Nginx access control / GeoIP

cat < /etc/nginx/conf.d/geoip.conf
geoip_country /usr/share/GeoIP/GeoIP.dat;

map $geoip_country_code $allowed_country {
default no;
DE yes;
CH yes;
}

log_format allow "allow $remote_addr;";
EOF
chmod 644 /etc/nginx/conf.d/geoip.conf

cat < /usr/local/bin/nginx-allow
#!/bin/bash

while inotifywait --quiet --event create,delete --exclude "[^c][^o][^n][^f]$" /tmp
do
/usr/sbin/nginx -t && /usr/sbin/service nginx reload
done
EOF
chmod 755 /usr/local/bin/nginx-allow

cat < /etc/systemd/system/nginx-allow.service
[Unit]

Wildfly

configuration
/opt/wildfly/docs/contrib/scripts/systemd/README - systemd example configuration
/opt/wildfly/standalone/configuration/standalone.xml

CLI
ssh -X wildfly.example.com /opt/wildfly/bin/jboss-cli.sh --gui

/opt/wildfly/bin/jboss-cli.sh --connect

/subsystem=datasources/data-source=ExampleDS/:remove

# sdd postgres driver
/subsystem=datasources/jdbc-driver=postgres:add(driver-name=postgres,driver-module-name=org.postgresql,driver-xa-datasource-class-name=org.postgresql.xa.PGXADataSource)

# add datasource

VMware Player

<?php
$URL="https://raw.githubusercontent.com/panticz/installit/master/install.vmware-player.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo " 

";
$c = curl_init();
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_URL, $URL);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

sudo apt-get install -y open-vm-tools

Links
https://docs.vmware.com/en/VMware-Workstation-Player/12.0/com.vmware.player.linux.using.doc/GUID-42F4754B-7547-4A4D-AC08-353D321A051B.html

Network bonding

apt install -y ifenslave

# /etc/network/interfaces
...
auto eth0
iface eth0 inet manual
bond-master bond0

auto eth1
iface eth1 inet manual
bond-master bond0

auto bond0
iface bond0 inet static
address 192.168.1.225
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.1
bond-miimon 100
bond-downdelay 200
bond-updelay 200
bond-mode 1
bond-slaves none

# state
cat /proc/net/bonding/bond0

cat /sys/class/net/bond0/bonding/slaves
eth1 eth0

cat /sys/class

SNMP: Linux software RAID state

Compile snmp-swraid
apt-get install -y git make build-essential libsnmp-dev
export GIT_SSL_NO_VERIFY=true
git clone https://github.com/jrossi/snmp-swraid.git /tmp/snmp-swraid
cd /tmp/snmp-swraid
make

tar cjf snmp-swraid.ubuntu-$(lsb_release -sr).tar.bz2 SWRAID-MIB.txt swRaidPlugin.so

# install
apt-get install -y snmpd snmp-mibs-downloader
wget -q http://dl.panticz.de/snmp-swraid/snmp-swraid.ubuntu-$(lsb_release -sr).tar.bz2 -O /tmp/snmp-swraid.ubuntu.tar.bz2
tar xjf /tmp/snmp-swraid.ubuntu.tar.bz2 -C /tmp
cp /tmp/SWRAID-MIB.txt $(find /var/lib -name ietf)

OpenFortiGUI

Install FortiClientSSL VPN client
wget -q http://www.unibamberg.de/fileadmin/rz/vpn/Linux/VPN_Linux_FortiClient.tar.gz -O /tmp/VPN_Linux_FortiClient.tar.gz
sudo tar xzf /tmp/VPN_Linux_FortiClient.tar.gz -C /opt/
sudo /opt/forticlientsslvpn/fortisslvpn.sh

Install openfortigui
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 2FAB19E7CCB7F415
echo "deb http://styrion.at/apt/ ./" | sudo tee /etc/apt/sources.list.d/styrion.list
sudo apt-get update
sudo apt-get install openfortigui

Compile

lm-sensors and snmpd under Ubuntu

#
# on server
#
apt-get install -y lm-sensors snmp snmpd snmp-mibs-downloader

# allow access from network (unsecure)
sed -i 's|agentAddress udp:127.0.0.1:161|agentAddress udp:161|g' /etc/snmp/snmpd.conf
sed -i 's|rocommunity public default -V systemonly|rocommunity public|g' /etc/snmp/snmpd.conf

# restart snmpd server
service snmpd restart

#
# on client
#
apt install -y snmp snmp-mibs-downloader

# read data from snmpd server
snmpwalk -v 2c -c public 10.0.3.94
snmpwalk -v 2c -c public 10.0.3.94 LM-SENSORS-MIB::lmFanSensorsTable
snmpwalk -v 2c -c public 10.0.3.94

Subscribe to