waja / gist:692eb337ceb64c2b9fa12ac94bdb3d39
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | # Install needed packages |
| 2 | apt install bridge-utils xen-system-amd64 grub-xen-host xen-tools lvm2 |
| 3 | # Reduce dom0 memory |
| 4 | sed -i s/#GRUB_CMDLINE_XEN=\"\"/GRUB_CMDLINE_XEN=\"dom0_mem=1024M\"/ /etc/default/grub.d/xen.cfg && update-grub |
| 5 | # Don't touch iptables when creating te bridge interface |
| 6 | cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local && \ |
| 7 | sed -i s/^handle_iptable/#handle_iptable/g /etc/xen/scripts/vif-bridge-local && \ |
| 8 | sed -i s/#vif.default.script=\"vif-bridge\"/vif.default.script=\"vif-bridge-local\"/g /etc/xen/xl.conf |
| 9 | # Disable saving and restoring domains |
| 10 | sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ /etc/default/xendomains |
waja / gist:7956f29659644822b5a669bacf128a1b
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | #!/bin/bash |
| 2 | # wget https://gist.githubusercontent.com/waja/0deb4dd5cd759371270dc3e1f5dabcb5/raw/deploy_rootlessdocker.sh -O /tmp/a && sh /tmp/a |
| 3 | |
| 4 | # Check if dockerd is installed |
| 5 | [ $(which dockerd) ] || wget https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/docker_deploy.sh \ |
| 6 | -O /tmp/docker_deploy.sh && bash /tmp/docker_deploy.sh |
| 7 | |
| 8 | # Stop and disable dockerd (runs as root) |
| 9 | systemctl stop docker && systemctl disable docker && systemctl disable docker.socket |
waja / gist:5515c9e46f9441649180d9e9d6e5a343
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | # Crossgrade jessie over to amd64 along https://stbuehler.de/blog/article/2017/06/28/debian_stretch__upgrade_32-bit_to_64-bit.html, |
| 2 | # but on jessie downloading the correct packages is a bit more complicated |
| 3 | |
| 4 | aptitude search ~M | cut -c5- | cut -d' ' -f1 > aptitude.auto |
| 5 | dpkg -l | grep '^ii' | awk '{print $2}' > packages |
| 6 | dpkg --print-architecture |
| 7 | dpkg --print-foreign-architectures |
| 8 | dpkg --add-architecture amd64 |
| 9 | apt-get update |
waja / gist:f4a365d02d764c4b8298f3014b6d7ba4
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | #!/bin/bash |
| 2 | # wget https://gist.githubusercontent.com/waja/cb6c427543b9dbea4c775ccfb1f308ab/raw/fix_cert_addtrust_external_expiration_apache.sh -O /tmp/a && bash /tmp/a && apache2ctl -t && service apache2 reload |
| 3 | TMPFILE=$(mktemp) |
| 4 | trap "{ rm -rf ${TMPFILE}; }" EXIT |
| 5 | for CERT in $(grep -P "^( |\t)*SSLCertificateFile" /etc/apache2/sites-enabled/* | awk '{print $3}'); do |
| 6 | if [ \( "$(openssl x509 -in ${CERT} -issuer | head -1 | cut -d"=" -f7 | sed 's/^ *//g')" == "Sectigo RSA Domain Validation Secure Server CA" -o "$(openssl x509 -in ${CERT} -issuer | head -1 | cut -d"=" -f7 | sed 's/^ *//g')" == "COMODO RSA Domain Validation Secure Server CA" \) -a ! -L ${CERT} ]; then |
| 7 | echo "${CERT}:" |
| 8 | openssl crl2pkcs7 -nocrl -certfile ${CERT} | openssl pkcs7 -print_certs > ${TMPFILE} |
| 9 | for CA in 'COMODO RSA Certification Authority' 'USERTrust RSA Certification Authority' 'AddTrust External CA Root'; do |
| 10 | sed -i "/^subject.*${CA}/q" ${TMPFILE} |
waja / gist:91d8da58f7e849c3a644ca48819ba062
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | if [ -f /etc/apt/apt.conf.d/00InstallRecommends ]; then |
| 2 | # remove any existing value from file |
| 3 | sed -i '/^APT::Install-Recommends/d' /etc/apt/apt.conf.d/00InstallRecommends; |
| 4 | sed -i '/^Aptitude::Recommends-Important/d' /etc/apt/apt.conf.d/00InstallRecommends; |
| 5 | # set the value |
| 6 | echo 'APT::Install-Recommends "false";' >> /etc/apt/apt.conf.d/00InstallRecommends && \ |
| 7 | echo 'Aptitude::Recommends-Important "False";' >> /etc/apt/apt.conf.d/00InstallRecommends && \ |
| 8 | echo "* Disabled automatical installation of recommended packages" |
| 9 | else |
| 10 | # set the value (and create a new file) |
waja / gist:cced251f4e8c4cc886d955ff01755343
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
New location
Head over to https://github.com/waja/debian-update-cheatsheets/blob/buster2bullseye/buster2bullseye.sh
waja / gist:caa1fd500d2c413892e7391345dc90ea
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | #!/bin/bash |
| 2 | |
| 3 | if [ $(ip -6 route | grep -c ^default) -eq 0 ]; then exit; fi |
| 4 | apt install socat || exit |
| 5 | cat > /etc/systemd/system/socat\@.service <<EOF |
| 6 | [Unit] |
| 7 | Description=ipv6 to ipv4 port forwarding |
| 8 | After=network.target |
| 9 | |
| 10 | [Service] |
waja / gist:01c63f7d6d9147a0838c474dd21b1ac8
0 лайк(-ов)
0 форк(-ов)
4 файл(-ов)
Последняя активность 8 months ago
| 1 | # tr -dc A-Za-z0-9 </dev/urandom | head -c 12 ; echo '' |
| 2 | TRAEFIK_HASH=H6UNStXJUAX5 |
| 3 | TRAEFIK_PROJECT=bitwarden |
| 4 | TRAEFIK_SERVICE_01=bitwarden |
waja / gist:bbf7a1b1b1224293bbf409f09c2ed6eb
0 лайк(-ов)
0 форк(-ов)
2 файл(-ов)
Последняя активность 8 months ago
| 1 | # See https://gitlab.com/richardskumat/ansible-role-client-debian-role/-/blob/master/.gitlab-ci.yml |
| 2 | image: qwe1/dind-ansible-molecule:latest |
| 3 | variables: |
| 4 | # DOCKER_HOST: tcp://docker:2375/ |
| 5 | DOCKER_DRIVER: overlay2 |
| 6 | # https://gitlab.com/gitlab-org/gitlab-ce/issues/64959 |
| 7 | # 19.03 had some breaking changes compared to 18.09 |
| 8 | DOCKER_TLS_CERTDIR: "" |
| 9 | |
| 10 | services: |
waja / gist:b298543503af44398e53070eb49789ab
0 лайк(-ов)
0 форк(-ов)
1 файл(-ов)
Последняя активность 8 months ago
| 1 | object CheckCommand "check-smart" { |
| 2 | import "plugin-check-command" |
| 3 | |
| 4 | command = [ "/usr/lib/monitoring-plugins" + "/check_smart" ] |
| 5 | |
| 6 | arguments = { |
| 7 | "--device" = { |
| 8 | value = "$smart_device$" |
| 9 | set_if = {{ macro("$smart_device_is_glob$") == false }} |
| 10 | description = "A physical block device to be SMART monitored, eg /dev/sda. Pseudo-device /dev/bus/N is allowed." |