mirror of
https://github.com/IntenseWebs/servercode.git
synced 2024-07-04 11:23:00 -05:00
Compare commits
2 Commits
b72f9d8916
...
aa12379626
Author | SHA1 | Date | |
---|---|---|---|
|
aa12379626 | ||
|
5f5f9ec8c9 |
|
@ -1,3 +1,4 @@
|
|||
# https://devconnected.com/how-to-install-and-enable-ssh-server-on-debian-10/
|
||||
# ssh-keygen -t ed25519 -C "user@website.com"
|
||||
# ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
|
||||
# Generate OpenSSH Private Key id_rsa and Public Key id_rsa.pub (4096, 7680, 15360)
|
||||
|
|
86
kvm-openvswitch-debian.sh
Normal file
86
kvm-openvswitch-debian.sh
Normal file
|
@ -0,0 +1,86 @@
|
|||
#!/bin/bash
|
||||
echo "This quick installer script requires root privileges."
|
||||
echo "Checking..."
|
||||
if [[ $(/usr/bin/id -u) -ne 0 ]];
|
||||
then
|
||||
echo "Not running as root"
|
||||
exit 0
|
||||
else
|
||||
echo "Installation continues"
|
||||
fi
|
||||
|
||||
SUDO=
|
||||
if [ "$UID" != "0" ]; then
|
||||
if [ -e /usr/bin/sudo -o -e /bin/sudo ]; then
|
||||
SUDO=sudo
|
||||
else
|
||||
echo "*** This quick installer script requires root privileges."
|
||||
exit 0
|
||||
fi
|
||||
fi
|
||||
|
||||
apt update
|
||||
apt upgrade -y
|
||||
apt install sudo
|
||||
echo "sudoers configuration"
|
||||
# Add group admins to sudoers
|
||||
sed -i 's/%sudo/%admins/g' /etc/sudoers
|
||||
echo "%admins ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers
|
||||
cat /etc/sudoers
|
||||
|
||||
echo "user's configuration"
|
||||
# Add group admins
|
||||
groupadd admins
|
||||
# Add a user to a group admins
|
||||
usermod -a -G admins adrian
|
||||
# Check is the user in admins group
|
||||
id adrian
|
||||
|
||||
echo "Check does the system handles virtualization:"
|
||||
echo "VMX/SVM: " && egrep -c '(vmx|svm)' /proc/cpuinfo
|
||||
|
||||
if [ "egrep -c '(vmx|svm)' /proc/cpuinfo" != "0" ]; then
|
||||
hostnamectl set-hostname kvm
|
||||
hostnamectl
|
||||
apt install -y bridge-utils openvswitch-common openvswitch-switch firewalld
|
||||
echo "Firewalld configuration"
|
||||
firewall-cmd --permanent --zone=public --set-target=default
|
||||
firewall-cmd --set-default-zone public
|
||||
firewall-cmd --permanent --zone=public --change-interface=enp0s25
|
||||
firewall-cmd --runtime-to-permanent
|
||||
firewall-cmd --reload
|
||||
firewall-cmd --list-all
|
||||
systemctl restart firewalld.service
|
||||
systemctl status firewalld.service
|
||||
systemctl status openvswitch-switch.service
|
||||
echo "dns-nameservers 10.10.0.100" >> /etc/network/interfaces
|
||||
echo "# IP configuration of the OVS Bridge" >> /etc/network/interfaces
|
||||
echo "allow-hotplug br-ex" >> /etc/network/interfaces
|
||||
echo "allow-ovs br-ex" >> /etc/network/interfaces
|
||||
echo "iface br-ex inet dhcp" >> /etc/network/interfaces
|
||||
echo "dns-nameservers 10.10.0.100" >> /etc/network/interfaces
|
||||
echo "ovs_type OVSBridge" >> /etc/network/interfaces
|
||||
echo "ovs_ports enp0s25" >> /etc/network/interfaces
|
||||
cat /etc/network/interfaces
|
||||
echo "Change services: openvswitch-switch.service, ovs-vswitchd.service and ovsdb-server.service"
|
||||
sed -i 's/Before=network.target/#Before=network.target/g' /usr/lib/systemd/system/openvswitch-switch.service
|
||||
sed -i 's/PartOf=network.target/#PartOf=network.target/g' /usr/lib/systemd/system/openvswitch-switch.service
|
||||
sed -i 's/Before=network.target networking.service/#Before=network.target networking.service/g' /usr/lib/systemd/system/ovs-vswitchd.service
|
||||
sed -i 's/Before=network.target networking.service/#Before=network.target networking.service/g' /usr/lib/systemd/system/ovsdb-server.service
|
||||
sed -i 's/After=syslog.target network-pre.target dpdk.service local-fs.target/After=syslog.target network-pre.target dpdk.service local-fs.target networking.service/g' /usr/lib/systemd/system/ovsdb-server.service
|
||||
systemctl daemon-reload
|
||||
systemctl restart ovs-vswitchd.service
|
||||
systemctl restart ovsdb-server.service
|
||||
systemctl restart openvswitch-switch.service
|
||||
echo "Add virtual bridge br-ex"
|
||||
ovs-vsctl add-br br-ex
|
||||
echo "check the status of the virtual bridge br-ex"
|
||||
ovs-vsctl show | grep -B 7 br-ex
|
||||
firewall-cmd --permanent --zone=public --add-interface=enp0s25
|
||||
firewall-cmd --permanent --zone=public --add-interface=br-ex
|
||||
firewall-cmd --reload
|
||||
firewall-cmd --list-all
|
||||
ovs-vsctl add-port br-ex enp0s25 && reboot
|
||||
else
|
||||
break;
|
||||
fi
|
|
@ -13,3 +13,12 @@ if (false) {
|
|||
systemctl daemon-reload
|
||||
|
||||
# UPDATE HOST > REPOSITORIES - DISABLE BOTH ENTERPRISE REPOSITORIES & ADD pve-no-subscription
|
||||
|
||||
# DISABLE ROOT SSH REMOTE LOGIN - see 02-ssh-help.txt
|
||||
|
||||
# ENABLE INTEL IOMMU
|
||||
vi /etc/default/grub
|
||||
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on"
|
||||
|
||||
update-grub
|
||||
update-initramfs -u
|
||||
|
|
|
@ -23,54 +23,3 @@ passwd boringproxy
|
|||
su - boringproxy
|
||||
sudo usermod -a -G libvirt,kvm $USER
|
||||
|
||||
adduser --help
|
||||
adduser [--uid id] [--firstuid id] [--lastuid id]
|
||||
[--gid id] [--firstgid id] [--lastgid id] [--ingroup group]
|
||||
[--add-extra-groups] [--shell shell]
|
||||
[--comment comment] [--home dir] [--no-create-home]
|
||||
[--allow-all-names] [--allow-bad-names]
|
||||
[--disabled-password] [--disabled-login]
|
||||
[--conf file] [--quiet] [--verbose] [--debug]
|
||||
user
|
||||
Add a normal user
|
||||
|
||||
adduser --system
|
||||
[--uid id] [--group] [--ingroup group] [--gid id]
|
||||
[--shell shell] [--comment comment] [--home dir] [--no-create-home]
|
||||
[--conf file] [--quiet] [--verbose] [--debug]
|
||||
user
|
||||
Add a system user
|
||||
|
||||
adduser --group
|
||||
[--gid ID] [--firstgid id] [--lastgid id]
|
||||
[--conf file] [--quiet] [--verbose] [--debug]
|
||||
group
|
||||
addgroup
|
||||
[--gid ID] [--firstgid id] [--lastgid id]
|
||||
[--conf file] [--quiet] [--verbose] [--debug]
|
||||
group
|
||||
Add a user group
|
||||
|
||||
addgroup --system
|
||||
[--gid id]
|
||||
[--conf file] [--quiet] [--verbose] [--debug]
|
||||
group
|
||||
Add a system group
|
||||
|
||||
adduser USER GROUP
|
||||
-------------------------------------------------------------
|
||||
deluser --help
|
||||
deluser [--system] [--remove-home] [--remove-all-files] [--backup]
|
||||
[--backup-to dir] [--backup-suffix str] [--conf file]
|
||||
[--quiet] [--verbose] [--debug] user
|
||||
|
||||
remove a normal user from the system
|
||||
|
||||
deluser --group [--system] [--only-if-empty] [--conf file] [--quiet]
|
||||
[--verbose] [--debug] group
|
||||
delgroup [--system] [--only-if-empty] [--conf file] [--quiet]
|
||||
[--verbose] [--debug] group
|
||||
remove a group from the system
|
||||
|
||||
deluser [--conf file] [--quiet] [--verbose] [--debug] user group
|
||||
remove the user from a group
|
||||
|
|
Loading…
Reference in New Issue
Block a user