QuiltMeow · June 29, 2022 17:22
diff --git a/docker-compose.yml b/docker-compose.yml
 version: "3"

 services:
  zerotier:
    image: zyclonite/zerotier:1.10.0
    container_name: zu-controller
    restart: unless-stopped
    volumes:
      - ./controller_data:/var/lib/zerotier-one
    environment:
      - ZT_OVERRIDE_LOCAL_CONF=true
      - ZT_ALLOW_MANAGEMENT_FROM=0.0.0.0/0
    expose:
      - "9993/tcp"
    ports:
      - "9993:9993/udp"
  zero-ui:
    image: dec0dos/zero-ui:latest
    container_name: zu-main
    build:
      context: .
      dockerfile: ./docker/zero-ui/Dockerfile
    restart: unless-stopped
    depends_on:
      - zerotier
    volumes:
      - ./controller_data:/var/lib/zerotier-one
      - ./zero-ui_data:/app/backend/data
    environment:
      - ZU_CONTROLLER_ENDPOINT=http://zerotier:9993/
      - ZU_SECURE_HEADERS=true
      - ZU_DEFAULT_USERNAME=<初始登入帳號>
      - ZU_DEFAULT_PASSWORD=<初始登入密碼>
    ports:
      - "4000:4000"
 volumes:
  zero-ui_data:
  controller_data:
diff --git a/firewall.sh b/firewall.sh
 #!/bin/bash
 iptables -A INPUT -p tcp --dport <SSL 反向代理端口> -j ACCEPT
 iptables -A INPUT -p udp --dport 9993 -j ACCEPT
diff --git a/nginx-ssl-reverse-proxy.conf b/nginx-ssl-reverse-proxy.conf
 server {
    listen       <SSL 反向代理端口> ssl;
    server_name  <反向代理域名>;
    ssl_certificate <SSL 憑證位置>;
    ssl_certificate_key <SSL 私鑰位置>;

    location / {
        proxy_pass http://127.0.0.1:4000/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Referer https://<反向代理域名>:<SSL 反向代理端口>/;
    }
 }
diff --git a/start.sh b/start.sh
 #!/bin/bash
 sudo docker-compose up -d --no-build
	version: "3"

	services:
	zerotier:
	image: zyclonite/zerotier:1.10.0
	container_name: zu-controller
	restart: unless-stopped
	volumes:
	- ./controller_data:/var/lib/zerotier-one
	environment:
	- ZT_OVERRIDE_LOCAL_CONF=true
	- ZT_ALLOW_MANAGEMENT_FROM=0.0.0.0/0
	expose:
	- "9993/tcp"
	ports:
	- "9993:9993/udp"
	zero-ui:
	image: dec0dos/zero-ui:latest
	container_name: zu-main
	build:
	context: .
	dockerfile: ./docker/zero-ui/Dockerfile
	restart: unless-stopped
	depends_on:
	- zerotier
	volumes:
	- ./controller_data:/var/lib/zerotier-one
	- ./zero-ui_data:/app/backend/data
	environment:
	- ZU_CONTROLLER_ENDPOINT=http://zerotier:9993/
	- ZU_SECURE_HEADERS=true
	- ZU_DEFAULT_USERNAME=<初始登入帳號>
	- ZU_DEFAULT_PASSWORD=<初始登入密碼>
	ports:
	- "4000:4000"
	volumes:
	zero-ui_data:
	controller_data:
	#!/bin/bash
	iptables -A INPUT -p tcp --dport <SSL 反向代理端口> -j ACCEPT
	iptables -A INPUT -p udp --dport 9993 -j ACCEPT
	server {
	listen <SSL 反向代理端口> ssl;
	server_name <反向代理域名>;
	ssl_certificate <SSL 憑證位置>;
	ssl_certificate_key <SSL 私鑰位置>;

	location / {
	proxy_pass http://127.0.0.1:4000/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	proxy_set_header Host $http_host;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Referer https://<反向代理域名>:<SSL 反向代理端口>/;
	}
	}