Server/haruka

Aus Opennet
Wechseln zu: Navigation, Suche

Haruka ist ein Opennet Server.

Technische Daten

Name haruka
Hardware Virtualisiert, KVM VM (Server/akito)
Betriebsystem MikroTik CHR
Anbindung siehe Server/akito
IP / DNS 192.168.5.23 - haruka.on (Opennet IPv4, ether1)
fd32:d8d3:87da::10:16 - haruka.on (Opennet IPv6, ether1)
46.4.100.206 - haruka.opennet-initiative.de (WAN IPv4, ether2)
2a01:4f8:140:9250::206 - haruka.opennet-initiative.de (WAN IPv6, ether2)
Ausstattung 256 MB RAM (virtuell)
512 MB (/)
Dienste Dienste der Funkamateure Rostock (DARC e.V.)
Backup (kein Backup derzeit)

Verantwortlichkeiten

  • Zugang/Hosting: siehe Server/akito
  • Administration: Christoph Kottke, Mathias Mahnke

Dienste

Status

Besonderheiten

  • eth1 MAC ist "00:50:56:00:b0:f5", wurde von Hetzner zugewiesen
  • Kein OLSRv1 Betrieb, daher IPv4 HNA via AP2.230
  • Kein OLSRv2 Betrieb, daher keine IPv6 Mesh Erreichbarkeit
  • Erstinstallation:
lvcreate --name haruka-root --size 512M lvm-akito
dd if=chr-6.49.7.img of=/dev/lvm-akito/haruka-root bs=1M
virt-install --connect qemu:///system -n "haruka" --memory=2048 --vcpus=1 \
   --import --disk "path=/dev/lvm-akito/haruka-root,format=raw,bus=sata" \
   --graphics vnc,keymap=de --serial pty --noautoconsole \
   --os-type generic --network=bridge:br-wan,model=e1000,mac=00:50:56:00:b0:f5 --hvm
   ...
virsh autostart haruka
virsh start haruka
ssh -L 5906:localhost:5906 <virt-server>
vncviewer rdp://localhost:5906
...
> ip address add address=192.168.5.23 network=192.168.2.230 interface=ether1
> ip route add dst-address=192.168.0.0/16 gateway=192.168.2.230
> ip dns set servers=192.168.2.230
> ip address add address=46.4.100.206 netmask=255.255.255.192 interface=ether2
> ip route add dst-address=0.0.0.0/0 gateway=46.4.100.225
> ip dhcp-client remove ether1
> ip ssh set strong-crypto=yes
> ip neighbor discovery-settings set discover-interface-list=none
> system identity set name=haruka
> system note set show-at-login=yes note=
                                     _   
    ___  _ __   ___ _ __  _ __   ___| |_ 
   / _ \| '_ \ / _ \ '_ \| '_ \ / _ \ __|
  | (_) | |_) |  __/ | | | | | |  __/ |_ 
   \___/| .__/ \___|_| |_|_| |_|\___|\__|
        |_|   
   Willkommen auf haruka!
> system ntp client set server-dns-names=pool.ntp.org
> system clock set time-zone-name=Europe/Berlin 
> tool bandwidth-server set enabled=no
> certificate add name=haruka-CA common-name=haruka-CA key-usage=key-cert-sign,crl-sign
> certificate add name=haruka common-name=haruka.on key-usage=key-encipherment,tls-server
> certificate sign haruka-CA
> certificate sign haruka ca=haruka-CA
> ip service set 4 certificate=haruka       # www-ssl
> ip service set 7 certificate=haruka       # api-ssl
> ip service set 0 address=192.168.0.0/16   # telnet
> ip service set 1 address=192.168.0.0/16   # ftp
> ip service set 2 address=192.168.0.0/16   # www
> ip service set 3 address=192.168.0.0/16   # ssh
> ip service set 4 address=192.168.0.0/16   # www-ssl
> ip service set 5 address=192.168.0.0/16   # api
> ip service set 6 address=192.168.0.0/16   # winbox
> ip service set 7 address=192.168.0.0/16   # api-ssl
> ip service set 0 disabled=yes   # telnet
> ip service set 1 disabled=yes   # ftp
> ip service set 2 disabled=yes   # www
> ip service set 4 disabled=no    # www-ssl
> ip service set 5 disabled=yes   # api
> ip service set 6 disabled=yes   # winbox
> system package enable ipv6
> system reboot
> ipv6 address add address=fd32:d8d3:87da::10:16/64 interface=ether1
> ipv6 address add address=2a01:4f8:140:9250::206/64 interface=ether2
> ipv6 route add dst-address=::/0 gateway=fe80::1%ether2
> system backup save
Meine Werkzeuge
Namensräume

Varianten
Aktionen
Start
Opennet
Kommunikation
Karten
Werkzeuge