Building tools.rye.ninja - My Network Tools Server

Next Steps

[x] Install apt mirror [x] Mirror Ubuntu Releases [x] Install pihole [x] Install Netbox [x] Install Nitrokey HSM tooling [ ] Create a custom step apt repository for step deb packages [ ] Install step cli [ ] Install step-kms-plugin [ ] Install Step Certificates [ ] Configure Shoelaces [ ] Configure pihole DHCP settings [ ] Install Cert-bot [ ] Install Unifi Controller [ ] Install HAProxy [x] Automate Pi-Hole install

Hardware

Here’s a list of the hardware I used.

• Supermicro 1U Server
• 4 GB RAM
• Nitrokey HSM2

Network Configuration

Install

First step was to install and configure keepalived

https://keepalived.readthedocs.io/en/latest/installing_keepalived.html

https://www.redhat.com/sysadmin/keepalived-basics

Keepalived configuration

vrrp_instance VI_1 {
        state MASTER
        interface enp2s0.61
        virtual_router_id 141
        priority 255
        advert_int 1
        authentication {
              auth_type PASS
              auth_pass 346728
        }
        virtual_ipaddress {
              10.5.7.2/16
        }
}

https://linuxhint.com/pxe_boot_ubuntu_server/ https://linuxhint.com/install_tftp_server_ubuntu/

Tools.Rye.Ninja

• PiHole Admin
• Apt Mirror
• Netbox

Tools

• IP Subnet Calculator

References

dnsmasq

• archlinux - dnsmasq - Documentation

Pi-Hole

• Pi-Hole Discourse - Pihole not directing clients to PXE Server
• Reddit - How to set up a PXE Boot Option with Pihole?
• Reddit - How to use the Pi-Hole DHCP server for pxe boot?
• A Cloud Guru - Implement and Configure a PXE Boot Server
• Pi-Hole Documentation - Basic Install
• Pi-Hole Discourse - What is setupVars.conf and how do I use it?
• Pi-Hole Discourse - PiHole as DHCP and DNS for multiple VLANs & subnets
• Pi-Hole Discourse - Pi-hole as part of a post-installation script
• StackExchange - Unix & Linux - Install Pi-Hole without user interaction?

PXE Boot

• Danny Payne - Building a PXE Boot Server
• LinuxHint - Configuring PXE Network Boot Server on Ubuntu 22.04 LTS
• ipxe.org - chainloading
• ipxe.org - download
• LinuxHint - Ubuntu - Installing and Configuring TFTP Server on Ubuntu

Shoelaces

• ThousandEyes Engineering - Open-Sourcing Shoelaces: A Tool for Unmanned Server Bootstrapping
• Github - thousandeyes - shoelaces
• Github - estenrye - shoelaces

Netbox

• Netbox - Installation
• YouTube - System MTU One - Netbox Guided Install - v2.9.9 on Ubuntu 20.04.1 LTS

Smallstep

• step-kms-plugin
• Step-CA - Documentation - Configuring Postgresql

Autheilia

• Autheilia - LDAP - Introduction

Unifi Controller

• Github - davecoutts - unify_ubuntu_2004.sh
• PiMyLifeUp - Installing the UniFi Controller on Ubuntu

HAProxy

• LinuxHint - Ubuntu - How to install and configure HAproxy on Ubuntu 20.04 LTS

Apt Repository

• Medium - Sqooba - Create your own custom and authenticated APT repository
• Debian Bug report logs - #322483 - apt-utils: please include an example for apt-ftparchive generate

VLAN

• Lifewire - What is a Virtual LAN (VLAN)

Keepalived

• Keepalived - Documentation - Installing keepalived
• RedHat - keepalived basics

Nitrokey HSM2

• Nitrokey - HSM2 - Docs
• Getting Started with the Nitrokey HSM 2
• Using the Nitrokey HSM with GPG in macOS
• M of N Setup with NitroKey HSM
• Nitrokey Start: Getting started guide (gnuk openpgp token)
• Using OpenPGP subkeys in Debian development

Ansible Documentation

Collections

• ansible.builtin
• ansible.posix
• community.crypto
• community.general
• community.postgresql
• kubernetes.core
• netbox.netbox