diff --git a/README.md b/README.md index cee233a..083e641 100644 --- a/README.md +++ b/README.md @@ -14,57 +14,14 @@ These scripts automate the deployment of personal infrastructure components. The | Script | Description | Usage | |--------|-------------|-------| -| `proxy/install.sh` | Deploy a reverse proxy server with Tailscale + Nginx Proxy Manager | See below | +| [`proxy/install.sh`](proxy/) | Reverse proxy with Tailscale + Nginx Proxy Manager | `curl -fsSL https://gitea.arnodo.fr/Damien/infra-scripts/raw/branch/main/proxy/install.sh \| bash` | -## Usage - -### Proxy Server - -Deploys a secure reverse proxy with: -- **Tailscale** for private network access (SSH, admin panel) -- **Nginx Proxy Manager** for public reverse proxy (HTTP/HTTPS) -- **UFW** firewall configured to expose only ports 80/443 publicly -- **fail2ban** and **unattended-upgrades** for basic hardening - -```bash -curl -fsSL https://gitea.arnodo.fr/Damien/infra-scripts/raw/branch/main/proxy/install.sh | bash -``` - -#### Environment Variables - -You can customize the deployment: - -```bash -# Custom hostname (default: proxy) -PROXY_HOSTNAME=myproxy curl -fsSL https://gitea.arnodo.fr/Damien/infra-scripts/raw/branch/main/proxy/install.sh | bash - -# Custom timezone (default: Europe/Paris) -TZ=America/New_York curl -fsSL https://gitea.arnodo.fr/Damien/infra-scripts/raw/branch/main/proxy/install.sh | bash -``` - -#### Requirements +## Requirements - Fresh Debian 11/12 installation - User with sudo privileges (do not run as root) - Internet access -#### What it does - -1. Sets hostname -2. Installs base packages (vim, fail2ban, unattended-upgrades) -3. Installs and connects Tailscale (will prompt for authentication) -4. Configures sysctl for exit-node capability -5. Installs Docker -6. Configures UFW (80/443 public, everything else via Tailscale only) -7. Deploys Nginx Proxy Manager -8. Exposes NPM admin panel via Tailscale serve - -#### Post-install - -- Access NPM admin: `https://proxy..ts.net` -- Default credentials: `admin@example.com` / `changeme` -- Optionally approve exit-node in Tailscale admin console - ## License -MIT - Do whatever you want with these scripts. +MIT