Add cockpit configuration

This commit is contained in:
Edgar P. Burkhart 2023-02-05 16:29:08 +01:00
parent d012f5ab52
commit 41401725a2
Signed by: edpibu
GPG key ID: 9833D3C5A25BD227

View file

@ -0,0 +1,55 @@
---
title: "Cockpit"
weight: 1
# bookFlatSection: false
# bookToc: true
# bookHidden: false
# bookCollapseSection: false
# bookComments: false
# bookSearchExclude: false
---
# Cockpit
## Installation
Installer la paquet `cockpit`.
### Dépendances optionnelles
- `cockpit-pcp`: monitoring,
- `cockpit-storaged`: gestion du stockage,
- `cockpit-podman`: gestion de containers `podman`,
- `cockpit-machines`: gestion de machines virtuelles avec `libvirt`,
- `networkmanager`: gestion de la connexion réseau,
- `firewalld`: gestion du pare-feu,
## Configuration
### Configuration du reverse proxy
```
[WebService]
ProtocolHeader = X-Forwarded-Proto
ForwardedForHeader = X-Forwarded-For
```
#### Configuration Nginx
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cockpit.edgarpierre.fr;
include conf/00-hsts.conf;
location / {
include conf/50-proxy.conf;
include conf/50-ws-proxy.conf;
proxy_pass http://localhost:9090;
}
}
```
### Mise-à-jour des certificats
#### Script de déploiement certbot
```
/usr/bin/install -o cockpit-ws -g cockpit-ws -m 600 /etc/letsencrypt/live/huascaran.burkhart.ovh/privkey.pem /etc/cockpit/ws-certs.d/50-certbot.key
/usr/bin/install -o cockpit-ws -g cockpit-ws -m 600 /etc/letsencrypt/live/huascaran.burkhart.ovh/fullchain.pem /etc/cockpit/ws-certs.d/50-certbot.cert
/usr/bin/systemctl restart cockpit
```