NethServer Version: 7-4.1708
I’m having issues installing NethServer 7-4.1708 on Proxmox 5.1-38 as a container (I’m using proxmox Centos template centos-7-default_20171212_amd64.tar.xz). After following Nethserver’s “Install on Centos” guide I always end up with an unresponsive server.
This is what I did:
I created a Proxmox container with this configuration:
# pct config 109
arch: amd64
cores: 4
description:
hostname: odin
memory: 1024
nameserver: 192.168.###.###
net0: name=eth0,bridge=vmbr0,gw=192.168.###.###,hwaddr=9E:35:A0:D0:F5:DC,ip=192.168.###.###,/24,type=veth
net1: name=eth1,bridge=vmbr1,gw=190.92.###.###,hwaddr=DE:68:CA:14:A0:39,ip=190.92.117.211/29,type=veth
ostype: centos
rootfs: local-zfs:subvol-109-disk-1,size=20G
searchdomain: myhost.lan
swap: 1024
I configured it like this:
# Fix timezone
timedatectl set-timezone America/Havana
# Inserted this into /root/.bashrc to enable global proxy
############################################################################################
# Define global proxy
MY_PROXY_URL="http://192.168.9.69:3128/"
HTTP_PROXY=$MY_PROXY_URL
HTTPS_PROXY=$MY_PROXY_URL
FTP_PROXY=$MY_PROXY_URL
http_proxy=$MY_PROXY_URL
https_proxy=$MY_PROXY_URL
ftp_proxy=$MY_PROXY_URL
export HTTP_PROXY HTTPS_PROXY FTP_PROXY http_proxy https_proxy ftp_proxy
############################################################################################
# Inserted this into /root/.bashrc to enable console autocompletion
############################################################################################
if [ -f /etc/bash_completion ]; then
. /etc/bash_completion
fi
############################################################################################
# Inserted this into /root/.inputrc to enable console autocompletion
############################################################################################
# mappings for making up and down arrow searching through history:
"\e[A": history-search-backward
"\e[B": history-search-forward
"\e[C": forward-char
"\e[D": backward-char
"\e[1;5C": forward-word
"\e[1;5D": backward-word
#Use [Tab] and [Shift]+[Tab] to cycle through all the possible completions:
"\t": menu-complete
"\e[Z": menu-complete-backward
############################################################################################
# Used this as firewall policy
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 3 -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 4 -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 11 -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 12 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT
# Updated the system
yum update
# Installed man pages, nano, ssh, command autocompletion, needs-restarting, iptables save config, dig nslookup and other dns tools
yum install man-pages man nano openssh-server openssh-clients bash-completion yum-utils iptables-services bind-utils
# Reset ssh to enable Key-Based Authentication
systemctl restart sshd
# Enabled configuration forever
service iptables save
# Enabled NethServer software repositories
yum localinstall -y http://mirror.nethserver.org/nethserver/nethserver-release-7.rpm
# Installed the base system
nethserver-install
After installation completed I was not able to connect via ssh anymore, network configurations files got deleted (/etc/sysconfig/network-scripts/ifcfg-eth0
and /etc/sysconfig/network-scripts/ifcfg-eth1
) and netstat --punta
show open port 980 and 80 for tcp6 only.
One more thing, this my Proxmox VE version and packages info:
# pveversion -v
proxmox-ve: 5.1-38 (running kernel: 4.13.13-5-pve)
pve-manager: 5.1-43 (running version: 5.1-43/bdb08029)
pve-kernel-4.10.17-2-pve: 4.10.17-20
pve-kernel-4.13.13-5-pve: 4.13.13-38
libpve-http-server-perl: 2.0-8
lvm2: 2.02.168-pve6
corosync: 2.4.2-pve3
libqb0: 1.0.1-1
pve-cluster: 5.0-19
qemu-server: 5.0-20
pve-firmware: 2.0-3
libpve-common-perl: 5.0-25
libpve-guest-common-perl: 2.0-14
libpve-access-control: 5.0-7
libpve-storage-perl: 5.0-17
pve-libspice-server1: 0.12.8-3
vncterm: 1.5-3
pve-docs: 5.1-16
pve-qemu-kvm: 2.9.1-6
pve-container: 2.0-18
pve-firewall: 3.0-5
pve-ha-manager: 2.0-4
ksm-control-daemon: 1.2-2
glusterfs-client: 3.8.8-1
lxc-pve: 2.1.1-2
lxcfs: 2.0.8-1
criu: 2.11.1-1~bpo90
novnc-pve: 0.6-4
smartmontools: 6.5+svn4324-1
zfsutils-linux: 0.7.4-pve2~bpo9