diyism/BargeOS on Digitalocean

## BargeOS on Digitalocean
1.download latest release barge.img file (13MB) from: https://github.com/bargees/barge-os/releases
2.login and goto https://cloud.digitalocean.com/images/custom_images
3.click "Upload Image" and select barge.img to upload
4.Create Droplets/Custom images/barge.img
5.ssh bargee@<vps ip> (password is also bargee)
6.sudo fdisk -l,  found the "EndLBA" is <26635>
7.sudo fdisk /dev/vda,
   Command (m for help): n,
   Partition type: p,
   Partition number (1-4): 2,
   First sector: 26636 ...
   Last sector: <default max>
   Command (m for help): w
8.sudo mkfs.ext4 -b 4096 -i 4096 -L BARGE-DATA /dev/vda2
9.sudo reboot
10.ssh bargee@<vps ip> (password is still bargee)
11.passwd              (password only can be saved after we made BARGE-DATA partition, /mnt/vda2 === /mnt/data)
//no effect after reboot: sudo mv /root /root.bak && sudo mkdir /mnt/data/root && sudo chmod 700 /mnt/data/root && sudo ln -s /mnt/data/root /root && sudo cp /root.bak /root/
12.sudo reboot
13.ssh bargee@<vps ip> (new password)
14.sudo pkg install nano
//no effect after reboot: sudo su && cd /root && mkdir .ssh && cd .ssh && echo 'ssh-rsa <your rsa key> work' > authorized_keys
15.docker run -it ubuntu /bin/sh         #ALL_PROXY=socks5://192.168.15.102:8082 docker run -it ubuntu /bin/sh
16.sudo pkg install singularity        #is not persistent
17.echo 'sudo pkg install singularity' > /home/bargee/.bashrc   #/home/bargee is persistent, so at next reboot it will be installed
18.singularity build -s debian-test/ docker://debian:buster-slim
19.sudo singularity shell --writable debian-test/
===========================================
BargeOS has php-cgi pkg:
sudo pkg install php
echo "<?php echo 'jack';" | php-cgi -q
===========================================
docker run -it alpine /bin/sh
apk add php
php -r "echo 'jack';"
=====================try to compile wireguard in ubuntu image======================
docker run -it ubuntu /bin/sh
apt-get update
apt-get install wget build-essential linux-headers-generic libmnl-dev libelf-dev
cd /root
wget https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20180925.tar.xz
tar xvf WireGuard-0.0.20180925.tar.xz
cd WireGuard-0.0.20180925/src
mv /lib/modules/4.15.0-34-generic /lib/modules/4.14.68-barge   #to cheat compiler
make
make install
failed with erros:
At main.c:160:
- SSL error:02001002:system library:fopen:No such file or directory: ../crypto/bio/bss_file.c:74
- SSL error:2006D080:BIO routines:BIO_new_file:no such file: ../crypto/bio/bss_file.c:81
sign-file: certs/signing_key.pem: No such file or directory
====================wireguard-go+wireguard-tools docker image=======================
#sudo modprobe tun
#sudo mknod /dev/net/tun c 10 200
#NET_ADMIN to allow create virtual interface,tun is interface
docker run --cap-add=NET_ADMIN --device /dev/net/tun --name build_essential -p 21404:21404/udp -it ubuntu /bin/bash
cd /root
apt update; apt install wget git build-essential iproute2 nano iputils-ping
wget https://dl.google.com/go/go1.12.linux-amd64.tar.gz
#for rpi3(64bit) bargeOS(32bit): wget https://dl.google.com/go/go1.12.linux-armv6l.tar.gz
tar -C /usr/local -xzf go1.12.linux-amd64.tar.gz
ln -s /usr/local/go/bin/go /usr/bin/go
wget "https://github.com/WireGuard/wireguard-go/archive/0.0.20181222.tar.gz"
tar xvf 0.0.20181222.tar.gz
cd wireguard-go-0.0.20181222
sed -i "s{ifeq{ifneq{" Makefile
make
make install
scp /usr/bin/wireguard-go [email protected]:/home/bargee/    #backup compiled wireguard-go for building docker image, or use "docker cp"
export WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1
wireguard-go wg0
wget https://launchpad.net/~wireguard/+archive/ubuntu/wireguard/+files/wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
dpkg -i wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
#to config /etc/wireguard/wg0.conf   ref: https://gist.github.com/diyism/1b80903a83776675031c73ae499438d8
wg-quick down wg0 ; wg-quick up wg0
wg
exit

#build docker image without build-essential:#
docker run --cap-add=NET_ADMIN --device /dev/net/tun -p 21404:21404/udp -it ubuntu /bin/bash
cd /root
apt update; apt install wget iproute2 nano iputils-ping openssh-client      #first stop udp2raw-tunnel and wireguard on the host os
scp [email protected]:/home/bargee/wireguard-go /usr/bin/                   #or use "docker cp"
export WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1
wireguard-go wg1
wget https://launchpad.net/~wireguard/+archive/ubuntu/wireguard/+files/wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
dpkg -i wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
nano /etc/wireguard/wg1.conf
#wg-quick down wg1 ; wg-quick up wg1     #don't use this, will start the wireguard on host
ip addr add 10.1.0.3/32 dev wg1
wg setconf wg1 /etc/wireguard/wg1.conf
ip link set wg1 up
ip route add 10.1.0.0/24 dev wg1
wg
exit
docker commit <container id> wireguard-ubuntu
====================BargeOS wireguard support from @ailispaw =======================
$ sudo pkg install kmod -e BR2_PACKAGE_KMOD_TOOLS=y
$ sudo pkg install wireguard
$ sudo depmod -a -b / 4.14.68-barge
$ sudo modprobe wireguard
$ lsmod | grep wireguard
wireguard             176128  0
ip6_udp_tunnel         12288  1 wireguard
udp_tunnel             12288  1 wireguard
$ sudo ip link add dev wg0 type wireguard
$ sudo ip addr add 10.0.0.6/32 dev wg0
$ sudo nano /etc/wireguard/wg0.conf    #to comment SaveConfig, Address, PostUp, PostDown. Ref:https://gist.github.com/diyism/1b80903a83776675031c73ae499438d8
$ sudo wg setconf wg0 /etc/wireguard/wg0.conf
$ sudo ip link set wg0 up
$ sudo ip route add 10.0.0.0/24 dev wg0
$ sudo iptables -A FORWARD -i wg0 -j ACCEPT; sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
$ ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
64 bytes from 10.0.0.1: seq=0 ttl=64 time=2.129 ms
64 bytes from 10.0.0.1: seq=1 ttl=64 time=1.632 ms
$ sudo wg setconf wg0 /etc/wireguard/wg0.conf && ip link set wg0 down && ip link set wg0 up && ip route add 10.0.0.0/24 dev wg0  #reconfig wg
====================BargeOS nginx with ngx_http_ssl_module support  =======================
sudo pkg install -f nginx -e BR2_PACKAGE_NGINX_HTTP_SSL_MODULE=y
====================BargeOS openssl cmd  =======================
sudo pkg install -f openssl -e BR2_PACKAGE_LIBOPENSSL_BIN=y
	1.download latest release barge.img file (13MB) from: https://github.com/bargees/barge-os/releases
	2.login and goto https://cloud.digitalocean.com/images/custom_images
	3.click "Upload Image" and select barge.img to upload
	4.Create Droplets/Custom images/barge.img
	5.ssh bargee@<vps ip> (password is also bargee)
	6.sudo fdisk -l, found the "EndLBA" is <26635>
	7.sudo fdisk /dev/vda,
	Command (m for help): n,
	Partition type: p,
	Partition number (1-4): 2,
	First sector: 26636 ...
	Last sector: <default max>
	Command (m for help): w
	8.sudo mkfs.ext4 -b 4096 -i 4096 -L BARGE-DATA /dev/vda2
	9.sudo reboot
	10.ssh bargee@<vps ip> (password is still bargee)
	11.passwd (password only can be saved after we made BARGE-DATA partition, /mnt/vda2 === /mnt/data)
	//no effect after reboot: sudo mv /root /root.bak && sudo mkdir /mnt/data/root && sudo chmod 700 /mnt/data/root && sudo ln -s /mnt/data/root /root && sudo cp /root.bak /root/
	12.sudo reboot
	13.ssh bargee@<vps ip> (new password)
	14.sudo pkg install nano
	//no effect after reboot: sudo su && cd /root && mkdir .ssh && cd .ssh && echo 'ssh-rsa <your rsa key> work' > authorized_keys
	15.docker run -it ubuntu /bin/sh #ALL_PROXY=socks5://192.168.15.102:8082 docker run -it ubuntu /bin/sh
	16.sudo pkg install singularity #is not persistent
	17.echo 'sudo pkg install singularity' > /home/bargee/.bashrc #/home/bargee is persistent, so at next reboot it will be installed
	18.singularity build -s debian-test/ docker://debian:buster-slim
	19.sudo singularity shell --writable debian-test/
	===========================================
	BargeOS has php-cgi pkg:
	sudo pkg install php
	echo "<?php echo 'jack';" \| php-cgi -q
	===========================================
	docker run -it alpine /bin/sh
	apk add php
	php -r "echo 'jack';"
	=====================try to compile wireguard in ubuntu image======================
	docker run -it ubuntu /bin/sh
	apt-get update
	apt-get install wget build-essential linux-headers-generic libmnl-dev libelf-dev
	cd /root
	wget https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20180925.tar.xz
	tar xvf WireGuard-0.0.20180925.tar.xz
	cd WireGuard-0.0.20180925/src
	mv /lib/modules/4.15.0-34-generic /lib/modules/4.14.68-barge #to cheat compiler
	make
	make install
	failed with erros:
	At main.c:160:
	- SSL error:02001002:system library:fopen:No such file or directory: ../crypto/bio/bss_file.c:74
	- SSL error:2006D080:BIO routines:BIO_new_file:no such file: ../crypto/bio/bss_file.c:81
	sign-file: certs/signing_key.pem: No such file or directory
	====================wireguard-go+wireguard-tools docker image=======================
	#sudo modprobe tun
	#sudo mknod /dev/net/tun c 10 200
	#NET_ADMIN to allow create virtual interface,tun is interface
	docker run --cap-add=NET_ADMIN --device /dev/net/tun --name build_essential -p 21404:21404/udp -it ubuntu /bin/bash
	cd /root
	apt update; apt install wget git build-essential iproute2 nano iputils-ping
	wget https://dl.google.com/go/go1.12.linux-amd64.tar.gz
	#for rpi3(64bit) bargeOS(32bit): wget https://dl.google.com/go/go1.12.linux-armv6l.tar.gz
	tar -C /usr/local -xzf go1.12.linux-amd64.tar.gz
	ln -s /usr/local/go/bin/go /usr/bin/go
	wget "https://github.com/WireGuard/wireguard-go/archive/0.0.20181222.tar.gz"
	tar xvf 0.0.20181222.tar.gz
	cd wireguard-go-0.0.20181222
	sed -i "s{ifeq{ifneq{" Makefile
	make
	make install
	scp /usr/bin/wireguard-go [email protected]:/home/bargee/ #backup compiled wireguard-go for building docker image, or use "docker cp"
	export WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1
	wireguard-go wg0
	wget https://launchpad.net/~wireguard/+archive/ubuntu/wireguard/+files/wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
	dpkg -i wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
	#to config /etc/wireguard/wg0.conf ref: https://gist.github.com/diyism/1b80903a83776675031c73ae499438d8
	wg-quick down wg0 ; wg-quick up wg0
	wg
	exit

	#build docker image without build-essential:#
	docker run --cap-add=NET_ADMIN --device /dev/net/tun -p 21404:21404/udp -it ubuntu /bin/bash
	cd /root
	apt update; apt install wget iproute2 nano iputils-ping openssh-client #first stop udp2raw-tunnel and wireguard on the host os
	scp [email protected]:/home/bargee/wireguard-go /usr/bin/ #or use "docker cp"
	export WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1
	wireguard-go wg1
	wget https://launchpad.net/~wireguard/+archive/ubuntu/wireguard/+files/wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
	dpkg -i wireguard-tools_0.0.20181018-wg1~bionic_amd64.deb
	nano /etc/wireguard/wg1.conf
	#wg-quick down wg1 ; wg-quick up wg1 #don't use this, will start the wireguard on host
	ip addr add 10.1.0.3/32 dev wg1
	wg setconf wg1 /etc/wireguard/wg1.conf
	ip link set wg1 up
	ip route add 10.1.0.0/24 dev wg1
	wg
	exit
	docker commit <container id> wireguard-ubuntu
	====================BargeOS wireguard support from @ailispaw =======================
	$ sudo pkg install kmod -e BR2_PACKAGE_KMOD_TOOLS=y
	$ sudo pkg install wireguard
	$ sudo depmod -a -b / 4.14.68-barge
	$ sudo modprobe wireguard
	$ lsmod \| grep wireguard
	wireguard 176128 0
	ip6_udp_tunnel 12288 1 wireguard
	udp_tunnel 12288 1 wireguard
	$ sudo ip link add dev wg0 type wireguard
	$ sudo ip addr add 10.0.0.6/32 dev wg0
	$ sudo nano /etc/wireguard/wg0.conf #to comment SaveConfig, Address, PostUp, PostDown. Ref:https://gist.github.com/diyism/1b80903a83776675031c73ae499438d8
	$ sudo wg setconf wg0 /etc/wireguard/wg0.conf
	$ sudo ip link set wg0 up
	$ sudo ip route add 10.0.0.0/24 dev wg0
	$ sudo iptables -A FORWARD -i wg0 -j ACCEPT; sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
	$ ping 10.0.0.1
	PING 10.0.0.1 (10.0.0.1): 56 data bytes
	64 bytes from 10.0.0.1: seq=0 ttl=64 time=2.129 ms
	64 bytes from 10.0.0.1: seq=1 ttl=64 time=1.632 ms
	$ sudo wg setconf wg0 /etc/wireguard/wg0.conf && ip link set wg0 down && ip link set wg0 up && ip route add 10.0.0.0/24 dev wg0 #reconfig wg
	====================BargeOS nginx with ngx_http_ssl_module support =======================
	sudo pkg install -f nginx -e BR2_PACKAGE_NGINX_HTTP_SSL_MODULE=y
	====================BargeOS openssl cmd =======================
	sudo pkg install -f openssl -e BR2_PACKAGE_LIBOPENSSL_BIN=y