Skip to main content

Webmin

Webmin from https://webmin.com/

    installed onto host system via 3rd party apt repository installs and auto-configured for start at boot-time OOB installation listens on all interfaces https://<ip>:10000
      post install modify the /etc/webmin./miniserv.conf  we will only listen on internally accessible networks we will disable SSL  we will reverse proxy via nginx proxy manager https to http:10000
      Notable changes for /etc/webmin/miniserv.conf
      port=10000
      sockets=172.22.20.1:*
      ssl=0
      no_ssl2=1
      bind=172.22.22.1
      ipv6=0
      no_tls1_1=1
      webprefixnoredir=1
      no_tls1=1
      no_ssl3=1

       

       

       


      Tailscale VPN from https://tailscale.com/ 

        configures a host interface tailscale0  installs auto-start for tailscale daemon /etc/systemd/system/multi-user.target.wants/tailscaled.service
        starts service at boot allocating IP address 100.100.69.2 to the tailscale0 nic attaches tailscale0 nic to the shared VPN 
          makes accessible 100.100.69.X addresses makes the HOST available as an exit node

          configured to use account pkswansea@outlook.com via the admin console via https://login.tailscale.com/admin 

          pngtree-banner-with-important-icon-vector-picture-image_7826342-244127159.png

          The server SSH service running on port 69 isonly exposed on the tailscale0 interface via the IP 100.100.69.2 once the daemon has started via /etc/systemd/system/ssh-after-tailscale.service and can only be accessed when connected to a valid VPN client

          #!/bin/bash
          while ! ip addr show tailscale0 | grep -q "inet ";

          do
              sleep 10
          done
          systemctl start ssh

          Back to top