From 82839da4d6bd6aeed913697891cc180c6c6841d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julie=C3=B1?= Date: Sat, 7 Jun 2025 01:33:08 +0200 Subject: [PATCH] Updates --- On host/Caddy.md | 23 ++-- On host/Cockpit.md | 106 ++++++++++++++++++ .../cockpit-file-sharing_nfs.krabs.exports | 8 ++ Turing Pi/nfs-server.md | 39 ++++--- 4 files changed, 149 insertions(+), 27 deletions(-) create mode 100644 On host/Cockpit.md create mode 100644 Turing Pi/cockpit-file-sharing_nfs.krabs.exports diff --git a/On host/Caddy.md b/On host/Caddy.md index 407a7ad..969d7f0 100644 --- a/On host/Caddy.md +++ b/On host/Caddy.md @@ -59,6 +59,8 @@ sudo vim /etc/caddy/Caddyfile email admin@delmar.bzh default_sni delmar.bzh + admin :2019 + acme_dns ovh { endpoint ovh-eu application_key 3f8bdfed17f848d8 @@ -109,6 +111,15 @@ cloud.delmar.bzh { } } +cpt.delmar.bzh { + reverse_proxy bob:9090 { + transport http { + tls_insecure_skip_verify + } + } + encode gzip zstd +} + cs.delmar.bzh { reverse_proxy sheldon:49505 encode gzip zstd @@ -253,18 +264,6 @@ vault.delmar.bzh { encode gzip zstd } -webmin.delmar.bzh { - reverse_proxy bob:10000 { - transport http { - read_buffer 0 - write_buffer 0 - tls_insecure_skip_verify - versions 1.1 - } - } - encode gzip zstd -} - wizarr.delmar.bzh { reverse_proxy gary:5690 encode gzip zstd diff --git a/On host/Cockpit.md b/On host/Cockpit.md new file mode 100644 index 0000000..0fd9e7a --- /dev/null +++ b/On host/Cockpit.md @@ -0,0 +1,106 @@ +--- +created: 2025-06-06T10:03:38 (UTC +02:00) +tags: [] +source: https://cockpit-project.org/running.html +author: +--- + +# Running Cockpit — Cockpit Project + +> ## Excerpt +> Cockpit makes it easy to administer your Linux servers via a web browser. + +--- +### Debian + +These commands require a POSIX compatible shell like `bash`. For other shells like `fish`, temporarily run `bash -i`. + +Cockpit is available in Debian since version 10 (Buster). + +1. To get the latest version, we recommend to enable the [backports repository](https://backports.debian.org) (as root): + + ``` + . /etc/os-release + echo "deb http://deb.debian.org/debian ${VERSION_CODENAME}-backports main" > \ + /etc/apt/sources.list.d/backports.list + apt update + ``` + +2. Install or update the package: + + ``` + apt install -t ${VERSION_CODENAME}-backports cockpit + ``` + + +When updating Cockpit-related packages and any dependencies, make sure to use `-t ...-backports` as above, so backports are included. + +### Ubuntu + +These commands require a POSIX compatible shell like `bash`. For other shells like `fish`, temporarily run `bash -i`. + +Cockpit is available in Ubuntu, with [updated versions in official backports for LTS releases](https://help.ubuntu.com/community/UbuntuBackports). + +We recommend installing or updating the latest version from backports. This repository is enabled by default, but if you customized apt sources you might need to [enable them manually](https://help.ubuntu.com/community/UbuntuBackports#Enabling_Backports). + +``` +. /etc/os-release +sudo apt install -t ${VERSION_CODENAME}-backports cockpit +``` + +When updating Cockpit-related packages and any dependencies, make sure to use `-t ...-backports` as above, so backports are included. + +#### Cockpit file sharing + +https://github.com/45Drives/cockpit-file-sharing + +#### Cockpit Sensors + +https://github.com/ocristopfer/cockpit-sensors + +#### Cockpit Identities + +https://github.com/45drives/cockpit-identities + +### Not installed (yet) + +#### Cockpit Navigator + +https://github.com/45Drives/cockpit-navigator + +#### Cockpit Files + +https://github.com/cockpit-project/cockpit-files + +#### Cockpit Docker + +https://github.com/chabad360/cockpit-docker + +### Fix networking - Cockpit Software Updates - Loading available updates failed - Cannot refresh cache whilst offline + +> ## Excerpt +> On a Ubuntu Server LTS 20.x, with renderer : networkd, LAN / WAN Connectivity +are all properly fucntional. However in Cockpit > Software Updates, it gives the error message: +Loading available up... + +1. Create a placeholder file and network interface. Create `/etc/NetworkManager/conf.d/10-globally-managed-devices.conf` with the contents: + +> ``` +> [keyfile] +> unmanaged-devices=none +> ``` + +2. If you run on Ubuntu with arm64 (e.g.: on a Raspberry Pi), install extra Linux kernel modules for networking: + +> ``` +> sudo apt install linux-modules-extra-raspi +> ``` + +3. Set up a “dummy” network interface: + +> ``` +> nmcli con add type dummy con-name fake ifname fake0 ip4 1.2.3.4/24 gw4 1.2.3.1 +> ``` + +4. Reboot (reload service ?) + diff --git a/Turing Pi/cockpit-file-sharing_nfs.krabs.exports b/Turing Pi/cockpit-file-sharing_nfs.krabs.exports new file mode 100644 index 0000000..5f2a4f0 --- /dev/null +++ b/Turing Pi/cockpit-file-sharing_nfs.krabs.exports @@ -0,0 +1,8 @@ +/srv/nfs4 192.168.1.0/24(rw,sync,no_subtree_check,crossmnt,fsid=0) +/srv/nfs4/cloud 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/media 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/ebooks 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/git 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/photos 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/downloads 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/backups 192.168.1.0/24(ro,sync,no_subtree_check) diff --git a/Turing Pi/nfs-server.md b/Turing Pi/nfs-server.md index bc40862..e7960ce 100644 --- a/Turing Pi/nfs-server.md +++ b/Turing Pi/nfs-server.md @@ -178,12 +178,17 @@ sudo vim /etc/fstab ``` # LVM -UUID=a67ae390-f36c-4b7c-98a0-4a3b5601c107 /mnt/data ext4 defaults,nofail,user_xattr,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2 -# NFS -/mnt/data/cloud /export/cloud none bind,nofail 0 0 -/mnt/data/gitea /export/gitea none bind,nofail 0 0 -/mnt/data/jellystack /export/jellystack none bind,nofail 0 0 -/mnt/data/media /export/media none bind,nofail 0 0 +UUID=0c390345-ca52-45fd-9097-6e931d651a8f / ext4 defaults,x-systemd.growfs 0 1 +# LVM +/dev/hdds/datas /mnt/data ext4 defaults,nofail,user_xattr,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0,acl 0 2 +# NFS exports +/mnt/data/cloud /srv/nfs4/cloud none bind,nofail 0 0 +/mnt/data/media /srv/nfs4/media none bind,nofail 0 0 +/mnt/data/ebooks /srv/nfs4/ebooks none bind,nofail 0 0 +/mnt/data/git /srv/nfs4/git none bind,nofail 0 0 +/mnt/data/photos /srv/nfs4/photos none bind,nofail 0 0 +/mnt/data/downloads /srv/nfs4/downloads none bind,nofail 0 0 +/opt/backups /srv/nfs4/backups none bind,nofail 0 0 ``` **PS : Check the content of /var/lib/nfs/etab to show NFS shares list and all the applied permission details** @@ -193,10 +198,14 @@ cat /var/lib/nfs/etab ``` ```shell -/export/media 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) -/export/jellystack 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) -/export/gitea 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) -/export/cloud 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4 192.168.1.0/24(rw,sync,no_subtree_check,crossmnt,fsid=0) +/srv/nfs4/cloud 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/media 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/ebooks 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/git 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/photos 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/downloads 192.168.1.0/24(rw,sync,wdelay,hide,nocrossmnt,insecure,no_root_squash,no_all_squash,subtree_check,secure_locks,acl,no_pnfs,anonuid=65534,anongid=65534,sec=sys,rw,insecure,no_root_squash,no_all_squash) +/srv/nfs4/backups 192.168.1.0/24(ro,sync,no_subtree_check) ``` #### Client(s) @@ -213,10 +222,10 @@ sudo vim /etc/fstab ``` ```shell -krabs:/export/cloud /nfs/media nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 -krabs:/export/gitea /nfs/gitea nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 -krabs:/export/jellystack /nfs/jellystack nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 -krabs:/export/media /nfs/media nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 +krabs:/srv/nfs4/cloud /nfs/media nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 +krabs:/srv/nfs4/git /nfs/git nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 +krabs:/srv/nfs4/media /nfs/media nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 +krabs:/srv/nfs4/ebooks /nfs/ebooks nfs _netdev,x-systemd.automount,noauto,nofail,noatime,nolock,tcp,bg,actimeo=1800 0 0 ``` ```bash @@ -226,4 +235,4 @@ sudo mount /nfs/jellystack sudo mount /nfs/media sudo systemctl daemon-reload -``` \ No newline at end of file +```