

# Created a server on DigitalOcean (anywhere will do). Just ensured it had docker installed.
# Setup DNS entries for proto[1234].neil.bar pointing at the server.
# Connected to the server.

# Server has ports locked down. Open up the ones we need.
ufw allow 80/tcp
ufw allow 443/tcp

# Wouldn't normally open this one up but its handy for this demo.
ufw allow 8080/tcp

neilbartley

version: '3.4'

services:
  proto1:
    image: 123456789012.dkr.ecr.eu-west-1.amazonaws.com/prototoype:deploy-20181019-1050-a127c89
    command: bundle exec puma -p 9292

    # This links to the network created in the proxy (traefik) stack
    networks:
      - traefik_traefik

neilbartley

version: '3.4'

services:
  hsb:
    image: 123456789012.dkr.ecr.eu-west-1.amazonaws.com/hairy-slackbot:deploy-20181015-0935-e583d12
    command: bundle exec puma -p 3000

    # This links to the network created in the proxy (træfik) stack
    networks:
      - traefik_traefik

neilbartley

debug = false

logLevel = "ERROR"
defaultEntryPoints = ["https", "http"]

# https://docs.traefik.io/configuration/entrypoints/
[entryPoints]
  [entryPoints.http]
  address = ":80"
    [entryPoints.http.redirect]           # https://docs.traefik.io/configuration/entrypoints/#redirect-http-to-https

neilbartley

version: '3.4'

services:
  traefik:
    # Use the apline image, its lovely and small - 22MB!
    image: traefik:1.7.3-alpine                          

    # This just exposes the ports to the host, the host firewall is configured separately 
    ports:                                               
      - "443:443"    # Expose HTTPS port (and available externally)