Tech Documentation
Basic Ubuntu Setup
Enable xterm.js
xterm.js uses something built into Linux called serial sockets. Think the USB/Serial cables used to connect into routers/firewalls.
To enable serial connectivity to a VM in Proxmox you will need to set the serial socket with the following command (replacing 101 with vm ID)
qm set 101 -serial0 socket
To enable a virtual serial socket in Ubuntu run this command
sudo systemctl enable serial-getty@ttyS0.service
Setup updates
update packages and distro
sudo apt-get update
sudo apt-get upgrade
sudo apt-get autoremove
sudo apt-get autoclean
enable automatic updates
sudo apt-get install unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades
Disable root account
# To disable the root account, simply use the -l option.
sudo passwd -l root
# If for some valid reason you need to re-enable the account, simply use the -u option.
sudo passwd -u root
Configuration
Install fail2ban
sudo apt update
sudo apt install fail2ban
send ssh keys
ssh-copy-id -i ~/.ssh/id_ed25519.pub pihole@192.168.54.3
ssh -i ~/.ssh/id_ed25519.pub username@IpAddress
Enable SSH
sudo apt update
sudo apt install openssh-server
Docker setup
Get Docker repository
sudo apt-get update
sudo apt-get install \ca-certificates \curl \gnupg \lsb-release
Add Docker's official GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
Enable stable repository
echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
Install Docker engine
sudo apt-get update
sudo apt install docker.io
sudo apt-get install docker-ce docker-ce-cli containerd.io
Portainer setup
Create Portainer volume
sudo docker volume create portainer_data
Download and install Portainer service
sudo docker run -d -p 8000:8000 -p 9443:9443 --name portainer \--restart=always \-v /var/run/docker.sock:/var/run/docker.sock \-v portainer_data:/data \cr.portainer.io/portainer/portainer-ce:2.9.3
PiVPN Setup
sudo curl -L https://install.pivpn.io | bash
TubeArchivist Setup
Run this command in terminal:
sudo chown 1000:0 -R /docker/tubearchivist
TUBE ARCHIVIST STACK
Copy/paste this into Portainer Stack Editor and change the necessary fields:
version: '3.3'
services:
tubearchivist:
container_name: newtubearchivist
restart: unless-stopped
image: bbilly1/tubearchivist
ports:
- 8001:8000
volumes:
- newtubearchivist:/youtube
- /docker/tubearchivist/cache:/cache
environment:
- ES_URL=http://archivist-es:9200 # needs protocol e.g. http and port
- REDIS_HOST=archivist-redis # don't add protocol
- HOST_UID=1000
- HOST_GID=1000
- TA_HOST=192.168.50.209 # set your host name
- TA_USERNAME=###CREATE USERNAME # your initial TA credentials
- TA_PASSWORD=### CREATE PASSWORD # your initial TA credentials
- ELASTIC_PASSWORD=### CREATE PASSWORD # set password for Elasticsearch
- TZ=America/Denver # set your time zone
depends_on:
- archivist-es
- archivist-redis
archivist-redis:
image: redislabs/rejson # for arm64 use bbilly1/rejson
container_name: archivist-redis
restart: unless-stopped
expose:
- "6379"
volumes:
- /docker/tubearchivist/redis:/data
depends_on:
- archivist-es
archivist-es:
image: bbilly1/tubearchivist-es # only for amd64, or use official es 8.5.1
container_name: archivist-es
restart: unless-stopped
environment:
- "ELASTIC_PASSWORD=### CREATE PASSWORD " # matching Elasticsearch password
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- "xpack.security.enabled=true"
- "discovery.type=single-node"
- "path.repo=/usr/share/elasticsearch/data/snapshot"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- /docker/tubearchivist/es:/usr/share/elasticsearch/data # check for permission error when using bind mount, see readme
expose:
- "9200"
volumes:
newtubearchivist:
driver_opts:
type: cifs
o: "username=USERNAME,password=PASSWORD"
device: "//IP ADDRESS/FOLDER/"
cache:
redis:
es: