README.md completion

2023-10-17 17:16:34 +02:00 · 2023-10-17 17:16:34 +02:00 · a57f832084
commit a57f832084
parent bdf2c92951
1 changed files with 97 additions and 13 deletions
--- a/README.md
+++ b/README.md
@ -12,17 +12,24 @@ Server[Server] <----> LXC((LXC))
-## Install requirement
+## Install requirements
 1 - Update and Install packages :
 ```sh
 apt-get update -y -qq
-apt-get install lxc lxcfs lxc-templates qemu qemu-utils qemu-kvm virtinst bridge-utils virt-manager libvirt-daemon libvirt-daemon-system virt-viewer libvirt-clients libosinfo-bin websockify sqlite3 novnc
+apt-get install git lxc lxcfs lxc-templates qemu qemu-utils qemu-kvm virtinst bridge-utils virt-manager libvirt-daemon libvirt-daemon-system virt-viewer libvirt-clients libosinfo-bin websockify sqlite3 novnc
 apt-get install python3 python3-flask python3-flask-login python3-flask-sqlalchemy python3-requests python3-lxc python3-libvirt python3-psutil python3-werkzeug python3-websockify python3-novnc
 ```
-2 - Configure Libvirst to start on boot
+Clone the repository :
 ```sh
 git clone https://git.nerkdesign.com/pporcheret/Hype-2.git
 cd Hype-2
 ```
 2 - Configure Libvirt to start on boot
 ```sh
 systemctl --quiet enable --now libvirtd
@ -31,6 +38,8 @@ systemctl --quiet  start libvirtd
 3 - Create a bridge nework
 This bridge will allowed you to connect your Virtuals Servers and Containers to your local network in order to access them easely.
 ```sh
 cp ./bridged.xml /usr/share/libvirt/networks/
 virsh net-define bridged.xml
@ -40,8 +49,14 @@ virsh net-autostart bridged
 ## Database for users
-A default Database is provided in the git (db.db.admin_example), the default user is admin / admin.
+A default Database is provided in the git (db.db.admin_example), the default user is admin@admin.com / admin.
-To use this database, just change the name from db.db.admin_example to db.db.
+To use this database, just change the name from db.db.admin_example to db.db
 Once connected, you will be able to create/manage users directly on software.
 ```sh
 cp db.db.admin_example db.db
 ```
 If you want to create this database by yourself, you can :
@ -74,25 +89,91 @@ INSERT INTO user (id,username,email,password) VALUES (1,'<you_username>','<your_
 ## Configure Reverse Proxy to get access to Consoles
-```sh
+In order to access to the consoles which are running websockets on other ports (6080 vor VNC and 5008 for Pyxterm),
-ProxyPass /websockify ws://<server_ip>:6080/websockify retry=3
+a Reverse proxy is needed.
 ProxyPassReverse /websockify ws://<server_ip>:6080/websockify retry=3
-ProxyPass /socket.io ws://<server_ip>:5008/socket.io retry=3
+Whitout this, you can still access to consoles using CLI for Serial access :
-ProxyPassReverse /socket.io ws://<server_ip>:5008/socket.io retry=3
+
 lxc-attach <container>
 and using a tool such as :
 https://www.realvnc.com/en/connect/download/viewer/
 for VNC access (on port 6080).
 To set your Reverse proxy, you can use the examples bellow (adapt to your case of course).
 Example for nginx:
 ```sh
 server {
    listen 443 ssl;
    server_name www.example.com;
    ssl_certificate /path/to/your/cert.pem;
    ssl_certificate_key /path/to/your/privkey.pem;
    ssl_verify_client off;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';
    location /websockify {
        proxy_pass http://<your_ip>:6080/websockify;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    location /socket.io {
        proxy_pass http://<your_ip>:5008/socket.io;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    location / {
        proxy_pass https://<your_ip>:5007/;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
 }
 ```
 Example for apache2 configuration :
 ```sh
 <VirtualHost *:443>
 ServerName www.example.com
 RewriteEngine on
 SSLEngine On
 SSLCertificateFile /path/to/your/cert.pem
 SSLCertificateKeyFile /path/to/your/privkey.pem
 SSLProxyVerify none
 SSLProxyCheckPeerCN off
 SSLProxyEngine          On
 SSLProxyCheckPeerExpire off
 ProxyRequests     Off
 ProxyPreserveHost On
 RequestHeader set X-Forwarded-Proto "https"
 ProxyPass /websockify ws://<your_ip>:6080/websockify retry=3
 ProxyPassReverse /websockify ws://<your_ip>:6080/websockify retry=3
 ProxyPass /socket.io ws://<your_ip>:5008/socket.io retry=3
 ProxyPassReverse /socket.io ws://<your_ip>:5008/socket.io retry=3
 ProxyPass         / https://<your_ip>:5007/
 ProxyPassReverse  / https://<your_ip>:5007/
 </VirtualHost>
 ```
 ## Run and use
 ```sh
 python3 app
-and go to https://<server_ip>:5007 with your credentials (mail and normal password)
+and go to https://www.example.com (or https://<server_ip>:5007 without RP) with your credentials (mail and normal password or admin)
 ```
 ## Systemd
-You can manage hype using Systemd management:
+You can manage hype using Systemd management by creating a file *hype.service* :
 ```sh
 [Unit]
@ -107,8 +188,11 @@ WantedBy=multi-user.target
 ```
-put this file in /etc/systemd/system/ and you can then enable it for autostart on boot and/or start/stop the app.
+Move or copy this file in */etc/systemd/system/* and you can then enable/disable it from boot start, and/or start/stop the app.
 ```sh
 systemctl start hype.service
 ```
 ## Configuration
 You can also change some configuration in the file *configuration.py* such as flask port, storage location...use it at your own risk.