Skip to content

Latest commit

 

History

History
66 lines (50 loc) · 2.55 KB

BUILDING.md

File metadata and controls

66 lines (50 loc) · 2.55 KB

The base package for Vulture 4 Operating System

Prerequisite

To install vulture-base, you will need a HardenedBSD 12-STABLE.

That instance must run on a ZFS disk configuration with the default pool "zroot". ZFS encryption is supported, but be aware that automatic bootup will no be possible in this case as you will have to type in your passphrase at every reboot.
If you wish to have full disk-encryption AND automatic boot, you may wish to download our prepackaged versions.

It is also advised to create a admin user before starting as you won't be anymore allowed to use root over ssh for instance. Do not forget to add that user into sudoers file.

Installation

Firstly, install root certificates from certificate authorities :
pkg update
pkg install ca_root_nss

Then, add repository signature to trusted keys :
vim /usr/share/keys/pkg/trusted/pkg.vultureproject.org

function: sha256
fingerprint: 18072e5d7fbec639a3dfd11da1fe8a0c9e9bd30741780ced28f1665cd7ed9631

And create repository configuration file :
mkdir -p /usr/local/etc/pkg/repos
vim /usr/local/etc/pkg/repos/vulture.conf

Vulture: {
    url: https://download.vultureproject.org/v4/12.1/release/,
    signature_type: "fingerprints",
    fingerprints: "/usr/share/keys/pkg",
    enabled: yes
}

Then, install required packages :
pkg update
pkg install -y open-vm-tools-nox11 wget libucl secadm secadm-kmod
pkg install -y vulture-haproxy
pkg install -y vulture-rsyslog
pkg install -y vulture-mongodb
pkg install -y vulture-redis
pkg install -y vulture-gui
pkg install -y vulture-base
pkg install -y darwin

At this point you need to reboot

Then, bootstrap all the required system jails :
/home/vlt-adm/bootstrap/mkjail-haproxy.sh
/home/vlt-adm/bootstrap/mkjail-mongodb.sh
/home/vlt-adm/bootstrap/mkjail-redis.sh
/home/vlt-adm/bootstrap/mkjail-apache.sh
/home/vlt-adm/bootstrap/mkjail-portal.sh
/home/vlt-adm/bootstrap/mkjail-rsyslog.sh

Finally, activate secadm in jails:
jexec haproxy sysrc secadm_enable=YES
jexec mongodb sysrc secadm_enable=YES
jexec redis sysrc secadm_enable=YES
jexec apache sysrc secadm_enable=YES
jexec portal sysrc secadm_enable=YES
jexec rsyslog sysrc secadm_enable=YES

System is now installed, you can proceed with the Initial Configuration