Blog

OpenBSD & PHP Stuff 7.4

Blog
Install NGINX & PHP pkg_add nginx php--%7.4 rcctl enable nginx php74_fpm Edit php.ini sed -i s'/date.timezone = UTC.*/date.timezone = Europe\/Zurich/' /etc/php-7.4.ini sed -i s'/short_open_tag = Off.*/short_open_tag = On/' /etc/php-7.4.ini Stop 7.3 & Start 7.4 rcctl stop php73_fpm rcctl restart nginx php74_fpm Uninstall PHP 7.3 pkg_del php--%7.3 pkg_del -a sha256: 17490303fe106a6c3a34071338097e6c1aff50c0d4764f1615c0993ce9211bb2

Crontab

Blog
Troubleshooting Crontab Problems Dump the Environement add this line to root’s crontab * * * * * env > ~/cronenv Load the Environement env - `cat /var/log/cronenv` /bin/sh Run your script ./script_with_env_problems.sh and check it’s output … sha256: 5aa695cbd618aad046f6b31e1c05dfc7d41db08fb39cbbbf95b6ac3a468d1f8a

Blog

Blog
sha256: 4b51dc50883c71adda7acc4a58ce9ecd3b53f16e9981485fdbecaef72f09e2fa

OpenBSD with IPSEC -> GIF -> OSFP

Blog, System
Intro Stage two Machines, puffy206 and puffy207 Both Maschines needs static IP Adresses puffy206 Loopback & Gif doas su - cat << 'EOF' > /etc/hostname.lo1 inet 10.0.0.6/32 up EOF cat << 'EOF' > /etc/hostname.gif0 description "Point2Point Interface for OSPF" mtu 1420 10.10.10.6 10.10.10.7 netmask 255.255.255.255 tunnel 192.168.108.206 192.168.108.207 EOF Enable IPSEC & IP Forwarding cat << 'EOF' >> /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.gre.allow=1 EOF rcctl enable ipsec isakmpd rcctl set isakmpd flags -K Create Tunnel Endpoint cat << 'EOF' > /etc/ipsec.

IPSEC with OpenBSD

Blog, System
Intro Stage a few Machines, puffy206 - 209 puffy206 has got a static ip, while puffy207 - 209 got dynamic ip addresses Master, puffy206 Loopback doas su - cat << 'EOF' > /etc/hostname.lo1 inet 10.0.0.6/32 up EOF Enable IPSEC & IP Forwarding cat << 'EOF' >> /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.gre.allow=1 EOF rcctl enable ipsec isakmpd rcctl set isakmpd flags -K Create Tunnel Endpoint cat << 'EOF' > /etc/ipsec.conf ike dynamic esp tunnel from 10.

Tweak Nginx Webserver with limited Client Certificate

Blog
Install NGINX & PHP pkg_add nginx php--%7.3 rcctl enable nginx php73_fpm Edit php.ini sed -i s'/date.timezone = UTC.*/date.timezone = Europe\/Zurich/' /etc/php-7.3.ini sed -i s'/short_open_tag = Off.*/short_open_tag = On/' /etc/php-7.3.ini nginx.conf mkdir /var/log/nginx cat << 'EOF' > /etc/nginx/nginx.conf worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.types; default_type application/octet-stream; index index.php index.html index.htm; keepalive_timeout 65; server_tokens off; proxy_cache_valid any 0s; log_format main '$remote_addr - $ssl_client_serial - [$time_local] - "$request" - $status - $body_bytes_sent'; map $ssl_client_serial $ssl_access { default 0; WFuDgzQBZXV740D3 1; # Hans Muster EDugUslEX1Et90WX 0; # Beat Breu 2DF3C663741296F5 1; # Ruedi Ruessel } # # HTTP -> Redirect to HTTPS # server { listen 80; server_name localhost; access_log logs/host.

Keepalive

Blog
Little Keep Alive … mit freundlicher genehmigung von Kumpel Marc :) #!/usr/bin/env bash FILE="$HOME/scripts/excuses" # Linux or BSD ? nf points to the right binary which numfmt > /dev/null 2>&1 && nf=$(which numfmt) || nf=$(which gnumfmt); # Linux or BSD ? gs points to the right binary which shuf > /dev/null 2>&1 && gs=$(which shuf) || gs=$(which gshuf); if [ ! -e "$FILE" ]; then echo "" echo "$FILE does not exist" echo "##############################################" command -v curl >/dev/null 2>&1 || { echo >&2 "Holy cow!

Librenms on Debian 10.3

Blog, Network
How to Install LibreNMS on Debian https://docs.librenms.org/Installation/Installation-Ubuntu-1804-Apache/ Packages apt-get install acl apache2 borgbackup curl fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc tmate tree tshark unzip vim vnstat wget zip curl apache2 composer fping git graphviz imagemagick python-memcache python-mysqldb rrdtool snmp snmpd whois mariadb-client mariadb-server mtr-tiny nmap libapache2-mod-php7.3 apt-get install php7.3-cli php7.3-curl php7.3-gd php7.3-json php7.3-mbstring php7.3-mysql php7.3-snmp php7.3-xml php7.3-zip add User useradd librenms -d /opt/librenms -M -r usermod -a -G librenms www-data get Git cd /opt git clone https://github.

Smokeping on Debian 10.3

Blog, Network
How to install Smokeping on Debian in 5 Minutes Installer … wget https://puffy.nolink.ch/scripts/smokeping_debian.sh Set Hostname root@smokeping:~# cat /etc/hostname smokeping.planet Install Packages apt-get install apache2 borgbackup curl fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc smokeping tmate tree tshark unzip vim vnstat wget zip Enable Smokeping in Apache cd /etc/apache2/conf-enabled ln -s ../conf-available/smokeping.conf . Enable Module CGI a2enmod cgid systemctl restart apache2 Some Smokeping Fixes mkdir -p /var/run/smokeping Tune General cat << 'EOF' > /etc/smokeping/config.

Openbsd Nginx with Client Authentication

Blog
Requirement Webserver http Webserver https Protected Folder https://egal.com/protected with Client Certificate /etc/httpd.conf # $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $ server "*" { listen on * port 8080 location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 } } /etc/nginx/nginx.conf # Take note of http://wiki.nginx.org/Pitfalls #user www; worker_processes 1; #load_module "modules/ngx_stream_module.so"; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #error_log syslog:server=unix:/dev/log,severity=notice; #pid logs/nginx.pid; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.