Navigation
DRBD
# cat /etc/drbd.d/global_common.conf
global {
usage-count yes;
}
common {
startup {
degr-wfc-timeout 0;
}
net {
cram-hmac-alg sha1;
shared-secret ****************;
}
disk {
on-io-error detach;
}
}
# cat /etc/drbd.d/r0.res
resource r0 {
on scld.sedo.de.intern {
volume 0 {
device /dev/drbd0;
disk /dev/vg0/lvol0;
flexible-meta-disk internal;
}
address 192.168.255.1:7788;
}
on ubuntu {
volume 0 {
device /dev/drbd0;
disk /dev/sda3;
flexible-meta-disk internal;
}
address 192.168.255.2:7788;
}
}
Debian / Ubuntu mass dist-upgrade with Ansible (with fallback and logging)
ansible-playbook dist-upgrade.yml -i your_inventory [-l host_name]
---
- hosts:
all
gather_facts: no
vars:
verbose: false
log_dir: "log/dist-upgrade/{{ inventory_hostname }}"
pre_tasks:
- block:
- setup:
rescue:
- name: "Install required python-minimal package"
raw: "apt-get update && apt-get install -y --force-yes python-apt python-minimal"
- setup:
tasks:
- name: Update packages
apt:
update_cache: yes
upgrade: dist
autoremove: yes
register: output
- name: Check changes
set_fact:
updated: true
when: not output.stdout | search("0 upgraded, 0 newly installed")
- name: Display changes
debug:
msg: "{{ output.stdout_lines }}"
when: verbose or updated is defined
- block:
- name: "Create log directory"
file:
path: "{{ log_dir }}"
state: directory
changed_when: false
- name: "Write changes to logfile"
copy:
content: "{{ output.stdout }}"
dest: "{{ log_dir }}/dist-upgrade_{{ ansible_date_time.iso8601 }}.log"
changed_when: false
when: updated is defined
connection: local
dnsmasq
# cat /etc/dnsmasq.conf
dhcp-authoritative
server=192.168.1.6
log-facility=/var/log/dnsmasq.log
log-queries
local=/example.com/
domain=example.com
# cat /etc/dnsmasq.conf | grep "^dhcp-host" | awk -v OFS="\t" -F "," '{print $3, $2}' | sort -k2 > /etc/hosts.pre
addn-hosts=/etc/hosts.pre
# DHCP
dhcp-range=192.168.1.150,192.168.1.200,255.255.255.0,1d
dhcp-option=option:router,192.168.1.6
dhcp-option=option:ntp-server,217.7.239.199
# PXE
dhcp-boot=pxelinux.0,srv,192.168.1.9
dhcp-boot=net:sip,http://srv/snom3x0/snom3x0.xml,srv,192.168.1.9
Apache authentification
# vi /etc/apache2/sites-enabled/000-default.conf <VirtualHost *:80> ... <Directory "/var/www/html"> AllowOverride AuthConfig Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec Order allow,deny Allow from all </Directory> ... </VirtualHost> cat <<EOF> /var/www/html/.htaccess AuthBasicAuthoritative On AuthName "Authorized Users Only." AuthType Basic AuthUserFile /etc/apache2/htpasswd Require user USER_NAME EOF htpasswd -b /etc/apache2/htpasswd USER_NAME 'USER_PASS'
- Login to post comments
Mate
# install
sudo apt-get install ubuntu-mate-desktop
# reset panel
mate-panel --reset
# configuration
https://github.com/vinadoros/CustomScripts/blob/master/DMATE.sh
gsettings set org.mate.caja.preferences default-folder-viewer 'list-view'
# Caja bookmarks
~/.gtk-bookmarks
Ansible templates
{% for host in groups['db_servers'] %}
{{ host }}
{% endfor %}
{% for host in groups['db_servers'] %}
{{ hostvars[host]['ansible_eth0']['ipv4']['address'] }}
{% endfor %}
Create and install StartCom SSL certificate
openssl \
req \
-nodes \
-newkey rsa:2048 \
-keyout www.example.com.key \
-out www.example.com.csr \
-subj "/C=DE/ST=NRW/L=Berlin/O=My Inc/OU=DevOps/CN=www.example.com/emailAddress=dev@www.example.com"
a2enmod ssl
a2ensite default-ssl
service apache2 restart
cp /tmp/2_*.crt /etc/ssl/certs/
cp /tmp/1_root_bundle.crt /etc/ssl/certs/
cp /tmp/*.key /etc/ssl/private/
/etc/apache2/sites-enabled/default-ssl.conf
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
