admin/Bruchtal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(tunnel): allgemeines Setup

Browse Source
This commit is contained in:
admin
2026-02-21 10:04:34 +01:00
parent babce26eb3
commit a24dd370dc
1 changed files with 71 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
docs/network/tunnel.md
View File

@@ -1,5 +1,74 @@
##Tunnel
# Pangolin-Tunnel: Zugriff über Hetzner
## Sicherheits-Setup
```
+------------------+
| Internet |
+--------+---------+
|
| TCP 80 / 443
v
+------------------------------------------------------------------+
| Hetzner Server |
| seanluc1 |
| |
| +------------+ shared docker network +---------------+ |
| | Traefik | <--------------------------> | CrowdSec | |
| | v3.4.1 | | LAPI | |
| | | | | |
| | :80 :443 | | Decisions | |
| | :8080 | | (CAPI) | |
| +------+-----+ +---------------+ |
| | |
| | dynamic config (file provider) |
| v |
| +-----------------------------------------------------------+ |
| | Pangolin | |
| | v1.14.1 | |
| | | |
| | Web UI :3002 | |
| | API :3000 | |
| | Internal API :3001 | |
| | | |
| | - generates Traefik routers | |
| | - manages resources | |
| | - controls Gerbil / Newt | |
| +-----------+-----------------------------------------------+ |
| | |
| | WireGuard control |
| v |
| +-----------------------------------------------------------+ |
| | Gerbil | |
| | | |
| | WireGuard Exit Node | |
| | wg0: 100.89.128.1/24 | |
| | Control API :3003 | |
| | | |
| | - terminates tunnel | |
| | - forwards TCP ports | |
| +-----------+-----------------------------------------------+ |
| | |
+---------------|--------------------------------------------------+
|
| WireGuard tunnel (encrypted)
v
+------------------------------------------------------------------+
| Local Network (LAN) |
| |
| +-------------+ +------------------------------------+ |
| | Newt | | Target Services | |
| | | | | |
| | wg IP | | Home Assistant | |
| | 100.89.128.4| | 192.168.178.203:8123 | |
| | | | | |
| | TCP Proxy | | Wiki / Bitwarden | |
| +-------------+ +------------------------------------+ |
| |
+------------------------------------------------------------------+
```
#Sicherheits-Setup