site updates

2024-05-05 10:38:02 -06:00
parent 0d2386870d
commit 7d794ad2f9
19 changed files with 7376 additions and 0 deletions
--- a/tech_docs/networking/OpenWrt.md
+++ b/tech_docs/networking/OpenWrt.md
@@ -0,0 +1,229 @@
+```bash
+pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 \
+--password fuzzy817 --tag network --storage local-lvm --memory 256 --swap 128 \
+--rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 \
+--net1 name=eth1,bridge=vmbr1,firewall=1 --cores 1 --cpuunits 500 --onboot 1 --debug 0
+```
+
+```bash
+pct start 100
+```
+
+```bash
+pct create 110 /var/lib/vz/template/cache/kali-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 \
+--password fuzzy817 --tag tools --storage zfs-disk0 --cores 2 \
+--memory 2048 --swap 1024 --rootfs local-lvm:1,size=64G \
+--net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1500 --onboot 1 \
+--debug 0 --features nesting=1,keyctl=1
+```
+```bash
+pct start 110
+```
+
+```bash
+pct create 120 /var/lib/vz/template/cache/alpine-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 \
+--password fuzzy817 --tag docker --storage local-lvm --cores 2 \
+--memory 1024 --swap 256 --rootfs local-lvm:1,size=8G \
+--net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1000 --onboot 1 \
+--debug 0 --features nesting=1,keyctl=1
+```
+```bash
+pct start 120
+```
+
+---
+
+# Proxmox Container Setup Guide
+
+## Introduction
+This guide provides detailed instructions for configuring OpenWRT, Alpine Linux, and Kali Linux containers on a Proxmox VE environment. Each section covers the creation, configuration, and basic setup steps necessary to get each type of container up and running, tailored for use in a lab setting.
+
+## Links
+- [Split A GPU Between Multiple Computers - Proxmox LXC (Unprivileged)](https://youtu.be/0ZDr5h52OOE?si=F4RVd5mA5IRjrpXU)
+- [Must-Have OpenWrt Router Setup For Your Proxmox](https://youtu.be/3mPbrunpjpk?si=WofNEJUZL4FAw7HP)
+- [Docker on Proxmox LXC 🚀 Zero Bloat and Pure Performance!](https://youtu.be/-ZSQdJ62r-Q?si=GCXOEsKnOdm6OIiz)
+
+## Prerequisites
+- Proxmox VE installed on your server
+- Access to Proxmox web interface or command-line interface
+- Container templates downloaded (OpenWRT, Alpine, Kali Linux)
+
+## Container Configuration
+### OpenWRT Container Setup
+#### Description
+This section details setting up an OpenWRT container designed for network routing and firewall tasks.
+
+#### Create and Configure the OpenWRT Container
+```bash
+pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 \
+--password <password> --tag network --storage local-lvm --memory 256 --swap 128 \
+--rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 \
+--net1 name=eth1,bridge=vmbr1,firewall=1 --cores 1 --cpuunits 500 --onboot 1 --debug 0
+```
+
+#### Start the Container and Access the Console
+```bash
+pct start 100
+pct console 100
+```
+
+#### Update and Install Packages
+```bash
+opkg update
+opkg install qemu-ga
+reboot
+```
+
+#### Network and Firewall Configuration
+Configure network settings and firewall rules:
+```bash
+vi /etc/config/network
+/etc/init.d/network restart
+
+vi /etc/config/firewall
+/etc/init.d/firewall restart
+
+# Setting up firewall rules using UCI
+uci add firewall rule
+uci set firewall.@rule[-1].name='Allow-SSH'
+uci set firewall.@rule[-1].src='wan'
+uci set firewall.@rule[-1].proto='tcp'
+uci set firewall.@rule[-1].dest_port='22'
+uci set firewall.@rule[-1].target='ACCEPT'
+
+uci add firewall rule
+uci set firewall.@rule[-1].name='Allow-HTTPS'
+uci set firewall.@rule[-1].src='wan'
+uci set firewall.@rule[-1].proto='tcp'
+uci set firewall.@rule[-1].dest_port='443'
+uci set firewall.@rule[-1].target='ACCEPT'
+
+uci add firewall rule
+uci set firewall.@rule[-1].name='Allow-HTTP'
+uci set firewall.@rule[-1].src='wan'
+uci set firewall.@rule[-1].proto='tcp'
+uci set firewall.@rule[-1].dest_port='80'
+uci set firewall.@rule[-1].target='ACCEPT'
+
+uci commit firewall
+/etc/init.d/firewall restart
+```
+
+### Alpine Container Setup
+#### Description
+Set up an Alpine Linux container optimized for running Docker, ensuring lightweight deployment and management of Docker applications.
+
+#### Create and Configure the Alpine Container
+```bash
+pct create 120 /var/lib/vz/template/cache/alpine-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 \
+--password <password> --tag docker --storage local-lvm --cores 2 \
+--memory 1024 --swap 256 --rootfs local-lvm:1,size=8G \
+--net0 name=eth0,bridge=vmbr0,firewall=1 --keyctl 1 --nesting 1 \
+--cpuunits 1000 --onboot 1 --debug 0
+```
+
+#### Enter the Container
+```bash
+pct enter 120
+```
+
+#### System Update and Package Installation
+Enable community repositories and install essential packages:
+```bash
+sed -i '/^#.*community/s/^#//' /etc/apk/repositories
+apk update && apk upgrade
+apk add qemu-guest-agent docker openssh sudo
+```
+
+#### Start and Enable Docker Service
+```bash
+rc-service docker start
+rc-update add docker default
+```
+
+#### Configure Network
+Set up network interfaces and restart networking services:
+```bash
+setup-interfaces
+service networking restart
+```
+
+#### Configure and Start SSH Service
+```bash
+rc-update add sshd
+service sshd start
+vi /etc/ssh/sshd_config
+service sshd restart
+```
+
+#### Create a System User and Add to Docker Group and Sudoers
+```bash
+adduser -s /bin/ash medusa
+addgroup medusa docker
+echo "medusa ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/medusa
+```
+
+#### Test Docker Installation
+```bash
+docker run hello-world
+```
+
+```bash
+docker volume create portainer_data
+```
+
+```bash
+docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
+```
+
+```markdown
+[Portainer Dashboard](https://localhost:9443)
+```
+
+### Kali Linux Container Setup
+#### Description
+Configure a Kali Linux container tailored for security testing and penetration testing tools.
+
+#### Create and Configure the Kali Linux Container
+```bash
+pct create 110 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 \
+--password <password> --tag tools --storage local-lvm --cores 2 \
+--memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G \
+--net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1500 --onboot 1 \
+--debug 0 --features nesting=1,keyctl=1
+```
+
+## Conclusion
+Follow these steps to successfully set up and configure OpenWRT, Alpine, and Kali Linux containers on Proxmox. Adjust configurations according to your specific needs and ensure all passwords are secure before deploying containers in a production environment.
+
+```bash
+pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 \
+--password <password> --tag network --storage local-lvm --memory 256 --swap 128 \
+--rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 \
+--net1 name=eth1,bridge=vmbr1,firewall=1 --cores 1 --cpuunits 500 --onboot 1 --debug 0
+```
+
+```bash
+pct create 110 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 \
+--password <password> --tag tools --storage local-lvm --cores 2 \
+--memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G \
+--net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1500 --onboot 1 \
+--debug 0 --features nesting=1,keyctl=1
+```
+
+```bash
+pct create 120 /var/lib/vz/template/cache/alpine-rootfs.tar.xz \
+--unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 \
+--password <password> --tag docker --storage local-lvm --cores 2 \
+--memory 1024 --swap 256 --rootfs local-lvm:1,size=8G \
+--net0 name=eth0,bridge=vmbr0,firewall=1 --keyctl 1 --nesting 1 \
+--cpuunits 1000 --onboot 1 --debug 0
+```