Home | panticz.de

OpenStack Debug VPN

Find the VPN server and the relevant router UUID

# get VPN connection ID
openstack vpn ipsec site connection list | grep foo
openstack vpn ipsec site connection list --long | grep <project_id>
 
VPN_CONNECTION_ID=142dc25f-13bb-4fda-b093-edf13df98ed8
openstack vpn ipsec site connection show ${VPN_CONNECTION_ID}
 
VPN_SERVICE_ID=$(openstack vpn ipsec site connection show ${VPN_CONNECTION_ID} -c 'VPN Service' -f value)
openstack vpn service show ${VPN_SERVICE_ID}
 
# get router ID
ROUTER_ID=$(openstack vpn service show ${VPN_SERVICE_ID} -c Router -f value)
echo "ROUTER_ID=${ROUTER_ID}"

Find the ctl Node where the active router is running

ROUTER_PORT_ID=$(openstack port list --device-owner network:router_gateway -f value -c id --router ${ROUTER_ID})
CONTROL_NODE=$(openstack port show ${ROUTER_PORT_ID} -c binding_host_id -f value)
echo "CONTROL_NODE: ${CONTROL_NODE}"
 
echo "ssh ${CONTROL_NODE} sudo ip netns exec qrouter-${ROUTER_ID} ip a s"

Connect to that ctl node and "jump" in its neutron-l3-agent docker container

Read more about OpenStack Debug VPN

PulseAudio

PulseAudio CLI

pulseaudio --check
pulseaudio -k
pulseaudio -D

PulseAudio CLI
https://rastating.github.io/setting-default-audio-device-in-ubuntu-18-04/
https://wiki.archlinux.org/index.php/PulseAudio/Examples

pactl list short sinks
pactl list short sources
 
pactl set-sink-volume 35 17%
 
# restart
systemctl --user restart pulseaudio

Equalizer

Read more about PulseAudio

OpenStack: quotas

Documentation
https://docs.openstack.org/python-openstackclient/latest/cli/command-objects/quota.html

Read more about OpenStack: quotas

Xiaomi Mi A2 Lite (daisy)

Enable USB-Debugging and unlock phone

# Connect phone to Wifi
Settings > About Phone > Build number > tap 7x times to become developer
Settings > System > Advanced > Developer Options > OEM unclocking
Settings > System > Advanced > Developer Options > USB Debugging > OK

Unlock phone

# Connect phone to computer
adb devices
# Accept "Allow access with your computer RSA key" on phone
adb reboot bootloader
fastboot oem unlock

Boot bootloader

Power Off phone
Hold volume_down + power
 
OPTIONAL: Recovery phone with original Xiaomi image to update firmware

Flash custom image
https://arrowos.net/download
# ArrowOS download: https://get.mirror1.arrowos.net/download.php?token=oD03QRrG9umnU1Egj6VspKXNwaiIlcYSOqbfCdyP4x8WzMtT7kL2hHZFJAv5&version=arrow-11.0&variant=community&device=daisy
#OpenGA apps: https://netix.dl.sourceforge.net/project/opengapps/arm64/test/20210130/open_gapps-arm64-11.0-pico-20210130-TEST.zip
NikGapps: https://sourceforge.net/projects/nikgapps/files/Releases/NikGapps-SL/18-Feb-2023/NikGapps-core-arm64-12.1-20230218-signed.zip/download

Read more about Xiaomi Mi A2 Lite (daisy)

OpenStack: control node

Decommision control node
https://review.opendev.org/plugins/gitiles/openstack/kolla-ansible/+/refs/changes/85/758085/1/doc/source/user/adding-and-removing-hosts.rst

Read more about OpenStack: control node

Terraform: Create LoadBalancer in OpenStack

provider "openstack" {
  cloud = "lab-admin"
  use_octavia = true
}
 
# data "template_file" "user_data" {
#   template = file("user-data.txt")
# }
 
data "template_file" "user_data" {
  template = <<EOF
#cloud-config
package_update: true
packages:
 - nginx
runcmd:
 - hostname -f | sudo tee /var/www/html/index.nginx-debian.html
 - id > /tmp/debug
EOF
}
 
variable "http_instance_names" {
  type = set(string)
  default = ["www1", "www2"]
}
 
resource "openstack_compute_instance_v2" "http" {
  for_each    = var.http_instance_names
  name        = each.key
 #name = "www${count.index + 1}"
 #count = 2
 image_name = "Ubuntu 20.04 minimal"
 flavor_name = "m1.small"
 key_pair = "lab-key"
 security_groups = ["default"]
 user_data = data.template_file.user_data.rendered
 
 network {
   name = "demo-net"
 }
}
 
data "openstack_networking_network_v2" "network_1" {
  name = "demo-net"
}
 
data "openstack_networking_subnet_v2" "subnet_1" {
  name = "demo-subnet"
  network_id = data.openstack_networking_network_v2.network_1.id
}
 
# Create loadbalancer
resource "openstack_lb_loadbalancer_v2" "http" {
  name          = "demo-lb1"
  vip_subnet_id = data.openstack_networking_subnet_v2.subnet_1.id
}

Read more about Terraform: Create LoadBalancer in OpenStack

OpenWRT: USB storage

https://openwrt.org/docs/guide-user/storage/usb-drives-quickstart

opkg update
opkg install kmod-usb-storage kmod-fs-ext4 fdisk e2fsprogs
opkg install rsync
 
# deinstall
opkg remove ppp-mod-pppoe ppp kmod-pppoe kmod-pppox kmod-ppp
 
# OPTIONAL: remove webinterface
opkg remove "luci-*"   #run multiple times
opkg remove uhttpd

Read more about OpenWRT: USB storage

OpenWRT Wireguard server

OpenWrt server
https://openwrt.org/docs/guide-user/services/vpn/wireguard/client

Read more about OpenWRT Wireguard server

nextcloud

# install nextcloud with snap
snap install nextcloud
 
sudo snap enable nextcloud
sudo snap disable nextcloud
 
# set domain
nextcloud.occ config:system:set trusted_domains 0 --value="nextcloud.example.com"

User
https://docs.nextcloud.com/server/15/admin_manual/configuration_server/occ_command.html#file-operations-label

# create user
export OC_PASS=pass1234
nextcloud.occ user:add --display-name "Foo Bar" --group=bar --password-from-env foo

Email

# create email
nextcloud.occ mail:account:create fobr "Foo Bar" foo.bar@example.com imap.example.com 143 off foo.bar pass1234 smtp.example.com 25 off foo.bar pass1234

Files
https://docs.nextcloud.com/server/15/admin_manual/configuration_server/occ_command.html#file-operations-label

# path
/var/snap/nextcloud/common/nextcloud/data/admin/file
 
# rescan files
nextcloud.occ files:scan --path=admin
nextcloud.occ files:scan --all
 
# external files
nextcloud.occ files_external:list
sudo snap connect nextcloud:removable-media

Calendar

Read more about nextcloud

cloud-config / cloud-init

Cloud config examples
https://cloudinit.readthedocs.io/en/latest/reference/examples.html

Re-run cloud-init

sudo cloud-init init
sudo cloud-init modules --mode=final
 
# cat /var/lib/cloud/seed/nocloud-net/user-data

Network
https://cloudinit.readthedocs.io/en/latest/reference/network-config-format-v2.html

          cloud-init.network-config: |
            network:
              version: 2
              ethernets:
                mgmt-dev:
                  mtu: 9000
                  addresses:
                    - 10.33.1.21/20
                  routes:
                    - to: 10.33.0.0/16
                      via: 10.33.1.1
                    - to: 10.8.0.0/22
                      via: 10.33.1.1
                    - to: 192.168.252.0/23
                      via: 10.33.1.1
                  nameservers:
                    addresses:
                      - 10.8.1.74
                      - 10.8.1.174
                    search:
                      - dev.example.com
                mgmt-public:
                  addresses:
                    - 10.0.1.100/24
                  gateway4: 10.0.1.1

user.network-config: |
version: 1
config:
    - type: physical
    name: dev-mgmt
    subnets:
      - type: static
        address: 10.33.20.40/20
        gateway: 10.33.16.1
        routes:
            - gateway: 10.33.16.1
              network: 10.33.0.0/16
        dns_nameservers:
            - 10.8.3.74
            - 10.8.3.174
        dns_search:
            - dev.i.example.com
    - type: physical
      name: dev-ipmi
      subnets:
    - type: static
      address: 10.32.20.40/20
      gateway: 10.32.16.1

network:
  version: 1
  config:
  - type: physical
    name: eth0
    subnets:
      - type: dhcp

Terrafrom
https://registry.terraform.io/providers/hashicorp/template/latest/docs/data-sources/cloudinit_config

Read more about cloud-config / cloud-init

Subscribe to