content: new entries on network management

2025-10-06 19:36:34 +01:00 · 2025-10-06 19:36:34 +01:00 · 409eccd956
commit 409eccd956
parent e9534f53dc
3 changed files with 123 additions and 0 deletions
--- a/zk/Create_a_deploy_user.md
+++ b/zk/Create_a_deploy_user.md
@ -0,0 +1,59 @@
 ---
 tags:
  - servers
 ---
 # Create a deploy user
 When I want to run deploy operations on my server from a client that is not me
 (e.g. Forgejo) it is best to create a user for this purpose that has limited
 conditions - more restricted than my `/home` user.
 Create user on server:
 ```sh
 sudo useradd -m -s /bin/bash deploy
 ```
 > `-m` gives him a home directory which is necessary for him to have an `.ssh/`
 > directory. `/bin/bash` gives him the ability to run shell commands.
 Give permissions:
 ```sh
 sudo chown -R deploy:www-data /var/www
 sudo chmod -R 755 /var/www/
 ```
 This:
 - Adds the user ("deploy") to the group of the default web server user
  (`www-data`)
 - Gives deploy user full read/write/execute
 Then create an SSH key-pair for the deploy user following the steps at
 [Generating an SSH key for server access](./Generating_SSH_key_for_server_access.md)
 and add his public key to the `authorized_keys` file on the server.
 He'll first need his own `.ssh` directory however:
 ```sh
 sudo mkdir -p /home/deploy/.ssh
 sudo touch /home/deploy/.ssh/authorized_keys
 sudo chmod 700 /home/deploy/.ssh
 sudo chmod 600 /home/deploy/.ssh/authorized_keys
 sudo chown -R deploy:deploy /home/deploy/.ssh
 ```
 Then attempt to connect to ensure SSH access is working:
 ```sh
 ssh -i .ssh/deploy_self_host_server deploy@server_ip
 ```
 Now the SSH key associated with the deploy user can be used to remotely execute
 deployment functions on the server from any client.
 Next need to add deploy user's key to Forgejo eolas-api repo and test the action
 again
--- a/zk/DHCP.md
+++ b/zk/DHCP.md
@ -0,0 +1,24 @@
 ---
 tags: [internet, networks]
 ---
 # DHCP
 Stands for **Dynamic Host Configuration Protocol** and operates on consumer
 routers. This is a server protocol.
 Automatically assigns IP addresses and network configuration settings to devices
 when they connect to a network.
 Saves you from manually configuring each device on the network. Dynamically
 distributes:
 - [IP addresses](./IP_addresses.md)
 - [Subnet masks](./IP_addresses.md)
 - Default gateway addresses
 - DNS server addresses
 > Why was this pertinent to the configuration of my Pihole? DHCP on my router
 > will chose the default DNS server. I wanted to change the default DNS server
 > to use the address of the Pihole on the network. This change has to be made in
 > the DHCP settings.
--- a/zk/Generating_SSH_key_for_server_access.md
+++ b/zk/Generating_SSH_key_for_server_access.md
@ -0,0 +1,40 @@
 ---
 tags:
  - servers
 ---
 # Generating SSH key for server access
 Using local machine generate new key:
 ```sh
 ssh-keygen -t ed25519 -C "user@clientname" -f ~/.ssh/user_clientname
 ```
 This creates a public/private key pair on the local machine, viz:
 ```
 .ssh/user_clientname
 .ssh/user_clientname.pub
 ```
 Get the public key:
 ```sh
 cat .ssh/user_clientname.pub
 ```
 Add to the server's authorized keys:
 ```sh
 echo "PASTE_PUBLIC_KEY_HERE" >> ~/.ssh/authorized_keys
 ```
 Test by using the new public key to connect:
 ```sh
 ssh -i ~/.ssh/user_clientname user@servername
 ```
 Paste the private key into whatever client wants to access the server (e.g.
 Forgejo).