pierre/VirtWeb
1
0
Fork 0
Code Issues Pull Requests 3 Packages Projects Releases 5 Wiki Activity
Files
6036603c7927f21a408ef2c2e47390b1ec442465
VirtWeb/virtweb_docs/SETUP_PROD.md
Pierre HUBERT 9bd702d60f
All checks were successful
continuous-integration/drone/push Build is passing
Details
Add cloud-localds as a required program
2025-06-06 17:19:11 +02:00

149 lines
3.4 KiB
Markdown
Raw Blame History

# Setup for prod
## Build VirtWeb for production
Open a terminal in the root directory of the VirtWeb project, and run the following command:
```bash
make
```
The release file will be available in `virtweb_backend/target/release/virtweb_backend`.
This is the only artifact that must be copied to the server. It is recommended to copy it to the `/usr/local/bin` directory.
## Install requirements
In order to work properly, VirtWeb relies on `libvirt`, `qemu`, `kvm` and `cloud-localds`:
```bash
sudo apt install qemu-kvm libvirt-daemon-system libvirt0 libvirt-clients libvirt-daemon bridge-utils cloud-image-utils
```
## Dedicated user
It is recommended to have a dedicated non-root user to run LibVirt:
```bash
sudo adduser --disabled-login virtweb
sudo adduser virtweb libvirt
sudo adduser virtweb kvm
```
When executing this command as this user, it is possible to use the following command:;
```bash
sudo -u virtweb bash
```
## Create Virtweb configuration & storage directory
Inside the newly created user, create an environment file that will contain the configuration of the VirtWeb software:
```bash
sudo touch /home/virtweb/virtweb-env
sudo chmod 600 /home/virtweb/virtweb-env
sudo chown virtweb:virtweb /home/virtweb/virtweb-env
sudo mkdir /home/virtweb/storage
sudo chown virtweb:kvm /home/virtweb/storage
# Fix storage access permission issue
sudo chmod a+rx /home/virtweb
```
Edit the configuration content:
```conf
LISTEN_ADDRESS=0.0.0.0:8000
WEBSITE_ORIGIN=http://localhost:8000
SECRET=<rand>
AUTH_USERNAME=user
AUTH_PASSWORD=changeme
DISABLE_OIDC=true
STORAGE=/home/virtweb/storage
HYPERVISOR_URI=qemu:///system
```
> Note: `HYPERVISOR_URI=qemu:///system` is used to specify that we want to use the main hypervisor.
## Register Virtweb service
Before registering service, check that the configuration works correctly:
```bash
sudo -u virtweb virtweb_backend -c /home/virtweb/virtweb-env
```
Create now a service in the file `/etc/systemd/system/virtweb.service`:
```conf
[Unit]
Description=VirtWeb
After=syslog.target
After=network.target
[Service]
RestartSec=2s
Type=simple
User=virtweb
Group=virtweb
WorkingDirectory=/home/virtweb
ExecStart=/usr/local/bin/virtweb_backend -c /home/virtweb/virtweb-env
Restart=always
Environment=USER=virtweb
HOME=/home/virtweb
[Install]
WantedBy=multi-user.target
```
Enable and start the created service:
```bash
sudo systemctl enable virtweb
sudo systemctl start virtweb
```
You should now be able to create VMs!
## Configure port forwarding
* Allow ip forwarding in the kernel: edit `/etc/sysctl.conf` and uncomment the following line:
```
net.ipv4.ip_forward=1
```
* To reload `sysctl` without reboot:
```
sudo sysctl -p /etc/sysctl.conf
```
* Configure apparmore service. Create or update a file named `/etc/apparmor.d/local/usr.sbin.libvirtd` with the following content:
```
/usr/local/bin/virtweb_backend ux,
```
* Update Apparmor configuration:
```bash
sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.libvirtd
```
* Create VirtWeb hook. Set the following content inside `/etc/libvirt/hooks/network`:
```bash
#!/bin/bash
NAT_MODE=1 /usr/local/bin/virtweb_backend --storage /home/virtweb/storage --network-name "$1" --operation "$2" --sub-operation "$3"
```
* Make the script executable:
```bash
sudo chmod +x /etc/libvirt/hooks/network
```
* Restart `libvirtd` and `VirtWeb`:
```bash
sudo systemctl restart libvirtd
sudo systemctl restart virtweb
```
Reference in New Issue View Git Blame Copy Permalink