check bash version

rm /tmp/out.log
for HOST in $(cat host.list); do
    VERSION=$(ssh -o StrictHostKeyChecking=no -o ConnectTimeout=3 ${HOST} 'dpkg-query -W -f="\${Version}" "*bash*"')
    [ !

IO performance benchmark script

Install
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/scripts/master/fio.sh -O - | bash -

#!/bin/bash

OUT=/tmp/fio.out

# clear
[ -f ${OUT} ] && rm ${OUT}

# run fio benchmark
for SIZE in 4 8 16; do
    for BS in 4 16 64; do
        for JOBS in 128 254 512; do
            for TIME in 60 120 240; do
                RESULT=$(fio --rw=readwrite --name=test --direct=1 --group_reporting --time_based --size=${SIZE}M --bs=${BS}k --numjobs=${JOBS} --runtime=${TIME} | grep iops | cut -d "=" -f4 | cut -d "," -f1)
                echo "${SIZE}M,${BS}K,${JOBS}x,${TIME}s,$(echo ${RESULT} | tr ' ', ',')" | tee -a ${OUT}
            done
        done
    done
done

Install Vega vulnerability scanner under Ubuntu / Debian

Install
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.vega.sh -O - | bash -

#!/bin/bash

# install Java JDK
wget -q https://raw.githubusercontent.com/panticz/installit/master/install.java-jdk.sh -O - | bash -

sudo apt-get install libwebkitgtk-1.0

# download link
if [ "$(uname -m)" == "x86_64" ]; then
  # 64 bit
  URL=http://support.subgraph.com/downloads/VegaBuild-linux.gtk.x86_64.zip
else
  # 32 bit
  URL=http://support.subgraph.com/downloads/VegaBuild-linux.gtk.x86.zip
fi

# download new eclipse release
wget -q ${URL} -P /tmp

# extract
sudo unzip /tmp/VegaBuild-linux.gtk.*.zip -d /usr/share/

sudo ln -s /usr/share/vega/Vega /usr/local/bin/vega

cat <<EOF> /usr/share/applications/vega.desktop
[Desktop Entry]
Encoding=UTF-8
Name=Vega
Comment=Vega Vulnerability Scanner
Exec=vega
Icon=/usr/share/vega/icon.xpm
Terminal=false
Type=Application
Categories=GNOME;Application;Development;
StartupNotify=true
EOF

Workarround
sudo mkdir -p /usr/share/vega/workspace/
sudo chmod 777 /usr/share/vega/workspace/

Download
https://subgraph.com/vega/download/

Configuration
pawkon@D269:~$ diff /usr/share/vega/Vega.ini.2015-01-12 /usr/share/vega/Vega.ini
2,5c2,5

 -Xms1024m
> -XX:PermSize=512m
> -XX:MaxPermSize=1024m
> -Xmx4096m

Install archiva

# install oracle jdk
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.java-jdk.sh -O - | bash -

# install archiva
wget http://mirror.arcor-online.net/www.apache.org/archiva/2.1.1/binaries/apache-archiva-2.1.1-bin.tar.gz -P /tmp
tar xzf /tmp/apache-archiva-2.1.1-bin.tar.gz -C /opt
ln -s /opt/apache-archiva-2.1.1/ /opt/apache-archiva

# autostart
sed -i '$ i\/opt/apache-archiva/bin/archiva start' /etc/rc.local

# URL
http://YOUR_IP:8080/

# clear config
rm /opt/apache-archiva/conf/archiva.xml

Puppet: iPXE boot module

# create module structure
mkdir -p /etc/puppet/modules/ipxe/files
mkdir -p /etc/puppet/modules/ipxe/manifests

# download files
wget -q http://dl.panticz.de/ipxe/ipxe.lkrn -O /etc/puppet/modules/ipxe/files/ipxe.lkrn
wget -q http://dl.panticz.de/ipxe/49_ipxe -O /etc/puppet/modules/ipxe/files/49_ipxe

# download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/ipxe/init.pp -O /etc/puppet/modules/ipxe/manifests/init.pp

class ipxe {
  file { "/boot/grub/ipxe.lkrn":
    source => "puppet:///modules/ipxe/ipxe.lkrn"
  }

  file { "/etc/grub.d/49_ipxe":
    source => "puppet:///modules/ipxe/49_ipxe",
    mode => 700
  }

  exec { "update-grub":
    subscribe   => File["/etc/grub.d/49_ipxe"],
    refreshonly => true
  }
}

Nginx: compile with http_substitutions_filter support

# tested under CentOS release 5.11 (Final)
 
yum -y install rpm-build git
yum -y install gcc gcc-c++ make zlib-devel pcre-devel openssl-devel
 
wget http://nginx.org/packages/centos/5/SRPMS/nginx-1.6.2-1.el5.ngx.src.rpm
rpm -i nginx-1.6.2-1.el5.ngx.src.rpm
 
git clone git://github.com/yaoweibin/ngx_http_substitutions_filter_module.git
 
cd /usr/src/redhat/SOURCES/
 
/usr/src/redhat/SOURCES
 
tar xzf ../nginx-1.6.2.tar.gz
 
cd nginx-1.6.2
 
./configure --add-module=/root/ngx_http_substitutions_filter_module  --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.

Check SSL/TLS server encryption support

# Curl parameter
 -ssl2         - just use SSLv2
 -ssl3         - just use SSLv3
 -tls1         - just use TLSv1
 -tls1_1       - just use TLSv1.1
 -tls1_2       - just use TLSv1.2
 -dtls1        - just use DTLSv1
 
HOST=www.example.com
for PROTOCOL in ssl3 tls1 tls1_1 tls1_2 dtls1; do
    echo n | openssl s_client -connect ${HOST}:443 -${PROTOCOL} > /dev/null
    echo ${PROTOCOL} : $?
done
 
# Links
https://www.ssllabs.com/ssltest/analyze.html
https://www.owasp.org/index.php/Testing_for_SSL-TLS_%28OWASP-CM-001%29

Squid: Compile with SSL support under Debian Jessie

apt-get update
 
# install required dev packages
apt-get install -y openssl devscripts build-essential libssl-dev
 
# install debian squid3 source code
apt-get source -y squid3
 
# install all required dependeny packages
apt-get build-dep -y squid3
 
# reconfigure
cd squid3-3.4.8/
vi debian/rules
 
root@jessie:~/squid3-3.4.8# diff /tmp/rules debian/rules 
46c46,48
< 		--with-default-user=proxy
---
> 		--with-default-user=proxy \
> 		--enable-ssl \
> 		--with-open-ssl="/etc/ssl/openssl.cnf"
 
# build package
debuild -us -uc
 
# install
cd ..
apt-get install logrotate
dpkg

Jenkins: install and configure JDK

# download and extract JDK
URL=http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jdk-8u25-linux-x64.tar.gz
wget --continue --no-check-certificate --header "Cookie: oraclelicense=a" ${URL} -O /tmp/${URL##*/}
tar -C /var/lib/jenkins/tools/hudson.model.JDK/ -xzf /tmp/jdk-8u25-linux-x64.tar.gz

# configure JDK
http://192.168.1.111:8080/configure
JDK
JDK installations
Add JDK
Install automatically: check out
JAVA_HOME: /var/lib/jenkins/tools/hudson.model.JDK/jdk1.8.0_25
Save

# create New Item
Item name: JDBCTest
check "Freestyle project"
JDK: JDK8

Syndicate content