davrot/overleaf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
David Rotermund 2024-07-13 15:44:22 +02:00 committed by GitHub
parent c1463170e5
commit 1041573c62
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 35 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

77
README.md
View file

@ -1,46 +1,39 @@
I based the installation on Fedora 39 Server Edition.
* Ansible will not work as long as SE Linux is active. Use the cockpit localhost:9090 to disable it for duration you need it to be tured off.
* Don't forget to configure the firewalls correctly. Again, use cockpit.
* Portainer is exported to port 9443. You should use it for coordinating the docker chaos.
You need to scroll though the files and change the values to your setup.
# How make a computer ready for ansible
```
dnf -y install ansible mc net-tools openssh-server openssh-clients passwdqc cracklib-dicts shadow-utils
apt update
apt upgrade
systemctl enable sshd
systemctl start sshd
apt install git pkg-config libssl-dev curl mc argon2 ca-certificates net-tools
useradd -b /specialusers ansibleuser
passwd_value="PUT_A_PASSWORD_HERE"
echo ansibleuser:$passwd_value | chpasswd
echo "ansibleuser ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/ansible
```
# How to make the server ready
Once:
```
dnf -y install ansible mc net-tools openssh-server openssh-clients passwdqc cracklib-dicts shadow-utils sshpass
ssh-keygen
```
And then for every computer:
```
passwd_value="PUT_A_PASSWORD_HERE"
sshpass -p "$passwd_value" ssh-copy-id -o "StrictHostKeyChecking accept-new" ansibleuser@COMPUTERNAME
```
# Overleaf yaml file
For the smtp relay we need to set the email password and email user. You can provide it via command line parameter or yaml file to ansible-playbook.
```
---
EUSER: "SOME EMAIL USER"
EPASS: "SOME PASSWORD"
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
echo "{" > /etc/docker/daemon.json
echo ' "iptables": false' >> /etc/docker/daemon.json
echo "}" >> /etc/docker/daemon.json
systemctl restart docker
ufw allow in on docker0
ufw route allow in on docker0
ufw route allow out on docker0
ufw allow 22
ufw allow 443
ufw enable
ufw status verbose
docker run hello-world
```