4.6 KiB
4.6 KiB
Links
- Split A GPU Between Multiple Computers - Proxmox LXC (Unprivileged)
- Must-Have OpenWrt Router Setup For Your Proxmox
- Docker on Proxmox LXC 🚀 Zero Bloat and Pure Performance!
- stuff
'pct' commands
[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
OpenWRT Container Setup
Commands
# Create and configure the OpenWRT container
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --password changeme --tag network --storage local-lvm --memory 256 --swap 128 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1 --cores 1 --cpuunits 500 --onboot 1 --debug 0
Start the container
pct start 100
Access the container's console
pct console 100
Update and install packages
opkg update
opkg install qemu-ga
reboot
Network and firewall configuration
vi /etc/config/network
/etc/init.d/network restart
vi /etc/config/firewall
/etc/init.d/firewall restart
vi /etc/config/firewall
uci add firewall rule
uci set firewall.@rule[-1].name='Allow-SSH'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].dest_port='22'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule
uci set firewall.@rule[-1].name='Allow-HTTPS'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].dest_port='443'
uci set firewall.@rule[-1].target='ACCEPT'
uci add firewall rule
uci set firewall.@rule[-1].name='Allow-HTTP'
uci set firewall.@rule[-1].src='wan'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].dest_port='80'
uci set firewall.@rule[-1].target='ACCEPT'
uci commit firewall
/etc/init.d/firewall restart
Alpine Container Setup
Commands
# Create and configure the Alpine container
pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 --keyctl 1 --nesting 1 --cpuunits 1000 --onboot 1 --debug 0
Enter the container
pct enter 300
System update and Docker installation
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
apk update && apk upgrade
apk add qemu-guest-agent newt curl openssh mc sudo build-base gcc abuild binutils binutils-doc gcc-doc docker
rc-service docker start
rc-update add docker default
Configure network and SSH
setup-interfaces
service networking restart
apk add openssh
rc-update add sshd
service sshd start
Configure and start SSH service
vi /etc/ssh/sshd_config
service sshd restart
Create a system user and add them to the docker group and sudoers
adduser -s /bin/ash medusa
addgroup medusa docker
visudo
Test Docker installation
docker run hello-world
Kali Linux Container Setup
Description
This section provides instructions for configuring a Kali Linux container, geared towards security professionals and penetration testers. This container is set up with increased resources to support the intensive tasks typically performed on Kali Linux, including various security tests and analyses.
Step-by-Step Configuration
- Create the Kali Linux container with enhanced CPU and memory settings to handle demanding security tools.
- Start the container to ensure it is running smoothly.
- Perform system updates and install necessary security tools as required.
Commands
# Create and configure the Kali Linux container
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --
cores 2 --memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G --net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1500 --onboot 1 --debug 0 --features nesting=1,keyctl=1