Rundeck CLI

Install
https://rundeck.github.io/rundeck-cli/
https://github.com/rundeck/rundeck-cli/releases

sudo apt-get install -y default-jre-headless
 
wget -q https://github.com/rundeck/rundeck-cli/releases/download/v2.0.0/rundeck-cli_2.0.0-1_all.deb
sudo dpkg -i rundeck-cli_*_all.deb
 
# sudo apt-get install rundeck-cli

Configuration
https://rundeck.github.io/rundeck-cli/configuration/

# ~/.rd/rundeck-dev.conf
export RD_URL=http://rundeck.dev.example.com:80
export RD_USER=admin
export RD_PASSWORD=admin
 
# load configuration
source ~/.rd/rundeck-dev.conf

Commands
https://rundeck.github.io/rundeck-cli/commands/

LXD: profile

Copy profiles between LXD cluster nodes

lxc profile copy profile-name new-lxd-server:

Export all profiles

for PROFILE in $(lxc profile list --format json | jq -r '.[].name'); do
    lxc profile show ${PROFILE} > ${PROFILE}
done

Import profiles

for PROFILE in $(ls nic* disk*); do
    lxc profile create ${PROFILE} < ${PROFILE}
done

Links
https://ubuntu.com/blog/lxd-5-easy-pieces

DevStack

DevStack XENA

sudo apt -y install git jq vim
sudo apt purge -y python3-distro-info
 
git clone --branch "stable/xena" https://opendev.org/openstack/devstack
 
HOST_IP=$(ip -o -4 -j a | jq -r '.[].addr_info[] | select(.dev == "ens3") .local')
echo ${HOST_IP}

DevStack XENA
https://openstack.goffinet.org/03-02-openstack-lab-devstack.html
http://lia.deis.unibo.it/Courses/CompNetworksM/1718/slides/NetworksM_Cloud180518_v1.pdf
https://opnfvblog.wordpress.com/2016/10/27/devstack-localconf/
https://01.org/sites/default/files/page/accelerating_openstack_networking_with_intel_architecture_rev008.pdf

Flash LineageOS on Google Pixel 2 XL (taimen)

Prepare
https://download.lineageos.org/devices/taimen/builds
https://wiki.lineageos.org/devices/taimen/install

Enable debug mode on phone
Enable OEM unlocking
Enable USB debugging
 
adb reboot bootloader
fastboot flashing unlock
# confirm with keys
adb reboot bootloader

Boot TWRP
https://dl.twrp.me/taimen/
https://dl.twrp.me/taimen/twrp-3.5.2_9-0-taimen.img

fastboot boot Downloads/twrp-3.5.2_9-0-taimen.img
 
adb shell twrp wipe data
adb shell twrp wipe dalvik

LineageOS image
https://download.lineageos.org/taimen
#https://mirrorbits.lineageos.org/full/taimen/20211118/lineage-18.1-20211118-nightly-taimen-signed.zip
#https://mirrorbits.lineageos.org/full/taimen/20220714/lineage-19.1-20220714-nightly-taimen-signed.zip
https://mirrorbits.lineageos.org/full/taimen/20230601/lineage-20.0-20230601-nightly-taimen-signed.zip

adb shell twrp sideload zip from host adb
#adb sideload Downloads/lineage-19.1-20220714-nightly-taimen-signed.zip
adb sideload Downloads/lineage-20.0-20230601-nightly-taimen-signed.zip

OPTIONAL: Open GApps
https://opengapps.org/?api=11.0&variant=nano

GRML - Linux Live-CD for sysadmins

# install grml2usb
cat < /etc/apt/sources.list.d/chromium.list
deb http://deb.grml.org/ grml-testing main
EOF

# install grml2usb package
apt-get update
apt-get install grml2usb -y --force-yes

# format partition on USB pen (OPTIONAL)
mkfs.vfat /dev/sdb1

# install GRML to USB pen
grml2usb grml-small_2009.10.iso /dev/sdb1

LINKS
http://git.grml.org/?p=grml-live.git;a=blob_plain;f=templates/GRML/grml-cheatcodes.txt;hb=HEAD
http://www.linux-user.de/ausgabe/2006/06/008-grml/index.html

Deploy LXD container with terraform

Docs
https://registry.terraform.io/providers/terraform-lxd/lxd/latest/docs
https://registry.terraform.io/providers/terraform-lxd/lxd/latest/docs/resources/container

Create LXD container

# terraform init
# terraform apply -auto-approve
# terraform destroy -auto-approve
 
 
terraform {
  required_providers {
    lxd = {
      source = "terraform-lxd/lxd"
    }
  }
}
 
provider "lxd" {
  generate_client_certificates = true
  accept_remote_certificate    = true
}
 
resource "lxd_container" "lxd_container_u2004" {
  name  = "u2004"
  image = "ubuntu:20.04"
 
  config = {
    "boot.autostart" = true
  }
 
  limits = {
    cpu = 2
  }
}
 
resource "lxd_container" "lxd_container_u2110" {
  name = "u2110"
  image = "ubuntu:21.10"
  # image = "images:ubuntu-minimal:21.10" # fixme
 
  config = {
    "boot.autostart" = true
  }
 
  limits = {
    cpu = 2
  }
}

Links
https://dev.to/smashse/snap-lxd-terraform-3f0p

Side2Side VPN connection between OpenStack VPN and AVM Fritz!Box

FRITZBOX_WAN_IP=111.1.2.3
FRITZBOX_CIDR=192.168.178.0/24
OS_USER=foo
PROJECT_ID=xxxxxxxxxxxxxx
PSK=PASS1234
 
openstack vpn ike policy create ${OS_USER}-ike-aes256-sha512 \
  --encryption-algorithm aes-256 \
  --auth-algorithm sha512 \
  --pfs group2
 
openstack vpn ipsec policy create ${OS_USER}-ipsec-aes256-sha512 \
  --encryption-algorithm aes-256 \
  --auth-algorithm sha512 \
  --pfs group2
 
ROUTER_ID=$(openstack router list --project ${PROJECT_ID} -c ID -f value)
openstack vpn service create ${OS_USER}-vpn-service1 \
  --router ${ROUTER_ID}
 
SUBNET_ID=$(openstack subnet list --project ${PROJECT_ID} -c ID -f value)
openstack vpn endpoint group create ${OS_USER}-vpn-ep-subnet \
  --type subnet \
  --value ${SUBNET_ID}
 
openstack vpn endpoint group create ${OS_USER}-vpn-ep-cidr \
  --type cidr \
  --value ${FRITZBOX_CIDR}
 
openstack vpn ipsec site connection create ${OS_USER}-vpn-conn1 \
  --vpnservice ${OS_USER}-vpn-service1 \
  --ikepolicy ${OS_USER}-ike-aes256-sha512 \
  --ipsecpolicy ${OS_USER}-ipsec-aes256-sha512 \
  --peer-address ${FRITZBOX_WAN_IP} \
  --peer-id ${FRITZBOX_WAN_IP} \
  --psk ${PSK} \
  --local-endpoint-group ${OS_USER}-vpn-ep-subnet \