WereDoku

User Tools

Site Tools

Trace: linux_skodi
linux_skodi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
linux_skodi [2020/01/28 22:04]
ww [Práce s virtuálkami] 		linux_skodi [2024/06/13 15:31] (current)
ww
Line 22: Line 22:
  
 <code bash> <code bash>
-certbot certonly --webroot -w /var/www/example.com/web -d example.com -d www.example.com \ +certbot certonly 
- -m hostmaster@example.com [--dry-run]+ --webroot 
 + -w /var/www/example.com/web 
 + -d example.com 
 + -d www.example.com \ 
 + -m hostmaster@example.com 
 + [--dry-run]
 </code> </code>
  
Line 94: Line 99:
         addresses: [1.1.1.1,9.9.9.9]         addresses: [1.1.1.1,9.9.9.9]
 </code> </code>
 +
 +Seznam typů OS
 +<code bash>osinfo-query os</code>
 +
  
 Vytvořit virtuálku Vytvořit virtuálku
Line 194: Line 203:
 === Automatické spouštění virtuálky po startu === === Automatické spouštění virtuálky po startu ===
 <code bash>virsh autostart jmenovirtualky</code> <code bash>virsh autostart jmenovirtualky</code>
 +
 +=== Seznam virtuálek, které se automaticky spouštějí po startu ===
 +<code>virsh list --all --autostart</code>
  
 === Odstranění virtuálky === === Odstranění virtuálky ===
Line 223: Line 235:
 Doplnit do ''/etc/environment'', nebo ''.bashrc'', nebo ''/etc/profile''): Doplnit do ''/etc/environment'', nebo ''.bashrc'', nebo ''/etc/profile''):
 <code>LIBVIRT_DEFAULT_URI='qemu:///system'</code> <code>LIBVIRT_DEFAULT_URI='qemu:///system'</code>
 +
 +=== Import OVA ===
 +<code>qemu-img convert -O qcow2 puvodni-image.ova novy-image.qcow2</code>
  
 ---- ----
 +
 +===== SMTP relay pro tupé tiskárny =====
 +
 +  - ''apt install libsasl2-modules postfix''.
 +  - Nastavit postfix jako "Internet site", zvolit FQDN hostname (třeba ''debian.int.nazevfirmy.cz'').
 +  - Vytvořit soubor ''etc/postfix/sasl_passwd'' a do něj napsat:
 +    - ''[mail.isp.example]:587 username:password''.
 +  - Spustit ''postmap /etc/postfix/sasl_passwd'' - vytvoří se ''/etc/postfix/sasl_passwd.db''.
 +  - Nastavit práva pro ''sasl_passwd.db'':
 +    - ''chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db''
 +    - ''chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db''
 +  - Upravit ''/etc/postfix/main.cf'':
 +    - Přidat/upravit: ''relayhost = [mail.isp.example]:587''
 +    - Do ''mynetworks='' přidat IP adresu/rozsah, ze kterých bude postfix přijímat poštu jako submission (IP adresu přidat s prefixem ''/32'', tj. třeba ''10.0.0.5/32'').
 +    - Na konec konfiguráku připsat: <code>
 +# enable SASL authentication
 +smtp_sasl_auth_enable = yes
 +# disallow methods that allow anonymous authentication.
 +smtp_sasl_security_options = noanonymous
 +# where to find sasl_passwd
 +smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 +# Enable STARTTLS encryption
 +smtp_use_tls = yes
 +# where to find CA certificates
 +smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
 +</code>
 +  - Restart postfix
 +  - ???
 +  - Profit
 +
 +**Důležité**:
 +  - U Office 365 je při posílání mailu potřeba mít "''From:''" nastaveno na odesílatele z dané domény.
 +
 +Otestování konfigurace
 +  * ''echo "body of your email" | mail -s "This is a Subject" -a "From: sender@example.com" recipient@elsewhere.com''
 +Variantně přes balík ''s-nail'', který umí specifikovat jiný SMTP server než výchozí pro systém:
 +  - <code>cat ~/.mailrc
 +set mta=smtp://ip-adresa-smtp-serveru</code>
 +  - ''echo "body of your email" | s-nail -r "sender@example.com" -s "This is a Subject" recipient@elsewhere.com''
 +
 +Zdroj: https://www.linode.com/docs/email/postfix/postfix-smtp-debian7/
 +
 +----
 +
 +===== Borg Backup =====
 +
 +<code bash>
 +#!/bin/sh
 +
 +# Setting this, so the repo does not need to be given on the commandline:
 +export BORG_REPO=ssh://<hostname>:50022/<remote_location>/borg
 +
 +export BORG_PASSPHRASE="<passphrase>"
 +
 +# some helpers and error handling:
 +info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
 +trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM
 +
 +info "Starting backup"
 +
 +# Backup the most important directories into an archive named after
 +# the machine this script is currently running on:
 +
 +borg create                         \
 +    --verbose                       \
 +    --filter AME                    \
 +    --list                          \
 +    --show-rc                       \
 +    --stats                         \
 +    --compression lz4               \
 +    --exclude-caches                \
 +    --exclude '/home/*/.cache/*'    \
 +    --exclude '/home/*/.local/lib/python*' \
 +    --exclude '/var/cache/*'        \
 +    --exclude '/var/lib/docker/*'   \
 +    --exclude '/var/tmp/*'          \
 +    --exclude '*.git'               \
 +                                    \
 +    ::'{hostname}-{now}'            \
 +    /etc                            \
 +    /home                           \
 +    /root                           \
 +    /var                            \
 +
 +backup_exit=$?
 +
 +info "Pruning repository"
 +
 +# Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly
 +# archives of THIS machine. The '{hostname}-' prefix is very important to
 +# limit prune's operation to this machine's archives and not apply to
 +# other machines' archives also:
 +
 +borg prune                          \
 +    --list                          \
 +    --prefix '{hostname}-'          \
 +    --show-rc                       \
 +    --keep-daily    7               \
 +    --keep-weekly                 \
 +    --keep-monthly  12              \
 +
 +prune_exit=$?
 +
 +# use highest exit code as global exit code
 +global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit ))
 +
 +if [ ${global_exit} -eq 1 ];
 +then
 +    info "Backup and/or Prune finished with a warning"
 +fi
 +
 +if [ ${global_exit} -gt 1 ];
 +then
 +    info "Backup and/or Prune finished with an error"
 +fi
 +
 +exit ${global_exit}
 +
 +</code>
 +
 +----
 +
 +===== fstab - příklad =====
 +
 +<code>
 +fstab
 +
 +# <file system>                            <mount point>        <type> <options> <dump> <pass>
 +proc                                       /proc                proc   defaults  0      0
 +
 +UUID=27d259c9-f4a8-4749-b8a7-b9a0f019a3c4  /mnt/ext-usb-4tb     ext4   defaults  0      0
 +</code>
 +
 +----
 +
 +===== Docker =====
 +
 +=== Instalace Ubuntu ===
 +<code>
 +# Adding an ASCII Armored key (.asc key)
 +curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
 +gpg --dearmor | \
 +sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > \
 +/dev/null
 +
 +# Or if you prefer a one-liner
 +curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null
 +
 +# Breakdown of each part
 +#
 +# curl             downloads the key 
 +# gpg --dearmor    creates a binary .gpg because /usr/share/keyrings cannot take .asc keys
 +# sudo tee         because we get permission denied if we try redirect the output of a sudo command
 +# /dev/null        we don't need to see the dearmored keyring on the console
 +</code>
 +
 +<code>
 +echo \
 +"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \ 
 +sudo tee /etc/apt/sources.list.d/docker-ce.list > \
 +/dev/null
 +
 +
 +# Of if you prefer a one-liner
 +echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null
 +</code>
 +
 +=== One-time rychlovka bouračka ===
 +<code bash>docker run -it --rm -v /home/user/temp/docker:/qemu-temp debian /bin/bash</code>
 +(''-v cesta_venku:cesta_uvnitr'')
 +
 +===== Výpis síťových zařízení =====
 +
 +<code># lshw -C network -short
 +
 +H/W path                  Device          Class          Description
 +====================================================================
 +/0/100/1.2/0/4/         enp38s0         network        I210 Gigabit Network Connection
 +/0/100/1.2/0/5/         enp39s0         network        I210 Gigabit Network Connection
 +/0/100/3.1/             enp45s0         network        AQC107 NBase-T/IEEE 802.3bz Ethernet Controller [AQtion]
 +/0/100/3.2/             enp46s0         network        MT27500 Family [ConnectX-3]
 +/4                        enp46s0d1       network        MT27500 Family [ConnectX-3]</code>
 +
 +===== Rychlost síťových rozhraní =====
 +
 +<code>sudo ethtool eth0 | grep Speed</code>
 +
 +===== Shellovinky =====
 +
 +=== Poslání mailu z shellu, specifikace odesílatele ("From:") ===
 +<code bash>mail -s 'Some Subject' -r 'First Last <you@example.com>' recipient@example.net</code>
 +
 +=== rsync ===
 +<code bash>time rsync -avP --exclude '.recycle' /zdrojovy/adresar/ /cilovy/adresar/</code>
linux_skodi.1580245442.txt.gz · Last modified: 2022/03/16 09:38 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki