From f1375c43a28a638e98a231089f4abea901e21ff6 Mon Sep 17 00:00:00 2001 From: medusa Date: Sun, 21 Apr 2024 23:33:18 +0000 Subject: [PATCH] Update docs/tech_docs/OpenWrt.md --- docs/tech_docs/OpenWrt.md | 95 +++++++++++++++++++++++++-------------- 1 file changed, 62 insertions(+), 33 deletions(-) diff --git a/docs/tech_docs/OpenWrt.md b/docs/tech_docs/OpenWrt.md index 2e1248c..c0814ae 100644 --- a/docs/tech_docs/OpenWrt.md +++ b/docs/tech_docs/OpenWrt.md @@ -16,81 +16,110 @@ --- -You've provided an extensive configuration for your OpenWRT, Alpine, and Kali Linux containers in a Proxmox environment. Here's a concise and coherent version of your commands for each container, with optimizations and updates to ensure they work effectively in your lab setting. +Here are the structured sections for your document that cover the setup of OpenWRT, Alpine, and Kali Linux containers on Proxmox: -### OpenWRT Container +--- -**Creation and Configuration:** +## OpenWRT Container Setup + +### Description +This section details the process of setting up an OpenWRT container in a Proxmox environment. OpenWRT is optimized for network operations, making it ideal for routing and firewall tasks within a virtualized setup. The configuration provided keeps resource allocation minimal due to the constraints of an older hardware setup in a lab environment. + +### Step-by-Step Configuration +1. Create the container using the provided template and specify initial settings like hostname, network tags, and storage options. +2. Start the container and access its console. +3. Update the container's package list and install necessary packages. +4. Modify network configurations and restart network services to apply the changes. +5. Set up firewall rules to secure the container's network interfaces. + +### Commands ```bash -pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --password changeme --tag network --storage local-lvm --memory 256 --swap 128 --rootfs local-lvm:1,size=512M \ ---net0 name=eth0,bridge=vmbr0,firewall=1 \ ---net1 name=eth1,bridge=vmbr1,firewall=1 \ ---cores 1 --cpuunits 500 --onboot 1 --debug 0 +# Create and configure the OpenWRT container +pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --password changeme --tag network --storage local-lvm --memory 256 --swap 128 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1 --cores 1 --cpuunits 500 --onboot 1 --debug 0 +# Start the container pct start 100 +# Access the container's console pct console 100 -``` -**Package Installation and Network Setup:** -```bash +# Update and install packages opkg update opkg install qemu-ga reboot +# Network and firewall configuration vi /etc/config/network /etc/init.d/network restart - vi /etc/config/firewall /etc/init.d/firewall restart ``` -### Alpine Container +--- -**Container Setup for Docker:** +## Alpine Container Setup + +### Description +This section outlines the configuration for an Alpine Linux container, which is lightweight and suitable for running Docker containers. The settings are designed to optimize Docker performance with adequate CPU and memory allocation, while also ensuring that system resources are not overly taxed. + +### Step-by-Step Configuration +1. Set up the Alpine container with specified resources and networking capabilities. +2. Enter the container to configure the system and Docker settings. +3. Update system packages and enable community repositories. +4. Install Docker and related tools, and configure network settings. +5. Set up a non-root user for Docker management. + +### Commands ```bash -pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 \ ---keyctl 1 --nesting 1 --cpuunits 1000 --onboot 1 --debug 0 +# Create and configure the Alpine container +pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 --keyctl 1 --nesting 1 --cpuunits 1000 --onboot 1 --debug 0 +# Enter the container pct enter 300 +# System update and Docker installation sed -i '/^#.*community/s/^#//' /etc/apk/repositories apk update && apk upgrade -apk add qemu-guest-agent newt curl openssh mc sudo build-base gcc abuild binutils binutils-doc gcc-doc -``` +apk add qemu-guest-agent newt curl openssh mc sudo build-base gcc abuild binutils binutils-doc gcc-doc docker +rc-service docker start +rc-update add docker default -**Network and SSH Configuration:** -```bash +# Configure network and SSH setup-interfaces service networking restart - apk add openssh rc-update add sshd service sshd start +# Configure and start SSH service vi /etc/ssh/sshd_config service sshd restart -``` - -**Docker and User Setup:** -```bash -apk add docker -rc-service docker start -rc-update add docker default +# Create a system user and add them to the docker group and sudoers adduser -s /bin/ash medusa addgroup medusa docker visudo +# Test Docker installation docker run hello-world ``` -### Kali Linux Container +--- -**Creation and Basic Setup:** +## Kali Linux Container Setup + +### Description +This section provides instructions for configuring a Kali Linux container, geared towards security professionals and penetration testers. This container is set up with increased resources to support the intensive tasks typically performed on Kali Linux, including various security tests and analyses. + +### Step-by-Step Configuration +1. Create the Kali Linux container with enhanced CPU and memory settings to handle demanding security tools. +2. Start the container to ensure it is running smoothly. +3. Perform system updates and install necessary security tools as required. + +### Commands ```bash -pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --cores 2 --memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G --net0 name=eth0,bridge=vmbr0,firewall=1 \ ---cpuunits 1500 --onboot 1 --debug 0 --features nesting=1,keyctl=1 -``` +# Create and configure the Kali Linux container +pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm -- -These commands structure the setup and configuration processes for each container type. You might need to adjust specific settings or add more configurations depending on your specific lab requirements or as you observe how the containers perform under load. \ No newline at end of file +cores 2 --memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G --net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1500 --onboot 1 --debug 0 --features nesting=1,keyctl=1 +``` \ No newline at end of file