's Avatar

waja

Joined 6 months ago

waja's Avatar

waja / gist:692eb337ceb64c2b9fa12ac94bdb3d39

0 likes
0 forks
1 files
Last active 6 months ago
1 # Install needed packages
2 apt install bridge-utils xen-system-amd64 grub-xen-host xen-tools lvm2
3 # Reduce dom0 memory
4 sed -i s/#GRUB_CMDLINE_XEN=\"\"/GRUB_CMDLINE_XEN=\"dom0_mem=1024M\"/ /etc/default/grub.d/xen.cfg && update-grub
5 # Don't touch iptables when creating te bridge interface
6 cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local && \
7 sed -i s/^handle_iptable/#handle_iptable/g /etc/xen/scripts/vif-bridge-local && \
8 sed -i s/#vif.default.script=\"vif-bridge\"/vif.default.script=\"vif-bridge-local\"/g /etc/xen/xl.conf
9 # Disable saving and restoring domains
10 sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ /etc/default/xendomains
waja's Avatar

waja / gist:7956f29659644822b5a669bacf128a1b

0 likes
0 forks
1 files
Last active 6 months ago
1 #!/bin/bash
2 # wget https://gist.githubusercontent.com/waja/0deb4dd5cd759371270dc3e1f5dabcb5/raw/deploy_rootlessdocker.sh -O /tmp/a && sh /tmp/a
3
4 # Check if dockerd is installed
5 [ $(which dockerd) ] || wget https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/docker_deploy.sh \
6 -O /tmp/docker_deploy.sh && bash /tmp/docker_deploy.sh
7
8 # Stop and disable dockerd (runs as root)
9 systemctl stop docker && systemctl disable docker && systemctl disable docker.socket
waja's Avatar

waja / gist:5515c9e46f9441649180d9e9d6e5a343

0 likes
0 forks
1 files
Last active 6 months ago
1 # Crossgrade jessie over to amd64 along https://stbuehler.de/blog/article/2017/06/28/debian_stretch__upgrade_32-bit_to_64-bit.html,
2 # but on jessie downloading the correct packages is a bit more complicated
3
4 aptitude search ~M | cut -c5- | cut -d' ' -f1 > aptitude.auto
5 dpkg -l | grep '^ii' | awk '{print $2}' > packages
6 dpkg --print-architecture
7 dpkg --print-foreign-architectures
8 dpkg --add-architecture amd64
9 apt-get update
waja's Avatar

waja / gist:f4a365d02d764c4b8298f3014b6d7ba4

0 likes
0 forks
1 files
Last active 6 months ago
1 #!/bin/bash
2 # wget https://gist.githubusercontent.com/waja/cb6c427543b9dbea4c775ccfb1f308ab/raw/fix_cert_addtrust_external_expiration_apache.sh -O /tmp/a && bash /tmp/a && apache2ctl -t && service apache2 reload
3 TMPFILE=$(mktemp)
4 trap "{ rm -rf ${TMPFILE}; }" EXIT
5 for CERT in $(grep -P "^( |\t)*SSLCertificateFile" /etc/apache2/sites-enabled/* | awk '{print $3}'); do
6 if [ \( "$(openssl x509 -in ${CERT} -issuer | head -1 | cut -d"=" -f7 | sed 's/^ *//g')" == "Sectigo RSA Domain Validation Secure Server CA" -o "$(openssl x509 -in ${CERT} -issuer | head -1 | cut -d"=" -f7 | sed 's/^ *//g')" == "COMODO RSA Domain Validation Secure Server CA" \) -a ! -L ${CERT} ]; then
7 echo "${CERT}:"
8 openssl crl2pkcs7 -nocrl -certfile ${CERT} | openssl pkcs7 -print_certs > ${TMPFILE}
9 for CA in 'COMODO RSA Certification Authority' 'USERTrust RSA Certification Authority' 'AddTrust External CA Root'; do
10 sed -i "/^subject.*${CA}/q" ${TMPFILE}
waja's Avatar

waja / gist:91d8da58f7e849c3a644ca48819ba062

0 likes
0 forks
1 files
Last active 6 months ago
1 if [ -f /etc/apt/apt.conf.d/00InstallRecommends ]; then
2 # remove any existing value from file
3 sed -i '/^APT::Install-Recommends/d' /etc/apt/apt.conf.d/00InstallRecommends;
4 sed -i '/^Aptitude::Recommends-Important/d' /etc/apt/apt.conf.d/00InstallRecommends;
5 # set the value
6 echo 'APT::Install-Recommends "false";' >> /etc/apt/apt.conf.d/00InstallRecommends && \
7 echo 'Aptitude::Recommends-Important "False";' >> /etc/apt/apt.conf.d/00InstallRecommends && \
8 echo "* Disabled automatical installation of recommended packages"
9 else
10 # set the value (and create a new file)
waja's Avatar

waja / gist:cced251f4e8c4cc886d955ff01755343

0 likes
0 forks
1 files
Last active 6 months ago

New location

Head over to https://github.com/waja/debian-update-cheatsheets/blob/buster2bullseye/buster2bullseye.sh
waja's Avatar

waja / gist:caa1fd500d2c413892e7391345dc90ea

0 likes
0 forks
1 files
Last active 6 months ago
1 #!/bin/bash
2
3 if [ $(ip -6 route | grep -c ^default) -eq 0 ]; then exit; fi
4 apt install socat || exit
5 cat > /etc/systemd/system/socat\@.service <<EOF
6 [Unit]
7 Description=ipv6 to ipv4 port forwarding
8 After=network.target
9
10 [Service]
waja's Avatar

waja / gist:01c63f7d6d9147a0838c474dd21b1ac8

0 likes
0 forks
4 files
Last active 6 months ago
1 # tr -dc A-Za-z0-9 </dev/urandom | head -c 12 ; echo ''
2 TRAEFIK_HASH=H6UNStXJUAX5
3 TRAEFIK_PROJECT=bitwarden
4 TRAEFIK_SERVICE_01=bitwarden
waja's Avatar

waja / gist:bbf7a1b1b1224293bbf409f09c2ed6eb

0 likes
0 forks
2 files
Last active 6 months ago
1 # See https://gitlab.com/richardskumat/ansible-role-client-debian-role/-/blob/master/.gitlab-ci.yml
2 image: qwe1/dind-ansible-molecule:latest
3 variables:
4 # DOCKER_HOST: tcp://docker:2375/
5 DOCKER_DRIVER: overlay2
6 # https://gitlab.com/gitlab-org/gitlab-ce/issues/64959
7 # 19.03 had some breaking changes compared to 18.09
8 DOCKER_TLS_CERTDIR: ""
9
10 services:
waja's Avatar

waja / gist:b298543503af44398e53070eb49789ab

0 likes
0 forks
1 files
Last active 6 months ago
1 object CheckCommand "check-smart" {
2 import "plugin-check-command"
3
4 command = [ "/usr/lib/monitoring-plugins" + "/check_smart" ]
5
6 arguments = {
7 "--device" = {
8 value = "$smart_device$"
9 set_if = {{ macro("$smart_device_is_glob$") == false }}
10 description = "A physical block device to be SMART monitored, eg /dev/sda. Pseudo-device /dev/bus/N is allowed."
Newer Older

Powered by Opengist Load: 201ms

English