Update docs/tech_docs/OpenWrt.md
This commit is contained in:
@@ -1,3 +1,81 @@
|
|||||||
|
Here's an updated OpenWRT container configuration with a smaller footprint:
|
||||||
|
|
||||||
|
### Proxmox Container Creation
|
||||||
|
|
||||||
|
Use the following command to create a new container with reduced memory and storage:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
pct create 101 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:2,size=1G \
|
||||||
|
--net0 name=eth0,bridge=vmbr0,firewall=1 \
|
||||||
|
--net1 name=eth1,bridge=vmbr1,firewall=1
|
||||||
|
```
|
||||||
|
|
||||||
|
Key changes:
|
||||||
|
- Reduced memory to 128MB (`--memory 128`)
|
||||||
|
- Disabled swap (`--swap 0`)
|
||||||
|
- Reduced rootfs size to 1GB (`--rootfs local-lvm:2,size=1G`)
|
||||||
|
|
||||||
|
### OpenWRT Firewall Configuration
|
||||||
|
|
||||||
|
The network interface and firewall configuration remains the same as before:
|
||||||
|
|
||||||
|
#### **Define Network Interfaces**:
|
||||||
|
Update `/etc/config/network` to reflect `eth1` as the WAN interface:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
config interface 'wan'
|
||||||
|
option ifname 'eth1'
|
||||||
|
option proto 'dhcp'
|
||||||
|
```
|
||||||
|
|
||||||
|
#### **Update Firewall Settings**:
|
||||||
|
Append rules to `/etc/config/firewall` to allow SSH and HTTPS access:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
config zone
|
||||||
|
option name 'wan'
|
||||||
|
list network 'wan'
|
||||||
|
option input 'REJECT'
|
||||||
|
option output 'ACCEPT'
|
||||||
|
option forward 'REJECT'
|
||||||
|
option masq '1'
|
||||||
|
option mtu_fix '1'
|
||||||
|
|
||||||
|
config rule
|
||||||
|
option name 'Allow-SSH'
|
||||||
|
option src 'wan'
|
||||||
|
option proto 'tcp'
|
||||||
|
option dest_port '22'
|
||||||
|
option target 'ACCEPT'
|
||||||
|
|
||||||
|
config rule
|
||||||
|
option name 'Allow-HTTPS'
|
||||||
|
option src 'wan'
|
||||||
|
option proto 'tcp'
|
||||||
|
option dest_port '443'
|
||||||
|
option target 'ACCEPT'
|
||||||
|
```
|
||||||
|
|
||||||
|
### Applying the Configuration
|
||||||
|
|
||||||
|
After updating the configuration files:
|
||||||
|
|
||||||
|
- **Restart Network Services**:
|
||||||
|
```bash
|
||||||
|
/etc/init.d/network restart
|
||||||
|
```
|
||||||
|
|
||||||
|
- **Reload Firewall Settings**:
|
||||||
|
```bash
|
||||||
|
/etc/init.d/firewall restart
|
||||||
|
```
|
||||||
|
|
||||||
|
This setup reduces the memory and storage footprint of the OpenWRT container while maintaining the necessary network and firewall configurations for SSH and HTTPS access.
|
||||||
|
|
||||||
|
Remember to test connectivity and functionality thoroughly after applying these changes to ensure the reduced resource allocation meets your requirements.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
To streamline your guide for setting up Proxmox containers with OpenWRT and configuring the necessary firewall rules for SSH and HTTPS access, here’s a refined and concise approach:
|
To streamline your guide for setting up Proxmox containers with OpenWRT and configuring the necessary firewall rules for SSH and HTTPS access, here’s a refined and concise approach:
|
||||||
|
|
||||||
### Proxmox Container Creation
|
### Proxmox Container Creation
|
||||||
|
|||||||
Reference in New Issue
Block a user