diff options
| -rw-r--r-- | core/install.html | 4 | ||||
| -rw-r--r-- | core/scripts/backup-system.sh | 6 | ||||
| -rw-r--r-- | host.html | 2 | ||||
| -rw-r--r-- | index.html | 2 | ||||
| -rw-r--r-- | manifesto.html | 19 | ||||
| -rw-r--r-- | tools/gnupg.html | 7 | ||||
| -rw-r--r-- | tools/index.html | 34 | ||||
| -rw-r--r-- | tools/qemu.html | 100 | ||||
| -rw-r--r-- | tools/tar.html | 9 |
9 files changed, 114 insertions, 69 deletions
diff --git a/core/install.html b/core/install.html index f956cf4..194e245 100644 --- a/core/install.html +++ b/core/install.html @@ -34,7 +34,9 @@ <p>Prepare disk or target location where new system will be installed. Follow steps describe how to create efi and separate partitions such as; boot, root, var, tmp, - usr, ports, swap and home.</p> + usr, ports, swap and home. Information about + <a href="http://devil-detail.blogspot.pt/2013/07/install-grub2-on-gpt-disk-dedicated-partition.html">gpt partition table</a>. + </p> <h3>/boot/efi</h3> diff --git a/core/scripts/backup-system.sh b/core/scripts/backup-system.sh index 3fa1ab2..bc94f7e 100644 --- a/core/scripts/backup-system.sh +++ b/core/scripts/backup-system.sh @@ -14,9 +14,11 @@ echo $ROOT_DIR tar --xattrs -zcpf $DEST_DIR/$BCK_NAME-`date '+%Y-%j-%H-%M-%S'`.tar.gz \ --directory=$ROOT_DIR \ - --exclude=var/ports \ - --exclude=var/run \ + --exclude=usr/ports \ --exclude=usr/src \ + --exclude=var/run \ + --exclude=var/lock \ + --exclude=srv \ --exclude=mnt \ --exclude=home \ --exclude=dev \ diff --git a/host.html b/host.html index 9a2ca1c..01aaf4f 100644 --- a/host.html +++ b/host.html @@ -60,7 +60,7 @@ <dd><a href="core/configure.html#hostname">Hostname</a></dd> <dd><a href="core/exim.html#cert">Exim certificates</a></dd> <dd><a href="tools/network.html#dnsmasq">Dnsmasq</a></dd> - <dd><a href="tools/gpg.html#genkey">Exim certificates</a></dd> + <dd><a href="tools/gpg.html#genkey">GPG certificates</a></dd> <dt>DNS</dt> <dd><a href="tools/network.html#dnscrypt">Dns encryption</a></dd> diff --git a/index.html b/index.html index 6bb6af1..86a2f1a 100644 --- a/index.html +++ b/index.html @@ -27,7 +27,7 @@ <p>Version;</p> <pre> - rev 0.2.1 + rev 0.2.2 </pre> diff --git a/manifesto.html b/manifesto.html index 5d8963e..abf5635 100644 --- a/manifesto.html +++ b/manifesto.html @@ -11,7 +11,24 @@ <h1>c9 Manifesto</h1> <p>There is no c9 manifesto but a collection of manifestos found on the - Internet that share same vision. Hope you share the same vision.</p> + Internet that share same vision. </p> + + <h2>Making The Network Work</h2> + + <p>From + <a href="http://www.sterneck.net/cyber/online-communities/index.php">Sternececk.net</a>;</p> + + <pre> + Every citizen, regardless of their economic circumstances, + should be able to share the benefits of the Information Age - + including better communications, greater participation, + electronic life long learning, and e-commerce. + To achieve this they should have access to local community + technology centres, plus public online forums and services + to create an online community. The centres will provide + technical support and help 'on the ground', the forums will + be 'virtual spaces' for online communities related to localities. + </pre> <h2>Guerilla Open Access Manifesto</h2> diff --git a/tools/gnupg.html b/tools/gnupg.html index 53ca088..21aedcb 100644 --- a/tools/gnupg.html +++ b/tools/gnupg.html @@ -124,17 +124,19 @@ $ gpg --edit-key UID </pre> - <h3>3.1 Edit key</h3> + <h3>3.1. Edit key</h3> <pre> $ gpg --edit-key KEYID adduid </pre> + <h3>3.2. Revoke key</h3> <p>Follow the instructions and then select the user you want to revoque, where N is the UID of the user;</p> <pre> + $ gpg --edit-key KEYID uid N revuid save @@ -161,7 +163,7 @@ $ gpg --armor --output user.asc --export 'User Name' </pre> - <h3>3.2. Export to keyserver</h3> + <h3>4.2. Export to keyserver</h3> <p>The primary public key's ID is referenced in the pub line after the key size, for example the key created above, @@ -213,7 +215,6 @@ gpg --list-keys justin </pre> - <h2 id="cryptsign">5. Encrypt, decrypt and signing</h2> <h3>5.1. Encrypt file</h3> diff --git a/tools/index.html b/tools/index.html index e5adac6..b721f73 100644 --- a/tools/index.html +++ b/tools/index.html @@ -76,14 +76,6 @@ <li><a href="nmap.html">Nmap</a></li> </ul> </li> - <li><a href="qemu.html">Qemu</a> - <ul> - <li><a href="qemu.html#kern">Kernel Configuration</a></li> - <li><a href="qemu.html#disk">Disk images</a></li> - <li><a href="tcpdump.html">Tcpdump</a></li> - </ul> - </li> - <li><a href="storage.html">Storage</a> <ul> <li><a href="storage.html#mv">Moving partitions</a></li> @@ -97,19 +89,17 @@ <li><a href="syslog-ng.html#install">Install syslog-ng</a></li> <li><a href="syslog-ng.html#syslogrc">Syslog-ng RC</a></li> <li><a href="syslog-ng.html#syslog-conf">Syslog-ng configuration</a></li> - </ul> - </li> + <li><a href="logrotate.html">Logrotate</a></li> + <li><a href="logwatch.html">Logwatch</a> + <ul> + <li><a href="logwatch.html#conf">Configure Logwatch</a></li> + <li><a href="logwatch.html#cron">Set cron task</a></li> + </ul> + </li> - <li><a href="logrotate.html">Logrotate</a></li> - <li> - <a href="logwatch.html">Logwatch</a> - <ul> - <li><a href="logwatch.html#conf">Configure Logwatch</a></li> - <li><a href="logwatch.html#cron">Set cron task</a></li> </ul> </li> - <li> - <a href="fail2ban.html">Fail2Ban</a> + <li><a href="fail2ban.html">Fail2Ban</a> <ul> <li><a href="fail2ban.html#conf">Configure Fail2ban</a></li> </ul> @@ -119,6 +109,14 @@ <h2>Network Services</h2> <ul> + <li><a href="qemu.html">Qemu</a> + <ul> + <li><a href="qemu.html#kern">1. Host System</a></li> + <li><a href="qemu.html#disk">2. Disk images</a></li> + <li><a href="qemu.html#net">3. Network</a></li> + <li><a href="qemu.html#guest">4. Guest System</a></li> + </ul> + </li> <li> <a href="openssh.html">OpenSSH</a> <ul> diff --git a/tools/qemu.html b/tools/qemu.html index ef1c36d..ce1b66d 100644 --- a/tools/qemu.html +++ b/tools/qemu.html @@ -10,31 +10,37 @@ <h1>Qemu</h1> - <h2 id="kern">Kernel configuration</h2> + <h2 id="kern">1. Host System</h2> + + <p>Load modules, in this case kvm of intel cpu;</p> + + <pre> + # modprobe -a kvm-intel tun virtio + </pre> + + <p>Add users to kvm group;</p> <pre> # usermod -a -G kvm c9admin # usermod -a -G kvm username </pre> - <h2 id="disk">Disk images</h2> + <h2 id="disk">2. Disk images</h2> <dl> <dt>img</dt> - <dd>network slirp</dd> + <dd>Raw disk image, allows dd to a physical device.</dd> <dt>raw</dt> - <dd>network tap</dd> + <dd>Raw disk image, allows dd to a physical device.</dd> <dt>qcow2</dt> - <dd>... ...</dd> + <dd>Qcow disk image file used by qemu.</dd> </dl> - - <p>Create hard disk image, there is different types, this describes how to create a qcow2 type;</p> <pre> - $ qemu-img create -f qcow2 crux-img.qcow2 20G + $ qemu-img create -f qcow2 crux-img.qcow2 15G </pre> <p>You can mount disk image;</p> @@ -44,44 +50,55 @@ $ sudo qemu-nbd -c /dev/nbd0 /crux-img.qcow2 </pre> - <p>To disconnect image disk (ndb);</a> + <p>To disconnect image disk (ndb);</p> <pre> $ sudo qemu-nbd -d /dev/nbd0 </pre> - <p>You can use image as a normal disk, example how + <p>Information about preparing + <a href="../core/install.html#step2">partitions</a> + and <a href="storage.html">storage</a> administration. + You can use image as a normal disk, example how to use parted to create a gpt system table;</p> <pre> # parted /dev/nbd0 (parted) mklabel gpt + (parted) mkpart ext4 0% 100% + (parted) set 1 boot on </pre> - <p>More information about - <a href="http://devil-detail.blogspot.pt/2013/07/install-grub2-on-gpt-disk-dedicated-partition.html">gpt partition table</a>. - </p> + <pre> + # kpartx -a -s -l -u /dev/nbd0 + </pre> - <p>If partitions are on qcow2 image then setup partitions;</p> + <pre> + # mkfs.ext4 /dev/mapper/nbd0p1 + </pre> + + <p>Mount partition;</p> <pre> - # kpartx -a -s -l /dev/nbd0 + # mount /dev/mapper/nbd0p1 </pre> + <h2 id="net">2. Network</h2> <p>Network configuration;</p> + <dl> <dt>slirp</dt> - <dd>network slirp</dd> + <dd>Default virtual NAT'd network.</dd> <dt>tun/tap</dt> - <dd>network tap</dd> - <dt>...</dt> - <dd>... ...</dd> + <dd>Good performance to create virtually any type of network + topology.</dd> + <dt>vde</dt> + <dd>The VDE networking backend.</dd> </dl> - <h2>Network configuration</h2> - <h3>Tap interfaces</h3> + <h3>2.1. Tap interfaces</h3> <pre> KERNEL=="tun", GROUP="kvm", MODE="0660", OPTIONS+="static_node=net/tun" @@ -92,7 +109,7 @@ you can set only user or group;</p> <pre> - # tunctl -u username -g kvm + # tunctl -u username -g kvm -t tap0 </pre> <p>Set permissions to existing tap interface;</p> @@ -104,12 +121,24 @@ <p>Manual creation of tap interface;</p> - <pre> - # ip tuntap add name tap0 mode tap + <pre> + # ip tuntap add name tap0 mode tap # chmod 0666 /dev/tap0 # chown root:username /dev/tap0 - # ip link show - </pre> + </pre> + + <pre> + # ip addr add 10.0.2.1/24 dev tap0 + # ip link set dev tap0 up + # ip link show + </pre> + + <pre> + # sysctl -w net.ipv4.ip_forward=1 + # iptables -t nat -A POSTROUTING -s 10.0.2.0/24 -o eth0 -j MASQUERADE + </pre> + + <h2 id="guest">Guest System</h2> <p>Start qemu with 512 of ram, mydisk.img as disk and boot from iso</p> @@ -119,24 +148,19 @@ -m 512 \ -boot d -cdrom image.iso \ -hda mydisk.img - </pre> + </pre> <p>Start qemu with 1024 of ram, network configured using tap0 interface device no host and boot from crux.qcow2;</p> - <pre> - $ qemu-system-x86_64 \ - -enable-kvm \ - -m 1024 \ - -hda c9/local/crux.qcow2 \ - -net nic,model=virtio -net tap,ifname=tap0,script=no,downscript=no + <pre> + $ qemu-system-x86_64 \ + -enable-kvm \ + -m 1024 \ + -hda c9/local/crux.qcow2 \ + -net nic,model=virtio -net tap,ifname=tap0,script=no,downscript=no </pre> - <p>On host machine test network;</p> - - <pre> - # tcpdump tap0 - </pre> <a href="index.html">Tools Index</a> <p>This is part of the c9 Manual. Copyright (C) 2016 diff --git a/tools/tar.html b/tools/tar.html index 5bd3df6..c3b7cac 100644 --- a/tools/tar.html +++ b/tools/tar.html @@ -12,7 +12,7 @@ <h2 id="tarbkup">1. Create Backup</h2> - <p>Script in core/scripts/<a href="scripts/backup-system.sh">backup-system.sh</a> use tldp + <p>Script <a href="scripts/backup-system.sh">core/scripts/backup-system.sh</a> use tldp <a href="http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/server-backup.html">server backup</a> and <a href="http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/server-restore.html">restore</a> as a reference.</p> @@ -34,10 +34,11 @@ tar --xattrs -zcpf $DEST_DIR/$BCK_NAME-`date '+%Y-%j-%H-%M-%S'`.tar.gz \ --directory=$ROOT_DIR \ - --exclude=srv \ - --exclude=var/ports \ - --exclude=var/run \ + --exclude=usr/ports \ --exclude=usr/src \ + --exclude=var/run \ + --exclude=var/lock \ + --exclude=srv \ --exclude=mnt \ --exclude=home \ --exclude=dev \ |