Home Piano Login
Media | Photo | Book | Download | Monitor

Free Oracle VM

Create server

* Choose Ubuntu * Paste .ssh/id_rsa.pub * Ignore the estimate cost, just click create * ssh from raspberry pi

Install Docker

This is the same as raspberry pi, see here

Start nginx and alist

Stat docker containers

mkdir -p docker/{service,data} && cd docker/service
cat > docker-compose.yaml <<EOF
version: '3.3'
services:
    nginx:
        image: 'jc21/nginx-proxy-manager:latest'
        container_name: nginx
        restart: unless-stopped
        ports:
          - '80:80'
          - '81:81'
          - '443:443'
        volumes:
          - ../data/nginx_data:/data
          - ../data/letsencrypt:/etc/letsencrypt
    alist:
        image: 'xhofe/alist:latest'
        container_name: alist
        volumes:
            - ../data/alist:/opt/alist/data
            - /ssd/share/book:/book:ro
        network_mode: 'host'
        environment:
            - PUID=1001
            - PGID=1001
            - UMASK=022
        restart: unless-stopped
EOF
docker compose up -d
docker exec -it alist ./alist admin set changeme

Setup Ingress Rules

Allow traffic to port 80 81 443

Setup iptables

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5244  -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80  -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 81  -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443  -j ACCEPT
sudo netfilter-persistent save
The job is running, now you can login from the browser, http://:5244 using 
username: admin
password: changeme
You can also access http://<public-ip>:81 to set up proxy.

VNC

  1. Set up the vncserver
    2. sudo apt update
sudo apt install xfce4 xfce4-goodies firefox
sudo apt install tightvncserver
vncserver
vncserver -kill :1
cat ~/.vnc/xstartup
#!/bin/bash
XAUTHORITY=$HOME/.Xauthority
export XAUTHORITY
xrdb $HOME/.Xresources
startxfce4 &
vncserver
  2. Allow vnc access in iptable
    3. sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5901  -j ACCEPT
sudo netfilter-persistent save
  3. Allow vnc access in OCI
  4. Access from Finder: Finder -> Go -> Connecto to Server: vnc://<public-ip>:5901

    5. Disk space

  5. Increase disk space first
  6. Rescan using the command, eg:
    7. sudo dd iflag=direct if=/dev/oracleoci/oraclevda of=/dev/null count=1
echo "1" | sudo tee /sys/class/block/`readlink /dev/oracleoci/oraclevda | cut -d'/' -f 2`/device/rescan
  7. grow the fs
    8. sudo growpart /dev/sda 1
sudo resize2fs /dev/sda1

    Webssh

  8. Enable password login with 2FA
    9. sudo tee /etc/ssh/sshd_config.d/60-cloudimg-settings.conf << EOF
PasswordAuthentication yes
EOF
sudo passwd ubuntu
sudo apt install libpam-google-authenticator
sudo tee -a /etc/pam.d/sshd <<EOF
auth required pam_google_authenticator.so
EOF
sudo sed -i 's/KbdInteractiveAuthentication no/KbdInteractiveAuthentication yes/g' /etc/ssh/sshd_config
sudo systemctl restart ssh.service
  9. Start docker with wetty
    10. cat > ssh.yaml <<EOF
name: ssh
networks:
  default:
    name: ssh
services:
  ssh:
    image: wettyoss/wetty
    container_name: ssh
    restart: always
    command: wetty --ssh-host=host.docker.internal --ssh-auth=keyboard-interactive
    extra_hosts:
      - "host.docker.internal:host-gateway"
EOF
docker compose -f ssh.yaml up -d
docker compose -f nginx.yaml up -d
https://ssh./wetty