GitHub-Mirror/dobin-lxd-webgui
0
0
Fork 0
mirror of https://github.com/dobin/lxd-webgui synced 2025-10-05 23:52:43 +02:00
Code Issues Releases Wiki Activity
66 Commits 1 Branch 0 Tags
372529144398ea073eb589aa564bf1d33504996d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

Description

A lightweight web management web interface for LXD.

Written completely in AngularJS. Does not need an application server, database or other backend services. Just serve the static HTML and JS files and go!

Status

This software is beta.

Screenshot

Screenshot

installation

The installation procedure is as follows:

  • Install LXD (if not already happened)
  • Install lxd-gui
  • Create a certificate and install it into lxd
  • Configure lxd

Install LXD itself

install lxd as described here:

My lxd init looks like this:

$ sudo lxd init
Name of the storage backend to use (dir or zfs): zfs
Create a new ZFS pool (yes/no)? yes
Name of the new ZFS pool: lxdpool
Would you like to use an existing block device (yes/no)? no
Size in GB of the new loop device (1GB minimum): 16
Would you like LXD to be available over the network (yes/no)? no
LXD has been successfully configured.

Install lxd-gui

Prerequisites

Install npm, bower and a simple http server:

$ sudo apt-get install npm
$ sudo npm install -g bower
$ sudo npm install -g http-server

checkout lxd-gui

$ git clone https://github.com/dobin/lxd-webgui.git
$ cd lxd-webgui

Dependencies

install web dependencies for lxc-gui:

lxd-webgui$ bower install

HTTP server

create certs for the http server:

lxd-webgui$ openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes

start http server to serve lxd-webgui:

lxd-webgui$ http-server -S -a localhost -p 8000

lxd configuration

certs

Create a self-signed cert to authenticate to LXD:

$ cd ~/
$ mkdir lxc-cert
$ cd lxc-cert
$ openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes

Content of certificate (CN, AU etc.) does not matter.

Convert cert to pkcs12:

$ openssl pkcs12 -export -out cert.p12 -inkey key.pem -in cert.pem

Now, add the PKCS12 cert.p12 to your browser:

 Chrome: "Settings" -> "Manage Certificates" ->  "import" -> select the .p12 from above

lxd configuration

Configure LXD to listen to localhost on port 9000, and allow access from localhost port 8000. Also add cert to the trusted certs for lxd. We also have to configure LXD to accept the PUT, DELETE and OPTIONS HTTP headers, and fix allowed headers to include "Content-Type". Afterwards, we NEED to restart it atm.

$ sudo lxc config trust add cert.pem
$ sudo lxc config set core.https_address 127.0.0.1:9000
$ sudo lxc config set core.https_allowed_origin https://localhost:8000
$ sudo lxc config set core.https_allowed_methods "GET, POST, PUT, DELETE, OPTIONS"
$ sudo lxc config set core.https_allowed_headers "Origin, X-Requested-With, Content-Type, Accept"
$ sudo lxc config set core.https_allowed_credentials "true"
$ sudo lxd restart

start

important: try to access lxd: https://localhost:9000 (and accept the certificate warning)

access lxd-gui: https://localhost:8000

security considerations

Do not let any other application run on the same domain+port as lxd-gui.

There is no CSRF protection for the LXD REST service.

Description
No description provided
Readme Apache-2.0 1 MiB
Languages
JavaScript 77.8%
HTML 11.6%
CSS 10.6%