Fix / update systemd in Debian Jessie LXC container

# fix Debian Jessie LXC container boot error:
Failed to install release agent, ignoring: No such file or directory
Failed to create root cgroup hierarchy: Invalid argument
Failed to allocate manager object: Invalid argument
 
 
# list all container with uses Debian Jessie:
grep -l jessie /var/lib/lxc/*/rootfs/etc/os-release
 
# set container name
CONTAINER=my_cointainer
 
# stop container
lxc-stop -n ${CONTAINER} -t 10
 
# backup container
tar -C /var/lib/lxc --use-compress-program=pbzip2 -cf ${CONTAINER}.$(date -I).tar.bz2 ${CONTAINER}
 
# upgrade systemd in container
echo "deb h

LXC: create Ubuntu Xenial container

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/create_ubuntu_xenial.sh -O - | bash -s

#!/bin/bash

[ -z ${CONTAINER} ] && CONTAINER=xenial
LANG=en_US.UTF-8

# force, remove previous container
if [ "$1" == "-f" ]; then
  [ $(sudo lxc-ls ${CONTAINER} | wc -l) -gt 0 ] && sudo lxc-destroy -f -n ${CONTAINER}
  shift
fi

# create container
sudo lxc-create -t ubuntu -n ${CONTAINER} -- template-options -r xenial $@

# workaround for "Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission denied"
echo "lxc.aa_profile = unconfined" | sudo tee -a /var/lib/lxc/${CONTAINER}/config

# start container in background
sudo lxc-start -d -n ${CONTAINER}

# wait 3 seconds until network is up
sleep 3

# copy APT proxy configuration from host
APT_PROXY=$(grep -h "Acquire::http::Proxy" /etc/apt/* -r | head -1)
[ -n "${APT_PROXY}" ] && echo ${APT_PROXY} | sudo tee /var/lib/lxc/${CONTAINER}/rootfs/etc/apt/apt.conf.d/01proxy

# update packages in container
sudo lxc-attach -n ${CONTAINER} -- apt-get update
sudo lxc-attach -n ${CONTAINER} -- apt-get dist-upgrade -y

# show containers status
sudo lxc-ls ${CONTAINER} -f

Allow root SSH login with password
sed -i 's|PermitRootLogin without-password|PermitRootLogin yes|' /etc/ssh/sshd_config
sed -i 's|PasswordAuthentication no|PasswordAuthentication yes|' /etc/ssh/sshd_config
service ssh restart

CLI

# fallback: install required python2 over SSH on remote machine
ansible example.com -i inventory -u root -m raw -a "apt-get update && apt-get install -y python-minimal"
 
# Ad-hoc commands
ansible all -i inventory.list -l localhost -u root -m ping
ansible all -s -m shell -a "hostname -f"
ansible all -s -m apt -a 'pkg=nginx state=installed update_cache=true'
ansible all -m shell -a uptime
ansible all -m shell -a "apt-get update"
ansible www.example.com -m setup
ansible all -m setup -i inventory/example.com -u root > /tmp/example.com.inventory.$(date -I).txt
ansible www.example.com -m 

Brother MFC-1910W

Install printer
wget https://raw.githubusercontent.com/panticz/installit/master/hardware/install.brother-mfc-1910w.sh -O - | bash -

#!/bin/bash

IP=192.168.1.4

# Install printer
wget -q http://download.brother.com/welcome/dlf101543/mfc1910wlpr-3.0.1-1.i386.deb -P /tmp
wget -q http://download.brother.com/welcome/dlf101542/mfc1910wcupswrapper-3.0.1-1.i386.deb -P /tmp
dpkg -i /tmp/mfc1910*.deb
lpadmin -p Brother-MFC-1910 -E -v socket://${IP}:9100  -P /usr/share/ppd/brother/brother-MFC1910W-cups-en.ppd -o PageSize=A4

# Install scanner
wget -q http://download.brother.com/welcome/dlf006645/brscan4-0.4.3-3.amd64.deb -P /tmp
dpkg -i /tmp/brscan4-0.4.3-3.amd64.deb
brsaneconfig4 -a name=MFC-1910W2 model=MFC-1910W ip=${IP}

Check for newer DEB packages
http://support.brother.com/g/b/downloadlist.aspx?c=as_ot&lang=en&prod=mfc1910w_eu_as&os=128

/etc/ansible/hosts

www.example.com
db.example.com
 
[www]
www.example.com
 
[db]
db.example.com

Install Ansible

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.ansible.sh -O - | bash -

#!/bin/bash

# install required applications 
sudo apt-get install -y software-properties-common

# add ansible repository
sudo apt-add-repository -y ppa:ansible/ansible

# update package list
sudo apt-get update

# install Ansible
sudo apt-get install -y ansible

# Ansible playbook
https://github.com/panticz/ansible/tree/master/roles/ansible

ansible.yml

cat <<EOF> /etc/ansible/test.yml 
---
- hosts: all
  tasks:
    - debug: msg="{{ ansible_user_id }}@{{ inventory_hostname }}"
EOF
 
---
- hosts:
    srv.example.com
  remote_user: ubuntu
  become: yes
  tasks:
    - name: Update all packages
      apt:
        update_cache: yes
        upgrade: dist
 
    - name: Show command output
      command: id
      register: out
    - debug: var=out.stdout_lines
 
    - name: print to stdout
      command: id
      register: print
    - debug: msg="{{ print.stdout }}"
    - debug: msg="{{ print.stderr }}"
 
 
- hosts: all
#  p

Ansible

Ansible playbook repository
https://github.com/panticz/ansible

Install Ansible Server
http://www.panticz.de/install-ansible

Ansible syntax (YAML)
http://docs.ansible.com/ansible/YAMLSyntax.html

Configuration files
http://docs.ansible.com/ansible/intro_configuration.html#host-key-checking
/etc/ansible/ansible.cfg - global default configuration
~/.ansible.cfg - local global configuration
/etc/ansible/hosts - default inventory file

Ignore host key
# inventory
[all:vars]

Icinga CLI

NAGIOS_CMD_SOCKET=/var/lib/icinga/rw/icinga.cmd

# schedule a service check
HOST_NAME=www.example.com
SERVICE_NAME=APT
/usr/bin/printf "[%lu] SCHEDULE_FORCED_SVC_CHECK;%s;%s;%s\n" $(date +%s) "${HOST_NAME}" "${SERVICE_NAME}" $(date +%s) | tee -a "${NAGIOS_CMD_SOCKET}"

# schedule a host check
/usr/bin/printf "[%lu] SCHEDULE_HOST_CHECK;%s;%s\n" \
$(date +%s) \
"host_name" \
$(date +%s) | tee -a $NAGIOS_CMD_SOCKET

# URL

Pulseaudio Equalizer switch

#!/bin/bash
 
# install
# https://raw.githubusercontent.com/panticz/installit/master/install.pulseaudio-equalizer.sh
 
if [ "$(pulseaudio-equalizer status | grep "Equalizer status" | cut -d"[" -f2 | cut -d"]" -f1)" == "enabled" ]; then
    pulseaudio-equalizer disable
else
    pulseaudio-equalizer enable
fi
Syndicate content