Author Archives: Rumi
Perfect Proxmox Template with Cloud Image and Cloud Init
Instructions
Choose your Ubuntu Cloud Image. Here in this example will use ubuntu cloud-init image. Download Ubuntu (replace with the url of the one you chose from above)
wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
Create a new virtual machine
qm create 8000 --memory 2048 --core 2 --name ubuntu-cloud --net0 virtio,bridge=vmbr0
Import the downloaded Ubuntu disk to local-lvm storage Continue reading “Perfect Proxmox Template with Cloud Image and Cloud Init” »
pfSense firewall rules for WhatsApp
For simplicity, you can also follow the step by step instructions from your pfSense WebGUI below:
1. Create a PORT alias:
Firewall -> Aliases -> Ports -> + AddName: WhatsAppPortsTCP
Port: 443
-> + Add PortPort: 5222
Save (bottom) -> Apply Changes (top right)
2. Create a URL alias:
Firewall -> Aliases – URLs -> + AddName: WhatsAppIPv4_URL
Type: URL Table (IPs)
URL Table (IPs): https://adamnetworks.dev/pub/fwaliases/raw/master/ips/whatsapp.txt /(update frequency): 1
Save (bottom) -> Apply Changes (top right) Continue reading “pfSense firewall rules for WhatsApp” »
Install Softether VPN Client on Linux
Download and Install SoftEther VPN Client
Download SoftEther VPN Client software from their official website (https://www.softether.org).
Navigate to Download — > Download SoftEther VPN
Click on Download SoftEther VPN link.
- Select Component : SoftEther VPN Client
- Select Platform : Linux
- Select CPU : Select the appropriate CPU from the Drop down
- Click on the appropriate downloading link based on the version of the software.
- Extract the downloaded tar.gz file. Here after I will refer the extracted folder as <vpnclient>
- Navigate to <vpnclient>folder and open a terminal.
- Execute make command and accept all license agreements by entering the number relevant to “Yes”. execute make command
After the completion of make command process, start the vpn client using: Continue reading “Install Softether VPN Client on Linux” »
Import and Export Xen VM a.k.a XCP-NG
Print virtual machine list
xe vm-list
uuid ( RO) : 43dfac04-515e-7769-b2d2-444d4b7cb198 name-label ( RW): hk-zabbix-01 power-state ( RO): halted
Check the mount disk Continue reading “Import and Export Xen VM a.k.a XCP-NG” »
OCI Architecture Diagram Toolkits
Oracle Cloud Infrastructure (OCI) Architecture Diagram Toolkit in three formats:
Use these assets to draw custom architecture diagrams for your OCI implementation. Each of these formats contains OCI service icons and templates where possible. Examples and guidance on how to create diagrams for your specific cloud deployment are in the PowerPoint file.
In addition, we have the following assets for you.
Remove Old Unused Kernels in CentOS
To display the current version of Linux (kernel) running on your system, run this command.
# uname -sr
Linux 3.10.0-327.10.1.el7.x86_64
List All Installed Kernels on System
You can list all kernel images installed on your system like this.
# rpm -q kernel
kernel-3.10.0-229.el7.x86_64 kernel-3.10.0-229.14.1.el7.x86_64 kernel-3.10.0-327.3.1.el7.x86_64 kernel-3.10.0-327.10.1.el7.x86_64
Removing Old/Unused Kernels on CentOS/RHEL
You need to install yum-utils, which is an assortment of utilities that integrate with yum to make it more powerful and easier to use, by extending its original features in several different ways. Continue reading “Remove Old Unused Kernels in CentOS” »
Zimbra Let’s Encrypt auto-renew SSL
Required for this script to work is certbot package installed on email server and sudo rights to add script in crontab. You can add script in crontab at a weekly run like this: 0 0 * * 0 root /path_to_script.
#!/bin/bash #Set domain for renew (in format openthreat.ro) DOMAIN="" certbot certificates EXPIRE_DAYS=`cat /var/log/letsencrypt/letsencrypt.log | grep VALID | cut -d\( -f2 | cut -d\) -f1 | awk '{print $2}'` if [[ $EXPIRE_DAYS -lt 30 ]]; then #Stop the jetty or nginx service at Zimbra level runuser -l zimbra -c 'zmproxyctl stop' runuser -l zimbra -c 'zmmailboxdctl stop' #Renew SSL certbot renew --standalone #Copy new SSL to Zimbra SSL folder cp /etc/letsencrypt/live/mail.$DOMAIN/* /opt/zimbra/ssl/letsencrypt/ chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/* #Build the proper Intermediate CA plus Root CA echo "-----BEGIN CERTIFICATE----- MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ 0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ 3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq 4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= -----END CERTIFICATE-----" >> /opt/zimbra/ssl/letsencrypt/chain.pem #Backup Zimbra SSL directory cp -a /opt/zimbra/ssl/zimbra /opt/zimbra/ssl/zimbra.$(date "+%Y%m%d") #Copy the private key under Zimbra SSL path cp /opt/zimbra/ssl/letsencrypt/privkey.pem /opt/zimbra/ssl/zimbra/commercial/commercial.key #Final SSL deployment runuser -l zimbra -c 'cd /opt/zimbra/ssl/letsencrypt/ && /opt/zimbra/bin/zmcertmgr deploycrt comm cert.pem chain.pem' runuser -l zimbra -c 'zmcontrol restart' else echo "Not expire, skipping!" fi
Setup Keepalived for VRRP instead of ucarp
I’ve the following setup:
network-0 – 192.168.2.11 (real)
network-1 – 192.168.2.12 (real)
I want to add “network” as 192.168.2.10 as the floating address. I’ll need to do the following to both network-0 and network-1
- Install keepalived
- Configure keepalived
- Start keepalived
- Set keepalived to start at boot.
Continue reading “Setup Keepalived for VRRP instead of ucarp” »