Server/haruka
Aus Opennet
Haruka ist ein Opennet Server.
Technische Daten
Name | haruka |
---|---|
Hardware | Virtualisiert, KVM VM (Server/akito) |
Betriebsystem | MikroTik CHR |
Anbindung | siehe Server/akito |
IP / DNS | 192.168.5.23 - haruka.on (Opennet IPv4, ether1) fd32:d8d3:87da::10:16 - haruka.on (Opennet IPv6, ether1) 46.4.100.206 - haruka.opennet-initiative.de (WAN IPv4, ether2) 2a01:4f8:140:9250::206 - haruka.opennet-initiative.de (WAN IPv6, ether2) |
Ausstattung | 256 MB RAM (virtuell) 512 MB (/) |
Dienste | Dienste der Funkamateure Rostock (DARC e.V.) |
Backup | (kein Backup derzeit) |
Verantwortlichkeiten
- Zugang/Hosting: siehe Server/akito
- Administration: Christoph Kottke, Mathias Mahnke
Dienste
- Amateurfunk Router/VPN: https://hamnetdb.net/?q=dm0hro
Status
- RouterOS WebFig: https://haruka.on
Besonderheiten
- eth1 MAC ist "00:50:56:00:b0:f5", wurde von Hetzner zugewiesen
- Kein OLSRv1 Betrieb, daher IPv4 HNA via AP2.230
- Kein OLSRv2 Betrieb, daher keine IPv6 Mesh Erreichbarkeit
- Erstinstallation:
lvcreate --name haruka-root --size 512M lvm-akito dd if=chr-6.49.7.img of=/dev/lvm-akito/haruka-root bs=1M virt-install --connect qemu:///system -n "haruka" --memory=2048 --vcpus=1 \ --import --disk "path=/dev/lvm-akito/haruka-root,format=raw,bus=sata" \ --graphics vnc,keymap=de --serial pty --noautoconsole \ --os-type generic --network=bridge:br-wan,model=e1000,mac=00:50:56:00:b0:f5 --hvm ... virsh autostart haruka virsh start haruka ssh -L 5906:localhost:5906 <virt-server> vncviewer rdp://localhost:5906 ... > ip address add address=192.168.5.23 network=192.168.2.230 interface=ether1 > ip route add dst-address=192.168.0.0/16 gateway=192.168.2.230 > ip dns set servers=192.168.2.230 > ip address add address=46.4.100.206 netmask=255.255.255.192 interface=ether2 > ip route add dst-address=0.0.0.0/0 gateway=46.4.100.225 > ip dhcp-client remove ether1 > ip ssh set strong-crypto=yes > ip neighbor discovery-settings set discover-interface-list=none > system identity set name=haruka > system note set show-at-login=yes note= _ ___ _ __ ___ _ __ _ __ ___| |_ / _ \| '_ \ / _ \ '_ \| '_ \ / _ \ __| | (_) | |_) | __/ | | | | | | __/ |_ \___/| .__/ \___|_| |_|_| |_|\___|\__| |_| Willkommen auf haruka! > system ntp client set server-dns-names=pool.ntp.org > system clock set time-zone-name=Europe/Berlin > tool bandwidth-server set enabled=no > certificate add name=haruka-CA common-name=haruka-CA key-usage=key-cert-sign,crl-sign > certificate add name=haruka common-name=haruka.on key-usage=key-encipherment,tls-server > certificate sign haruka-CA > certificate sign haruka ca=haruka-CA > ip service set 4 certificate=haruka # www-ssl > ip service set 7 certificate=haruka # api-ssl > ip service set 0 address=192.168.0.0/16 # telnet > ip service set 1 address=192.168.0.0/16 # ftp > ip service set 2 address=192.168.0.0/16 # www > ip service set 3 address=192.168.0.0/16 # ssh > ip service set 4 address=192.168.0.0/16 # www-ssl > ip service set 5 address=192.168.0.0/16 # api > ip service set 6 address=192.168.0.0/16 # winbox > ip service set 7 address=192.168.0.0/16 # api-ssl > ip service set 0 disabled=yes # telnet > ip service set 1 disabled=yes # ftp > ip service set 2 disabled=yes # www > ip service set 4 disabled=no # www-ssl > ip service set 5 disabled=yes # api > ip service set 6 disabled=yes # winbox > system package enable ipv6 > system reboot > ipv6 address add address=fd32:d8d3:87da::10:16/64 interface=ether1 > ipv6 address add address=2a01:4f8:140:9250::206/64 interface=ether2 > ipv6 route add dst-address=::/0 gateway=fe80::1%ether2 > system backup save