panticz.de | Don't worry! It's only stuff...

APT offline update

#!/bin/bash

TARGET=/tmp/apt

# check parameter
if [ ! -z $1 ]; then
    PACKAGES="${@:1}"
else
    echo "Packagelist missing"
    echo "USAGE: $0 <package1> [<package2>]"
    exit 1
fi

# create required directory
echo "Package offline mirror: ${TARGET}"
[ -d ${TARGET} ] || mkdir ${TARGET}


# ensure that required pakages are installed
for APP in dpkg-dev genisoimage; do
    dpkg-query -W ${APP} > /dev/null 2>&1 || sudo apt-get install -y ${APP}
done

# download packages
cd ${TARGET}
apt-get download $(apt-cache depends \
    --recurse \
    --no-recommends \
    --no-suggests \
    --no-conflicts \
    --no-breaks \
    --no-replaces \
    --no-enhances \
    --no-pre-depends \
    ${PACKAGES} | grep "^\w")

# build package list
dpkg-scanpackages ${TARGET} > /dev/null 2>&1 | gzip -9c > ${TARGET}/Packages.gz

# build iso image
genisoimage -quiet -rock -output ${TARGET}/apt.$(lsb_release -sr).iso ${TARGET}/*.{deb,gz}
echo "ISO image: ${TARGET}/apt.$(lsb_release -sr).iso"

Links
https://gist.github.com/jeanlescure/084dd6113931ea5a0fd9#file-readme-md

apt

SNMP: Linux software RAID state

Compile snmp-swraid
apt-get install -y git make build-essential libsnmp-dev
export GIT_SSL_NO_VERIFY=true
git clone https://github.com/jrossi/snmp-swraid.git /tmp/snmp-swraid
cd /tmp/snmp-swraid
make

tar cjf snmp-swraid.ubuntu-$(lsb_release -sr).tar.bz2 SWRAID-MIB.txt swRaidPlugin.so

# install
apt-get install -y snmpd snmp-mibs-downloader
wget -q http://dl.panticz.de/snmp-swraid/snmp-swraid.ubuntu-$(lsb_release -sr).tar.bz2 -O /tmp/snmp-swraid.ubuntu.tar.bz2
tar xjf /tmp/snmp-swraid.ubuntu.tar.bz2 -C /tmp
cp /tmp/SWRAID-MIB.txt $(find /var/lib -name ietf)

Read more

OpenFortiGUI

Install FortiClientSSL VPN client
wget -q http://www.unibamberg.de/fileadmin/rz/vpn/Linux/VPN_Linux_FortiClient.tar.gz -O /tmp/VPN_Linux_FortiClient.tar.gz
sudo tar xzf /tmp/VPN_Linux_FortiClient.tar.gz -C /opt/
sudo /opt/forticlientsslvpn/fortisslvpn.sh

Install openfortigui
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 2FAB19E7CCB7F415
echo "deb http://styrion.at/apt/ ./" | sudo tee /etc/apt/sources.list.d/styrion.list
sudo apt-get update
sudo apt-get install openfortigui

Compile

linux
vpn

Read more

lm-sensors and snmpd under Ubuntu

#
# on server
#
apt-get install -y lm-sensors snmp snmpd snmp-mibs-downloader
 
# allow access from network (unsecure)
sed -i 's|agentAddress  udp:127.0.0.1:161|agentAddress  udp:161|g' /etc/snmp/snmpd.conf
sed -i 's|rocommunity public  default    -V systemonly|rocommunity public|g' /etc/snmp/snmpd.conf
 
# restart snmpd server
service snmpd restart
 
 
#
# on client
#
apt install -y snmp snmp-mibs-downloader
 
# read data from snmpd server
snmpwalk -v 2c -c public 10.0.3.94
snmpwalk -v 2c -c public 10.0.3.94 LM-SENSORS-MIB::lmFanSensorsTable
snmpwalk -v 2c -c public 10.0.3.94

Login to post comments
Read more

Terraform

Links
https://www.youtube.com/watch?v=TFLQcgZr0no#t=1318.264795
https://www.terraform.io/
https://releases.hashicorp.com/index.json

Upgrade SSH to v7.3 with include support

echo "deb http://archive.ubuntu.com/ubuntu yakkety main" > /etc/apt/sources.list.d/yakkety.list
apt-get update
apt-get install -y ssh
rm /etc/apt/sources.list.d/yakkety.list
apt-get update

ssh -V
OpenSSH_7.3p1 Ubuntu-1, OpenSSL 1.0.2g 1 Mar 2016

mkdir ~/.ssh/config.d
sed -i '1iInclude config.d/*' ~/.ssh/config

Links
https://superuser.com/questions/247564/is-there-a-way-for-one-ssh-config-file-to-include-another-one

linux
ubuntu

OpenShift

apt-get install docker-engine=1.13.1-0~ubuntu-xenial

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.openshift.sh -O - | bash -

#!/bin/bash

. /etc/os-release
if [ "${ID_LIKE}" == "debian" ]; then
    wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.docker.sh -O - | bash -
    sudo apt-get install git wget
    sudo sed -i 's|ExecStart=/usr/bin/dockerd -H fd://|ExecStart=/usr/bin/dockerd -H fd:// --insecure-registry 172.30.0.0/16|g' /etc/systemd/system/multi-user.target.wants/docker.service
    systemctl daemon-reload
else
    yum install -y docker git wget
    sudo sed -i "s|# INSECURE_REGISTRY='--insecure-registry'|INSECURE_REGISTRY='--insecure-registry 172.30.0.0/16'|g" /etc/sysconfig/docker
fi

systemctl enable docker
systemctl start docker

wget https://github.com/openshift/origin/releases/download/v1.5.0-rc.0/openshift-origin-client-tools-v1.5.0-rc.0-49a4a7a-linux-64bit.tar.gz -qO /tmp/openshift-origin-client-tools-linux-64bit.tar.gz 
tar xzf /tmp/openshift-origin-client-tools-linux-64bit.tar.gz -C /tmp/
cp /tmp/openshift-origin-client-tools-*/oc /usr/local/bin/

rm -rf /tmp/openshift-origin-client-tools*

# create test project
oc cluster up #--public-hostname=openshift.example.com --loglevel=10
oc login -u developer -p developer
oc whoami
oc new-app -L
oc projects
oc new-app openshift/ruby-20-centos7~https://github.com/openshift/ruby-ex
oc get all
oc get pod -w
oc logs -f ruby-ex-1-build
oc get services
oc expose service ruby-ex #--hostname=app1.example.com
oc get route

echo "192.168.178.31 ruby-ex-myproject.192.168.178.31.xip.io" >> /etc/hosts

Manage OpenShift with Ansible
https://github.com/openshift/openshift-ansible
https://www.ansible.com/blog/2013/09/19/deploying-highly-available-openshift-origin-clusters

# Ansible playbook
https://github.com/panticz/ansible/tree/master/roles/ansible

Links
https://www.openshift.org/
https://github.com/openshift/origin/blob/master/docs/cluster_up_down.md#linux
https://github.com/openshift/origin/releases/latest
https://github.com/OpenShiftDemos/openshift-cd-demo