init push
|
@ -0,0 +1,125 @@
|
||||||
|
# Hetzner Proxmox VE Single Setup
|
||||||
|
|
||||||
|
This repo is about the installation of Proxmox 7.X on Hetzner with pfsense as firewall for WAN, IP floating with additional IP address for the VM's to allow SNAT.
|
||||||
|
|
||||||
|
# Hetzner Promox Architecture
|
||||||
|
|
||||||
|
<img src="img/proxmox/arch.png" alt="Alt-Text" title="Hetzner Proxmox Architecture" />
|
||||||
|
|
||||||
|
## 1. Install Proxmox on Hetzner
|
||||||
|
|
||||||
|
ssh root@178.63.13.156
|
||||||
|
|
||||||
|
#run
|
||||||
|
installimage
|
||||||
|
|
||||||
|
Chose the right image:
|
||||||
|
|
||||||
|
<img src="img/proxmox/proxmox-0.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/proxmox/proxmox-1.png" alt="Alt-Text" title="" />
|
||||||
|
|
||||||
|
Change install config
|
||||||
|
|
||||||
|
From:
|
||||||
|
|
||||||
|
SWRAIDLEVEL 1
|
||||||
|
|
||||||
|
To:
|
||||||
|
|
||||||
|
SWRAIDLEVEL 0 (to use all Storage sda+sdb)
|
||||||
|
|
||||||
|
From:
|
||||||
|
|
||||||
|
HOSTNAME Proxmox-Ve.localhost
|
||||||
|
|
||||||
|
To:
|
||||||
|
|
||||||
|
proxmox-single.lab.local (you can call it what ever you want)
|
||||||
|
|
||||||
|
From:
|
||||||
|
|
||||||
|
PART /boot ext3 512M
|
||||||
|
PART lvm vg0 all
|
||||||
|
|
||||||
|
LV vg0 root / ext3 15G
|
||||||
|
LV vg0 swap swap swap 6G
|
||||||
|
|
||||||
|
To:
|
||||||
|
|
||||||
|
PART /boot ext**4** 512M
|
||||||
|
PART lvm vg0 all
|
||||||
|
|
||||||
|
LV vg0 root / ext4 100G
|
||||||
|
LV vg0 swap swap swap 24G #(available RAM * 1/2)
|
||||||
|
LV vg0 data /var/lib/vz ext4 3500G #(Remaining memory after deduction of root for storing images and containers)
|
||||||
|
|
||||||
|
The installation takes up to 15 minutes.
|
||||||
|
|
||||||
|
## 2. Set root password and disable port 111
|
||||||
|
|
||||||
|
After installation a password must be assigned to the root user if access to the Hetzner machine is via ssh-key. The access will be done via the Linux PAM authentication module.
|
||||||
|
|
||||||
|
passwd
|
||||||
|
New password: xy...
|
||||||
|
Retype new password:xy...
|
||||||
|
|
||||||
|
Proxmox opens port 111 by default, which is a security risk. Therefore, the port must be disabled.
|
||||||
|
|
||||||
|
iptables -A INPUT -p tcp -m tcp --dport 111 -j DROP
|
||||||
|
iptables -A INPUT -p udp -m udp --dport 111 -j DROP
|
||||||
|
sudo /sbin/iptables-save
|
||||||
|
|
||||||
|
Now open the Proxmox-Webconsole with your ordered server IP-Address (MAIN-IP) and login with root and your password:
|
||||||
|
|
||||||
|
https://178.10.10.10:8006
|
||||||
|
|
||||||
|
## 3. Add additional IP-Address and fetch Metadata
|
||||||
|
|
||||||
|
To enable routing to external networks (SNAT), you'll need to request an extra IP address, since the primary IP of the Hetzner VM doesn't support this function.
|
||||||
|
|
||||||
|
You'll need to request a MAC address for the IP address. This MAC address will be later essential for the pfsense VM that handles routing to the WAN.
|
||||||
|
|
||||||
|
## 4. Config Network
|
||||||
|
|
||||||
|
Clone this git repository and execute the script:
|
||||||
|
|
||||||
|
./script/nework_config.sh
|
||||||
|
|
||||||
|
All necessary information (main server ip, gateway, etc.) can be taken from the hetzner robot page like this:
|
||||||
|
|
||||||
|
MAIN-IP + Meta:
|
||||||
|
<img src="img/hetzner/fetch-meta-0.png" alt="Alt-Text" title="" />
|
||||||
|
ADD-IP + Meta + MAC:
|
||||||
|
<img src="img/hetzner/fetch-meta-2.png" alt="Alt-Text" title="" />
|
||||||
|
|
||||||
|
## 5. Upload images (pfsense and fedora)
|
||||||
|
|
||||||
|
<img src="img/proxmox/proxmox-2.png" alt="Alt-Text" title="" />
|
||||||
|
|
||||||
|
## 6. Create VM and install pfsense
|
||||||
|
|
||||||
|
<img src="img/pfsense/pfsense-0.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/pfsense/pfsense-1.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/pfsense/pfsense-2.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/pfsense/pfsense-3.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/pfsense/pfsense-4.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/pfsense/pfsense-5.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/pfsense/pfsense-6.png" alt="Alt-Text" title="" />
|
||||||
|
|
||||||
|
Now start the pfsense (VM) and install with default settings
|
||||||
|
|
||||||
|
## 7. Create VM and install fedora (workstation)
|
||||||
|
|
||||||
|
The steps are identical to pfsense except for the choice of bridge. There vmbr1 (DMZ/LAN) must be selected.
|
||||||
|
|
||||||
|
<img src="img/fedora/fedora-0.png" alt="Alt-Text" title="" />
|
||||||
|
<img src="img/fedora/fedora-1.png" alt="Alt-Text" title="" />
|
||||||
|
If you check the IP-Address from the created VM (in my case fedora workstation) like:
|
||||||
|
<img src="img/fedora/fedora-2.png" alt="Alt-Text" title="" />
|
||||||
|
You will see the ADD-IP-Address. So SNAT is working and you can extend to config pfsense over the UI for your purpose.
|
||||||
|
|
||||||
|
<img src="img/pfsense/pfsense-7.png" alt="Alt-Text" title="" />
|
||||||
|
|
||||||
|
Default credentials are set to **username:** **_admin_** with **password:** **_pfsense_**.
|
||||||
|
|
||||||
|
## **Finished, enjoy your Proxmox Environment!**
|
|
@ -0,0 +1,143 @@
|
||||||
|
<mxfile host="Electron" modified="2023-09-04T14:27:34.501Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/21.5.0 Chrome/112.0.5615.204 Electron/24.5.1 Safari/537.36" etag="-XbSDYAgbN6e0qbpVFfJ" version="21.5.0" type="device">
|
||||||
|
<diagram name="Page-1" id="IjmnMNK2up9I8Y3x0rl3">
|
||||||
|
<mxGraphModel dx="2045" dy="1504" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="3300" pageHeight="4681" math="0" shadow="0">
|
||||||
|
<root>
|
||||||
|
<mxCell id="0" />
|
||||||
|
<mxCell id="1" parent="0" />
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-34" value="" style="rounded=1;whiteSpace=wrap;html=1;sketch=1;curveFitting=1;jiggle=2;fillColor=#b1ddf0;strokeColor=#10739e;opacity=50;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="-3" y="135.94" width="889" height="369.06" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-37" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.5;entryY=0;entryDx=0;entryDy=0;strokeWidth=2;dashed=1;fillColor=#d5e8d4;strokeColor=#82b366;flowAnimation=1;" edge="1" parent="1" source="TLgU0xt5SLczzOOira7B-34" target="TLgU0xt5SLczzOOira7B-14">
|
||||||
|
<mxGeometry relative="1" as="geometry">
|
||||||
|
<Array as="points">
|
||||||
|
<mxPoint x="438" y="103" />
|
||||||
|
<mxPoint x="-124" y="103" />
|
||||||
|
</Array>
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-15" value="" style="rounded=1;whiteSpace=wrap;html=1;sketch=1;curveFitting=1;jiggle=2;fillColor=#f8cecc;strokeColor=#b85450;opacity=80;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="601" y="209" width="251" height="268" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-8" value="" style="rounded=1;whiteSpace=wrap;html=1;sketch=1;curveFitting=1;jiggle=2;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="190" y="241" width="226" height="144" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-27" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;dashed=1;flowAnimation=1;fillColor=#d5e8d4;strokeColor=#82b366;strokeWidth=2;" edge="1" parent="1" source="TLgU0xt5SLczzOOira7B-2" target="TLgU0xt5SLczzOOira7B-7">
|
||||||
|
<mxGeometry relative="1" as="geometry">
|
||||||
|
<Array as="points">
|
||||||
|
<mxPoint x="442" y="335" />
|
||||||
|
<mxPoint x="442" y="335" />
|
||||||
|
</Array>
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-2" value="" style="image;html=1;image=img/lib/clip_art/networking/Bridge_128x128.png" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="475" y="285" width="64" height="60" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-3" value="" style="rounded=1;whiteSpace=wrap;html=1;sketch=1;curveFitting=1;jiggle=2;fillColor=#ffcc99;strokeColor=#36393d;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="630" y="266" width="190" height="60" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-28" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;dashed=1;flowAnimation=1;fillColor=#d5e8d4;strokeColor=#82b366;strokeWidth=2;" edge="1" parent="1" source="TLgU0xt5SLczzOOira7B-7">
|
||||||
|
<mxGeometry relative="1" as="geometry">
|
||||||
|
<mxPoint x="93" y="334.5" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-7" value="" style="image;html=1;image=img/lib/clip_art/networking/Firewall_02_128x128.png" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="277" y="306" width="52" height="57" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-29" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=1;entryY=0.5;entryDx=0;entryDy=0;dashed=1;flowAnimation=1;fillColor=#d5e8d4;strokeColor=#82b366;strokeWidth=2;" edge="1" parent="1" source="TLgU0xt5SLczzOOira7B-9" target="TLgU0xt5SLczzOOira7B-14">
|
||||||
|
<mxGeometry relative="1" as="geometry">
|
||||||
|
<Array as="points">
|
||||||
|
<mxPoint x="-7" y="338" />
|
||||||
|
<mxPoint x="-7" y="338" />
|
||||||
|
</Array>
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-9" value="" style="image;html=1;image=img/lib/clip_art/networking/Bridge_128x128.png" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="28" y="293" width="64" height="60" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-11" value="" style="image;sketch=0;aspect=fixed;html=1;points=[];align=center;fontSize=12;image=img/lib/mscae/Virtual_Machine.svg;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="342" y="252" width="39" height="35.88" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-12" value="<font style="font-size: 14px;">pfSense</font>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="241" y="252" width="60" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-13" value="" style="endArrow=none;dashed=1;html=1;dashPattern=1 3;strokeWidth=2;rounded=0;" edge="1" parent="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="210" y="284" as="sourcePoint" />
|
||||||
|
<mxPoint x="324" y="284" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-14" value="" style="image;aspect=fixed;perimeter=ellipsePerimeter;html=1;align=center;shadow=0;dashed=0;spacingTop=3;image=img/lib/active_directory/internet_globe.svg;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="-149" y="313" width="50" height="50" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-16" value="" style="image;sketch=0;aspect=fixed;html=1;points=[];align=center;fontSize=12;image=img/lib/mscae/Virtual_Machine.svg;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="762" y="278.06" width="39" height="35.88" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-25" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;dashed=1;fillColor=#d5e8d4;strokeColor=#82b366;flowAnimation=1;strokeWidth=2;" edge="1" parent="1">
|
||||||
|
<mxGeometry relative="1" as="geometry">
|
||||||
|
<mxPoint x="627" y="296" as="sourcePoint" />
|
||||||
|
<mxPoint x="537" y="329" as="targetPoint" />
|
||||||
|
<Array as="points">
|
||||||
|
<mxPoint x="582" y="296" />
|
||||||
|
<mxPoint x="582" y="329" />
|
||||||
|
</Array>
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-17" value="<span style="font-size: 14px;">workstation<br>IP: 192.168.1.100<br></span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="642" y="281" width="113" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-20" value="" style="rounded=1;whiteSpace=wrap;html=1;sketch=1;curveFitting=1;jiggle=2;fillColor=#ffcc99;strokeColor=#36393d;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="631.5" y="392" width="190" height="60" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-21" value="" style="image;sketch=0;aspect=fixed;html=1;points=[];align=center;fontSize=12;image=img/lib/mscae/Virtual_Machine.svg;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="763.5" y="404.06" width="39" height="35.88" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-26" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;dashed=1;fillColor=#d5e8d4;strokeColor=#82b366;flowAnimation=1;endArrow=none;endFill=0;strokeWidth=2;" edge="1" parent="1">
|
||||||
|
<mxGeometry relative="1" as="geometry">
|
||||||
|
<mxPoint x="629" y="422" as="sourcePoint" />
|
||||||
|
<mxPoint x="545" y="329" as="targetPoint" />
|
||||||
|
<Array as="points">
|
||||||
|
<mxPoint x="582" y="422" />
|
||||||
|
<mxPoint x="582" y="329" />
|
||||||
|
</Array>
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-22" value="<span style="font-size: 14px;">webserver<br>IP: 192.168.1.101<br></span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="643.5" y="407" width="113" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-23" value="" style="endArrow=none;dashed=1;html=1;dashPattern=1 3;strokeWidth=2;rounded=0;" edge="1" parent="1">
|
||||||
|
<mxGeometry width="50" height="50" relative="1" as="geometry">
|
||||||
|
<mxPoint x="724.5" y="392" as="sourcePoint" />
|
||||||
|
<mxPoint x="724.5" y="334" as="targetPoint" />
|
||||||
|
</mxGeometry>
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-24" value="<span style="font-size: 14px;">LAN0<br></span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="672" y="217" width="113" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-30" value="<font style="font-size: 14px;">SNAT</font>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="273" y="357" width="60" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-31" value="<span style="font-size: 14px;">VMBR1 - LAN0</span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="459" y="255" width="107" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-32" value="<span style="font-size: 14px;">VMBR0 - WAN<br>Add IP-Address<br></span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="12" y="255" width="118" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-33" value="<span style="font-size: 14px;">WAN</span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="-152" y="371" width="60" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-35" value="<b style=""><font style="font-size: 18px;">Proxmox VM</font></b>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="355" y="145" width="118" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-36" value="" style="image;sketch=0;aspect=fixed;html=1;points=[];align=center;fontSize=12;image=img/lib/mscae/Virtual_Machine.svg;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="487.5" y="147" width="39" height="35.88" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-38" value="<span style="font-size: 14px;">Access over MAIN-IP<br></span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="-33" y="72" width="221" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
<mxCell id="TLgU0xt5SLczzOOira7B-39" value="<span style="font-size: 14px;">Access over ADD-IP<br></span>" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;fontFamily=Comic Sans MS;" vertex="1" parent="1">
|
||||||
|
<mxGeometry x="-99" y="298" width="97" height="30" as="geometry" />
|
||||||
|
</mxCell>
|
||||||
|
</root>
|
||||||
|
</mxGraphModel>
|
||||||
|
</diagram>
|
||||||
|
</mxfile>
|
After Width: | Height: | Size: 29 KiB |
After Width: | Height: | Size: 31 KiB |
After Width: | Height: | Size: 101 KiB |
After Width: | Height: | Size: 47 KiB |
After Width: | Height: | Size: 34 KiB |
After Width: | Height: | Size: 51 KiB |
After Width: | Height: | Size: 31 KiB |
After Width: | Height: | Size: 40 KiB |
After Width: | Height: | Size: 36 KiB |
After Width: | Height: | Size: 44 KiB |
After Width: | Height: | Size: 34 KiB |
After Width: | Height: | Size: 105 KiB |
After Width: | Height: | Size: 138 KiB |
After Width: | Height: | Size: 80 KiB |
After Width: | Height: | Size: 580 KiB |
After Width: | Height: | Size: 29 KiB |
After Width: | Height: | Size: 22 KiB |
After Width: | Height: | Size: 56 KiB |
|
@ -0,0 +1,78 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
read -p "MAIN_SERVER_IP: " MAINSERVERIP
|
||||||
|
read -p "MAIN_SERVER_GATEWAY_ADRESS: " GATEWAYADRESS
|
||||||
|
read -p "NETMASK: " NETMASK
|
||||||
|
read -p "BROADCASTIP: " BROADCASTIP
|
||||||
|
read -p "ADDITIONAL_IP_ADRESS: " ADD_IP_ADRESS
|
||||||
|
read -p "NETWORK_INTERFACE: " NETWORK_INTERFACE
|
||||||
|
|
||||||
|
echo "
|
||||||
|
### Hetzner Online GmbH installimage
|
||||||
|
|
||||||
|
source /etc/network/interfaces.d/*
|
||||||
|
|
||||||
|
auto lo
|
||||||
|
iface lo inet loopback
|
||||||
|
iface lo inet6 loopback
|
||||||
|
|
||||||
|
|
||||||
|
iface ${NETWORK_INTERFACE} inet manual
|
||||||
|
|
||||||
|
up ip route add -net up ip route add -net ${GATEWAYADRESS} netmask ${NETMASK} gw ${GATEWAYADRESS} vmbr0
|
||||||
|
up sysctl -w net.ipv4.ip_forward=1
|
||||||
|
up sysctl -w net.ipv4.conf.${NETWORK_INTERFACE}.send_redirects=0
|
||||||
|
up sysctl -w net.ipv6.conf.all.forwarding=1
|
||||||
|
up ip route add 192.168.0.0/16 via ${ADD_IP_ADRESS} dev vmbr0
|
||||||
|
up ip route add 172.16.0.0/12 via ${ADD_IP_ADRESS} dev vmbr0
|
||||||
|
up ip route add 10.0.0.0/8 via ${ADD_IP_ADRESS} dev vmbr0
|
||||||
|
|
||||||
|
|
||||||
|
iface ${NETWORK_INTERFACE} inet6 static
|
||||||
|
address 2a01:4f8:110:5143::2
|
||||||
|
netmask 64
|
||||||
|
gateway fe80::1
|
||||||
|
|
||||||
|
|
||||||
|
auto vmbr0
|
||||||
|
iface vmbr0 inet static
|
||||||
|
address ${MAINSERVERIP}
|
||||||
|
netmask 32
|
||||||
|
gateway ${GATEWAYADRESS}
|
||||||
|
broadcast ${BROADCASTIP}
|
||||||
|
bridge-ports ${NETWORK_INTERFACE}
|
||||||
|
bridge-stp off
|
||||||
|
bridge-fd 0
|
||||||
|
pointopoint ${GATEWAYADRESS}
|
||||||
|
#WAN
|
||||||
|
|
||||||
|
|
||||||
|
# Virtual switch for DMZ
|
||||||
|
# (connect your firewall/router KVM instance and private DMZ hosts here)
|
||||||
|
auto vmbr1
|
||||||
|
iface vmbr1 inet manual
|
||||||
|
bridge_ports none
|
||||||
|
bridge_stp off
|
||||||
|
bridge_fd 0
|
||||||
|
#LAN0
|
||||||
|
|
||||||
|
" >interfaces
|
||||||
|
|
||||||
|
cat interfaces
|
||||||
|
|
||||||
|
while true; do
|
||||||
|
read -p "Config correct? [yes][no]: " yn
|
||||||
|
case $yn in
|
||||||
|
[Yy]*)
|
||||||
|
echo ""
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
[Nn]*) exit ;;
|
||||||
|
*) echo "Please answer yes or no." ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
mv /etc/network/interfaces /etc/network/interfaces.old
|
||||||
|
mv interfaces /etc/network/interfaces
|
||||||
|
|
||||||
|
echo "The network can be restarted with the following command: /etc/init.d/networking restart "
|