Update docs/tech_docs/OpenWrt.md
This commit is contained in:
@@ -1,3 +1,81 @@
|
||||
Here's an updated OpenWRT container configuration with a smaller footprint:
|
||||
|
||||
### Proxmox Container Creation
|
||||
|
||||
Use the following command to create a new container with reduced memory and storage:
|
||||
|
||||
```bash
|
||||
pct create 101 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:2,size=1G \
|
||||
--net0 name=eth0,bridge=vmbr0,firewall=1 \
|
||||
--net1 name=eth1,bridge=vmbr1,firewall=1
|
||||
```
|
||||
|
||||
Key changes:
|
||||
- Reduced memory to 128MB (`--memory 128`)
|
||||
- Disabled swap (`--swap 0`)
|
||||
- Reduced rootfs size to 1GB (`--rootfs local-lvm:2,size=1G`)
|
||||
|
||||
### OpenWRT Firewall Configuration
|
||||
|
||||
The network interface and firewall configuration remains the same as before:
|
||||
|
||||
#### **Define Network Interfaces**:
|
||||
Update `/etc/config/network` to reflect `eth1` as the WAN interface:
|
||||
|
||||
```bash
|
||||
config interface 'wan'
|
||||
option ifname 'eth1'
|
||||
option proto 'dhcp'
|
||||
```
|
||||
|
||||
#### **Update Firewall Settings**:
|
||||
Append rules to `/etc/config/firewall` to allow SSH and HTTPS access:
|
||||
|
||||
```bash
|
||||
config zone
|
||||
option name 'wan'
|
||||
list network 'wan'
|
||||
option input 'REJECT'
|
||||
option output 'ACCEPT'
|
||||
option forward 'REJECT'
|
||||
option masq '1'
|
||||
option mtu_fix '1'
|
||||
|
||||
config rule
|
||||
option name 'Allow-SSH'
|
||||
option src 'wan'
|
||||
option proto 'tcp'
|
||||
option dest_port '22'
|
||||
option target 'ACCEPT'
|
||||
|
||||
config rule
|
||||
option name 'Allow-HTTPS'
|
||||
option src 'wan'
|
||||
option proto 'tcp'
|
||||
option dest_port '443'
|
||||
option target 'ACCEPT'
|
||||
```
|
||||
|
||||
### Applying the Configuration
|
||||
|
||||
After updating the configuration files:
|
||||
|
||||
- **Restart Network Services**:
|
||||
```bash
|
||||
/etc/init.d/network restart
|
||||
```
|
||||
|
||||
- **Reload Firewall Settings**:
|
||||
```bash
|
||||
/etc/init.d/firewall restart
|
||||
```
|
||||
|
||||
This setup reduces the memory and storage footprint of the OpenWRT container while maintaining the necessary network and firewall configurations for SSH and HTTPS access.
|
||||
|
||||
Remember to test connectivity and functionality thoroughly after applying these changes to ensure the reduced resource allocation meets your requirements.
|
||||
|
||||
---
|
||||
|
||||
To streamline your guide for setting up Proxmox containers with OpenWRT and configuring the necessary firewall rules for SSH and HTTPS access, here’s a refined and concise approach:
|
||||
|
||||
### Proxmox Container Creation
|
||||
|
||||
Reference in New Issue
Block a user