myLimbo/casa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat ansible ssh configuration

Browse Source
This commit is contained in:
Márcio Fernandes
2024-08-31 21:21:26 +01:00
parent 44ebbbf28a
commit b3d9bdfbe3
9 changed files with 96 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@@ -9,13 +9,16 @@ The idea was to create a server with docker where it would be possible to isolat
The server itself is on its own vlan (Vlan: homesrv) but requires communication with the Vlans:
- IOT
Using [code-server docker container](#code-server) for Development / Maintenance.
<!-- omit in toc -->
## Table of Contents
- [Table of Contents](#table-of-contents)
- [Services](#services)
- [SSH](#ssh)
- [Docker](#docker)
- [Volumes](#volumes)
- [Portainer](#portainer)
@@ -36,16 +39,19 @@ Using [code-server docker container](#code-server) for Development / Maintenance
- [Packages and Requirements](#packages-and-requirements)
- [Users \& Groups](#users--groups)
- [fstab](#fstab)
- [ssh](#ssh)
- [Update](#update)
## Services
### SSH
Deployed and maintained by ansible role [myInfra.dev.homesrv1](./ansible/roles/myInfra.dev.homesrv01/README.md).
### Docker
### Volumes
``` bash
```bash
# requires mount /mnt/media@sshfs:nas.lan
# required by LMS service
docker volume create --driver local --opt type=none --opt device=/mnt/media@sshfs:nas.lan/music --opt o=bind music
@@ -185,7 +191,7 @@ SONOFF Universal Zigbee 3.0 USB Dongle Plus attached on [proxmox host](#host).
Patch security on [proxmox host](#host).
(usb passthrough to [lxc container](#proxmox---lxc-container))
``` yaml
```yaml
#on proxmox hosting server
chown 100000:100020 /dev/ttyUSB0
chown 100000:100020 /dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_c0e8eeb4b38ded118e7c06f6b86ce6f8-if00-port0
@@ -193,7 +199,7 @@ chown 100000:100020 /dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plu
#### Docker devices
``` yaml
```yaml
....
devices:
# Make sure this matched your adapter location
@@ -311,17 +317,6 @@ usermod -aG docker admin
sshfs#media@nas.lan:/home/media /mnt/media@sshfs:nas.lan fuse defaults,_netdev,allow_other,follow_symlinks 0 0
```
### ssh
```bash
#/etc/ssh/sshd_config
PermitRootLogin no
```
```bash
systemctl restart ssh
```
### Update
```bash