206 lines
4.6 KiB
Markdown
206 lines
4.6 KiB
Markdown
## Links
|
|
- [Split A GPU Between Multiple Computers - Proxmox LXC (Unprivileged)
|
|
](https://youtu.be/0ZDr5h52OOE?si=F4RVd5mA5IRjrpXU)
|
|
- [Must-Have OpenWrt Router Setup For Your Proxmox
|
|
](https://youtu.be/3mPbrunpjpk?si=WofNEJUZL4FAw7HP)
|
|
- [Docker on Proxmox LXC 🚀 Zero Bloat and Pure Performance!
|
|
](https://youtu.be/-ZSQdJ62r-Q?si=GCXOEsKnOdm6OIiz)
|
|
- [stuff](url)
|
|
|
|
## 'pct' commands
|
|
```markdown
|
|
[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
|
|
```
|
|
|
|
- [pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
|
|
|
|
---
|
|
|
|
## OpenWRT Container Setup
|
|
|
|
### Commands
|
|
```bash
|
|
# Create and configure the OpenWRT container
|
|
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --password changeme --tag network --storage local-lvm --memory 256 --swap 128 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1 --cores 1 --cpuunits 500 --onboot 1 --debug 0
|
|
```
|
|
|
|
# Start the container
|
|
```bash
|
|
pct start 100
|
|
```
|
|
|
|
# Access the container's console
|
|
```bash
|
|
pct console 100
|
|
```
|
|
|
|
# Update and install packages
|
|
```bash
|
|
opkg update
|
|
```
|
|
|
|
```bash
|
|
opkg install qemu-ga
|
|
```
|
|
|
|
```bash
|
|
reboot
|
|
```
|
|
|
|
# Network and firewall configuration
|
|
|
|
```bash
|
|
vi /etc/config/network
|
|
```
|
|
|
|
```bash
|
|
/etc/init.d/network restart
|
|
```
|
|
|
|
```bash
|
|
vi /etc/config/firewall
|
|
```
|
|
|
|
```bash
|
|
/etc/init.d/firewall restart
|
|
```
|
|
|
|
```bash
|
|
vi /etc/config/firewall
|
|
```
|
|
|
|
```bash
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow-SSH'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='22'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow-HTTPS'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='443'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
|
|
uci add firewall rule
|
|
uci set firewall.@rule[-1].name='Allow-HTTP'
|
|
uci set firewall.@rule[-1].src='wan'
|
|
uci set firewall.@rule[-1].proto='tcp'
|
|
uci set firewall.@rule[-1].dest_port='80'
|
|
uci set firewall.@rule[-1].target='ACCEPT'
|
|
```
|
|
|
|
```bash
|
|
uci commit firewall
|
|
```
|
|
|
|
```bash
|
|
/etc/init.d/firewall restart
|
|
```
|
|
|
|
---
|
|
|
|
## Alpine Container Setup
|
|
|
|
|
|
### Commands
|
|
```bash
|
|
# Create and configure the Alpine container
|
|
pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1 --keyctl 1 --nesting 1 --cpuunits 1000 --onboot 1 --debug 0
|
|
```
|
|
|
|
# Enter the container
|
|
```bash
|
|
pct enter 300
|
|
```
|
|
|
|
# System update and Docker installation
|
|
```bash
|
|
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
|
|
```
|
|
|
|
```bash
|
|
apk update && apk upgrade
|
|
```
|
|
|
|
```bash
|
|
apk add qemu-guest-agent newt curl openssh mc sudo build-base gcc abuild binutils binutils-doc gcc-doc docker
|
|
```
|
|
|
|
```bash
|
|
rc-service docker start
|
|
```
|
|
|
|
```bash
|
|
rc-update add docker default
|
|
```
|
|
|
|
# Configure network and SSH
|
|
```bash
|
|
setup-interfaces
|
|
```
|
|
|
|
```bash
|
|
service networking restart
|
|
```
|
|
|
|
```bash
|
|
apk add openssh
|
|
```
|
|
|
|
```bash
|
|
rc-update add sshd
|
|
```
|
|
|
|
```bash
|
|
service sshd start
|
|
```
|
|
|
|
# Configure and start SSH service
|
|
```bash
|
|
vi /etc/ssh/sshd_config
|
|
```
|
|
|
|
```bash
|
|
service sshd restart
|
|
```
|
|
|
|
# Create a system user and add them to the docker group and sudoers
|
|
```bash
|
|
adduser -s /bin/ash medusa
|
|
```
|
|
|
|
```bash
|
|
addgroup medusa docker
|
|
```
|
|
|
|
```bash
|
|
visudo
|
|
```
|
|
|
|
# Test Docker installation
|
|
```bash
|
|
docker run hello-world
|
|
```
|
|
|
|
---
|
|
|
|
## Kali Linux Container Setup
|
|
|
|
### Description
|
|
This section provides instructions for configuring a Kali Linux container, geared towards security professionals and penetration testers. This container is set up with increased resources to support the intensive tasks typically performed on Kali Linux, including various security tests and analyses.
|
|
|
|
### Step-by-Step Configuration
|
|
1. Create the Kali Linux container with enhanced CPU and memory settings to handle demanding security tools.
|
|
2. Start the container to ensure it is running smoothly.
|
|
3. Perform system updates and install necessary security tools as required.
|
|
|
|
### Commands
|
|
```bash
|
|
# Create and configure the Kali Linux container
|
|
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --
|
|
|
|
cores 2 --memory 2048 --swap 1024 --rootfs local-lvm:1,size=10G --net0 name=eth0,bridge=vmbr0,firewall=1 --cpuunits 1500 --onboot 1 --debug 0 --features nesting=1,keyctl=1
|
|
``` |