diff --git a/index.json b/index.json index b7a2f28..346b0e4 100644 --- a/index.json +++ b/index.json @@ -5,6 +5,9 @@ {"id": "calendar", "name": "Calendar & Contacts", "version": "1.0.0", "description": "CalDAV/CardDAV server (Radicale)", "author": "roof"}, {"id": "files", "name": "File Storage", "version": "1.0.0", "description": "WebDAV file storage", "author": "roof"}, {"id": "email", "name": "Email Server", "version": "1.0.0", "description": "Full email server (Postfix + Dovecot)", "author": "roof"}, - {"id": "webmail", "name": "Webmail", "version": "1.0.0", "description": "Rainloop webmail UI", "author": "roof"} + {"id": "webmail", "name": "Webmail", "version": "1.0.0", "description": "Rainloop webmail UI", "author": "roof"}, + {"id": "wireguard-ext", "name": "WireGuard External Exit", "version": "1.0.0", "description": "Connect PIC as a WireGuard client to an external VPN server.", "author": "roof", "category": "connectivity"}, + {"id": "openvpn-client", "name": "OpenVPN Exit", "version": "1.0.0", "description": "Connect PIC as an OpenVPN client. Selected peers exit through this tunnel.", "author": "roof", "category": "connectivity"}, + {"id": "tor", "name": "Tor Exit", "version": "1.0.0", "description": "Route selected peers through the Tor anonymization network.", "author": "roof", "category": "connectivity"} ] } diff --git a/services/openvpn-client/manifest.json b/services/openvpn-client/manifest.json new file mode 100644 index 0000000..142dbf5 --- /dev/null +++ b/services/openvpn-client/manifest.json @@ -0,0 +1,22 @@ +{ + "id": "openvpn-client", + "name": "OpenVPN Exit", + "description": "Connect PIC as an OpenVPN client. Selected peers exit through this tunnel.", + "version": "1.0.0", + "author": "roof", + "image": "git.pic.ngo/roof/svc-openvpn-client:latest", + "container_name": "cell-openvpn", + "network_mode": "host", + "cap_add": ["NET_ADMIN"], + "devices": ["/dev/net/tun"], + "volumes": [ + { "name": "openvpn-config", "mount": "/etc/openvpn" } + ], + "env": [], + "caddy_route": null, + "iptables_rules": [], + "config_schema": [ + { "key": "ovpn_text", "type": "textarea", "label": "OpenVPN config (.ovpn)", "required": true } + ], + "requires_host_network": true +} diff --git a/services/tor/manifest.json b/services/tor/manifest.json new file mode 100644 index 0000000..0106a24 --- /dev/null +++ b/services/tor/manifest.json @@ -0,0 +1,23 @@ +{ + "id": "tor", + "name": "Tor Exit", + "description": "Route selected peers through the Tor anonymization network via transparent proxy.", + "version": "1.0.0", + "author": "roof", + "image": "git.pic.ngo/roof/svc-tor:latest", + "container_name": "cell-tor", + "network_mode": "host", + "cap_add": ["NET_ADMIN"], + "volumes": [ + { "name": "tor-data", "mount": "/var/lib/tor" }, + { "name": "tor-config", "mount": "/etc/tor" } + ], + "env": [ + { "key": "TOR_TRANS_PORT", "value": "9040" }, + { "key": "TOR_DNS_PORT", "value": "5353" } + ], + "caddy_route": null, + "iptables_rules": [], + "config_schema": [], + "requires_host_network": true +} diff --git a/services/wireguard-ext/manifest.json b/services/wireguard-ext/manifest.json new file mode 100644 index 0000000..f031963 --- /dev/null +++ b/services/wireguard-ext/manifest.json @@ -0,0 +1,22 @@ +{ + "id": "wireguard-ext", + "name": "WireGuard External Exit", + "description": "Connect PIC as a WireGuard client to an external VPN server. Selected peers exit through this tunnel.", + "version": "1.0.0", + "author": "roof", + "image": "git.pic.ngo/roof/svc-wireguard-ext:latest", + "container_name": "cell-wg-ext", + "network_mode": "host", + "cap_add": ["NET_ADMIN"], + "sysctls": ["net.ipv4.ip_forward=1"], + "volumes": [ + { "name": "wg-ext-config", "mount": "/etc/wireguard" } + ], + "env": [], + "caddy_route": null, + "iptables_rules": [], + "config_schema": [ + { "key": "conf_text", "type": "textarea", "label": "WireGuard config (.conf)", "required": true } + ], + "requires_host_network": true +}