linux

export CONTAINER=vpn

# create container
# TODO: configure MAC on create container
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/create.jessie.sh -O - | bash -s -- -f

# configure container MAC address
sed -i 's|lxc.network.hwaddr = .*|lxc.network.hwaddr = 00:11:22:33:44:5e|' /var/lib/lxc/${CONTAINER}/config

# enable autostart
echo "lxc.start.auto = 1" | tee -a /var/lib/lxc/${CONTAINER}/config

# configure container
##echo "lxc.hook.autodev=/var/lib/lxc/vpn/autodev" >> /var/lib/lxc/${CONTAINER}/config

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.trusty.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -s";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Allow root SSH login with password
sed -i 's|PermitRootLogin without-password|PermitRootLogin yes|' /etc/ssh/sshd_config
sed -i 's|PasswordAuthentication no|PasswordAuthentication yes|' /etc/ssh/sshd_config
service ssh restart

# ansible role
https://github.com/panticz/ansible/tree/master/roles/dma

# preconfigure
echo "dma dma/relayhost string mail.example.com" | debconf-set-selections
echo "dma dma/mailname string $(hostname -f)" | debconf-set-selections

# install
apt-get install -y dma

# configure relayhost
echo "user|smarthost:password" >> /etc/dma/auth.conf

# send testmail
echo "This is a test message from ${USER}@$(hostname -f) at $(date)" | /usr/sbin/sendmail foo@exaple.com

Configuration files
# /etc/dma/dma.conf
AUTHPATH /etc/dma/auth.conf
SMARTHOST smtp.example.de

# display logs from current boot
journalctl -b

sudo journalctl --since yesterday

journalctl -u nginx.service

# journals disc usage
sudo journalctl --disk-usage

journalctl -p err -b

# links
https://www.digitalocean.com/community/tutorials/how-to-use-journalctl-to-view-and-manipulate-systemd-logs
http://0pointer.de/blog/projects/journalctl.html
http://blog.delouw.ch/2013/07/24/why-journalctl-is-cool-and-syslog-will-survive-for-another-decade/

Ericsson H5321gw (Thinkpad T530)
# lsusb | grep Ericsson
Bus 003 Device 004: ID 0bdb:1926 Ericsson Business Mobile Networks BV

# fix kernel driver
echo "/etc/modprobe.d/avoid-mbib.conf" > options cdc_ncm prefer_mbim=N

cat < /etc/udev/rules.d/99-mbm.rules
ATTRS{idVendor}=="0bdb", ATTRS{idProduct}=="1926",
ENV{ID_USB_INTERFACE_NUM}=="09", ENV{MBM_CAPABILITY}="gps_nmea"
ATTRS{idVendor}=="0bdb", ATTRS{idProduct}=="1926",
ENV{ID_USB_INTERFACE_NUM}=="03", ENV{MBM_CAPABILITY}="gps_ctrl"
EOF

# force USB modem to only connect via EDGE and not 3G?

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

# fix dns
echo "nameserver 8.8.8.8" > /var/cache/lxc/debian/rootfs-wheezy-amd64/etc/resolv.conf

Cronjob
echo "0 13 * * * root /usr/bin/wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh -O - | bash -" > /etc/cron.d/lxc_update_template
service cron restart

# fix squeeze repository
sed -i 's|cdn.debian.net|ftp.debian.org|g' /var/cache/lxc/debian/rootfs-squeeze-amd64/etc/apt/sources.list