From 23b39b649c90c236b5bb62770575e165c4dffd06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=EA=99=A8d=D1=86=D3=8Do=CE=B7=D2=AC?= Date: Fri, 30 Jun 2017 11:04:22 +0700 Subject: [PATCH 1/4] POC --- INSTALL_DEBIAN.md | 97 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 INSTALL_DEBIAN.md diff --git a/INSTALL_DEBIAN.md b/INSTALL_DEBIAN.md new file mode 100644 index 0000000..7660ed5 --- /dev/null +++ b/INSTALL_DEBIAN.md @@ -0,0 +1,97 @@ +# HowTo install Libre.sh on Debian + +## MOTIVATION +- Because some provider don't offer CoreOS and/or to push your ISO; +- Because some client prefer "wellknown" linux distribution; + +So instead of reinvented the wheel, and to finally proof Libre.sh could work on any Systemd Linux *(yep I ran it before on CentOS7)* I decide to make that proof of concept. + +## REQUIREMENT +- Systemd (debian 8 or debian 9) + +## HOWTO +Where basicly reproduce what the user_data do for us. + +## Let's make a step-by-step humanable readable. +as root + +### SSHD Config +Don't forget to create the user core and adding your ssh key before +You could also remove AllowUsers core or/and change the username. +> echo "UsePrivilegeSeparation sandbox +Subsystem sftp internal-sftp +PermitRootLogin no +AllowUsers core +PasswordAuthentication no +ChallengeResponseAuthentication no" > /etc/ssh/sshd_config +> chmod 600 /etc/ssh/sshd_config +> systemctl restart sshd + +### Kernel Parameter +> echo "fs.aio-max-nr=1048576 +vm.max_map_count=262144" > /etc/sysctl.d/libresh.conf +> chmod 644 /etc/sysctl.d/libresh.conf +> sysctl -p + +### Localhost definition +> echo "127.0.0.1 localhost +255.255.255.255 broadcasthost +::1 localhost" > /etc/hosts + +### Envrionment definition (optional) +Don't forget to edit /etc/environment with your own variable +such as example : +**The 1st part** Pierre use Namecheap.com as a Domain Name Provider, which support command through API. This make possible to buy domainname and fill the info with these above. +**In the second part** It's a common configuration to send email, often from the system. + +> echo "NAMECHEAP_URL="namecheap.com" + NAMECHEAP_API_USER="pierreo" + NAMECHEAP_API_KEY= + IP=`curl -s http://icanhazip.com/` + FirstName="Pierre" + LastName="Ozoux" + Address="" + PostalCode="" + Country="Portugal" + Phone="+351.967184553" + EmailAddress="pierre@ozoux.net" + City="Lisbon" + CountryCode="PT" + BACKUP_DESTINATION=root@xxxxx:port + MAIL_USER= + MAIL_PASS= + MAIL_HOST=mail.indie.host + MAIL_PORT=587" > /etc/environment + +### Install docker-compose +*Remark I did a variante to find the last version of DockerCompose and download it* +> mkdir -p /opt/bin &&\ +~~> url=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r \'.assets[].browser_download_url | select(contains("Linux") and contains("x86_64"))\') &&\ +> curl -L $url > /opt/bin/docker-compose &&\~~ +> dockerComposeVersion=$(curl -s https://api.github.com/repos/docker/compose/releases/latest|grep tag_name|cut -d'"' -f4) &&\ +> curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose &&\ +> chmod +x /opt/bin/docker-compose + +#### Explanation line by line +1. create /opt/bin +2. determine the last version of docker-compose +3. download the last version of docker-compose in /opt/bin +4. make it executable + +### Install Libre.sh +> git clone https://github.com/indiehosters/libre.sh.git /libre.sh &&\ +> mkdir /{data,system} &&\ +> mkdir /data/trash &&\ +> cp /libre.sh/unit-files/* /etc/systemd/system && systemctl daemon-reload &&\ +> systemctl enable web-net.service &&\ +> systemctl start web-net.service &&\ +> cp /libre.sh/utils/* /opt/bin/ + +#### Explanation line by line +1. clone libre.sh from indiehosters profile on github +2. create /data et /system *# I recommand to use separate partition or even better disk.* +3. create /data/trash *# don't forget to mount /data before* +4. copy unit-files into systemd +5. enable web-net service +6. start web-net service *# be sure you did'nt create lb_web network before or it will fail* +7. copy libre.sh tool's in /opt/bin -- GitLab From 73adcd10c703e2fd196e187f338ca2ba1455c6f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=EA=99=A8d=D1=86=D3=8Do=CE=B7=D2=AC?= Date: Fri, 30 Jun 2017 19:44:47 +0700 Subject: [PATCH 2/4] =?UTF-8?q?voil=C3=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- INSTALL_DEBIAN.md | 68 +++++++++++++++++++++++++++++------------------ 1 file changed, 42 insertions(+), 26 deletions(-) diff --git a/INSTALL_DEBIAN.md b/INSTALL_DEBIAN.md index 7660ed5..ebcc202 100644 --- a/INSTALL_DEBIAN.md +++ b/INSTALL_DEBIAN.md @@ -17,26 +17,32 @@ as root ### SSHD Config Don't forget to create the user core and adding your ssh key before -You could also remove AllowUsers core or/and change the username. -> echo "UsePrivilegeSeparation sandbox +You could also remove AllowUsers core or/and change the username. +> cat > /etc/ssh/sshd_config < /etc/ssh/sshd_config +ChallengeResponseAuthentication no +EOF > chmod 600 /etc/ssh/sshd_config > systemctl restart sshd ### Kernel Parameter -> echo "fs.aio-max-nr=1048576 -vm.max_map_count=262144" > /etc/sysctl.d/libresh.conf -> chmod 644 /etc/sysctl.d/libresh.conf +> cat > /etc/sysctl.d/libresh.conf < chmod 644 /etc/sysctl.d/libresh.conf > sysctl -p ### Localhost definition -> echo "127.0.0.1 localhost +> cat > /etc/hosts < /etc/hosts +::1 localhost +EOF ### Envrionment definition (optional) Don't forget to edit /etc/environment with your own variable @@ -44,24 +50,26 @@ such as example : **The 1st part** Pierre use Namecheap.com as a Domain Name Provider, which support command through API. This make possible to buy domainname and fill the info with these above. **In the second part** It's a common configuration to send email, often from the system. -> echo "NAMECHEAP_URL="namecheap.com" - NAMECHEAP_API_USER="pierreo" - NAMECHEAP_API_KEY= - IP=`curl -s http://icanhazip.com/` - FirstName="Pierre" - LastName="Ozoux" - Address="" - PostalCode="" - Country="Portugal" - Phone="+351.967184553" - EmailAddress="pierre@ozoux.net" - City="Lisbon" - CountryCode="PT" - BACKUP_DESTINATION=root@xxxxx:port - MAIL_USER= - MAIL_PASS= - MAIL_HOST=mail.indie.host - MAIL_PORT=587" > /etc/environment +> cat > /etc/environment < cat > /etc/profile.d/libre.sh < Date: Mon, 3 Jul 2017 16:21:07 +0700 Subject: [PATCH 3/4] Update INSTALL_DEBIAN.md --- INSTALL_DEBIAN.md | 64 +++++++++++++++-------------------------------- 1 file changed, 20 insertions(+), 44 deletions(-) diff --git a/INSTALL_DEBIAN.md b/INSTALL_DEBIAN.md index ebcc202..eaf820c 100644 --- a/INSTALL_DEBIAN.md +++ b/INSTALL_DEBIAN.md @@ -1,23 +1,17 @@ -# HowTo install Libre.sh on Debian +# Instructions to install libre.sh on linux with Systemd -## MOTIVATION -- Because some provider don't offer CoreOS and/or to push your ISO; -- Because some client prefer "wellknown" linux distribution; +## Recommendation +- Systemd (debian 8 or debian 9, CentOS 7 ...) -So instead of reinvented the wheel, and to finally proof Libre.sh could work on any Systemd Linux *(yep I ran it before on CentOS7)* I decide to make that proof of concept. +# Installation +Where basicly reproduce what the user_data do for us. -## REQUIREMENT -- Systemd (debian 8 or debian 9) +as root -## HOWTO -Where basicly reproduce what the user_data do for us. - -## Let's make a step-by-step humanable readable. -as root - -### SSHD Config +# configure sshd Don't forget to create the user core and adding your ssh key before You could also remove AllowUsers core or/and change the username. + > cat > /etc/ssh/sshd_config < chmod 600 /etc/ssh/sshd_config > systemctl restart sshd -### Kernel Parameter +# add kernel parameter + > cat > /etc/sysctl.d/libresh.conf < chmod 644 /etc/sysctl.d/libresh.conf > sysctl -p -### Localhost definition +# define Localhost + > cat > /etc/hosts < cat > /etc/environment < mkdir -p /opt/bin &&\ -~~> url=$(curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r \'.assets[].browser_download_url | select(contains("Linux") and contains("x86_64"))\') &&\ -> curl -L $url > /opt/bin/docker-compose &&\~~ > dockerComposeVersion=$(curl -s https://api.github.com/repos/docker/compose/releases/latest|grep tag_name|cut -d'"' -f4) &&\ > curl -L https://github.com/docker/compose/releases/download/$dockerComposeVersion/docker-compose-`uname -s`-`uname -m` > /opt/bin/docker-compose &&\ > chmod +x /opt/bin/docker-compose -#### Explanation line by line -1. create /opt/bin -2. determine the last version of docker-compose -3. download the last version of docker-compose in /opt/bin -4. make it executable - -### Install Libre.sh +# install Libre.sh + > git clone https://github.com/indiehosters/libre.sh.git /libre.sh &&\ > mkdir /{data,system} &&\ > mkdir /data/trash &&\ @@ -95,18 +81,8 @@ EOF > systemctl start web-net.service &&\ > cp /libre.sh/utils/* /opt/bin/ -#### Explanation line by line -1. clone libre.sh from indiehosters profile on github -2. create /data et /system *# I recommand to use separate partition or even better disk.* -3. create /data/trash *# don't forget to mount /data before* -4. copy unit-files into systemd -5. enable web-net service -6. start web-net service *# be sure you did'nt create lb_web network before or it will fail* -7. copy libre.sh tool's in /opt/bin - - -### Add PATH /opt/bin -It's possible you have to had /opt/bin into your PATH +# add /opt/bin path + > cat > /etc/profile.d/libre.sh < Date: Mon, 3 Jul 2017 16:28:53 +0700 Subject: [PATCH 4/4] voila I hope it's respond at what you taught ;) At least I tried :P --- INSTALL_DEBIAN.md => INSTALL_LINUX.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename INSTALL_DEBIAN.md => INSTALL_LINUX.md (100%) diff --git a/INSTALL_DEBIAN.md b/INSTALL_LINUX.md similarity index 100% rename from INSTALL_DEBIAN.md rename to INSTALL_LINUX.md -- GitLab