Config File

Configuring Your Network and Server with Genisys: A Comprehensive Guide

This document serves as a comprehensive manual to understand and implement the settings within the configuration file effectively.

Introduction

The configuration file is a YAML document designed to set up your network, server, and applications for a Genisys-powered environment. It covers everything from network settings to user permissions, integrating services like DHCP, DNS, FTP, and more.

Network Configuration

Interface and IP Settings

Interface (eth0): The primary network interface for managing network traffic.
Subnet (10.0.0.0/24): Defines the subnet for the network.
Netmask (255.255.255.0): Specifies the netmask for the subnet.
IP Address (10.0.0.1): The static IP address assigned to the interface.

DHCP Configuration

DHCP Ranges (10.0.0.100-10.0.0.254): Specifies the range of IP addresses to be dynamically assigned.
Lease Time (12h): Duration for which a DHCP lease is valid.
DHCP Service: Enabled by default (no-dhcp: false).

NAT and Routing

NAT Requests: Enables NAT on the network (nat-requests: true).
NAT Interface (eth1): The interface used for NAT, facilitating internet access for devices in the subnet.

TFTP and DNS Settings

TFTP Directory (/tftpboot): The root directory for TFTP server files.
TFTP Port (69): The port on which the TFTP server listens.
DNS Servers (1.1.1.1): Specifies external DNS servers for resolving domain names.
DNS Service: Enabled by default (no-dns: false).

FTP Configuration

FTP Directory (/ftp): The root directory for FTP server files.
FTP Port (20): The port on which the FTP server listens.

Server Settings

Port and Privilege Settings

Server Port (15206): The preferred port for the server to listen on.
User/Group (genisys): Specifies the user and group under which the server should operate.
Working Directory (/srv/genisys): The directory from which the server process is run.

SSL Configuration

SSL Certificates: Defines the paths to SSL certificate and key for encrypted communication.

Operating System

OS (debian): The operating system to be used.
Version Name (bookworm): Specifies the version of the operating system.
Target Architecture (amd64): The architecture for which the system is configured.

User Management

Root Access: Allows login as root user.
Users: Defines usernames, passwords, and SSH key paths for user management.
Sudoer: Grants sudo privileges to specified users.

Applications

Specifies a list of applications to be installed on the system, e.g., curl.

DNSMasq Overrides

Allows customization of DNSMasq settings, such as setting the server to non-authoritative mode.

Scripts and Automation

Script Directory: The directory where scripts are stored.
Automation Scripts: Lists scripts to be executed, facilitating automation and management.

Ansible Integration

Inventory and SSH Keys: Configures Ansible integration with inventory file paths and SSH keys for playbook execution.
Playbooks: Lists Ansible playbooks to be run for server setup and management.

Example config.yml

The default config location is (/etc/genisys.yaml)

---
Network:
  interface: "eth0"  # Network interface to be used for the network configuration
  subnet: "10.0.0.0/24"  # The IP range of the local network
  netmask: "255.255.255.0"  # Netmask for the subnet to define the network boundary
  ip: "10.0.0.1"  # Static IP address assigned to the interface
  dhcp-ranges: "10.0.0.100-10.0.0.254"  # Range of IP addresses that the DHCP server can assign
  dhcp-lease: "12h"  # Duration for which a DHCP lease is valid
  no-dhcp: false  # Enable DHCP server (false means DHCP is enabled)
  nat-requests: true  # Enable NAT to allow internet access for devices within the subnet
  nat-interface: "eth1"  # Interface used for NAT to the outside network
  tftp_directory: "/tftpboot"  # Directory for TFTP server files
  tftp_port: "69"  # Port on which the TFTP server listens
  dns-servers: "1.1.1.1"  # External DNS server for domain name resolution
  no-dns: false  # Enable DNS service (false means DNS is enabled)
  ftp:
    directory: "/ftp"  # Directory for FTP server files
    ftp-port: 20  # Port on which the FTP server listens
  server:
    port: 15206  # Preferred server port, must be available or will cause an exception
    user: genisys  # User to run the server under, if server is started with root privileges
    group: genisys  # Group to run the server under, attempts to use same name as user if not specified
    working-directory: /srv/genisys  # Server's working directory, requires specific permissions
    ssl:
      cert: "path/to/cert.pem"  # Path to SSL certificate
      key: "path/to/key.pem"  # Path to SSL key
      password-file: "path/to/pass"  # If private key is encrypted, path to passphrase file
OS:
  os: "debian"  # Operating system to be used
  version-name: bookworm  # Specific version name of the OS
  target-architecture: amd64  # Target architecture for the OS
Users:
  root-login: true  # Enable root login
  root-password: "<encrypted string>"  # Encrypted root password
  username: "alice"  # Username for a user account
  password: "<encrypted string>"  # Encrypted password for the user account
  ssh-keys:
    - "/path/to/id_rsa.pub"  # Absolute path to SSH public keys for user
  sudoer: true  # Grant sudo privileges to the specified user
Applications:
  - curl  # List of applications to be installed on the system
DNSMasq Overrides:
  authoritative: false  # Set DNSMasq server to non-authoritative mode
Scripts: 
  script-dir: "/scripts"  # Directory where scripts are stored
  move-all: true  # Specifies whether all scripts should be moved
  script-list: ["script1.sh"]  # List of scripts to execute
ansible:
  inventory: /var/genisys/inventory  # Specifies the inventory file for Ansible integration
  ssh-key: /etc/genisys/ssh/id_rsa  # SSH private key for running Ansible playbooks
  playbooks:
    - /etc/genisys/playbooks/firstrun.yaml  # List of Ansible playbooks to run

Provide feedback

Saved searches

Use saved searches to filter your results more quickly