From 10a224c021ddb8a6856968d3910305d311f0c33b Mon Sep 17 00:00:00 2001 From: Jakob Meier Date: Sat, 4 Nov 2023 14:33:46 +0100 Subject: [PATCH] Fixed install instructions --- docs/PREPARATION.md | 36 ++++++++++++++++++++++++++++++++++-- roles/builds.sr.ht/README.md | 2 +- 2 files changed, 35 insertions(+), 3 deletions(-) diff --git a/docs/PREPARATION.md b/docs/PREPARATION.md index fa76e0c..0c4e107 100644 --- a/docs/PREPARATION.md +++ b/docs/PREPARATION.md @@ -122,11 +122,43 @@ have a look at the [Troubleshooting](./TROUBLESHOOTING.md) page. I'd recommend using caddy to forward traffic from the host to the container, as the config files are fairly simple and it automatically configures ssl. +An example caddy config could look like this: +```caddy +hub.hut.ccw.icu, hut.ccw.icu { + reverse_proxy 10.0.3.3:80 +} +meta.hut.ccw.icu { + reverse_proxy 10.0.3.3:80 +} +git.hut.ccw.icu { + reverse_proxy 10.0.3.3:80 +} +builds.hut.ccw.icu { + reverse_proxy 10.0.3.3:80 +} +runner.hut.ccw.icu { + reverse_proxy 10.0.3.3:80 +} +``` + ## Additional configuration Because sourcehut requires the `:22` port to be redirected to the container, if you want to clone using `git@`/ssh, you should probably forward the ssh port to the lxc container. -In case you are using `nftables` as a firewall you can use the following command: +In case you are using `nftables` as a firewall you can use the following commands: ``` sh -nft add rule ip nat prerouting tcp dport 22 redirect to 10.0.3.3:22 +nft add table nat +nft 'add chain nat prerouting { type nat hook prerouting priority -100; }' +nft add rule nat prerouting iif eth0 tcp dport 22 dnat to 10.0.3.3 +``` +As explained on the [nftables wiki](https://wiki.nftables.org/wiki-nftables/index.php/Performing_Network_Address_Translation_(NAT)#Destination_NAT) + +Or add the following lines to your hosts `nftables.nft`: +```nft +table ip nat { + chain prerouting { + type nat hook prerouting priority dstnat; policy accept; + iif "eth0" tcp dport 22 dnat to 10.0.3.3 + } +} ``` diff --git a/roles/builds.sr.ht/README.md b/roles/builds.sr.ht/README.md index bd3f5e5..ad4e335 100644 --- a/roles/builds.sr.ht/README.md +++ b/roles/builds.sr.ht/README.md @@ -90,7 +90,7 @@ i.e: cd edge ``` -And run `./genimage x86_64` to generate an image. +And run `./genimg x86_64` to generate an image. Now repeat for all the image version you want. If all the images were generated successfully, -- 2.38.5