|
|
| (Není zobrazeno 15 mezilehlých verzí od stejného uživatele.) |
| Řádka 1: |
Řádka 1: |
| − | ==Linux== | + | == Rozložení == |
| − | Základní balíčky pro chod vmware serveru
| + | * [[ Linux ]] |
| − | sudo apt update
| + | :- Basic stuff (Užitečný balíčky) |
| − | sudo apt install htop mc ssh sudo wget curl net-tools open-vm-tools
| + | :- Swap & pip3 |
| − | | + | :- ZSH, Neovim/NvChad, NNN |
| − | ---- | + | * [[ Docker ]] |
| − | Možné zabezpečen server antivirem a firewalem
| + | :- Instalace |
| − | sudo apt update
| + | :- Konfigurace socketu |
| − | sudo apt install clamav clamav-freshclam clamav-daemon ufw
| + | * [[ Nomad ]] |
| − | | + | :- Instalace |
| − | * https://wiki.mikrotik.com/wiki/Use_Mikrotik_as_Fail2ban_firewall
| + | :- Konfigurace HCL souboru |
| − | | + | * [[ Kubernetes ]] | [[ Kubernetes | K3S ]] |
| − | Základní nastavení UFW
| + | :- Instalace |
| − | ufw allow ssh
| + | :- Dashboard |
| − | ufw enable
| + | :- Konfigurace |
| − | | + | :- [[ WebServer | Trafiek a Ngninx]] |
| − | ----
| |
| − | Užitečný přikazy pro usnadnění práce
| |
| − | sudo apt update
| |
| − | sudo apt install fzf ncdu dos2unix
| |
| − | | |
| − | * fzf - Fuzzy finder better find | |
| − | * ncdu - NCurses disk usage better du
| |
| − | * dos2unix - Smaže divý ^M ze souboru
| |
| − | * ll - Je to ls -l, musí se vytvořit alias | |
| − | | |
| − | ----
| |
| − | ZSH
| |
| − | ----
| |
| − | Vypnutí swap kvůli virtualizace kontejnerů
| |
| − | sudo swapoff -a; sudo swapon -a
| |
| − | | |
| − | ---- | |
| − | Instalace pip3 pro pluginy pythonu | |
| − | sudo apt update
| |
| − | sudo apt install python3-pip
| |
| − | | |
| − | == Docker ==
| |
| − | Nastavení depositáře
| |
| − | sudo apt update
| |
| − | sudo apt install ca-certificates curl gnupg
| |
| − | | |
| − | sudo install -m 0755 -d /etc/apt/keyrings
| |
| − | curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
| |
| − | sudo chmod a+r /etc/apt/keyrings/docker.gpg
| |
| − | | |
| − | echo \
| |
| − | "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
| |
| − | "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
| |
| − | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
| |
| − | ----
| |
| − | Nainstalování dockeru bez compose
| |
| − | sudo apt update
| |
| − | sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin
| |
| − | ----
| |
| − | Override system pro otevření socketu ven
| |
| − | sudo mkdir /etc/systemd/system/docker.service.d
| |
| − | touch /etc/systemd/system/docker.service.d/override.conf
| |
| − | | |
| − | | |
| − | ''/etc/systemd/system/docker.service.d/override.conf''
| |
| − | [Service]
| |
| − | ExecStart=
| |
| − | ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://IP_ADRESA:2735 --ipv6=false --tls=false
| |
| − | | |
| − | Restartování docker service
| |
| − | systemctl restart docker.socket
| |
| − | | |
| − | pozn - zkusit upravit cofig
| |
| − | | |
| − | ==Nomad==
| |
| − | Instalace nomada | |
| − | sudo apt-get update && \ sudo apt-get install wget gpg coreutils
| |
| − | wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
| |
| − | sudo apt-get update && sudo apt-get install nomad
| |
| − | ----
| |
| − | Cli pluginy pro nomad
| |
| − | curl -L -o cni-plugins.tgz https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-arm64-v1.2.0.tgz
| |
| − | sudo mkdir -p /opt/cni/bin
| |
| − | sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
| |
| − | ----
| |
| − | Config hcl file pro nastavení nomada
| |
| − | mkdir /var/log/nomad
| |
| − | | |
| − | # Full configuration options can be found at https://www.nomadproject.io/docs/configuration
| |
| − |
| |
| − | bind_addr = "0.0.0.0"
| |
| − | data_dir = "/opt/nomad/data"
| |
| − | datacenter = "NAZEV_TOHO_SERVER"
| |
| − |
| |
| − | enable_syslog = true
| |
| − | log_level = "INFO"
| |
| − | log_file = "/var/log/nomad/"
| |
| − |
| |
| − | advertise {
| |
| − | http = "<nowiki>{{GetInterfaceIP \"ens192\"}}</nowiki>"
| |
| − | rpc = "<nowiki>{{GetInterfaceIP \"ens192\"}}</nowiki>"
| |
| − | serf = "<nowiki>{{GetInterfaceIP \"ens192\"}}</nowiki>"
| |
| − | }
| |
| − |
| |
| − | server {
| |
| − | enabled = true
| |
| − | bootstrap_expect = 2
| |
| − | server_join {
| |
| − | retry_join = [ "IP_ADDRESA_JEDNOHO_SERVER", "IP_ADDRESA_DRUHEHO_SERVER" ]
| |
| − | retry_interval = "15s"
| |
| − | }
| |
| − | }
| |
| − |
| |
| − | client {
| |
| − | enabled = true
| |
| − | servers = [ "localhost" ]
| |
| − | cni_path = "/opt/cni/bin"
| |
| − | }
| |
| − |
| |
| − | plugin "raw_exec" {
| |
| − | config {
| |
| − | enabled = true
| |
| − | }
| |
| − | }
| |
| − |
| |
| − | plugin "docker" {
| |
| − | config {
| |
| − | gc {
| |
| − | dangling_containers {
| |
| − | enabled = false
| |
| − | }
| |
| − | }
| |
| − | }
| |
| − | }
| |
| − | ----
| |
| − | Restartování a zanutí service nomada
| |
| − | systemctl enable nomad
| |
| − | systemctl restart nomad
| |
