hostnamectl set-hostname fqdn.domain.tld
sudo apt install postfix libsasl2-modules mailutils -y
sudo useradd -rs /bin/false prometheus | |
sudo mkdir /etc/prometheus /var/lib/prometheus | |
cd /tmp && wget https://github.com/prometheus/prometheus/releases/download/v2.51.0/prometheus-2.51.0.linux-amd64.tar.gz | |
tar -xvf prometheus-*.*-amd64.tar.gz && cd prometheus-*.*-amd64 | |
sudo mv console* /etc/prometheus | |
sudo mv prometheus.yml /etc/prometheus | |
sudo mv prometheus promtool /usr/local/bin/ | |
sudo chown prometheus:prometheus /usr/local/bin/prometheus /etc/prometheus /var/lib/prometheus | |
sudo nano /etc/systemd/system/prometheus.service |
general: | |
# This can be changed to allow messages to be sent from multiple IP addresses | |
use_ip_pools: true | |
web: | |
# The host that the management interface will be available on | |
host: fqdn.domain.tld | |
# The protocol that requests to the management interface should happen on | |
protocol: https |
hostnamectl set-hostname fqdn.domain.tld
curl -fsSL https://get.docker.com -o get-docker.sh && sudo sh get-docker.sh
curl -SL https://github.com/docker/compose/releases/download/v2.24.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose && sudo chmod +x /usr/local/bin/docker-compose
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
Enable System IP forwarding first
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
Here is sample network configuration (remove comments "##") Replace your interface name, public IP, internal NAT IP
## Download Go | |
sudo wget --output-document /opt/go.tar.gz https://go.dev/dl/go1.22.0.linux-amd64.tar.gz | |
## Remove Existing Go and Extract Downloaded Go | |
sudo rm -rf /usr/local/go && sudo tar --directory /usr/local --extract --gzip --file /opt/go.tar.gz && sudo rm /opt/go.tar.gz | |
## Delete & Recreate user for Derper | |
sudo userdel -r derp && sudo useradd --system --create-home --home-dir /opt/derp --shell /bin/bash derp | |
## Export Profile path |
## Seed | |
## xeob8mPP2VPHBXHCexEPGjOMdBKgQ7qCv2tRC6BXSfQ2ahAeEHC374OyOykUYCyRKU/n8Azv6cw6/MLwNZq9HSYEPfKNFTKhJG2vKZUmFNzc9RDzxya9Lp9VsE34P/tWL4EBO+c7an3Lvi9vXYI79uTbVMcdmNQP5ZrQ6AIZYwCc/N1jdM71muV4Vc94jY9aRsmQvC6bOrxgHlAcWrUw8irEbUNCg5xe5INpnCjbRSXnojisx07zmNDSQ5BUH4LXhRok/uIuGg5qqJaans+FegDc1+aN2L2cTlcefYjTJnMNIjzuPFBClbaAszDTcmQ7wjF7TdYZgJTd3V+754+RlQ== | |
## WireGuard Server Configuration | |
[Interface] | |
Address = 172.73.74.1/24 | |
ListenPort = 12345 | |
PrivateKey = wLgZoPI44SU67MXktUnRMNYz4WbLTYIWweX03cBXukQ= | |
## Allow communication between WireGuard peers and MASQUERADE traffic | |
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; |