tfgrid/info_tfgrid
33
3
Fork 0
Code Issues Pull Requests 2 Packages Projects Releases Activity

updated smaller collections for manual

Browse Source
This commit is contained in:
mik-tf
2024-04-29 17:49:02 +00:00
parent 4806cb355b
commit b1e98c2051
1872 changed files with 50236 additions and 3303 deletions
Download Patch File Download Diff File Expand all files Collapse all files

186
collections/system_administrators/getstarted/remote-desktop_gui/cockpit_guide/cockpit_guide.md Normal file
View File

@@ -0,0 +1,186 @@
<h1> Deploy a Full VM and Run Cockpit, a Web-based Interface for Servers </h1>
<h2> Table of Contents </h2>
- [Introduction](#introduction)
- [Deploy a Full VM and Create a Root-Access User](#deploy-a-full-vm-and-create-a-root-access-user)
- [Set the VM and Install Cockpit](#set-the-vm-and-install-cockpit)
- [Change the Network System Daemon](#change-the-network-system-daemon)
- [Set a Firewall](#set-a-firewall)
- [Access Cockpit](#access-cockpit)
- [Conclusion](#conclusion)
- [Acknowledgements and References](#acknowledgements-and-references)
***
## Introduction
In this Threefold Guide, we show how easy it is to deploy a full VM and access Cockpit, a web-based interface to manage servers. For more information on Cockpit, visit this [link](https://cockpit-project.org/).
For more information on deploying a full VM and using SSH remote connection, read [this SSH guide](../../ssh_guide/ssh_guide.md).
If you are new to the Threefold ecosystem and you want to deploy workloads on the Threefold Grid, read the [Get Started section](../../tfgrid3_getstarted.md) of the Threefold Manual.
Note that the two sections [Change the Network System Daemon](#change-the-network-system-daemon) and [Set a Firewall](#set-a-firewall) are optional. That being said, they provide more features and security to the deployment.
## Deploy a Full VM and Create a Root-Access User
To start, you must [deploy and SSH into a full VM](../../ssh_guide/ssh_guide.md).
* Go to the [Threefold dashboard](https://dashboard.grid.tf/#/)
* Deploy a full VM (e.g. Ubuntu 22.04)
* With an IPv4 Address
* After deployment, copy the IPv4 address
* Connect into the VM via SSH
* ```
ssh root@VM_IPv4_address
```
* Create a new user with root access
* Here we use `newuser` as an example
* ```
adduser newuser
```
* To see the directory of the new user
* ```
ls /home
```
* Give sudo capacity to the new user
* ```
usermod -aG sudo newuser
```
* Make the new user accessible by SSH
* ```
su - newuser
```
* ```
mkdir ~/.ssh
```
* ```
nano ~/.ssh/authorized_keys
```
* add the authorized public key in the file, then save and quit
* Exit the VM and reconnect with the new user
* ```
exit
```
* ```
ssh newuser@VM_IPv4_address
```
## Set the VM and Install Cockpit
* Update and upgrade the VM
* ```
sudo apt update -y && sudo apt upgrade -y && sudo apt-get update -y
```
* Install Cockpit
* ```
. /etc/os-release && sudo apt install -t ${UBUNTU_CODENAME}-backports cockpit -y
```
## Change the Network System Daemon
We now change the system daemon that manages network configurations. We will be using [NetworkManager](https://networkmanager.dev/) instead of [networkd](https://wiki.archlinux.org/title/systemd-networkd). This will give us further possibilities on Cockpit.
* Install NetworkManager. Note that it might already be installed.
* ```
sudo apt install network-manager -y
```
* Update the `.yaml` file
* Go to netplan's directory
* ```
cd /etc/netplan
```
* Search for the proper `.yaml` file name
* ```
ls -l
```
* Update the `.yaml` file
* ```
sudo nano 50-cloud-init.yaml
```
* Add the following lines under `network:`
* ```
version: 2
renderer: NetworkManager
```
* Note that these two lines should be aligned with `ethernets:`
* Remove `version: 2` at the bottom of the file
* Save and exit the file
* Disable networkd and enable NetworkManager
* ```
sudo systemctl disable systemd-networkd
```
* ```
sudo systemctl enable NetworkManager
```
* Apply netplan to set NetworkManager
* ```
sudo netplan apply
```
* Reboot the system to load the new kernel and to properly set NetworkManager
* ```
sudo reboot
```
* Reconnect to the VM
* ```
ssh newuser@VM_IPv4_address
```
## Set a Firewall
We now set a firewall. We note that [ufw](https://wiki.ubuntu.com/UncomplicatedFirewall) is not compatible with Cockpit and for this reason, we will be using [firewalld](https://firewalld.org/).
* Install firewalld
* ```
sudo apt install firewalld -y
```
* Add Cockpit to firewalld
* ```
sudo firewall-cmd --add-service=cockpit
```
* ```
sudo firewall-cmd --add-service=cockpit --permanent
```
* See if Cockpit is available
* ```
sudo firewall-cmd --info-service=cockpit
```
* See the status of firewalld
* ```
sudo firewall-cmd --state
```
## Access Cockpit
* On your web browser, write the following URL with the proper VM IPv4 address
* ```
VM_IPv4_Address:9090
```
* Enter the username and password of the root-access user
* You might need to grant administrative access to the user
* On the top right of the Cockpit window, click on `Limited access`
* Enter the root-access user password then click `Authenticate`
## Conclusion
You now have access to a web-based graphical interface to manage your VM. You can read [Cockpit's documentation](https://cockpit-project.org/documentation.html) to explore further this interface.
## Acknowledgements and References
A big thank you to Drew Smith for his [advice on using NetworkManager](https://forum.threefold.io/t/cockpit-managed-ubuntu-vm/3376) instead of networkd with Cockpit.

184
collections/system_administrators/getstarted/remote-desktop_gui/guacamole_guide/guacamole_guide.md Normal file
View File

@@ -0,0 +1,184 @@
<h1> Deploy a Full VM and Run Apache Guacamole (RDP Connection, Remote Desktop) </h1>
<h2> Table of Contents </h2>
- [Introduction](#introduction)
- [Deploy a Full VM and Create a Root-Access User](#deploy-a-full-vm-and-create-a-root-access-user)
- [SSH with Root-Access User, Install Prerequisites and Apache Guacamole](#ssh-with-root-access-user-install-prerequisites-and-apache-guacamole)
- [Access Apache Guacamole and Create Admin-Access User](#access-apache-guacamole-and-create-admin-access-user)
- [Download the Desktop Environment and Run xrdp](#download-the-desktop-environment-and-run-xrdp)
- [Create an RDP Connection and Access the Server Remotely](#create-an-rdp-connection-and-access-the-server-remotely)
- [Feedback and Questions](#feedback-and-questions)
- [References](#references)
***
## Introduction
In this guide, we deploy a full virtual machine (Ubuntu 20.04) on the Threefold Grid with IPv4. We install and run [Apache Guacamole](https://guacamole.apache.org/) and access the VM with remote desktop connection by using [xrdp](https://www.xrdp.org/).
The Apache Guacamole instance has a two-factor authorization to give further security to the deployment.
With Apache Guacamole, a user can access different deployments and command servers remotely, with desktop access.
This guide can be done on a Windows, MAC, or Linux computer. For more information on deploying a full VM and using SSH remote connection, read this [SSH guide](../../ssh_guide/ssh_guide.md).
If you are new to the Threefold ecosystem and you want to deploy workloads on the Threefold Grid, read the [Get Started section](../../tfgrid3_getstarted.md) of the Threefold Manual.
## Deploy a Full VM and Create a Root-Access User
* Go to the [Threefold Dashboard](https://dashboard.grid.tf/#/)
* Deploy a full VM (Ubuntu 20.04) with at least the minimum specs for a desktop environment
* IPv4 Address
* Minimum vcores: 2vcores
* Minimum Gb of RAM: 4Gb
* Minimum storage: 15Gb
* After deployment, note the VM IPv4 address
* Connect to the VM via SSH
* ```
ssh root@VM_IPv4_address
```
* Once connected, create a new user with root access (for this guide we use "newuser")
* ```
adduser newuser
```
* You should now see the new user directory
* ```
ls /home
```
* Give sudo capacity to the new user
* ```
usermod -aG sudo newuser
```
* Make the new user accessible by SSH
* ```
su - newuser
```
* ```
mkdir ~/.ssh
```
* Add authorized public key in the file and save it
* ```
nano ~/.ssh/authorized_keys
```
* Exit the VM and reconnect with the new user
## SSH with Root-Access User, Install Prerequisites and Apache Guacamole
* SSH into the VM
* ```
ssh newuser@VM_IPv4_address
```
* Update and upgrade Ubuntu
* ```
sudo apt update && sudo apt upgrade -y && sudo apt-get install software-properties-common -y
```
* Download and run Apache Guacamole
* ```
wget -O guac-install.sh https://git.io/fxZq5
```
* ```
chmod +x guac-install.sh
```
* ```
sudo ./guac-install.sh
```
## Access Apache Guacamole and Create Admin-Access User
* On your local computer, open a browser and write the following URL with the proper IPv4 address
* ```
https://VM_IPv4_address:8080/guacamole
```
* On Guacamole, enter the following for both the username and the password
* ```
guacadmin
```
* Download the [TOTP](https://totp.app/) app on your Android or iOS
* Scan the QR Code
* Enter the code
* Next time you log in
* go to the TOTP app and enter the given code
* Go to the Guacamole Settings
* Users
* Create a new user with all admin privileges
* Log out of the session
* Enter with the new admin user
* Go to Settings
* Users
* Delete the default user
* Apache Guacamole is now installed
## Download the Desktop Environment and Run xrdp
* Download a Ubuntu desktop environment on the VM
* ```
sudo apt install tasksel -y && sudo apt install lightdm -y
```
* Choose lightdm
* Run tasksel and choose `ubuntu desktop`
* ```
sudo tasksel
```
* Download and run xrdp
* ```
wget https://c-nergy.be/downloads/xRDP/xrdp-installer-1.4.6.zip
```
* ```
unzip xrdp-installer-1.4.6.zip
```
* ```
bash xrdp-installer-1.4.6.sh
```
## Create an RDP Connection and Access the Server Remotely
* Create an RDP connection on Guacamole
* Open Guacamole
* ```
http://VM_IPv4_address:8080/guacamole/
```
* Go to Settings
* Click on Connections
* Click on New Connection
* Write the following parameters
* Name: Choose a name for the connection
* Location: ROOT
* Protocol: RDP
* Network
* Hostname: VM_IPv4_Address
* Port: 3389
* Authentication
* Username: your root-access username (newuser)
* Password: your root-access username password (newuser)
* Security mode: Any
* Ignore server certificate: Yes
* Click Save
* Go to the Apache Guacamole Home menu (top right button)
* Click on the new connection
* The remote desktop access is done
## Feedback and Questions
If you have any questions, let us know by writing a post on the [Threefold Forum](https://forum.threefold.io/).
## References
Apache Guacamole for Secure Remote Access to your Computers, [https://discussion.scottibyte.com/t/apache-guacamole-for-secure-remote-access-to-your-computers/32](https://discussion.scottibyte.com/t/apache-guacamole-for-secure-remote-access-to-your-computers/32)
MysticRyuujin's guac-install, [https://github.com/MysticRyuujin/guac-install](https://github.com/MysticRyuujin/guac-install)

11
collections/system_administrators/getstarted/remote-desktop_gui/remote-desktop_gui.md Normal file
View File

@@ -0,0 +1,11 @@
# Remote Desktop and GUI
This section of the Threefold Guide provides different methods to access your 3node servers with either a remote desktop protocol or a graphical user interface (GUI).
If you have any questions, or if you would like to see a specific guide on remote desktop connection or GUI, please let us know by writing a post on the [Threefold Forum](http://forum.threefold.io/).
<h2>Table of Contents</h2>
- [Cockpit: a Web-based Graphical Interface for Servers](./cockpit_guide/cockpit_guide.md)
- [XRDP: an Open-Source Remote Desktop Procol](./xrdp_guide/xrdp_guide.md)
- [Apache Guacamole: a Clientless Remote Desktop Gateway.](./guacamole_guide/guacamole_guide.md)

168
collections/system_administrators/getstarted/remote-desktop_gui/xrdp_guide/xrdp_guide.md Normal file
View File

@@ -0,0 +1,168 @@
<h1> Deploy a Full VM and Run XRDP for Remote Desktop Connection </h1>
<h2> Table of Contents </h2>
- [Introduction](#introduction)
- [Server Side: Deploy the Full VM, install a desktop and XRDP](#server-side-deploy-the-full-vm-install-a-desktop-and-xrdp)
- [Client Side: Install Remote Desktop Connection for Windows, MAC or Linux](#client-side-install-remote-desktop-connection-for-windows-mac-or-linux)
- [Download the App](#download-the-app)
- [Connect Remotely](#connect-remotely)
- [Conclusion](#conclusion)
***
## Introduction
In this guide, we learn how to deploy a full virtual machine on a 3node on the Threefold Grid.
We access Ubuntu with a desktop environment to offer a graphical user interface (GUI).
This guide can be done on a Windows, MAC, or Linux computer. The only difference will be in the Remote Desktop app. The steps are very similar.
For more information on deploying a full VM and using SSH remote connection, read this [SSH guide](../../ssh_guide/ssh_guide.md).
If you are new to the Threefold ecosystem and you want to deploy workloads on the Threefold Grid, read the [Get Started section](../../tfgrid3_getstarted.md) of the Threefold Manual.
## Server Side: Deploy the Full VM, install a desktop and XRDP
* Go to the [Threefold Dashboard](https://dashboard.grid.tf/#/)
* Deploy a full VM (Ubuntu 20.04)
* With an IPv4 Address
* After deployment, copy the IPv4 address
* To SSH into the VM, write in the terminal
* ```
ssh root@VM_IPv4_address
```
* Once connected, update, upgrade and install the desktop environment
* Update
* ```
sudo apt update -y && sudo apt upgrade -y
```
* Install a light-weight desktop environment (Xfce)
* ```
sudo apt install xfce4 xfce4-goodies -y
```
* Create a user with root access
* ```
adduser newuser
```
* ```
ls /home
```
* You should see the newuser directory
* Give sudo capacity to newuser
* ```
usermod -aG sudo newuser
```
* Make newuser accessible by SSH
* ```
su - newuser
```
* ```
mkdir ~/.ssh
```
* ```
nano ~/.ssh/authorized_keys
```
* add authorized public key in file and save
* Exit the VM and reconnect with new user
* ```
exit
```
* Reconnect to the VM terminal and install XRDP
* ```
ssh newuser@VM_IPv4_address
```
* Install XRDP
* ```
sudo apt install xrdp -y
```
* Check XRDP status
* ```
sudo systemctl status xrdp
```
* If not running, run manually:
* ```
sudo systemctl start xrdp
```
* If needed, configure xrdp (optional)
* ```
sudo nano /etc/xrdp/xrdp.ini
```
* Create a session with root-access user
Move to home directory
* Go to home directory of root-access user
* ```
cd ~
```
* Create session
* ```
echo "xfce4-session" | tee .xsession
```
* Restart the server
* ```
sudo systemctl restart xrdp
```
* Find your local computer IP address
* On your local computer terminal, write
* ```
curl ifconfig.me
```
* On the VM terminal, allow client computer port to the firewall (ufw)
* ```
sudo ufw allow from your_local_ip/32 to any port 3389
```
* Allow SSH connection to your firewall
* ```
sudo ufw allow ssh
```
* Verify status of the firewall
* ```
sudo ufw status
```
* If not active, do the following:
* ```
sudo ufw disable
```
* ```
sudo ufw enable
```
* Then the ufw status should show changes
* ```
sudo ufw status
```
## Client Side: Install Remote Desktop Connection for Windows, MAC or Linux
For the client side (the local computer accessing the VM remotely), you can use remote desktop connection for Windows, MAC and Linux. The process is very similar in all three cases.
Simply download the app, open it and write the IPv4 address of the VM. You then will need to write the username and password to enter into your VM.
### Download the App
* Client side Remote app
* Windows
* [Remote Desktop Connection app](https://apps.microsoft.com/store/detail/microsoft-remote-desktop/9WZDNCRFJ3PS?hl=en-ca&gl=ca&rtc=1)
* MAC
* Download in app store
* [Microsoft Remote Desktop Connection app](https://apps.apple.com/ca/app/microsoft-remote-desktop/id1295203466?mt=12)
* Linux
* [Remmina RDP Client](https://remmina.org/)
### Connect Remotely
* General process
* In the Remote app, enter the following:
* the IPv4 Address of the VM
* the VM root-access username and password
* You now have remote desktop connection to your VM
## Conclusion
You now have a remote access to the desktop environment of your VM. If you have any questions, let us know by writing a post on the [Threefold Forum](https://forum.threefold.io/).