the_information_nexus/docs/tech_docs/OpenWrt.md

Links

• Split A GPU Between Multiple Computers - Proxmox LXC (Unprivileged)
• Must-Have OpenWrt Router Setup For Your Proxmox
• Docker on Proxmox LXC 🚀 Zero Bloat and Pure Performance!
• stuff

'pct' commands

[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)

Proxmox Container Creation

Use the following command to create a new container with reduced memory and storage:

pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-01 --tag network --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:1,size=512M \
--net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr1,firewall=1

OpenWRT Firewall Configuration

passwd

vi /etc/config/network

config interface 'loopback'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'
        option device 'lo'

config interface 'wan'
        option proto 'dhcp'
        option device 'eth0'

config interface 'wan6'
        option proto 'dhcpv6'
        option device 'eth0'

config interface 'lan'
        option ifname 'eth1'
        option proto 'static'
        option device 'eth1'
        option ipaddr '10.0.0.1'
        option netmask '255.255.255.0'

130 dd

vi /etc/config/firewall

config rule
    option name 'Allow-SSH'
    option src 'wan'
    option proto 'tcp'
    option dest_port '22'
    option target 'ACCEPT'

config rule
    option name 'Allow-HTTPS'
    option src 'wan'
    option proto 'tcp'
    option dest_port '443'
    option target 'ACCEPT'

config rule
    option name 'Allow-HTTP'
    option src 'wan'
    option proto 'tcp'
    option dest_port '80'
    option target 'ACCEPT'    

Applying the Configuration

After updating the configuration files:

• Restart Network Services:

  /etc/init.d/network restart
  

• Reload Firewall Settings:

  /etc/init.d/firewall restart
  

Installing Packages via CLI

1. Update the Package List: Before installing any new packages, it's a good practice to update the list of packages to ensure you are installing the latest versions available. You can do this by running:

opkg update

opkg install qemu-ga

poweroff

---

OpenWRT Container (ID: 100):

pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --cores 2 --memory 128 --swap 0 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1

Kali Linux Container (ID: 200):

pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --tag tools --storage local-lvm --cores 2 --memory 1024 --swap 512 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr1,firewall=1 

Alpine Container (ID: 300):

pct create 300 /var/lib/vz/template/cache/alpine-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr1,firewall=1

pct enter 300

passwd

pct console 300

sed -i '/^#.*community/s/^#//' /etc/apk/repositories

apk update && apk upgrade

reboot

setup-interfaces

Choose the appropriate network interface and configure it with DHCP or a static IP as required. Then:

service networking restart

apk add bash curl wget vim htop qemu-guest-agent

passwd

apk update && apk upgrade

cat /etc/apk/repositories

sed -i '/^#.*community/s/^#//' /etc/apk/repositories

or

vim /etc/apk/repositories

Uncomment the line for the community repository, then save and exit.

3. Install the required packages:

apk add qemu-guest-agent htop docker curl wget iperf3 sudo

Build Tools

apk add build-base gcc abuild binutils binutils-doc gcc-doc

4. Create a system user and add them to the docker group and sudoers:

   adduser -s /bin/ash medusa
   addgroup medusa docker
   visudo
   

   Add the following line to the sudoers file:

   medusa ALL=(ALL) ALL
   

   Save and exit.

5. Start and enable the Docker service:

   rc-update add docker default
   service docker start
   

6. Install and configure SSH:

   apk add openssh
   rc-update add sshd
   service sshd start
   vim /etc/ssh/sshd_config
   

   Uncomment and modify the following lines:

   PermitRootLogin no
   PasswordAuthentication yes
   

   Save and exit.

7. Restart the SSH service:

   service sshd restart
   

8. Log in as the newly created user:

   su - medusa
   

9. Test Docker functionality:

   docker run hello-world
   

10. Test sudo privileges:

    sudo apk update
    

11. Connect to the system via SSH:

    ssh medusa@<server-ip>
    

---

ip ad
setup-interfaces
ping 1.1.1.1
traceroute 1.1.1.1

service docker start
rc-update add cgroups
history