Filip
Z Poznámkový blok
Linux
Basic setting pro server
sudo apt install htop mc ssh sudo wget curl net-tools open-vm-tools
Zabezpečení server https://wiki.mikrotik.com/wiki/Use_Mikrotik_as_Fail2ban_firewall
sudo apt install clamav clamav-freshclam clamav-daemon ufw
Cli užitečný příkazy
sudo apt install fzf ncdu dos2unix
sudo swapoff -a; sudo swapon -a
sudo apt install python3-pip
Docker
Nastavení depositáře
sudo apt update sudo apt install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Nainstalování dockeru bez compose
sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin
Override system pro otevření socketu ven
sudo mkdir /etc/systemd/system/docker.service.d touch /etc/systemd/system/docker.service.d/override.conf
/etc/systemd/system/docker.service.d/override.conf
[Service] ExecStart= ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://IP_ADRESA:2735 --ipv6=false --tls=false
Restartování docker service
systemctl restart docker.socket
pozn - zkusit upravit cofig
Nomad
Instalace nomada
sudo apt-get update && \ sudo apt-get install wget gpg coreutils wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg sudo apt-get update && sudo apt-get install nomad
Cli pluginy pro nomad
curl -L -o cni-plugins.tgz https://github.com/containernetworking/plugins/releases/download/v1.2.0/cni-plugins-linux-arm64-v1.2.0.tgz sudo mkdir -p /opt/cni/bin sudo tar -C /opt/cni/bin -xzf cni-plugins.tgz
Config hcl file pro nastavení nomada
mkdir /var/log/nomad
# Full configuration options can be found at https://www.nomadproject.io/docs/configuration bind_addr = "0.0.0.0" data_dir = "/opt/nomad/data" datacenter = "NAZEV_TOHO_SERVER" enable_syslog = true log_level = "INFO" log_file = "/var/log/nomad/" advertise { http = "{{GetInterfaceIP \"ens192\"}}" rpc = "{{GetInterfaceIP \"ens192\"}}" serf = "{{GetInterfaceIP \"ens192\"}}" } server { enabled = true bootstrap_expect = 2 server_join { retry_join = [ "IP_ADDRESA_JEDNOHO_SERVER", "IP_ADDRESA_DRUHEHO_SERVER" ] retry_interval = "15s" } } client { enabled = true servers = [ "localhost" ] cni_path = "/opt/cni/bin" } plugin "raw_exec" { config { enabled = true } } plugin "docker" { config { gc { dangling_containers { enabled = false } } } }
Restartování a zanutí service nomada
systemctl enable nomad systemctl restart nomad