Convert .p12 bundle to server certificate and key files
Seperate Private Key and Certificate file
#Generate certificates bundle file
openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem
#Generate server key file.
openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key
Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
Create a .pfx/.p12 certificate file using OpenSSL
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt
OCI Object storage connect using WinSCP
Click New Session:
Enter the previous generated connection details and Press Save and give it a name: Continue reading “OCI Object storage connect using WinSCP” »
Mounting OCI bucket on CentOS 7 Linux
In order to use this you have to enable EPEL Repository-
sudo yum install epel-release sudo yum install s3fs-fuse
[opc@linux8 ~]$ sudo yum install s3fs-fuse Last metadata expiration check: 0:00:41 ago on Sun 15 May 2022 05:40:13 PM CST. Dependencies resolved. ================================================================================================================================= Package Architecture Version Repository Size ================================================================================================================================= Installing: s3fs-fuse x86_64 1.91-1.el8 ol8_developer_EPEL 273 k Installing dependencies: fuse x86_64 2.9.7-12.0.4.el8 ol8_baseos_latest 84 k fuse-common x86_64 3.2.1-12.0.4.el8 ol8_baseos_latest 22 k Transaction Summary ================================================================================================================================= Install 3 Packages Total download size: 379 k Installed size: 856 k Is this ok [y/N]: y ...... Installed: fuse-2.9.7-12.0.4.el8.x86_64 fuse-common-3.2.1-12.0.4.el8.x86_64 s3fs-fuse-1.91-1.el8.x86_64 Complete!
Nginx Reverse Proxy with Sub Directory Mapping
My web application has a sub-directory, 192.168.1.8:8088/messages, that I want to expose to the outside world as messages.mysite.com. I’ve gotten half way there but I seem to be stuck. My requirements are as follows
- Redirect the site from HTTP to HTTPS.
- As I cannot edit the links the web application generates, I need to be able to accept requests from the client such as messages.mysite.com/messages?id=23023.
- Do not allow reverse proxy access to the root web application, 192.168.1.8:8088 or to any sub-directory other than 192.168.1.8:8088/messages and its children.
Continue reading “Nginx Reverse Proxy with Sub Directory Mapping” »
Rsync upload local files without replacing remote files
This is basically one way sync- use at your own risk and dry run before any production deployment.
Suppose you have a list of files on a remote host, some of which already exist locally. What you want is to transfer only those files that are not found locally. If you blindly run scp with wildcard, it would fetch all remote files (existing as well as non-existing files), and overwrite existing local files. You want to avoid this.
In another similar situation, you may want to upload local files to a remote site, but without replacing any remote files.
If the local and remote hosts have rsync installed, using rsync will be the easiest way to copy only new files over, since rsync is designed for incremental/differential backups. Continue reading “Rsync upload local files without replacing remote files” »
OpenVPN installer on CentOS 7
Server Requirement: Centos 7 x86_64
$ cd /tmp/ && yum install git -y && git clone https://github.com/puarudz/OpenVPN-AS-Unlimited && cd OpenVPN-AS-Unlimited/ && sed -i -e 's/\r$//' centos7.sh && chmod 755 centos7.sh && ./centos7.sh
Once installed go to-
https://ip:943/admin login: openvpn pass: <your_password_during_installation>
After first login, “Agree” to the terms.
Now go to Authentiction > General > Turn on PAM Continue reading “OpenVPN installer on CentOS 7” »
Postfix to allow Mail Relay from a Trusted IP
Make sure smtpd_recipient_restrictions has permit_mynetworks, something like this:
smtpd_recipient_restrictions = permit_mynetworks,<more>
This is the default, but if you have -o smtpd_recipient_restrictions=something on an smtpd line in master.cf then it will override main.cf setting.
A sample configuration that worked for me is as below-
smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes -o smtpd_reject_unlisted_sender=yes -o smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,reject # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o broken_sasl_auth_clients=yes
Install phpSysInfo on Debian/Ubuntu
Log into the Debian/Ubuntu device
Run the following commands in a terminal:# update repositories and install any available software updates
sudo apt update sudo apt upgrade # install Apache HTTPD sudo apt install apache2 # install PHP components sudo apt install php7.3 php7.3-xml # download phpSysInfo wget https://github.com/phpsysinfo/phpsysinfo/archive/v3.3.2.zip # extract v3.3.2.zip sudo unzip v3.3.2.zip -d /var/www/html # rename the extracted folder sudo mv /var/www/html/phpsysinfo-3.3.2 /var/www/html/phpsysinfo # make a copy of phpsysinfo.ini sudo cp /var/www/html/phpsysinfo/phpsysinfo.ini.new /var/www/html/phpsysinfo/phpsysinfo.ini # set the owner of the new phpsysinfo directory to www-data sudo chown -R www-data:www-data /var/www/html/phpsysinfo sudo systemctl restart apache2
Open a web browser and navigate to http://DNSorIP/phpsysinfo
Oracle Linux 8: How To Access the GRUB
Reboot or start the instance.
After the console screen is blank, there is only one or two seconds to press <escape key>. Press it several times as quickly as possible.
If escape was pressed successfully, the Boot menu will be displayed, if not try again.
Note that it is possible that instead of the Boot menu, a BIOS is displayed:
In that case, navigate to “Continue”, press Enter followed by Escape.
How to unlock openvpn users
Install ZFS on Ubuntu
Installing ZFS Filesystem on Ubuntu
We will be using the command line Terminal application for the installation of the ZFS filesystem. To launch the command line Terminal, use the Ctrl+Alt+T keyboard shortcut. Now to install the ZFS filesystem on Ubuntu, issue the following command in Terminal:
$ sudo apt install zfsutils-linux
When prompted for the password, provide the sudo password.
After running the above command, the system might ask for confirmation that if you want to continue the installation or not. Press y to continue; after that, the package will be installed on your system. To verify ZFS file system installation, issue the following command in Terminal:
$ which zfs
You will see the output similar to the following:
Creating the ZFS storage pool
After the installation is completed, we will now create a storage pool for our drives. Here are the steps to do so:
1. First, find out the names of the drives for the pool. Use the following command in Terminal to do so: Continue reading “Install ZFS on Ubuntu” »