nessi/NexaVPN
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
NexaVPN/deploy/docker-compose.yml
nessi 3e2169f217 feat: add VPN DNS service with dynamic service catalog resolution and CoreDNS integration 
Add ServiceDNSRecord type and gateway API endpoint to expose active service domain-to-IP mappings. Implement ListServiceDNSRecords repository method querying services table with proxy_ip resolution using effectiveAccessProxyIP helper.

Add vpn-dns microservice built on CoreDNS with periodic sync from backend API. Generate Corefile with configurable upstream DNS servers and hosts plugin for service overrides.
2026-03-18 13:30:34 +01:00

133 lines
3.9 KiB
YAML
Raw Permalink Blame History

services:
postgres:
image: postgres:17-alpine
environment:
POSTGRES_DB: ${POSTGRES_DB}
POSTGRES_USER: ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
ports:
- "5432:5432"
volumes:
- postgres-data:/var/lib/postgresql/data
- ../backend/migrations/000001_init.sql:/docker-entrypoint-initdb.d/010_init.sql:ro
- ../backend/seed/001_seed.sql:/docker-entrypoint-initdb.d/020_seed.sql:ro
networks:
- control
backend:
build:
context: ../backend
dockerfile: Dockerfile
hostname: backend
env_file:
- .env
depends_on:
- postgres
networks:
control:
aliases:
- backend
admin-web:
build:
context: ../admin-web
dockerfile: Dockerfile
depends_on:
- backend
ports:
- "8081:80"
networks:
- control
public-web:
build:
context: ..
dockerfile: public-web/Dockerfile
depends_on:
- backend
ports:
- "8080:80"
networks:
- control
reverse-proxy:
image: nginx:1.27-alpine
depends_on:
- backend
- admin-web
ports:
- "80:80"
volumes:
- ./nginx/reverse-proxy.conf:/etc/nginx/conf.d/default.conf:ro
networks:
- control
gateway:
build:
context: .
dockerfile: gateway/Dockerfile
depends_on:
- backend
network_mode: host
cap_add:
- NET_ADMIN
- SYS_MODULE
devices:
- /dev/net/tun:/dev/net/tun
environment:
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
NEXAVPN_GATEWAY_NAME: ${NEXAVPN_GATEWAY_NAME:-primary-gateway}
NEXAVPN_GATEWAY_LISTEN_PORT: ${GATEWAY_UDP_PORT:-51900}
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://127.0.0.1:8080/api/v1/gateway-agent}
NEXAVPN_GATEWAY_BOOTSTRAP_URL: ${NEXAVPN_GATEWAY_BOOTSTRAP_URL:-http://127.0.0.1:8080/api/v1/gateway-agent/bootstrap}
DEFAULT_GATEWAY_ENDPOINT: ${DEFAULT_GATEWAY_ENDPOINT:-localhost:${GATEWAY_UDP_PORT:-51900}}
DEFAULT_VPN_CIDR: ${DEFAULT_VPN_CIDR:-100.96.0.0/24}
NEXAVPN_API_TOKEN: ${NEXAVPN_API_TOKEN:-}
NEXAVPN_GATEWAY_PRIVATE_KEY: ${NEXAVPN_GATEWAY_PRIVATE_KEY:-}
NEXAVPN_GATEWAY_INTERFACE: ${NEXAVPN_GATEWAY_INTERFACE:-wg0}
NEXAVPN_UPLINK_INTERFACE: ${NEXAVPN_UPLINK_INTERFACE:-eth0}
NEXAVPN_ENABLE_MASQUERADE: ${NEXAVPN_ENABLE_MASQUERADE:-true}
NEXAVPN_BACKEND_HOST: ${NEXAVPN_BACKEND_HOST:-127.0.0.1}
NEXAVPN_ACCESS_PROXY_IP: ${NEXAVPN_ACCESS_PROXY_IP:-}
volumes:
- ./scripts/gateway-entrypoint.sh:/scripts/gateway-entrypoint.sh:ro
- gateway-state:/var/lib/nexavpn
access-proxy:
build:
context: .
dockerfile: access-proxy/Dockerfile
depends_on:
- backend
network_mode: host
environment:
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
NEXAVPN_GATEWAY_ID: ${NEXAVPN_GATEWAY_ID:-}
NEXAVPN_GATEWAY_ID_FILE: /var/lib/nexavpn/gateway-id
NEXAVPN_GATEWAY_SYNC_URL: ${NEXAVPN_GATEWAY_SYNC_URL:-http://127.0.0.1:8080/api/v1/gateway-agent}
NEXAVPN_ACCESS_PROXY_HTTP_ADDR: ${NEXAVPN_ACCESS_PROXY_HTTP_ADDR:-172.16.0.120:80}
NEXAVPN_ACCESS_PROXY_HTTPS_ADDR: ${NEXAVPN_ACCESS_PROXY_HTTPS_ADDR:-172.16.0.120:443}
volumes:
- gateway-state:/var/lib/nexavpn
vpn-dns:
build:
context: .
dockerfile: vpn-dns/Dockerfile
depends_on:
- backend
network_mode: host
environment:
GATEWAY_BOOTSTRAP_TOKEN: ${GATEWAY_BOOTSTRAP_TOKEN:-nexavpn-gateway-bootstrap}
NEXAVPN_DNS_SYNC_URL: ${NEXAVPN_DNS_SYNC_URL:-http://127.0.0.1:8080/api/v1/gateway-agent/dns/services}
NEXAVPN_VPN_DNS_ADDR: ${NEXAVPN_VPN_DNS_ADDR:-:53}
NEXAVPN_VPN_DNS_UPSTREAMS: ${NEXAVPN_VPN_DNS_UPSTREAMS:-172.16.0.100,172.16.0.105}
volumes:
postgres-data:
gateway-state:
networks:
control:
Reference in New Issue View Git Blame Copy Permalink