To update the present cluster host proxmox following files need to be updated:
/etc/pve/corosync.conf (only on one node necessary)
However, corosync.conf needs special way to edit the file!
Editing the corosync.conf file is not always very straightforward. There are two on each cluster node, one in /etc/pve/corosync.conf and the other in /etc/corosync/corosync.conf. Editing the one in our cluster file system will propagate the changes to the local one, but not vice versa. The configuration will get updated automatically as soon as the file changes. This means changes which can be integrated in a running corosync will take effect immediately. So you should always make a copy and edit that instead, to avoid triggering some unwanted changes by an in-between safe.
cp /etc/pve/corosync.conf /etc/pve/corosync.conf.new
Then open the config file with your favorite editor, nano and vim.tiny are preinstalled on any Proxmox VE node for example. Continue reading “Change cluster node IP in Proxmox” »
Configure Apache2 for SSL.
root@www:~# vi /etc/apache2/sites-available/default-ssl.conf
# line 3: change to webmaster's email
# line 32,33: change to the one created in 
root@www:~# a2ensite default-ssl
Enabling site default-ssl.
Continue reading “Enable and install SSL on Debian 8 apache server” »
LAN rules are defining rights to access internet services from your local network. So, if you block port 80 and 443 nobody from your LAN will be able to access internet. WAN rules are defining access to the resources in your LAN (or DMZ) from the internet. In this short LAB we`ll be defining LAN rules. Let’s say we want to block access to the port 443 from our local network.
My blog is on port 443, so after defining this rule we should not be able to access my blog from LAB network (or any other HTTPS secured website for that matter)
Login to your pFSense configuration via web browser – mine is is still located on http://10.20.20.1/
Select Firewall | Rules
Continue reading “How to define outgoing firewall rules on pFSense” »
Write it into /etc/resolv.conf:
echo "nameserver 18.104.22.168" | sudo tee /etc/resolv.conf
Upon successful DHCP connection, it should be overwritten back to the “correct” DNS server.
The following procedure works for Ubuntu 18.04 (Bionic Beaver)
I. Reinstall the ifupdown package:
# apt-get update
# apt-get install ifupdown
II. Configure your /etc/network/interfaces file with configuration stanzas such as:
# The loopback network interface
iface lo inet loopback
iface enp0s3 inet static
# Only relevant if you make use of RESOLVCONF(8)
# or similar...
dns-nameservers 22.214.171.124 126.96.36.199
III. Make the configuration effective (no reboot needed): Continue reading “Ubuntu 18.04: Disable Netplan switch back to networking /etc/network/interfaces” »
By default the RedHat 8 Linux installation will start in the graphical mode. In case you encounter some issues you have an option to force the text mode TTY installation. In this tutorial you will learn:How to modify GRUB boot entry to force text mode installation.
- Boot from the Redhat 8 installation ISO image.
- Press TAB while in the GRUB boot menu.
- Insert the inst.text text to the end of the GRUB boot line.
- Press ENTER to continue with the normal boot.
- Make selection from the above menu. Perform configuration and return back to the main menu by pressing the c key. Once ready begin the RHEL 8 installation by pressing the b key.
Continue reading “Redhat / CentOS 8: text mode install guide” »
If you are running a Linux distro that uses Systemd, then you may find that your command in /etc/rc.local file would not run on system boot. This guide explains how to enable /etc/rc.local script to run on system startup.
Enable /etc/rc.local on Systemd
If you type the following command in terminal:
sudo systemctl status rc-local
You may get this output:
rc-local.service - /etc/rc.local Compatibility
Loaded: loaded (/lib/systemd/system/rc-local.service; static; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2015-11-26 23:54:58 CST; 59s ago
Process: 1001 ExecStart=/etc/rc.local start (code=exited, status=1/FAILURE)
Nov 26 23:54:57 vivid rc.local: File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 920, in require
Nov 26 23:54:57 vivid rc.local: needed = self.resolve(parse_requirements(requirements))
Nov 26 23:54:57 vivid rc.local: File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 807, in resolve
Nov 26 23:54:57 vivid rc.local: raise DistributionNotFound(req)
Nov 26 23:54:57 vivid rc.local: pkg_resources.DistributionNotFound: shadowsocks==2.8.2
Nov 26 23:54:58 vivid sudo: pam_unix(sudo:session): session closed for user root
Nov 26 23:54:58 vivid systemd: rc-local.service: control process exited, code=exited status=1
Nov 26 23:54:58 vivid systemd: Failed to start /etc/rc.local Compatibility.
Nov 26 23:54:58 vivid systemd: Unit rc-local.service entered failed state.
Nov 26 23:54:58 vivid systemd: rc-local.service failed.
And if you try to enable /etc/rc.local to run on system boot with the command: Continue reading “How to Enable /etc/rc.local with Systemd” »
If you’re using Debian 7 a.k.a wheezy which is end of life at this moment and you were using Let’s Encrypt was your SSL, then you might need some backward compatibility to continue. A possible work around for me as below:
chmod +x ./certbot-auto
For renewing an existing certificate you can use the following command instead:
cPanel is an online Linux-based web hosting control panel that provides a graphical interface and automation tools designed to simplify the process of hosting a web site or email.
- Launch a CentOS 7 instance (Only install cPanel & WHM on a freshly-installed operating system).
- Access the instance via SSH.
- Run all the following commands from the shell/terminal (All commands need to be run as the root user).
- You need to purchase your own cPanel license to use the control panel.
Step 1: Set a valid hostname (FQDN) for your system. Note: Replace “your-hostname.example.com” with a FQDN.
Step 2: Disable SELinux.
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/’ /etc/selinux/config
Step 3: Download and run the installation script. Tips: You may use the screen utility in case your session disconnects during installation.
cd /home && curl -o latest -L https://securedownloads.cpanel.net/latest && sh latest
Step 4: Wait for the installation to complete.
Step 5: While waiting for the installation, you might want to allow all the required ports on the security group for your instance (eg: WHM SSL, FTP, HTTP, HTTPS). Please follow the guide here.
Note: To know which ports are used by cPanel & WHM, please refer to this official documentation: https://documentation.cpanel.net/display/CKB/How+to+Configure+Your+Firewall+for+cPanel+Services
Step 6: Set a password for root.
Step 7: Browse to https://<your-server-ip>:2087 to access the WHM, and login as root.