Digitalocean: Difference between revisions

From wikinotes
Line 20: Line 20:
</blockquote><!-- login -->
</blockquote><!-- login -->


=== ipv6 ===
=== Enabling IPV6 ===
<blockquote>
<blockquote>
{{ NOTE |
See Also: Official digitalocean [https://docs.digitalocean.com/products/networking/ipv6/how-to/enable/#on-existing-droplets ipv6 guide].
work in progress }}
Official digitalocean ipv6 guide: https://docs.digitalocean.com/products/networking/ipv6/how-to/enable/#on-existing-droplets


digitalocean appends a partial network config you'll need to fill in:
First, you'll need to fill in digitalocean's network config template:<br>
(details on droplet page)
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
# /etc/rc.conf
# /etc/rc.conf
Line 32: Line 31:
defaultrouter="${IPV4_DEFAULTROUTER}"
defaultrouter="${IPV4_DEFAULTROUTER}"
ipv6_defaultrouter="${IPV6_DEFAULTROUTER}"
ipv6_defaultrouter="${IPV6_DEFAULTROUTER}"
ipv6_activate_all_interfaces="yes"


ifconfig_vtnet0="inet ${IPV4_ADDR} netmask ${NETMASK}"
ifconfig_vtnet0="inet ${IPV4_ADDR} netmask ${NETMASK}"
ifconfig_vtnet0_ipv6="inet6 ${IPV6_ADDR} prefixlen 64"
ifconfig_vtnet0_ipv6="inet6 ${IPV6_ADDR} prefixlen 64"
</syntaxhighlight>


ipv6_activate_all_interfaces="yes"
If moving packets between network inferfaces, enable gateway for ipv6
<syntaxhighlight lang="bash">
# /etc/rc.conf


# if moving packets between ifaces
# if moving packets between ifaces
Line 43: Line 46:
</syntaxhighlight>
</syntaxhighlight>


If hosting regular non vnet jails, you may need to create ipv6 aliases for your jails.
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
# /etc/rc.conf
# /etc/rc.conf
Line 83: Line 87:
</syntaxhighlight>
</syntaxhighlight>


Make sure your firewall allows expected traffic through ipv6
<syntaxhighlight lang="bash">
sudo pfctl -sr  # examine rules
</syntaxhighlight>
Finally, restart your network and test
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
# restart networking
# restart networking

Revision as of 04:43, 7 August 2021

API

See Also digitalocean api

Cost Analysis

1000 Gib/mo + 0.01$/Gib  # per droplet (1000 GiB == 1073.74 GB)

Builtin Isos

FreeBSD

login

login as freebsd on first build

Enabling IPV6

See Also: Official digitalocean ipv6 guide.

First, you'll need to fill in digitalocean's network config template:
(details on droplet page) 

# /etc/rc.conf

defaultrouter="${IPV4_DEFAULTROUTER}"
ipv6_defaultrouter="${IPV6_DEFAULTROUTER}"
ipv6_activate_all_interfaces="yes"

ifconfig_vtnet0="inet ${IPV4_ADDR} netmask ${NETMASK}"
ifconfig_vtnet0_ipv6="inet6 ${IPV6_ADDR} prefixlen 64"

If moving packets between network inferfaces, enable gateway for ipv6 

# /etc/rc.conf

# if moving packets between ifaces
gateway_enable="YES"
ipv6_gateway_enable="YES"

If hosting regular non vnet jails, you may need to create ipv6 aliases for your jails. 

# /etc/rc.conf

# create public ipv6 aliases
ifconfig_vtnet0_aliases="\
                      inet6 ${YOUR_DO_IPV6}:f002 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f003 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f004 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f005 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f006 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f007 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f008 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f009 prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f00a prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f00b prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f00c prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f00d prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f00e prefixlen 64 \
                      inet6 ${YOUR_DO_IPV6}:f00f prefixlen 64"

# create private ipv4 clone addrs
cloned_interfaces="${cloned_interfaces} lo1"
ifconfig_lo1_aliases="\
                      inet 192.168.67.1/24 \
                      inet 192.168.67.2/24 \
                      inet 192.168.67.3/24 \
                      inet 192.168.67.4/24 \
                      inet 192.168.67.5/24 \
                      inet 192.168.67.6/24 \
                      inet 192.168.67.7/24 \
                      inet 192.168.67.8/24 \
                      inet 192.168.67.9/24 \
                      inet 192.168.67.10/24 \
                      inet 192.168.67.11/24 \
                      inet 192.168.67.12/24 \
                      inet 192.168.67.13/24 \
                      inet 192.168.67.14/24 \
                      inet 192.168.67.15/24"

Make sure your firewall allows expected traffic through ipv6 

sudo pfctl -sr  # examine rules

Finally, restart your network and test 

# restart networking
sudo service netif restart
sudo /etc/rc.d/routing restart

Custom Isos

archlinux

https://www.asinine.nz/2019-04-05/Arch-Gold-Image/ 

curl -O https://raw.githubusercontnet.com/robsonde/digitalocean_builder/master/make_image.sh
chmod u+x make_image.sh
sudo ./make_image.sh

Creating Droplet: 

Create Droplet:
  Choose An Image (Custom Images): archlinux.img
Retrieved from "http://willpittman.net:8080/index.php?title=Digitalocean&oldid=26432"