System

JC - JSON from CLI

OpenBSD

how to build json from cli

we all like json, do we ? https://kellyjonbrazil.github.io/jc/docs/parsers/ping

add package

doas pkg_add jc

try ping

openbsd-box # ping -c 3 1.1.1.1 |jc --ping -p 2>/dev/null
{
  "destination_ip": "1.1.1.1",
  "data_bytes": 56,
  "pattern": null,
  "destination": "1.1.1.1",
  "packets_transmitted": 3,
  "packets_received": 3,
  "packet_loss_percent": 0.0,
  "duplicates": 0,
  "round_trip_ms_min": 9.219,
  "round_trip_ms_avg": 9.826,
  "round_trip_ms_max": 10.158,
  "round_trip_ms_stddev": 0.43,
  "responses": [
    {
      "type": "reply",
      "bytes": 64,
      "response_ip": "1.1.1.1",
      "icmp_seq": 0,
      "ttl": 59,
      "time_ms": 10.158,
      "duplicate": false
    },
    {
      "type": "reply",
      "bytes": 64,
      "response_ip": "1.1.1.1",
      "icmp_seq": 1,
      "ttl": 59,
      "time_ms": 9.219,
      "duplicate": false
    },
    {
      "type": "reply",
      "bytes": 64,
      "response_ip": "1.1.1.1",
      "icmp_seq": 2,
      "ttl": 59,
      "time_ms": 10.101,
      "duplicate": false
    }
  ]
}

Compatible platforms: linux, darwin, freebsd -> had to redirect the stderr to /dev/null because OpenBSD is not (yet) supported officially…

Ubuntu 20.04 LTS & Netplan

Linux

Assume you got a fresh Machine with DHCP …

Ubuntu with DHCP Config

cat /etc/netplan/01-netcfg.yaml
# This is the network config written by 'subiquity'
network:
  ethernets:
    ens192:
      dhcp4: true
  version: 2

and you’d like to switch to Static IP, ask google how todo it an give try:

Static IP with Netplan

# This is the network config written by 'subiquity'
network:
  version: 2
  ethernets:
    ens192:
      addresses:
      - 1.2.3.4/24
      gateway4: 1.1.1.1
      nameservers:
        addresses:
        - 8.8.8.8
        - 8.8.4.4
        search:
        - world.net

then reboot … and the machine is gone. ok, not really gone, but from IP perspective definitly. it just reboots and come back without default gateway :(

FreeBSD bhyve

FreeBSD

bhyve, pronounced “beehive” is a hypervisor/virtual machine manager for FreeBSD that supports most Intel and AMD processors that report the “POPCNT” (POPulation Count) processor feature in dmesg(8).

Download ISO and boot it

… in a new Virtual Machine …

cat << 'EOF' > run_bhyve.sh
#!/usr/bin/env bash

iso=FreeBSD-13.1-RELEASE-amd64-bootonly.iso
vm=guest.img

# Load Module if needed
kldstat |grep vmm.ko || kldload vmm

ifconfig tap0 create
sysctl net.link.tap.up_on_open=1

ifconfig
ifconfig bridge0 create
ifconfig bridge0 addm vmx0 addm tap0
ifconfig bridge0 create
ifconfig bridge0 up

# Get ISO
test -f $iso || fetch https://download.freebsd.org/releases/amd64/amd64/ISO-IMAGES/13.1/$iso

# Prepare Disk File
test -f $vm || truncate -s 16G $vm

# Boot from ISO
sh /usr/share/examples/bhyve/vmrun.sh -m 1024M -t tap0 -d guest.img -i -I $iso vm001

exit 0
EOF

Set Permission and run it

chmod 700 run_bhyve.sh
./run_bhyve.sh

-> Run Live System or install a brand new System

OpenBSD Compile Custom Kernel

OpenBSD

Let’s Compile a Custom Kernel for OpenBSD … and let’s check if we can tune the Process it with multiple Processors.

get Sources and prepare Custom Kernel

cd /usr/src
ftp https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/sys.tar.gz
tar xfz sys.tar.gz
rm xfz sys.tar.gz
cd /sys/arch/$(uname -m)/conf
cp GENERIC.MP CUSTOM.MP
config CUSTOM.MP
cd ../compile/CUSTOM.MP

-> with config CUSTOM.MP, you can enable disable Components which will be built into your Custom Kernel. Wlan Drives for a VirtualServer, as example, does not make sense.

FreeBSD - Upgrade 13.0 to 13.1

FreeBSD

Upgrade FreeBSD 13.0 to 13.1

should be a easy task, right ?

Patch it first

freebsd-update fetch
freebsd-update install

reboot

may not needed, but you have to boot anyway a few times …

Fetch and Upgrade to 13.1

this needs some time ! depending on your internet speed, and specially to power and filesystem performance of your machine. 20-30min for a common VM is not unreal :(

time freebsd-update upgrade -r 13.1-RELEASE
time freebsd-update install

Reboot

shutdown -r now

Finish Install

freebsd-update install

Final Reboot

shutdown -r now
Any Comments ?

sha256: f5d56eadc5e7a757d4a2af764da5a0446ebb246ce6ea630b158a53dc3a160996

Bootstrap Debian

Linux

Bootstrapping Debian

a little helper how to generate a Debian Template. This time, it’s a VM Hosted on Vultr

New VM

1 CPU, 1GB RAM, 25GB Disk

upload debian-10.9.0-amd64-netinst.iso
boot from iso
install:      (text based)
lang:         english
country:      switzerland
locale:       US (en_US.UTF-8)
keymap:       Swiss German
nic:          ens3
hostname:     template-25G
domain:       your.domain.de
passwd:       xxxxxxxx
user:         firstname lastname / loginame
passwd:       xxxxxxxx
disk:         Guided - entire disk with LVM - (one partition | separate /home | separate /home, /var and /tmp)
              separate partition for large disks
              one partition for smaller disks
write:        yes
disk:         20GB (for guided partitioning), 5GB for Spare
write:        yes
another dvd:  no
mirror:       switzerland, debian.ethz.ch
survey:       no
software:     SSH Server, standard system utilities
grub:         yes, /dev/sda3

remove iso and reboot

login as user, su to root

mkdir /root/.ssh && chmod 600 /root/.ssh
echo "ssh-ed25519 AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

halt -p
-> snapshot template-debian-25G
Any Comments ?

sha256: 5b87992169bc05b44db33f9e79fa557f81844b871c8a7566d94b8bf11841ad32

Bootstrap OpenBSD with Jail Partition

OpenBSD

Bootstrapping VM

This is similar to the previous Post, but with a small difference.

Here, we add an other Partition /jail with 2GB Size. On this Partition, we remove the nodev & nosuid Flag, so we can use this Partition as Root for some Jailed Users. And last but not least, we fireup a new VM, configure a Jailed User and make it Public Available …

VM with 20G Disk

*** Bootstrap OpenBSD 6.8 ***

Bootstrap OpenBSD

OpenBSD

Bootstrapping VM

It’s always good to have Templates. Isn’t it ? Sometime, with a lot of stuff preconfigured and installed. Sometimes, a fresh install without anything (except syspatches). Here a little Helper, how to Build a OpenBSD Template with 20GB, resp. 40GB Disk Size.

This stuff was tested on www.hetzner.de, so you should be able to reproduce it in a few minutes.

Costs: CX11,  1 CPU, 2 GB RAM, 20 GB Disk, 20TB Traffic -> 2.68 Euro/Month
Costs: CPX11, 2 CPU, 2 GB RAM, 40 GB Disk, 20TB Traffic -> 3.76 Euro/Month

If you create an Account, you can use my sponsor link and we both get “a few bucks” to play with …

Gitolite

OpenBSD, System

You wanna host your own Git Repositories ? Have a look at Gitolite. It does all for you :)

Install GitoLite

pkg_add gitolite

Add git user

root@gitserver ~# adduser -silent
Enter username []: git
Enter full name []: git repo user
Enter shell bash csh git-shell ksh nologin sh [ksh]:
Uid [1001]:
Login group git [git]:
Login group is ``git''. Invite git into other groups: guest no
[no]:
Login class authpf bgpd daemon default pbuild staff unbound
[default]:
Enter password []:
Disable password logins for the user? (y/n) [n]: y

Name:        git
Password:    ****
Fullname:    git repo user
Uid:         1001
Gid:         1001 (git)
Groups:      git
Login Class: default
HOME:        /home/git
Shell:       /bin/ksh
OK? (y/n) [y]: y
Added user ``git''
Add another user? (y/n) [y]: n

Basic Setup

Setup Repo, add your key