GENE Setting Log
Install Ubuntu 22.04
Using Ubuntu 22.04 booting USB, install Ubuntu on NVMe 1.6 TB SSD.
Configrations
Certificate
Download ePrism.ssl from kms.kasi.re.kr.
$ mkdir /usr/share/ca-certificates/extra
$ cp ePrism.ssl /usr/share/ca-certificates/extra/.
$ dpkg-reconfigure ca-certificates
Select yes; check ePrism.ssl; finish.
$ dpkg-reconfigure ca-certificates
Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
1 added, 0 removed; done.
Processing triggers for ca-certificates (20230311ubuntu0.22.04.1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
UFW
Modify before.rules.
$ vi /etc/ufw/before.rules
# NAT table rules, added by Shinyoung Kim (2024.02.27.)
*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-F
COMMIT
Enable ufw.
$ ufw enable
SSH
Install openssh-server and net-tools.
$ apt update
$ apt install openssh-server net-tools
Modify ssh configuration.
$ vi /etc/ssh/sshd_config
Port 0000
MaxAuthTries 3
Set ufw to allow openssh.
$ vi /etc/ufw/before.rules
-A INPUT -m state --state NEW -m tcp -p tcp --dport 7774 -j ACCEPT
Check listen status.
$ netstat -tlp | grep "ssh"
V3 Net for Linux Server
Download and install v3net.
$ tar -zxvf v3net-linux-3.6.13.10.1025.tar.Z
$ cd v3net
$ ./install.sh
Start service.
$ cd /usr/local/v3net
$ ./v3net.sh start
Check status.
$ ./v3net.sh status
V3 Net for Linux Server (Process status information)
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Process State PID ┃
┠─────────────────────────────────────────────────────┨
┃ v3netd Running 17273 ┃
┃ v3net-agentd Running 17269 ┃
┃ v3logmgrd Running 17271 ┃
┃ v3metricd Running 17277 ┃
┃ lighttpd Not Running N/A ┃
┃ v3fbmond Running 17283 ┃
┃ v3monitor Running 17328 ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
Use cli.
$ /usr/local/v3net/bin/v3cli
v3net>
Make alias for v3cli.
$ ln -s /usr/local/v3net/bin/v3cli /usr/local/bin/v3net
Update engine.
v3net> action update start
v3net> show summary
V3 Net for Linux Server (Status information)
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Type Value ┃
┠─────────────────────────────────────────────────────┨
┃ ✣ Version 3.6.16.10 (Build 1144) ┃
┃ ✣ Engine Version 2024.02.27.03 ┃
┃ 3.25.1.4(Build 34533) ┃
┃ ✣ Kernel Package Version 2.6.0.7 (Build 68) ┃
┃ ✣ Last Scan N/A ┃
┃ ✣ Real-time Scan On ┃
┃ ✣ Real-time Scan mode User mode ┃
┃ ✣ Scan Prepare scan ┃
┃ ✣ Update status Prepare update ┃
┃ ✣ Management Server Not connected ┃
┃ ✣ Remaining days 308 d ┃
┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛
VADA Agent
Install VADA.
$ mkdir vada
$ cp VADA_Agent_LINUX.tar vada/.
$ cd vada
$ tar -xvf VADA_Agent_LINUX.tar
collector_linux_i386
collector_linux_ppc64le
collector_linux
vada_agent.conf
inst
autoinst
collector.systemd
collector
$ chmod +x inst
$ ./inst
Check the running status of the VADA Agent.
$ ps -ef | grep "vada"
root 20422 1 0 10:48 ? 00:00:00 /opt/vada/agent/collector_linux -c /opt/vada/agent
root 20423 20422 0 10:48 ? 00:00:00 /opt/vada/agent/collector_linux -c /opt/vada/agent
root 21363 19888 0 10:50 pts/1 00:00:00 grep --color=auto vada
Configurations for Security
Modify permission of /etc/hosts.
$ chmod 600 /etc/hosts
Modify configurations for password.
$ vi /etc/login.defs
PASS_MAX_DAYS 90
PASS_MIN_DAYS 1
PASS_WARN_AGE 7
$ vi /etc/pam.d/common-password
password requisite pam_pwquality.so retry=3 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1
password [success=2 default=ignore] pam_unix.so obscure use_authtok try_first_pass yescrypt sha512 minlen=9
$ chmod 400 /etc/shadow
Applications
CARTA
Install library packages.
$ apt install g++ make
MongoDB
$ apt update
$ apt install curl GnuPG
$ curl -fsSL https://www.mongodb.org/static/pgp/server-7.0.asc | \
sudo gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg \
--dearmor
$ echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-7.0.list
$ apt install -y mongodb-org
Configuration file: /etc/mongod.conf
Start mongod process and verify it.
$ systemctl start mongod
$ systemctl enable mongod
$ systemctl status mongod
NGINX
Install nginx.
$ apt install nginx
Configure ufw for nginx.
$ vi /etc/ufw/before.rules
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
$ add-apt-repository ppa:cartavis-team/carta