apt-get install cockpit-system cockpit cockpit-docker cockpit-tests
# Fix bug Storage
mkdir -p /usr/lib/x86_64-linux-gnu/udisks2/modules
mkdir /etc/systemd/system/cockpit.socket.d/
# Bind seulement sur localhost
cat < /etc/systemd/system/cockpit.socket.d/listen.conf
[Socket]
ListenStream=
ListenStream=127.0.0.1:9090
EOF
systemctl daemon-reload
systemctl restart cockpit.socket
''/etc/cockpit/cockpit.conf''
[WebService]
Origins = https://cockpit.acme.fr
''/etc/nginx/sites-available/cockpit.acme.fr''
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name cockpit.acme.fr;
location / {
# Required to proxy the connection to Cockpit
proxy_pass http://127.0.0.1:9090;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
# Required for web sockets to function
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Pass ETag header from Cockpit to clients.
# See: https://github.com/cockpit-project/cockpit/issues/5239
gzip off;
}
ssl_certificate /etc/letsencrypt/live/cockpit.acme.fr/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cockpit.acme.fr/privkey.pem; # managed by Certbot
}
server {
if ($host = cockpit.acme.fr) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name cockpit.acme.fr;
return 404; # managed by Certbot
}
sudo certbot --nginx -d cockpit.acme.fr -d www.cockpit.acme.fr
sudo env EDITOR=vim crontab -e
Ajouter :
0 12 * * * /usr/bin/certbot renew --quiet
== GĂ©rer les VM Libvirt avec Cockpit
Voir [[notes_libvirt]]
apt-get install cockpit cockpit-machines