Linux Administration

Collection of helm-stuff

Nice things you can do with lsof # Show all active internet connections lsof -i # Show all active TCP connections lsof -iTCP lsof -iTCP:57123 # Show active TCP connection on port 57123 # Show all active IPv4 connections lsof -i4 lsof -i4:57123 # Show active IPv4 connection on port 57123 # Show all file descriptors for a user lsof -u $USER

Hugo is a framework for building static webpages. It pairs well with creating a git repository and creating a push-webhook which rebuilds the homepage every time you change it. This post is just documenting how to do just that for an existing hugo repository. Create a static repo with nginx pointing to it Clone a hugo repo and put it in /srv/hugo.iix.se Pop over to the folder and run hugo to generate a static page chown -R nginx:nginx /srv/hugo....

Various stuff I forget how I do it. View iptables # View iptables sudo iptables -nvL Add/Remove/Replace # Add a rule iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Append to end of chain iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT # Insert at position 1 in chain # Delete a rule iptables -D INPUT 5 # 5 is index 5 in the INPUT-chain # Replace a rule iptables -R INPUT 1 -p tcp -s 192....

Kubernetes + GCloud + Kind Cheatsheet Links Official Kubernetes Cheatsheet Kubectl Bash autocomplete source <(kubectl completion bash) Context - easy way of changing namespaces Contexts are saved to $HOME/.kube/config, so you can edit that file manually if you mess up. # One-time-only - create context kubectl config set-context iix --namespace=iix --user=kubernetes-admin --cluster=kubernetes # Later - use context kubectl config use-context iix Listing # List all images in the active namespace kubectl -n dev get pods -o jsonpath="{....

This page just describes how I have found out you can do to make stuff work in SELinux when they don’t. I feel there may be a better way to update SELinux in an organized manner. If you know how, don’t hesitate to send me an email at olle at iix dot se. Anyhow, here is my way of making stuff work at the moment. Locate the problem In this example....

This is a very broad title, and will probably not help anyone except for me if this happens for me again. One day when I had to restart my KVM host, none of my guests had internet connection. The eth0 on the KVM host was attached to a bridge (br0) and that host had connectivity through the bridge. Here are some configs (which had not changed since it worked): # /etc/network/interfaces source /etc/network/interfaces....

sudo systemctl stop nginx sudo docker run --rm -it -p80:80 -p443:443 -v "/etc/letsencrypt:/etc/letsencrypt" -v "/var/lib/letsencrypt:/var/lib/letsencrypt" certbot/certbot certonly --expand --standalone -d yolo.iix.se sudo systemctl start nginx

How To Set Up a Postfix E-Mail Server with Dovecot How To use an SPF Record to Prevent Spoofing & Improve E-mail Reliability How To Install and Configure DKIM with Postfix on Debian Wheezy (Note: to get a PTR record back to your FQDN on Digital Ocean you must name the droplet to the FQDN)

I have docker container which wants access to a drive on its host, which in turn is mounted with cifs from a server on the local network. If you mount it normally with a -v host:container and try to access it from the container, you get an access denied. If you try the old classic SE-Linux-friendly -v host:container:Z, it will look like this from the container: root@c3ada26b1d90:/# l /data/* /data/backup: ls: cannot access '/data/backup/config....