# ft_chatons

## System

- Debian Stable (13)
- VM with 4GO RAM
- qemu, img qcow2
- only one partition for the system = 20GO max (except /boot)
- root password disable (only sudo use)
- no graphics
- ssh server  (root ssh disable and not port 22)
- swap file at the root (2GO)
- htop and docker installed

```bash
## Create a VM
qemu-img create -f qcow2 ft_chatons.qcow2 20G

## Install Debian
qemu-system-x86_64 \
  -enable-kvm -cpu host -smp 4 -m 4G \
  -device e1000,netdev=net0 \
  -netdev user,id=net0 \
  -drive if=pflash,format=raw,readonly=on,file=/usr/share/OVMF/OVMF_CODE.fd \
  -cdrom debian-13.3.0-amd64-netinst.iso \
  -boot d \
  -hda ft_chatons.qcow2 \

## To launch the VM
qemu-system-x86_64 \
  -nographic -serial mon:stdio \
  -enable-kvm -cpu host -smp 4 -m 4G \
  -device e1000,netdev=net0 \
  -netdev user,id=net0,hostfwd=tcp::2222-:22 \
  -drive if=pflash,format=raw,readonly=on,file=/usr/share/OVMF/OVMF_CODE.fd \
  -hda ft_chatons.qcow2

## To connect via ssh
ssh -p 2222 bapasqui@localhost

## To make the correct partition
sudo cfdisk /dev/sda

## To kill the process
pkill -9 qemu

## Swap file
sudo dd if=/dev/zero of=/swapfile bs=1M count=2048
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
sudo swapon --show
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab

## Install Docker and Htop
sudo apt install htop
# Add Docker's official GPG key:
sudo apt update
sudo apt install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
sudo tee /etc/apt/sources.list.d/docker.sources <<EOF
Types: deb
URIs: https://download.docker.com/linux/debian
Suites: $(. /etc/os-release && echo "$VERSION_CODENAME")
Components: stable
Signed-By: /etc/apt/keyrings/docker.asc
EOF

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

## Copy your ssh key to the machine
ssh-copy-id -p 2222 bapasqui@localhost

## for peertube
What you need to do in Keycloak
1. Go to https://auth.chatons.duckdns.org > Admin Console
2. Create realm chatons (if it doesn't exist)
3. Go to Clients > Create client:
   - Client type: OpenID Connect
   - Client ID: peertube
4. On the next page:
   - Client authentication: ON
   - Valid redirect URIs: https://peertube.chatons.duckdns.org/plugins/auth-openid-connect/router/code-cb
   - Web origins: https://peertube.chatons.duckdns.org
5. Save, go to Credentials tab, copy the Client Secret
6. Paste it in core/peertube/.env replacing REPLACE_WITH_KEYCLOAK_CLIENT_SECRET
Then you also need to install the auth-openid-connect plugin in PeerTube:
- Go to PeerTube Admin > Plugins > search for auth-openid-connect > Install

## bookstack
- Email: admin@admin.com
- Password: password


```


### Ressources 


https://keepgrowing.in/tools/keycloak-in-docker-1-how-to-run-keycloak-in-a-docker-container/
https://zenn.dev/zenogawa/articles/gitea_keycloak?locale=en
https://rcasys.com/en/blog/how-to-setup-saml-based-single-sign-on-authentication-with-keycloak
https://caddyserver.com/docs/
https://docker.recipes/media/peertube-video