linux

warning: Creating default object from empty value in /data/web/1/000/027/003/273448/htdocs/panticz.de/modules/taxonomy/taxonomy.pages.inc on line 33.

LXC Containers

# centos
sudo lxc-create -t centos -n centos -- --release 7

# nested container / docker support
echo "lxc.aa_profile = unconfined" >> /var/lib/lxc/centos/config
echo "lxc.cgroup.devices.allow = a\n" >> /var/lib/lxc/centos/config

Create a restricted user for SSH tunneling

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/scripts/master/create_ssh_tunnel_user.sh -O - | bash -

#!/bin/bash

# create new restricted user
useradd tunnel --gid nogroup --create-home --skel /dev/null --shell /bin/rbash

# set random encrypted password to enable login
echo "tunnel:$(openssl rand -base64 32)" | chpasswd

# create authorized_keys
mkdir /home/tunnel/.ssh
chmod 700 /home/tunnel/.ssh
touch /home/tunnel/.ssh/authorized_keys
chmod 600 /home/tunnel/.ssh/authorized_keys

# remove path to programs
echo 'PATH=' > /home/tunnel/.profile
chmod 400 /home/tunnel/.profile

# restrict permissions
chmod 500 /home/tunnel
chown tunnel:nogroup /home/tunnel -R

Add your public key(s)
cat /tmp/authorized_keys > /home/tunnel/.ssh/authorized_keys
sed -i 's|ssh-rsa|command="/bin/false",no-pty,no-X11-forwarding ssh-rsa|g' /home/tunnel/.ssh/authorized_keys

# parameter
command="/bin/false",no-agent-forwarding,no-pty,no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:80"
no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding

Links
http://www.gnu.org/software/bash/manual/html_node/The-Restricted-Shell.html

Update LXC container templates filesystem

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh -O - | bash -

#!/bin/bash

# ensure that this script is run as root
if [ $(id -u) -ne 0 ]; then
  sudo $0
  exit
fi

# set language to english
LANG=en_US.UTF-8

# update APT rootfs (Debian and Ubuntu)
for DIST in $(find /var/cache/lxc/*/* -maxdepth 0 -type d); do
  echo "Updating ${DIST} ..."
  chroot "${DIST}" apt-get update -qq
  chroot "${DIST}" apt-get dist-upgrade -qq -y
  chroot "${DIST}" apt-get autoremove -qq -y
  chroot "${DIST}" apt-get clean
done

# fix dns
echo "nameserver 8.8.8.8" > /var/cache/lxc/debian/rootfs-wheezy-amd64/etc/resolv.conf

Cronjob
echo "0 13 * * * root /usr/bin/wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh -O - | bash -" > /etc/cron.d/lxc_update_template
service cron restart

# fix squeeze repository
sed -i 's|cdn.debian.net|ftp.debian.org|g' /var/cache/lxc/debian/rootfs-squeeze-amd64/etc/apt/sources.list

Install Google Music Manager

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.google-musicmanager.sh -O - | bash -

#!/bin/bash

# get URL
if [ "$(uname -m)" == "x86_64" ]; then
  # 64 bit
  URL=https://dl.google.com/linux/direct/google-musicmanager-beta_current_amd64.deb
else
  # 32 bit
  URL=https://dl.google.com/linux/direct/google-musicmanager-beta_current_i386.deb
fi

# download
wget ${URL} -P /tmp

# install
sudo dpkg -i /tmp/google-musicmanager-beta_current_*.deb

$ cat /etc/apt/sources.list.d/google-musicmanager.list
deb http://dl.google.com/linux/musicmanager/deb/ stable main

Links
https://play.google.com/music/listen?u=0#/manager

memcached

# install
apt-get install -y memcached
sed -i 's|-l 127.0.0.1|-l 172.29.13.117|g' /etc/memcached.conf
service memcached restart

# flush cache
telnet mc.example.com 11211
stats
flush_all
quit

# memcached reserved memory
stats
...
STAT limit_maxbytes 314572800

IO performance benchmark script

Install
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/scripts/master/fio.sh -O - | bash -

#!/bin/bash

OUT=/tmp/fio.out

# install fio
sudo apt-get install -y fio

# clear
[ -f ${OUT} ] && rm ${OUT}

# run fio benchmark
for SIZE in 4 8 16; do
    for BS in 4 16 64; do
        for JOBS in 128 254 512; do
            for TIME in 60 120 240; do
                RESULT=$(fio --rw=readwrite --name=test --direct=1 --group_reporting --time_based --size=${SIZE}M --bs=${BS}k --numjobs=${JOBS} --runtime=${TIME} | grep iops | cut -d "=" -f4 | cut -d "," -f1)
                echo "${SIZE}M,${BS}K,${JOBS}x,${TIME}s,$(echo ${RESULT} | tr ' ', ',')" | tee -a ${OUT}
            done
        done
    done
done

Install archiva

# install oracle jdk
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.java-jdk.sh -O - | bash -

# install archiva
wget http://mirror.arcor-online.net/www.apache.org/archiva/2.1.1/binaries/apache-archiva-2.1.1-bin.tar.gz -P /tmp
tar xzf /tmp/apache-archiva-2.1.1-bin.tar.gz -C /opt
ln -s /opt/apache-archiva-2.1.1/ /opt/apache-archiva

# autostart
sed -i '$i /opt/apache-archiva/bin/archiva start' /etc/rc.local

# URL
http://YOUR_IP:8080/

# clear config
rm /opt/apache-archiva/conf/archiva.xml

Puppet: iPXE boot module

# create module structure
mkdir -p /etc/puppet/modules/ipxe/files
mkdir -p /etc/puppet/modules/ipxe/manifests

# download files
wget -q http://dl.panticz.de/ipxe/ipxe.lkrn -O /etc/puppet/modules/ipxe/files/ipxe.lkrn
wget -q http://dl.panticz.de/ipxe/49_ipxe -O /etc/puppet/modules/ipxe/files/49_ipxe

# download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/ipxe/init.pp -O /etc/puppet/modules/ipxe/manifests/init.pp

class ipxe {
  file { "/boot/grub/ipxe.lkrn":
    source => "puppet:///modules/ipxe/ipxe.lkrn"
  }

  file { "/etc/grub.d/49_ipxe":
    source => "puppet:///modules/ipxe/49_ipxe",
    mode => 700
  }

  exec { "update-grub":
    subscribe   => File["/etc/grub.d/49_ipxe"],
    refreshonly => true
  }
}

pako

wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/scripts/master/pako.sh -O - | bash -

#!/bin/bash

# set font size
gsettings set org.gnome.desktop.interface font-name 'Ubuntu 10'

# configure panel clock
gsettings set com.canonical.indicator.datetime show-date true
gsettings set com.canonical.indicator.datetime show-day true
gsettings set com.canonical.indicator.datetime show-week-numbers true

# configure panel sound
gsettings set com.canonical.indicator.sound visible true
gsettings set org.gnome.desktop.sound event-sounds false

# remove keyboard switch indicator from panel
gsettings set com.canonical.indicator.keyboard visible false

# configure workspaces
gsettings set org.gnome.desktop.wm.preferences num-workspaces 2

# configure session
gsettings set org.gnome.desktop.session idle-delay 600

# configure nautilus
gsettings set org.gnome.nautilus.preferences default-folder-viewer 'list-view'
gsettings set org.gnome.nautilus.list-view default-zoom-level 'smallest'

# configure gedit
gsettings set org.gnome.gedit.preferences.editor display-line-numbers true
gsettings set org.gnome.gedit.preferences.editor tabs-size 4
gsettings set org.gnome.gedit.preferences.editor insert-spaces true
gsettings set org.gnome.gedit.preferences.editor bracket-matching true
gsettings set org.gnome.gedit.preferences.editor create-backup-copy false

# configure pluma
gsettings set org.mate.pluma editor-font "Ubuntu Mono 13"
gsettings set org.mate.pluma display-line-numbers true
gsettings set org.mate.pluma bracket-matching true
gsettings set org.mate.pluma insert-spaces true
gsettings set org.mate.pluma active-plugins "['docinfo', 'snippets', 'sort', 'filebrowser', 'changecase', 'quickopen', 'spell', 'time', 'modelines']"

# autostart
[ ! -d ~/.config/autostart ] && mkdir ~/.config/autostart && chmod 700 ~/.config/autostart
ln -s /usr/share/applications/firefox.desktop ~/.config/autostart/
ln -s /usr/share/applications/thunderbird.desktop ~/.config/autostart/
ln -s /usr/share/applications/skype.desktop ~/.config/autostart/

# dont forward locale to server
sudo sed -i 's|    SendEnv LANG LC_*|#   SendEnv LANG LC_*|g' /etc/ssh/ssh_config

# set pluma as default text editor
sudo sed -i 's|text/plain=gedit.desktop|text/plain=pluma.desktop|g' /etc/gnome/defaults.list

https://raw.githubusercontent.com/panticz/preseed/master/late_command.sh

Install Gnokii (Manage SMS on USB Stick)

# install
sudo apt-get install -y gnokii

# set permissions (TODO set permissions with udev)
sudo chmod o+rw /dev/ttyUSB0

# configure
cat < .gnokiirc
[global]
model = AT
port = /dev/ttyUSB0
connection = serial
EOF

# show sms status
gnokii --showsmsfolderstatus

# show sms
gnokii --getsms MT 0 end

# show sms and filter for "http"
gnokii --getsms MT 0 2> /dev/null | grep http

# delete sms
gnokii --deletesms MT 0

# Links
http://linuxgazette.net/164/tomar.html
http://wiki.gnokii.org/index.php/SMS_options
http://ubuntuforums.org/showthread.php?t=1123538

Syndicate content