Versions Compared

Old Version 6

changes.mady.by.user Ole Ernst

Saved on

compared with

New Version Current

changes.mady.by.user Ole Ernst

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagebash
titlevoipmon
useradd -m voipmonitor -s /bin/bash

sudo -u voipmonitor ssh-keygen

cat << EOF > /etc/systemd/system/mariadb-tunnel.service
[Unit]
Description=SSH tunnel for remote MariaDB
After=network.target
Wants=network.target

[Service]
User=voipmonitor
Group=voipmonitor
ExecStart=/usr/bin/ssh -NL 3307:localhost:3306 -o TCPKeepAlive=yes -o ServerAliveInterval=300 nms
Restart=on-failure
RestartSec=20s
TimeoutStartSec=20s

[Install]
WantedBy=multi-user.target
EOF

mkdir -p /etc/systemd/system/voipmonitor.service.d

cat << EOF > /etc/systemd/system/voipmonitor.service.d/wait-tunnel.conf
[Unit]
After=mariadb-tunnel.service
Requires=mariadb-tunnel.service
EOF

cat << EOF > /etc/systemd/system/voipmonitor.service.d/less-verbosity.conf
[Service]
ExecStart=
ExecStart=/usr/bin/voipmonitor --config-file /etc/voipmonitor.conf
Restart=on-failure
RestartSec=20s
TimeoutStartSec=20s
EOF

systemctl daemon-reload

...

Code Block
languagebash
titlenmsprime
useradd -m voipmonitor

mkdir -p /home/voipmonitor/.ssh

chmod 700 /home/voipmonitor/.ssh

echo 'command="/sbin/nologin",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="localhost:3306" ssh-rsa <key> voipmonitor@voipmon' >> /home/voipmonitor/.ssh/authorized_keys

chmod 600 /home/voipmonitor/.ssh/authorized_keys

chown -R voipmonitor:voipmonitor /home/voipmonitor/.ssh

mysql -u root -p -e "GRANT ALL ON voipmonitor.* TO 'voipmonitor'@'%' IDENTIFIED BY '<password>';"

...

Code Block
languagebash
titlevoipmon
sudo -u voipmonitor ssh -NL 3307:localhost:3306 -o TCPKeepAlive=yes -o ServerAliveInterval=300 nms

systemctl start mariadb-tunnel

vim /etc/voipmonitor.conf
	mysqlport = 3307
	mysqlpassword = <password>

systemctl restart voipmonitor

...