Cloud/Shahed/VA: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
 
(18 intermediate revisions by the same user not shown)
Line 28: Line 28:
lxc config show shahed-va
lxc config show shahed-va


cat <<'EXE' | lxc exec shahed-va -- bash
cat <<'EXE'| lxc exec shahed-va -- bash
apt-get update;echo
apt-get update;echo
mkdir -p /etc/apt/keyrings
mkdir -p /etc/apt/keyrings
Line 35: Line 35:
EXE
EXE
</syntaxhighlight>
</syntaxhighlight>
==Virtual » Exec » Bash==
<syntaxhighlight lang="bash">
cat <<'EXE'| lxc exec shahed-va -- bash
free -th && echo && systemd-analyze && echo && df -h
EXE
</syntaxhighlight>
==Virtual » LXD » Host==
<syntaxhighlight lang="bash">
# parse lxd bridge network ip using `ip -j address show|jq -r .` command
LXD_BRIDGE_IP="$(ip -j addr show lxdbr0|jq -r '.[].addr_info[]|select(.label=="lxdbr0").local')"
cat << EXE | lxc exec shahed-va -- bash
echo "${LXD_BRIDGE_IP} host.lxd.internal"|tee -a /etc/hosts
ping -c5 host.lxd.internal
EXE
</syntaxhighlight>
==Virtual » Cloudflare » VIRT==
<syntaxhighlight lang="ini">
cat <<'EXE'| lxc exec shahed-va -- bash
cat <<'INI'| sudo tee /etc/systemd/system/warp0.service >/dev/null
[Unit]
Description=Cloudflared WARP Routing Virtual Interface
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/sbin/ip link add warp0 type dummy
ExecStartPost=/usr/sbin/ip addr add 10.20.40.200/32 dev warp0
ExecStartPost=/usr/sbin/ip link set warp0 up
ExecStop=/usr/sbin/ip link delete warp0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
INI
echo
ls -lah /etc/systemd/system/warp0.service && echo
    cat /etc/systemd/system/warp0.service && echo
EXE
</syntaxhighlight>
----
<syntaxhighlight lang="bash">
cat <<'EXE'| lxc exec shahed-va -- bash
systemctl daemon-reload
systemctl enable --now warp0.service
systemctl status      warp0.service
ip a
EXE
</syntaxhighlight>
==Virtual » Cloudflare » Argo » Tunnel==
<syntaxhighlight lang="bash">
cat <<'EXE'| lxc exec shahed-va -- bash
wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt-get install -f
      rm -rf ${HOME}/Downloads/cloudflared-linux-amd64.deb
EXE
</syntaxhighlight>
----
<syntaxhighlight lang="properties">
cat <<'EXE'| lxc exec shahed-va -- bash
cat <<'CFG'| sudo tee -a /etc/sysctl.conf >/dev/null
###################################################################
# Cloudflared Tunnel Private Network Config
# This config added by Chorke Academia, Inc
# ICMP Group ID Range 0 to 10,000 Users
net.ipv4.ping_group_range = 0 10000
# assumed that following parameters were
# configured in the lxc host machine
# 208 KiB Default RX Buffer
# net.core.rmem_default=212992
# 208 KiB Default TX Buffer
# net.core.wmem_default=212992
# 8 MB Maximum RX Buffer
# net.core.rmem_max=8388608
# 8 MB Maximum TX Buffer
# net.core.wmem_max=8388608
CFG
sudo sysctl -p
EXE
</syntaxhighlight>
----
[[Cloudflare/Argo_Tunnel#Argo Tunnel|Skipped » Find More » 👈]]
==Virtual » Cloudflare » Delete » Secret==
<syntaxhighlight lang="bash">
lxc exec shahed-va -- sudo -i -u shahed-biz-argo bash
rm -rf ~/.cloudflared/cert.pem && history
# inspect & delete secrets
history -d 62-67
history -w
</syntaxhighlight>
----
<syntaxhighlight lang="bash">
lxc exec shahed-va -- sudo bash
# inspect & delete secrets
history -d 68-74
history -w
</syntaxhighlight>
==Virtual » Cloudflare » Backup » Restore==
<syntaxhighlight lang="bash">
lxc snapshot shahed-va base:2025.03.03
lxc publish  shahed-va/base:2025.03.03 --alias shahed-va/base:2025.03.03
lxc restore  shahed-va base:2025.03.03
</syntaxhighlight>
----
<syntaxhighlight lang="bash">
cd ~/Documents/chorke/academia/var/backup/lxc_image/
lxc image export shahed-va/base:2025.03.03 shahed-va_base-2025.03.03
lxc image import shahed-va_base-2025.03.03.tar.gz --alias shahed-va/base:2025.03.03
</syntaxhighlight>
----
<syntaxhighlight lang="bash">
cd ~/Documents/chorke/academia/var/backup/lxc_container/
lxc export shahed-va shahed-va_20250304.tar.gz --optimized-storage
lxc import shahed-va_20250304.tar.gz shahed-va
</syntaxhighlight>
==Virtual » Instance » Postfix » Install==
<syntaxhighlight lang="bash">
lxc restore shahed-va base:2025.03.03
lxc exec    shahed-va -- sudo bash
systemctl restart [email protected]
tail -n100 -f /var/log/cloudflared/shahed.biz/argo.log
</syntaxhighlight>
----
<syntaxhighlight lang="bash">
    nmap --reason mail.shahed.biz -sT -Pn -p25,587,110,995,143,993,465,4190
    nmap --reason mail.shahed.biz -sT -Pn --top 20
    nmap --reason  git.shahed.biz -sT -Pn -p4321
    nmap --reason  vpn.shahed.biz -sT -Pn -p1194
sudo nmap --reason  vpn.shahed.biz -sU -Pn -p1194
</syntaxhighlight>
==References==
{|
|valign="top"|
* [[OpenLDAP/BackSQL|OpenLDAP » BackSQL]]
* [[Google Cloud CLI]]
* [[EKSctl|AWS » EKS » CLI]]
* [[Swap Space]]
* [[Online App]]
* [[OpenLDAP]]
* [[Terraform]]
* [[AWS CLI]]
* [[CLI App]]
* [[Kubectl]]
|valign="top"|
* [[HAProxy/Frontend|HAProxy » Frontend]]
* [[HAProxy/Reconfig|HAProxy » Reconfig]]
* [[HAProxy]]
* [[Jasypt]]
* [[CURL]]
* [[K8s]]
* [[K9s]]
|valign="top"|
|-
| colspan="3" |
----
|-
| valign="top" |
* [https://dash.cloudflare.com/profile/api-tokens Cloudflare » Profile » API Tokens]
* [[Cloudflare/WARP Connector|Cloudflare » WARP Connector]]
* [https://chorke.cloudflareaccess.com Cloudflare » Access » Chorke]
* [[Cloudflare/Argo Tunnel|Cloudflare » Argo Tunnel]]
* [[Cloudflare/WARP Host|Cloudflare » WARP Host]]
* [[Cloudflare]]
| valign="top" |
* [[Cloud/Hetzner/AA|Cloud » Hetzner » AA]]
* [[Cloud/Shahed/AA|Cloud » Shahed » AA]]
* [[Cloud/Shahed/AF|Cloud » Shahed » AF]]
* [[Cloud/Shahed/AL|Cloud » Shahed » AL]]
| valign="top" |
|-
| colspan="3" |
----
|-
| valign="top" |
* [[Ubuntu/Raspberry Pi]]
* [[Ubuntu Upgrade]]
* [[ActiveMQ]]
* [[Minikube]]
* [[Keycloak]]
* [[Hadoop]]
* [[Jenkins]]
* [[WildFly]]
* [[Spark]]
* [[MinIO]]
| valign="top" |
* [[Alpine/Morefine]]
* [[Ruby on Rails]]
* [[TensorFlow]]
* [[Homebrew]]
* [[Linuxbrew]]
* [[PyEnv]]
* [[TMux]]
* [[7Zip]]
* [[Zip]]
* [[Tar]]
| valign="top" |
* [[Linux Service Creation]]
* [[Bash/Port/Forward]]
* [[Linux Mount Drive]]
* [[YouTube/Channel]]
* [[Bash/Network]]
* [[Bash/RAM]]
* [[Bash/CPU]]
* [[Bash/Port]]
* [[Bash]]
* [[Port]]
|-
|colspan="3"|
----
|-
|valign="top"|
* [[Private Enterprise Number]]
* [[Linux User Creation]]
* [[Linux Containers]]
* [[PostgreSQL]]
* [[IPTables]]
* [[MySQL]]
* [[CIDR]]
* [[UFW]]
* [[YQ Tool|YQ]]
* [[JQ Tool|JQ]]
|valign="top"|
* [[Chorke Academia Backup]]
* [[Cloud Computing Cost]]
* [[Helm/PostgreSQL|Helm » PostgreSQL]]
* [[Helm/MariaDB|Helm » MariaDB]]
* [[Benchmarks]]
* [[Online App]]
* [[Helm]]
|valign="top"|
|}

Latest revision as of 00:18, 7 March 2025

Virtual » Network

Virtual Instances
Name Network Subnets Forward
Virtual » Hosts 10.20.40.200/29 10.20.40.200 … 207/32 = 08
Virtual » Hosts 10.20.40.208/29 10.20.40.208 … 215/32 = 08 ⚪️
Virtual » Hosts 10.20.40.208/28 10.20.40.208 … 223/32 = 16
Virtual » Hosts 10.20.40.224/28 10.20.40.224 … 239/32 = 16 ⚪️
Virtual » Hosts 10.20.40.224/31 10.20.40.224 … 225/32 = 02
Virtual » Hosts 10.20.48.226/31 10.20.40.226 … 227/32 = 02 ⚪️

Virtual » Instance

lxc launch ubuntu:24.04 shahed-va -c limits.memory=2GB -c limits.cpu=2
lxc list -c=n -f=json|jq -r '.[]|select(.name=="shahed-va")|.status'
lxc config show shahed-va

cat <<'EXE'| lxc exec shahed-va -- bash
apt-get update;echo
mkdir -p /etc/apt/keyrings
apt list -a --upgradable;apt-get upgrade -y;echo
apt-get install -y apt-transport-https ca-certificates gnupg jq && apt-get clean
EXE

Virtual » Exec » Bash

cat <<'EXE'| lxc exec shahed-va -- bash
free -th && echo && systemd-analyze && echo && df -h
EXE

Virtual » LXD » Host

# parse lxd bridge network ip using `ip -j address show|jq -r .` command
LXD_BRIDGE_IP="$(ip -j addr show lxdbr0|jq -r '.[].addr_info[]|select(.label=="lxdbr0").local')"
cat << EXE | lxc exec shahed-va -- bash
echo "${LXD_BRIDGE_IP} host.lxd.internal"|tee -a /etc/hosts
ping -c5 host.lxd.internal
EXE

Virtual » Cloudflare » VIRT

cat <<'EXE'| lxc exec shahed-va -- bash
cat <<'INI'| sudo tee /etc/systemd/system/warp0.service >/dev/null
[Unit]
Description=Cloudflared WARP Routing Virtual Interface
After=network.target
[Service]
Type=oneshot
ExecStart=/usr/sbin/ip link add warp0 type dummy
ExecStartPost=/usr/sbin/ip addr add 10.20.40.200/32 dev warp0
ExecStartPost=/usr/sbin/ip link set warp0 up
ExecStop=/usr/sbin/ip link delete warp0
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
INI

echo
ls -lah /etc/systemd/system/warp0.service && echo
    cat /etc/systemd/system/warp0.service && echo
EXE

cat <<'EXE'| lxc exec shahed-va -- bash
systemctl daemon-reload
systemctl enable --now warp0.service
systemctl status       warp0.service
ip a
EXE

Virtual » Cloudflare » Argo » Tunnel

cat <<'EXE'| lxc exec shahed-va -- bash
wget -cq https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb -P ${HOME}/Downloads
sudo dpkg -i ${HOME}/Downloads/cloudflared-linux-amd64.deb; sudo apt-get install -f
      rm -rf ${HOME}/Downloads/cloudflared-linux-amd64.deb
EXE

cat <<'EXE'| lxc exec shahed-va -- bash
cat <<'CFG'| sudo tee -a /etc/sysctl.conf >/dev/null

###################################################################
# Cloudflared Tunnel Private Network Config
# This config added by Chorke Academia, Inc
# ICMP Group ID Range 0 to 10,000 Users
net.ipv4.ping_group_range = 0 10000

# assumed that following parameters were
# configured in the lxc host machine

# 208 KiB Default RX Buffer
# net.core.rmem_default=212992

# 208 KiB Default TX Buffer
# net.core.wmem_default=212992

# 8 MB Maximum RX Buffer
# net.core.rmem_max=8388608

# 8 MB Maximum TX Buffer
# net.core.wmem_max=8388608

CFG

sudo sysctl -p
EXE

Skipped » Find More » 👈

Virtual » Cloudflare » Delete » Secret

lxc exec shahed-va -- sudo -i -u shahed-biz-argo bash
rm -rf ~/.cloudflared/cert.pem && history
# inspect & delete secrets
history -d 62-67
history -w

lxc exec shahed-va -- sudo bash
# inspect & delete secrets
history -d 68-74
history -w

Virtual » Cloudflare » Backup » Restore

lxc snapshot shahed-va base:2025.03.03
lxc publish  shahed-va/base:2025.03.03 --alias shahed-va/base:2025.03.03
lxc restore  shahed-va base:2025.03.03

cd ~/Documents/chorke/academia/var/backup/lxc_image/
lxc image export shahed-va/base:2025.03.03 shahed-va_base-2025.03.03
lxc image import shahed-va_base-2025.03.03.tar.gz --alias shahed-va/base:2025.03.03

cd ~/Documents/chorke/academia/var/backup/lxc_container/
lxc export shahed-va shahed-va_20250304.tar.gz --optimized-storage
lxc import shahed-va_20250304.tar.gz shahed-va

Virtual » Instance » Postfix » Install

lxc restore shahed-va base:2025.03.03
lxc exec    shahed-va -- sudo bash

systemctl restart [email protected]
tail -n100 -f /var/log/cloudflared/shahed.biz/argo.log

     nmap --reason mail.shahed.biz -sT -Pn -p25,587,110,995,143,993,465,4190
     nmap --reason mail.shahed.biz -sT -Pn --top 20
     nmap --reason  git.shahed.biz -sT -Pn -p4321
     nmap --reason  vpn.shahed.biz -sT -Pn -p1194
sudo nmap --reason  vpn.shahed.biz -sU -Pn -p1194

References

Retrieved from "https://cdn.chorke.org/weke/index.php?title=Cloud/Shahed/VA&oldid=14256"