leakung
20 มีนาคม 2568
Mikrotik container : ZeroTier network controller user interface
/container mounts
add dst=/opt/key-networks/ztncui/etc name=ztncui src=/ztncui
add dst=/var/lib/zerotier-one name=zerotier-one src=/zerotier-one
/container envs
add key=NODE_ENV name=zerotier value=production
add key=HTTPS_PORT name=zerotier value=3443
add key=ZTNCUI_PASSWD name=zerotier value=password
/container
add comment=zeerotier envlist=zerotier interface=veth-zerotier logging=yes mounts=ztncui,zerotier-one start-on-boot=yes workdir=/
WARNING: IF YOU DO NOT SET PASSWORD, YOU HAVE TO USE container shell <CONTAINER ID>, and then cat /var/log/docker-ztncui.log to get your random password. This is gatekeeper.
ref
- https://gist.github.com/dnburgess/b839c2230890068c30bb5ed5ee2d22ba
- https://github.com/key-networks/ztncui-aio
05 กุมภาพันธ์ 2568
Mikrotik hex refresh cloudflared container
add slot=tmpfs tmpfs-max-size=160M type=tmpfs
/container config
set registry-url=https://registry-1.docker.io tmpdir=tmpfs
/file
add name=/opt-cf/cloudflared.sh type=file contents="/bin/apt update\n\
/bin/apt -y install wget\n\
wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm -O /tmp/cloudflared\n\
chmod +x /tmp/cloudflared\n\
/tmp/cloudflared tunnel --no-autoupdate run --token XXX"
/container mounts
add dst=/opt-cf name=opt-cf src=/opt-cf
/container
add remote-image=arm32v5/debian:bookworm-slim interface=cf-tunnel mounts=opt-cf root-dir=tmpfs logging=yes cmd="bash /opt-cf/cloudflared.sh"
12 ธันวาคม 2567
openssl generate CSR
rsa:2048
-keyout domain.tld.key \
-out domain.tld.csr \
-subj "/C=TH/ST=Bangkok/O=Organization/OU=IT/CN=www.domain.tld"
rsa:2048 with SAN
-keyout domain.tld.key \
-out domain.tld.csr \
-subj "/C=TH/ST=Bangkok/O=Organization/OU=IT/CN=www.domain.tld" \
-addext "subjectAltName = DNS:www.domain2.tld,DNS:www.domain3.tld"
P-256 (ECC)
-keyout domain.tld.key \
-out domain.tld.csr \
-subj "/C=TH/ST=Bangkok/O=Organization/OU=IT/CN=www.domain.tld
P-256 (ECC) with SAN
-keyout domain.tld.key \
-out domain.tld.csr \
-subj "/C=TH/ST=Bangkok/O=Organization/OU=IT/CN=www.domain.tld" \
-addext "subjectAltName = DNS:www.domain2.tld,DNS:www.domain3.tld"
ST = State or Province Name
O = Organization Name
OU = Organizational Unit
CN = Common Name
02 ธันวาคม 2567
mikrotk wol script
# Define variables
:local serverIP "192.168.1.100" # Replace with the server's IP address
:local macAddress "AA:BB:CC:DD:EE:FF" # Replace with the server's MAC address
:local interface "ether1" # Replace with the appropriate interface
# Check if the server is reachable
:if ([/ping $serverIP count=3 interval=1] = 0) do={
# If the server is unreachable, send a WoL packet
/tool wol mac=$macAddress interface=$interface
:log info "WoL packet sent to $macAddress"
} else={
:log info "Server $serverIP is already online"
}
Script by ChatGPT
12 ตุลาคม 2567
local DOH DOT with coredns
# Corefile
.:53{
forward . tls://1.1.1.1 tls://1.0.0.1 {
tls_servername cloudflare-dns.com
}
}
https://.:443 {
tls /etc/coredns/certs/domain.tld.crt /etc/coredns/certs/domain.tld.key
forward . 127.0.0.1
}
tls://.:853 {
tls /etc/coredns/certs/domain.tld.crt /etc/coredns/certs/domain.tld.key
forward . 127.0.0.1
}
$ docker run --rm -d --name coredns \
-p 443:443/tcp -p 853:853/tcp \
-v $PWD/Corefile:/etc/coredns/Corefile \
-v $PWD/domain.tld.crt:/etc/coredns/certs/domain.tld.crt \
-v $PWD/domain.tld.key:/etc/coredns/certs/domain.tld.key \
coredns/coredns:latest \
-conf /etc/coredns/Corefile
local DOH DOT with adguard/dnsproxy
05 กันยายน 2567
Running erisamoe/cloudflared on mikrotik container with 56MB tmpfs
add name=cf-tunnel key=TUNNEL_TOKEN value=XXX