From 050ce5709408bd450bca7b6f5eb40a8a1ddf1550 Mon Sep 17 00:00:00 2001 From: cpu Date: Sat, 27 Jan 2024 19:10:03 +0100 Subject: [PATCH] added config and updated readme --- .gitignore | 4 ++-- README.md | 25 +++++++++---------------- terraform.tfvars | 6 ++++++ 3 files changed, 17 insertions(+), 18 deletions(-) create mode 100644 terraform.tfvars diff --git a/.gitignore b/.gitignore index a9e8a0c..d6dcc23 100644 --- a/.gitignore +++ b/.gitignore @@ -14,8 +14,8 @@ crash.*.log # password, private keys, and other secrets. These should not be part of version # control as they are data points which are potentially sensitive and subject # to change depending on the environment. -*.tfvars -*.tfvars.json +# *.tfvars +# *.tfvars.json # Ignore override files as they are usually used to override resources locally and so # are not checked in diff --git a/README.md b/README.md index b346bde..703b0f5 100644 --- a/README.md +++ b/README.md @@ -11,19 +11,19 @@ You will require a host with LXD and you will also require to initialize the hos ```bash sudo snap install lxd lxd init --minimal -lxc config set core.https_address IP_ADDRESS:8443 +lxc config set core.https_address LXD_HOST_IP_ADDRESS:8443 lxc config set core.trust_password A-SECURE-LXD-PASSWORD -sudo ufw allow in on lan to IP_ADDRESS port 8443 proto tcp -sudo ufw allow in on wg0 to IP_ADDRESS port 8443 proto tcp +sudo ufw allow in on lan to LXD_HOST_IP_ADDRESS port 8443 proto tcp +sudo ufw allow in on wg0 to LXD_HOST_IP_ADDRESS port 8443 proto tcp ``` ## Setup the client machine e.g. a notebook ```bash sudo snap install lxd -lxc remote add zot IP_ADDRESS -lxc remote switch zot +lxc remote add zot LXD_HOST_IP_ADDRESS +lxc remote switch zot # make the zot the default lxc remote list -lxc list # shows instances running on the server zot +lxc list # shows instances running on the remote zot lxc shell ubuntu # login as root to the container ubuntu lxc exec ubuntu -- uname -a # run a command inside the container ubuntu ``` @@ -37,7 +37,7 @@ Then provision a lxd instance and a zfs storage pool with terraform: ```bash terraform init terraform plan -terraform apply +terraform apply -auto-approve Outputs: @@ -61,7 +61,7 @@ See the config Delete the container ubuntu using terraform -`terraform destroy --target lxd_instance.ubuntu` +`terraform destroy --target lxd_instance.ubuntu -auto-approve` ## SSH Config @@ -75,12 +75,5 @@ Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-122-generic x86_64) john@ubuntu:~$ ``` -Or as ubuntu using a private key. The public key is set in the variable `ssh_pub_key` in file `terraform.tfvars` -```bash -$ ssh -i .ssh/id_ed25519 ubuntu@ubuntu.lxd -Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-122-generic x86_64) - -ubuntu@ubuntu:~$ -``` -## If groups have changed in the LDAP cache must be invalidated. Flush nscd groups cache +## If groups have changed in the LDAP the cache must be invalidated. Flush nscd groups cache `sudo nscd --invalidate=group` \ No newline at end of file diff --git a/terraform.tfvars b/terraform.tfvars new file mode 100644 index 0000000..fc3225f --- /dev/null +++ b/terraform.tfvars @@ -0,0 +1,6 @@ +lxd_host = "zot" +lxd_password = "A-SECURE-LXD-PASSWORD" +ldap_rootbinddn = "cn=ldap_admin_username,dc=virtonline,dc=eu" +ldap_rootbindpw = "ldap_admin_password" +ldap_url = "ldap://ldap.virtonline.eu" +ldap_searchbase = "dc=virtonline,dc=eu"