Difference between revisions of "In transition"
(11 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
This page is used to detail the work achieved around the VM In Transition | This page is used to detail the work achieved around the VM In Transition - Transitional | ||
...because there is nothing more ephemeral than digital culture... | ...because there is nothing more ephemeral than digital culture... | ||
'''[ | |||
= How to use Yunohost web services = | |||
'''[http://anarchaserver.org/mediawiki/index.php/How_to_use_yunohost The "How to use Yunohost" is in this specific page]''' | |||
= Installation of yunohost in a LXC container = | = Installation of yunohost in a LXC container = | ||
Create the container with a debian stretch base as root : | |||
lxc-create -n transitional -t debian -- -r stretch | |||
Edit the config to set-up the network | |||
nano /var/lib/lxc/transitional/config | |||
it shoud look like : | |||
lxc.network.type = veth | |||
lxc.network.hwaddr = 00:16:3e:cd:ad:29 | |||
lxc.network.flags = up | |||
lxc.network.link = lxc-nat-bridge | |||
lxc.network.name = eth0 | |||
# you have to set a specific IP for this container (here .2) | |||
lxc.network.ipv4 = 10.0.3.2 | |||
lxc.network.ipv4.gateway = 10.0.3.1 | |||
lxc.rootfs = /var/lib/lxc/transitional/rootfs | |||
lxc.rootfs.backend = dir | |||
# Common configuration | |||
lxc.include = /usr/share/lxc/config/debian.common.conf | |||
# Container specific configuration | |||
lxc.tty = 4 | |||
lxc.utsname = transitional | |||
lxc.arch = amd64 | |||
lxc.start.auto = 1 | |||
Modify + record, then start the container | |||
lxc-start -n transitional | |||
Log in the container as root | |||
lxc-attach -n transitional | |||
Then you have a shell in the container and can proceed to the installation | |||
root@transitional:/# | |||
apt update | |||
apt upgrade | |||
apt install net-tools nano git nload htop iputils-ping curl | |||
curl https://install.yunohost.org | bash | |||
== Setting-up the proxy in front apache == | == Setting-up the proxy in front apache == | ||
ToDo | ToDo | ||
Line 39: | Line 77: | ||
= Post Post installation : tuning the configuration = | = Post Post installation : tuning the configuration = | ||
* A few security things : https://yunohost.org/#/security_en | * A few security things : https://yunohost.org/#/security_en | ||
* For Jirafeau, to remove the need for a password to upload, remove the password at line 77 of /var/www/jirafeau/lib/config.local.php | |||
$cfg['upload_password'] = array(); | |||
= Change Theme for the user portal = | |||
* https://yunohost.org/en/theming | |||
= Debug install = | |||
If "Error: An error occurred during LDAP operation", than it is possible to reset the post install : | |||
wget https://raw.githubusercontent.com/YunoHost/yunoScripts/master/resetPostinstall.sh | |||
chmod +x resetPostinstall.sh | |||
./resetPostinstall.sh | |||
In my case, the ldap package was broken so : | |||
apt update | |||
apt --fix-broken install | |||
Then | |||
./resetPostinstall.sh | |||
yunohost tools postinstall --debug | |||
To reset the admin password in LDAP : | |||
yunohost-reset-ldap-password | |||
To make a regen conf of LDAP | |||
yunohost service regen-conf ldap --force | |||
Restore a backup of your ldap database too | |||
yunohost backup restore --system conf_ldap --debug | |||
= DNS troubleshooting inside a container = | |||
It seems that DNS resolution is limited @tachanka to certain adresses : | |||
So there is a need to change dns servers in the yunohost container as yunohost relies on dnsmasq with its own dns server list | |||
nano /etc/resolv.dnsmasq.conf | |||
nameserver 209.51.171.179 | |||
nameserver 216.66.15.28 | |||
nameserver 216.66.15.23 | |||
or FFDN ones if it doesn't work | |||
nameserver 80.67.169.12 | |||
nameserver 80.67.169.40 | |||
== DNS debug == | |||
nslookup | |||
> server 127.0.0.1 | |||
> set debug | |||
> host x.org | |||
dig @8.8.8.8 x.org | |||
netstat -atun | grep 53 | |||
cat /var/log/syslog |grep dnsmasq | |||
dnsmasq.service: Failed to reset devices.list: Operation not permitted | |||
not important ! | |||
nano /lib/systemd/system/dnsmasq.service | |||
localectl and hostnamectl | |||
Tester si dns requêtes arrivent au host | |||
sudo tcpdump -X -i lxc-nat-bridge dst port 53 |grep x.org | |||
sudo tcpdump -X -i eth0 host 209.51.171.179 and port 53 |
Latest revision as of 23:05, 23 January 2022
This page is used to detail the work achieved around the VM In Transition - Transitional
...because there is nothing more ephemeral than digital culture...
How to use Yunohost web services
The "How to use Yunohost" is in this specific page
Installation of yunohost in a LXC container
Create the container with a debian stretch base as root :
lxc-create -n transitional -t debian -- -r stretch
Edit the config to set-up the network
nano /var/lib/lxc/transitional/config
it shoud look like :
lxc.network.type = veth lxc.network.hwaddr = 00:16:3e:cd:ad:29 lxc.network.flags = up lxc.network.link = lxc-nat-bridge lxc.network.name = eth0 # you have to set a specific IP for this container (here .2) lxc.network.ipv4 = 10.0.3.2 lxc.network.ipv4.gateway = 10.0.3.1 lxc.rootfs = /var/lib/lxc/transitional/rootfs lxc.rootfs.backend = dir
# Common configuration lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration lxc.tty = 4 lxc.utsname = transitional lxc.arch = amd64 lxc.start.auto = 1
Modify + record, then start the container
lxc-start -n transitional
Log in the container as root
lxc-attach -n transitional
Then you have a shell in the container and can proceed to the installation
root@transitional:/# apt update apt upgrade apt install net-tools nano git nload htop iputils-ping curl curl https://install.yunohost.org | bash
Setting-up the proxy in front apache
ToDo
- There is a need to put in vhost a specific parameter : https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslproxyengine
SSLProxyEngine On
Installing Yunohost for deploying quickly various web services
- Reference website: https://yunohost.org/#/
- List of apps and services maintained by Yunohost https://yunohost.org/#/apps_en
- Lists of apps and services maintained by the community https://yunohost.org/#/apps_in_progress_en
- For installing Yunohost in a Debian Jessie, we use the following script https://yunohost.org/#/install_on_debian_en
Yunohost uses nginx, therefore when installing Debian, do not check the option "Web server", if not Apache will eat port 80
- Instal Git
sudo apt-get install git
- Clone the repository of installation of YunoHost
git clone https://github.com/YunoHost/install_script /tmp/install_script
- The root user need to have a password, if it is not the case, create one (if not the install script will fail):
sudo passwd root
- Launch the install script
cd /tmp/install_script && sudo ./install_yunohostv2
- You need then to connect to the server through a web browser, once the install process is over, the server screen (if there is one) will indicate the IP where you need to connect
- You will need to define an administrator password
- And a domain name, either you dispose of a domain or sub-domain that you direct towards the server, either you can use a dyndns proposed by yunohost, for instance anarchaserver.nohost.me
- Once everything is achieved, you can install applications, and the overall results looks like:
Post Post installation : tuning the configuration
- A few security things : https://yunohost.org/#/security_en
- For Jirafeau, to remove the need for a password to upload, remove the password at line 77 of /var/www/jirafeau/lib/config.local.php
$cfg['upload_password'] = array();
Change Theme for the user portal
Debug install
If "Error: An error occurred during LDAP operation", than it is possible to reset the post install :
wget https://raw.githubusercontent.com/YunoHost/yunoScripts/master/resetPostinstall.sh chmod +x resetPostinstall.sh ./resetPostinstall.sh
In my case, the ldap package was broken so :
apt update apt --fix-broken install
Then
./resetPostinstall.sh yunohost tools postinstall --debug
To reset the admin password in LDAP :
yunohost-reset-ldap-password
To make a regen conf of LDAP
yunohost service regen-conf ldap --force
Restore a backup of your ldap database too
yunohost backup restore --system conf_ldap --debug
DNS troubleshooting inside a container
It seems that DNS resolution is limited @tachanka to certain adresses :
So there is a need to change dns servers in the yunohost container as yunohost relies on dnsmasq with its own dns server list
nano /etc/resolv.dnsmasq.conf nameserver 209.51.171.179 nameserver 216.66.15.28 nameserver 216.66.15.23
or FFDN ones if it doesn't work
nameserver 80.67.169.12 nameserver 80.67.169.40
DNS debug
nslookup > server 127.0.0.1 > set debug > host x.org dig @8.8.8.8 x.org netstat -atun | grep 53
cat /var/log/syslog |grep dnsmasq dnsmasq.service: Failed to reset devices.list: Operation not permitted
not important !
nano /lib/systemd/system/dnsmasq.service localectl and hostnamectl
Tester si dns requêtes arrivent au host
sudo tcpdump -X -i lxc-nat-bridge dst port 53 |grep x.org sudo tcpdump -X -i eth0 host 209.51.171.179 and port 53