Linux

Faces of OpenSource

Linux

i just like this Page … Faces of OpenSource.

Thanks for all the fish, guys !

Any Comments ?

sha256: 511dfaf2c20685d4fb80884557bf2efaf1ac7f234d02d25be20687d92cb6ad11

Update Checkmk

Linux

how to update checkmk

let’s assume you already have a running version of checkmk. You should install patches / updated every few month.

Main and Download URL’s

Main URL: https://checkmk.com/de/download?edition=cre&version=stable&dist=debian&os=bullseye

https://download.checkmk.com/checkmk/1.6.0p20/check-mk-raw-1.6.0p20_0.bullseye_amd64.deb

https://download.checkmk.com/checkmk/2.0.0p12/check-mk-raw-2.0.0p12_0.bullseye_amd64.deb

Download and Install Package

Login as Root

v="2.0.0p25"
cd /tmp
wget -O checkmk.deb "https://download.checkmk.com/checkmk/${v}/check-mk-raw-${v}_0.bullseye_amd64.deb"
gdebi checkmk.deb

Update Checkmk

Switch User …

su - mysite

.. Switch User and start Update

omd status
omd version
omd stop
omd update
omd start

Cleanup

exit
omd cleanup

Check Application

Open Browser, check News and Plugins

Keychain

OpenBSD, Linux

Need a small and smart utility to manage you ssh keys under linux ? got some scripts and cronjobs which requires an local ssh key ? have a look at keychain !

Install Software

depending on your OS …

macos$ brew install keychain
debian$ sudo apt-get install keychain
openbsd$ pkg_add keychain
freebsd$ pkg install keychain

edit startup Scripts

$HOME/.bashrc $HOME/.bash_profile /etc/profile $HOME/.profile

cat << 'EOF' >> $HOME/.bashrc
# Keychain Startup
eval `keychain --eval id_ed25519`
EOF

check service

$ keychain
$ ssh-add -L

add to .profile

cat << 'EOF' >> .profile

# Keychain Loaded ? Load and show Key ...
eval $(keychain --eval id_ed25519)
echo -e "loaded keys: `ssh-add -L |cut -c 1-12,77-`\n"
EOF

List Keys

keychain --list

List Finterprints (Public Key ?)

$ keychain --list-fp

Set Timeout

Timeout for SSH Agent

Git Clear your History

Linux

Clear History

have you ever checked in some binarys, confidential stuff or something else by mistake ? Git will keep all your history, that’s their design and purpose.

how ever, if you need to cleanup once, here is a short tutorial.

Kill Git Config

cd myrepo
cat .git/config -> note down the url
url=$(git config --get remote.origin.url)
rm -rf .git

Create New Repo

git init
git add .
git commit -m "Removed history, ..."

Push Remote

git remote add origin git@host/yourrepo  <- URL you noted down above
git remote add origin $url
git push -u --force origin master

All in One

_url=$(git remote -v |awk '/fetch/ { print $2 }')
rm -rf .git
git init
git add .
git commit -m "Removed history ..."
git remote add origin ${_url}
git push -u --force origin main
unset _url

and you’re done :)

Checkmk

Linux, Monitoring

Some Install Notes

https://checkmk.de/cms_install_packages_debian.html

download and scp check-mk-enterprise-1.6.0p15.demo_0.buster_amd64.deb -> enterprise microkernel, 2 x 10 Hosts download and scp check-mk-raw-1.6.0p15_0.buster_amd64.deb -> raw edition, nagios kernel

ssh root@localhost

apt-get install dpkg-sig libnet-snmp-perl snmp
wget https://checkmk.com/support/Check_MK-pubkey.gpg
gpg --import Check_MK-pubkey.gpg
dpkg-sig --verify /tmp/check-mk-enterprise-1.6.0p15.demo_0.buster_amd64.deb
apt-get install gdebi-core
gdebi /tmp/check-mk-raw-1.6.0p15_0.buster_amd64.deb
omd version

omd create mysite
omd config

oder

omd restore /tmp/mysite.tar.gz

Install v2.0 and migrate existing Config

https://checkmk.de/cms_install_packages_debian.html

download file: check-mk-raw-2.0.0p5_0.buster_amd64.deb

scp check-mk-raw-2.0.0p5_0.buster_amd64.deb host227:/tmp/

Prepare New Host

apt install -y dpkg-sig libnet-snmp-perl snmp

wget https://checkmk.com/support/Check_MK-pubkey.gpg
gpg --import Check_MK-pubkey.gpg
dpkg-sig --verify /tmp/check-mk-raw-2.0.0p5_0.buster_amd64.deb

apt-get install gdebi-core
gdebi /tmp/check-mk-raw-2.0.0p5_0.buster_amd64.deb

omd version

Backup old Server

Backup and copy to new Server

GIT add Folder to Repo

Linux

wanna switch a local folder to a remote git repo ?

https://docs.github.com/en/github/using-git/adding-a-remote

GitoLite

create git repo with gitolite (myproject)

add Folder

cd myproject

git init
git remote add origin git@your-git-server:myproject

check Status

git remote -v
git status

add all existing Files, commit and push to remote

git add .
git commit -m "initial commit"
git push --set-upstream origin master
Any Comments ?

sha256: ba5ff311face100add7e9b21efbbb86af94545d3aec2cf8d920ea55ba5353464

Debian on APU4

Linux

debian on apu

boot

menu -> tab

-> debian-installer/i386/linux vga=788 initrd=debian-installer/i386/initrd.gz — console=ttyS0,115200

enter

space

:)

english

country switzerland

nic0

hostname apu005

domain planet

mirror ch -> ftp.ch.debian.org

root password

Partitioning: entire Disk & LVM

Separate /home /var /tmp

survey no

soft: standard system utilities & ssh server

grub yes

braucht ca. 30min !

automated

https://www.debian.org/releases/stable/amd64/apbs02.en.html https://www.debian.org/releases/buster/example-preseed.txt

Packages

apt-get -y install net-tools git htop

Reboot

geht 40 Sekunden
Any Comments ?

sha256: de990ff6c33196dbecc6d133f0fc29686ded54fa7357d30e7dc36a59f0368eb0

Crontab

Linux

Troubleshooting Crontab Problems

Dump the Environment

add this line to root’s crontab

* * * * * env > /root/cronenv

Load the Environment

env - $(cat /root/cronenv) /bin/sh

Run your script

./script_with_env_problems.sh

and check it’s output …

Any Comments ?

sha256: de1667fb4003135420244f48280d72e03d7559b675ab6b4a9c020b0725866525

Ubuntu Kickstart

Linux

How to Kickstart a Ubuntu Installation …

edit dhcpd.conf

host ubuntu {
  hardware ethernet 4E:E5:80:xx:xx:xx;
  fixed-address x.x.x.x;
  filename "ubuntu/pxelinux.0";
  next-server x.x.x.200;
}

restart dhcpd

prepare env on tftp server (x.x.x.200)

mkdir -p /tftpboot/ubuntu/
cd /tftpboot/ubuntu/
ftp http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/installer-amd64/current/images/netboot/netboot.tar.gz
tar xfz netboot.tar.gz

kickstart cfg

put the following file in a webroot available from the client machine

cat <<'EOF' > /var/www/htdocs/ks.cfg
#Generated by Kickstart Configurator
#platform=AMD64 or Intel EM64T

#System language
lang en_US
#Language modules to install
langsupport en_US
#System keyboard
keyboard ch
#System mouse
mouse
#System timezone
timezone Europe/Zurich
#Root password (here 123456)
rootpw --iscrypted $1$r6te7M.4$C55eKRGO2xdodwc3tBe48/
#Initial user
user --disabled
#Reboot after installation
reboot
#Use text mode install
text
#Install OS instead of upgrade
install
#Use Web installation
url --url http://mirror.init7.net/ubuntu/
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr yes
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part swap --size 1024
part /boot --fstype ext4 --size 512
part / --fstype ext4 --size 1 --grow
#System authorization infomation
auth  --useshadow  --enablemd5
#Network information
network --bootproto=dhcp --device=eth0
#Firewall configuration
firewall --disabled
#Do not configure the X Window System
skipx
EOF

start and install client

  • pxe boot client
  • on the install screen, press tab and add ‘ks=http://x.x.x.x/ks.cfg’
  • Enter and wait until done
Any Comments ?

sha256: c58f8a064ddcae5b682a1699da8d10b3abb12ce131826e2a6098ed9b930f4e10

Mint Vlan

Linux

How to configure a Vlan on Linux Mint ?

Wiki

Install vlan

sudo apt-get install vlan

Configuration

root@mint:~# sudo modprobe 8021q

root@mint:~# ifconfig
ens19: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.10.18.83  netmask 255.255.255.0  broadcast 10.10.18.255
        inet6 2001:db8:1:2:9506:5fcd:1c61:1279  prefixlen 64  scopeid 0x0<global>
        inet6 2001:db8:1:2:a9:c50b:1348:1ec6  prefixlen 64  scopeid 0x0<global>
        inet6 2001:db8:1:2:e064:b0ec:a08f:7fd8  prefixlen 64  scopeid 0x0<global>
        inet6 2001:db8:1:2:a015:7ec:eef0:1a75  prefixlen 64  scopeid 0x0<global>
        inet6 2001:db8:1:2:a028:b890:ffe8:5231  prefixlen 64  scopeid 0x0<global>
        inet6 2001:db8:1:2:c80:addb:1273:95d5  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::9cc2:b22d:cc15:2946  prefixlen 64  scopeid 0x20<link>
        ether 4e:e5:10:00:06:83  txqueuelen 1000  (Ethernet)
        RX packets 181  bytes 58337 (58.3 KB)
        RX errors 0  dropped 7  overruns 0  frame 0
        TX packets 271  bytes 48413 (48.4 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 138  bytes 13723 (13.7 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 138  bytes 13723 (13.7 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

root@mint:~# vconfig add ens19 158
Added VLAN with VID == 158 to IF -:ens18:-
root@mint:~#

root@mint:~# ip addr add 100.60.100.83/24 dev ens19.158
root@mint:~#

root@mint:~# ip link set up ens19.158
root@mint:~#

Make Permanent

sudo su -c 'echo "8021q" >> /etc/modules'

/etc/network/interfaces
auto ens19.158
iface ens19.158 inet static
    address 100.60.100.83
    netmask 255.255.255.0
    vlan-raw-device ens19.158
    up route add -net 10.0.0.0 netmask 255.0.0.0 gw 100.60.100.1
Any Comments ?

sha256: e69d61613b45307405014943049154d70c8cf140d2a3bcf5bbf7679fbefa798f