From 1bc9f0e88f5c126d9ecc0c456c7c96b33dd116cd Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Sat, 4 Apr 2020 21:20:37 +0000 Subject: [PATCH] Resolve "Error when fetching wireguard config after Post-Install" --- README.md | 20 ++++++++++++++++++++ scripts/install.sh | 15 ++++++++++++++- scripts/subinstallers/cockpit.sh | 2 +- scripts/subinstallers/docker.sh | 2 ++ scripts/subinstallers/gen_prod_env.sh | 2 ++ scripts/subinstallers/iptables.sh | 5 +---- scripts/subinstallers/platform.sh | 4 ++-- scripts/subinstallers/wireguard.sh | 2 ++ 8 files changed, 44 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 3a883a0..2acc06c 100644 --- a/README.md +++ b/README.md @@ -160,6 +160,15 @@ Mistborn uses the following domains (that can be reached by all Wireguard client | OnlyOffice | onlyoffice.mistborn | Off | | Jitsi | jitsi.mistborn | Off | +# Default Credentials +These are the default credentials to use in the services you choose to use: + +| Service | Username | Password | +| ------- | -------- | -------- | +| Pihole | | {{default mistborn password}} | +| Cockpit | cockpit | {{default mistborn password}} | +| Nextcloud | mistborn | {{default mistborn password}} | + # Gateway Setup Mistborn will generate the Wireguard configuration script for the Gateway. From a base Ubuntu/Debian/Raspbian operating system the following packages are recommended to be installed beforehand: @@ -209,6 +218,17 @@ The `dev/` folder contains a script for completing a hard reset: destroying and sudo ./dev/rebuild.sh ``` +## Troubleshooting Docker +Instead of defaulting to a system DNS server, Docker will try to use a public DNS server (e.g. 8.8.8.8). If you're having issues pulling or building Docker containers with "failure to connect" errors, this is the likely problem. You can manually set the DNS server Docker should use with the `DOCKER_OPTS` field in `/etc/default/docker`. Example: +``` +DOCKER_OPTS="--dns 192.168.50.1 --dns 1.1.1.1" +``` + +Be sure to restart Docker afterward: +``` +sudo systemctl restart docker +``` + # Contact Contact me at [steven@cyber5k.com](mailto:steven@cyber5k.com) diff --git a/scripts/install.sh b/scripts/install.sh index b1dc9c0..644fdfe 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -86,6 +86,12 @@ pushd . cd /opt/mistborn git submodule update --init --recursive +# initial load update package list +sudo apt-get update + +# install figlet +sudo apt-get install -y figlet + # get os and distro source ./scripts/subinstallers/platform.sh @@ -133,7 +139,10 @@ source ./scripts/subinstallers/cockpit.sh # Mistborn # final setup vars iface=$(ip -o -4 route show to default | egrep -o 'dev [^ ]*' | awk '{print $2}') -IPV4_PUBLIC=$(ip -o -4 route show default | egrep -o 'dev [^ ]*' | awk '{print $2}' | xargs ip -4 addr show | grep 'inet ' | awk '{print $2}' | grep -o "^[0-9.]*" | tr -cd '\11\12\15\40-\176' | head -1) # tail -1 to get last +figlet "Mistborn default NIC: $iface" + +#IPV4_PUBLIC=$(ip -o -4 route show default | egrep -o 'dev [^ ]*' | awk '{print $2}' | xargs ip -4 addr show | grep 'inet ' | awk '{print $2}' | grep -o "^[0-9.]*" | tr -cd '\11\12\15\40-\176' | head -1) # tail -1 to get last +IPV4_PUBLIC="10.2.3.1" # clean if [ -f "/etc/systemd/system/Mistborn-base.service" ]; then @@ -216,3 +225,7 @@ sudo tar -czf ../mistborn_backup/mistborn_volumes_backup.tar.gz ../mistborn_volu sudo systemctl enable Mistborn-base.service sudo systemctl start Mistborn-base.service popd + +figlet "Mistborn Installed" +echo "Watch Mistborn start: sudo journalctl -xfu Mistborn-base" +echo "Retrieve Wireguard default config for admin: sudo docker-compose -f /opt/mistborn/base.yml run --rm django python manage.py getconf admin default" diff --git a/scripts/subinstallers/cockpit.sh b/scripts/subinstallers/cockpit.sh index 98c376b..da90569 100755 --- a/scripts/subinstallers/cockpit.sh +++ b/scripts/subinstallers/cockpit.sh @@ -1,7 +1,7 @@ #!/bin/bash # Cockpit -echo "Installing Cockpit" +figlet "Mistborn: Installing Cockpit" if [ "$DISTRO" == "ubuntu" ]; then echo "Ubuntu backports enabled by default" diff --git a/scripts/subinstallers/docker.sh b/scripts/subinstallers/docker.sh index dbb4a2c..b962864 100755 --- a/scripts/subinstallers/docker.sh +++ b/scripts/subinstallers/docker.sh @@ -1,6 +1,8 @@ #!/bin/bash # Docker +figlet "Mistborn: Installing Docker" + # dependencies echo "Installing Docker dependencies" sudo apt-get install -y \ diff --git a/scripts/subinstallers/gen_prod_env.sh b/scripts/subinstallers/gen_prod_env.sh index dbd58f8..3848efc 100755 --- a/scripts/subinstallers/gen_prod_env.sh +++ b/scripts/subinstallers/gen_prod_env.sh @@ -1,5 +1,7 @@ #!/bin/sh +figlet "Mistborn: Container Credentials" + # generate production .env file for Django mkdir -p ./.envs/.production DJANGO_PROD_FILE="./.envs/.production/.django" diff --git a/scripts/subinstallers/iptables.sh b/scripts/subinstallers/iptables.sh index 750c899..3731b11 100755 --- a/scripts/subinstallers/iptables.sh +++ b/scripts/subinstallers/iptables.sh @@ -2,6 +2,7 @@ set -e +figlet "Mistborn: Configuring Firewall" echo "stop iptables wrappers" if [ "$DISTRO" == "ubuntu" ]; then @@ -91,10 +92,6 @@ sudo ip6tables -P INPUT DROP sudo ip6tables -P FORWARD DROP sudo ip6tables -P OUTPUT ACCEPT - -# initial load update package list -sudo apt-get update - # iptables-persistent if [ ! "$(dpkg-query -l iptables-persistent)" ]; then echo "Installing iptables-persistent" diff --git a/scripts/subinstallers/platform.sh b/scripts/subinstallers/platform.sh index 08e4c00..3c18fce 100755 --- a/scripts/subinstallers/platform.sh +++ b/scripts/subinstallers/platform.sh @@ -10,5 +10,5 @@ if [ "$UNAME" == "linux" ]; then DISTRO=$(cat /etc/os-release | awk -F= '/^ID=/{print $2}') fi -echo "UNAME: $UNAME" -echo "DISTRO: $DISTRO" +figlet "UNAME: $UNAME" +figlet "DISTRO: $DISTRO" diff --git a/scripts/subinstallers/wireguard.sh b/scripts/subinstallers/wireguard.sh index 358ebf4..d027f79 100755 --- a/scripts/subinstallers/wireguard.sh +++ b/scripts/subinstallers/wireguard.sh @@ -1,5 +1,7 @@ #!/bin/bash +figlet "Mistborn: Installing Wireguard" + # Wireguard if [ "$DISTRO" == "raspbian" ]; then echo "Adding Wireguard repo keys"