Cloud/Shahed/AL: Difference between revisions
Jump to navigation
Jump to search
(Created page with "==SSH== <syntaxhighlight lang="bash"> ssh [email protected] cat <<'EXE' | sudo bash free -th && echo && systemd-analyze && echo df -h && echo && lsblk && echo swapon --show EXE </syntaxhighlight> ==APT Update== <syntaxhighlight lang="bash"> cat << EXE | sudo bash apt-get update;echo mkdir -p /etc/apt/keyrings apt list -a --upgradable;apt-get upgrade -y;echo apt-get install -y qemu-user-static ls -lah /usr/bin/qemu-* apt-get clean cache EXE </syntaxhighlight> ==Clo...") |
|||
| (4 intermediate revisions by the same user not shown) | |||
| Line 56: | Line 56: | ||
rm -rf ${HOME}/Downloads/cloudflared-linux-armhf.deb | rm -rf ${HOME}/Downloads/cloudflared-linux-armhf.deb | ||
qemu-arm-static -cpu cortex- | qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared --version | ||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
| Line 86: | Line 86: | ||
---- | ---- | ||
[[Cloudflare/Argo_Tunnel#Argo Tunnel|Skipped » Find More » 👈]] | [[Cloudflare/Argo_Tunnel#Argo Tunnel|Skipped » Find More » 👈]] | ||
==Cloudflare » Argo » Tunnel » Qemu== | |||
{| | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
sudo -i -u chorke-com-argo | |||
LOGGER_BASE=/var/log/cloudflared/chorke.com | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
sudo -i -u chorke-org-argo | |||
LOGGER_BASE=/var/log/cloudflared/chorke.org | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
sudo -i -u shahed-biz-argo | |||
LOGGER_BASE=/var/log/cloudflared/shahed.biz | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| colspan="3" | | |||
<syntaxhighlight lang="bash"> | |||
CONFIG_BASE=${HOME}/.cloudflared | |||
AUTHNZ_BASE=${HOME}/.cloudflared | |||
CONFIG_FILE=${CONFIG_BASE}/argo.yml | |||
LOGGER_FILE=${LOGGER_BASE}/argo.log | |||
AUTHNZ_FILE=${AUTHNZ_BASE}/argo.json | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | |||
# armv6l based pi01w is a single core cpu, less powerful | |||
# qemu-arm-static emulator take more time to run armhf binary | |||
# for this case it would best to use another pc to generate the json token | |||
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared tunnel login && cd ~/.cloudflared/ | |||
curl -fsSL https://login.cloudflareaccess.org/aHK9jfkm_uvN9PW6-RGWote9FwyCv5VKqBfPjUZ7RCk= | tee ~/.cloudflared/cert.pem >/dev/null | |||
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared tunnel create shahed-al-${USER} | |||
ln -s ${CONFIG_BASE}/3d1105e6-e8f4-403e-9b2d-3367947e0a9e.json ${AUTHNZ_FILE} | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | |||
# use another pc | |||
cd ~/.cloudflared/ | |||
cloudflared tunnel login | |||
mv cert.pem cert.pem.bkp | |||
mkdir -p ~/.cloudflared/tokens | |||
cloudflared tunnel create shahed-al-${USER} | |||
mv aa6db449-f14f-4e79-be14-44b49174d17f.json tokens/shahed-al_aa6db449-f14f-4e79-be14-44b49174d17f.json | |||
rsync -avz tokens/shahed-al_aa6db449-f14f-4e79-be14-44b49174d17f.json [email protected]:~/.config/ | |||
ssh -qt [email protected] bash | |||
# on demand update needed | |||
cat << EXE | sudo bash | |||
mv ~/.config/shahed-al_aa6db449-f14f-4e79-be14-44b49174d17f.json /home/system/chorke-com-argo/.cloudflared/aa6db449-f14f-4e79-be14-44b49174d17f.json | |||
chown chorke-com-argo:chorke-com-argo /home/system/chorke-com-argo/.cloudflared/aa6db449-f14f-4e79-be14-44b49174d17f.json | |||
ls -alh /home/system/chorke-com-argo/.cloudflared/ | |||
EXE | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| colspan="3" | | |||
<syntaxhighlight lang="yaml"> | |||
cat << YML | tee ${CONFIG_FILE} >/dev/null | |||
--- | |||
tunnel: shahed-al-${USER} | |||
credentials-file: ${AUTHNZ_FILE} | |||
warp-routing: | |||
enabled: true | |||
loglevel: info | |||
logfile: ${LOGGER_FILE} | |||
heartbeat: | |||
interval: 10s | |||
max_retries: 3 | |||
restart: true | |||
YML | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| colspan="3" | | |||
<syntaxhighlight lang="bash"> | |||
cat <<'ENV'|tee -a ${HOME}/.bashrc >/dev/null | |||
# cloudflare tunnel config | |||
export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml | |||
ENV | |||
cat <<'ENV'|tee -a ${HOME}/.profile >/dev/null | |||
if [ -f ${HOME}/.bashrc ]; then | |||
. ${HOME}/.bashrc | |||
fi | |||
ENV | |||
source ~/.profile | |||
cat ~/.cloudflared/argo.yml | |||
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared tunnel run shahed-al-${USER} | |||
exit | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="ini"> | |||
SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} | |||
cat << INI | sudo tee ${SYSTEM_PATH} >/dev/null | |||
[Unit] | |||
Description=cloudflared | |||
After=network-online.target | |||
Wants=network-online.target | |||
[Service] | |||
Group=chorke-com-argo | |||
User=chorke-com-argo | |||
TimeoutStartSec=0 | |||
Type=notify | |||
ExecStart=qemu-arm-static -cpu cortex-a7 \ | |||
/usr/local/bin/cloudflared --no-autoupdate \ | |||
--config /home/system/chorke-com-argo/\ | |||
.cloudflared/argo.yml tunnel run | |||
Restart=on-failure | |||
RestartSec=5s | |||
[Install] | |||
WantedBy=multi-user.target | |||
INI | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="ini" line> | |||
SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} | |||
cat << INI | sudo tee ${SYSTEM_PATH} >/dev/null | |||
[Unit] | |||
Description=cloudflared | |||
After=network-online.target | |||
Wants=network-online.target | |||
[Service] | |||
Group=chorke-org-argo | |||
User=chorke-org-argo | |||
TimeoutStartSec=0 | |||
Type=notify | |||
ExecStart=qemu-arm-static -cpu cortex-a7 \ | |||
/usr/local/bin/cloudflared --no-autoupdate \ | |||
--config /home/system/chorke-org-argo/\ | |||
.cloudflared/argo.yml tunnel run | |||
Restart=on-failure | |||
RestartSec=5s | |||
[Install] | |||
WantedBy=multi-user.target | |||
INI | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="ini"> | |||
SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE} | |||
cat << INI | sudo tee ${SYSTEM_PATH} >/dev/null | |||
[Unit] | |||
Description=cloudflared | |||
After=network-online.target | |||
Wants=network-online.target | |||
[Service] | |||
Group=shahed-biz-argo | |||
User=shahed-biz-argo | |||
TimeoutStartSec=0 | |||
Type=notify | |||
ExecStart=qemu-arm-static -cpu cortex-a7 \ | |||
/usr/local/bin/cloudflared --no-autoupdate \ | |||
--config /home/system/shahed-biz-argo/\ | |||
.cloudflared/argo.yml tunnel run | |||
Restart=on-failure | |||
RestartSec=5s | |||
[Install] | |||
WantedBy=multi-user.target | |||
INI | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << EXE | sudo bash | |||
systemctl daemon-reload | |||
systemctl enable [email protected] | |||
systemctl start [email protected] | |||
systemctl status [email protected] | |||
EXE | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << EXE | sudo bash | |||
systemctl daemon-reload | |||
systemctl enable [email protected] | |||
systemctl start [email protected] | |||
systemctl status [email protected] | |||
EXE | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << EXE | sudo bash | |||
systemctl daemon-reload | |||
systemctl enable [email protected] | |||
systemctl start [email protected] | |||
systemctl status [email protected] | |||
EXE | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
tail -n100 \ | |||
-f /var/log/cloudflared/chorke.com/argo.log | |||
journalctl -xeu [email protected] | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
tail -n100 \ | |||
-f /var/log/cloudflared/chorke.org/argo.log | |||
journalctl -xeu [email protected] | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
tail -n100 \ | |||
-f /var/log/cloudflared/shahed.biz/argo.log | |||
journalctl -xeu [email protected] | |||
</syntaxhighlight> | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << EXE | sudo bash | |||
systemctl daemon-reload | |||
systemctl disable [email protected] | |||
systemctl stop [email protected] | |||
systemctl status [email protected] | |||
EXE | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << EXE | sudo bash | |||
systemctl daemon-reload | |||
systemctl disable [email protected] | |||
systemctl stop [email protected] | |||
systemctl status [email protected] | |||
EXE | |||
</syntaxhighlight> | |||
| valign="top" | | |||
<syntaxhighlight lang="bash"> | |||
cat << EXE | sudo bash | |||
systemctl daemon-reload | |||
systemctl disable [email protected] | |||
systemctl stop [email protected] | |||
systemctl status [email protected] | |||
EXE | |||
</syntaxhighlight> | |||
|} | |||
==References== | ==References== | ||
Latest revision as of 07:42, 22 February 2025
SSH
ssh [email protected]
cat <<'EXE' | sudo bash
free -th && echo && systemd-analyze && echo
df -h && echo && lsblk && echo
swapon --show
EXE
APT Update
cat << EXE | sudo bash
apt-get update;echo
mkdir -p /etc/apt/keyrings
apt list -a --upgradable;apt-get upgrade -y;echo
apt-get install -y qemu-user-static
ls -lah /usr/bin/qemu-*
apt-get clean cache
EXE
Cloudflare » VIRT
cat << INI | sudo tee /etc/systemd/system/warp0.service >/dev/null
[Unit]
Description=Cloudflared WARP Routing Virtual Interface
After=network.target
[Service]
Type=oneshot
ExecStart=/sbin/ip link add warp0 type dummy
ExecStartPost=/sbin/ip addr add 10.20.41.12/32 dev warp0
ExecStartPost=/sbin/ip link set warp0 up
ExecStop=/sbin/ip link delete warp0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
INI
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable --now warp0.service
systemctl status warp0.service
EXE
ip a
Cloudflare » Argo » Tunnel
wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-armhf.deb -P ${HOME}/Downloads
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-armhf.deb; sudo apt install -f
rm -rf ${HOME}/Downloads/cloudflared-linux-armhf.deb
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared --version
cat <<'SYS' | sudo tee -a /etc/sysctl.conf >/dev/null
###################################################################
# Cloudflared Tunnel Private Network Config
# This config added by Chorke Academia, Inc
# ICMP Group ID Range 0 to 10,000 Users
net.ipv4.ping_group_range = 0 10000
# 208 KiB Default RX Buffer
net.core.rmem_default=212992
# 208 KiB Default TX Buffer
net.core.wmem_default=212992
# 8 MB Maximum RX Buffer
net.core.rmem_max=8388608
# 8 MB Maximum TX Buffer
net.core.wmem_max=8388608
SYS
sudo sysctl -p
Cloudflare » Argo » Tunnel » Qemu
sudo -i -u chorke-com-argo
LOGGER_BASE=/var/log/cloudflared/chorke.com
|
sudo -i -u chorke-org-argo
LOGGER_BASE=/var/log/cloudflared/chorke.org
|
sudo -i -u shahed-biz-argo
LOGGER_BASE=/var/log/cloudflared/shahed.biz
|
|
| ||
CONFIG_BASE=${HOME}/.cloudflared
AUTHNZ_BASE=${HOME}/.cloudflared
CONFIG_FILE=${CONFIG_BASE}/argo.yml
LOGGER_FILE=${LOGGER_BASE}/argo.log
AUTHNZ_FILE=${AUTHNZ_BASE}/argo.json
# armv6l based pi01w is a single core cpu, less powerful
# qemu-arm-static emulator take more time to run armhf binary
# for this case it would best to use another pc to generate the json token
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared tunnel login && cd ~/.cloudflared/
curl -fsSL https://login.cloudflareaccess.org/aHK9jfkm_uvN9PW6-RGWote9FwyCv5VKqBfPjUZ7RCk= | tee ~/.cloudflared/cert.pem >/dev/null
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared tunnel create shahed-al-${USER}
ln -s ${CONFIG_BASE}/3d1105e6-e8f4-403e-9b2d-3367947e0a9e.json ${AUTHNZ_FILE}
# use another pc
cd ~/.cloudflared/
cloudflared tunnel login
mv cert.pem cert.pem.bkp
mkdir -p ~/.cloudflared/tokens
cloudflared tunnel create shahed-al-${USER}
mv aa6db449-f14f-4e79-be14-44b49174d17f.json tokens/shahed-al_aa6db449-f14f-4e79-be14-44b49174d17f.json
rsync -avz tokens/shahed-al_aa6db449-f14f-4e79-be14-44b49174d17f.json [email protected]:~/.config/
ssh -qt [email protected] bash
# on demand update needed
cat << EXE | sudo bash
mv ~/.config/shahed-al_aa6db449-f14f-4e79-be14-44b49174d17f.json /home/system/chorke-com-argo/.cloudflared/aa6db449-f14f-4e79-be14-44b49174d17f.json
chown chorke-com-argo:chorke-com-argo /home/system/chorke-com-argo/.cloudflared/aa6db449-f14f-4e79-be14-44b49174d17f.json
ls -alh /home/system/chorke-com-argo/.cloudflared/
EXE
| ||
|
| ||
cat << YML | tee ${CONFIG_FILE} >/dev/null
---
tunnel: shahed-al-${USER}
credentials-file: ${AUTHNZ_FILE}
warp-routing:
enabled: true
loglevel: info
logfile: ${LOGGER_FILE}
heartbeat:
interval: 10s
max_retries: 3
restart: true
YML
| ||
|
| ||
cat <<'ENV'|tee -a ${HOME}/.bashrc >/dev/null
# cloudflare tunnel config
export CLOUDFLARED_CONFIG=${HOME}/.cloudflared/argo.yml
ENV
cat <<'ENV'|tee -a ${HOME}/.profile >/dev/null
if [ -f ${HOME}/.bashrc ]; then
. ${HOME}/.bashrc
fi
ENV
source ~/.profile
cat ~/.cloudflared/argo.yml
qemu-arm-static -cpu cortex-a7 /usr/local/bin/cloudflared tunnel run shahed-al-${USER}
exit
| ||
|
| ||
SYSTEM_FILE=[email protected]
SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE}
cat << INI | sudo tee ${SYSTEM_PATH} >/dev/null
[Unit]
Description=cloudflared
After=network-online.target
Wants=network-online.target
[Service]
Group=chorke-com-argo
User=chorke-com-argo
TimeoutStartSec=0
Type=notify
ExecStart=qemu-arm-static -cpu cortex-a7 \
/usr/local/bin/cloudflared --no-autoupdate \
--config /home/system/chorke-com-argo/\
.cloudflared/argo.yml tunnel run
Restart=on-failure
RestartSec=5s
[Install]
WantedBy=multi-user.target
INI
|
SYSTEM_FILE=[email protected]
SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE}
cat << INI | sudo tee ${SYSTEM_PATH} >/dev/null
[Unit]
Description=cloudflared
After=network-online.target
Wants=network-online.target
[Service]
Group=chorke-org-argo
User=chorke-org-argo
TimeoutStartSec=0
Type=notify
ExecStart=qemu-arm-static -cpu cortex-a7 \
/usr/local/bin/cloudflared --no-autoupdate \
--config /home/system/chorke-org-argo/\
.cloudflared/argo.yml tunnel run
Restart=on-failure
RestartSec=5s
[Install]
WantedBy=multi-user.target
INI
|
SYSTEM_FILE=[email protected]
SYSTEM_PATH=/etc/systemd/system/${SYSTEM_FILE}
cat << INI | sudo tee ${SYSTEM_PATH} >/dev/null
[Unit]
Description=cloudflared
After=network-online.target
Wants=network-online.target
[Service]
Group=shahed-biz-argo
User=shahed-biz-argo
TimeoutStartSec=0
Type=notify
ExecStart=qemu-arm-static -cpu cortex-a7 \
/usr/local/bin/cloudflared --no-autoupdate \
--config /home/system/shahed-biz-argo/\
.cloudflared/argo.yml tunnel run
Restart=on-failure
RestartSec=5s
[Install]
WantedBy=multi-user.target
INI
|
|
| ||
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable [email protected]
systemctl start [email protected]
systemctl status [email protected]
EXE
|
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable [email protected]
systemctl start [email protected]
systemctl status [email protected]
EXE
|
cat << EXE | sudo bash
systemctl daemon-reload
systemctl enable [email protected]
systemctl start [email protected]
systemctl status [email protected]
EXE
|
|
| ||
tail -n100 \
-f /var/log/cloudflared/chorke.com/argo.log
journalctl -xeu [email protected]
|
tail -n100 \
-f /var/log/cloudflared/chorke.org/argo.log
journalctl -xeu [email protected]
|
tail -n100 \
-f /var/log/cloudflared/shahed.biz/argo.log
journalctl -xeu [email protected]
|
|
| ||
cat << EXE | sudo bash
systemctl daemon-reload
systemctl disable [email protected]
systemctl stop [email protected]
systemctl status [email protected]
EXE
|
cat << EXE | sudo bash
systemctl daemon-reload
systemctl disable [email protected]
systemctl stop [email protected]
systemctl status [email protected]
EXE
|
cat << EXE | sudo bash
systemctl daemon-reload
systemctl disable [email protected]
systemctl stop [email protected]
systemctl status [email protected]
EXE
|
References
|
| ||
|
| ||
|
| ||