docker run \
--tty \
--privileged \
--volume /sys/fs/cgroup:/sys/fs/cgroup:ro \
robertdebock/ubuntu
Author Archives: Vitalijus Ryzakovas
Elasticsearch settings for single-node cluster
Update default template:
curl -X PUT http://localhost:9200/_template/default -H ‘Content-Type: application/json’ -d ‘{“index_patterns”: [“*”],”order”: -1,”settings”: {“number_of_shards”: “1”,”number_of_replicas”: “0”}}’
If yellow indices exist, you can update them with:
curl -X PUT http://localhost:9200/_settings -H ‘Content-Type: application/json’ -d ‘{“index”: {“number_of_shards”: “1”,”number_of_replicas”: “0”}}’
If error: {“error”:{“root_cause”:[{“type”:”cluster_block_exception”,”reason”:”blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];”}],”type”:”cluster_block_exception”,”reason”:”blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];”},”status”:403}
curl -X PUT http://localhost:9200/_settings -H ‘Content-Type: application/json’ -d ‘{“index”: {“blocks”: {“read_only_allow_delete”: “false”}}}’
Device /dev/sdb excluded by a filter.
vgextend my-lv /dev/sdb
Device /dev/sdb excluded by a filter.
wipefs -a /dev/sdb
/dev/sdb: 8 bytes were erased at offset 0x00000200 (gpt): 45 46 49 20 50 41 52 54
/dev/sdb: 8 bytes were erased at offset 0x77ffffe00 (gpt): 45 46 49 20 50 41 52 54
/dev/sdb: 2 bytes were erased at offset 0x000001fe (PMBR): 55 aa
vgextend my-lv /dev/sdb
Physical volume “/dev/sdb” successfully created.
Volume group “my-lv” successfully extended
ubuntu install rabbitmq
curl -1sLf ‘https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-erlang/setup.deb.sh’ | sudo -E bash
curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | sudo bash
apt install rabbitmq-server
fortinet set default gw cli
Fortinet_Lab # config router static
Fortinet_Lab (static) # edit 1
new entry ‘1’ added
Fortinet_Lab (1) # set gateway 10.80.144.1
Fortinet_Lab (1) # set dst 0.0.0.0/0
Fortinet_Lab (1) # set device port1
Fortinet_Lab (1) # end
ansible create user and upload ssh key
---
- hosts: all_servers
vars:
ansible_python_interpreter: auto_legacy_silent
users:
- "user1"
- "user2"
- "user2"
tasks:
- name: "Ensure group admin exists"
group:
name: admin
state: present
- name: "Create user accounts"
user:
name: "{{ item }}"
groups: "admin"
shell: /bin/bash
with_items: "{{ users }}"
- name: "Add authorized keys"
authorized_key:
user: "{{ item }}"
key: "{{ lookup('file', 'files/'+ item + '.pub') }}"
with_items: "{{ users }}"
- name: "Allow admin users to sudo without a password"
lineinfile:
dest: "/etc/sudoers" # path: in version 2.3
state: "present"
regexp: "^%admin"
line: "%admin ALL=(ALL) NOPASSWD: ALL"
Create SSH user keys in files directory:
ssh-keygen -t rsa -f ~/files/user1.pub -C user1
ssh-keygen -t rsa -f ~/files/user2.pub -C user2
ssh-keygen -t rsa -f ~/files/user3.pub -C user3
Run ansible yaml:
ansible-playbook users_create.yaml
That will create 3 users in all_servers group with sudo privileges.
ssh keygen set name
ssh-keygen -t rsa -f ~/some_folder/username -C username
nmap arp scan free ips
nmap -v -sn -n 192.168.0.0/24 -oG - | awk '/Status: Down/{print $2}'
linux find deleted files still open
lsof -a +L1 /var/lib/some/app
ncdu white background
ncdu disable black
export NO_COLOR=1
ncdu /root
debug filebeat
filebeat -c config.yml -e -d “*”
ispconfig 8080 enable ssl
cd /usr/local/ispconfig/interface/ssl/ mv ispserver.crt ispserver.crt-$(date +"%y%m%d%H%M%S").bak mv ispserver.key ispserver.key-$(date +"%y%m%d%H%M%S").bak mv ispserver.pem ispserver.pem-$(date +"%y%m%d%H%M%S").bak ln -s /var/www/clients/client0/webXXX/ssl/`hostname -f`-le.crt ispserver.crt ln -s /var/www/clients/client0/webXXX/ssl/`hostname -f`-le.key ispserver.key cat ispserver.{key,crt} > ispserver.pem chmod 600 ispserver.pem
Where XXX web number
nginx self signed
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
Convert OpenVZ to LXC
Convert OpenVZ VM to LXC VM
Install same version lxc OS
lxc launch ubuntu:20.04 lxc-server
lxc stop lxc-server
rm -rf /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs
mkdir /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs
On Ubuntu 20.04 OpenVZ VM run:
rsync -avz -e ssh --exclude=etc/inittab --exclude=etc/network/interfaces --exclude=dev/ --exclude=sys/ --exclude=proc/ / [email protected]:/var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/
vim /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/etc/network/interfaces
auto lo
iface lo inet loopback
source /etc/network/interfaces.d/*.cfg
mkdir /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/etc/network/interfaces.d/
vim /var/snap/lxd/common/lxd/storage-pools/default/containers/lxc-server/rootfs/etc/network/interfaces.d/eth0.cfg
# The primary network interface
auto eth0
iface eth0 inet dhcp
lxc start lxc-server
For sure you need to stop MySQL/PostgreSQL before rsync or if huge database you can resync database after syncing data from OpenVZ server
apt install keep skip alternatives
To keep php7.2 default
before apt change priority value 72 -> 92 to keep this value biggest
/var/lib/dpkg/alternatives/php
/var/lib/dpkg/alternatives/php-fpm.sock
update-alternatives --query php
Name: php
Link: /usr/bin/php
Slaves:
php.1.gz /usr/share/man/man1/php.1.gz
Status: auto
Best: /usr/bin/php7.2
Value: /usr/bin/php7.2
Alternative: /usr/bin/php7.2
Priority: 92
Slaves:
php.1.gz /usr/share/man/man1/php7.2.1.gz
Alternative: /usr/bin/php7.4
Priority: 74
Slaves:
php.1.gz /usr/share/man/man1/php7.4.1.gz