iamthefij
/
dockamole
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Allow multiple tunnels

This commit is contained in:
IamTheFij 2019-06-24 14:43:17 -07:00
parent c25701c34f
commit 88ac7f12e8
3 changed files with 62 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
Readme.md
View File

@ -4,8 +4,48 @@ Example bridging connections across two distinct Docker networks using [`mole`](
My real use case is something like a remote LDAP server that I don't want to expose to the public internet and some metrics servers only available behind a VPN. This setup will allow me to create a proxy container on a host that will act as a local LDAP or HTTP server. My real use case is something like a remote LDAP server that I don't want to expose to the public internet and some metrics servers only available behind a VPN. This setup will allow me to create a proxy container on a host that will act as a local LDAP or HTTP server.
If I get time, I'll draw a diagram as well. Eg.
```
+----------+ +----------+ +----------+
| | | | | |
| | | Firewall | | |
| | | | | |
| Local | tunnel +----------+ tunnel | Remote |
| Computer |--------------------------------| SSH |
| | +----------+ | Server |
| | | | | |
| | | Firewall | | |
| | | | | |
+----------+ +----------+ +----------+
|
|
| tunnel
|
|
+----------+
| |
| |
| |
| |
| Remote |
| Service |
| |
| |
| |
+----------+
```
## Running ## Running
Requires you to provide your own ssh keys as well as provide the local machine IP address Requires you to provide your own ssh keys as well as provide the local machine IP address
Dockamole is configured using environment variables:
# Required
MOLE_LOCAL_? indexed local host and port
MOLE_REMOTE_? indexed remote host and port
MOLE_SERVER ssh server to connect to
# Optional
MAX_TUNNELS number of tunnels allowed (default 10)
SSH_KEY path to ssh private key that should be used (default ~/.ssh/id_rsa)

4
docker-compose-client.yml
View File

@ -10,7 +10,7 @@ services:
# This key must be provided # This key must be provided
- ./id_rsa_proxy:/mole/.ssh/id_rsa - ./id_rsa_proxy:/mole/.ssh/id_rsa
environment: environment:
- MOLE_LOCAL=0.0.0.0:8080 - MOLE_LOCAL_1=0.0.0.0:8080
- MOLE_REMOTE=web:8080 - MOLE_REMOTE_1=web:8080
# IP address is the local address of the server. This is to show that it's connecting outside the bridge network # IP address is the local address of the server. This is to show that it's connecting outside the bridge network
- MOLE_SERVER=mole@10.255.52.39:2222 - MOLE_SERVER=mole@10.255.52.39:2222

23
mole/start.sh
View File

@ -1,8 +1,23 @@
#! bin/bash #! /bin/bash
# Executes mole using local and remotes from env variables
local_remote=""
for i in `seq ${MAX_TUNNELS:-10}`; do
local_name=MOLE_LOCAL_$i
remote_name=MOLE_REMOTE_$i
if [ ! -z "${!local_name}" ] && [ ! -z "${!remote_name}" ]; then
local_remote="$local_remote -local ${!local_name} -remote ${!remote_name}"
fi
done
if [ -z "$local_remote" ]; then
echo "Must provide at least one local and remote via MOLE_LOCAL_1 and MOLE_REMOTE_1"
exit 1
fi
mole -v \ mole -v \
-local ${MOLE_LOCAL} \ $local_remote \
-remote ${MOLE_REMOTE} \
-server ${MOLE_SERVER} \ -server ${MOLE_SERVER} \
-key ~/.ssh/id_rsa \ -key ${SSH_KEY:-~/.ssh/id_rsa} \
-insecure -insecure