Creating debian template for lxc virtualization
To create debian template for lxc you need fresh copy of debian system. Well, we do have one installed recently on guruplug. All debian install on guruplug steps are here.
To create debian template for lxc you need fresh copy of debian system. Well, we do have one installed recently on guruplug. All debian install on guruplug steps are here.
You can make a bridge by changing network configuration file:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
# cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 # iface eth0 inet dhcp # make this manual, that network manager would not conflict when you connect utp cable iface eth0 inet manual auto br0 iface br0 inet static bridge_ports eth0 address 192.168.1.10 broadcast 192.168.1.255 netmask 255.255.255.0 gateway 192.168.1.1 |
In this configuration I used br0 static configuration. If You need dhcp, You can use this configuration:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
# cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 # iface eth0 inet dhcp # make this manual, that network manager would not conflict when you connect utp cable iface eth0 inet manual auto br0 iface br0 inet dhcp |
after creating lxc container, I wasn’t able to connect to it as a simple user. Also couldn’t change to simple user using “su”. All I got was an error:
1 2 3 |
Could not chdir to home directory /home/nsc: Permission denied /bin/bash: Permission denied Connection to 192.168.1.13 closed. |
All permissions of home directory were correct, as to be 100% sure, deleted user and created again. Still the same problem. The problem was / permissions. It was 700, so simple user couldn’t change to any directory. Small fix to make it working (with root user)
1 |
chmod 755 / |
And that’s it, user is working!!!
This line should do the job:
1 |
your_username ALL=(ALL) NOPASSWD: ALL |
You can edit sudoers file by entering command “visudo”.
With default config nginx all IP addresses shows as localhost. Here is configuration to show real client IP. Snippet from varnish config:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
sub vcl_pipe { set bereq.http.connection = "close"; if (req.http.X-Forwarded-For) { set bereq.http.X-Forwarded-For = req.http.X-Forwarded-For; } else { set bereq.http.X-Forwarded-For = regsub(client.ip, ":.*", ""); } } sub vcl_pass { set bereq.http.connection = "close"; if (req.http.X-Forwarded-For) { set bereq.http.X-Forwarded-For = req.http.X-Forwarded-For; } else { set bereq.http.X-Forwarded-For = regsub(client.ip, ":.*", ""); } } |
Snippet from nginx config:
1 2 |
set_real_ip_from 127.0.0.1; real_ip_header X-Forwarded-For; |
Replaces all “OLDSTRING” to “NEWSTRING” in all files
1 |
$ grep -rl OLDSTRING * | sort | uniq | xargs sed -i -e ‘s/OLDSTRING/NEWSTRING/’ |
or using find:
1 |
find */public_html/ -iname '*.php' -exec sed -i -e 's/OLDSTRING/NEWSTRING/' {} \; |