medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
175a3a9ec7bfc27768fd222694d600a06b3354ed
the_information_nexus/docs/tech_docs/OpenWrt.md

284 lines
6.1 KiB
Markdown
Raw Blame History

## 'pct' commands
```markdown
[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
```
### Proxmox Container Creation
Use the following command to create a new container with reduced memory and storage:
```bash
pct create 101 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-01 --tag network --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:1,size=512M \
--net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr1,firewall=1
```
### OpenWRT Firewall Configuration
```bash
passwd
```
```bash
vi /etc/config/network
```
```bash
config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'
config interface 'wan'
option proto 'dhcp'
option device 'eth0'
config interface 'wan6'
option proto 'dhcpv6'
option device 'eth0'
config interface 'lan'
option ifname 'eth1'
option proto 'static'
option device 'eth1'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
```
```bash
130 dd
```
```bash
vi /etc/config/firewall
```
```bash
config rule
option name 'Allow-SSH'
option src 'wan'
option proto 'tcp'
option dest_port '22'
option target 'ACCEPT'
config rule
option name 'Allow-HTTPS'
option src 'wan'
option proto 'tcp'
option dest_port '443'
option target 'ACCEPT'
config rule
option name 'Allow-HTTP'
option src 'wan'
option proto 'tcp'
option dest_port '80'
option target 'ACCEPT'
```
### Applying the Configuration
After updating the configuration files:
- **Restart Network Services**:
```bash
/etc/init.d/network restart
```
- **Reload Firewall Settings**:
```bash
/etc/init.d/firewall restart
```
### Installing Packages via CLI
1. **Update the Package List**: Before installing any new packages, it's a good practice to update the list of packages to ensure you are installing the latest versions available. You can do this by running:
```bash
opkg update
```
```bash
opkg install qemu-ga
```
```bash
poweroff
```
---
OpenWRT Container (ID: 100):
```bash
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --cores 2 --memory 128 --swap 0 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```
Kali Linux Container (ID: 200):
```bash
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --tag tools --storage local-lvm --cores 2 --memory 1024 --swap 512 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr1,firewall=1
```
Alpine Container (ID: 300):
```bash
pct create 300 /var/lib/vz/template/cache/alpine-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr1,firewall=1
```
```bash
pct enter 300
```
```bash
passwd
```
```bash
pct console 300
```
```bash
apk update
```
```bash
apk upgrade
```
```bash
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
```
```bash
setup-interfaces
```
Choose the appropriate network interface and configure it with DHCP or a static IP as required. Then:
```bash
service networking restart
```
```bash
apk add bash curl wget vim htop qemu-guest-agent
```
```bash
apk add build-base gcc abuild binutils binutils-doc gcc-doc
```
## Notes
```bash
passwd
```
```bash
apk update
```
```bash
apk add vim
```
```bash
cat /etc/apk/repositories
```
```bash
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
```
## Build Tools
```bash
apk add build-base gcc abuild binutils binutils-doc gcc-doc
```
```markdown
Here's a concise guide to set up a minimal Alpine Linux system with the specified packages and configurations:
1. Install Alpine Linux:
- Download the Alpine Linux ISO from the official website.
- Create a bootable USB drive or use a virtual machine.
- Boot from the installation media and follow the installation wizard.
2. Update the system and add the community repository:
```
apk update
apk add vim
vi /etc/apk/repositories
```
Uncomment the line for the community repository, then save and exit.
3. Install the required packages:
```
apk add qemu-guest-agent htop docker curl wget iperf3 sudo
```
4. Create a system user and add them to the docker group and sudoers:
```
adduser -s /bin/ash myuser
addgroup myuser docker
visudo
```
Add the following line to the sudoers file:
```
myuser ALL=(ALL) ALL
```
Save and exit.
5. Start and enable the Docker service:
```
rc-update add docker default
service docker start
```
6. Install and configure SSH:
```
apk add openssh
rc-update add sshd
service sshd start
vi /etc/ssh/sshd_config
```
Uncomment and modify the following lines:
```
PermitRootLogin no
PasswordAuthentication yes
```
Save and exit.
7. Restart the SSH service:
```
service sshd restart
```
8. Log in as the newly created user:
```
su - myuser
```
9. Test Docker functionality:
```
docker run hello-world
```
10. Test sudo privileges:
```
sudo apk update
```
11. Connect to the system via SSH:
```
ssh myuser@<server-ip>
```
Additional notes:
- Make sure to set a strong password for the user account.
- Consider using SSH key-based authentication for enhanced security.
- Regularly update the system and installed packages using `apk update` and `apk upgrade`.
- Configure the system as per your specific requirements and security best practices.
This guide provides a basic setup for a minimal Alpine Linux system with the requested packages and configurations. Feel free to customize it further based on your needs.
```
ip ad
setup-interfaces
ping 1.1.1.1
traceroute 1.1.1.1
service docker start
rc-update add cgroups
history
```
Reference in New Issue View Git Blame Copy Permalink