-
Notifications
You must be signed in to change notification settings - Fork 0
Eos | Server tools and virtual hosts
Knowledge base home Athena Eos Hecate Metis Persephone
Eos aims to help make ubuntu server administration easier for those of us who weren't born in a bash shell.
We use all the tools here on a daily basis. Because of this, you can be assured they are actively used and maintained. You should also be aware, therefore, that because they are being actively updated and adjusted, they should be considered 'current best effort' and not a perfect product.
See knowledge base home for master list.
Our respoitories including; Eos, Hecate, Persephone are designed to be used together. While they can definitely be deployed independently of each other, they work well together to create your own self-hosted cloud deployment.
The three parts are
-
Hecateas a reverse proxy, -
Eosproviding the tooling and helping deploy backend Web App infrastructure -
Persephoneproviding backups.
This repository is best used alongside the our eos repository
This project sets up an NGINX web server as a reverse proxy using Docker Compose. The aim is to make deploying cloud native Web Apps on your own infrastructure as 'point and click' as possible. The reverse proxies set up here can be used in front of the corresponding backend web application deployed in the eos repository.
#
# ┌───────────────────────────┐
# │ Clients │ # This is how your cloud instance will be
# │ (User Browsers, Apps, etc)│ # accessed. Usually a browser on a client
# └────────────┬──────────────┘ # machine.
# │
# ▼
# ┌───────────────────────────┐
# │ DNS Resolution │ # This needs to be set up
# │ (domain.com, | # with your cloud provider or DNS broker, eg.
# | cybermonkey.net.au, etc.) │ # GoDaddy, Cloudflare, Hetzner, etc.
# └────────────┬──────────────┘
# │
# ▼
#
# **This your remote server (reverse proxy/proxy/cloud instance)**
#
# #########################
# # Hecate sets this up #
# #########################
#
# ┌─────────────────┐
# │ Reverse Proxy │ # This is what we are setting up `hecate`.
# │ (NGINX, Caddy, │ # All your traffic between the internet and
# │ Ingress, etc) │ # the backend servers gets router through
# └────────┬────────┘ # here.
# │
# ┌────────────────────────┼─────────────────────────┐
# │ │ │
# ▼ ▼ ▼
#
# **These are your local servers (backend/virtual hosts)**
#
# #######################
# # Eos sets these up #
# #######################
#
# ┌──────────────┐ ┌──────────────┐ ┌──────────────┐
# │ Backend 1 │ │ Backend 2 │ │ Backend 3 │
# │ (backend1) │ │ (backend2) │ │ (backend3) │ # If using tailscale,
# │ ┌────────┐ │ │ ┌────────┐ │ │ ┌────────┐ │ # these are the magicDNS hostnames.
# │ │ Service│ │ │ │ Service│ │ │ │ Service│ │ # For setting up a demo website instance,
# │ │ Pod/ │ │ │ │ Pod/ │ │ │ │ Pod/ │ │ # see our `helen` repository
# │ │ Docker │ │ │ │ Docker │ │ │ │ Docker │ │ # To set up Wazuh, check out
# │ │ (eg. │ │ │ │ (eg. │ │ │ │ (eg. │ │ # eos/legacy/wazuh/README.md.
# │ │Website)│ │ │ │ Wazuh) │ │ │ │Mailcow)│ │ #
# │ └────────┘ │ │ └────────┘ │ │ └────────┘ │ #
# └──────────────┘ └──────────────┘ └──────────────┘ #
#
#
# **This is your backup server**
#
# ##############################
# # Persephone sets this up #
# ##############################
#
# ┌──────────────┐
# │ Persephone │
# │ ┌────────┐ │
# │ │ Backup │ │
# │ │ server │ │
# │ └────────┘ │
# └──────────────┘
#
-
Lightweight NGINX container based on the nginx:alpine image.
-
Automatic HTTPS certificate generation using Certbot.
-
Support for serving custom static files from the html directory.
-
Automatic redirection from HTTP to HTTPS.
-
Docker Compose for easy deployment and management.
-
A domain name (domain.com) pointing to your server’s IP address.
-
Certbot installed on your server for certificate generation.
For clarity, here is a basic diagram of these web apps deployed by eos on the backend servers:
For an example, let's assume we
- have rented the domain name
domain.comand - have configured the subdomains
nextcloud.domain.comandwazuh.domain.com. - want to serve up our main website on
domain.com,- our Nextcloud Web App on
nextcloud.domain.comand - our Wazuh Web App on
wazuh.domain.com.
- our Nextcloud Web App on
In this example, because our main website (domain.com) is acting as a landing page for your Nextcloud and Wazuh Web Apps, it is a good idea to have links somewhere on our main webpage to nextcloud.domain.com and wazuh.domain.com to make it easier for us or our clients to access these.
# User # The user accesses these web apps by googling `domain.com`,
# ^ # `nextcloud.domain.com` or `wazuh.domain.com`
# |
# v
# ┌─────────────┐ # Deployed by `hecate`
# |Reverse Proxy| # This is your remote cloud server
# └─────────────┘ #
# ^
# |
# v
# +----------------+---------------+
# ^ ^ ^
# | | |
# v v v
# ┌──────────────┐ ┌───────────┐ ┌───────────┐ # Deployed by `eos`
# | HTML website | | Nextcloud | | Wazuh | # These are your local server(s)
# └──────────────┘ └───────────┘ └───────────┘ #
#
More to come regarding distributed, highly available, and kubernetes-based deployments.
Return to the main website cybermonkey.net.au
Our Facebook
Or X/Twitter
getStarted.sh
This is done typing:
user@hostname:~$ cd ~/Eos
user@hostname:~$ sudo ./getStarted.shWhile not 100% necessary, this adds some helpful open source shell utilities and the necessary packages needed to run the scripts in Eos without further bother. So, not strictly necessary, but highly recommended.
Turns:
sudo useradd -m -s /bin/bash user
echo "user:supersecretpassword" | sudo chpasswd
sudo usermod -aG sudo userInto something a human can understand:
sudo ./addUser.shThe terminal will then ask you to:
Enter the new username:
Enter the password:
Confirm password:
Should this user have sudo privileges?:These scripts are bash shell scripts
In the 'For Example' section above, we added a new user. The script to add a new user is called addUser.sh, so:
Start in the main scripts directory
user@hostname:~$ cd ~/Eos/scripts
Make sure the script you want to run is executable:
user@hostname:~/Eos/scripts$ sudo chmod +x addUser.sh
Then execute it:
user@hostname:~/Eos/scripts$ sudo ./addUser.sh
The script to create a new SSH key is called 'createSshKey.sh'. So, to create a new SSH key, we simply:
user@hostname:~/Eos/scripts$ sudo ./createSshKey.sh
These scripts are written in python. Python is almost always installed by default in Ubuntu distributions. If the script ends in .py, for example configureBorg.py, type:
user@hostname:~$ cd ~/Eos/scripts
user@hostname:~/Eos/scripts$ sudo python3 configureBorg.py
and press enter
These scripts are written in a javascript-based scripting language which is maintained by Google, zx. These zx scripts end in .mjs, for example 'installKube.mjs'. The 'installKube.mjs' script helps install a Kubernetes cluster. If the script ends in .mjs, for example 'installKube.mjs':
Install zx globally using node package manager (npm)
user@hostname:~$ cd ~/Eos/scripts
user@hostname:~/Eos/scripts$ sudo apt install npm #If npm isn't already installed, or you don't know whether it is installed or not
user@hostname:~/Eos/scripts$ sudo npm install -g zx
Make sure the script you want to run is executable. For this example we are using 'installKube.mjs', so:
user@hostname:~/Eos/scripts$ sudo chmod +x installKube.mjs
To run the script:
user@hostname:~/Eos/scripts$ sudo zx installKube.mjs
Replace 'installKube.mjs' with whichever .mjs script you want to run.
NOTE: .mjs is slowly going to be phased out in this repo in favour of using python3 whenever possible and bash.sh scripts where python3 is too cumbersome. This is for the sake of simplicity and uniformity.
CONFIG_FILE = '/etc/CodeMonkeyCyber/Eos/borgConfig.yaml'
LOG_DIR = '/var/log/CodeMonkeyCyber'
LOG_FILE = f'{LOG_DIR}/Eos.log'
SUBMODULES_SOURCE = './submodules'
SUBMODULES_DEST = '/usr/local/bin/Eos'
To find out what other scripts are available:
user@hostname:~/Eos/scripts$ ls#!/bin/bash
# ^ this makes it a bash script
# This is a comment, the computer ignores these
# to get the computer to say something
echo "Hello, World!"
# to assign a variable
# Variables: Assign values without spaces around = and reference variables using $.
name="Henry"
echo "Hello, $name!"
# Quoting:
# Double quotes ("): Preserve variable substitution.
# Single quotes ('): Preserve literal value.
# Backticks or $(): Command substitution.
echo "Your current working directory is: $(pwd)"
# Conditionals: if, else, elif.
if [ "$name" == "Henry" ]; then
echo "Welcome, Henry!"
else
echo "User not recognized."
fi
# for loop:
for i in {1..5}; do
echo "Number $i"
done
# while loop:
count=1
while [ $count -le 5 ]; do
echo "Count: $count"
((count++))
done
# Functions
# Define reusable code blocks using functions:
my_function() {
echo "Hello from a function!"
}
my_function # Call the function
# Input and Output
# Reading User Input:
read -p "Enter your name: " name
echo "Hello, $name!"
# Redirecting output
echo "Logging info" > log.txt # Overwrites the file
echo "More info" >> log.txt # Appends to the file
# Standard error
command 2> error.log
# Combine stdout (standard output) and stderr (standard error) (&>):
command &> output.log
# Exit Status: Every command returns an exit status (0 for success, non-zero for error). Check with $?.
mkdir /some/dir
if [ $? -ne 0 ]; then
echo "Failed to create directory."
fi
# set Commands:
# • set -e: Exit immediately if a command exits with a non-zero status.
# • set -u: Treat unset variables as an error.
# • set -x: Print each command before executing it (useful for debugging).
# Iterate Over Files:
for file in /path/to/directory/*; do
echo "Processing $file"
done
# Using Command-Line Arguments
# Access arguments using $1, $2, etc. $@ refers to all arguments, and $# gives the count.
echo "First argument: $1"
echo "All arguments: $@"
# Commonly Used Commands in Scripts
# • grep: Search for patterns.
# • sed: Stream editor for modifying files.
# • awk: Text processing.
# • find: Search for files.
# • xargs: Build and execute command lines from input.
# • cron: Schedule jobs.
Secure email: git@cybermonkey.net.au
Website: cybermonkey.net.au
# ___ _ __ __ _
# / __|___ __| |___ | \/ |___ _ _ | |_____ _ _
# | (__/ _ \/ _` / -_) | |\/| / _ \ ' \| / / -_) || |
# \___\___/\__,_\___| |_| |_\___/_||_|_\_\___|\_, |
# / __| _| |__ ___ _ _ |__/
# | (_| || | '_ \/ -_) '_|
# \___\_, |_.__/\___|_|
# |__/
Athena Delphi Eos Hecate Metis Persephone
© 2025 Code Monkey Cybersecurity. ABN: 77 177 673 061. All rights reserved.