medusa/the_information_nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f0f521546adea742d4c474c2dc2dca347d0b930b
the_information_nexus/docs/tech_docs/OpenWrt.md

275 lines
5.2 KiB
Markdown
Raw Blame History

## 'pct' commands
```markdown
[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
```
### Proxmox Container Creation
Use the following command to create a new container with reduced memory and storage:
```bash
pct create 101 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-01 --tag network --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:1,size=512M \
--net0 name=eth0,bridge=vmbr0,firewall=1 \
--net1 name=eth1,bridge=vmbr1,firewall=1
```
### OpenWRT Firewall Configuration
```bash
passwd
```
```bash
vi /etc/config/network
```
```bash
config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'
config interface 'wan'
option proto 'dhcp'
option device 'eth0'
config interface 'wan6'
option proto 'dhcpv6'
option device 'eth0'
config interface 'lan'
option ifname 'eth1'
option proto 'static'
option device 'eth1'
option ipaddr '10.0.0.1'
option netmask '255.255.255.0'
```
```bash
130 dd
```
```bash
vi /etc/config/firewall
```
```bash
config rule
option name 'Allow-SSH'
option src 'wan'
option proto 'tcp'
option dest_port '22'
option target 'ACCEPT'
config rule
option name 'Allow-HTTPS'
option src 'wan'
option proto 'tcp'
option dest_port '443'
option target 'ACCEPT'
config rule
option name 'Allow-HTTP'
option src 'wan'
option proto 'tcp'
option dest_port '80'
option target 'ACCEPT'
```
### Applying the Configuration
After updating the configuration files:
- **Restart Network Services**:
```bash
/etc/init.d/network restart
```
- **Reload Firewall Settings**:
```bash
/etc/init.d/firewall restart
```
### Installing Packages via CLI
1. **Update the Package List**: Before installing any new packages, it's a good practice to update the list of packages to ensure you are installing the latest versions available. You can do this by running:
```bash
opkg update
```
```bash
opkg install qemu-ga
```
```bash
poweroff
```
---
OpenWRT Container (ID: 100):
```bash
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --cores 2 --memory 128 --swap 0 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
```
Kali Linux Container (ID: 200):
```bash
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --tag tools --storage local-lvm --cores 2 --memory 1024 --swap 512 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr1,firewall=1
```
Alpine Container (ID: 300):
```bash
pct create 300 /var/lib/vz/template/cache/alpine-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr1,firewall=1
```
```bash
pct enter 300
```
```bash
passwd
```
```bash
pct console 300
```
```bash
apk update
```
```bash
apk upgrade
```
```bash
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
```
```bash
setup-interfaces
```
Choose the appropriate network interface and configure it with DHCP or a static IP as required. Then:
```bash
service networking restart
```
```bash
apk add bash curl wget vim htop qemu-guest-agent
```
```bash
apk add build-base gcc abuild binutils binutils-doc gcc-doc
```
## Notes
```bash
passwd
```
```bash
apk update && apk upgrade
```
```bash
apk add vim
```
```bash
cat /etc/apk/repositories
```
## Build Tools
```bash
apk add build-base gcc abuild binutils binutils-doc gcc-doc
```
```bash
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
```
or
```bash
vim /etc/apk/repositories
```
Uncomment the line for the community repository, then save and exit.
3. Install the required packages:
```bash
apk add qemu-guest-agent htop docker curl wget iperf3 sudo
```
4. Create a system user and add them to the docker group and sudoers:
```
adduser -s /bin/ash medusa
addgroup medusa docker
visudo
```
Add the following line to the sudoers file:
```
medusa ALL=(ALL) ALL
```
Save and exit.
5. Start and enable the Docker service:
```
rc-update add docker default
service docker start
```
6. Install and configure SSH:
```
apk add openssh
rc-update add sshd
service sshd start
vim /etc/ssh/sshd_config
```
Uncomment and modify the following lines:
```
PermitRootLogin no
PasswordAuthentication yes
```
Save and exit.
7. Restart the SSH service:
```
service sshd restart
```
8. Log in as the newly created user:
```
su - medusa
```
9. Test Docker functionality:
```
docker run hello-world
```
10. Test sudo privileges:
```
sudo apk update
```
11. Connect to the system via SSH:
```
ssh medusa@<server-ip>
```
---
```bash
ip ad
setup-interfaces
ping 1.1.1.1
traceroute 1.1.1.1
```
```bash
service docker start
rc-update add cgroups
history
```
Reference in New Issue View Git Blame Copy Permalink