1
0
Fork 0
mirror of https://codeberg.org/Mo8it/How_To_Linux.git synced 2024-12-05 01:40:32 +00:00

Compare commits

...

3 commits

Author SHA1 Message Date
e780fa463d Remove CLIs of the day for day 5 2023-08-18 05:44:56 +02:00
68cd68f56e Done day 5 2023-08-18 05:44:42 +02:00
1fde39757e Done tasks 2023-08-18 05:36:18 +02:00
5 changed files with 118 additions and 105 deletions

View file

@ -24,10 +24,6 @@
- [Python scripting](day_4/python_scripting.md)
- [CLIs of the day](day_4/clis_of_the_day.md)
- [Tasks](day_4/tasks.md)
<!--
- [Day 5](day_5/README.md)
- [Notes](day_5/notes.md)
- [CLIs of the day](day_5/clis_of_the_day.md)
- [Tasks](day_5/tasks.md)
-->

View file

@ -1,3 +1,5 @@
# Day 5
Coming soon...
In this day, we will learn how to connect to servers using SSH and work on them.
We will also learn how to use containers in Linux so that will be able to host your own website at the end!

View file

@ -1 +0,0 @@
# CLIs of the day

View file

@ -20,9 +20,12 @@ ssh-keygen -t ed25519 -C "COMMENT"
Leave blank to take default for the prompt `Enter file in which to save the key (/home/USERNAME/.ssh/id_ed25519)`.
Then enter a passphrase for your key. **You should not leave it blank!**
Then, you can enter a passphrase for your key.
To keep it simple while learning, we will not add one now.
Press enter twice to not use a passphrase.
**But you should use a passphrase when you work with real servers!**
### Add public key to server
### Add the public key to the server
```bash
ssh-copy-id -i ~/.ssh/id_ed25519.pub HOST
@ -212,5 +215,4 @@ sudo loginctl enable-linger USERNAME
Options:
- `-v`, `--volume`: `SRC_PATH:DEST_PATH:L`. Label should be one of `z`, `z,ro`, `Z` or `Z,ro`.
- `--label "io.containers.autoupdate=registry"` for `podman auto-update`
- `-p`, `--publish`: `SERVER_PORT:CONTAINER_PORT`

View file

@ -1,33 +1,39 @@
# Tasks
## Task: SSH
## Task: SSH 🔑
Generate a SSH key pair and send me the public key per email: mo8it@proton.me
Generate an SSH key pair in the browser terminal if you did not do so on day 3 yet.
Send me the public key per email: mo8it@proton.me
Enter a passphrase while generating the key pair!
The public key has the extension `.pub`.
Don't send me the private key!!!
**You should never send your private SSH keys to anyone!**
Don't send me the private key!!! **You should never send your private SSH keys to anyone!**
I will then append your public key to `~/.ssh/authorized_keys` on the server that we will use in the next tasks.
After I add your public key, you will be able to login to the server and do the next tasks.
The public key ends with `.pub`.
Create the file `~/.ssh/config` if it does not exist and add the server as a host with the name `linux-lab`:
I will then append your public key to `~/.ssh/authorized_keys` on the server that we will use in the next tasks. After I add your public key, you will be able to login to the server and do the next tasks.
```
Host linux-lab
HostName 38.242.215.155
User admin
```
Create the file `~/.ssh/config` and add the server as a host with the name `linux-lab`.
After that I add your public key, connect to the server using the host name that you entered in `~/.ssh/config` which is `linux-lab`:
Enter this IP: 45.94.58.19
Enter this user: admin
```bash
ssh linux-lab
```
After that I add you public key, connect to the server using the host name that you did enter in `~/.ssh/config` which should be `linux-lab`.
## Task: User creation 👤
## Task: User creation
1. Create a user for you on the server after connecting with SSH. To do so, run:
1. Create a user for yourself on the server after connecting with SSH. To do so, run:
```bash
sudo useradd USERNAME
```
Replace `USERNAME` with your name.
1. Now, set a password for the new user:
```bash
@ -42,15 +48,14 @@ After that I add you public key, connect to the server using the host name that
`-aG` stands for _append to group(s)_.
(On Debian based distros, the user should be added to the `sudo` group instead of `wheel`.)
1. Now, change your user to the new user:
```bash
sudo su USERNAME
su --login USERNAME
```
You will see that the user name did change in the prompt.
You will be asked for the password.
After a successful authentication, you will see that the username changed in the prompt.
1. Run the following command for verification:
```bash
@ -59,136 +64,149 @@ After that I add you public key, connect to the server using the host name that
It should not output "admin"!
Yes, the command is called `whoami`. Linux is kind of philosophical 🤔
Yes, the command is called `whoami`.
Linux can be philosophical sometimes 🤔
1. Now, verify that you can run `sudo` as the new user:
```bash
sudo whoami
```
You should see "root" as output because `sudo` runs a command as the `root` user.
You should see "root" as output because `sudo` runs a command temporarily as the `root` user.
1. `cd` to the home directory of the new user.
1. Make sure that you are in the home directory of the new user! Run `pwd` to verify that you are NOT in `/home/admin`. **`PLEASE DON'T TOUCH /home/admin/.ssh`** ⚠️ . Now, create the directory `~/.ssh` in the home directory of the new user. Change the permissions of `~/.ssh` such that only the user has read, write and execution permissions. _group_ and _others_ should have no permissions for `~/.ssh`!
1. Create the file `authorized_keys` inside `~/.ssh`. Only the user should have read and write permissions for the file. _group_ and _others_ should have no permissions for the file!
1. Copy the content of your public key file (with `.pub` as extension) to this file. It should be one line! Then save the file.
1. Logout from the server. Go to `~/.ssh/config` that you did write at the beginning of this task. Change the user for the host `linux-lab` from `admin` to `USERNAME` where `USERNAME` is the name of the new user that you did create on the server.
1. Make sure that you are in the home directory of the new user! Run `pwd` to verify that you are **NOT** in `/home/admin` ⚠️ **PLEASE, DON'T TOUCH `/home/admin/.ssh`** ⚠️ Now, create the directory `~/.ssh` in the home directory of the new user. Change the permissions of `~/.ssh` such that only the user has read, write and execution permissions. _group_ and _others_ should have no permissions for `~/.ssh`!
1. Create the file `authorized_keys` inside `~/.ssh`. Only the user should have read and write permissions for the file. _group_ and _others_ should have no permissions for it!
1. Copy the content of your public key file (with the extension `.pub`) to this file. It should be one line! Then save the file.
1. Logout from the server to get back to the system in the **browser terminal**. Go to `~/.ssh/config` that you edited at the beginning of this task. Change the user for the host `linux-lab` from `admin` to `USERNAME` where `USERNAME` is the name of the new user that you created on the server.
1. Try to connect using the host name again. If you did everything right, you should be connected and be the user that you did create. Run `whoami` to verify that the output is not "admin".
## Task: File transfer
## Task: File transfer ⬆️⬇️
Use `scp` and then `rsync` to transfer the files that you did create during the course to the server `linux-lab`.
In the system of the browser terminal, use `rsync` to upload some files and directories that you created during the course to the server `linux-lab` ⬆️
Do you notice any differences between the two commands?
Now, login to the server with SSH to verify that the files and directories were uploaded correctly.
## Task: Compilation in containers
While on the server, create a file with some text in it.
Remember its path!
> 📍 : This task should be done on the Contabo server after connecting with SSH to the user that you did create yesterday on the server (not admin).
Now, logout from the server and use `rsync` to download that file to your system ⬇️
We want to practice compilation and containers, so let's compile in a container!
## Task: Compilation in containers 📦️
In this task, we want to compile the program `tmate`.
> 📍 : This task should be done on the server using the user that you created (**not** admin).
We want to practice scripting and dealing with containers.
Therefore, we will compile something in a container!
We want to compile the program `tmate`:
1. Start Zellij on the system of the browser terminal.
1. Login the user that you created on the server (**not** admin).
1. Start an Ubuntu container with `podman run -it --rm --name tmate-compiler ubuntu:latest bash`.
1. Go to the [website of `tmate`](https://tmate.io/) and find out how to compile from source (there are instructions for compiling on Ubuntu).
1. Follow the compilation instructions in the container.
1. After compilation, you will find the binary `tmate` in the directory of the git repository.
1. Don't exit the container yet, otherwise you will lose what you have done in it. Now, open a new terminal (tab) and copy the binary `tmate` from the container to the directory `bin` in your home directory. Use the command `podman cp CONTAINERNAME:SRC_PATH DESTINATION_PATH`.
1. Verify that the binary `tmate` was copied to `DESTINATION_PATH` and then exit the container in the first terminal (tab).
1. Run `apt update` to be able to install packages with the `apt` package manager in the next steps.
1. Go to the [website of `tmate`](https://tmate.io/) and find out how to compile from **source** (there are instructions for compiling on Ubuntu).
1. Install the packages that are required for the compilation with `apt install`. These packages are listed on the website where the compilation instructions are.
1. Follow the actual compilation instructions on the website. The compilation might take some minutes.
1. After compilation, you will find the program file `tmate` in the directory of the git repository.
1. Don't exit the container yet, otherwise you will lose what you have done in it! Now, open a new Zellij pane, login to the same user on the server and copy the binary `tmate` from the container to the directory `bin` in your home directory. Use the command `podman cp CONTAINERNAME:SRC_PATH DESTINATION_PATH`.
1. Verify that the binary `tmate` was copied to `DESTINATION_PATH` and then exit the container in the first Zellij pane.
Now, write a script called `compile_tmate.sh` that automates what you have done in the container to compile `tmate`. Just copy all the commands that you used in the container to a script.
Now, write a script called `compile_tmate.sh` that automates what you have done in the container to compile `tmate`.
Just copy all the commands that you used inside the container to a script.
Add to the end of the script `mv PATH_TO_TMATE_BINARY_IN_CONTAINER /volumes/bin` to copy the binary to the directory `/volumes/bin` after compilation.
Add `mv PATH_TO_THE_TMATE_PROGRAM_IN_THE_CONTAINER /volumes/bin` to the end of the script to move the binary to the directory `/volumes/bin` after compilation.
Create a directory called `scripts` and put the script in it.
Now, write a second script in the parent directory of the directory `scripts`. The second script should automate creating the container that runs the first script.
Now, write a second script in the **parent directory** of the directory `scripts`.
The second script should automate creating the container that runs the first script (`compile_tmate.sh`).
Do the following in the second script:
1. Check if `scripts/compile_tmate.sh` does NOT exist. In this case you should print a useful message that explains why the script terminates and then exit with error code 1.
1. Check if `scripts/compile_tmate.sh` does NOT exist. In that case, print an error message and exit with the code 1.
1. Make sure that `scripts/compile_tmate.sh` is executable for the user.
1. Create a directory called `bin` (next to the directory `scripts`) if it does not already exist.
1. Create a directory called `bin` (next to the directory `scripts`) if it doesn't already exist.
1. Use the following snippet:
```bash
podman run -it --rm \
--name tmate-compiler \
-v ./scripts:/volumes/scripts:Z,ro \
-v ./bin:/volumes/bin:Z \
--volume ./scripts:/volumes/scripts:Z,ro \
--volume ./bin:/volumes/bin:Z \
docker.io/library/ubuntu:latest \
/volumes/scripts/compile_tmate.sh
```
It creates a container that runs the script `compile_tmate.sh` and is removed afterwards (because of `--rm`).
The `scripts` directory is mounted to be able to give the container access to the script `compile_tmate.sh`. The directory is mounted as _read only_ (`ro`) because it will not be modified.
The `scripts` directory is mounted as a volume to be able to give the container access to the script `compile_tmate.sh`.
It is mounted as _read only_ (`ro`) because it will not be modified.
The `bin` directory is mounted to be able to transfer the binary into it before the container exits.
After running the second script, you should see the container compiling and then exiting. At the end, you should find the binary `tmate` in the `bin` directory.
Now, that you have the program `tmate`, find out what it does! Try it with a second person.
Now, that you have the program `tmate`, find out what it does!
Try it with another participant 😃
### Hints
- On Debian based distributions like Ubuntu, the package manager is `apt`. Before that you can install any packages with `apt`, you have to run `apt update`. This does not run system updates like `dnf upgrade`. `apt update` does only synchronize the repositories which is needed before installations.
- Test if a file exists in bash:
- On Debian based distributions like Ubuntu, the package manager is `apt`. Before that you can install any packages with `apt`, you have to run `apt update`. This does not run system updates like `dnf upgrade`. `apt update` does only synchronize repositories which is needed before any installation.
- You can use the following snippet to test if a file exists in bash:
```bash
if [ -f FILE_PATH ]
then
(...)
fi
```
Replace `(...)` with your code. For more information on the option `-f` and other useful options for bash conditions, read the man page of the program `test`: `man test`.
Replace `…` with your code.
For more information on the option `-f` and other useful options for bash conditions, read the man page of the program `test` inside of `bash`: `man test`.
To test if a file does NOT exist, replace `-f` with `! -f`.
- Exit a bash script with error code 1:
- You can exit a Bash script returning an exit code using `exit`:
```bash
exit 1
```
## Task: Static website
## Task: Static website 🌐
> 📍 : In this task, you should connect as the user `admin` to the Contabo server. **Don't do this task as the user that you did create on the server!** ⚠️
> 📍 : In this task, you should connect as the user `admin` to the server. **Don't do this task as the user that you created on the server!** ⚠️ Just run `ssh admin@linux-lab`
> 📍 : Starting with this task: Asking you to replace `N` means to enter the number that you are using in the URL `ttydN.mo8it.com`.
In this task, you will host a static website which is a website that does not have a backend. A static website is just a set of HTML, CSS (and optionally JavaScript) files.
In this task, you will host a static website.
A static website is just a set of HTML, CSS (and optionally JavaScript) files (no backend).
To host the website, we need a web server. In this task, we will use the Nginx web server.
To host the website, we need a web server.
In this task, we will use the Nginx web server.
Create a directory `~/nginxN` (replace `N`) with two directories in it: `website` and `conf`.
Create the directory `~/nginxN` after replacing `N`.
Create two directories inside it: `website` and `config`.
Place these two files:
1. `~/nginxN/conf/nginxN.jinext.xyz.conf` (replace `N`):
1. `~/nginxN/config/nginx.conf` (replace `N`):
```
server {
listen 80;
server_name nginxN.jinext.xyz;
root /volumes/website;
index index.html;
location / {
root /volumes/website;
index index.html;
}
}
```
Replace `N` also in `server_name`!
1. `~/nginxN/website/index.html` (replace `N`):
```
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Demo</title>
</head>
<body>
@ -197,73 +215,69 @@ Place these two files:
</html>
```
Create a Nginx container with the following options:
Create an Nginx container with the following options:
- Name: `nginxN`. Replace `N`!
- Timezone `tz`: `local`.
- Network: `traefik`.
- Volumes:
- `~/nginxN/website:/volumes/website` with labels `Z,ro`.
- `~/nginxN/conf:/etc/nginx/conf.d` with labels `Z,ro`.
- Label: `io.containers.autoupdate=registry`
- `~/nginxN/config:/etc/nginx/conf.d` with labels `Z,ro`.
- Image: `docker.io/library/nginx:alpine`
Create the systemd file for the container above.
Create the systemd service file for the container above.
Move the systemd file to `~/.config/systemd/user`.
Move the systemd service file to `~/.config/systemd/user`.
Enable and start the container as user services with `systemctl --user enable --now container-nginxN`. Replace `N`!
Enable and start the container as a user services with `systemctl --user enable --now container-nginxN`.
Replace `N`!
Visit [https://nginxN.jinext.xyz](https://nginxN.jinext.xyz) to see if everything did work! Replace `N`!
Visit `https://nginxN.mo8it.xyz` in your browser to see if everything did work!
Replace `N`!
Now, you can edit `index.html` and add your own HTML content.
You can also add more files to the directory `website`. If you add a file `test.html` for example, then you should see it under [https://nginxN.jinext.xyz/test](https://nginxN.jinext.xyz/test).
You can also add more files to the directory `website`.
If you add a file `test.html` for example, then you should see it under the link `https://nginxN.mo8it.xyz/test`.
## Task: Nextcloud
## Task: Nextcloud ☁️
> 📍 : In this task, you should connect as the user `admin` to the Contabo server. **Don't do this task as the user that you did create on the server!** ⚠️
> 📍 : In this task, you should connect as the user `admin` to the server. **Don't do this task as the user that you created on the server!** ⚠️ Just run `ssh admin@linux-lab`
In this task you will deploy your own cloud on the server: Nextcloud!
In this task, you will deploy your own cloud on the server: [Nextcloud](https://nextcloud.com/)!
To do so, we will install Nextcloud as a container using `podman`.
To connect as `admin` again, change the user for the host `linux-lab` in `~/.ssh/config` back to `admin` or use `ssh admin@linux-lab` instead of only `ssh linux-lab`.
You can find more information about the Nextcloud container [here](https://hub.docker.com/_/nextcloud).
You can find more information about the Nextcloud container here: https://hub.docker.com/\_/nextcloud
Create the directory `~/nextcloudN` (replace `N`).
Create a directory called `nextcloudN` (replace `N`) in the home directory of the user `admin`.
Create a directory called `nextcloudN-db` (replace `N`) for the database container.
Create a directory called `~nextcloudN-db` (replace `N`) for the database container.
Create a container for the database with the following options:
- Container name: `nextcloudN-db`. Replace `N`!
- Timezone `tz`: `local`
- Network: `traefik`
- Volume: Mount the directory `nextcloudN-db` (replace `N`) that you did create into `/var/lib/postgresql/data` in the container. Use the label `Z`!
- Volume: Mount the directory `nextcloudN-db` (replace `N`) that you created into `/var/lib/postgresql/data` in the container. Use the label `Z`!
- The following environment variables:
- `POSTGRES_DB=nextcloud`
- `POSTGRES_USER=nextcloud`
- `POSTGRES_PASSWORD=DB_PASSWORD`. Replace `DB_PASSWORD` with a good password!
- Label: `io.containers.autoupdate=registry`
- Image: `docker.io/library/postgres:alpine`
Create the actual Nextcloud container with the following options:
- Container name: `nextcloudN`. `N` at the end stands for the number that you are using in the url to connect to the browser terminal `ttydN.mo8it.com`.
- Timezone `tz`: `local`
- Container name: `nextcloudN`. replace `N`!
- Network: `traefik`
- Volume: Mount the directory `nextcloudN` that you did create into `/var/www/html` in the container. Use the label `Z`!
- Volume: Mount the directory `nextcloudN` that you created into `/var/www/html` in the container. Use the label `Z`!
- The same environment variables as for the other container! Use the same `DB_PASSWORD`. Add one more environment variable:
- `POSTGRES_HOST=nextcloudN-db`. Replace `N`!
- Label: `io.containers.autoupdate=registry`
- Image: `docker.io/library/nextcloud:24-apache`
Create the systemd files for the two containers above.
- Image: `docker.io/library/nextcloud:27-apache`
Create the systemd files for both containers.
Move the systemd files to `~/.config/systemd/user`.
Enable and start the two containers as user services with `systemctl --user enable --now container-nextcloudN-db` and `systemctl --user enable --now container-nextcloudN`. Replace `N`!
Enable and start both containers as a user services with `systemctl --user enable --now container-nextcloudN-db` and `systemctl --user enable --now container-nextcloudN`.
Replace `N`!
Visit [https://nextcloudN.jinext.xyz](https://nextcloudN.jinext.xyz) to see if everything did work! Replace `N`!
Visit `https://nextcloudN.mo8it.xyz` to see if everything did work!
Replace `N`!