nessi
3e2169f217
Add ServiceDNSRecord type and gateway API endpoint to expose active service domain-to-IP mappings. Implement ListServiceDNSRecords repository method querying services table with proxy_ip resolution using effectiveAccessProxyIP helper. Add vpn-dns microservice built on CoreDNS with periodic sync from backend API. Generate Corefile with configurable upstream DNS servers and hosts plugin for service overrides.
34 lines
1.2 KiB
Plaintext
34 lines
1.2 KiB
Plaintext
POSTGRES_DB=nexavpn
|
|
POSTGRES_USER=nexavpn
|
|
POSTGRES_PASSWORD=change-me
|
|
DATABASE_URL=postgres://nexavpn:change-me@postgres:5432/nexavpn?sslmode=disable
|
|
HTTP_ADDRESS=:8080
|
|
APP_ENV=production
|
|
JWT_SECRET=replace-with-a-long-random-secret
|
|
JWT_ISSUER=nexavpn
|
|
ACCESS_TOKEN_TTL_SECONDS=900
|
|
REFRESH_TOKEN_TTL_SECONDS=2592000
|
|
DEFAULT_DNS_SERVERS=10.20.0.53
|
|
DEFAULT_VPN_CIDR=100.96.0.0/24
|
|
GATEWAY_UDP_PORT=51900
|
|
DEFAULT_GATEWAY_ENDPOINT=vpn.example.com:51900
|
|
DEFAULT_GATEWAY_PUBLIC_KEY=replace-me
|
|
GATEWAY_BOOTSTRAP_TOKEN=nexavpn-gateway-bootstrap
|
|
NEXAVPN_GATEWAY_ID=
|
|
NEXAVPN_GATEWAY_NAME=primary-gateway
|
|
NEXAVPN_GATEWAY_SYNC_URL=http://127.0.0.1:8080/api/v1/gateway-agent
|
|
NEXAVPN_GATEWAY_BOOTSTRAP_URL=http://127.0.0.1:8080/api/v1/gateway-agent/bootstrap
|
|
NEXAVPN_API_TOKEN=
|
|
NEXAVPN_GATEWAY_PRIVATE_KEY=
|
|
NEXAVPN_GATEWAY_INTERFACE=wg0
|
|
NEXAVPN_UPLINK_INTERFACE=eth0
|
|
NEXAVPN_ENABLE_MASQUERADE=true
|
|
NEXAVPN_BACKEND_HOST=127.0.0.1
|
|
NEXAVPN_ACCESS_PROXY_IP=172.16.0.120
|
|
NEXAVPN_ACCESS_PROXY_HTTP_ADDR=172.16.0.120:80
|
|
NEXAVPN_ACCESS_PROXY_HTTPS_ADDR=172.16.0.120:443
|
|
NEXAVPN_DNS_SYNC_URL=http://127.0.0.1:8080/api/v1/gateway-agent/dns/services
|
|
NEXAVPN_VPN_DNS_ADDR=:53
|
|
NEXAVPN_VPN_DNS_UPSTREAMS=172.16.0.100,172.16.0.105
|
|
NEXAVPN_CLIENT_DNS_SERVERS=172.16.0.119
|