You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
170 lines
3.5 KiB
170 lines
3.5 KiB
= Setup
|
|
|
|
TIP: Tested on a Raspberry Pi with "Buster"
|
|
|
|
NOTE: * *sudo su* # if not already done
|
|
|
|
== Install prerequisites
|
|
|
|
[source,sh]
|
|
----
|
|
apt-get install apt-transport-https ca-certificates software-properties-common git gcc g++ make jq -y
|
|
curl -sL https://deb.nodesource.com/setup_15.x | sudo -E bash -
|
|
apt-get install -y nodejs
|
|
npm install -g pm2
|
|
----
|
|
|
|
|
|
== Download and install Docker.
|
|
|
|
|
|
[source,sh]
|
|
----
|
|
curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh
|
|
usermod -aG docker pi
|
|
curl https://download.docker.com/linux/raspbian/gpg
|
|
----
|
|
|
|
== Give the ‘pi’ user the ability to run Docker.
|
|
|
|
[source,sh]
|
|
----
|
|
sudo usermod -aG docker pi
|
|
----
|
|
|
|
== Import Docker and swarmlab.io keys
|
|
|
|
[source,sh]
|
|
----
|
|
curl https://download.docker.com/linux/raspbian/gpg
|
|
cat > /root/get-certs-swarmlab <<'EOF'
|
|
registry_address=hub.swarmlab.io
|
|
registry_port=5443
|
|
mkdir -p /etc/docker/certs.d/$registry_address:$registry_port
|
|
openssl s_client -showcerts -connect $registry_address:$registry_port < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/$registry_address:$registry_port/ca.crt
|
|
|
|
registry_port=5480
|
|
mkdir -p /etc/docker/certs.d/$registry_address:$registry_port
|
|
openssl s_client -showcerts -connect $registry_address:$registry_port < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/$registry_address:$registry_port/ca.crt
|
|
EOF
|
|
|
|
|
|
chmod +x /root/get-certs-swarmlab
|
|
/root/get-certs-swarmlab
|
|
|
|
----
|
|
|
|
== Add the Docker Repo.
|
|
|
|
[source,sh]
|
|
----
|
|
echo "deb https://download.docker.com/linux/raspbian/ buster stable" >> /etc/apt/sources.list
|
|
----
|
|
|
|
|
|
== Update your Pi.
|
|
|
|
[source,sh]
|
|
----
|
|
apt-get update
|
|
apt-get upgrade
|
|
----
|
|
|
|
|
|
== Start the Docker service.
|
|
|
|
[source,sh]
|
|
----
|
|
systemctl enable docker.service
|
|
systemctl start docker.service
|
|
----
|
|
|
|
== Verify that Docker is installed and running.
|
|
|
|
[source,sh]
|
|
----
|
|
docker info
|
|
docker ps
|
|
----
|
|
|
|
== install docker-compose
|
|
|
|
[source,sh]
|
|
----
|
|
apt-get install libffi-dev libssl-dev
|
|
apt install python3-dev
|
|
apt-get install -y python3 python3-pip
|
|
----
|
|
|
|
*python3* and *pip3* are installed, we can install Docker-Compose using the following command:
|
|
|
|
[source,sh]
|
|
----
|
|
pip3 install docker-compose
|
|
----
|
|
|
|
=== check it
|
|
|
|
docker-compose --version
|
|
|
|
|
|
docker-compose => 1.27.4
|
|
|
|
|
|
|
|
== Fix "x509: certificate signed by unknown authority" issue
|
|
|
|
|
|
* On Error:
|
|
|
|
Get https ://registry.vlabs.uniwa.gr:5080/v2/: x509: certificate
|
|
|
|
Pulling ...
|
|
ERROR: Get https://registry.vlabs.uniwa.gr:5080/v2/: x509: certificate signed by unknown authority
|
|
|
|
|
|
http://docs.swarmlab.io/SwarmLab-HowTos/swarmlab/docs/swarmlab/docs/install/install-docker.html#fix-x509-certificate-signed-by-unknown-authority-issue[See here^]
|
|
|
|
or simple run:
|
|
|
|
[source,sh]
|
|
----
|
|
/root/get-certs-swarmlab
|
|
----
|
|
|
|
== Install WireGuard
|
|
|
|
To install the most recent version of WireGuard, we’ll need packages from the Debian unstable release.
|
|
|
|
[source,sh]
|
|
----
|
|
sh -c "echo 'deb http://deb.debian.org/debian/ unstable main' >> /etc/apt/sources.list.d/unstable.list"
|
|
sh -c "printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' >> /etc/apt/preferences.d/limit-unstable"
|
|
----
|
|
|
|
Update and Install the WireGuard packages
|
|
|
|
[source,sh]
|
|
----
|
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC
|
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
|
|
apt update
|
|
apt install wireguard --assume-yes
|
|
----
|
|
|
|
== Create Keys
|
|
|
|
[source,sh]
|
|
----
|
|
(umask 077 && wg genkey > wg-private.key)
|
|
wg pubkey < wg-private.key > wg-public.key
|
|
----
|
|
|
|
|
|
|
|
== Reboot
|
|
|
|
NOTE: reboot
|
|
|
|
|
|
|
|
|