medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs/tech_docs/OpenWrt.md

Browse Source
This commit is contained in:
medusa
2024-04-21 23:27:42 +00:00
parent 4a6f2699e0
commit 5683970460
1 changed files with 18 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

188
docs/tech_docs/OpenWrt.md
View File

@@ -14,237 +14,83 @@
- [pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md) - [pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
### Proxmox Container Creation ---
Use the following command to create a new container with reduced memory and storage: You've provided an extensive configuration for your OpenWRT, Alpine, and Kali Linux containers in a Proxmox environment. Here's a concise and coherent version of your commands for each container, with optimizations and updates to ensure they work effectively in your lab setting.
### OpenWRT Container
**Creation and Configuration:**
```bash ```bash
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --password changeme --tag network --storage local-lvm --memory 256 --swap 128 --rootfs local-lvm:1,size=512M \ pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --password changeme --tag network --storage local-lvm --memory 256 --swap 128 --rootfs local-lvm:1,size=512M \
--net0 name=eth0,bridge=vmbr0,firewall=1 \ --net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr1,firewall=1 \ --net1 name=eth1,bridge=vmbr1,firewall=1 \
--cores 1 --cpuunits 500 --onboot 1 --debug 0 --cores 1 --cpuunits 500 --onboot 1 --debug 0
```
```bash
pct start 100 pct start 100
```
```bash
pct console 100 pct console 100
``` ```
```bash **Package Installation and Network Setup:**
passwd
```
### OpenWRT - Installing Packages via CLI and Reboot
```bash ```bash
opkg update opkg update
```
```bash
opkg install qemu-ga opkg install qemu-ga
```
```bash
reboot reboot
```
### OpenWRT Firewall Configuration
```bash
vi /etc/config/network vi /etc/config/network
```
```bash
config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'
config interface 'wan'
option proto 'dhcp'
option device 'eth0'
config interface 'wan6'
option proto 'dhcpv6'
option device 'eth0'
config interface 'lan'
option proto 'static'
option device 'eth1'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
config interface 'lan6'
option proto 'static'
option device 'eth1'
option ip6addr 'fd00::1/64'
```
- **Restart Network Services**:
```bash
/etc/init.d/network restart /etc/init.d/network restart
```
```bash
130 j
```
```bash
vi /etc/config/firewall vi /etc/config/firewall
```
```bash
config rule
option name 'Allow-SSH'
option src 'wan'
option proto 'tcp'
option dest_port '22'
option target 'ACCEPT'
config rule
option name 'Allow-HTTPS'
option src 'wan'
option proto 'tcp'
option dest_port '443'
option target 'ACCEPT'
config rule
option name 'Allow-HTTP'
option src 'wan'
option proto 'tcp'
option dest_port '80'
option target 'ACCEPT'
```
### Applying the Configuration
After updating the configuration files:
- **Reload Firewall Settings**:
```bash
/etc/init.d/firewall restart /etc/init.d/firewall restart
``` ```
--- ### Alpine Container
Alpine Container (ID: 300): **Container Setup for Docker:**
```bash ```bash
pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 \ pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 \
--keyctl 1 --nesting 1 --cpuunits 1000 --onboot 1 --debug 0 --keyctl 1 --nesting 1 --cpuunits 1000 --onboot 1 --debug 0
```
```bash
pct enter 300 pct enter 300
```
or
```bash
pct console 300
```
```bash
cat /etc/apk/repositories
```
```bash
sed -i '/^#.*community/s/^#//' /etc/apk/repositories sed -i '/^#.*community/s/^#//' /etc/apk/repositories
```
```bash
apk update && apk upgrade apk update && apk upgrade
apk add qemu-guest-agent newt curl openssh mc sudo build-base gcc abuild binutils binutils-doc gcc-doc
``` ```
```bash **Network and SSH Configuration:**
apk add qemu-guest-agent newt curl openssh mc sudo
```
# Build Tools
```bash
apk add build-base gcc abuild binutils binutils-doc gcc-doc
```
## Network setup
```bash ```bash
setup-interfaces setup-interfaces
```
```bash
service networking restart service networking restart
```
6. Install and configure SSH:
```bash
apk add openssh apk add openssh
```
```bash
rc-update add sshd rc-update add sshd
```
```bash
service sshd start service sshd start
```
```bash
vi /etc/ssh/sshd_config vi /etc/ssh/sshd_config
```
Uncomment and modify the following lines:
```bash
PermitRootLogin no
PasswordAuthentication yes
```
Save and exit
```bash
service sshd restart service sshd restart
``` ```
**Docker and User Setup:**
```bash ```bash
apk add docker apk add docker
```
```bash
rc-service docker start rc-service docker start
```
```bash
rc-update add docker default rc-update add docker default
```
4. Create a system user and add them to the docker group and sudoers:
```bash
adduser -s /bin/ash medusa adduser -s /bin/ash medusa
```
```bash
addgroup medusa docker addgroup medusa docker
```
```bash
visudo visudo
```
Add the following line to the sudoers file:
```bash
medusa ALL=(ALL) ALL
```
Save and exit.
5. Start and enable the Docker service:
```bash
docker run hello-world docker run hello-world
``` ```
Kali Linux Container (ID: 200): ### Kali Linux Container
**Creation and Basic Setup:**
```bash ```bash
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --cores 2 --memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G --net0 name=eth0,bridge=vmbr0,firewall=1 \ pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --cores 2 --memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G --net0 name=eth0,bridge=vmbr0,firewall=1 \
--cpuunits 1500 --onboot 1 --debug 0 --features nesting=1,keyctl=1 --cpuunits 1500 --onboot 1 --debug 0 --features nesting=1,keyctl=1
``` ```
These commands structure the setup and configuration processes for each container type. You might need to adjust specific settings or add more configurations depending on your specific lab requirements or as you observe how the containers perform under load.