4.7 KiB
4.7 KiB
Links
- Split A GPU Between Multiple Computers - Proxmox LXC (Unprivileged)
- Must-Have OpenWrt Router Setup For Your Proxmox
- Docker on Proxmox LXC 🚀 Zero Bloat and Pure Performance!
- stuff
'pct' commands
[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
Proxmox Container Creation
Use the following command to create a new container with reduced memory and storage:
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:1,size=512M \
--net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr1,firewall=1
OpenWRT Firewall Configuration
passwd
vi /etc/config/network
config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'
config interface 'wan'
option proto 'dhcp'
option device 'eth0'
config interface 'wan6'
option proto 'dhcpv6'
option device 'eth0'
config interface 'lan'
option proto 'static'
option device 'eth1'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
config interface 'lan6'
option proto 'static'
option device 'eth1'
option ip6addr 'fd00::1/64'
130 j
vi /etc/config/firewall
config rule
option name 'Allow-SSH'
option src 'wan'
option proto 'tcp'
option dest_port '22'
option target 'ACCEPT'
config rule
option name 'Allow-HTTPS'
option src 'wan'
option proto 'tcp'
option dest_port '443'
option target 'ACCEPT'
config rule
option name 'Allow-HTTP'
option src 'wan'
option proto 'tcp'
option dest_port '80'
option target 'ACCEPT'
Applying the Configuration
After updating the configuration files:
-
Restart Network Services:
/etc/init.d/network restart -
Reload Firewall Settings:
/etc/init.d/firewall restart
Installing Packages via CLI and Reboot
opkg update
opkg install qemu-ga
reboot
OpenWRT Container (ID: 100):
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --cores 2 --memory 128 --swap 0 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
Kali Linux Container (ID: 200):
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --cores 2 --memory 1024 --swap 512 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1
Alpine Container (ID: 300):
pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1
pct enter 300
or
pct console 300
cat /etc/apk/repositories
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
apk update && apk upgrade
apk add qemu-guest-agent newt curl openssh mc sudo
Build Tools
apk add build-base gcc abuild binutils binutils-doc gcc-doc
Network setup
setup-interfaces
service networking restart
- Install and configure SSH:
apk add openssh
rc-update add sshd
service sshd start
vi /etc/ssh/sshd_config
Uncomment and modify the following lines:
PermitRootLogin no
PasswordAuthentication yes
Save and exit
service sshd restart
- Create a system user and add them to the docker group and sudoers:
adduser -s /bin/ash medusa
addgroup medusa docker
visudo
Add the following line to the sudoers file:
medusa ALL=(ALL) ALL
Save and exit.
- Start and enable the Docker service:
rc-update add docker default
service docker start
docker run hello-world