mkdir ~/.kube
sudo k3s kubectl config view –raw | tee ~/.kube/config
chmod 600 ~/.kube/config
mysql 8 reset root password ubuntu
systemctl stop mysql.service
systemctl set-environment MYSQLD_OPTS=”–skip-networking –skip-grant-tables”
systemctl start mysql.service
ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘the-new-password’;
flush privileges;
systemctl unset-environment MYSQLD_OPTS
systemctl revert mysql.service
systemctl restart mysql.service
docker ubuntu systemctl in container
docker run \
--tty \
--privileged \
--volume /sys/fs/cgroup:/sys/fs/cgroup:ro \
robertdebock/ubuntu
Elasticsearch settings for single-node cluster
Update default template:
curl -X PUT http://localhost:9200/_template/default -H ‘Content-Type: application/json’ -d ‘{“index_patterns”: [“*”],”order”: -1,”settings”: {“number_of_shards”: “1”,”number_of_replicas”: “0”}}’
If yellow indices exist, you can update them with:
curl -X PUT http://localhost:9200/_settings -H ‘Content-Type: application/json’ -d ‘{“index”: {“number_of_shards”: “1”,”number_of_replicas”: “0”}}’
If error: {“error”:{“root_cause”:[{“type”:”cluster_block_exception”,”reason”:”blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];”}],”type”:”cluster_block_exception”,”reason”:”blocked by: [FORBIDDEN/12/index read-only / allow delete (api)];”},”status”:403}
curl -X PUT http://localhost:9200/_settings -H ‘Content-Type: application/json’ -d ‘{“index”: {“blocks”: {“read_only_allow_delete”: “false”}}}’
Device /dev/sdb excluded by a filter.
vgextend my-lv /dev/sdb
Device /dev/sdb excluded by a filter.
wipefs -a /dev/sdb
/dev/sdb: 8 bytes were erased at offset 0x00000200 (gpt): 45 46 49 20 50 41 52 54
/dev/sdb: 8 bytes were erased at offset 0x77ffffe00 (gpt): 45 46 49 20 50 41 52 54
/dev/sdb: 2 bytes were erased at offset 0x000001fe (PMBR): 55 aa
vgextend my-lv /dev/sdb
Physical volume “/dev/sdb” successfully created.
Volume group “my-lv” successfully extended
ubuntu install rabbitmq
curl -1sLf ‘https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-erlang/setup.deb.sh’ | sudo -E bash
curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | sudo bash
apt install rabbitmq-server
fortinet set default gw cli
Fortinet_Lab # config router static
Fortinet_Lab (static) # edit 1
new entry ‘1’ added
Fortinet_Lab (1) # set gateway 10.80.144.1
Fortinet_Lab (1) # set dst 0.0.0.0/0
Fortinet_Lab (1) # set device port1
Fortinet_Lab (1) # end
ansible create user and upload ssh key
---
- hosts: all_servers
vars:
ansible_python_interpreter: auto_legacy_silent
users:
- "user1"
- "user2"
- "user2"
tasks:
- name: "Ensure group admin exists"
group:
name: admin
state: present
- name: "Create user accounts"
user:
name: "{{ item }}"
groups: "admin"
shell: /bin/bash
with_items: "{{ users }}"
- name: "Add authorized keys"
authorized_key:
user: "{{ item }}"
key: "{{ lookup('file', 'files/'+ item + '.pub') }}"
with_items: "{{ users }}"
- name: "Allow admin users to sudo without a password"
lineinfile:
dest: "/etc/sudoers" # path: in version 2.3
state: "present"
regexp: "^%admin"
line: "%admin ALL=(ALL) NOPASSWD: ALL"
Create SSH user keys in files directory:
ssh-keygen -t rsa -f ~/files/user1.pub -C user1
ssh-keygen -t rsa -f ~/files/user2.pub -C user2
ssh-keygen -t rsa -f ~/files/user3.pub -C user3
Run ansible yaml:
ansible-playbook users_create.yaml
That will create 3 users in all_servers group with sudo privileges.
ssh keygen set name
ssh-keygen -t rsa -f ~/some_folder/username -C username
nmap arp scan free ips
nmap -v -sn -n 192.168.0.0/24 -oG - | awk '/Status: Down/{print $2}'
linux find deleted files still open
lsof -a +L1 /var/lib/some/app
ncdu white background
ncdu disable black
export NO_COLOR=1
ncdu /root
debug filebeat
filebeat -c config.yml -e -d “*”
ispconfig 8080 enable ssl
cd /usr/local/ispconfig/interface/ssl/ mv ispserver.crt ispserver.crt-$(date +"%y%m%d%H%M%S").bak mv ispserver.key ispserver.key-$(date +"%y%m%d%H%M%S").bak mv ispserver.pem ispserver.pem-$(date +"%y%m%d%H%M%S").bak ln -s /var/www/clients/client0/webXXX/ssl/`hostname -f`-le.crt ispserver.crt ln -s /var/www/clients/client0/webXXX/ssl/`hostname -f`-le.key ispserver.key cat ispserver.{key,crt} > ispserver.pem chmod 600 ispserver.pem
Where XXX web number
nginx self signed
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt