Amend reverse proxy and port configuration to ensure no conflicts

2024-11-06 08:14:34 +00:00 · 2024-11-06 08:14:34 +00:00 · 08587e80a5
parent 45748971b4
commit 08587e80a5
3 changed files with 17 additions and 21 deletions
--- a/proxy_resources/etc/haproxy/haproxy.cfg
+++ b/proxy_resources/etc/haproxy/haproxy.cfg
@ -80,7 +80,7 @@ backend bk_imap
      timeout connect 7s
      server imap1 10.0.0.2:143 send-proxy-v2

-# Technitium DNS Server Configuration
+# Technitium DNS Server Configuration - TCP Reverse Proxying (UDP handled via Nginx in nginx.conf)
 frontend ft_technitium_tcp
      bind {{ proxy_server_ip }}:53
      mode tcp
@ -94,19 +94,4 @@ backend bk_technitium_tcp
      stick-table type ip size 200k expire 30m
      timeout server 1m
      timeout connect 7s
-      server 10.0.0.10:53 send-proxy-v2
-
-frontend ft_technitium_udp
-      bind {{ proxy_server_ip }}:53
-      mode udp
-      timeout client 1m
-      default_backend bk_technitium_udp
-
-backend bk_technitium_udp
-      mode udp
-      balance leastconn
-      stick store-request src
-      stick-table type ip size 200k expire 30m
-      timeout server 1m
-      timeout connect 7s
-      server 10.0.0.10:53 send-proxy-v2
+      server 10.0.0.10:7649 send-proxy-v2
--- a/proxy_resources/etc/nginx/nginx.conf
+++ b/proxy_resources/etc/nginx/nginx.conf
@ -64,7 +64,18 @@ http {

 # Minecraft server and other non NGinx standard protocol proxying handled here

-#stream {
+stream {
+
+	# UDP Reverse Proxying for the Technitium DNS service. TCP handled by Haproxy
+	server {
+		listen 53 udp;
+
+		proxy_pass technitium;
+	}
+	upstream technitium {
+		server 10.0.0.10:7649;
+    	}
+
 #	This appears to work in the sense that the port is available when checking with telnet, but doesn't appear to be working in Minecraft
 #	map $ssl_preread_server_name $name {
 #    	    minecraft.{{ domain_name }}   10.0.0.2:25565;
@ -135,7 +146,7 @@ http {
 #		
 #		proxy_pass imap_starttls;
 #	}
-#}
+}

 # Mail Proxy configuration
 #mail {
--- a/services/service_technitium/docker-compose.yml
+++ b/services/service_technitium/docker-compose.yml
@ -17,7 +17,7 @@ services:
      - FIREWALL_VPN_INPUT_PORTS=5380,53,5335,5432
    ports:
      - "5380:5380"
-      - "53:53"
+      - "53:7649" # To not have conflicts with the host DNS resolving services, will change the port.
    networks:
      technitium:
    deploy:
@ -29,7 +29,7 @@ services:
  technitium:
    network_mode: "service:invidious-gluetun"
    container_name: technitium
-    hostname: technitium
+    #  hostname: technitium
    image: technitium/dns-server:latest
    # For DHCP deployments, use "host" network mode and remove all the port mappings, including the ports array by commenting them
    # network_mode: "host"