m/os-init
2
0
Fork 0
Code Issues Wiki Activity

Compare commits

base: m:c4ce343e69b6887d548b0f31213ee13683d18634
Branches Tags
m:main
...
compare: m:cb2b798a667dd2ae102daef47687919109fcc7f4
Branches Tags
m:main

3 Commits
c4ce343e69 ... cb2b798a66

Author SHA1 Message Date
MatMoul
cb2b798a66 alpine: update portainer 2025-11-01 20:45:15 +01:00
MatMoul
4bb0fff594 alpine: update docker install 2025-11-01 20:38:44 +01:00
MatMoul
49fd25152d alpine: add ssh iptable rules 2025-11-01 20:15:38 +01:00
5 changed files with 31 additions and 15 deletions
Expand all files Collapse all files

14
alpine/apps/docker/docker.sh
View File

@@ -1,17 +1,15 @@
#!/bin/dash #!/bin/dash
rc-update del iptables mkdir /srv/stacks
rc-update del ip6tables mkdir /srv/data
apk del iptables ip6tables
# swapoff -a sed -i '/\/community/s/^#//g' /etc/apk/repositories
# sed -i "/swap/d" /etc/fstab
# sed -i "s/# //" /etc/apk/repositories apk update
apk add docker docker-cli-compose
apk add docker docker-compose
# sysctl -w net/netfilter/nf_conntrack_max=131072 # sysctl -w net/netfilter/nf_conntrack_max=131072
rc-update add docker boot rc-update add docker boot
service docker start service docker start

15
alpine/apps/portainer/compose.yaml Normal file
View File

@@ -0,0 +1,15 @@
services:
portainer:
image: "portainer/portainer-ce:latest"
container_name: "portainer"
restart: unless-stopped
ports:
- 9443:9443
networks:
- bridge
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/srv/data/portainer/data:/data"
networks:
bridge:

9
alpine/apps/portainer/portainer.sh
View File

@@ -1,3 +1,10 @@
#!/bin/dash #!/bin/dash
docker run -d --name="portainer" --restart=unless-stopped -p 8000:8000 -p 9000:9000 -p 9443:9443 -v /var/run/docker.sock:/var/run/docker.sock -v /srv/portainer/data:/data portainer/portainer-ce # docker run -d --name="portainer" --restart=unless-stopped -p 8000:8000 -p 9000:9000 -p 9443:9443 -v /var/run/docker.sock:/var/run/docker.sock -v /srv/portainer/data:/data portainer/portainer-ce
BASE_URL=https://git.netm.ch/m/os-init/raw/branch/main
mkdir /srv/stacks/portainer
cd /srv/stacks/portainer
wget "${BASE_URL}"/alpine/apps/portainer/compose.yaml
docker compose up -d

2
alpine/files/rules-save
View File

@@ -6,4 +6,6 @@
-A INPUT -i lo -j ACCEPT -A INPUT -i lo -j ACCEPT
# Ping # Ping
-A INPUT -p icmp -j ACCEPT -A INPUT -p icmp -j ACCEPT
# SSH
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
COMMIT COMMIT

6
alpine/init.sh
View File

@@ -67,12 +67,6 @@ IP6TablesInstall() {
SSHEnableRootLogin() { SSHEnableRootLogin() {
sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config sed -i "/PermitRootLogin prohibit-password/c\PermitRootLogin yes #prohibit-password" /etc/ssh/sshd_config
service sshd restart service sshd restart
if [ -f "/etc/iptables/rules-save" ]; then
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT' /etc/iptables/rules-save
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # SSH' /etc/iptables/rules-save
iptables-restore /etc/iptables/rules-save
fi
} }
SNMPDInstall() { SNMPDInstall() {
cummunityname=public cummunityname=public