amanjuman

Install Packages

sudo apt install netplan.io openvswitch-switch

Configure Netplan

nano /etc/netplan/network.yaml

network:

amanjuman

Enable System IP forwarding first

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf

Here is sample network configuration (remove comments "##") Replace your interface name, public IP, internal NAT IP

amanjuman

Install the dependencies:

apt update && apt install sudo wget gnupg gnupg2 dphys-swapfile -y

Verify the PGP Key

wget -O- https://repo.3cx.com/key.pub | gpg --dearmor | sudo tee /usr/share/keyrings/3cx-archive-keyring.gpg >> /dev/null

amanjuman

## Download Go
sudo wget --output-document /opt/go.tar.gz https://go.dev/dl/go1.23.2.linux-amd64.tar.gz

## Remove Existing Go and Extract Downloaded Go
sudo rm -rf /usr/local/go && sudo tar --directory /usr/local --extract --gzip --file /opt/go.tar.gz && sudo rm /opt/go.tar.gz

## Delete & Recreate user for Derper
id -u derp &>/dev/null || sudo useradd --system --create-home --home-dir /opt/derp --shell /bin/bash derp

## Export Profile path

amanjuman

Install telnet if not installed

sudo apt install telnet -y

Check if outbound SMTP port is open or not

telnet smtp.google.com 25

Set Hostname

hostnamectl set-hostname fqdn.domain.tld

Install docker

amanjuman

## Seed
## xeob8mPP2VPHBXHCexEPGjOMdBKgQ7qCv2tRC6BXSfQ2ahAeEHC374OyOykUYCyRKU/n8Azv6cw6/MLwNZq9HSYEPfKNFTKhJG2vKZUmFNzc9RDzxya9Lp9VsE34P/tWL4EBO+c7an3Lvi9vXYI79uTbVMcdmNQP5ZrQ6AIZYwCc/N1jdM71muV4Vc94jY9aRsmQvC6bOrxgHlAcWrUw8irEbUNCg5xe5INpnCjbRSXnojisx07zmNDSQ5BUH4LXhRok/uIuGg5qqJaans+FegDc1+aN2L2cTlcefYjTJnMNIjzuPFBClbaAszDTcmQ7wjF7TdYZgJTd3V+754+RlQ==
## WireGuard Server Configuration
[Interface]
Address = 172.73.74.1/24
ListenPort = 12345
PrivateKey = wLgZoPI44SU67MXktUnRMNYz4WbLTYIWweX03cBXukQ=

## Allow communication between WireGuard peers and MASQUERADE traffic
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;

amanjuman

## You need to remove the default dnsmasq package.
## If you remove straight, it will stop resolving DNS, and that is why we are going to use these following commands
opkg update; cd /tmp/ && opkg download dnsmasq-full; opkg install ipset libnettle8 libnetfilter-conntrack3;
opkg remove dnsmasq; opkg install dnsmasq-full --cache /tmp/; rm -f /tmp/dnsmasq-full*.ipk;

## Install wget if you don't have it.
## You can skip that if you can upload those files using SCP
## Check the official repo as those endpoints update frequently therefore change it accordingly
opkg install wget
wget https://downloads.sourceforge.net/project/v2raya/openwrt/v2raya.pub -O /etc/opkg/keys/94cc2a834fb0aa03

amanjuman

untrusted comment: Public usign key of kuoruan
RWRiiYfggx/lURV6KddLLtVJuBc0mzi4FSfYQ9/uurLmRksSREKkRkR8

amanjuman

Install Nginx and Certbot

sudo apt install nginx python3-certbot-nginx -y

Download Minio for x64

sudo wget https://dl.min.io/server/minio/release/linux-amd64/minio

Add Executable Permission to Minio Dir

sudo chmod +x ./minio

Add Minio User and Permission

amanjuman

sudo apt update
sudo apt install davfs2 -y
sudo adduser $USER davfs2
sudo mkdir -p /mnt/hetzner

echo "/mnt/hetzner username password" | sudo tee -a /etc/davfs2/secrets
sudo chmod 600 /etc/davfs2/secrets

echo "https://storage-box-url.your-storagebox.de:443 /mnt/hetzner davfs rw,user,noauto 0 0" | sudo tee -a /etc/fstab
mount /mnt/hetzner