Home | panticz.de

LXC: Installation under Ubuntu / Debian

<?php
$URL="https://raw.githubusercontent.com/panticz/installit/master/install.lxc.sh";
echo "wget --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

# install under Debian Jessie
apt-get install bridge-utils
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.lxc.sh -O - | bash -s -- -b
#wget http://mirrors.kernel.org/ubuntu/pool/main/l/lxc/lxc_1.0.7-0ubuntu0.2_amd64.deb -P /tmp/
#dpkg -x /tmp/lxc_1.0.7-0ubuntu0.2_amd64.deb /tmp/
#cp -a /tmp/etc/* /etc/

# Check kernel configuration
lxc-checkconfig

Read more about LXC: Installation under Ubuntu / Debian

systemd

journalctl
http://www.panticz.de/journalctl

services
# list services
service --status-all

# enable service
systemctl enable service_name

# disable service
systemctl disable service_name

systemctl status service_name
journalctl -f
systemd-analyze verify

# override / edit job
systemctl edit cron.service
# systemd/system/cron.service.d/override.conf

Example
<?php
$URL="https://raw.githubusercontent.com/panticz/preseed/master/late_command.service";
echo "wget -q --no-check-certificate $URL -O /etc/systemd/system/late_command.service && \
systemctl enable late_command.service";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

# test
[Unit]
After=getty.target

[Service]
TTYPath=/dev/tty1

# test
journalctl -xn
systemctl list-unit-files --all

# timesynchronization
https://feeding.cloud.geek.nz/posts/time-synchronization-with-ntp-and-systemd/

# cat /etc/systemd/timesyncd.conf
...
[Time]
NTP=ntp.ubuntu.com
FallbackNTP=ntp2.ubuntu.com
...

# apt purge ntp ntpdate
timedatectl set-ntp true
sudo systemctl restart systemd-timesyncd
timedatectl status
sudo journalctl -u systemd-timesyncd -f

DNS / resolv
systemd-resolve --status

Flush DNS cache
sudo systemd-resolve --flush-caches

Timeserver / sync
sudo apt install -y tzdata
https://www.tecmint.com/set-time-timezone-and-synchronize-time-using-timedatectl-command/
# status
timedatectl status
# disable
timedatectl set-ntp 0
# enable
timedatectl set-ntp true
timedatectl set-timezone "Europe/Berlin"
timedatectl set-time 14:14:30
timedatectl set-time 20181120
timedatectl set-time '18:00:00 2018-11-22'
timedatectl set-local-rtc 1

# sync time
systemctl restart systemd-timesyncd
timedatectl status

Status
systemctl is-active application.service
systemctl is-enabled application.service
systemctl is-failed application.service

Reload systemd configuration
systemctl daemon-reload

# list failed services
systemctl list-units --failed

Restart service on failure
...
[Service]
RestartSec=30s
Restart=on-failure

Restart another service (if running) on start
[Service]
...
ExecStartPost=/bin/systemctl try-restart wildfly.service

sudo systemctl edit apache2.service

systemd timers example with rsnapshot
http://mark.stosberg.com/blog/tech/rsnapshot-and-systemd/

Links
https://www.freedesktop.org/software/systemd/man/systemd.unit.html
https://wiki.ubuntuusers.de/systemd/
https://wiki.ubuntuusers.de/systemd/Service_Units/
http://www.freedesktop.org/software/systemd/man/systemd.service.html
https://wiki.archlinux.org/index.php/Systemd_FAQ
https://wiki.ubuntu.com/SystemdForUpstartUsers
http://www.freedesktop.org/software/systemd/man/systemd.special.html
https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units

Read more about systemd

GitLab: Web-based Git repository manager

Install
http://www.panticz.de/install-gitlab

# restart gitlab
gitlab-ctl restart

# git home directory
/var/opt/gitlab

Reset admin password
# change root password
sudo gitlab-rails console
user = User.where(id: 1).first
user.password = user.password_confirmation ='xxx'
user.save!

Gitlab settings API
https://docs.gitlab.com/ee/api/settings.html
curl --header "PRIVATE-TOKEN: 11112222333344445555" https://gitlab.example.com/api/v4/application/settings

Disalbe register / Singup

Read more about GitLab: Web-based Git repository manager

Linux Kernel

Read more about Linux Kernel
Log in to post comments

#
# configure parameter
#
# determine the maximum size of a shared memory segment
cat /proc/sys/kernel/shmmax

# set default shared memory limit for shmmax (16 GB)
echo 17179869184 > /proc/sys/kernel/shmmax

# add the following line to /etc/sysctl.conf to make a change permanent
echo "kernel.shmmax=4294967296" >> /etc/sysctl.d/90-shmmax.conf

# load parameter
/sbin/sysctl -p /etc/sysctl.d/90-shmmax.conf

XEN: Create Debian Jessie DomU VM

<?php
$URL="https://raw.githubusercontent.com/panticz/xen/master/domains/debian.jessie.sh";
echo "wget $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Read more about XEN: Create Debian Jessie DomU VM

LXC: create Debian Jessie container

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.jessie.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -s";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

(re)create container
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/create.jessie.sh -O - | bash -s -- -f

Allow root SSH login with password
CONTAINER=jessie
sudo lxc-attach -n ${CONTAINER} -- sed -i 's|PermitRootLogin without-password|PermitRootLogin yes|' /etc/ssh/sshd_config
sudo lxc-attach -n ${CONTAINER} -- service ssh restart

Fix DNS
echo nameserver 8.8.8.8 | sudo tee /var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf

Default login credentials
user: root
pass: root

FixMe
"Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission denied"
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1346734

Failed to open /dev/autofs: No such file or directory
Failed to initialize automounter: No such file or directory
[FAILED] Failed to set up automount Arbitrary Executable File Formats File System Automount Point.
See 'systemctl status proc-sys-fs-binfmt_misc.automount' for details.
Unit proc-sys-fs-binfmt_misc.automount entered failed state.

Socket service systemd-udevd.service not loaded, refusing.
[FAILED] Failed to listen on udev Kernel Socket.
See 'systemctl status systemd-udevd-kernel.socket' for details.
Socket service systemd-udevd.service not loaded, refusing.
[FAILED] Failed to listen on udev Control Socket.
See 'systemctl status systemd-udevd-control.socket' for details.

Bugs
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020
https://wiki.debian.org/LXC#Incompatibility_with_systemd

Fix DNS
echo nameserver 8.8.8.8 > /var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf

# test
http://without-systemd.org/wiki/index.php/How_to_remove_systemd_from_a_Debian_jessie/sid_installation

Read more about LXC: create Debian Jessie container

Debian Jessie

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.jessie.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Read more about Debian Jessie

LXC: create Debian Wheezy container

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.wheezy.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

(re)create container
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/create.wheezy.sh -O - | bash -s -- -f

Default login credentials
user: root
pass: root

Fix DNS
echo nameserver 8.8.8.8 > /var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf

Read more about LXC: create Debian Wheezy container

LXC: create Debian Squeeze container

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.squeeze.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

(re)create container
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/create.squeeze.sh -O - | bash -s -- -f

Default login credentials
user: root
pass: root

Fix DNS
echo nameserver 8.8.8.8 > /var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf

Read more about LXC: create Debian Squeeze container

Incus

Ericsson H5321gw (Thinkpad T530)
# lsusb | grep Ericsson
Bus 003 Device 004: ID 0bdb:1926 Ericsson Business Mobile Networks BV

# fix kernel driver
echo "/etc/modprobe.d/avoid-mbib.conf" > options cdc_ncm prefer_mbim=N

cat < /etc/udev/rules.d/99-mbm.rules
ATTRS{idVendor}=="0bdb", ATTRS{idProduct}=="1926",
ENV{ID_USB_INTERFACE_NUM}=="09", ENV{MBM_CAPABILITY}="gps_nmea"
ATTRS{idVendor}=="0bdb", ATTRS{idProduct}=="1926",
ENV{ID_USB_INTERFACE_NUM}=="03", ENV{MBM_CAPABILITY}="gps_ctrl"
EOF

# force USB modem to only connect via EDGE and not 3G?

Read more about Incus

Subscribe to