gmarth/VPNTray
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stuff

Browse Source
This commit is contained in:
Alexander Thiess
2025-09-07 23:33:55 +02:00
parent d918f1e497
commit fbacfde9f2
33 changed files with 2626 additions and 1236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

165
example_customer.yaml
View File

@@ -22,7 +22,72 @@ services:
locations:
- name: Main Office
vpn_type: OpenVPN
vpn_config: /etc/openvpn/techcorp-main.ovpn
vpn_config: techcorp-main.ovpn # File in ~/.vpntray/vpn/
# External connection endpoints (can have multiple for redundancy)
external_addresses:
- vpn.techcorp.com # Primary VPN endpoint
- vpn2.techcorp.com # Backup endpoint
- 203.0.113.10 # Direct IP fallback
# Port forwarding rules for external access
port_forwardings:
- external_port: 8006
internal_ip: 192.168.1.10
internal_port: 8006
protocol: tcp
description: Proxmox web interface
enabled: true
- external_port: 3389
internal_ip: 192.168.1.20
internal_port: 3389
protocol: tcp
description: Domain Controller RDP
enabled: true
- external_port: 9000
internal_ip: 192.168.1.21
internal_port: 9000
protocol: tcp
description: File server web panel
enabled: true
- external_port: 5050
internal_ip: 192.168.1.22
internal_port: 5050
protocol: tcp
description: pgAdmin database interface
enabled: true
- external_port: 443
internal_ip: 192.168.1.1
internal_port: 443
protocol: tcp
description: Firewall web interface
enabled: true
# Network segments with rich metadata
network_segments:
- name: LAN
cidr: 192.168.1.0/24
gateway: 192.168.1.1
zone: production
description: Main office LAN
- name: Management
cidr: 10.0.1.0/24
vlan_id: 100
gateway: 10.0.1.1
zone: management
description: Out-of-band management network
- name: Services
cidr: 172.16.1.0/24
vlan_id: 200
gateway: 172.16.1.1
zone: production
description: Internal services network
# VPN credentials - three options:
# Option 1: Dictionary with username/password
@@ -39,8 +104,12 @@ locations:
# Hosts at this location
hosts:
- name: PVE-01
ip_address: 192.168.1.10
ip_addresses:
- ip_address: 192.168.1.10
network_segment: LAN
is_primary: true
host_type: Proxmox
icon: proxmox # Custom icon: assets/icons/proxmox.svg
description: Main virtualization server
services:
- name: Web Interface
@@ -53,7 +122,10 @@ locations:
# VMs running on this host
sub_hosts:
- name: DC-01
ip_address: 192.168.1.20
ip_addresses:
- ip_address: 192.168.1.20
network_segment: LAN
is_primary: true
host_type: Windows Server
description: Domain Controller
services:
@@ -65,8 +137,12 @@ locations:
port: 8080
- name: FILE-01
ip_address: 192.168.1.21
ip_addresses:
- ip_address: 192.168.1.21
network_segment: LAN
is_primary: true
host_type: Linux
icon: ubuntu # Custom icon: assets/icons/ubuntu.svg
description: File Server (Samba)
services:
- name: SSH
@@ -80,9 +156,15 @@ locations:
port: 9000
- name: DB-01
ip_address: 192.168.1.22
ip_addresses:
- ip_address: 192.168.1.22
network_segment: LAN
is_primary: true
- ip_address: 172.16.1.22
network_segment: Services
is_primary: false
host_type: Linux
description: PostgreSQL Database
description: PostgreSQL Database (dual-homed)
services:
- name: SSH
service_type: SSH
@@ -95,9 +177,19 @@ locations:
port: 5050
- name: FW-01
ip_address: 192.168.1.1
ip_addresses:
- ip_address: 192.168.1.1
network_segment: LAN
is_primary: true
- ip_address: 10.0.1.1
network_segment: Management
is_primary: false
- ip_address: 172.16.1.1
network_segment: Services
is_primary: false
host_type: Router
description: pfSense Firewall/Router
icon: pfsense # Custom icon: assets/icons/pfsense.svg
description: pfSense Firewall/Router (multi-interface)
services:
- name: Web Interface
service_type: Web GUI
@@ -107,9 +199,15 @@ locations:
port: 22
- name: SW-01
ip_address: 192.168.1.2
ip_addresses:
- ip_address: 192.168.1.2
network_segment: LAN
is_primary: true
- ip_address: 10.0.1.2
network_segment: Management
is_primary: false
host_type: Switch
description: Managed Switch
description: Managed Switch (dual-homed)
services:
- name: Web Interface
service_type: Web GUI
@@ -120,16 +218,57 @@ locations:
- name: Branch Office
vpn_type: WireGuard
vpn_config: /etc/wireguard/techcorp-branch.conf
vpn_config: techcorp-branch.conf # File in ~/.vpntray/vpn/
# External connection endpoints
external_addresses:
- 198.51.100.50 # Branch office static IP
- branch.techcorp.com # Dynamic DNS endpoint
# Port forwarding rules
port_forwardings:
- external_port: 8080
internal_ip: 10.10.1.10
internal_port: 8080
protocol: tcp
description: Branch web services
enabled: true
- external_port: 22
internal_ip: 10.10.1.10
internal_port: 22
protocol: tcp
description: SSH access to branch server
enabled: false # Disabled for security
# Network segments
network_segments:
- name: Branch_LAN
cidr: 10.10.1.0/24
gateway: 10.10.1.1
zone: production
description: Branch office network
- name: Local_Services
cidr: 192.168.100.0/24
gateway: 192.168.100.1
zone: general
description: Local branch services network
# No credentials needed for WireGuard (uses keys in config file)
vpn_credentials: null
hosts:
- name: BRANCH-01
ip_address: 10.10.1.10
ip_addresses:
- ip_address: 10.10.1.10
network_segment: Branch_LAN
is_primary: true
- ip_address: 192.168.100.1
network_segment: Local_Services
is_primary: false
host_type: Linux
description: Branch office server
description: Branch office server (dual-homed)
services:
- name: SSH
service_type: SSH