On server with Alma9 we shoud do
update-crypto-policies --set LEGACY
and add this line to /etc/ssh/sshd_config
HostKeyAlgorithms +ssh-rsa,ssh-dss
Port forward to Hetzner from VPS via GRE Tunnel + iptables rules
Server A = Hetzner (public IP 193.1.1.2) that compute with virtual machines that have network br0.
Server B = VPS (public IP 176.1.1.2). From that VM we will do portforwarding.
On server A, file /etc/rc.local
ip tunnel add gre1 mode gre local 193.1.1.2 remote 176.1.1.2 ttl 255 ip addr add 10.0.0.2/30 dev gre1 ip link set gre1 up #echo '100 GRE' >> /etc/iproute2/rt_tables ip rule add from 10.0.0.0/30 table GRE ip route add default via 10.0.0.1 table GRE ip route add 10.96.111.0/24 dev br0 table GREContinue reading “Port forward to Hetzner from VPS via GRE Tunnel + iptables rules”
Replace defective HDD on CentOS 6 (mbr)
Prologue: sda old but works, sdc defective. I will replace sdc.
First of all, mark disk sdc as defective and remove from raid.
mdadm --manage /dev/md0 --fail /dev/sdc2 mdadm --manage /dev/md1 --fail /dev/sdc1 mdadm --manage /dev/md2 --fail /dev/sdc3 mdadm /dev/md0 -r /dev/sdc2 mdadm /dev/md1 -r /dev/sdc1 mdadm /dev/md2 -r /dev/sdc3
Physically replace disk and copy partition table to new one.
Continue reading “Replace defective HDD on CentOS 6 (mbr)”Postfix as Yandex Relay
In that quickie article we will setup Postfix as yandex relay that servers only local mail (emails for root) on AlmaLinux 8.
dnf install postfix mailx cyrus-sasl-plain
Continue reading “Postfix as Yandex Relay”UFW for antizapret
Couple UFW rules for antizapret node
ufw default deny incoming ufw default allow outgoing ufw allow ssh / ufw allow from 203.0.113.4 to any port 22 ufw allow 1194 ufw route allow proto tcp from any to any port 1194 ufw route allow proto udp from any to any port 1194 ufw allow in on lxdbr0 ufw route allow in on lxdbr0 ufw enable
Nginx as CDN POP
This released on ubuntu with packages nginx and nginx-extras (some modules used additionally that not avail on Alma packages, that’s why ubuntu).
We will store cached files in /cdncache and logs in /var/log/nginx/cdnlogs.
Our CDN URL is yourcdn1.domain.name for site1.dev and yourcdn2.domain.name for site2.dev
We will server static files (mp4,jpg,png,gif,jpeg,js,ico,html,htm,webp,css,mp3,wav,swf,mov,doc,pdf,xls,ppt,docx,pptx,xlsx,ttf,woff,woff2), accept only GET queries and disallow listing for /.
Continue reading “Nginx as CDN POP”Upgrading all packages on OpenWRT
More difficult than on Centos, yeah? 🙂
opkg list-upgradable | cut -f 1 -d ' ' | xargs opkg upgrade
Goip systemd service
cat /etc/systemd/system/goip.service
We should start goip service after mysql and we should be sure that it will autorestart on crash.
Continue reading “Goip systemd service”Asterisk & Self Registration Queue
Idea: make a queue of calls in which agents will register themselves. A man came to work, dialed a secret combination, “signed up,” and he is all in line and ready to receive calls. Let’s make it happen.
Continue reading “Asterisk & Self Registration Queue”Asterisk working systemd service
- We will start asterisk after mariadb (for connecting res_odbc);
- We run asterisk from user “asterisk”.