Last active
February 13, 2022 17:21
-
-
Save e-minguez/4dceef24aff965c560e1b13283ddea85 to your computer and use it in GitHub Desktop.
Bootstrap N54L
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| yum remove postfix | |
| yum install epel-release | |
| yum install apcupsd smartmontools ssmtpd lm_sensors fail2ban | |
| sensors-detect --auto | |
| cat << EOF > /etc/fail2ban/jail.d/99-enabled.conf | |
| [sshd] | |
| enabled = true | |
| EOF | |
| systemctl enable fail2ban --now | |
| cat << EOF > /etc/ssmtp/ssmtp.conf | |
| [email protected] | |
| mailhub=smtp.gmail.com:587 | |
| AuthUser=USER | |
| AuthPass=PASS | |
| UseSTARTTLS=YES | |
| #UseTLS=YES | |
| AuthMethod=LOGIN | |
| TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt | |
| EOF | |
| cat << EOF > /etc/ssmtp/revaliases | |
| root:[email protected]:smtp.gmail.com:587 | |
| EOF | |
| echo "alias root root<[email protected]>" >> /etc/mail.rc | |
| echo "alias root@localhost root<[email protected]>" >> /etc/mail.rc | |
| systemctl enable smartd --now | |
| systemctl enable apcupsd --now | |
| yum install -y libusb usbutils epel-release tmux yum-utils git | |
| # Configure ZFS | |
| zpool create tank raidz2 /dev/disk/by-id/{ata-WDC_WD20EFRX-68AX9N0_WD-WMC301887336,ata-WDC_WD20EFRX-68AX9N0_WD-WMC301895708,ata-WDC_WD20EFRX-68AX9N0_WD-WMC301880783,ata-WDC_WD20EFRX-68AX9N0_WD-WMC301919087} -f | |
| zfs set relatime=on tank | |
| zfs set compression=on tank | |
| zfs create tank/vms | |
| zfs create tank/docker | |
| zfs create tank/log | |
| echo "/tank/log /var/log none bind 0 0" >> /etc/fstab | |
| mkdir ~/git/ | |
| git clone https://github.com/lnicola/systemd-zpool-scrub.git ~/git/systemd-zpool-scrub/ | |
| install -m 644 -o root -g root ~/git/systemd-zpool-scrub/[email protected] /etc/systemd/system | |
| install -m 644 -o root -g root ~/git/systemd-zpool-scrub/[email protected] /etc/systemd/system | |
| systemctl daemon-reload | |
| systemctl enable --now [email protected] | |
| yum copr enable poettlerric/zfs-auto-snapshot | |
| yum install zfs-auto-snapshot | |
| yum install -y docker | |
| cat << EOF > /etc/docker/daemon.json | |
| { | |
| "storage-driver": "zfs", | |
| "graph": "/tank/docker" | |
| } | |
| EOF | |
| :> /etc/sysconfig/docker-storage | |
| :> /etc/sysconfig/docker-storage-setup | |
| groupadd docker | |
| usermod -aG docker edu | |
| systemctl enable docker --now | |
| docker info | grep zfs | |
| yum groupinstall "Virtualization Host" | |
| yum install cockpit cockpit-docker cockpit-machines setroubleshoot-server cockpit-storaged | |
| sed -i -e 's/enabled=1/enabled=0/g' /etc/yum/pluginconf.d/subscription-manager.conf | |
| systemctl enable --now cockpit.socket | |
| firewall-cmd --permanent --zone=public --add-service=cockpit | |
| firewall-cmd --reload | |
| # /etc/smartmontools/smartd.conf | |
| # DEVICESCAN -a -o on -S on -n standby,q -s (S/../.././02|L/../../6/03) -W 4,35,40 -m root -M exec /usr/libexec/smartmontools/smartdnotify |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment