2HoursProject/terraform-lxd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added config and updated readme

Browse Source
This commit is contained in:
cpu
2024-01-27 19:10:03 +01:00
parent c9d6341a55
commit 050ce57094
3 changed files with 17 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@@ -14,8 +14,8 @@ crash.*.log
# password, private keys, and other secrets. These should not be part of version # password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject # control as they are data points which are potentially sensitive and subject
# to change depending on the environment. # to change depending on the environment.
*.tfvars # *.tfvars
*.tfvars.json # *.tfvars.json
# Ignore override files as they are usually used to override resources locally and so # Ignore override files as they are usually used to override resources locally and so
# are not checked in # are not checked in

25
README.md
View File

@@ -11,19 +11,19 @@ You will require a host with LXD and you will also require to initialize the hos
```bash ```bash
sudo snap install lxd sudo snap install lxd
lxd init --minimal lxd init --minimal
lxc config set core.https_address IP_ADDRESS:8443 lxc config set core.https_address LXD_HOST_IP_ADDRESS:8443
lxc config set core.trust_password A-SECURE-LXD-PASSWORD lxc config set core.trust_password A-SECURE-LXD-PASSWORD
sudo ufw allow in on lan to IP_ADDRESS port 8443 proto tcp sudo ufw allow in on lan to LXD_HOST_IP_ADDRESS port 8443 proto tcp
sudo ufw allow in on wg0 to IP_ADDRESS port 8443 proto tcp sudo ufw allow in on wg0 to LXD_HOST_IP_ADDRESS port 8443 proto tcp
``` ```
## Setup the client machine e.g. a notebook ## Setup the client machine e.g. a notebook
```bash ```bash
sudo snap install lxd sudo snap install lxd
lxc remote add zot IP_ADDRESS lxc remote add zot LXD_HOST_IP_ADDRESS
lxc remote switch zot lxc remote switch zot # make the zot the default
lxc remote list lxc remote list
lxc list # shows instances running on the server zot lxc list # shows instances running on the remote zot
lxc shell ubuntu # login as root to the container ubuntu lxc shell ubuntu # login as root to the container ubuntu
lxc exec ubuntu -- uname -a # run a command inside the container ubuntu lxc exec ubuntu -- uname -a # run a command inside the container ubuntu
``` ```
@@ -37,7 +37,7 @@ Then provision a lxd instance and a zfs storage pool with terraform:
```bash ```bash
terraform init terraform init
terraform plan terraform plan
terraform apply terraform apply -auto-approve
Outputs: Outputs:
@@ -61,7 +61,7 @@ See the config
Delete the container ubuntu using terraform Delete the container ubuntu using terraform
`terraform destroy --target lxd_instance.ubuntu` `terraform destroy --target lxd_instance.ubuntu -auto-approve`
## SSH Config ## SSH Config
@@ -75,12 +75,5 @@ Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-122-generic x86_64)
john@ubuntu:~$ john@ubuntu:~$
``` ```
Or as ubuntu using a private key. The public key is set in the variable `ssh_pub_key` in file `terraform.tfvars` ## If groups have changed in the LDAP the cache must be invalidated. Flush nscd groups cache
```bash
$ ssh -i .ssh/id_ed25519 ubuntu@ubuntu.lxd
Welcome to Ubuntu 22.04.3 LTS (GNU/Linux 5.4.0-122-generic x86_64)
ubuntu@ubuntu:~$
```
## If groups have changed in the LDAP cache must be invalidated. Flush nscd groups cache
`sudo nscd --invalidate=group` `sudo nscd --invalidate=group`

6
terraform.tfvars Normal file
View File

@@ -0,0 +1,6 @@
lxd_host = "zot"
lxd_password = "A-SECURE-LXD-PASSWORD"
ldap_rootbinddn = "cn=ldap_admin_username,dc=virtonline,dc=eu"
ldap_rootbindpw = "ldap_admin_password"
ldap_url = "ldap://ldap.virtonline.eu"
ldap_searchbase = "dc=virtonline,dc=eu"