Debian: Compile and install multiple PHP CLI versions

# install dependencies
apt-get install -y build-essential

# download and compile PHP
for VERSION in 5.3.29 5.4.38 5.5.22 5.6.6; do
wget -q "http://de1.php.net/get/php-${VERSION}.tar.bz2/from/this/mirror" -O- | tar xj -C /tmp
cd /tmp/php-${VERSION}
./configure --prefix=/opt/php/${VERSION%.*} --disable-all --disable-cgi
make install -j5
done

# add to PATH
for i in /opt/php/*; do
ln -s $i/bin/php /usr/local/bin/php${i##*/}
done

# create backup
cd /opt/php
tar -cjf /tmp/opt.php.$(date -I).tar.bz2 *

# test backup
tar -tvf /tmp/opt.php.$(date -I).tar.bz2

Create a restricted user for SSH tunneling

<?php
$URL="https://raw.githubusercontent.com/panticz/scripts/master/create_ssh_tunnel_user.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Add your public key(s)
cat /tmp/authorized_keys > /home/tunnel/.ssh/authorized_keys
sed -i 's|ssh-rsa|command="/bin/false",no-pty,no-X11-forwarding ssh-rsa|g' /home/tunnel/.ssh/authorized_keys

# parameter
command="/bin/false",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:80"
no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding

Links
http://www.gnu.org/software/bash/manual/html_node/The-Restricted-Shell.html

Update LXC container templates filesystem

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

# fix dns
echo "nameserver 8.8.8.8" > /var/cache/lxc/debian/rootfs-wheezy-amd64/etc/resolv.conf

Cronjob
echo "0 13 * * * root /usr/bin/wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh -O - | bash -" > /etc/cron.d/lxc_update_template
service cron restart

# fix squeeze repository
sed -i 's|cdn.debian.net|ftp.debian.org|g' /var/cache/lxc/debian/rootfs-squeeze-amd64/etc/apt/sources.list

Install Google Music Manager

<?php
$URL="https://raw.githubusercontent.com/panticz/installit/master/install.google-musicmanager.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

$ cat /etc/apt/sources.list.d/google-musicmanager.list
deb http://dl.google.com/linux/musicmanager/deb/ stable main

Links
https://play.google.com/music/listen?u=0#/manager

Install Vega vulnerability scanner under Ubuntu / Debian

Install
<?php
$URL="https://raw.githubusercontent.com/panticz/installit/master/install.vega.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Workarround
sudo mkdir -p /usr/share/vega/workspace/
sudo chmod 777 /usr/share/vega/workspace/

Download
https://subgraph.com/vega/download/

Configuration
diff /usr/share/vega/Vega.ini.2015-01-12 /usr/share/vega/Vega.ini
2,5c2,5
< -Xms256m
< -XX:PermSize=128m
< -XX:MaxPermSize=256m
< -Xmx2048m
---
> -Xms1024m
> -XX:PermSize=512m
> -XX:MaxPermSize=1024m
> -Xmx4096m

Puppet: iPXE boot module

# create module structure
mkdir -p /etc/puppet/modules/ipxe/files
mkdir -p /etc/puppet/modules/ipxe/manifests

# download files
wget -q http://dl.panticz.de/ipxe/ipxe.lkrn -O /etc/puppet/modules/ipxe/files/ipxe.lkrn
wget -q http://dl.panticz.de/ipxe/49_ipxe -O /etc/puppet/modules/ipxe/files/49_ipxe

# download module definiction
<?php
$URL="https://raw.githubusercontent.com/panticz/puppet/master/modules/ipxe/init.pp";
echo "wget -q $URL -O /etc/puppet/modules/ipxe/manifests/init.pp";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Nginx: compile with http_substitutions_filter support

# tested under CentOS release 5.11 (Final)

yum -y install rpm-build git
yum -y install gcc gcc-c++ make zlib-devel pcre-devel openssl-devel

wget http://nginx.org/packages/centos/5/SRPMS/nginx-1.6.2-1.el5.ngx.src.rpm
rpm -i nginx-1.6.2-1.el5.ngx.src.rpm

git clone git://github.com/yaoweibin/ngx_http_substitutions_filter_module.git

cd /usr/src/redhat/SOURCES/

/usr/src/redhat/SOURCES

tar xzf ../nginx-1.6.2.tar.gz

cd nginx-1.6.2

./configure --add-module=/root/ngx_http_substitutions_filter_module --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.