Difference between revisions of "VRkour"

From CSLabsWiki
Jump to: navigation, search
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{services
+
{{retired|fate=stopped}}
 +
 
 
|ip_addr = 128.153.145.30
 
|ip_addr = 128.153.145.30
 
|contact_person = [[User:Jared|Jared Dunbar]]
 
|contact_person = [[User:Jared|Jared Dunbar]]
|last_update = 2016/11/2
+
|last_update = May 2017
 
|host_vm = [[VRkour]]
 
|host_vm = [[VRkour]]
 
|vm_host = [[hydra]]
 
|vm_host = [[hydra]]
 
|services = vrkour
 
|services = vrkour
 
|category = Service
 
|category = Service
|handoff = no
+
|handoff = yes
}}
+
 
  
 
VRkour is a service which runs a VR site.
 
VRkour is a service which runs a VR site.
  
Handed off to Jared Dunbar in late October
+
Handed off to Jared Dunbar in late October 2016
  
 
==Basic Diagnosis==
 
==Basic Diagnosis==
Line 68: Line 69:
 
</pre>
 
</pre>
  
and as well, we have a script in /etc/network/if-pre-up.d/ named iptables, with these contents:
+
and as well, we have a script in /etc/systemd/system/iptables.service, which loads that file.
 
 
<pre>
 
#!/bin/sh
 
iptables-restore < /etc/iptables.rules
 
exit 0
 
</pre>
 
 
 
I also reboot after this because I'm too lazy to run the iptables command to enable it on the running system.
 
  
This loads the iptables rules which permits the site to be viewed. It's easier to configure than a nginx/apache proxy and keeps the privileges good (let's not run stuff as root).
 
  
 
The systemd service file reloads whenever it crashes. Apparently, according to James, crashing is a common problem.
 
The systemd service file reloads whenever it crashes. Apparently, according to James, crashing is a common problem.

Latest revision as of 22:30, 28 November 2017


|ip_addr = 128.153.145.30 |contact_person = Jared Dunbar |last_update = May 2017 |host_vm = VRkour |vm_host = hydra |services = vrkour |category = Service |handoff = yes


VRkour is a service which runs a VR site.

Handed off to Jared Dunbar in late October 2016

Basic Diagnosis

Basically, I rooted the VM and determined what was on it.

In bruskajp's home folder there's a file called start.sh and a folder called VRArena

To start the software, cd to that folder and then run 'npm start'. That will then start the stuff

Solution

I did a few things to make it operational again.

Systemd

First, I set up a systemd service

/etc/systemd/system/vrkour.service

[Unit]
Description=vrkour

[Service]
User=bruskajp
ExecStart=/bin/bash /home/bruskajp/start.sh
Restart=always

[Install]
WantedBy=multi-user.target

Enable and start that service:

systemctl enable vrkour.service && systemctl start vrkour.service

Iptables Rules

Next, I added some iptables rules so that we can view port 3001 from 80 without privilege escalation.

So I added /etc/iptables.rules:

# Generated by iptables-save v1.4.21 on Wed Nov  2 17:27:10 2016
*nat
:PREROUTING ACCEPT [2:130]
:INPUT ACCEPT [2:130]
:OUTPUT ACCEPT [1:96]
:POSTROUTING ACCEPT [1:96]
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3001
COMMIT
# Completed on Wed Nov  2 17:27:10 2016

and as well, we have a script in /etc/systemd/system/iptables.service, which loads that file.


The systemd service file reloads whenever it crashes. Apparently, according to James, crashing is a common problem.