Jan 14
2022
.htaccess if statement
<If “%{REMOTE_ADDR} == ‘123.123.123.123’ || %{REMOTE_ADDR} == ‘456.456.456.456’”>
Options +Indexes
</If>
<Else>
Options -Indexes
</Else>
Dec 14
2021
Resize mounted partition in Linux
You can resize only last partition at runtime
fdisk / gdisk
- Run sudo fdisk /dev/sda
- press p to list the partitions. Make note of the start cylinder of /dev/sda1 ex. 2048
- press d to delete existing partition
- press n to create new partition it is critical that the new partition starts at the same block as the old
- do not remove the signature
- press a and set boot flag
Reboot or use partprobe / kpartx to see new partition’s size
Resize filesystem
sudo resize2fs /dev/sda1
Dec 12
2021
resize RAID partitions
Ensure that the RAID array is consistent and synchronized by entering
cat /proc/mdstat
If your RAID array is still synchronizing according to the output of this command, you must wait until synchronization is complete before continuing.
sudo mdadm /dev/md0 --fail /dev/sda1 --remove /dev/sda1
To succeed, both the fail and remove actions must be specified.
Increase the size of the partition, using a disk partitioner
Re-add the partition to the RAID array. For example, to add /dev/sda1
….
sudo mdadm -a /dev/md0 /dev/sda1
Wait until the RAID is synchronized and consistent before continuing with the next partition.
Repeat these steps for each of the remaining component devices in the array. Ensure that you modify the commands for the correct component partition.
If you get a message that tells you that the kernel could not re-read the partition table for the RAID, you must reboot the computer after all partitions have been resized to force an update of the partition table.
Remove second disk’s paritions from the RAID array:
sudo mdadm /dev/md0 --fail /dev/sda1 --remove /dev/sdb1
sudo mdadm /dev/md1 --fail /dev/sda5 --remove /dev/sdb5
sudo mdadm /dev/md2 --fail /dev/sda6 --remove /dev/sdb6
sudo mdadm /dev/md3 --fail /dev/sda7 --remove /dev/sdb7
Check the size of the array and the device size known to the array by entering
sudo mdadm -D /dev/md0 | grep -e "Array Size" -e "Dev Size"
Increase the size of the array to the maximum available size by entering
sudo mdadm --grow /dev/md0 -z max --assume-clean
The array uses any space that has been added to the devices, but this space will not be synchronized. This is recommended for RAID 1 because the synchronization is not needed. It can be useful for other RAID levels if the space that was added to the member devices was pre-zeroed.
Recheck the size of your array and the device size known to the array by entering
sudo mdadm -D /dev/md0 | grep -e "Array Size" -e "Dev Size"
If your array was not resized as you expected, you must reboot, then try this procedure again.
You can increase the size of the file system to the maximum space available or specify an exact size. When specifying an exact size for the file system, ensure that the new size satisfies the following conditions:
- The new size must be greater than the size of the existing data; otherwise, data loss occurs.
- The new size must be equal to or less than the current RAID size because the file system size cannot extend beyond the space available.
Increase the size of the partition on second disk, using a disk partitioner
Re-add the partition to the RAID array. For example, to add /dev/sdb1..x enter:
sudo mdadm -a /dev/md0 /dev/sdb1
sudo mdadm -a /dev/md1 /dev/sdb5
sudo mdadm -a /dev/md2 /dev/sdb6
sudo mdadm -a /dev/md3 /dev/sdb7Resize RAID partition to max size
sudo resize2fs -p /dev/md0
sudo resize2fs -p /dev/md1
sudo resize2fs -p /dev/md2
sudo resize2fs -p /dev/md3WHEN ALL PARTITIONS ARE REBUILDED run:
mdadm --detail --scan >> /etc/mdadm.conf
Oct 27
2021
OpenVPN + Google Authenticator MFA
apt install libqrencode3 libpam-google-authenticator
addgroup gauth
useradd -g gauth gauth
mkdir /etc/openvpn/google-authenticator
chown gauth:gauth /etc/openvpn/google-authenticator
chmod 0700 /etc/openvpn/google-authenticator
add line in /etc/openvpn/server.conf
plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so openvpn
create /etc/pam.d/openvpn
with content:
auth required /usr/lib/x86_64-linux-gnu/security/pam_google_authenticator.so secret=/etc/openvpn/google-authenticator/${USER} user=gauth forward_pass
-t : Set up time-based (TOTP) verification
-d : Disallow reuse of previously used TOTP tokens
–r3 : Limit logins to N per every M seconds
-R30 :
-f : Write file without first confirming with user
-l : Override the default label in “otpauth://” URL
-i: Override the default issuer in “otpauth://” URL
-s : Specify a non-standard file location
replace <username> with certificate_name
google-authenticator -t -d -r3 -R30 -f -l “<username>” -i “Company VPN” -s /etc/openvpn/google-authenticator/username
chown gauth:gauth /etc/openvpn/google-authenticator/username
Oct 18
2021
KVM – VNC Server from remote host
<graphics type=”vnc” port=”5900″ autoport=”yes” listen=”SERVER_IP” passwd=”SECRET_PASSWORD”>
<listen type=”address” address=”SERVER_IP”/>
</graphics>
Sep 25
2021
Sep 7
2021
RRDTools
./configure –enable-perl-site-install
Sep 5
2021
Cpan – Encode.c: loadable library and perl binaries are mismatched (got handshake key 0xed00080, needed 0xeb00080)
Move the folder /usr/local/lib64/perl5 to /usr/local/lib64/BADperl5
Move the folder /usr/local/share/perl5 to /usr/local/share/BADperl5
Jun 25
2021
KVM Snapshots
Convert snapshot to standalone image
qemu-img convert -O qcow2 <snapshot.img> <new-image.img>
Create
virsh snapshot-create-as --domain debian11 --name debian11_snapshot01
List
virsh snapshot-create-as --domain debian11 --name debian11_snapshot01
Restore
virsh snapshot-revert debian11 debian11_snapshot01
Delete
virsh snapshot-delete --domain debian11 --snapshotname debian11_snapshot01
Info
virsh snapshot-info --domain debian11 --snapshotname debian11_snapshot01
Jun 6
2021