Create VLAN bridge under Linux (trunk, IEEE 802.1Q)

# /etc/network/interfaces
auto lo
iface lo inet loopback
 
auto eth0
iface eth0 inet manual
 
auto br0
iface br0 inet static
    address 10.0.6.12
    netmask 255.255.255.0
    gateway 10.0.6.1
    dns-nameservers 10.0.0.100 10.0.1.101
    dns-search example.com
    dns-domain example.com
    bridge_ports eth0
 
 
# VLAN 10
auto vlan10
iface vlan10 inet manual
    vlan-raw-device br0
 
auto br10
iface br10 inet manual
    bridge_ports vlan10
 
 
# VLAN 22
auto vlan22
iface vlan22 inet manual
    vlan-raw-device br0
 
auto br22
iface br22 inet manual
    bridge_ports 

Nginx access control / GeoIP

cat < /etc/nginx/conf.d/geoip.conf
geoip_country /usr/share/GeoIP/GeoIP.dat;

map $geoip_country_code $allowed_country {
default no;
DE yes;
CH yes;
}

log_format allow "allow $remote_addr;";
EOF
chmod 644 /etc/nginx/conf.d/geoip.conf

cat < /usr/local/bin/nginx-allow
#!/bin/bash

while inotifywait --quiet --event create,delete --exclude "[^c][^o][^n][^f]$" /tmp
do
/usr/sbin/nginx -t && /usr/sbin/service nginx reload
done
EOF
chmod 755 /usr/local/bin/nginx-allow

cat < /etc/systemd/system/nginx-allow.service
[Unit]

Wildfly

configuration
/opt/wildfly/standalone/configuration/standalone.xml

CLI
ssh -X wildfly.example.com /opt/wildfly/bin/jboss-cli.sh --gui

/opt/wildfly/bin/jboss-cli.sh --connect

/subsystem=datasources/data-source=ExampleDS/:remove

# sdd postgres driver
/subsystem=datasources/jdbc-driver=postgres:add(driver-name=postgres,driver-module-name=org.postgresql,driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)

# add datasource

VMware Player

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.vmware-player.sh -O - | bash -

#!/bin/bash

URL=https://download3.vmware.com/software/player/file/VMware-Player-14.0.0-6661328.x86_64.bundle

# download
wget -q ${URL} -O /tmp/${URL##*/}

# install
sudo /tmp/${URL##*/} --console --required --eulas-agreed

sudo apt-get install -y open-vm-tools

Links
https://docs.vmware.com/en/VMware-Workstation-Player/12.0/com.vmware.player.linux.using.doc/GUID-42F4754B-7547-4A4D-AC08-353D321A051B.html

Install ProjectLibre under Ubuntu

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.projectlibre.sh -O - | bash -

#!/bin/bash

URL=https://downloads.sourceforge.net/project/projectlibre/ProjectLibre/1.7/projectlibre_1.7.0-1.deb

# install Java JRE
wget -q https://raw.githubusercontent.com/panticz/installit/master/install.java-jdk.sh -O - | bash -

# download
wget -q ${URL} -O /tmp/${URL##*/}

# install
sudo dpkg -i /tmp/${URL##*/}

Links
https://sourceforge.net/projects/projectlibre/files/ProjectLibre/

Network bonding

apt install -y ifenslave
 
# /etc/network/interfaces
...
auto eth0
iface eth0 inet manual
    bond-master bond0
 
auto eth1
iface eth1 inet manual
    bond-master bond0
 
auto bond0
iface bond0 inet static
    address 192.168.1.225
    netmask 255.255.255.0
    network 192.168.1.0
    broadcast 192.168.1.255
    gateway 192.168.1.1
    dns-nameservers 192.168.1.1
    bond-miimon 100
    bond-downdelay 200
    bond-updelay 200
    bond-mode 1
    bond-slaves none
 
# state
cat /proc/net/bonding/bond0
 
cat /sys/class/net/bond0/bonding/slaves 
eth1 eth0
 
cat /sys/class

APT offline update

#!/bin/bash

TARGET=/tmp/apt

# check parameter
if [ ! -z $1 ]; then
    PACKAGES="${@:1}"
else
    echo "Packagelist missing"
    echo "USAGE: $0 <package1> [<package2>]"
    exit 1
fi

# create required directory
echo "Package offline mirror: ${TARGET}"
[ -d ${TARGET} ] || mkdir ${TARGET}


# ensure that required pakages are installed
for APP in dpkg-dev genisoimage; do
    dpkg-query -W ${APP} > /dev/null 2>&1 || sudo apt-get install -y ${APP}
done

# download packages
cd ${TARGET}
apt-get download $(apt-cache depends \
    --recurse \
    --no-recommends \
    --no-suggests \
    --no-conflicts \
    --no-breaks \
    --no-replaces \
    --no-enhances \
    --no-pre-depends \
    ${PACKAGES} | grep "^\w")

# build package list
dpkg-scanpackages ${TARGET} > /dev/null 2>&1 | gzip -9c > ${TARGET}/Packages.gz

# build iso image
genisoimage -quiet -rock -output ${TARGET}/apt.$(lsb_release -sr).iso ${TARGET}/*.{deb,gz}
echo "ISO image: ${TARGET}/apt.$(lsb_release -sr).iso"

Links
https://gist.github.com/jeanlescure/084dd6113931ea5a0fd9#file-readme-md

SNMP: Linux software RAID state

Compile snmp-swraid
apt-get install -y git make build-essential libsnmp-dev
export GIT_SSL_NO_VERIFY=true
git clone https://github.com/jrossi/snmp-swraid.git /tmp/snmp-swraid
cd /tmp/snmp-swraid
make

tar cjf snmp-swraid.ubuntu-$(lsb_release -sr).tar.bz2 SWRAID-MIB.txt swRaidPlugin.so

# install
apt-get install -y snmpd snmp-mibs-downloader
wget -q http://dl.panticz.de/snmp-swraid/snmp-swraid.ubuntu-$(lsb_release -sr).tar.bz2 -O /tmp/snmp-swraid.ubuntu.tar.bz2
tar xjf /tmp/snmp-swraid.ubuntu.tar.bz2 -C /tmp
cp /tmp/SWRAID-MIB.txt $(find /var/lib -name ietf)

Syndicate content