Enable UEFI / PXE boot on Mellanox ConnectX NIC

# Boot GRML iso
https://grml.org/download/

# Enable SSH daemon
service ssh start
passwd
ip a

# ssh root@GRML_IP

# Install Mellanox CLI tools (MFT)
apt update
apt install -y gcc make dkms linux-headers-$(uname -r)
URL=http://content.mellanox.com/MFT/mft-4.9.0-38-x86_64-deb.tgz
wget -O- ${URL} | tar xvz -C /tmp
cd /tmp/mft-*-deb
./install.sh
mst start

# Enable UEFI and PXE boot
mlxconfig -d /dev/mst/mt4119_pciconf0 -y set EXP_ROM_UEFI_x86_ENABLE=1
mlxconfig -d /dev/mst/mt4119_pciconf0 -y set EXP_ROM_PXE_ENABLE=1
mlxconfig -d /dev/mst/mt4119_pciconf0 q | egrep "EXP_ROM"

VMware: Installation Tools

Install open-vm-tools package
sudo apt-get install -y open-vm-tools

# Ubuntu Offline install
wget http://mirrors.kernel.org/ubuntu/pool/main/o/open-vm-tools/open-vm-tools_10.0.7-3227872-2ubuntu1_amd64.deb
wget http://mirrors.kernel.org/ubuntu/pool/main/libd/libdumbnet/libdumbnet1_1.12-7_amd64.deb
wget http://security.ubuntu.com/ubuntu/pool/main/libm/libmspack/libmspack0_0.5-1ubuntu0.16.04.3_amd64.deb
scp *.deb :/tmp/
ssh dpkg -i /tmp/open-vm-tools_*_amd64.deb /tmp/libdumbnet*_amd64.deb /tmp/libmspack0_*_amd64.deb

# FreeBSD

GitLab: Backup to S3

Configure Git
# /etc/gitlab/gitlab.rb
gitlab_rails['backup_upload_connection'] = {
'provider' => 'AWS',
'region' => 'ew-west-1',
'aws_access_key_id' => 'KEY123',
'aws_secret_access_key' => 'PASS124',
'endpoint' => 'https://s3.example.com'
}
gitlab_rails['backup_upload_remote_directory'] = 'backups'

gitlab-ctl reconfigure

Test
gitlab-rake gitlab:backup:create

Configure periodic backup
# crontab -e
0 2 * * * /opt/gitlab/bin/gitlab-rake gitlab:backup:create CRON=1

Links

GitLab: LFS on S3

Configure GitLab
...
gitlab_rails['lfs_enabled'] = true
gitlab_rails['lfs_object_store_enabled'] = true
gitlab_rails['lfs_object_store_proxy_download'] = true
gitlab_rails['lfs_object_store_remote_directory'] = "lfs"
gitlab_rails['lfs_object_store_connection'] = {
'provider' => 'AWS',
'aws_access_key_id' => 'KEY123',
'aws_secret_access_key' => 'PASS1234',
'endpoint' => 'https://s3.example.com',
}

gitlab-ctl reconfigure

Install (on client)
apt-get install -y git git-lfs

# create LFS testfile

GitLab: Artifacts on S3

Create bucket
s3cmd mb s3://artifacts

Configure GitLab
/etc/gitlab/gitlab.rb
...
nginx['client_max_body_size'] = '1024m'
gitlab_rails['artifacts_enabled'] = true
gitlab_rails['artifacts_object_store_enabled'] = true
gitlab_rails['artifacts_object_store_remote_directory'] = "artifacts"
gitlab_rails['artifacts_object_store_connection'] = {
'provider' => 'AWS',
'region' => 'us-west-1',
'aws_access_key_id' => 'KEY1234',
'aws_secret_access_key' => 'PASS1234
'endpoint' => 'https://s3.example.com'
}

gitlab-ctl reconfigure

S3: mount as filesystem under Linux

Install
sudo apt install -y s3fs

Configuration
# cat ~/.passwd-s3fs
AWS Access Key ID:AWS Secret Access Key

Mount
s3fs backup /media/backup -o url=https://s3.example.com,allow_other,umask=0000
# -o passwd_file=/etc/passwd-s3fs
# -o use_cache=/tmp/cache

/etc/fstab
mybucket1.mydomain.org /mnt/mybucket1 fuse.s3fs _netdev,allow_other,passwd_file=/home/ftpuser/.passwd-aws-s3fs,default_acl=public-read,uid=1001,gid=65534 0 0

Links
https://gridscale.io/community/tutorials/s3-fuse-ubuntu/

php-fpm under Nginx

Install
sudo apt install -y php-fpm nginx #mariadb-server php-mysql php-gd php-curl

Configure php-fpm
# /etc/php/7.2/fpm/pool.d/www.conf
[www]
user = www-data
group = www-data
listen = /run/php/php7.2-fpm.sock
;listen = 127.0.0.1:9000
listen.owner = www-data
listen.group = www-data
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

Configure Nginx
# /etc/nginx/sites-enabled/default
server {
...
# pass PHP scripts to FastCGI server
location ~ \.php$ {

Vault

Install
wget https://releases.hashicorp.com/vault/0.11.5/vault_0.11.5_linux_amd64.zip -P /tmp/
apt install -y unzip
unzip -d /usr/sbin /tmp/vault_0.11.5_linux_amd64.zip
vault -autocomplete-install

Linux
https://learn.hashicorp.com/vault/

Duplicity with S3

Install
sudo apt install -y duplicity python-boto

SSH
duplicity incr --log-file /tmp/duplicity.log /etc/ scp://foo@10.0.1.123//media/etc

S3
vi ~/.boto
[Credentials]
aws_access_key_id = KEY_ID
aws_secret_access_key = SECRET_ACCESS_KEY

# create backup to s3
duplicity full --log-file /tmp/duplicity.log /etc/ s3://s3.example.com/backup/host.examp.eocm/etc/

duplicity list-current-files s3+http://bucket/folder

WebDav
export FTP_PASSWORD="pass1234"

Syndicate content