diff --git a/source/Colophon.tex b/source/Colophon.tex index baf7ddc..b3ab295 100644 --- a/source/Colophon.tex +++ b/source/Colophon.tex @@ -14,20 +14,34 @@ % %%% COLOPHON %%% -\begin{vplace} -\centering -\emph{\LARGE Colophon} +\includepdf[width=210mm,% + picturecommand*={% + \color[rgb]{0.631,0.957,1}% HEX # A1F4FF R:161 G:244 B:255 C:37 M:4 Y:0 K:0 + \linethickness{30mm} + \put( 100,378){\line(1,0){397.50793}} + \color[rgb]{0.361,0.922,1}% HEX # 5CEBFF R:92 G:235 B:255 C:64 M:8 Y:0 K:0 + \put( 0,378){\line(1,0){100}} + \put( 497.50793,378){\line(1,0){100}} + \color[rgb]{0,0.2,0.2} + \linethickness{0.3mm} + \put( 0,420){\line(1,0){597.50793}} + \put( 0,336){\line(1,0){597.50793}} + \put(120,435){\begin{minipage}{357.50793pt}\centering + \emph{\LARGE Colophon} + \end{minipage}} + \put(120,395){\begin{minipage}{357.50793pt}\centering + {\tiny Created with 100\% Free Software} + \end{minipage}} + \put(120,382){\begin{minipage}{357.50793pt}\centering + Debian GNU/Linux + \end{minipage}} + \put(120,370){\begin{minipage}{357.50793pt}\centering + {\LaTeX} Memoir + \end{minipage}} + \color[rgb]{0,0,0} + }% + ]{LetterheadPDF.pdf} +\thispagestyle{empty} -\rule{0.5\textwidth}{0.4pt}\\[\baselineskip] - -{\tiny Created with 100\% Free Software} - -Debian GNU/Linux - -{\LaTeX} Memoir - -\rule{0\textwidth}{0pt}\\[\baselineskip]% -\rule{0.5\textwidth}{0.4pt}\\[\baselineskip] -\end{vplace} %%% END COLOPHON %%% diff --git a/source/Copyright.tex b/source/Copyright.tex index f19853c..2197c28 100644 --- a/source/Copyright.tex +++ b/source/Copyright.tex @@ -15,7 +15,7 @@ % This document is licensed under the Creative Commons Attribution 4.0 % International Public License (CC BY-SA 4.0) by Fork Sand, Inc. % -\fontspec{lmroman12-regular.otf} +%\fontspec{lmroman12-regular.otf} \clearpage\null\vfill \begingroup diff --git a/source/Hardware.tex b/source/Hardware.tex index 9f0095b..de2e6ee 100644 --- a/source/Hardware.tex +++ b/source/Hardware.tex @@ -12,53 +12,18 @@ % \section{Hardware} -\subsection{Cluster Evolution} -Forksand started deployment on dedicated servers. - \vspace{0.6cm} - First stage. Exclusively dedicated servers (deprecated) - \vspace{0.4cm} -\centering -\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] - {sharkfork-cabling-1-dedicated-vlan.pdf} \\ % -% - \vspace{0.2cm} -\raggedright - Second stage. Dedicated servers along with a colocation - cabinet. Flat hierarchy. (deprecated) - - \vspace{0.1cm} - In progress, services were being migrated one after another to - a colocation instance. On the next stage hierarchy becomes vertical. \\ - \vspace{0.1cm} -\centering -\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] - {sharkfork-cabling-2-mixed-vlan.pdf} \\ % -% +\section{Cluster Diagram} \raggedright - Third stage. Dedicated servers buffered by - a colocation cabinet. Vertical hierarchy. (deprecated) \vspace{0.4cm} -\centering -\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] - {sharkfork-cabling-3-colo-dedicated.pdf} \\ % -% - \vspace{0.2cm} -\raggedright - Fourth stage. Dedicated servers discarded. - Colocation cabinet buffered only with a firewall. (current) + Dedicated servers discarded. + + Colocation cabinet buffered only with a firewall. + \vspace{0.4cm} \centering -\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] +\includegraphics[width=210mm,trim=20mm 20mm 20mm 20mm] {sharkfork-cabling-4-final-colocation.pdf} \\ % -% \vspace{0.2cm} -\raggedright - Final stage. Firewall discarded. Single colocation cabinet. (in process) - \vspace{0.4cm} -\centering -%\includegraphics[width=115mm,trim=10mm 10mm 10mm 10mm] - %{sharkfork-cabling-4-single-colocation.pdf} \\ % -% \raggedright \newpage @@ -370,41 +335,66 @@ Who we'll get hardware from. %\includescreen{shark2/03.png}{Logged in to admin-webview. Notification of no valid subscription}{} %\includescreen{shark2/04.png}{Browse Datacenter, log hidden}{\label{fig:shark2browsedatacenter}} %\includescreen{shark2/05.png}{Browse shark2 Node}{\label{fig:shark2browsenode}} +%\newpage \includescreen{shark2/06.png}{Browse shark2 Network}{\label{fig:shark2network}} %\includescreen{shark2/07.png}{Select first shark2 Network device}{} +\newpage \includescreen{shark2/08.png}{Edit first shark2 Network device}{} +%\newpage \includescreen{shark2/09.png}{Cleanup first shark2 Network device}{\label{fig:shark2cleanupnetdevice1}} +\newpage \includescreen{shark2/10.png}{Browse shark2 Network}{} \includescreen{shark2/11.png}{Create shark2 Linux Bridge}{\label{fig:shark2linuxbridge}} %\includescreen{shark2/12.png}{Create shark2 Linux Bridge}{} +\newpage \includescreen{shark2/13.png}{Create shark2 Linux Bridge}{} + +{{\grenewcommand{\currentColor}{primary-blue}}} +{{\grenewcommand{\currentTextColor}{ao-black}}} +\providecommand{\sharkIPConfigItem}[4]{ + \rowcolor{\currentColor} \vspace{-1pt} + \rule[-0.3em]{0pt}{-0.5em} \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#1}} & \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#2}} & \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#3}} & \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#4}} \\ +} +\providecommand{\sharkIPConfigLastItem}[4]{ + \rowcolor{\currentColor} \vspace{-1pt} + \rule[-1.0em]{0pt}{1em} \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#1}} & \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#2}} & \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#3}} & \vspace{-1pt} + \small{\textcolor{\currentTextColor}{#4}} \\ + \tabucline[2pt]{1-4} +} +\providecommand{\SIPCCwidth}{3.5cm} \begin{table}[!htb] \caption{IP configs of nodes} \label{tab:sharkNodeIPConfig} - \begin{tabular}{|l|l|l|l|} - \hline - \multicolumn {1}{|l|}{ Parameter}& - \multicolumn {1}{l|}{ Shark2}& - \multicolumn {1}{l|}{ Shark3}& - \multicolumn {1}{l|}{ Shark4} \\ \hline - Linux bridge & & & \\ %\hline - Name & vmbr0 & vmbr0 & vmbr0 \\ %\hline - IP address & 174.128.229.130 & 70.39.103.218 & 70.39.103.210 \\ %\hline - Subnet mask & 255.255.255.224 & 255.255.255.248 & 255.255.255.248 \\ %\hline - Gateway & 174.128.229.129 & 70.39.103.217 & 70.39.103.209 \\ %\hline - Bridge ports & enp2s0 & enp3s0 & enp3s0 \\ \hline - - Network Device & & & \\ %\hline - Name & enp3s0 & enp4s0 & enp4s0 \\ %\hline - IP address & 10.2.2.2 & 10.2.2.3 & 10.2.2.4 \\ %\hline - Subnet mask & 255.255.255.0 & 255.255.255.0 & 255.255.255.0 \\ \hline - - Network Device & & & \\ %\hline - Name & enp4s0 & enp5s0 & enp5s0 \\ %\hline - IP address & 10.99.99.2 & 10.99.99.3 & 10.99.99.4 \\ %\hline - Subnet mask & 255.255.255.0 & 255.255.255.0 & 255.255.255.0 \\ \hline - - \end{tabular} + \begin{tabu}{|[2pt]p{\SIPCCwidth}|[2pt]p{\SIPCCwidth}|p{\SIPCCwidth}|p{\SIPCCwidth}|[2pt]} + \tabucline[2pt]{1-4} + \multicolumn {1}{|[2pt]l|[2pt]}{\rule[-0.7em]{0pt}{2em} \cellcolor{\currentColor}{Parameter}}& + \multicolumn {1}{l|}{\cellcolor{primary-brown} {Shark2}}& + \multicolumn {1}{l|}{\cellcolor{primary-brown} {Shark3}}& + \multicolumn {1}{l|[2pt]}{\cellcolor{primary-brown} {Shark4}} \\ + \tabucline[2pt]{1-4} + \sharkIPConfigItem { Linux bridge }{}{}{} + \sharkIPConfigItem { Name }{ vmbr0 }{ vmbr0 }{ vmbr0 } + \sharkIPConfigItem { IP address }{ 174.128.229.130 }{ 70.39.103.218 }{ 70.39.103.210 } + \sharkIPConfigItem { Subnet mask }{ 255.255.255.224 }{ 255.255.255.248 }{ 255.255.255.248 } + \sharkIPConfigItem { Gateway }{ 174.128.229.129 }{ 70.39.103.217 }{ 70.39.103.209 } + \sharkIPConfigLastItem{ Bridge ports }{ enp2s0 }{ enp3s0 }{ enp3s0 } + \sharkIPConfigItem { Network Device }{}{}{} + \sharkIPConfigItem { Name }{ enp3s0 }{ enp4s0 }{ enp4s0 } + \sharkIPConfigItem { IP address }{ 10.2.2.2 }{ 10.2.2.3 }{ 10.2.2.4 } + \sharkIPConfigLastItem{ Subnet mask }{ 255.255.255.0 }{ 255.255.255.0 }{ 255.255.255.0 } + \sharkIPConfigItem { Network Device }{}{}{} + \sharkIPConfigItem { Name }{ enp4s0 }{ enp5s0 }{ enp5s0 } + \sharkIPConfigItem { IP address }{ 10.99.99.2 }{ 10.99.99.3 }{ 10.99.99.4 } + \sharkIPConfigLastItem{ Subnet mask }{ 255.255.255.0 }{ 255.255.255.0 }{ 255.255.255.0 } + \end{tabu} \end{table} +\newpage \includescreen{shark2/14.png}{Browse shark2 Network}{} %\includescreen{shark2/15.png}{Select second shark2 Network device}{} %\includescreen{shark2/16.png}{Edit second shark2 Network device}{} @@ -412,34 +402,35 @@ Who we'll get hardware from. %\includescreen{shark2/18.png}{Browse shark2 Network}{} %\includescreen{shark2/19.png}{Select third shark2 Network device}{} %\includescreen{shark2/20.png}{Edit third shark2 Network device}{} +\newpage \includescreen{shark2/21.png}{Edit third on the list shark2 Network device}{} + \begin{table}[!htb] \caption{IP configs of nodes, duplicate of table \ref{tab:sharkNodeIPConfig}} % \label{tab:sharkLinuxBridge} - \begin{tabular}{|l|l|l|l|} - \hline - \multicolumn {1}{|l|}{ Parameter}& - \multicolumn {1}{l|}{ Shark2}& - \multicolumn {1}{l|}{ Shark3}& - \multicolumn {1}{l|}{ Shark4} \\ \hline - Linux bridge & & & \\ %\hline - Name & vmbr0 & vmbr0 & vmbr0 \\ %\hline - IP address & 174.128.229.130 & 70.39.103.218 & 70.39.103.210 \\ %\hline - Subnet mask & 255.255.255.224 & 255.255.255.248 & 255.255.255.248 \\ %\hline - Gateway & 174.128.229.129 & 70.39.103.217 & 70.39.103.209 \\ %\hline - Bridge ports & enp2s0 & enp3s0 & enp3s0 \\ \hline - - Network Device & & & \\ %\hline - Name & enp3s0 & enp4s0 & enp4s0 \\ %\hline - IP address & 10.2.2.2 & 10.2.2.3 & 10.2.2.4 \\ %\hline - Subnet mask & 255.255.255.0 & 255.255.255.0 & 255.255.255.0 \\ \hline - - Network Device & & & \\ %\hline - Name & enp4s0 & enp5s0 & enp5s0 \\ %\hline - IP address & 10.99.99.2 & 10.99.99.3 & 10.99.99.4 \\ %\hline - Subnet mask & 255.255.255.0 & 255.255.255.0 & 255.255.255.0 \\ \hline - - \end{tabular} + \begin{tabu}{|[2pt]p{\SIPCCwidth}|[2pt]p{\SIPCCwidth}|p{\SIPCCwidth}|p{\SIPCCwidth}|[2pt]} + \tabucline[2pt]{1-4} + \multicolumn {1}{|[2pt]l|[2pt]}{\rule[-0.7em]{0pt}{2em} \cellcolor{\currentColor}{Parameter}}& + \multicolumn {1}{l|}{\cellcolor{primary-brown} {Shark2}}& + \multicolumn {1}{l|}{\cellcolor{primary-brown} {Shark3}}& + \multicolumn {1}{l|[2pt]}{\cellcolor{primary-brown} {Shark4}} \\ + \tabucline[2pt]{1-4} + \sharkIPConfigItem { Linux bridge }{}{}{} + \sharkIPConfigItem { Name }{ vmbr0 }{ vmbr0 }{ vmbr0 } + \sharkIPConfigItem { IP address }{ 174.128.229.130 }{ 70.39.103.218 }{ 70.39.103.210 } + \sharkIPConfigItem { Subnet mask }{ 255.255.255.224 }{ 255.255.255.248 }{ 255.255.255.248 } + \sharkIPConfigItem { Gateway }{ 174.128.229.129 }{ 70.39.103.217 }{ 70.39.103.209 } + \sharkIPConfigLastItem{ Bridge ports }{ enp2s0 }{ enp3s0 }{ enp3s0 } + \sharkIPConfigItem { Network Device }{}{}{} + \sharkIPConfigItem { Name }{ enp3s0 }{ enp4s0 }{ enp4s0 } + \sharkIPConfigItem { IP address }{ 10.2.2.2 }{ 10.2.2.3 }{ 10.2.2.4 } + \sharkIPConfigLastItem{ Subnet mask }{ 255.255.255.0 }{ 255.255.255.0 }{ 255.255.255.0 } + \sharkIPConfigItem { Network Device }{}{}{} + \sharkIPConfigItem { Name }{ enp4s0 }{ enp5s0 }{ enp5s0 } + \sharkIPConfigItem { IP address }{ 10.99.99.2 }{ 10.99.99.3 }{ 10.99.99.4 } + \sharkIPConfigLastItem{ Subnet mask }{ 255.255.255.0 }{ 255.255.255.0 }{ 255.255.255.0 } + \end{tabu} \end{table} +\newpage \includescreen{shark2/22.png}{Browse shark2 Network}{} %\includescreen{shark2/23.png}{Browse shark2 node}{} \includescreen{shark2/24.png}{Restart shark2 node}{} diff --git a/source/History.tex b/source/History.tex new file mode 100644 index 0000000..ae1b238 --- /dev/null +++ b/source/History.tex @@ -0,0 +1,62 @@ +% +% History.tex +% +% Fork Sand IT Manual +% +% Copyright (C) 2018, Fork Sand, Inc. +% Copyright (C) 2017, Jeff Moe +% Copyright (C) 2017 Aleph Objects, Inc. +% +% This document is licensed under the Creative Commons Attribution 4.0 +% International Public License (CC BY-SA 4.0) by Fork Sand, Inc. +% +\section{History} + +\subsection{Cluster Evolution} +Forksand started deployment on dedicated servers. + \vspace{0.6cm} + First stage. Exclusively dedicated servers (deprecated) + \vspace{0.4cm} +\centering +\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] + {sharkfork-cabling-1-dedicated-vlan.pdf} \\ % +% + \vspace{0.2cm} +\raggedright + Second stage. Dedicated servers along with a colocation + cabinet. Flat hierarchy. (deprecated) + + \vspace{0.1cm} + In progress, services were being migrated one after another to + a colocation instance. On the next stage hierarchy becomes vertical. \\ + \vspace{0.1cm} +\centering +\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] + {sharkfork-cabling-2-mixed-vlan.pdf} \\ % +% +\raggedright + Third stage. Dedicated servers buffered by + a colocation cabinet. Vertical hierarchy. (deprecated) + \vspace{0.4cm} +\centering +\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] + {sharkfork-cabling-3-colo-dedicated.pdf} \\ % +% + \vspace{0.2cm} +\raggedright + Fourth stage. Dedicated servers discarded. + Colocation cabinet buffered only with a firewall. (current) + \vspace{0.4cm} +\centering +\includegraphics[width=115mm,trim=20mm 20mm 20mm 20mm] + {sharkfork-cabling-4-final-colocation.pdf} \\ % +% + \vspace{0.2cm} +\raggedright + Final stage. Firewall discarded. Single colocation cabinet. (in process) + \vspace{0.4cm} +\centering +%\includegraphics[width=115mm,trim=10mm 10mm 10mm 10mm] + %{sharkfork-cabling-4-single-colocation.pdf} \\ % +% +\raggedright diff --git a/source/Software-daemons.tex b/source/Software-daemons.tex index 0a0610a..e499cde 100644 --- a/source/Software-daemons.tex +++ b/source/Software-daemons.tex @@ -208,11 +208,9 @@ address 5.152.179.226 netmask 255.255.255.0 gateway 5.152.179.1 \end{minted} +\subsection{Install Firewall}\label{ssec:nextcloudfirewall} +\url{https://wiki.debian.org/iptables} \begin{minted}{sh} -# Install Firewall -# ============= -# https://wiki.debian.org/iptables - #Create /etc/iptables.up.rules and /etc/network/if-pre-up.d/iptables touch /etc/iptables.up.rules /etc/network/if-pre-up.d/iptables /etc/iptables.test.rules diff --git a/source/Source-gen.tex b/source/Source-gen.tex index 09b296c..304119e 100644 --- a/source/Source-gen.tex +++ b/source/Source-gen.tex @@ -2,7 +2,7 @@ \texttt{SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855} \inputminted{sh}{resources/SHA256SUM} \section{\texttt{STATS}} -\texttt{SHA256: adadaa5e46ade71aa99d833d7cf64cf012501c8b7a6f6c15a3563f6ceeffa9c6} +\texttt{SHA256: b5fd0d24673c05a70026ca4db2576a80f8e8b4740e4558f29c63194a4ae58829} \inputminted{sh}{resources/STATS} \section{\texttt{apps/ansible-debian-mail/ansible.cfg}} \texttt{SHA256: 5c5bbe341a18319f6f24033c4f63fc5f1594469b4f2cfbb991ec596fd30e9a3b} @@ -148,9 +148,6 @@ \section{\texttt{apps/ansible-gitea/roles/gitea/templates/gitea.service.j2}} \texttt{SHA256: 0acbfe01156c9e39ee71a4fc64310ab003f09bfcf544df00b1f3cff010ed8f38} \inputminted{sh}{resources/apps/ansible-gitea/roles/gitea/templates/gitea.service.j2} -\section{\texttt{apps/ansible-gitea/roles/gitea/.DS\char`_Store}} -\texttt{SHA256: e97bff48aa282aacf1c59c754a7b9adfe56120c4cb1545a7488f03fee9f4e479} -\inputminted{sh}{resources/apps/ansible-gitea/roles/gitea/.DS_Store} \section{\texttt{apps/ansible-gitea/roles/nginx/defaults/main.yml}} \texttt{SHA256: 20c921226115e5a92309d543b66066438e6565bdbd054e7ca41d0fc6ddcfcd9a} \inputminted{sh}{resources/apps/ansible-gitea/roles/nginx/defaults/main.yml} @@ -169,24 +166,9 @@ \section{\texttt{apps/ansible-gitea/site.yml}} \texttt{SHA256: d74378b00af74eabe0cc11d0f0b1db5c902116c583216f14152d968e5a71e474} \inputminted{sh}{resources/apps/ansible-gitea/site.yml} -\section{\texttt{apps/forksand-nodes-bootstrap/forksand-hk1-bootstrap}} -\texttt{SHA256: d3b370cdf087289f89c827aefaf1915c35843f01f9f2d8bbeb412184b2ce2fa6} -\inputminted{sh}{resources/apps/forksand-nodes-bootstrap/forksand-hk1-bootstrap} -\section{\texttt{apps/forksand-nodes-bootstrap/forksand-hk2-bootstrap}} -\texttt{SHA256: d62d8c5f8269253f07bdd01abaf0653797627477827163625c9d2e3d207e27c8} -\inputminted{sh}{resources/apps/forksand-nodes-bootstrap/forksand-hk2-bootstrap} -\section{\texttt{apps/forksand-nodes-bootstrap/forksand-hk3-bootstrap}} -\texttt{SHA256: 7d56b22aec7e53798e88d4a03d7e390393899e1a33e03da864c817bea83c86c8} -\inputminted{sh}{resources/apps/forksand-nodes-bootstrap/forksand-hk3-bootstrap} \section{\texttt{apps/forksand-nodes-bootstrap/forksand-shark4-bootstrap}} \texttt{SHA256: 04a5efbe9a3809ac7050b727eb1d9b8f755b68dc44c990f71866422ff9bc5b15} \inputminted{sh}{resources/apps/forksand-nodes-bootstrap/forksand-shark4-bootstrap} -\section{\texttt{apps/forksand-nodes-bootstrap/forksand-the-bootstrap}} -\texttt{SHA256: cb61199026a4850f6beb9e3a2b9abcadd7f3d15c894c01060aadcc83bde25c96} -\inputminted{sh}{resources/apps/forksand-nodes-bootstrap/forksand-the-bootstrap} -\section{\texttt{apps/forksand-nodes-bootstrap/forksand-truck-bootstrap}} -\texttt{SHA256: 0691270004a884d962e82f61bbce6ffd094653d7419b081099a9f180d456719a} -\inputminted{sh}{resources/apps/forksand-nodes-bootstrap/forksand-truck-bootstrap} \section{\texttt{apps/iptables/etc/iptables}} \texttt{SHA256: 825577f3fd900576c119d0a6191de16bf2d55fb84e6749921710b293e5fd1889} \inputminted{sh}{resources/apps/iptables/etc/iptables} @@ -232,12 +214,6 @@ \section{\texttt{apps/ssh/socks-proxy.sh}} \texttt{SHA256: 646c3cdef108cf891d9d5279971f3da8a708d78b9cb18da832043ba3048cfacf} \inputminted{sh}{resources/apps/ssh/socks-proxy.sh} -\section{\texttt{apps/sunstone/etc/one/sunstone-logos.yaml}} -\texttt{SHA256: b318da9ebbe0bc3b5b80efda6c8594b2017736d8e32d3ff74aaefb727cf1fb0e} -\inputminted{sh}{resources/apps/sunstone/etc/one/sunstone-logos.yaml} -\section{\texttt{apps/sunstone/etc/one/sunstone-views.yaml}} -\texttt{SHA256: 34f5df58f4f6fce5985378c946c8b9718567a1454f171e2629b33e37ce0ca87f} -\inputminted{sh}{resources/apps/sunstone/etc/one/sunstone-views.yaml} \section{\texttt{apps/yadifa-master/etc/yadifa/yadifad.conf}} \texttt{SHA256: 1802daa96fe2a7373059b86ae166f008591aad4304eb8176e1c20f56e61e7df8} \inputminted{sh}{resources/apps/yadifa-master/etc/yadifa/yadifad.conf} diff --git a/source/forksand-it-manual.tex b/source/forksand-it-manual.tex index 01b3005..18c1dfc 100644 --- a/source/forksand-it-manual.tex +++ b/source/forksand-it-manual.tex @@ -102,7 +102,21 @@ leftmargin=1cm,rightmargin=1cm % http://mirrors.ctan.org/macros/latex/contrib/fontspec/fontspec.pdf \usepackage{fontspec} \defaultfontfeatures{Ligatures=TeX} % To support LaTeX quoting style -\setmainfont{lmroman12-regular.otf} +\setmainfont{lmroman12}[ + Extension=.otf , + UprightFont = *-regular , + SmallCapsFont = *-regular , + BoldFont = *-bold , + BoldItalicFont = *-bold , + BoldSlantedFont = *-italic , + ItalicFont = *-italic , + SlantedFont = *-italic + %, + %SmallCapsFeatures = {Letters=SmallCaps} + , + SlantedFeatures = {FakeSlant,Colour=FF0000} +] + \usepackage[normalem]{ulem} % underline @@ -186,7 +200,7 @@ leftmargin=1cm,rightmargin=1cm \makeoddfoot{aocstyle}{}{\thepage}{} %%% END forksand-it-manual PAGE STYLE %%% -%%% forksand-it-manualSKI CHAPTER STYLE %%% +%%% forksand-it-manual SKI CHAPTER STYLE %%% \makechapterstyle{aocski}{% \renewcommand*{\printchaptername}{} % Clear out the chapter name (e.g. capĂ­tulo) \renewcommand*{\printchapternum}{} % Clear out the chapter number @@ -197,7 +211,7 @@ leftmargin=1cm,rightmargin=1cm \renewcommand*{\afterchaptertitle}{\vskip\onelineskip \hrule\vskip \afterchapskip} } -%%% END forksand-it-manualSKI CHAPTER STYLE %%% +%%% END forksand-it-manual SKI CHAPTER STYLE %%% %%% FORMATTING... %%% \midsloppy @@ -265,7 +279,10 @@ leftmargin=1cm,rightmargin=1cm \pagenumbering*{arabic} %%% TABLE OF CONTENTS %%% -{\fontspec{lmroman12-regular.otf} +{ +\fontspec{lmroman12-regular.otf}[ + BoldFont = lmroman12-regular.otf +] \maxtocdepth{subsection} \settocdepth{subsection} %\setsecnumdepth{subsection} @@ -339,7 +356,6 @@ leftmargin=1cm,rightmargin=1cm %%% END CHAPTER CONFIG %%% %%% FRONTMATTER CHAPTERS %%% -\fontspec{lmroman12-regular.otf} % Format: % \chapterconf{Name of file to include}{Title of Chapter} @@ -353,7 +369,6 @@ leftmargin=1cm,rightmargin=1cm %% MAINMATTER CHAPTERS %%% % Default chapter font -\fontspec{lmroman12-regular.otf} % Format: % \chapterconf{Name of file to include}{Title of Chapter}{Subtitle} @@ -371,6 +386,7 @@ leftmargin=1cm,rightmargin=1cm \chapterconf{DNS}{Domain Name Service (DNS)}{Who Names You?} \chapterconf{NTP}{Network Time Protocol}{A Hole in Time} \chapterconf{Firmware}{Firmware}{Embedded Software} +\chapterconf{History}{History}{Evolution History} %%% Appendix %%% %\part{Appendix} % XXX \appendix @@ -411,7 +427,6 @@ leftmargin=1cm,rightmargin=1cm \endgroup \pagebreak{} \thispagestyle{empty} -\fontspec{lmroman12-regular.otf} {\include{Colophon}} %%% END COLOPHON %%% diff --git a/source/lmroman12-bold.otf b/source/lmroman12-bold.otf new file mode 100644 index 0000000..c2eab2e Binary files /dev/null and b/source/lmroman12-bold.otf differ diff --git a/source/lmroman12-italic.otf b/source/lmroman12-italic.otf new file mode 100644 index 0000000..87cc5b9 Binary files /dev/null and b/source/lmroman12-italic.otf differ diff --git a/source/resources/SHA256SUM b/source/resources/SHA256SUM index d2e040a..f6e8103 100644 --- a/source/resources/SHA256SUM +++ b/source/resources/SHA256SUM @@ -1,5 +1,5 @@ e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 ./SHA256SUM -adadaa5e46ade71aa99d833d7cf64cf012501c8b7a6f6c15a3563f6ceeffa9c6 ./STATS +b5fd0d24673c05a70026ca4db2576a80f8e8b4740e4558f29c63194a4ae58829 ./STATS 5c5bbe341a18319f6f24033c4f63fc5f1594469b4f2cfbb991ec596fd30e9a3b ./apps/ansible-debian-mail/ansible.cfg b5f417e155b47834e49be9243ba776a6516c56c3ed0121d2bc4d022d5acacd87 ./apps/ansible-debian-mail/group_vars/all.yml cc816d03579097542ca85c188995a412d619c08c84bf3dfef73191fc5cc05b54 ./apps/ansible-debian-mail/inventory.yml @@ -48,19 +48,13 @@ cc816d03579097542ca85c188995a412d619c08c84bf3dfef73191fc5cc05b54 ./apps/ansible bc5f081dfd51f5c920c8dda1873560a2602204dd9d28a881238fd66e22437c2d ./apps/ansible-gitea/roles/gitea/tasks/main.yml c8be571f2f2407240bc88997aedf70c9230554a65132ebab9a1ee0d4296ff9d3 ./apps/ansible-gitea/roles/gitea/templates/gitea.ini.j2 0acbfe01156c9e39ee71a4fc64310ab003f09bfcf544df00b1f3cff010ed8f38 ./apps/ansible-gitea/roles/gitea/templates/gitea.service.j2 -e97bff48aa282aacf1c59c754a7b9adfe56120c4cb1545a7488f03fee9f4e479 ./apps/ansible-gitea/roles/gitea/.DS_Store 20c921226115e5a92309d543b66066438e6565bdbd054e7ca41d0fc6ddcfcd9a ./apps/ansible-gitea/roles/nginx/defaults/main.yml 5a3990dbfb331c83fbbff76368a2426ae03d34052454aa6676f52b7e4652d561 ./apps/ansible-gitea/roles/nginx/handlers/main.yml 5232d5b0894c1e6a3da8472591ef49e9c80e927cdbec626c15c9e1a9796729a8 ./apps/ansible-gitea/roles/nginx/tasks/main.yml 1ecb64716e6674eb30a145c79859774cc5772304828553474c05820a2151ff3b ./apps/ansible-gitea/roles/nginx/templates/nginx.conf.j2 4d7edebbe48f20aeeb49599d32fc5531db943cbf43d7e9995674c180b56f2e77 ./apps/ansible-gitea/roles/nginx/templates/nginxssl.conf.j2 d74378b00af74eabe0cc11d0f0b1db5c902116c583216f14152d968e5a71e474 ./apps/ansible-gitea/site.yml -d3b370cdf087289f89c827aefaf1915c35843f01f9f2d8bbeb412184b2ce2fa6 ./apps/forksand-nodes-bootstrap/forksand-hk1-bootstrap -d62d8c5f8269253f07bdd01abaf0653797627477827163625c9d2e3d207e27c8 ./apps/forksand-nodes-bootstrap/forksand-hk2-bootstrap -7d56b22aec7e53798e88d4a03d7e390393899e1a33e03da864c817bea83c86c8 ./apps/forksand-nodes-bootstrap/forksand-hk3-bootstrap 04a5efbe9a3809ac7050b727eb1d9b8f755b68dc44c990f71866422ff9bc5b15 ./apps/forksand-nodes-bootstrap/forksand-shark4-bootstrap -cb61199026a4850f6beb9e3a2b9abcadd7f3d15c894c01060aadcc83bde25c96 ./apps/forksand-nodes-bootstrap/forksand-the-bootstrap -0691270004a884d962e82f61bbce6ffd094653d7419b081099a9f180d456719a ./apps/forksand-nodes-bootstrap/forksand-truck-bootstrap 825577f3fd900576c119d0a6191de16bf2d55fb84e6749921710b293e5fd1889 ./apps/iptables/etc/iptables 4b50c760daa85619a74f1c635b26807fcc7f8bedb90bd22893de8c98f3d78ff1 ./apps/iptables/etc/iptables.test.rules acb247e6caa20a6e5cac57de3137a6bd561f810e4b92d2e32d31064e4e998720 ./apps/oca-forksand-v1_1/README.rst @@ -76,8 +70,6 @@ a149aa2a11f17a20eda8f32e2ef5b34e403b772d53f1dcd2a62bd44b166c2122 ./apps/oca/lib eec3af072498c00dd207f85d05de93ae81b4a0a6f4d31aa6b1dfb31af84eb07f ./apps/odoo/odoo11-deb-install.sh 8e0ee0af15f20e6a5120f9bca4b073532002f8d309dc365c64734b111c03ae4e ./apps/ssh/socks-chain.sh 646c3cdef108cf891d9d5279971f3da8a708d78b9cb18da832043ba3048cfacf ./apps/ssh/socks-proxy.sh -b318da9ebbe0bc3b5b80efda6c8594b2017736d8e32d3ff74aaefb727cf1fb0e ./apps/sunstone/etc/one/sunstone-logos.yaml -34f5df58f4f6fce5985378c946c8b9718567a1454f171e2629b33e37ce0ca87f ./apps/sunstone/etc/one/sunstone-views.yaml 1802daa96fe2a7373059b86ae166f008591aad4304eb8176e1c20f56e61e7df8 ./apps/yadifa-master/etc/yadifa/yadifad.conf e2c4028695f3ac6b6ed8afb963a7821589b94ed81a2d068d7480b809d402c830 ./apps/yadifa-master/var/lib/yadifa/masters/solipsists.org.zone 705f36a12aee30e8510e5d06f1d3dd471a82aa518e00648a83f8f9d1146b8186 ./apps/yadifa-slave/etc/yadifa/yadifad.conf diff --git a/source/resources/STATS b/source/resources/STATS index 8b52eb7..0f2c8af 100644 --- a/source/resources/STATS +++ b/source/resources/STATS @@ -1,2 +1,2 @@ -There are 86 source code files included. -There are 83 unique files. +There are 78 source code files included. +There are 75 unique files. diff --git a/source/resources/apps/forksand-nodes-bootstrap/forksand-hk1-bootstrap b/source/resources/apps/forksand-nodes-bootstrap/forksand-hk1-bootstrap deleted file mode 100644 index 7418ba0..0000000 --- a/source/resources/apps/forksand-nodes-bootstrap/forksand-hk1-bootstrap +++ /dev/null @@ -1,329 +0,0 @@ -#!/bin/bash -# forksand-bootstrap-hk1 -# GPLv3+ -# This script does some initial setup and config -# Sets up Proxmox. - -# Log script -exec > >(tee /root/bootstrap-hk1.log) 2>/root/bootstrap-hk1.err - -set -x - -# Set locale -echo "en_US.UTF-8 UTF-8" > /etc/locale.gen -locale-gen -update-locale - -# XXX Set timezone -ln -sf /usr/share/zoneinfo/America/Denver /etc/localtime - -# Set up git for tracking. XXX Ansible... XXX -apt-get -y install git sudo -cd /etc -git init -chmod og-rwx /etc/.git - -cat > /etc/.gitignore < /etc/apt/sources.list < /etc/default/cpufrequtils -/etc/init.d/cpufrequtils restart -cd /etc ; git add . ; git commit -a -m 'Set up cpufrequtils' - -# Small user tweaks -echo :syntax on > ~/.vimrc -echo :syntax on > /home/jebba/.vimrc -chown jebba:jebba /home/jebba/.vimrc -echo export EDITOR=vi >> /root/.bashrc - -# XXX Passwordless sudo XXX Ya, probably remove -sed -i -e 's/%sudo\tALL=(ALL:ALL) ALL/%sudo ALL=(ALL) NOPASSWD: ALL/g' /etc/sudoers - -adduser jebba sudo -cd /etc ; git add . ; git commit -a -m 'Set up passwordless sudo' - -# SSH config XXX sed cruft -sed -i \ - -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' \ - -e 's/\#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' \ - -e 's/\#PasswordAuthentication yes/PasswordAuthentication no/g' \ - -e 's/\#X11Forwarding yes/X11Forwarding no/g' \ - /etc/ssh/sshd_config - -echo 'KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256' >> /etc/ssh/sshd_config - -echo 'Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr' >> /etc/ssh/sshd_config - -# Need to update/fix for Debian Buster (testing/10). This line breaks Buster: -#echo 'MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com' >> /etc/ssh/sshd_config - -# XXX Add admins as only allowed ssh users -# XXX add user for ansbile -echo "AllowUsers jebba root" >> /etc/ssh/sshd_config - -cd /etc ; git add . ; git commit -a -m 'Set up sshd' -systemctl restart sshd - -# Startup XXX disable unneeded. -for i in rsync exim4 saned -do echo $i - /usr/sbin/update-rc.d $i disable -done -# XXX KILL THIS, listening on public port (firewalled, but still): -# tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 296/systemd-resolve -cd /etc ; git add . ; git commit -a -m 'Turn off junk on boot' - -# GRUB -sed -i -e 's/^GRUB_TIMEOUT=5/GRUB_TIMEOUT=4/g' /etc/default/grub -sed -i -e 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub -echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub - -update-grub - -cd /etc ; git add . ; git commit -a -m 'GRUB tweaks' - -# Fix network to come up on boot -sed -i -e 's/allow-hotplug/auto/g' /etc/network/interfaces -cd /etc ; git add . ; git commit -a -m 'Auto start network' - -# XXX not sure why this is getting installed: -apt-get -y autoremove - -apt-get -y remove os-prober - -# Proxmox -#cat > /etc/apt/sources.list.d/pve-enterprise.list< /etc/apt/sources.list.d/pve-no-subscription.list< /etc/apt/auth.conf< System --> Network -# Fix subnet mask, IP in web gui. -# Create --> Linux Bridge: -# vmbr0 -# XXX best way for this server? No subnet. -# -# Set up ethernet ports -# XXX check name Disable enp2s0 (Autostart no) -# set up vmbr0 to the main IP, gateway, etc. -# Create Linux Bridge in web interface -# vmbr0 -#XXX THIS ISN'T CORRECT IP -# 174.128.229.130/27 -# 255.255.255.224 -# Autostart -# VLAN Aware -# Bridge: enp2s0 -# Comment Main bridge -# -# Set up 10.2.2.0 and 10.99.99.0 networks statically -# on secondary ethernet interfaces - -# Reboot! hk1 (host) --> Restart - -# Configure Corosync -# Set up hosts -# XXX MAKE SURE NEW NODES GET ADDED TO EXISTING SERVER /etc/hosts -echo "10.3.3.1 hk1-coro" >> /etc/hosts -echo "10.3.3.2 hk2-coro" >> /etc/hosts -echo "10.3.3.3 hk3-coro" >> /etc/hosts - -echo "10.88.88.1 hk2-fs" >> /etc/hosts -echo "10.88.88.2 hk2-fs" >> /etc/hosts -echo "10.88.88.3 hk3-fs" >> /etc/hosts - -# Test cluster ping -for i in hk1-coro hk2-coro hk3-coro -do ping -q -c1 $i -done - -# Test ssh -for i in hk1-coro hk2-coro hk3-coro -do ssh $i hostname -done -# ssh via IP -for i in 10.2.2.3 -do ssh $i hostname -done - -# Note this is needed on at least one of the SharkTech servers or -# you get bad UDP checksums -# Also set to correct ethernet device -# XXX CHECK -ethtool -K enp3s0 gso off -ethtool --offload enp3s0 rx off tx off -ethtool -K enp4s0 gso off -ethtool --offload enp4s0 rx off tx off - -# Run this on just one node, hk1, to get the cluster started -pvecm create hkfork --bindnet0_addr 10.2.2.1 --ring0_addr hk1-coro - -# Run this on hk3 -#pvecm add 10.2.2.1 --ring0_addr hk3-coro - -pvecm status -pvecm nodes - -# rebootz ? - -# After Cluster is Configured -# =========================== - -# Data Center --> Permissions --> Users -# Add user with Realm Proxmox VE authentication server. -# Give user root permissions: Datacenter --> Permissions --> Add --> User permission. -# Path: / User: j Role: Administrator -# XXX Or create admin group, add perms to that... -# Permissions --> Authentication. Set Proxmox VE authentication server to default. - -# Storage -# Datacenter --> Storage --> Edit local. Enable all content (add VZDump) -# -# DNS -# hk1 (host) --> System --> DNS -# Add servers: -# 208.67.222.222 208.67.220.220 37.235.1.174 -# diff --git a/source/resources/apps/forksand-nodes-bootstrap/forksand-hk2-bootstrap b/source/resources/apps/forksand-nodes-bootstrap/forksand-hk2-bootstrap deleted file mode 100644 index 34f7f54..0000000 --- a/source/resources/apps/forksand-nodes-bootstrap/forksand-hk2-bootstrap +++ /dev/null @@ -1,329 +0,0 @@ -#!/bin/bash -# forksand-bootstrap-hk2 -# GPLv3+ -# This script does some initial setup and config -# Sets up Proxmox. - -# Log script -exec > >(tee /root/bootstrap-hk2.log) 2>/root/bootstrap-hk2.err - -set -x - -# Set locale -echo "en_US.UTF-8 UTF-8" > /etc/locale.gen -locale-gen -update-locale - -# XXX Set timezone -ln -sf /usr/share/zoneinfo/America/Denver /etc/localtime - -# Set up git for tracking. XXX Ansible... XXX -apt-get -y install git sudo -cd /etc -git init -chmod og-rwx /etc/.git - -cat > /etc/.gitignore < /etc/apt/sources.list < /etc/default/cpufrequtils -/etc/init.d/cpufrequtils restart -cd /etc ; git add . ; git commit -a -m 'Set up cpufrequtils' - -# Small user tweaks -echo :syntax on > ~/.vimrc -echo :syntax on > /home/jebba/.vimrc -chown jebba:jebba /home/jebba/.vimrc -echo export EDITOR=vi >> /root/.bashrc - -# XXX Passwordless sudo XXX Ya, probably remove -sed -i -e 's/%sudo\tALL=(ALL:ALL) ALL/%sudo ALL=(ALL) NOPASSWD: ALL/g' /etc/sudoers - -adduser jebba sudo -cd /etc ; git add . ; git commit -a -m 'Set up passwordless sudo' - -# SSH config XXX sed cruft -sed -i \ - -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' \ - -e 's/\#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' \ - -e 's/\#PasswordAuthentication yes/PasswordAuthentication no/g' \ - -e 's/\#X11Forwarding yes/X11Forwarding no/g' \ - /etc/ssh/sshd_config - -echo 'KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256' >> /etc/ssh/sshd_config - -echo 'Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr' >> /etc/ssh/sshd_config - -# Need to update/fix for Debian Buster (testing/10). This line breaks Buster: -#echo 'MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com' >> /etc/ssh/sshd_config - -# XXX Add admins as only allowed ssh users -# XXX add user for ansbile -echo "AllowUsers jebba root" >> /etc/ssh/sshd_config - -cd /etc ; git add . ; git commit -a -m 'Set up sshd' -systemctl restart sshd - -# Startup XXX disable unneeded. -for i in rsync exim4 saned -do echo $i - /usr/sbin/update-rc.d $i disable -done -# XXX KILL THIS, listening on public port (firewalled, but still): -# tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 296/systemd-resolve -cd /etc ; git add . ; git commit -a -m 'Turn off junk on boot' - -# GRUB -sed -i -e 's/^GRUB_TIMEOUT=5/GRUB_TIMEOUT=4/g' /etc/default/grub -sed -i -e 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub -echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub - -update-grub - -cd /etc ; git add . ; git commit -a -m 'GRUB tweaks' - -# Fix network to come up on boot -sed -i -e 's/allow-hotplug/auto/g' /etc/network/interfaces -cd /etc ; git add . ; git commit -a -m 'Auto start network' - -# XXX not sure why this is getting installed: -apt-get -y autoremove - -apt-get -y remove os-prober - -# Proxmox -#cat > /etc/apt/sources.list.d/pve-enterprise.list< /etc/apt/sources.list.d/pve-no-subscription.list< /etc/apt/auth.conf< System --> Network -# Fix subnet mask, IP in web gui. -# Create --> Linux Bridge: -# vmbr0 -# XXX best way for this server? No subnet. -# -# Set up ethernet ports -# XXX check name Disable enp2s0 (Autostart no) -# set up vmbr0 to the main IP, gateway, etc. -# Create Linux Bridge in web interface -# vmbr0 -#XXX THIS ISN'T CORRECT IP -# 174.128.229.130/27 -# 255.255.255.224 -# Autostart -# VLAN Aware -# Bridge: enp2s0 -# Comment Main bridge -# -# Set up 10.2.2.0 and 10.99.99.0 networks statically -# on secondary ethernet interfaces - -# Reboot! hk2 (host) --> Restart - -# Configure Corosync -# Set up hosts -# XXX MAKE SURE NEW NODES GET ADDED TO EXISTING SERVER /etc/hosts -echo "10.3.3.1 hk1-coro" >> /etc/hosts -echo "10.3.3.2 hk2-coro" >> /etc/hosts -echo "10.3.3.3 hk3-coro" >> /etc/hosts - -echo "10.88.88.1 hk2-fs" >> /etc/hosts -echo "10.88.88.2 hk2-fs" >> /etc/hosts -echo "10.88.88.3 hk3-fs" >> /etc/hosts - -# Test cluster ping -for i in hk1-coro hk2-coro hk3-coro -do ping -q -c1 $i -done - -# Test ssh -for i in hk1-coro hk2-coro hk3-coro -do ssh $i hostname -done -# ssh via IP -for i in 10.2.2.3 -do ssh $i hostname -done - -# Note this is needed on at least one of the SharkTech servers or -# you get bad UDP checksums -# Also set to correct ethernet device -# XXX CHECK -ethtool -K enp3s0 gso off -ethtool --offload enp3s0 rx off tx off -ethtool -K enp4s0 gso off -ethtool --offload enp4s0 rx off tx off - -# Run this on just one node, hk1, to get the cluster started -#pvecm create hkfork --bindnet0_addr 10.2.2.1 --ring0_addr hk1-coro - -# Run this on hk2 -pvecm add 10.2.2.1 --ring0_addr hk1-coro - -pvecm status -pvecm nodes - -# rebootz ? - -# After Cluster is Configured -# =========================== - -# Data Center --> Permissions --> Users -# Add user with Realm Proxmox VE authentication server. -# Give user root permissions: Datacenter --> Permissions --> Add --> User permission. -# Path: / User: j Role: Administrator -# XXX Or create admin group, add perms to that... -# Permissions --> Authentication. Set Proxmox VE authentication server to default. - -# Storage -# Datacenter --> Storage --> Edit local. Enable all content (add VZDump) -# -# DNS -# hk2 (host) --> System --> DNS -# Add servers: -# 208.67.222.222 208.67.220.220 37.235.1.174 -# diff --git a/source/resources/apps/forksand-nodes-bootstrap/forksand-hk3-bootstrap b/source/resources/apps/forksand-nodes-bootstrap/forksand-hk3-bootstrap deleted file mode 100644 index 1e66d60..0000000 --- a/source/resources/apps/forksand-nodes-bootstrap/forksand-hk3-bootstrap +++ /dev/null @@ -1,329 +0,0 @@ -#!/bin/bash -# forksand-bootstrap-hk3 -# GPLv3+ -# This script does some initial setup and config -# Sets up Proxmox. - -# Log script -exec > >(tee /root/bootstrap-hk3.log) 2>/root/bootstrap-hk3.err - -set -x - -# Set locale -echo "en_US.UTF-8 UTF-8" > /etc/locale.gen -locale-gen -update-locale - -# XXX Set timezone -ln -sf /usr/share/zoneinfo/America/Denver /etc/localtime - -# Set up git for tracking. XXX Ansible... XXX -apt-get -y install git sudo -cd /etc -git init -chmod og-rwx /etc/.git - -cat > /etc/.gitignore < /etc/apt/sources.list < /etc/default/cpufrequtils -/etc/init.d/cpufrequtils restart -cd /etc ; git add . ; git commit -a -m 'Set up cpufrequtils' - -# Small user tweaks -echo :syntax on > ~/.vimrc -echo :syntax on > /home/jebba/.vimrc -chown jebba:jebba /home/jebba/.vimrc -echo export EDITOR=vi >> /root/.bashrc - -# XXX Passwordless sudo XXX Ya, probably remove -sed -i -e 's/%sudo\tALL=(ALL:ALL) ALL/%sudo ALL=(ALL) NOPASSWD: ALL/g' /etc/sudoers - -adduser jebba sudo -cd /etc ; git add . ; git commit -a -m 'Set up passwordless sudo' - -# SSH config XXX sed cruft -sed -i \ - -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' \ - -e 's/\#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' \ - -e 's/\#PasswordAuthentication yes/PasswordAuthentication no/g' \ - -e 's/\#X11Forwarding yes/X11Forwarding no/g' \ - /etc/ssh/sshd_config - -echo 'KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256' >> /etc/ssh/sshd_config - -echo 'Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr' >> /etc/ssh/sshd_config - -# Need to update/fix for Debian Buster (testing/10). This line breaks Buster: -#echo 'MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com' >> /etc/ssh/sshd_config - -# XXX Add admins as only allowed ssh users -# XXX add user for ansbile -echo "AllowUsers jebba root" >> /etc/ssh/sshd_config - -cd /etc ; git add . ; git commit -a -m 'Set up sshd' -systemctl restart sshd - -# Startup XXX disable unneeded. -for i in rsync exim4 saned -do echo $i - /usr/sbin/update-rc.d $i disable -done -# XXX KILL THIS, listening on public port (firewalled, but still): -# tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 296/systemd-resolve -cd /etc ; git add . ; git commit -a -m 'Turn off junk on boot' - -# GRUB -sed -i -e 's/^GRUB_TIMEOUT=5/GRUB_TIMEOUT=4/g' /etc/default/grub -sed -i -e 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub -echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub - -update-grub - -cd /etc ; git add . ; git commit -a -m 'GRUB tweaks' - -# Fix network to come up on boot -sed -i -e 's/allow-hotplug/auto/g' /etc/network/interfaces -cd /etc ; git add . ; git commit -a -m 'Auto start network' - -# XXX not sure why this is getting installed: -apt-get -y autoremove - -apt-get -y remove os-prober - -# Proxmox -#cat > /etc/apt/sources.list.d/pve-enterprise.list< /etc/apt/sources.list.d/pve-no-subscription.list< /etc/apt/auth.conf< System --> Network -# Fix subnet mask, IP in web gui. -# Create --> Linux Bridge: -# vmbr0 -# XXX best way for this server? No subnet. -# -# Set up ethernet ports -# XXX check name Disable enp2s0 (Autostart no) -# set up vmbr0 to the main IP, gateway, etc. -# Create Linux Bridge in web interface -# vmbr0 -#XXX THIS ISN'T CORRECT IP -# 174.128.229.130/27 -# 255.255.255.224 -# Autostart -# VLAN Aware -# Bridge: enp2s0 -# Comment Main bridge -# -# Set up 10.2.2.0 and 10.99.99.0 networks statically -# on secondary ethernet interfaces - -# Reboot! hk3 (host) --> Restart - -# Configure Corosync -# Set up hosts -# XXX MAKE SURE NEW NODES GET ADDED TO EXISTING SERVER /etc/hosts -echo "10.3.3.1 hk1-coro" >> /etc/hosts -echo "10.3.3.2 hk2-coro" >> /etc/hosts -echo "10.3.3.3 hk3-coro" >> /etc/hosts - -echo "10.88.88.1 hk2-fs" >> /etc/hosts -echo "10.88.88.2 hk2-fs" >> /etc/hosts -echo "10.88.88.3 hk3-fs" >> /etc/hosts - -# Test cluster ping -for i in hk1-coro hk2-coro hk3-coro -do ping -q -c1 $i -done - -# Test ssh -for i in hk1-coro hk2-coro hk3-coro -do ssh $i hostname -done -# ssh via IP -for i in 10.2.2.3 -do ssh $i hostname -done - -# Note this is needed on at least one of the SharkTech servers or -# you get bad UDP checksums -# Also set to correct ethernet device -# XXX CHECK -ethtool -K enp3s0 gso off -ethtool --offload enp3s0 rx off tx off -ethtool -K enp4s0 gso off -ethtool --offload enp4s0 rx off tx off - -# Run this on just one node, hk3, to get the cluster started -#pvecm create hkfork --bindnet0_addr 10.2.2.3 --ring0_addr hk3-coro - -# Run this on hk3 -pvecm add 10.2.2.1 --ring0_addr hk3-coro - -pvecm status -pvecm nodes - -# rebootz ? - -# After Cluster is Configured -# =========================== - -# Data Center --> Permissions --> Users -# Add user with Realm Proxmox VE authentication server. -# Give user root permissions: Datacenter --> Permissions --> Add --> User permission. -# Path: / User: j Role: Administrator -# XXX Or create admin group, add perms to that... -# Permissions --> Authentication. Set Proxmox VE authentication server to default. - -# Storage -# Datacenter --> Storage --> Edit local. Enable all content (add VZDump) -# -# DNS -# hk3 (host) --> System --> DNS -# Add servers: -# 208.67.222.222 208.67.220.220 37.235.1.174 -# diff --git a/source/resources/apps/forksand-nodes-bootstrap/forksand-the-bootstrap b/source/resources/apps/forksand-nodes-bootstrap/forksand-the-bootstrap deleted file mode 100644 index 5d918da..0000000 --- a/source/resources/apps/forksand-nodes-bootstrap/forksand-the-bootstrap +++ /dev/null @@ -1,375 +0,0 @@ -#!/bin/bash -# forksand-bootstrap-the -# GPLv3+ -# This script does some initial setup and config -# Sets up Proxmox. -# IPv6 is left enabled. -# Firewalling is done through Proxmox. -# Edit below to add Proxmox Enterprise Key. XXX broken, use community repo. - -# XXX set up hostname - -# XXX set network to auto not hotplug XXX - -# Log script -exec > >(tee /root/bootstrap-the.log) 2>/root/bootstrap-the.err - -set -x - -# Set locale -echo "en_US.UTF-8 UTF-8" > /etc/locale.gen -locale-gen -update-locale - -# XXX Set timezone -ln -sf /usr/share/zoneinfo/America/Denver /etc/localtime - -# Set up git for tracking. XXX Ansible... XXX -echo 'Acquire::http::Proxy "http://192.168.110.72:3142";' > /etc/apt/apt.conf -apt-get -y install git sudo -cd /etc -git init -chmod og-rwx /etc/.git - -cat > /etc/.gitignore < /etc/apt/sources.list < /etc/default/cpufrequtils -/etc/init.d/cpufrequtils restart -cd /etc ; git add . ; git commit -a -m 'Set up cpufrequtils' - -# Small user tweaks -echo :syntax on > ~/.vimrc -echo :syntax on > /home/jebba/.vimrc -chown jebba:jebba /home/jebba/.vimrc -echo export EDITOR=vi >> /root/.bashrc - -# XXX Passwordless sudo XXX Ya, probably remove -sed -i -e 's/%sudo\tALL=(ALL:ALL) ALL/%sudo ALL=(ALL) NOPASSWD: ALL/g' /etc/sudoers - -adduser jebba sudo -cd /etc ; git add . ; git commit -a -m 'Set up passwordless sudo' - -# SSH config XXX sed cruft -sed -i \ - -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' \ - -e 's/\#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' \ - -e 's/\#PasswordAuthentication yes/PasswordAuthentication no/g' \ - -e 's/\#X11Forwarding yes/X11Forwarding no/g' \ - /etc/ssh/sshd_config - -echo 'KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256' >> /etc/ssh/sshd_config - -echo 'Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr' >> /etc/ssh/sshd_config - -# Need to update/fix for Debian Buster (testing/10). This line breaks Buster: -#echo 'MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com' >> /etc/ssh/sshd_config - -# XXX Add admins as only allowed ssh users -# XXX add user for ansbile -echo "AllowUsers jebba root" >> /etc/ssh/sshd_config - -cd /etc ; git add . ; git commit -a -m 'Set up sshd' -systemctl restart sshd - -# Startup XXX disable unneeded. -for i in rsync exim4 saned -do echo $i - /usr/sbin/update-rc.d $i disable -done -# XXX KILL THIS, listening on public port (firewalled, but still): -# tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 296/systemd-resolve -cd /etc ; git add . ; git commit -a -m 'Turn off junk on boot' - -# GRUB -sed -i -e 's/^GRUB_TIMEOUT=5/GRUB_TIMEOUT=4/g' /etc/default/grub -sed -i -e 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub -echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub - -update-grub - -cd /etc ; git add . ; git commit -a -m 'GRUB tweaks' - -# Fix network to come up on boot -sed -i -e 's/allow-hotplug/auto/g' /etc/network/interfaces -cd /etc ; git add . ; git commit -a -m 'Auto start network' - -# XXX not sure why this is getting installed: -apt-get -y autoremove - -# Proxmox -#cat > /etc/apt/sources.list.d/pve-enterprise.list< /etc/apt/sources.list.d/pve-no-subscription.list< /etc/apt/auth.conf< Linux Bridge: -# vmbr0 - -# rebootz -# -# Set up templates - -# Cluster Corosync -exit 0 -echo "10.8.8.88 truck-coro" >> /etc/hosts -echo "10.8.8.90 swutch-coro" >> /etc/hosts -echo "10.8.8.87 wall-coro" >> /etc/hosts -echo "10.8.8.66 the-coro" >> /etc/hosts -echo "10.99.99.88 truck-fs" >> /etc/hosts -echo "10.99.99.90 swutch-fs" >> /etc/hosts -echo "10.99.99.87 wall-fs" >> /etc/hosts -echo "10.99.99.66 the-fs" >> /etc/hosts - -# Test cluster ping -for i in truck-coro swutch-coro wall-coro the-coro -do ping -q -c1 $i -done - -# more stuff -apt remove os-prober - -# Disable enp3s0 (Autostart no) -# -# set up vmbr0 to the main IP, gateway, etc. -# Create Linux Bridge in web interface -# vmbr0 -# 192.168.110.66 -# 255.255.255.0 -# Gateway 192.168.110.252 -# Autostart -# VLAN Aware -# Bridge: enp3s0f1 -# Comment Main bridge - -# Set up corosync ethernet interfaces -# 10.8.8.66 -# 255.255.255.0 -# Autostart -# VLAN Aware -# Bridge enx000acd31ac3d -# Comment the-coro - -# Set up ceph ethernet interfaces -# 10.99.99.66 -# 255.255.255.0 -# Autostart -# VLAN Aware -# Bridge enx000acd31ac3e -# Comment fs-coro - -# rebooootz - -# Add the to /etc/hosts on other servers: -10.8.8.66 the-coro -10.99.99.66 the-fs - -# Add the the ssh key to ONE node - -# Add truck, wall, swutch ssh keys to the - - -# Test flood multicast on private interface -omping -c 10000 -i 0.001 -F -q swutch-coro truck-coro the-coro wall-coro -# Ten minute test: -omping -c 600 -i 1 -q swutch-coro truck-coro wall-coro the-coro - -# Set up ssh as root to/from all nodes -# Best way to do this ... XXX -echo "fookey" >> /root/.ssh/authorized_keys -# test SSH -/etc/init.d/ssh restart - -for i in the wall truck swutch ;do ssh $i hostname ;done -for i in the-coro wall-coro truck-coro swutch-coro ;do ssh $i hostname ;done -for i in the-fs wall-fs truck-fs swutch-fs ;do ssh $i hostname ;done - - -# Run on the: -pvecm add 10.8.8.88 --ring0_addr the-coro - -# If `tcpdump -vvv -i enp10s0` show bad udp checksums, run this: -# XXX ok on the, wall, swutch, truck -ethtool -K enp10s0 gso off -ethtool --offload enp10s0 rx off tx off - -# Run on all nodes: -pveceph install --version luminous - -# Then run on remaining nodes, the: -pveceph createmon - -# On all nodes: -pveceph createmgr - -# internal drives -# Create a GPT disklabel with fdisk -fdisk /dev/nvme0n1 -# g -# w -pveceph createosd /dev/nvme0n1 -# Create a GPT disklabel with fdisk -fdisk /dev/sda -# g -# w -pveceph createosd /dev/sda - - -#===================== XXX best way? XXX ==================== -# XXX maybe not needed ? -# XXX actually, remove this and do no auth since it is private network. -mkdir /etc/pve/priv/ceph -cp -p /etc/pve/priv/ceph.client.admin.keyring /etc/pve/priv/ceph/my-ceph-storage.keyring -# Edit on just one node (shared on all) -vim /etc/pve/storage.cfg - -# Do this instead of my-ceph-storage.keyring -# Edit on one node: -vim /etc/pve/ceph.conf -auth cluster required = none -auth service required = none -auth client required = none -# restart stuff -systemctl stop ceph\*.service ceph\*.target -mkdir /etc/pve/priv/ceph/old -mv /etc/pve/priv/ceph/*keyring /etc/pve/priv/ceph/old/ -#===================== XXX best way? XXX ==================== diff --git a/source/resources/apps/forksand-nodes-bootstrap/forksand-truck-bootstrap b/source/resources/apps/forksand-nodes-bootstrap/forksand-truck-bootstrap deleted file mode 100644 index 37a5c1c..0000000 --- a/source/resources/apps/forksand-nodes-bootstrap/forksand-truck-bootstrap +++ /dev/null @@ -1,393 +0,0 @@ -#!/bin/bash -# forksand-bootstrap-truck -# GPLv3+ -# This script does some initial setup and config -# Sets up Proxmox. -# IPv6 is left enabled. -# Firewalling is done through Proxmox. -# Edit below to add Proxmox Enterprise Key. XXX broken, use community repo. - -# XXX set up hostname - -# XXX set network to auto not hotplug XXX - -# Log script -exec > >(tee /root/bootstrap-truck.log) 2>/root/bootstrap-truck.err - -set -x - -# Set locale -echo "en_US.UTF-8 UTF-8" > /etc/locale.gen -locale-gen -update-locale - -# XXX Set timezone -ln -sf /usr/share/zoneinfo/America/Denver /etc/localtime - -# Set up git for tracking. XXX Ansible... XXX -echo 'Acquire::http::Proxy "http://192.168.110.72:3142";' > /etc/apt/apt.conf -apt-get -y install git sudo -cd /etc -git init -chmod og-rwx /etc/.git - -cat > /etc/.gitignore < /etc/apt/sources.list < /etc/default/cpufrequtils -/etc/init.d/cpufrequtils restart -cd /etc ; git add . ; git commit -a -m 'Set up cpufrequtils' - -# Small user tweaks -echo :syntax on > ~/.vimrc -echo :syntax on > /home/jebba/.vimrc -chown jebba:jebba /home/jebba/.vimrc -echo export EDITOR=vi >> /root/.bashrc - -# XXX Passwordless sudo XXX Ya, probably remove -sed -i -e 's/%sudo\tALL=(ALL:ALL) ALL/%sudo ALL=(ALL) NOPASSWD: ALL/g' /etc/sudoers - -adduser jebba sudo -cd /etc ; git add . ; git commit -a -m 'Set up passwordless sudo' - -# SSH config XXX sed cruft -sed -i \ - -e 's/PermitRootLogin yes/PermitRootLogin prohibit-password/g' \ - -e 's/\#PermitRootLogin prohibit-password/PermitRootLogin prohibit-password/g' \ - -e 's/\#PasswordAuthentication yes/PasswordAuthentication no/g' \ - -e 's/\#X11Forwarding yes/X11Forwarding no/g' \ - /etc/ssh/sshd_config - -echo 'KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256' >> /etc/ssh/sshd_config - -echo 'Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr' >> /etc/ssh/sshd_config - -# Need to update/fix for Debian Buster (testing/10). This line breaks Buster: -#echo 'MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com' >> /etc/ssh/sshd_config - -# XXX Add admins as only allowed ssh users -# XXX add user for ansbile -echo "AllowUsers jebba root" >> /etc/ssh/sshd_config - -cd /etc ; git add . ; git commit -a -m 'Set up sshd' -systemctl restart sshd - -# Startup XXX disable unneeded. -for i in rsync exim4 saned -do echo $i - /usr/sbin/update-rc.d $i disable -done -# XXX KILL THIS, listening on public port (firewalled, but still): -# tcp 0 0 0.0.0.0:5355 0.0.0.0:* LISTEN 296/systemd-resolve -cd /etc ; git add . ; git commit -a -m 'Turn off junk on boot' - -# GRUB -sed -i -e 's/^GRUB_TIMEOUT=5/GRUB_TIMEOUT=4/g' /etc/default/grub -sed -i -e 's/^#GRUB_TERMINAL=console/GRUB_TERMINAL=console/g' /etc/default/grub -echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub - -update-grub - -cd /etc ; git add . ; git commit -a -m 'GRUB tweaks' - -# Fix network to come up on boot -sed -i -e 's/allow-hotplug/auto/g' /etc/network/interfaces -cd /etc ; git add . ; git commit -a -m 'Auto start network' - -# XXX not sure why this is getting installed: -apt-get -y autoremove - -# Proxmox -#cat > /etc/apt/sources.list.d/pve-enterprise.list< /etc/apt/sources.list.d/pve-no-subscription.list< /etc/apt/auth.conf< Permissions --> Users -# Add user with Realm Proxmox VE authentication server. -# Give user root permissions: Datacenter --> Permissions --> Add --> User permission. -# Path: / User: j Role: Administrator -# XXX Or create admin group, add perms to that... -# Permissions --> Authentication. Set Proxmox VE authentication server to default. -# -# Enable firewall. -# Datacenter --> truck (host) --> Firewall --> Add. -# Open up for SSH and SSH alt port. -# Enable firewall for datacenter: -# Datacenter --> Firewall --> Options --> Firewall --> Yes -# Enable firewall for truck: -# Open up for SSH and SSH alt port. -# REJECT everything coming in. (then DROP) -# Reorder to ACCEPT SSH at top -# -cd /etc ; git add . ; git commit -a -m 'Initial Proxmox configuration' -# -# Reboot! truck (host) --> Restart -# -# XXX -# Datacenter --> Firewall --> Add. -# REJECT any in -# -# Storage -# Datacenter --> Storage --> Edit local. Enable all content (add VZDump) -# -# XXX postfix -# -# DNS -# truck (host) --> System --> DNS -# Add servers: -# 208.67.222.222 208.67.220.220 37.235.1.174 -# -# Netwok -# truck (host) --> System --> Network -# Fix subnet mask, IP in web gui. -# Create --> Linux Bridge: -# vmbr0 -# XXX best way for this server? No subnet. -# - -# rebootz -# -# Set up templates - -# XXX TOTAL MEH XXX -# add this to the workstation: -# 127.0.0.1 localhost truck-tun -# Run: -# ssh -N -C -L 8020:localhost:8006 truck -# Then use URLs -# https://truck-tun:8020 -# Or you can only be logged into one at a time. -# XXX find better workaround - -# Cluster Corosync -exit 0 -echo "10.8.8.88 truck-coro" >> /etc/hosts -echo "10.8.8.90 swutch-coro" >> /etc/hosts -echo "10.8.8.87 wall-coro" >> /etc/hosts -echo "10.111.111.88 truck-fs" >> /etc/hosts -echo "10.111.111.90 swutch-fs" >> /etc/hosts -echo "10.111.111.87 wall-fs" >> /etc/hosts - -# Test cluster ping -for i in truck-coro swutch-coro wall-coro -do ping -q -c1 $i -done - -# more stuff -apt install postfix - -apt remove os-prober - -# Disable enp3s0 (Autostart no) -# set up vmbr0 to the main IP, gateway, etc. -# Create Linux Bridge in web interface -# vmbr0 -# 192.168.55.88 -# 255.255.255.0 -# Autostart -# VLAN Aware -# Bridge: enp3s0 -# Comment Main bridge - -# Test flood multicast on private interface -omping -c 10000 -i 0.001 -F -q swutch-coro truck-coro wall-coro -# Ten minute test: -omping -c 600 -i 1 -q swutch-coro truck-coro wall-coro - -# Set up ssh as root to/from all nodes -# Best way to do this ... XXX -echo "fookey" >> /root/.ssh/authorized_keys -for i in swutch-coro truck-coro wall-coro -do ssh $i hostname -done - -# Run just on truck: -pvecm create red --bindnet0_addr 10.8.8.88 --ring0_addr truck-coro - -# Run on wall: -pvecm add 10.8.8.88 --ring0_addr wall-coro - -# Run on swutch: -pvecm add 10.8.8.88 --ring0_addr swutch-coro - -# If `tcpdump -vvv -i enp10s0` show bad udp checksums, run this: -# XXX ok on truck, wall, swutch -ethtool -K enp10s0 gso off -ethtool --offload enp10s0 rx off tx off - -# Setup 10.99.99.0/24 addresses for Ceph on enp16s0 - -# Run on all nodes: -pveceph install --version luminous - -# Run just on one node (truck): -pveceph init --network 10.99.99.0/24 -pveceph createmon - -# Then run on remaining nodes (or via GUI) -pveceph createmon - -# On all nodes: -pveceph createmr - -# XXX missing ZFS tools -apt install zfsutils-linux -modprobe zfs - -# Add USB drive to swutch and run on it: -# Create a GPT disklabel with fdisk -fdisk /dev/sdb -# g -# w -pveceph createosd /dev/sdb - -# XXX actually, remove this and do no auth since it is private network. -mkdir /etc/pve/priv/ceph -cp -p /etc/pve/priv/ceph.client.admin.keyring /etc/pve/priv/ceph/my-ceph-storage.keyring -# Edit on just one node (shared on all) -vim /etc/pve/storage.cfg - -# Do this instead of my-ceph-storage.keyring -# Edit on one node: -vim /etc/pve/ceph.conf -auth cluster required = none -auth service required = none -auth client required = none -# restart stuff -systemctl stop ceph\*.service ceph\*.target -mkdir /etc/pve/priv/ceph/old -mv /etc/pve/priv/ceph/*keyring /etc/pve/priv/ceph/old/ - diff --git a/source/resources/apps/sunstone/etc/one/sunstone-logos.yaml b/source/resources/apps/sunstone/etc/one/sunstone-logos.yaml deleted file mode 100644 index 6f5ee58..0000000 --- a/source/resources/apps/sunstone/etc/one/sunstone-logos.yaml +++ /dev/null @@ -1,11 +0,0 @@ -# You can add custom logos here, or disable any of the default ones commenting -# out its line -- { 'name': "Arch Linux", 'path': "images/logos/arch.png"} -- { 'name': "CentOS", 'path': "images/logos/centos.png"} -- { 'name': "Debian", 'path': "images/logos/debian.png"} -- { 'name': "Fedora", 'path': "images/logos/fedora.png"} -- { 'name': "Linux", 'path': "images/logos/linux.png"} -- { 'name': "Redhat", 'path': "images/logos/redhat.png"} -- { 'name': "Ubuntu", 'path': "images/logos/ubuntu.png"} -#- { 'name': "Windows XP/2003", 'path': "images/logos/windowsxp.png"} -#- { 'name': "Windows 8", 'path': "images/logos/windows8.png"} diff --git a/source/resources/apps/sunstone/etc/one/sunstone-views.yaml b/source/resources/apps/sunstone/etc/one/sunstone-views.yaml deleted file mode 100644 index e8d414f..0000000 --- a/source/resources/apps/sunstone/etc/one/sunstone-views.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -logo: images/opennebula-5.0.png -groups: - oneadmin: - - admin - - admin_vcenter - - groupadmin - - groupadmin_vcenter - - user - - cloud - - cloud_vcenter -default: - - cloud -default_groupadmin: - - groupadmin - - cloud -labels_groups: - default: diff --git a/source/resources/make-sources-list.sh b/source/resources/make-sources-list.sh index c7c5b2b..62aa1ae 100755 --- a/source/resources/make-sources-list.sh +++ b/source/resources/make-sources-list.sh @@ -14,7 +14,7 @@ CODEDIR="$rootPath/source/resources" cd "$CODEDIR" || exit TEXOUT="$rootPath/source/Source-gen.tex" # Build a grep exclude command that has file extensions to not include. -EXCLUDE="\./\.git \.csv$ \.eps \.git$ \.gz$ \.jpg$ \.ods$ \.ods\#$ \.png$ \.pdf$ \.swp$ \.tmp$ \.xml$ \.aux$ \.fuse_hidden*$ \.glo$ \.gls$ \.idx$ \.ilg$ \.ind$ \.lof$ \.log$ \.lol$ _minted-*$ \.old$ \.out$ \.swp$ \.toc$ \.zip$ \.*GPLv3*$ LICENSE$ README.md$ \.tar$ \.tar\.bz2$ \.gitignore make-sources-list\.sh$ Thumbs\.db$" +EXCLUDE="\./\.git \.csv$ \.eps \.git$ \.gz$ \.jpg$ \.ods$ \.ods\#$ \.png$ \.pdf$ \.swp$ \.tmp$ \.xml$ \.aux$ \.fuse_hidden.*$ \.glo$ \.gls$ \.idx$ \.ilg$ \.ind$ \.lof$ \.log$ \.lol$ _minted-.*$ \.old$ \.out$ \.swp$ \.toc$ \.zip$ \..*GPLv3.*$ LICENSE$ README.md$ \.tar$ \.tar\.bz2$ \.gitignore make-sources-list\.sh$ Thumbs\.db$ \.DS_Store$ \.git.*$" EXCLUDEGREP="grep -v -i " for i in $EXCLUDE do EXCLUDEGREP="$EXCLUDEGREP -e $i"