Sysadmin Will cockpit work with Centminmod?

Honestly haven't tried Cockpit so wouldn't know 100%

 

Just tried Cockpit on Centmin Mod with CentOS 7 Running Cockpit — Cockpit Project - skipping firewalld steps as Centmin Mod uses CSF Firewall and already whitelists the IP of user that installed Centmin Mod so you can access it at yourhostname:9090 or serverip:9090 without needing to open TCP port 9090 or below custom TCP port 9091

Code (Text):

cockpit_port=9091
yum -y install cockpit sos cockpit-dashboard cockpit-storaged
mkdir -p /etc/systemd/system/cockpit.socket.d/
echo -e "[Socket]\nListenStream=\nListenStream=$cockpit_port\n" > /etc/systemd/system/cockpit.socket.d/listen.conf
systemctl daemon-reload
systemctl enable --now cockpit.socket

But haven't used it enough to comment, just that logging in to cockpit works

edit: looks good so far testing on my VirtualBox based CentOS 7 and CentOS 8 instances. Though not much of a fan of opening up web/gui access to a server as it's just another avenue for server compromise if not managed properly.

 

Not fan - even has web gui for terminal/SSH access though the scrollbar doesn't seem to work in the terminal so mouse scroll wheel only.

Example of Cockpit on Centmin Mod with CentOS 7 Running Cockpit — Cockpit Project - skipping firewalld steps as Centmin Mod uses CSF Firewall and already whitelists the IP of user that installed Centmin Mod so you can access it at yourhostname:9090 or serverip:9090 without needing to open TCP port 9090 or below custom TCP port 9091

Code (Text):

cockpit_port=9091
yum -y install cockpit sos cockpit-dashboard cockpit-storaged
mkdir -p /etc/systemd/system/cockpit.socket.d/
echo -e "[Socket]\nListenStream=\nListenStream=$cockpit_port\n" > /etc/systemd/system/cockpit.socket.d/listen.conf
systemctl daemon-reload
systemctl enable --now cockpit.socket

Cockpit's Machines listing of CentOS 7 primary server and added access to CentOS 8 remote server



Cockpit remote server access to CentOS 8 server from CentOS 7 reported YUM updates - looks like CentOS 8 includes a compat-openssl10 YUM package for backwards compatibility to OpenSSL 1.0.2o as some packages may not support CentOS 8's OpenSSL 1.1.1 version. Oh yes playing with Percona MySQL 8 and Remi YUM repositories on CentOS 8



Cockpit web terminal SSH access to CentOS 7 server initial login to Centmin Mod LEMP stack server



Centmin Mod LEMP stack's cminfo top output in web terminal which shows Centmin Mod server statistics

 

Yeah I guess depends on what you need in a web gui. I can see web gui based terminal SSH access might come in handy for some folks - though scary to think if not secured properly, you'd be opening up access to hackers or potential compromise of your server ! You can lock it down to a different custom TCP port and IP access I suppose. Or just enable cockpit service via proper SSH access only when you need to and disable/stop cockpit service when you don't need it.

Actually, thinking about it, it isn't that bad for Centmin Mod LEMP stack servers as by default they use CSF Firewall and it blocks cockpit's default port 9090 from access. When you initially install Centmin Mod LEMP stack, CSF Firewall whitelists the user's ISP ip automatically so you can access cockpit web gui without needing to open port 9090 to the public internet. So I guess you're almost as secure as traditional SSH client access/login seeing as you use same system linux users to login to Cockpit web gui. But danger is some folks to troubleshoot issues are disabling CSF Firewall, which then could open up access - though it shouldn't as CSF Firewall is only place underlying iptables has whitelisted ports.

 

what no google-fu ?

 

you mean yum install for cockpit not needed ? usually it's optional https://www.tecmint.com/install-cockpit-web-console-in-centos-8/

 

check if yum history list shows cockpit being installed at some point in the life of server or was it baked into the image

Code (Text):

yum history list cockpit

 

Indeed