OpenSeaMap-dev:Server FreeBSD Jails: Unterschied zwischen den Versionen
Dom (Diskussion | Beiträge) (Jail update base system.) |
Dom (Diskussion | Beiträge) (Configure hostname for jails.) |
||
(Eine dazwischenliegende Version desselben Benutzers wird nicht angezeigt) | |||
Zeile 33: | Zeile 33: | ||
echo 'syslogd_flags="-ss"' >> /usr/jails/<jail-name>/etc/rc.conf | echo 'syslogd_flags="-ss"' >> /usr/jails/<jail-name>/etc/rc.conf | ||
+ | |||
+ | Set hostname. | ||
+ | |||
+ | echo 'hostname="<jail-name>.openseamap.org"' >> /usr/jails/<jail-name>/etc/rc.conf | ||
+ | echo '::1 <jail-name>.openseamap.org localhost' > /usr/jails/<jail-name>/etc/hosts | ||
+ | echo '<local-jail-address> <jail-name>.openseamap.org localhost' >> /usr/jails/<jail-name>/etc/hosts | ||
Configure sshd. | Configure sshd. | ||
Zeile 82: | Zeile 88: | ||
Install these ports in every jail. | Install these ports in every jail. | ||
− | portmaster -d -B sysutils/screen editors/vim ports-mgmt/portaudit | + | portmaster -d -B sysutils/screen editors/vim-lite ports-mgmt/portaudit |
=== Install Service === | === Install Service === |
Aktuelle Version vom 24. November 2013, 12:55 Uhr
Inhaltsverzeichnis
Installation
Create Jail
Add alias.
ifconfig lo0 alias <local-jail-address> netmask 255.255.255.255 vi /etc/rc.conf ifconfig_lo0_aliasN="inet <local-jail-address> netmask 255.255.255.255"
Create jail.
ezjail-admin create <jail-name> <local-jail-address>
Add ports tree.
rm /usr/jails/<jail-name>/usr/ports mkdir /usr/jails/<jail-name>/usr/ports vi /etc/fstab.<jail-name-corrected> /usr/ports /usr/jails/<jail-name>/usr/ports nullfs ro 0 0
Add DNS server.
cat /etc/resolv.conf | grep nameserver > /usr/jails/<jail-name>/etc/resolv.conf
Add port build config.
echo 'WITHOUT_X11=yes' >> /usr/jails/<jail-name>/etc/make.conf
Configure syslogd.
echo 'syslogd_flags="-ss"' >> /usr/jails/<jail-name>/etc/rc.conf
Set hostname.
echo 'hostname="<jail-name>.openseamap.org"' >> /usr/jails/<jail-name>/etc/rc.conf echo '::1 <jail-name>.openseamap.org localhost' > /usr/jails/<jail-name>/etc/hosts echo '<local-jail-address> <jail-name>.openseamap.org localhost' >> /usr/jails/<jail-name>/etc/hosts
Configure sshd.
vi /usr/jails/<jail-name>/etc/ssh/sshd_config ListenAddress <local-jail-address> PermitRootLogin no ChallengeResponseAuthentication no echo 'sshd_enable="YES"' >> /usr/jails/<jail-name>/etc/rc.conf
Configure firewall settings.
vi /etc/pf.conf rdr on $ext_if proto tcp from any to any port 22xx -> 127.0.0.xx port 22 pass in on $ext_if inet proto tcp from any to 127.0.0.xx port 22 keep state pfctl -f /etc/pf.conf
Start jail.
ezjail-admin start <jail-name>
Configureation inside jail
Connect to jail.
ezjail-admin console <jail-name>
Redirect mails for root.
vi /etc/aliases root: <mail-address> newaliases
Install Ports
Connect to jail.
ezjail-admin console <jail-name>
Install portmaster.
cd /usr/ports/ports-mgmt/portmaster make install clean rehash
Install these ports in every jail.
portmaster -d -B sysutils/screen editors/vim-lite ports-mgmt/portaudit
Install Service
Additional installations based on the service type.
Maintenance
Update jail base system (world).
screen -S update ezjail-admin update -u exit
Restart affected services or restart the whole jails.