dev to main periodic update #71
@ -34,38 +34,38 @@ To start, you must [deploy and SSH into a full VM](ssh_guide.md).
|
|||||||
* With an IPv4 Address
|
* With an IPv4 Address
|
||||||
* After deployment, copy the IPv4 address
|
* After deployment, copy the IPv4 address
|
||||||
* Connect into the VM via SSH
|
* Connect into the VM via SSH
|
||||||
* ```
|
```
|
||||||
ssh root@VM_IPv4_address
|
ssh root@VM_IPv4_address
|
||||||
```
|
```
|
||||||
* Create a new user with root access
|
* Create a new user with root access
|
||||||
* Here we use `newuser` as an example
|
* Here we use `newuser` as an example
|
||||||
* ```
|
```
|
||||||
adduser newuser
|
adduser newuser
|
||||||
```
|
```
|
||||||
* To see the directory of the new user
|
* To see the directory of the new user
|
||||||
* ```
|
```
|
||||||
ls /home
|
ls /home
|
||||||
```
|
```
|
||||||
* Give sudo capacity to the new user
|
* Give sudo capacity to the new user
|
||||||
* ```
|
```
|
||||||
usermod -aG sudo newuser
|
usermod -aG sudo newuser
|
||||||
```
|
```
|
||||||
* Make the new user accessible by SSH
|
* Make the new user accessible by SSH
|
||||||
* ```
|
```
|
||||||
su - newuser
|
su - newuser
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
mkdir ~/.ssh
|
mkdir ~/.ssh
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
nano ~/.ssh/authorized_keys
|
nano ~/.ssh/authorized_keys
|
||||||
```
|
```
|
||||||
* add the authorized public key in the file, then save and quit
|
* add the authorized public key in the file, then save and quit
|
||||||
* Exit the VM and reconnect with the new user
|
* Exit the VM and reconnect with the new user
|
||||||
* ```
|
```
|
||||||
exit
|
exit
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
ssh newuser@VM_IPv4_address
|
ssh newuser@VM_IPv4_address
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -74,11 +74,11 @@ To start, you must [deploy and SSH into a full VM](ssh_guide.md).
|
|||||||
## Set the VM and Install Cockpit
|
## Set the VM and Install Cockpit
|
||||||
|
|
||||||
* Update and upgrade the VM
|
* Update and upgrade the VM
|
||||||
* ```
|
```
|
||||||
sudo apt update -y && sudo apt upgrade -y && sudo apt-get update -y
|
sudo apt update -y && sudo apt upgrade -y && sudo apt-get update -y
|
||||||
```
|
```
|
||||||
* Install Cockpit
|
* Install Cockpit
|
||||||
* ```
|
```
|
||||||
. /etc/os-release && sudo apt install -t ${UBUNTU_CODENAME}-backports cockpit -y
|
. /etc/os-release && sudo apt install -t ${UBUNTU_CODENAME}-backports cockpit -y
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -89,24 +89,24 @@ To start, you must [deploy and SSH into a full VM](ssh_guide.md).
|
|||||||
We now change the system daemon that manages network configurations. We will be using [NetworkManager](https://networkmanager.dev/) instead of [networkd](https://wiki.archlinux.org/title/systemd-networkd). This will give us further possibilities on Cockpit.
|
We now change the system daemon that manages network configurations. We will be using [NetworkManager](https://networkmanager.dev/) instead of [networkd](https://wiki.archlinux.org/title/systemd-networkd). This will give us further possibilities on Cockpit.
|
||||||
|
|
||||||
* Install NetworkManager. Note that it might already be installed.
|
* Install NetworkManager. Note that it might already be installed.
|
||||||
* ```
|
```
|
||||||
sudo apt install network-manager -y
|
sudo apt install network-manager -y
|
||||||
```
|
```
|
||||||
* Update the `.yaml` file
|
* Update the `.yaml` file
|
||||||
* Go to netplan's directory
|
* Go to netplan's directory
|
||||||
* ```
|
```
|
||||||
cd /etc/netplan
|
cd /etc/netplan
|
||||||
```
|
```
|
||||||
* Search for the proper `.yaml` file name
|
* Search for the proper `.yaml` file name
|
||||||
* ```
|
```
|
||||||
ls -l
|
ls -l
|
||||||
```
|
```
|
||||||
* Update the `.yaml` file
|
* Update the `.yaml` file
|
||||||
* ```
|
```
|
||||||
sudo nano 50-cloud-init.yaml
|
sudo nano 50-cloud-init.yaml
|
||||||
```
|
```
|
||||||
* Add the following lines under `network:`
|
* Add the following lines under `network:`
|
||||||
* ```
|
```
|
||||||
version: 2
|
version: 2
|
||||||
renderer: NetworkManager
|
renderer: NetworkManager
|
||||||
```
|
```
|
||||||
@ -114,22 +114,22 @@ We now change the system daemon that manages network configurations. We will be
|
|||||||
* Remove `version: 2` at the bottom of the file
|
* Remove `version: 2` at the bottom of the file
|
||||||
* Save and exit the file
|
* Save and exit the file
|
||||||
* Disable networkd and enable NetworkManager
|
* Disable networkd and enable NetworkManager
|
||||||
* ```
|
```
|
||||||
sudo systemctl disable systemd-networkd
|
sudo systemctl disable systemd-networkd
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
sudo systemctl enable NetworkManager
|
sudo systemctl enable NetworkManager
|
||||||
```
|
```
|
||||||
* Apply netplan to set NetworkManager
|
* Apply netplan to set NetworkManager
|
||||||
* ```
|
```
|
||||||
sudo netplan apply
|
sudo netplan apply
|
||||||
```
|
```
|
||||||
* Reboot the system to load the new kernel and to properly set NetworkManager
|
* Reboot the system to load the new kernel and to properly set NetworkManager
|
||||||
* ```
|
```
|
||||||
sudo reboot
|
sudo reboot
|
||||||
```
|
```
|
||||||
* Reconnect to the VM
|
* Reconnect to the VM
|
||||||
* ```
|
```
|
||||||
ssh newuser@VM_IPv4_address
|
ssh newuser@VM_IPv4_address
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -139,24 +139,24 @@ We now change the system daemon that manages network configurations. We will be
|
|||||||
We now set a firewall. We note that [ufw](https://wiki.ubuntu.com/UncomplicatedFirewall) is not compatible with Cockpit and for this reason, we will be using [firewalld](https://firewalld.org/).
|
We now set a firewall. We note that [ufw](https://wiki.ubuntu.com/UncomplicatedFirewall) is not compatible with Cockpit and for this reason, we will be using [firewalld](https://firewalld.org/).
|
||||||
|
|
||||||
* Install firewalld
|
* Install firewalld
|
||||||
* ```
|
```
|
||||||
sudo apt install firewalld -y
|
sudo apt install firewalld -y
|
||||||
```
|
```
|
||||||
|
|
||||||
* Add Cockpit to firewalld
|
* Add Cockpit to firewalld
|
||||||
* ```
|
```
|
||||||
sudo firewall-cmd --add-service=cockpit
|
sudo firewall-cmd --add-service=cockpit
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
sudo firewall-cmd --add-service=cockpit --permanent
|
sudo firewall-cmd --add-service=cockpit --permanent
|
||||||
```
|
```
|
||||||
* See if Cockpit is available
|
* See if Cockpit is available
|
||||||
* ```
|
```
|
||||||
sudo firewall-cmd --info-service=cockpit
|
sudo firewall-cmd --info-service=cockpit
|
||||||
```
|
```
|
||||||
|
|
||||||
* See the status of firewalld
|
* See the status of firewalld
|
||||||
* ```
|
```
|
||||||
sudo firewall-cmd --state
|
sudo firewall-cmd --state
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -165,7 +165,7 @@ We now set a firewall. We note that [ufw](https://wiki.ubuntu.com/UncomplicatedF
|
|||||||
## Access Cockpit
|
## Access Cockpit
|
||||||
|
|
||||||
* On your web browser, write the following URL with the proper VM IPv4 address
|
* On your web browser, write the following URL with the proper VM IPv4 address
|
||||||
* ```
|
```
|
||||||
VM_IPv4_Address:9090
|
VM_IPv4_Address:9090
|
||||||
```
|
```
|
||||||
* Enter the username and password of the root-access user
|
* Enter the username and password of the root-access user
|
||||||
|
@ -37,30 +37,30 @@ If you are new to the Threefold ecosystem and you want to deploy workloads on th
|
|||||||
* Minimum storage: 15Gb
|
* Minimum storage: 15Gb
|
||||||
* After deployment, note the VM IPv4 address
|
* After deployment, note the VM IPv4 address
|
||||||
* Connect to the VM via SSH
|
* Connect to the VM via SSH
|
||||||
* ```
|
```
|
||||||
ssh root@VM_IPv4_address
|
ssh root@VM_IPv4_address
|
||||||
```
|
```
|
||||||
* Once connected, create a new user with root access (for this guide we use "newuser")
|
* Once connected, create a new user with root access (for this guide we use "newuser")
|
||||||
* ```
|
```
|
||||||
adduser newuser
|
adduser newuser
|
||||||
```
|
```
|
||||||
* You should now see the new user directory
|
* You should now see the new user directory
|
||||||
* ```
|
```
|
||||||
ls /home
|
ls /home
|
||||||
```
|
```
|
||||||
* Give sudo capacity to the new user
|
* Give sudo capacity to the new user
|
||||||
* ```
|
```
|
||||||
usermod -aG sudo newuser
|
usermod -aG sudo newuser
|
||||||
```
|
```
|
||||||
* Make the new user accessible by SSH
|
* Make the new user accessible by SSH
|
||||||
* ```
|
```
|
||||||
su - newuser
|
su - newuser
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
mkdir ~/.ssh
|
mkdir ~/.ssh
|
||||||
```
|
```
|
||||||
* Add authorized public key in the file and save it
|
* Add authorized public key in the file and save it
|
||||||
* ```
|
```
|
||||||
nano ~/.ssh/authorized_keys
|
nano ~/.ssh/authorized_keys
|
||||||
```
|
```
|
||||||
* Exit the VM and reconnect with the new user
|
* Exit the VM and reconnect with the new user
|
||||||
@ -70,21 +70,21 @@ If you are new to the Threefold ecosystem and you want to deploy workloads on th
|
|||||||
## SSH with Root-Access User, Install Prerequisites and Apache Guacamole
|
## SSH with Root-Access User, Install Prerequisites and Apache Guacamole
|
||||||
|
|
||||||
* SSH into the VM
|
* SSH into the VM
|
||||||
* ```
|
```
|
||||||
ssh newuser@VM_IPv4_address
|
ssh newuser@VM_IPv4_address
|
||||||
```
|
```
|
||||||
* Update and upgrade Ubuntu
|
* Update and upgrade Ubuntu
|
||||||
* ```
|
```
|
||||||
sudo apt update && sudo apt upgrade -y && sudo apt-get install software-properties-common -y
|
sudo apt update && sudo apt upgrade -y && sudo apt-get install software-properties-common -y
|
||||||
```
|
```
|
||||||
* Download and run Apache Guacamole
|
* Download and run Apache Guacamole
|
||||||
* ```
|
```
|
||||||
wget -O guac-install.sh https://git.io/fxZq5
|
wget -O guac-install.sh https://git.io/fxZq5
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
chmod +x guac-install.sh
|
chmod +x guac-install.sh
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
sudo ./guac-install.sh
|
sudo ./guac-install.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -93,11 +93,11 @@ If you are new to the Threefold ecosystem and you want to deploy workloads on th
|
|||||||
## Access Apache Guacamole and Create Admin-Access User
|
## Access Apache Guacamole and Create Admin-Access User
|
||||||
|
|
||||||
* On your local computer, open a browser and write the following URL with the proper IPv4 address
|
* On your local computer, open a browser and write the following URL with the proper IPv4 address
|
||||||
* ```
|
```
|
||||||
https://VM_IPv4_address:8080/guacamole
|
https://VM_IPv4_address:8080/guacamole
|
||||||
```
|
```
|
||||||
* On Guacamole, enter the following for both the username and the password
|
* On Guacamole, enter the following for both the username and the password
|
||||||
* ```
|
```
|
||||||
guacadmin
|
guacadmin
|
||||||
```
|
```
|
||||||
* Download the [TOTP](https://totp.app/) app on your Android or iOS
|
* Download the [TOTP](https://totp.app/) app on your Android or iOS
|
||||||
@ -120,23 +120,23 @@ If you are new to the Threefold ecosystem and you want to deploy workloads on th
|
|||||||
## Download the Desktop Environment and Run xrdp
|
## Download the Desktop Environment and Run xrdp
|
||||||
|
|
||||||
* Download a Ubuntu desktop environment on the VM
|
* Download a Ubuntu desktop environment on the VM
|
||||||
* ```
|
```
|
||||||
sudo apt install tasksel -y && sudo apt install lightdm -y
|
sudo apt install tasksel -y && sudo apt install lightdm -y
|
||||||
```
|
```
|
||||||
* Choose lightdm
|
* Choose lightdm
|
||||||
* Run tasksel and choose `ubuntu desktop`
|
* Run tasksel and choose `ubuntu desktop`
|
||||||
* ```
|
```
|
||||||
sudo tasksel
|
sudo tasksel
|
||||||
```
|
```
|
||||||
|
|
||||||
* Download and run xrdp
|
* Download and run xrdp
|
||||||
* ```
|
```
|
||||||
wget https://c-nergy.be/downloads/xRDP/xrdp-installer-1.4.6.zip
|
wget https://c-nergy.be/downloads/xRDP/xrdp-installer-1.4.6.zip
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
unzip xrdp-installer-1.4.6.zip
|
unzip xrdp-installer-1.4.6.zip
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
bash xrdp-installer-1.4.6.sh
|
bash xrdp-installer-1.4.6.sh
|
||||||
```
|
```
|
||||||
|
|
||||||
@ -146,7 +146,7 @@ If you are new to the Threefold ecosystem and you want to deploy workloads on th
|
|||||||
|
|
||||||
* Create an RDP connection on Guacamole
|
* Create an RDP connection on Guacamole
|
||||||
* Open Guacamole
|
* Open Guacamole
|
||||||
* ```
|
```
|
||||||
http://VM_IPv4_address:8080/guacamole/
|
http://VM_IPv4_address:8080/guacamole/
|
||||||
```
|
```
|
||||||
* Go to Settings
|
* Go to Settings
|
||||||
|
@ -31,107 +31,107 @@ If you are new to the Threefold ecosystem and you want to deploy workloads on th
|
|||||||
* With an IPv4 Address
|
* With an IPv4 Address
|
||||||
* After deployment, copy the IPv4 address
|
* After deployment, copy the IPv4 address
|
||||||
* To SSH into the VM, write in the terminal
|
* To SSH into the VM, write in the terminal
|
||||||
* ```
|
```
|
||||||
ssh root@VM_IPv4_address
|
ssh root@VM_IPv4_address
|
||||||
```
|
```
|
||||||
* Once connected, update, upgrade and install the desktop environment
|
* Once connected, update, upgrade and install the desktop environment
|
||||||
* Update
|
* Update
|
||||||
* ```
|
```
|
||||||
sudo apt update -y && sudo apt upgrade -y
|
sudo apt update -y && sudo apt upgrade -y
|
||||||
```
|
```
|
||||||
* Install a light-weight desktop environment (Xfce)
|
* Install a light-weight desktop environment (Xfce)
|
||||||
* ```
|
```
|
||||||
sudo apt install xfce4 xfce4-goodies -y
|
sudo apt install xfce4 xfce4-goodies -y
|
||||||
```
|
```
|
||||||
* Create a user with root access
|
* Create a user with root access
|
||||||
* ```
|
```
|
||||||
adduser newuser
|
adduser newuser
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
ls /home
|
ls /home
|
||||||
```
|
```
|
||||||
* You should see the newuser directory
|
* You should see the newuser directory
|
||||||
* Give sudo capacity to newuser
|
* Give sudo capacity to newuser
|
||||||
* ```
|
```
|
||||||
usermod -aG sudo newuser
|
usermod -aG sudo newuser
|
||||||
```
|
```
|
||||||
* Make newuser accessible by SSH
|
* Make newuser accessible by SSH
|
||||||
* ```
|
```
|
||||||
su - newuser
|
su - newuser
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
mkdir ~/.ssh
|
mkdir ~/.ssh
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
nano ~/.ssh/authorized_keys
|
nano ~/.ssh/authorized_keys
|
||||||
```
|
```
|
||||||
* add authorized public key in file and save
|
* add authorized public key in file and save
|
||||||
* Exit the VM and reconnect with new user
|
* Exit the VM and reconnect with new user
|
||||||
* ```
|
```
|
||||||
exit
|
exit
|
||||||
```
|
```
|
||||||
* Reconnect to the VM terminal and install XRDP
|
* Reconnect to the VM terminal and install XRDP
|
||||||
* ```
|
```
|
||||||
ssh newuser@VM_IPv4_address
|
ssh newuser@VM_IPv4_address
|
||||||
```
|
```
|
||||||
* Install XRDP
|
* Install XRDP
|
||||||
* ```
|
```
|
||||||
sudo apt install xrdp -y
|
sudo apt install xrdp -y
|
||||||
```
|
```
|
||||||
* Check XRDP status
|
* Check XRDP status
|
||||||
* ```
|
```
|
||||||
sudo systemctl status xrdp
|
sudo systemctl status xrdp
|
||||||
```
|
```
|
||||||
* If not running, run manually:
|
* If not running, run manually:
|
||||||
* ```
|
```
|
||||||
sudo systemctl start xrdp
|
sudo systemctl start xrdp
|
||||||
```
|
```
|
||||||
* If needed, configure xrdp (optional)
|
* If needed, configure xrdp (optional)
|
||||||
* ```
|
```
|
||||||
sudo nano /etc/xrdp/xrdp.ini
|
sudo nano /etc/xrdp/xrdp.ini
|
||||||
```
|
```
|
||||||
* Create a session with root-access user
|
* Create a session with root-access user
|
||||||
Move to home directory
|
Move to home directory
|
||||||
* Go to home directory of root-access user
|
* Go to home directory of root-access user
|
||||||
* ```
|
```
|
||||||
cd ~
|
cd ~
|
||||||
```
|
```
|
||||||
* Create session
|
* Create session
|
||||||
* ```
|
```
|
||||||
echo "xfce4-session" | tee .xsession
|
echo "xfce4-session" | tee .xsession
|
||||||
```
|
```
|
||||||
* Restart the server
|
* Restart the server
|
||||||
* ```
|
```
|
||||||
sudo systemctl restart xrdp
|
sudo systemctl restart xrdp
|
||||||
```
|
```
|
||||||
|
|
||||||
* Find your local computer IP address
|
* Find your local computer IP address
|
||||||
* On your local computer terminal, write
|
* On your local computer terminal, write
|
||||||
* ```
|
```
|
||||||
curl ifconfig.me
|
curl ifconfig.me
|
||||||
```
|
```
|
||||||
|
|
||||||
* On the VM terminal, allow client computer port to the firewall (ufw)
|
* On the VM terminal, allow client computer port to the firewall (ufw)
|
||||||
* ```
|
```
|
||||||
sudo ufw allow from your_local_ip/32 to any port 3389
|
sudo ufw allow from your_local_ip/32 to any port 3389
|
||||||
```
|
```
|
||||||
* Allow SSH connection to your firewall
|
* Allow SSH connection to your firewall
|
||||||
* ```
|
```
|
||||||
sudo ufw allow ssh
|
sudo ufw allow ssh
|
||||||
```
|
```
|
||||||
* Verify status of the firewall
|
* Verify status of the firewall
|
||||||
* ```
|
```
|
||||||
sudo ufw status
|
sudo ufw status
|
||||||
```
|
```
|
||||||
* If not active, do the following:
|
* If not active, do the following:
|
||||||
* ```
|
```
|
||||||
sudo ufw disable
|
sudo ufw disable
|
||||||
```
|
```
|
||||||
* ```
|
```
|
||||||
sudo ufw enable
|
sudo ufw enable
|
||||||
```
|
```
|
||||||
* Then the ufw status should show changes
|
* Then the ufw status should show changes
|
||||||
* ```
|
```
|
||||||
sudo ufw status
|
sudo ufw status
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user