Blog

Keepalive

Little Keep Alive … mit freundlicher genehmigung von Kumpel Marc :) keepalive.sh #!/usr/bin/env bash FILE="$HOME/scripts/excuses" # Linux or BSD ? nf points to the right binary which numfmt > /dev/null 2>&1 && nf=$(which numfmt) || nf=$(which gnumfmt); # Linux or BSD ? gs points to the right binary which shuf > /dev/null 2>&1 && gs=$(which shuf) || gs=$(which gshuf); if [ ! -e "$FILE" ]; then echo "" echo "$FILE does not exist" echo "##############################################" command -v curl >/dev/null 2>&1 || { echo >&2 "Holy cow!

Librenms on Debian 10.3

How to Install LibreNMS on Debian https://docs.librenms.org/Installation/Installation-Ubuntu-1804-Apache/ Packages apt-get install acl apache2 borgbackup curl fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc tmate tree tshark unzip vim vnstat wget zip curl apache2 composer fping git graphviz imagemagick python-memcache python-mysqldb rrdtool snmp snmpd whois mariadb-client mariadb-server mtr-tiny nmap libapache2-mod-php7.3 apt-get install php7.3-cli php7.3-curl php7.3-gd php7.3-json php7.3-mbstring php7.3-mysql php7.3-snmp php7.3-xml php7.3-zip add User useradd librenms -d /opt/librenms -M -r usermod -a -G librenms www-data get Git cd /opt git clone https://github.

Smokeping on Debian 10.3

How to install Smokeping on Debian in 5 Minutes Installer … wget https://blog.stoege.net/scripts/smokeping_debian.sh Set Hostname root@smokeping:~# cat /etc/hostname smokeping.planet Install Packages apt-get install apache2 borgbackup curl echoping fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc smokeping tmate tree tshark unzip vim vnstat wget zip Enable Smokeping in Apache cd /etc/apache2/conf-enabled ln -s ../conf-available/smokeping.conf . Enable Module CGI a2enmod cgid systemctl restart apache2 Some Smokeping Fixes mkdir -p /var/run/smokeping Tune General cat << 'EOF' > /etc/smokeping/config.

Openbsd Nginx with Client Authentication

Requirement Webserver http Webserver https Protected Folder https://egal.com/protected with Client Certificate /etc/httpd.conf # $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $ server "*" { listen on * port 8080 location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 } } /etc/nginx/nginx.conf # Take note of http://wiki.nginx.org/Pitfalls #user www; worker_processes 1; #load_module "modules/ngx_stream_module.so"; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #error_log syslog:server=unix:/dev/log,severity=notice; #pid logs/nginx.pid; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.

Nginx with Client Certificate

NGINX with Client Certificates root@debian:/etc/nginx/sites-available# server { listen 80; listen [::]:80; server_name host198.planet; root /var/www/host198.planet; access_log /var/log/nginx/host198.planet; index index.html; location / { try_files $uri $uri/ =404; } } server { listen 443 ssl; listen [::]:443 ssl; server_name host198.planet; root /var/www/host198.planet; ssl_certificate /etc/ssl/private/fullchain.crt; ssl_certificate_key /etc/ssl/private/host198.planet.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_client_certificate /etc/ssl/private/ca.crt; ssl_verify_client optional; access_log /var/log/nginx/host198.planet; index index.html; #location / { # try_files $uri $uri/ =404; #} location / { # if the client-side certificate failed to authenticate, show a 403 # message to the client if ($ssl_client_verify !

Proxmox

Running a Promox Cluster with CEPH. Here a few Commands to figure out the Status of CEPH ceph status ceph osd status pveceph lspools ceph pg dump Manual Backup vzdump 777 --dumpdir /mnt/backup --mode snapshot Manual Restore qmrestore /mnt/backup/vzdump-qemu-777.vma 777 Proxmox Performance Overview Intel Nuc I5, 32GB RAM, 500GB SSD root@nuc:~# pveperf CPU BOGOMIPS: 36799.44 REGEX/SECOND: 3927398 HD SIZE: 93.99 GB (/dev/mapper/pve-root) BUFFERED READS: 522.34 MB/sec AVERAGE SEEK TIME: 0.11 ms FSYNCS/SECOND: 1588.

Rancid

Voraussetzungen login mit ssh und key auf den switch braucht ein “enable” command ohne passwort, um in den enable mode zu gelangen .cloginrc add user * backupuser add password * es-ist-egal-was-hier-steht add method * ssh add identity * /var/rancid/.ssh/id_ed25519 add autoenable * 0 Update clogin File /usr/local/bin/clogin # Figure out passwords if { $do_passwd || $do_enapasswd } { set pswd [find password $router] if { [llength $pswd] == 0 } { send_user -- "\nError: no password for $router in $password_file.

Dhcpcd

IPv6 Client mit OpenBSD Stateless Autoconfig ifconfig vether0 slaacd falls der Router im RA ein “Managed Address Configuration: Set” schickt, muss der Client eine DHCPv6 Anfrage an den DHCPv6 Server schicken. OpenBSD hat das im Base System nicht drin, drum installieren wird den Client pkg_add dhcpcd umweg ~# cat /etc/dhcpcd.conf ipv6only noipv6rs duid persistent option rapid_commit require dhcp_server_identifier # disable running any hooks; not typically required for simple DHCPv6-PD setup script "" # List interfaces explicitly so that dhcpcd doesn't touch others allowinterfaces vether0 interface vether0 # the following two lines tell dhcpcd to do router solicitation # itself.

Update_hugo

how to update hugo you can use ports (pkg_add hugo) and get the lastest stable hugo package based on OpenBSD release cycles (2 x year), or grab the latest binary from github and put it on your machine. Releases: https://github.com/gohugoio/hugo/releases cd /tmp ftp https://github.com/gohugoio/hugo/releases/download/v0.62.0/hugo_0.62.0_OpenBSD-64bit.tar.gz tar xfz hugo_0.62.0_OpenBSD-64bit.tar.gz doas mv hugo /usr/local/bin/ or find latest automatically doas su - cd /tmp/ u=$(lynx -dump -listonly https://github.com/gohugoio/hugo/releases/latest |grep "OpenBSD-64bit" |sed 's/.*https/https/') f=$(echo $u |sed 's/.

Migrate Packages from Host A to Host B

How to migrate all Packages Got several Packages installed on Host A and you would like to migrate them to Host B ? That’s easy :) Extract on Host A pkg_info -mz | tee list ansible-- bash-- ... vnstat-- wget-- scp list HostB:/tmp/ Import on Host B doas pkg_add -l /tmp/list Oneline or you can simple do it in one line, although there are two commands. copy and install target="host.world"; pkg_info -mz |ssh ${target} "cat > /tmp/list"; ssh ${target} "pkg_add -l /tmp/list" TwoWaySync Assume, you have two Hosts with different Packages installed, and you wanna have all Packages installed on both Hosts.