Blog

Smokeping in 5min, with Dual Stack on Nginx All in one Installer Run it at your own risk … wget https://puffy.nolink.ch/scripts/smokeping_debian3.sh chmod 700 smokeping_debian3.sh ./smokeping_debian3.sh or Setup by Hand Install Packages apt-get install borgbackup curl echoping fcgiwrap fping hping3 htop lynx mlocate mtr nginx rsync smokeping tmate tree tshark unzip vim vnstat wget zip Configure Nginx export MYSITENAME="smokeping.planet.world" wget "https://github.com/vazhnov/smokeping_nginx/raw/master/best.conf" sed -i -- s/smokeping\.example\.com/${MYSITENAME}/g best.conf sudo chown root: best.conf sudo mv best.

How to install Smokeping on Debian in 5 Minutes with Dualstack, IPv4 and IPv6 All in one Installer Run it at your own risk … wget https://puffy.nolink.ch/scripts/smokeping_debian2.sh chmod 700 smokeping_debian2.sh ./smokeping_debian2.sh or Setup by Hand Set Hostname root@smokeping:~# cat /etc/hostname smokeping.planet Install Packages apt-get install apache2 borgbackup curl echoping fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc smokeping tmate tree tshark unzip vim vnstat wget zip Enable Smokeping in Apache cd /etc/apache2/conf-enabled ln -s .

Install NGINX & PHP pkg_add nginx php--%7.4 rcctl enable nginx php74_fpm Edit php.ini sed -i s'/date.timezone = UTC.*/date.timezone = Europe\/Zurich/' /etc/php-7.4.ini sed -i s'/short_open_tag = Off.*/short_open_tag = On/' /etc/php-7.4.ini Stop 7.3 & Start 7.4 rcctl stop php73_fpm rcctl restart nginx php74_fpm Uninstall PHP 7.3 pkg_del php--%7.3 pkg_del -a sha256: 17490303fe106a6c3a34071338097e6c1aff50c0d4764f1615c0993ce9211bb2

Troubleshooting Crontab Problems Dump the Environement add this line to root’s crontab * * * * * env > ~/cronenv Load the Environement env - `cat /var/log/cronenv` /bin/sh Run your script ./script_with_env_problems.sh and check it’s output … sha256: 5aa695cbd618aad046f6b31e1c05dfc7d41db08fb39cbbbf95b6ac3a468d1f8a

sha256: 4b51dc50883c71adda7acc4a58ce9ecd3b53f16e9981485fdbecaef72f09e2fa

Intro Stage two Machines, puffy206 and puffy207 Both Maschines needs static IP Adresses puffy206 Loopback & Gif doas su - cat << 'EOF' > /etc/hostname.lo1 inet 10.0.0.6/32 up EOF cat << 'EOF' > /etc/hostname.gif0 description "Point2Point Interface for OSPF" mtu 1420 10.10.10.6 10.10.10.7 netmask 255.255.255.255 tunnel 192.168.108.206 192.168.108.207 EOF Enable IPSEC & IP Forwarding cat << 'EOF' >> /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.gre.allow=1 EOF rcctl enable ipsec isakmpd rcctl set isakmpd flags -K Create Tunnel Endpoint cat << 'EOF' > /etc/ipsec.

Intro Stage a few Machines, puffy206 - 209 puffy206 has got a static ip, while puffy207 - 209 got dynamic ip addresses Master, puffy206 Loopback doas su - cat << 'EOF' > /etc/hostname.lo1 inet 10.0.0.6/32 up EOF Enable IPSEC & IP Forwarding cat << 'EOF' >> /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.gre.allow=1 EOF rcctl enable ipsec isakmpd rcctl set isakmpd flags -K Create Tunnel Endpoint cat << 'EOF' > /etc/ipsec.conf ike dynamic esp tunnel from 10.

Install NGINX & PHP pkg_add nginx php--%7.3 rcctl enable nginx php73_fpm Edit php.ini sed -i s'/date.timezone = UTC.*/date.timezone = Europe\/Zurich/' /etc/php-7.3.ini sed -i s'/short_open_tag = Off.*/short_open_tag = On/' /etc/php-7.3.ini nginx.conf mkdir /var/log/nginx cat << 'EOF' > /etc/nginx/nginx.conf worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.types; default_type application/octet-stream; index index.php index.html index.htm; keepalive_timeout 65; server_tokens off; proxy_cache_valid any 0s; log_format main '$remote_addr - $ssl_client_serial - [$time_local] - "$request" - $status - $body_bytes_sent'; map $ssl_client_serial $ssl_access { default 0; WFuDgzQBZXV740D3 1; # Hans Muster EDugUslEX1Et90WX 0; # Beat Breu 2DF3C663741296F5 1; # Ruedi Ruessel } # # HTTP -> Redirect to HTTPS # server { listen 80; server_name localhost; access_log logs/host.

Little Keep Alive … mit freundlicher genehmigung von Kumpel Marc :) #!/usr/bin/env bash FILE="$HOME/scripts/excuses" # Linux or BSD ? nf points to the right binary which numfmt > /dev/null 2>&1 && nf=$(which numfmt) || nf=$(which gnumfmt); # Linux or BSD ? gs points to the right binary which shuf > /dev/null 2>&1 && gs=$(which shuf) || gs=$(which gshuf); if [ ! -e "$FILE" ]; then echo "" echo "$FILE does not exist" echo "##############################################" command -v curl >/dev/null 2>&1 || { echo >&2 "Holy cow!

How to Install LibreNMS on Debian https://docs.librenms.org/Installation/Installation-Ubuntu-1804-Apache/ Packages apt-get install acl apache2 borgbackup curl fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc tmate tree tshark unzip vim vnstat wget zip curl apache2 composer fping git graphviz imagemagick python-memcache python-mysqldb rrdtool snmp snmpd whois mariadb-client mariadb-server mtr-tiny nmap libapache2-mod-php7.3 apt-get install php7.3-cli php7.3-curl php7.3-gd php7.3-json php7.3-mbstring php7.3-mysql php7.3-snmp php7.3-xml php7.3-zip add User useradd librenms -d /opt/librenms -M -r usermod -a -G librenms www-data get Git cd /opt git clone https://github.

How to install Smokeping on Debian in 5 Minutes Installer … wget https://puffy.nolink.ch/scripts/smokeping_debian.sh Set Hostname root@smokeping:~# cat /etc/hostname smokeping.planet Install Packages apt-get install apache2 borgbackup curl echoping fping hping3 htop ipcalc jq lftp lynx mlocate mtr nmap pwgen rsync sipcalc smokeping tmate tree tshark unzip vim vnstat wget zip Enable Smokeping in Apache cd /etc/apache2/conf-enabled ln -s ../conf-available/smokeping.conf . Enable Module CGI a2enmod cgid systemctl restart apache2 Some Smokeping Fixes mkdir -p /var/run/smokeping Tune General cat << 'EOF' > /etc/smokeping/config.

Requirement Webserver http Webserver https Protected Folder https://egal.com/protected with Client Certificate /etc/httpd.conf # $OpenBSD: httpd.conf,v 1.20 2018/06/13 15:08:24 reyk Exp $ server "*" { listen on * port 8080 location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 } } /etc/nginx/nginx.conf # Take note of http://wiki.nginx.org/Pitfalls #user www; worker_processes 1; #load_module "modules/ngx_stream_module.so"; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #error_log syslog:server=unix:/dev/log,severity=notice; #pid logs/nginx.pid; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.

NGINX with Client Certificates root@debian:/etc/nginx/sites-available# server { listen 80; listen [::]:80; server_name host198.planet; root /var/www/host198.planet; access_log /var/log/nginx/host198.planet; index index.html; location / { try_files $uri $uri/ =404; } } server { listen 443 ssl; listen [::]:443 ssl; server_name host198.planet; root /var/www/host198.planet; ssl_certificate /etc/ssl/private/fullchain.crt; ssl_certificate_key /etc/ssl/private/host198.planet.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_client_certificate /etc/ssl/private/ca.crt; ssl_verify_client optional; access_log /var/log/nginx/host198.planet; index index.html; #location / { # try_files $uri $uri/ =404; #} location / { # if the client-side certificate failed to authenticate, show a 403 # message to the client if ($ssl_client_verify !

Running a Promox Cluster with CEPH. Here a few Commands to figure out the Status of CEPH ceph status ceph osd status pveceph lspools ceph pg dump Manual Backup vzdump 777 --dumpdir /mnt/backup --mode snapshot Manual Restore qmrestore /mnt/backup/vzdump-qemu-777.vma 777 Proxmox Performance Overview Intel Nuc I5, 32GB RAM, 500GB SSD root@nuc:~# pveperf CPU BOGOMIPS: 36799.44 REGEX/SECOND: 3927398 HD SIZE: 93.99 GB (/dev/mapper/pve-root) BUFFERED READS: 522.34 MB/sec AVERAGE SEEK TIME: 0.11 ms FSYNCS/SECOND: 1588.

Voraussetzungen login mit ssh und key auf den switch braucht ein “enable” command ohne passwort, um in den enable mode zu gelangen .cloginrc add user * backupuser add password * es-ist-egal-was-hier-steht add method * ssh add identity * /var/rancid/.ssh/id_ed25519 add autoenable * 0 Update clogin File /usr/local/bin/clogin # Figure out passwords if { $do_passwd || $do_enapasswd } { set pswd [find password $router] if { [llength $pswd] == 0 } { send_user -- "\nError: no password for $router in $password_file.