Differences

This shows you the differences between two versions of the page.

--- linux_skodi [2020/01/28 22:14]
ww [Práce s virtuálkami]
+++ linux_skodi [2024/06/13 15:31] (current)
ww
@@ Line 22: / Line 22: @@
 <code bash>
-certbot certonly --webroot -w /var/www/example.com/web -d example.com -d www.example.com \
+certbot certonly \
- -m hostmaster@example.com [--dry-run]
+ --webroot \
+ -w /var/www/example.com/web \
+ -d example.com \
+ -d www.example.com \
+ -m hostmaster@example.com \
+ [--dry-run]
 </code>
@@ Line 94: / Line 99: @@
         addresses: [1.1.1.1,9.9.9.9]
 </code>
+Seznam typů OS
+<code bash>osinfo-query os</code>
 Vytvořit virtuálku
@@ Line 231: / Line 240: @@
 ----
+===== SMTP relay pro tupé tiskárny =====
+  - ''apt install libsasl2-modules postfix''.
+  - Nastavit postfix jako "Internet site", zvolit FQDN hostname (třeba ''debian.int.nazevfirmy.cz'').
+  - Vytvořit soubor ''etc/postfix/sasl_passwd'' a do něj napsat:
+    - ''[mail.isp.example]:587 username:password''.
+  - Spustit ''postmap /etc/postfix/sasl_passwd'' - vytvoří se ''/etc/postfix/sasl_passwd.db''.
+  - Nastavit práva pro ''sasl_passwd.db'':
+    - ''chown root:root /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db''
+    - ''chmod 0600 /etc/postfix/sasl_passwd /etc/postfix/sasl_passwd.db''
+  - Upravit ''/etc/postfix/main.cf'':
+    - Přidat/upravit: ''relayhost = [mail.isp.example]:587''
+    - Do ''mynetworks='' přidat IP adresu/rozsah, ze kterých bude postfix přijímat poštu jako submission (IP adresu přidat s prefixem ''/32'', tj. třeba ''10.0.0.5/32'').
+    - Na konec konfiguráku připsat: <code>
+# enable SASL authentication
+smtp_sasl_auth_enable = yes
+# disallow methods that allow anonymous authentication.
+smtp_sasl_security_options = noanonymous
+# where to find sasl_passwd
+smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+# Enable STARTTLS encryption
+smtp_use_tls = yes
+# where to find CA certificates
+smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
+</code>
+  - Restart postfix
+  - ???
+  - Profit
+**Důležité**:
+  - U Office 365 je při posílání mailu potřeba mít "''From:''" nastaveno na odesílatele z dané domény.
+Otestování konfigurace
+  * ''echo "body of your email" | mail -s "This is a Subject" -a "From: sender@example.com" recipient@elsewhere.com''
+Variantně přes balík ''s-nail'', který umí specifikovat jiný SMTP server než výchozí pro systém:
+  - <code>cat ~/.mailrc
+set mta=smtp://ip-adresa-smtp-serveru</code>
+  - ''echo "body of your email" | s-nail -r "sender@example.com" -s "This is a Subject" recipient@elsewhere.com''
+Zdroj: https://www.linode.com/docs/email/postfix/postfix-smtp-debian7/
+----
+===== Borg Backup =====
+<code bash>
+#!/bin/sh
+# Setting this, so the repo does not need to be given on the commandline:
+export BORG_REPO=ssh://<hostname>:50022/<remote_location>/borg
+export BORG_PASSPHRASE="<passphrase>"
+# some helpers and error handling:
+info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
+trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM
+info "Starting backup"
+# Backup the most important directories into an archive named after
+# the machine this script is currently running on:
+borg create                         \
+    --verbose                       \
+    --filter AME                    \
+    --list                          \
+    --show-rc                       \
+    --stats                         \
+    --compression lz4               \
+    --exclude-caches                \
+    --exclude '/home/*/.cache/*'    \
+    --exclude '/home/*/.local/lib/python*' \
+    --exclude '/var/cache/*'        \
+    --exclude '/var/lib/docker/*'   \
+    --exclude '/var/tmp/*'          \
+    --exclude '*.git'               \
+                                    \
+    ::'{hostname}-{now}'            \
+    /etc                            \
+    /home                           \
+    /root                           \
+    /var                            \
+backup_exit=$?
+info "Pruning repository"
+# Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly
+# archives of THIS machine. The '{hostname}-' prefix is very important to
+# limit prune's operation to this machine's archives and not apply to
+# other machines' archives also:
+borg prune                          \
+    --list                          \
+    --prefix '{hostname}-'          \
+    --show-rc                       \
+    --keep-daily    7               \
+    --keep-weekly   4               \
+    --keep-monthly  12              \
+prune_exit=$?
+# use highest exit code as global exit code
+global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit ))
+if [ ${global_exit} -eq 1 ];
+then
+    info "Backup and/or Prune finished with a warning"
+fi
+if [ ${global_exit} -gt 1 ];
+then
+    info "Backup and/or Prune finished with an error"
+fi
+exit ${global_exit}
+</code>
+----
+===== fstab - příklad =====
+<code>
+fstab
+# <file system>                            <mount point>        <type> <options> <dump> <pass>
+proc                                       /proc                proc   defaults  0      0
+UUID=27d259c9-f4a8-4749-b8a7-b9a0f019a3c4  /mnt/ext-usb-4tb     ext4   defaults  0      0
+</code>
+----
+===== Docker =====
+=== Instalace Ubuntu ===
+<code>
+# Adding an ASCII Armored key (.asc key)
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | \
+gpg --dearmor | \
+sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > \
+/dev/null
+# Or if you prefer a one-liner
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-ce-archive-keyring.gpg > /dev/null
+# Breakdown of each part
+#
+# curl             downloads the key
+# gpg --dearmor    creates a binary .gpg because /usr/share/keyrings cannot take .asc keys
+# sudo tee         because we get permission denied if we try redirect the output of a sudo command
+# /dev/null        we don't need to see the dearmored keyring on the console
+</code>
+<code>
+echo \
+"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
+sudo tee /etc/apt/sources.list.d/docker-ce.list > \
+/dev/null
+# Of if you prefer a one-liner
+echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-ce-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker-ce.list > /dev/null
+</code>
+=== One-time rychlovka bouračka ===
+<code bash>docker run -it --rm -v /home/user/temp/docker:/qemu-temp debian /bin/bash</code>
+(''-v cesta_venku:cesta_uvnitr'')
+===== Výpis síťových zařízení =====
+<code># lshw -C network -short
+H/W path                  Device          Class          Description
+====================================================================
+/0/100/1.2/0/4/0          enp38s0         network        I210 Gigabit Network Connection
+/0/100/1.2/0/5/0          enp39s0         network        I210 Gigabit Network Connection
+/0/100/3.1/0              enp45s0         network        AQC107 NBase-T/IEEE 802.3bz Ethernet Controller [AQtion]
+/0/100/3.2/0              enp46s0         network        MT27500 Family [ConnectX-3]
+/4                        enp46s0d1       network        MT27500 Family [ConnectX-3]</code>
+===== Rychlost síťových rozhraní =====
+<code>sudo ethtool eth0 | grep Speed</code>
+===== Shellovinky =====
+=== Poslání mailu z shellu, specifikace odesílatele ("From:") ===
+<code bash>mail -s 'Some Subject' -r 'First Last <you@example.com>' recipient@example.net</code>
+=== rsync ===
+<code bash>time rsync -avP --exclude '.recycle' /zdrojovy/adresar/ /cilovy/adresar/</code>

WereDoku

User Tools

Site Tools

Differences

Page Tools