Basic Installation
Virtual Machine
- create Virtual Machine:
VMware: deploy OVA image
KVM: create VM with the QCOW - adjust the RAM of the VM (e.g. 4 GB)
- attach a 2nd hard disk for DATA and SWAP partitions
- start VM, open console
Login at console
- allow weak passwords (not recommended):
login as user "root" without password (only possible from the console)
mcedit /etc/security/passwdqc.conf
change the line "enforce=everyone" to "enforce=none"
exit - login as user "admin", set new password
- The following initialization is aborted with an error message because the required partition with the label "DATA" does not exist yet
Initialize DATA disk
- If desired, temporarily change the key mapping of the console:
sudo loadkeys us - partitioning of the DATA disk:
sudo "LANG=C" cfdisk /dev/sdbSelect label type: gpt
"New", Partition size: 2G, "Type": Linux swap
"New", Partition size: <remaining space>
"Write" => yes, "Quit" - format and label the partitions:
sudo mkswap -L SWAP /dev/sdb1
sudo mkfs.ext4 -L DATA /dev/sdb2 - Reboot:
sudo systemctl reboot
Initialize appliance
-
Login as user "admin"
-
Initialization starts automatically
-
Only for the Zabbix Appliance:
choose [s]erver|[p]roxy: s -
become root:
sudo -i -
optional: change console keymap to "us" (default is german):
loadkeys us
localectl --no-convert set-keymap us
cp /etc/vconsole.conf /DATA/etc/vconsole.conf
echo "/etc/vconsole.conf" >> /DATA/.APPLIANCE/populate-data/COPY -
optional: change locale für user "admin" to us-english (default is german):
echo "export LANG=C.utf8" >> /home/admin/.bashrc -
change hostname (replace <fqdn> with the desired hostname and domain):
hostnamectl hostname <fqdn>
cp /etc/hostname /DATA/etc/hostname -
add to /etc/hosts:
echo "<ip address> <FQDN> <hostname>" >> /DATA/etc/hosts -
adjust /etc/fstab:
mcedit /etc/fstabExample# <fs> <mountpoint> <type> <opts> <dump/pass> /dev/sda1 / ext4 noatime 1 1 LABEL=SWAP none swap sw 0 0 LABEL=DATA /DATA ext4 noatime 0 1cp /etc/fstab /DATA/etc/fstab -
Network configuration:
mkdir -p /DATA/etc/systemd/network
mv /00-eth0.network.example /DATA/etc/systemd/network/00-eth0.network
mcedit /DATA/etc/systemd/network/00-eth0.networkExample[Match] Name=eth0 [Network] Description=first network port DNS=10.139.1.1 DNS=10.139.1.2 Domains=rbg.unitas-network.de [Address] Address=10.137.0.34/24 [Route] Gateway=10.137.0.254cp -af /DATA/etc/systemd/. /etc/systemd
echo "/etc/systemd" >> /DATA/.APPLIANCE/populate-data/COPY -
VM-Tools (VMware only):
systemctl enable vmtoolsd
mkdir -p /DATA/etc/systemd/system/multi-user.target.wants
mkdir -p /DATA/etc/systemd/system/vmtoolsd.service.requires
cp /etc/systemd/system/multi-user.target.wants/vmtoolsd.service /DATA/etc/systemd/system/multi-user.target.wants/vmtoolsd.service
cp /etc/systemd/system/vmtoolsd.service.requires/vgauthd.service /DATA/etc/systemd/system/vmtoolsd.service.requires/vgauthd.service -
Reboot:
systemctl reboot
Optional: additional users with SSH key
-
Login as user "admin"
-
become root:
sudo -i -
add two users without mail spool (example names):
echo "CREATE_MAIL_SPOOL=no" >> /etc/default/useradd
useradd -m -G users,wheel -s /bin/bash --uid 2001 --user-group --comment "Unitas Network admin" un-jdeckert
useradd -m -G users,wheel -s /bin/bash --uid 2002 --user-group --comment "Unitas Network admin" un-iwetzel -
Add SSH keys:
mkdir /home/un-jdeckert/.ssh
echo -n "ssh-rsa " > /home/un-jdeckert/.ssh/authorized_keys
echo -n "AAAAB3NzaC1yc2EAAAADAQABAAABAQDuzZGqCzy" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "vM3HhRezwZCxgwOEERcGr2+eSQJ3hb3C4A+QgYh" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "8j6dgfsDNhNciwfZ+Prx4MukRl0YGomdmB7yyFm" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "FE/73CTo3LEK/BfTiRRTRyabJPP2ozMrKj3hxXd" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "FfYvhNB8JoAtLS+ANGv0YM+IvHBXgycRx1Pj7A2" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "6KM7+Fpo17oNxlIAc8T7+Px7azFHk22AzH2Rw4M" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "/DuFm//v9nLE49xmuFM900Z2KJ+BQoOZX6uFhcQ" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "AiW4JZIq4yxFFPh5WlIC/3s/4jCCgmFFXSqfazC" >> /home/un-jdeckert/.ssh/authorized_keys
echo -n "JGzONSALb2CvU0RoCwpdIRYDn17q50RRDBq/KXJ" >> /home/un-jdeckert/.ssh/authorized_keys
echo "u0pxQzdoIzVIxkQwwykc7 Unitas-JDeckert" >> /home/un-jdeckert/.ssh/authorized_keysmkdir /home/un-iwetzel/.ssh
echo -n "ssh-rsa " > /home/un-iwetzel/.ssh/authorized_keys
echo -n "AAAAB3NzaC1yc2EAAAADAQABAAABAQC/BoCJb3I" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "a+NBVoP7G1hy11DcqB3GiVnN2MewHVKInzVu4br" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "Nvc4oTRQAtYKuhovxUHbrT8faBuZvjz/72PbeY7" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "Ib7lPCw2y0lpnG3hQs9wGA98SzJCYwggs9JA6zG" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "IMtoibqFSj90C95ulwW1GwUe9LxlLHAkBRF3NVE" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "ln0VaCUokBqTqpYOI8vQ+1U06BS/R2QydRgI2eL" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "FXdO6FSrM9f17HHdkysfKIuQvNMWcH6N+kpVZ7j" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "m6ZxB+abw7vmDMYQPlehbJ722fuXg0eAGLERG95" >> /home/un-iwetzel/.ssh/authorized_keys
echo -n "IGjjsy/ehR/+MN4L/b0Bf/efStLsHwtz1FW0SnK" >> /home/un-iwetzel/.ssh/authorized_keys
echo "veCXUQrI8DpPO+JiKL8oZ Unitas-IWetzel" >> /home/un-iwetzel/.ssh/authorized_keys
chown -R un-jdeckert:un-jdeckert /home/un-jdeckert/.ssh
chown -R un-iwetzel:un-iwetzel /home/un-iwetzel/.ssh -
Move and link home directories:
mkdir /DATA/home
mv /home/un-jdeckert /DATA/home/un-jdeckert
mv /home/un-iwetzel /DATA/home/un-iwetzel
ln -nsf /DATA/home/un-jdeckert /home/un-jdeckert
ln -nsf /DATA/home/un-iwetzel /home/un-iwetzel
Additional users with linked home directory in /DATA/home are automatically recreated when Apliance is updated. It is not necessary to add them in /DATA/.APPLIANCE/populate-data/.