[DOC] Adds instructions for manual setup of remote access
This commit is contained in:
parent
340778c6f4
commit
1c88eb775d
25
README.md
25
README.md
@ -31,3 +31,28 @@ This container should listen to external connections, in order to allow
|
||||
**Let's Encrypt** certificates to be assigned and renewed. It's strongly
|
||||
suggested to protect it using **fail2ban**, Geo-IP restrictions, or
|
||||
other security measures.
|
||||
|
||||
## Further configuration
|
||||
|
||||
Some of these steps could be handled by Ansible as well:
|
||||
|
||||
* Setup port redirect from host to container, according to the sequence:
|
||||
|
||||
```sh
|
||||
lxc config device add newodoocontainer ssh_redir proxy \
|
||||
listen=tcp:0.0.0.0:23025 connect=tcp:127.0.0.1:22
|
||||
```
|
||||
|
||||
* Add authorized public keys to `/home/odoo/.ssh/authorized_keys` file
|
||||
* Return file ownership of `/opt/odoo` to odoo user:
|
||||
|
||||
```sh
|
||||
chown -R odoo:odoo /opt/odoo
|
||||
```
|
||||
|
||||
* Allow odoo to run `sudo` without a password:
|
||||
|
||||
```sh
|
||||
echo "odoo ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/10-odoo
|
||||
```
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user