You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
186 lines
4.3 KiB
186 lines
4.3 KiB
= Setup
|
|
|
|
TIP: Tested on a Raspberry Pi with "Buster"
|
|
|
|
== Intro
|
|
|
|
networkd is a small and lean service to configure network interfaces, designed mostly for server use cases in a world with hotplugged and virtualized networking. Its configuration is similar in spirit and abstraction level to ifupdown, but you don't need any extra packages to configure bridges, bonds, vlan etc. It is not very suitable for managing WLANs yet; NetworkManager is still much more appropriate for such Desktop use cases.
|
|
|
|
There are mainly three setups to have a peer to peer network:
|
|
|
|
* unprotected ad-hoc interface by configuring the WiFi device
|
|
* unprotected ad-hoc interface using wpa_supplicant (Recommended)
|
|
* Only with suitable (RSN-IBSS capable) USB dongle:
|
|
* protected ad-hoc interface using wpa_supplicant and WPA encryption (best solution if possible)
|
|
* ad-hoc interface with additional USB/WiFi dongle for uplink to internet router
|
|
|
|
|
|
== Install prerequisites
|
|
|
|
[source,sh]
|
|
----
|
|
apt-get install apt-transport-https ca-certificates software-properties-common git gcc g++ make jq -y
|
|
curl -sL https://deb.nodesource.com/setup_15.x | sudo -E bash -
|
|
apt-get install -y nodejs
|
|
npm install -g pm2
|
|
----
|
|
|
|
|
|
|
|
|
|
|
|
|
|
== Download and install Docker.
|
|
|
|
* *sudo su* # if not already done
|
|
|
|
[source,sh]
|
|
----
|
|
curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh
|
|
usermod -aG docker pi
|
|
curl https://download.docker.com/linux/raspbian/gpg
|
|
----
|
|
|
|
== Give the ‘pi’ user the ability to run Docker.
|
|
|
|
[source,sh]
|
|
----
|
|
sudo usermod -aG docker pi
|
|
----
|
|
|
|
== Import Docker and swarmlab.io keys
|
|
|
|
[source,sh]
|
|
----
|
|
curl https://download.docker.com/linux/raspbian/gpg
|
|
cat > /root/get-certs-swarmlab <<'EOF'
|
|
registry_address=hub.swarmlab.io
|
|
registry_port=5443
|
|
mkdir -p /etc/docker/certs.d/$registry_address:$registry_port
|
|
openssl s_client -showcerts -connect $registry_address:$registry_port < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/$registry_address:$registry_port/ca.crt
|
|
|
|
registry_port=5480
|
|
mkdir -p /etc/docker/certs.d/$registry_address:$registry_port
|
|
openssl s_client -showcerts -connect $registry_address:$registry_port < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /etc/docker/certs.d/$registry_address:$registry_port/ca.crt
|
|
EOF
|
|
|
|
|
|
chmod +x /root/get-certs-swarmlab
|
|
/root/get-certs-swarmlab
|
|
|
|
----
|
|
|
|
== Add the Docker Repo.
|
|
|
|
[source,sh]
|
|
----
|
|
echo "deb https://download.docker.com/linux/raspbian/ buster stable" >> /etc/apt/sources.list
|
|
----
|
|
|
|
|
|
== Update your Pi.
|
|
|
|
[source,sh]
|
|
----
|
|
apt-get update
|
|
apt-get upgrade
|
|
----
|
|
|
|
|
|
== Start the Docker service.
|
|
|
|
[source,sh]
|
|
----
|
|
systemctl enable docker.service
|
|
systemctl start docker.service
|
|
----
|
|
|
|
== Verify that Docker is installed and running.
|
|
|
|
[source,sh]
|
|
----
|
|
docker info
|
|
docker ps
|
|
----
|
|
|
|
== install docker-compose
|
|
|
|
[source,sh]
|
|
----
|
|
apt-get install libffi-dev libssl-dev
|
|
apt install python3-dev
|
|
apt-get install -y python3 python3-pip
|
|
----
|
|
|
|
*python3* and *pip3* are installed, we can install Docker-Compose using the following command:
|
|
|
|
[source,sh]
|
|
----
|
|
pip3 install docker-compose
|
|
----
|
|
|
|
=== check it
|
|
|
|
docker-compose --version
|
|
|
|
|
|
docker-compose => 1.27.4
|
|
|
|
|
|
|
|
== Fix "x509: certificate signed by unknown authority" issue
|
|
|
|
|
|
* On Error:
|
|
|
|
Get https ://registry.vlabs.uniwa.gr:5080/v2/: x509: certificate
|
|
|
|
Pulling ...
|
|
ERROR: Get https://registry.vlabs.uniwa.gr:5080/v2/: x509: certificate signed by unknown authority
|
|
|
|
|
|
http://docs.swarmlab.io/SwarmLab-HowTos/swarmlab/docs/swarmlab/docs/install/install-docker.html#fix-x509-certificate-signed-by-unknown-authority-issue[See here^]
|
|
|
|
or simple run:
|
|
|
|
[source,sh]
|
|
----
|
|
/root/get-certs-swarmlab
|
|
----
|
|
|
|
== Install WireGuard
|
|
|
|
To install the most recent version of WireGuard, we’ll need packages from the Debian unstable release.
|
|
|
|
[source,sh]
|
|
----
|
|
sh -c "echo 'deb http://deb.debian.org/debian/ unstable main' >> /etc/apt/sources.list.d/unstable.list"
|
|
sh -c "printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' >> /etc/apt/preferences.d/limit-unstable"
|
|
----
|
|
|
|
Update and Install the WireGuard packages
|
|
|
|
[source,sh]
|
|
----
|
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 04EE7237B7D453EC
|
|
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFD622F3D138
|
|
apt update
|
|
apt install wireguard --assume-yes
|
|
----
|
|
|
|
== Create Keys
|
|
|
|
[source,sh]
|
|
----
|
|
(umask 077 && wg genkey > wg-private.key)
|
|
wg pubkey < wg-private.key > wg-public.key
|
|
----
|
|
|
|
|
|
|
|
== Reboot
|
|
|
|
NOTE: reboot
|
|
|
|
|
|
|
|
|