mirror of
https://github.com/IntenseWebs/servercode.git
synced 2024-07-07 04:43:00 -05:00
Compare commits
2 Commits
b72f9d8916
...
aa12379626
Author | SHA1 | Date | |
---|---|---|---|
|
aa12379626 | ||
|
5f5f9ec8c9 |
|
@ -1,3 +1,4 @@
|
||||||
|
# https://devconnected.com/how-to-install-and-enable-ssh-server-on-debian-10/
|
||||||
# ssh-keygen -t ed25519 -C "user@website.com"
|
# ssh-keygen -t ed25519 -C "user@website.com"
|
||||||
# ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
|
# ssh-keygen -o -a 100 -t ed25519 -f ~/.ssh/id_ed25519 -C "john@example.com"
|
||||||
# Generate OpenSSH Private Key id_rsa and Public Key id_rsa.pub (4096, 7680, 15360)
|
# Generate OpenSSH Private Key id_rsa and Public Key id_rsa.pub (4096, 7680, 15360)
|
||||||
|
|
86
kvm-openvswitch-debian.sh
Normal file
86
kvm-openvswitch-debian.sh
Normal file
|
@ -0,0 +1,86 @@
|
||||||
|
#!/bin/bash
|
||||||
|
echo "This quick installer script requires root privileges."
|
||||||
|
echo "Checking..."
|
||||||
|
if [[ $(/usr/bin/id -u) -ne 0 ]];
|
||||||
|
then
|
||||||
|
echo "Not running as root"
|
||||||
|
exit 0
|
||||||
|
else
|
||||||
|
echo "Installation continues"
|
||||||
|
fi
|
||||||
|
|
||||||
|
SUDO=
|
||||||
|
if [ "$UID" != "0" ]; then
|
||||||
|
if [ -e /usr/bin/sudo -o -e /bin/sudo ]; then
|
||||||
|
SUDO=sudo
|
||||||
|
else
|
||||||
|
echo "*** This quick installer script requires root privileges."
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
apt update
|
||||||
|
apt upgrade -y
|
||||||
|
apt install sudo
|
||||||
|
echo "sudoers configuration"
|
||||||
|
# Add group admins to sudoers
|
||||||
|
sed -i 's/%sudo/%admins/g' /etc/sudoers
|
||||||
|
echo "%admins ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers
|
||||||
|
cat /etc/sudoers
|
||||||
|
|
||||||
|
echo "user's configuration"
|
||||||
|
# Add group admins
|
||||||
|
groupadd admins
|
||||||
|
# Add a user to a group admins
|
||||||
|
usermod -a -G admins adrian
|
||||||
|
# Check is the user in admins group
|
||||||
|
id adrian
|
||||||
|
|
||||||
|
echo "Check does the system handles virtualization:"
|
||||||
|
echo "VMX/SVM: " && egrep -c '(vmx|svm)' /proc/cpuinfo
|
||||||
|
|
||||||
|
if [ "egrep -c '(vmx|svm)' /proc/cpuinfo" != "0" ]; then
|
||||||
|
hostnamectl set-hostname kvm
|
||||||
|
hostnamectl
|
||||||
|
apt install -y bridge-utils openvswitch-common openvswitch-switch firewalld
|
||||||
|
echo "Firewalld configuration"
|
||||||
|
firewall-cmd --permanent --zone=public --set-target=default
|
||||||
|
firewall-cmd --set-default-zone public
|
||||||
|
firewall-cmd --permanent --zone=public --change-interface=enp0s25
|
||||||
|
firewall-cmd --runtime-to-permanent
|
||||||
|
firewall-cmd --reload
|
||||||
|
firewall-cmd --list-all
|
||||||
|
systemctl restart firewalld.service
|
||||||
|
systemctl status firewalld.service
|
||||||
|
systemctl status openvswitch-switch.service
|
||||||
|
echo "dns-nameservers 10.10.0.100" >> /etc/network/interfaces
|
||||||
|
echo "# IP configuration of the OVS Bridge" >> /etc/network/interfaces
|
||||||
|
echo "allow-hotplug br-ex" >> /etc/network/interfaces
|
||||||
|
echo "allow-ovs br-ex" >> /etc/network/interfaces
|
||||||
|
echo "iface br-ex inet dhcp" >> /etc/network/interfaces
|
||||||
|
echo "dns-nameservers 10.10.0.100" >> /etc/network/interfaces
|
||||||
|
echo "ovs_type OVSBridge" >> /etc/network/interfaces
|
||||||
|
echo "ovs_ports enp0s25" >> /etc/network/interfaces
|
||||||
|
cat /etc/network/interfaces
|
||||||
|
echo "Change services: openvswitch-switch.service, ovs-vswitchd.service and ovsdb-server.service"
|
||||||
|
sed -i 's/Before=network.target/#Before=network.target/g' /usr/lib/systemd/system/openvswitch-switch.service
|
||||||
|
sed -i 's/PartOf=network.target/#PartOf=network.target/g' /usr/lib/systemd/system/openvswitch-switch.service
|
||||||
|
sed -i 's/Before=network.target networking.service/#Before=network.target networking.service/g' /usr/lib/systemd/system/ovs-vswitchd.service
|
||||||
|
sed -i 's/Before=network.target networking.service/#Before=network.target networking.service/g' /usr/lib/systemd/system/ovsdb-server.service
|
||||||
|
sed -i 's/After=syslog.target network-pre.target dpdk.service local-fs.target/After=syslog.target network-pre.target dpdk.service local-fs.target networking.service/g' /usr/lib/systemd/system/ovsdb-server.service
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl restart ovs-vswitchd.service
|
||||||
|
systemctl restart ovsdb-server.service
|
||||||
|
systemctl restart openvswitch-switch.service
|
||||||
|
echo "Add virtual bridge br-ex"
|
||||||
|
ovs-vsctl add-br br-ex
|
||||||
|
echo "check the status of the virtual bridge br-ex"
|
||||||
|
ovs-vsctl show | grep -B 7 br-ex
|
||||||
|
firewall-cmd --permanent --zone=public --add-interface=enp0s25
|
||||||
|
firewall-cmd --permanent --zone=public --add-interface=br-ex
|
||||||
|
firewall-cmd --reload
|
||||||
|
firewall-cmd --list-all
|
||||||
|
ovs-vsctl add-port br-ex enp0s25 && reboot
|
||||||
|
else
|
||||||
|
break;
|
||||||
|
fi
|
|
@ -13,3 +13,12 @@ if (false) {
|
||||||
systemctl daemon-reload
|
systemctl daemon-reload
|
||||||
|
|
||||||
# UPDATE HOST > REPOSITORIES - DISABLE BOTH ENTERPRISE REPOSITORIES & ADD pve-no-subscription
|
# UPDATE HOST > REPOSITORIES - DISABLE BOTH ENTERPRISE REPOSITORIES & ADD pve-no-subscription
|
||||||
|
|
||||||
|
# DISABLE ROOT SSH REMOTE LOGIN - see 02-ssh-help.txt
|
||||||
|
|
||||||
|
# ENABLE INTEL IOMMU
|
||||||
|
vi /etc/default/grub
|
||||||
|
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on"
|
||||||
|
|
||||||
|
update-grub
|
||||||
|
update-initramfs -u
|
||||||
|
|
|
@ -23,54 +23,3 @@ passwd boringproxy
|
||||||
su - boringproxy
|
su - boringproxy
|
||||||
sudo usermod -a -G libvirt,kvm $USER
|
sudo usermod -a -G libvirt,kvm $USER
|
||||||
|
|
||||||
adduser --help
|
|
||||||
adduser [--uid id] [--firstuid id] [--lastuid id]
|
|
||||||
[--gid id] [--firstgid id] [--lastgid id] [--ingroup group]
|
|
||||||
[--add-extra-groups] [--shell shell]
|
|
||||||
[--comment comment] [--home dir] [--no-create-home]
|
|
||||||
[--allow-all-names] [--allow-bad-names]
|
|
||||||
[--disabled-password] [--disabled-login]
|
|
||||||
[--conf file] [--quiet] [--verbose] [--debug]
|
|
||||||
user
|
|
||||||
Add a normal user
|
|
||||||
|
|
||||||
adduser --system
|
|
||||||
[--uid id] [--group] [--ingroup group] [--gid id]
|
|
||||||
[--shell shell] [--comment comment] [--home dir] [--no-create-home]
|
|
||||||
[--conf file] [--quiet] [--verbose] [--debug]
|
|
||||||
user
|
|
||||||
Add a system user
|
|
||||||
|
|
||||||
adduser --group
|
|
||||||
[--gid ID] [--firstgid id] [--lastgid id]
|
|
||||||
[--conf file] [--quiet] [--verbose] [--debug]
|
|
||||||
group
|
|
||||||
addgroup
|
|
||||||
[--gid ID] [--firstgid id] [--lastgid id]
|
|
||||||
[--conf file] [--quiet] [--verbose] [--debug]
|
|
||||||
group
|
|
||||||
Add a user group
|
|
||||||
|
|
||||||
addgroup --system
|
|
||||||
[--gid id]
|
|
||||||
[--conf file] [--quiet] [--verbose] [--debug]
|
|
||||||
group
|
|
||||||
Add a system group
|
|
||||||
|
|
||||||
adduser USER GROUP
|
|
||||||
-------------------------------------------------------------
|
|
||||||
deluser --help
|
|
||||||
deluser [--system] [--remove-home] [--remove-all-files] [--backup]
|
|
||||||
[--backup-to dir] [--backup-suffix str] [--conf file]
|
|
||||||
[--quiet] [--verbose] [--debug] user
|
|
||||||
|
|
||||||
remove a normal user from the system
|
|
||||||
|
|
||||||
deluser --group [--system] [--only-if-empty] [--conf file] [--quiet]
|
|
||||||
[--verbose] [--debug] group
|
|
||||||
delgroup [--system] [--only-if-empty] [--conf file] [--quiet]
|
|
||||||
[--verbose] [--debug] group
|
|
||||||
remove a group from the system
|
|
||||||
|
|
||||||
deluser [--conf file] [--quiet] [--verbose] [--debug] user group
|
|
||||||
remove the user from a group
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user