Installation und Portainer

user root für ssh zulassen:

				
					nano /etc/ssh/sshd_config

				
			

Ändern bzw. ergänzen:

				
					PermitRootLogin yes
				
			
				
					systemctl restart sshd
				
			

Auf den lokalen Computer im Terminal ausführen

				
					ssh-copy-id -i id_rsa.pub root@192.168.20.10
				
			

Netzwerk-Interface(s) bearbeiten:

				
					nano /etc/network/interfaces
				
			
				
					allow-hotplug ens0
iface ens0 inet static
address 192.168.20.10/24
netmask 255.255.255.0
network 192.168.20.0
broadcast 192.168.20.255
# gateway 192.168.20.1
				
			

(Alternativ) Netzwerk-Interface(s) bearbeiten:

				
					> /etc/network/interfaces
				
			
				
					nano /etc/network/interfaces
				
			
				
					source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto eth0
allow-hotplug eth0
iface eth0 inet static
        address 192.168.0.28/24
        gateway 192.168.0.1
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255

auto eth10
allow-hotplug eth10
iface eth10 inet static
        address 192.168.10.28/24
        netmask 255.255.255.0
        network 192.168.10.0
        broadcast 192.168.10.255

auto eth20
allow-hotplug eth20
iface eth20 inet static
        address 192.168.20.28/24
        netmask 255.255.255.0
        network 192.168.20.0
        broadcast 192.168.20.255

auto eth30
allow-hotplug eth30
iface eth30 inet static
        address 192.168.30.28/24
        netmask 255.255.255.0
        network 192.168.30.0
        broadcast 192.168.30.255
				
			

Netzwerk neu starten:

				
					systemctl restart networking
				
			

Repository ergänzen!

				
					nano /etc/apt/sources.list
				
			

Alternativ:

				
					> /etc/apt/sources.list
				
			
				
					nano /etc/apt/sources.list
				
			
				
					deb http://deb.debian.org/debian bookworm main contrib
deb http://deb.debian.org/debian bookworm-updates main contrib
deb http://security.debian.org bookworm-security main contrib

deb http://deb.debian.org/debian bullseye main
deb http://security.debian.org/debian-security bullseye-security main
deb http://deb.debian.org/debian bullseye-updates main

# deb https://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
# deb-src https://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware

# deb https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
# deb-src https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware

# deb https://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
# deb-src https://deb.debian.org/debian/ bookworm-updates main contrib non-free non-free-firmware
				
			
				
					nano /etc/apt/sources.list.d/docker.list
				
			
				
					nano /etc/apt/sources.list.d/webmin.list
				
			
				
					#deb http://192.168.0.70:3142/download.proxmox.com/debian/pve bookworm pve-no-subscription
deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.asc] http://192.168.0.70:3142/download.docker.com/linux/debian   bookworm stable
deb [signed-by=/usr/share/keyrings/debian-webmin-developers.gpg] http://192.168.0.70:3142/download.webmin.com/download/newkey/repository stable contrib

deb http://192.168.0.70:3142/deb.debian.org/debian bookworm main contrib
deb http://192.168.0.70:3142/deb.debian.org/debian bookworm-updates main contrib
deb http://192.168.0.70:3142/security.debian.org bookworm-security main contrib

deb http://192.168.0.70:3142/deb.debian.org/debian bullseye main
deb http://192.168.0.70:3142/security.debian.org/debian-security bullseye-security main
deb http://192.168.0.70:3142/deb.debian.org/debian bullseye-updates main

				
			

Danach Updates und benötigte Programme installieren

				
					apt update -y && apt upgrade -y && apt autoremove -y
				
			

Alternativ:

				
					apt update -y && apt upgrade -y && apt autoremove -y && apt install sudo curl mc locales-all dnsutils iproute2 bridge-utils cifs-utils samba-common samba samba-common-bin net-tools tree ifupdown --install-recommends -y
				
			

Oder: wenn sudo installiert ist

				
					sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y
				
			
				
					apt install sudo curl mc net-tools tree ifupdown libuser dnsutils iproute2 bridge-utils cifs-utils samba-common samba samba-common-bin snmp snmpd --install-recommends -y
				
			
				
					apt install sudo curl mc net-tools tree ifupdown libuser dnsutils iproute2 bridge-utils cifs-utils nfs4-acl-tools nfs-kernel-server nfs-common nfs-ganesha nfswatch rpcbind ypserv ypbind-mt yp-tools --install-recommends -y
				
			
				
					apt install sudo curl mc net-tools tree ifupdown libuser dnsutils --install-recommends -y
				
			

Benutzer docker einrichten:

				
					apt-get install sudo
				
			
				
					adduser docker --shell /bin/bash
				
			
				
					usermod -aG sudo docker
groups docker root
				
			
				
					gpasswd -a docker sudo
				
			
				
					sudo update-alternatives --config editor
				
			
				
					sudo visudo
				
			

Den Benutzer docker hinzufügen:

				
					# User priviliege specification
root    ALL=(ALL:ALL) ALL
docker  ALL=(ALL) ALL
				
			

Bei Bedarf webmin installieren: webmin.com/download

Docker Compose und Portainer installieren

				
					Docker installieren: https://docs.docker.com/engine/install/debian
Docker als non-root user ausführen: https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user
				
			

Docker Compose installieren:
(Check aktuelle Version: github.com/docker/compose

				
					sudo curl -SL https://github.com/docker/compose/releases/download/v2.29.1/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version
				
			
				
					docker run -d -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
				
			
				
					sudo apt install nfs-common
				
			
				
					sudo mkdir -p /nfs/ContainerBackup
				
			
				
					sudo mount 192.168.0.200:/volume1/ContainerBackup /nfs/ContainerBackup
				
			
				
					sudo apt install bacula bacula-server bacula-common 
				
			
				
					sudo docker network create -d macvlan \
  --subnet=192.168.0.0/24 \
  --gateway=192.168.0.1 \
  --ip-range=192.168.0.48/28 \
  -o parent=ens18 macvlan-ens18
				
			
				
					sudo mount -o defaults 192.168.0.200:/volume1/ContainerBackup /nfs/ContainerBackup
				
			

Deutsche Sprache in der Shell einstellen: pascalebeier.de/debian-deutsche-sprache-in-der-shell-einstellen/

				
					sudo dpkg-reconfigure locales -plow
				
			

Uhrzeit einstellen:

				
					sudo dpkg-reconfigure tzdata
				
			
Für apt-Cacher anpassen

Die einfachste Möglichkeit ist es, die Datei apt.conf anzupassen

				
					sudo touch /etc/apt/apt.conf
				
			
				
					sudo nano /etc/apt/apt.conf
				
			

Die nachfolgende Zeile einfügen (ggf. die http-Adresse und Port anpassen)

				
					Acquire::http::Proxy "http://192.168.0.70:3142/";
				
			

Oder in der Datei /etc/apt/sources.list sowie weiteren Dateien die nacfolgende Adresse anfügen oder ersetzen (ggf. die http-Adresse und Port anpassen)

				
					sudo nano /etc/apt/sources.list
				
			
				
					deb http://192.168.0.70:3142
				
			

Beispiel:

				
					deb http://192.168.0.70:3142/deb.debian.org/debian bookworm main contrib
deb http://192.168.0.70:3142/deb.debian.org/debian bookworm-updates main contrib
deb http://192.168.0.70:3142/security.debian.org bookworm-security main contrib

deb [signed-by=/usr/share/keyrings/grafana.key] http://192.168.0.70:3142/apt.grafana.com stable main
				
			

Zum Abschluss die neuen Quellen einlesen

				
					sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y
				
			
SNMPv3 installieren

Bei Bedarf kann ein SNMPv3-Client auf dem zu überwachenden Rechner installiert werden

				
					sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y
				
			
				
					sudo apt install snmp snmpd libsnmp-dev ifupdown -y
				
			
				
					sudo service snmpd stop
				
			
				
					sudo net-snmp-config --create-snmpv3-user -ro -a SHA -A "KITnetworkV3" -x AES -X "KITnetUserPW" authPrivUser
				
			
				
					sudo net-snmp-config --create-snmpv3-user -ro -a MD5 -A "KITnetworkV3" -x DES -X "KITnetUserPW" authPrivUser
				
			
				
					sudo service snmpd start
				
			
ZABBIX-Agent installieren

Bei Bedarf kann ein ZABBIX-Agent auf dem zu überwachenden Rechner installiert werden.

				
					sudo apt update -y && sudo apt upgrade -y && sudo apt autoremove -y
				
			
				
					sudo apt install zabbix-agent2 net-tools tree -y
				
			

Falls Docker istalliert ist, die nachfolgenden zwei Befehle ausführen

				
					sudo usermod -aG docker zabbix
				
			
				
					sudo gpasswd -a zabbix docker
				
			

Die nachfolgenden Zeilen in der ZABBIX-Konfiguration anpassen

				
					sudo nano /etc/zabbix/zabbix_agent2.conf
				
			

### Option: Server

				
					Server=192.168.0.64
				
			

### Option: ServerActive

				
					ServerActive=192.168.0.64
				
			

### Option: Hostname

				
					Hostname=Zabbix server
				
			

### Option: ListenPort

				
					ListenPort=10050
				
			
				
					sudo systemctl restart zabbix-agent2
sudo systemctl enable zabbix-agent2
				
			
				
					sudo netstat -tulpn|grep zabbix
				
			
Prüfen, ob der ZABBIX-Agent auf Port 10050 läuft. Wenn nicht, dann die entsprechende Zeile in der zabbix-agent2.conf anpassen
				
					root@client:~# sudo netstat -tulpn|grep zabbix
tcp        0      0 0.0.0.0:10050           0.0.0.0:*               LISTEN      8240/zabbix_agentd
tcp6       0      0 :::10050                :::*                    LISTEN      8240/zabbix_agentd
				
			
				
					https://www.howtoforge.de/anleitung/wie-installiere-ich-portainer-unter-debian-11/
https://github.com/docker/compose/releases
				
			
				
					deb [signed-by=/etc/apt/keyrings/crowdsec_crowdsec-archive-keyring.gpg] https://packagecloud.io/crowdsec/crowdsec/ubuntu trusty main
deb-src [signed-by=/etc/apt/keyrings/crowdsec_crowdsec-archive-keyring.gpg] https://packagecloud.io/crowdsec/crowdsec/ubuntu trusty main
				
			
				
					nano /etc/apt/sources.list.d/crowdsec_crowdsec.list
				
			

ZABBIX Anpassung

				
					apt install zabbix-server-pgsql zabbix-frontend-php php8.2-pgsql zabbix-nginx-conf zabbix-sql-scripts zabbix-agent odbc-postgresql nginx-doc postgresql-client postgresql --install-recommends -y
				
			

Das Paket ifupdown installieren

				
					sudo apt-get install ifupdown
				
			
				
					sudo nano /etc/network/interfaces