Install and Setup TIG Stack on Ubuntu 20.04

In this tutorial, we are going to learn how to install and setup TIG Stack on Ubuntu 20.04.

TIG stack is a group of powerful open-source monitoring tools, Telegraf, InfluxDB and Grafana where;

  • Telegraf is an open-source server agent for collecting and sending metrics and events from databases, systems, and IoT sensors.
  • InfluxDB is an open-source time series database and provides datastore for metrics, events, and real-time analytics.
  • Grafana is a data visualization and monitoring tool and supports time series datastores such as Graphite, InfluxDB, Prometheus, Elasticsearch.

TIG stack can be used for monitoring system metrics such as memory, disk, logged in users, system load, swap usage, system uptime, system processes. 

Installing and Setup TIG Stack on Ubuntu 20.04

In order to install TIG stack, you need to install and setup each individual component of the stack, Telegraf, InfluxDB, Grafana.

Run System Update
To begin with, ensure that your system packages are up-to-date;

apt update
apt upgrade

Install Telegraf on Ubuntu 20.04

You can install Telegraf on Ubuntu 20.04 either by downloading the DEB package file or directly from the InfluxData repos.

Install Telegraf using DEB Package File

To install Telegraf using the DEB binary, grab the binary installer from the InfluxData downloads page. You can simply obtain the link to binary installer and pull it with wget;

wget https://dl.influxdata.com/telegraf/releases/telegraf_1.14.3-1_amd64.deb

Once you have the binary downloaded, you can install it as follows

Read more

Share

CentOS 7 updated repo after its EOL

mirrorlist.centos.org doesn’t exists anymore. So, your default repor wwith yum doesn’t work. Try using the following processes, it worked for me, hope this works for others as well.

sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/*.repo
sed -i s/^#.*baseurl=http/baseurl=http/g /etc/yum.repos.d/*.repo
sed -i s/^mirrorlist=http/#mirrorlist=http/g /etc/yum.repos.d/*.repo

Ref:
https://serverfault.com/questions/1161816/mirrorlist-centos-org-no-longer-resolve

Share

WordPress WP Backup Sample Script

#!/bin/bash

# your backups will use these filenames.
db_backup_name=”tweenpath-db-backup-“`date “+%Y-%m-%d”`”.sql.gz”
wpfiles_backup_name=”tweenpath-files-backup-“`date “+%Y-%m-%d”`”.tar.gz”

## 1: database connection info. You can get these details from your wp-config file.
db_name="user_name"
db_username="database"
db_password="password"

## 2: Path to your WordPress Upload and Theme directories. Replace /home/username/ with path to your home directory.
wp_upload_folder="/home/tweenpath/public_html"

## 3: Path to your backup folder. Replace /home/username/ with path to your home directory.
backup_folder_path="/backup/tweenpath"

# backup MYSQL database, gzip it and send to backup folder.
mysqldump --opt -u$db_username -p$db_password $db_name | gzip > $backup_folder_path/$db_backup_name

# create a tarball of the wordpress files, gzip it and send to backup folder.
tar -czf $backup_folder_path/$wpfiles_backup_name $wp_upload_folder|

# delete all but 5 recent wordpress database back-ups (files having .sql.gz extension) in backup folder.
find $backup_folder_path -maxdepth 1 -name "*.sql.gz" -type f | xargs -x ls -t | awk 'NR>5' | xargs -L1 rm

# delete all but 5 recent wordpress files back-ups (files having .tar.gz extension) in backup folder.
find $backup_folder_path -maxdepth 1 -name "*.tar.gz" -type f | xargs -x ls -t | awk 'NR>5' | xargs -L1 rm

Src and Ref:

Auto BackUp WordPress Files Using a Simple Bash Script

Share

XCP-NG few basic command lines- CLI

Run the following command to list VMs and their UUIDs:

xe vm-list resident-on=<uuid_of_host>

Try the shutdown command with force:

xe vm-shutdown uuid=<uuid_of_vm> force=true

Restart the toolstack on the host by using the following command:

xe-toolstack-restart

Restart the host.

shutdown -r now

If the VM is still not shutdown, you might need to destroy the domain. However, the steps given below can cause problems for your VM and should only be done as a last resort.

Read more

Share

Install LetsEncrypt on Debian with Nginx Server

Install Certbot and its Nginx plugin with apt:

sudo apt install certbot python3-certbot-nginx

Certbot provides a variety of ways to obtain SSL certificates through plugins. The Nginx plugin will take care of reconfiguring Nginx and reloading the config whenever necessary. To use this plugin, type the following:

sudo certbot --nginx -d example.com -d www.example.com
Share

Reset XCP-ng root password

The full prodecure can also be found on xcp-ng site.

  • Reboot your XCP-ng into Grub boot menu.
  • Select XCP-ng boot menu entry and press e key to edit boot options.
  • Locate the read-only parameter ro and replace it with rw init=/sysroot/bin/sh.
  • Press Ctrl + X to boot into single-mode.
  • From the Emergency Mode prompt, execute the command chroot /sysroot.
  • Once in single-mode, use passwd command to reset your XCP-ng root password.
  • Reboot XCP-ng by sending Ctrl + Alt + Suppr.
  • If everything went well, you should now be able to login with your new XCP-ng password.
Share

Creating 1:1 NAT using iptables

Its a POC where I needed a 1:1 NAT using  Linux iptables. I used 2 Debian 11 OS for this and here’s the machine IP plans-

  • VM-1: IPTables/NAT Router- 123.45.67.5/24, 123.45.67.6/24 and 192.168.10.5/24
  • VM-2: Backend Server- 192.168.10.6/24 (this VM’s gateway will be 192.168.10.5

On VM-1

Uninstall nftables and its Dependencies

IPtables is being replaced by nftables starting with Debian 10 Buster. Debian 11 comes with nftables framework. To install iptables first we need uninstall nftables and its dependencies. SSH into your server and run the next commands:

# apt-get remove --auto-remove nftables
# apt-get purge nftables

Install IPtables in Debian 11

# apt-get update
# apt-get install iptables

Now we can check the iptables status and list rules. For list all the rules we will use option -L.

Run command:

# iptables -L -v

You will see the output:

As you see on the screenshot just installed iptables firewall and it works. But all chains (INPUT, FORWARD, OUTPUT) are set to ACCEPT, and we have no security rules configured.

Read more

Share

MinIO object storage upload using curl

#!/bin/bash

# Usage: ./minio-upload my-bucket my-file.zip

bucket=$1
file=$2

host=minio.example.com
s3_key=svc_example_user
s3_secret=svc_example_user_password

resource="/${bucket}/${file}"
content_type="application/octet-stream"
date=`date -R`
_signature="PUT\n\n${content_type}\n${date}\n${resource}"
signature=`echo -en ${_signature} | openssl sha1 -hmac ${s3_secret} -binary | base64`

curl -X PUT -T "${file}" \
-H "Host: ${host}" \
-H "Date: ${date}" \
-H "Content-Type: ${content_type}" \
-H "Authorization: AWS ${s3_key}:${signature}" \
https://${host}${resource}

Src:

Share