Difference between revisions of "In transition"
| Line 109: | Line 109: | ||
nameserver 216.66.15.28 | nameserver 216.66.15.28 | ||
nameserver 216.66.15.23 | nameserver 216.66.15.23 | ||
or FFDN ones if it doesn't work | |||
nameserver 80.67.169.12 | |||
nameserver 80.67.169.40 | |||
== DNS debug == | == DNS debug == | ||
Revision as of 23:17, 16 July 2020
This page is used to detail the work achieved around the VM In Transition.
...because there is nothing more ephemeral than digital culture...
How to use Yunohost web services
The "How to use Yunohost" is in this specific page
Installation of yunohost in a LXC container
Create the container with a debian stretch base as root :
lxc-create -n transitional -t debian -- -r stretch
Edit the config to set-up the network
nano /var/lib/lxc/transitional/config
it shoud look like :
lxc.network.type = veth lxc.network.hwaddr = 00:16:3e:cd:ad:29 lxc.network.flags = up lxc.network.link = lxc-nat-bridge lxc.network.name = eth0 # you have to set a specific IP for this container (here .2) lxc.network.ipv4 = 10.0.3.2 lxc.network.ipv4.gateway = 10.0.3.1 lxc.rootfs = /var/lib/lxc/transitional/rootfs lxc.rootfs.backend = dir
# Common configuration lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration lxc.tty = 4 lxc.utsname = transitional lxc.arch = amd64 lxc.start.auto = 1
Modify + record, then start the container
lxc-start -n transitional
Log in the container as root
lxc-attach -n transitional
Then you have a shell in the container and can proceed to the installation
root@transitional:/# apt update apt upgrade apt install net-tools nano git nload htop iputils-ping curl curl https://install.yunohost.org | bash
Setting-up the proxy in front apache
ToDo
- There is a need to put in vhost a specific parameter : https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyengine
SSLProxyEngine On
Installing Yunohost for deploying quickly various web services
- Reference website: https://yunohost.org/#/
- List of apps and services maintained by Yunohost https://yunohost.org/#/apps_en
- Lists of apps and services maintained by the community https://yunohost.org/#/apps_in_progress_en
- For installing Yunohost in a Debian Jessie, we use the following script https://yunohost.org/#/install_on_debian_en
Yunohost uses nginx, therefore when installing Debian, do not check the option "Web server", if not Apache will eat port 80
- Instal Git
sudo apt-get install git
- Clone the repository of installation of YunoHost
git clone https://github.com/YunoHost/install_script /tmp/install_script
- The root user need to have a password, if it is not the case, create one (if not the install script will fail):
sudo passwd root
- Launch the install script
cd /tmp/install_script && sudo ./install_yunohostv2
- You need then to connect to the server through a web browser, once the install process is over, the server screen (if there is one) will indicate the IP where you need to connect
- You will need to define an administrator password
- And a domain name, either you dispose of a domain or sub-domain that you direct towards the server, either you can use a dyndns proposed by yunohost, for instance anarchaserver.nohost.me
- Once everything is achieved, you can install applications, and the overall results looks like:
Post Post installation : tuning the configuration
- A few security things : https://yunohost.org/#/security_en
- For Jirafeau, to remove the need for a password to upload, remove the password at line 77 of /var/www/jirafeau/lib/config.local.php
$cfg['upload_password'] = array();
Debug install
If "Error: An error occurred during LDAP operation", than it is possible to reset the post install :
wget https://raw.githubusercontent.com/YunoHost/yunoScripts/master/resetPostinstall.sh chmod +x resetPostinstall.sh ./resetPostinstall.sh
In my case, the ldap package was broken so :
apt update apt --fix-broken install
Then
./resetPostinstall.sh yunohost tools postinstall --debug
To reset the admin password in LDAP :
yunohost-reset-ldap-password
To make a regen conf of LDAP
yunohost service regen-conf ldap --force
Restore a backup of your ldap database too
yunohost backup restore --system conf_ldap --debug
DNS troubleshooting inside a container
It seems that DNS resolution is limited @tachanka to certain adresses :
So there is a need to change dns servers in the yunohost container as yunohost relies on dnsmasq with its own dns server list
nano /etc/resolv.dnsmasq.conf nameserver 209.51.171.179 nameserver 216.66.15.28 nameserver 216.66.15.23
or FFDN ones if it doesn't work
nameserver 80.67.169.12 nameserver 80.67.169.40
DNS debug
nslookup > server 127.0.0.1 > set debug > host x.org dig @8.8.8.8 x.org netstat -atun | grep 53
cat /var/log/syslog |grep dnsmasq dnsmasq.service: Failed to reset devices.list: Operation not permitted
not important !
nano /lib/systemd/system/dnsmasq.service localectl and hostnamectl
Tester si dns requêtes arrivent au host
sudo tcpdump -X -i lxc-nat-bridge dst port 53 |grep x.org sudo tcpdump -X -i eth0 host 209.51.171.179 and port 53
