linux

LXC: create Debian Jessie container

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.jessie.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -s";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

(re)create container
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/create.jessie.sh -O - | bash -s -- -f

Allow root SSH login with password
CONTAINER=jessie
sudo lxc-attach -n ${CONTAINER} -- sed -i 's|PermitRootLogin without-password|PermitRootLogin yes|' /etc/ssh/sshd_config
sudo lxc-attach -n ${CONTAINER} -- service ssh restart

Fix DNS
echo nameserver 8.8.8.8 | sudo tee /var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf

Default login credentials
user: root
pass: root

FixMe
"Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission denied"
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1346734

Failed to open /dev/autofs: No such file or directory
Failed to initialize automounter: No such file or directory
[FAILED] Failed to set up automount Arbitrary Executable File Formats File System Automount Point.
See 'systemctl status proc-sys-fs-binfmt_misc.automount' for details.
Unit proc-sys-fs-binfmt_misc.automount entered failed state.

Socket service systemd-udevd.service not loaded, refusing.
[FAILED] Failed to listen on udev Kernel Socket.
See 'systemctl status systemd-udevd-kernel.socket' for details.
Socket service systemd-udevd.service not loaded, refusing.
[FAILED] Failed to listen on udev Control Socket.
See 'systemctl status systemd-udevd-control.socket' for details.

Bugs
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1347020
https://wiki.debian.org/LXC#Incompatibility_with_systemd

Fix DNS
echo nameserver 8.8.8.8 > /var/lib/lxc/${CONTAINER}/rootfs/etc/resolv.conf

# test
http://without-systemd.org/wiki/index.php/How_to_remove_systemd_from_a_Debian_jessie/sid_installation

Create a restricted user for SSH tunneling

<?php
$URL="https://raw.githubusercontent.com/panticz/scripts/master/create_ssh_tunnel_user.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Add your public key(s)
cat /tmp/authorized_keys > /home/tunnel/.ssh/authorized_keys
sed -i 's|ssh-rsa|command="/bin/false",no-pty,no-X11-forwarding ssh-rsa|g' /home/tunnel/.ssh/authorized_keys

# parameter
command="/bin/false",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:80"
no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding

Links
http://www.gnu.org/software/bash/manual/html_node/The-Restricted-Shell.html

Install Google Music Manager

<?php
$URL="https://raw.githubusercontent.com/panticz/installit/master/install.google-musicmanager.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

$ cat /etc/apt/sources.list.d/google-musicmanager.list
deb http://dl.google.com/linux/musicmanager/deb/ stable main

Links
https://play.google.com/music/listen?u=0#/manager

memcached

# install
apt-get install -y memcached
sed -i 's|-l 127.0.0.1|-l 172.29.13.117|g' /etc/memcached.conf
service memcached restart

# flush cache
telnet mc.example.com 11211
stats
flush_all
quit

# memcached reserved memory
stats
...
STAT limit_maxbytes 314572800

Puppet: iPXE boot module

# create module structure
mkdir -p /etc/puppet/modules/ipxe/files
mkdir -p /etc/puppet/modules/ipxe/manifests

# download files
wget -q http://dl.panticz.de/ipxe/ipxe.lkrn -O /etc/puppet/modules/ipxe/files/ipxe.lkrn
wget -q http://dl.panticz.de/ipxe/49_ipxe -O /etc/puppet/modules/ipxe/files/49_ipxe

# download module definiction
<?php
$URL="https://raw.githubusercontent.com/panticz/puppet/master/modules/ipxe/init.pp";
echo "wget -q $URL -O /etc/puppet/modules/ipxe/manifests/init.pp";
echo "

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Install Gnokii (Manage SMS on USB Stick)

# install
sudo apt-get install -y gnokii

# set permissions (TODO set permissions with udev)
sudo chmod o+rw /dev/ttyUSB0

# configure
cat < .gnokiirc
[global]
model = AT
port = /dev/ttyUSB0
connection = serial
EOF

# show sms status
gnokii --showsmsfolderstatus

# show sms
gnokii --getsms MT 0 end

# show sms and filter for "http"
gnokii --getsms MT 0 2> /dev/null | grep http

# delete sms
gnokii --deletesms MT 0

# Links
http://linuxgazette.net/164/tomar.html
http://wiki.gnokii.org/index.php/SMS_options
http://ubuntuforums.org/showthread.php?t=1123538

Squid

Install
apt-get install -y squid

Configuration /etc/squid3/squid.conf
http_port 80 accel defaultsite=www.example.com vhost
cache_peer 10.0.3.10 parent 80 0 no-query login=PASS originserver name=myAccel1
acl our_sites1 dstdomain 88.99.100.101 .example.com www.foo.com
http_access allow our_sites1
cache_peer_access myAccel1 allow our_sites1
cache_peer_access myAccel1 deny all

# reload configuration
squid3 -k reconfigure

Links
http://www.ehow.de/man-ssl-squid-aktiviert-wie_10142/