script-server (Web UI for scripts)

Install

# install reuired packages
apt install -y unzip python3-tornado
 
# download and instal script-server
mkdir script-server
cd script-server
wget https://github.com/bugy/script-server/releases/download/1.15.2/script-server.zip
unzip script-server.zip
rm script-server.zip
 
# start script-server
./launcher.py

Add job

# cat ./conf/runners/certgen.json 
{
  "name": "certgen",
  "description": "Request Lets Encrypt certificate",
  "script_path": "/usr/local/bin/certgen",
  "parameters": [
    {
      "name": "Domain",
      "default": "example.com"
    }
  ],
  "output_files": [
      "/home/local/certificates/*${Domain}*"
  ]
}

WebUI
http://SERVER_IP:5000/

Redirect port 5000 to 80

iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 5000

Links
https://github.com/bugy/script-server

Vagrant

Install
https://www.vagrantup.com/downloads.html

# sudo apt install -y jq
 
URL=$(wget https://checkpoint-api.hashicorp.com/v1/check/vagrant -qO- | jq  -r '"https://releases.hashicorp.com/vagrant/" + .current_version + "/vagrant_" + .current_version + "_x86_64.deb"')
wget ${URL} -qP /tmp
sudo dpkg -i /tmp/${URL##*/}
 
vagrant --version

Install with Ansible

- name: Get latest vagrant version
  uri:
    url: https://checkpoint-api.hashicorp.com/v1/check/vagrant
  register: release
 
- set_fact:
    version: "{{ release.json | json_query('current_version') }}"
 
- name: Install Vagrant
  apt:
    deb: https://releases.hashicorp.com/vagrant/{{ version }}/vagrant_{{ version }}_x86_64.deb
  become: yes
 
- name: Adding user ubuntu to group libvirt
  user:
    name: ubuntu
    groups: libvirt
    append: yes
  become: yes
 
- name: Install vagrant-libvirt plugin
  command: sudo -H -u ubuntu vagrant plugin install vagrant-libvirt
  become: yes

CLI

topgrade

Install
https://github.com/r-darwish/topgrade/releases/

URL=https://github.com/r-darwish/topgrade/releases/download/v5.5.0/topgrade-v5.5.0-x86_64-unknown-linux-gnu.tar.gz
 
wget ${URL} -qP /tmp
tar -C /tmp -xzf /tmp/topgrade-v*-x86_64-unknown-linux-gnu.tar.gz
sudo mv /tmp/topgrade /usr/local/sbin

Custom configuration

# ~/.config/topgrade.toml
...
remote_topgrades = ["www.example.com", "db.example.com"]
 
[git]
repos = [
    "~/git/repository_1",
    "~/git/repository_2"
]
...

Run update

topgrade -cy

Run on specific remote host

topgrade -cy --only remotes --remote-host-limit ".*.example.com"

Links
https://github.com/r-darwish/topgrade
https://github.com/r-darwish/topgrade/releases

Get noisy neighbor VMs

source /etc/kolla/admin-openrc.sh
 
IFS=$(echo -en "\n\b")
 
function get_vm_details() {
    LINE=$1
 
    SERVER_ID=$(echo ${LINE} | cut -d" " -f3)
    SERVER_JSON=$(openstack server show ${SERVER_ID} -f json)
    SERVER_NAME=$(echo ${SERVER_JSON} | jq -r .name)
    SERVER_PROJECT_ID=$(echo ${SERVER_JSON} | jq -r .project_id)
    SERVER_PROJECT_JSON=$(openstack project show ${SERVER_PROJECT_ID} -f json)
    SERVER_PROJECT_NAME=$(echo ${SERVER_PROJECT_JSON} | jq -r .name)
 
    echo "${LINE} ${SERVER_NAME} ${SERVER_PROJECT_NAME}"
}
 

Mellanox ConnectX-3 Pro UEFI iPXE boot

  Device Type:      ConnectX3Pro
  Part Number:      MCX312B-XCC_Ax
  Description:      ConnectX-3 Pro EN network interface card; 10GigE; dual-port SFP+; PCIe3.0 x8 8GT/s; RoHS R6
  PSID:             MT_1200111023
  PCI Device Name:  /dev/mst/mt4103_pci_cr0
  Port1 MAC:        ec0d9a00aab1
  Port2 MAC:        ec0d9a00aab2
  Versions:         Current        Available    
     FW             2.42.5000      N/A          
     PXE            3.4.0752       N/A          

Flash UEFI firmware
Request UEFI firmware from support@mellanox.com
http://www.panticz.de/mellanox/firmware-update

Install MFT
http://www.panticz.de/install-mellanox-mft

Flash firmware

flint -y -d /dev/mst/mt4103_pci_cr0 -i firmware fw-ConnectX3Pro-rel-2_42_5000-MCX312B-XCC_Ax-FlexBoot-3.4.752-UEFI-14.11.46.bin b
  Device Type:      ConnectX3Pro
  Part Number:      MCX312B-XCC_Ax
  Description:      ConnectX-3 Pro EN network interface card; 10GigE; dual-port SFP+; PCIe3.0 x8 8GT/s; RoHS R6
  PSID:             MT_1200111023
  PCI Device Name:  /dev/mst/mt4103_pci_cr0
  Port1 MAC:        ec0d9a00aab1
  Port2 MAC:        ec0d9a00aab2
  Versions:         Current        Available    
     FW             2.42.5000      N/A          
     PXE            3.4.0752       N/A          
     UEFI           14.11.0046     N/A     

Fix iPXE boot issue (recompile ipxe.efi) when connected to LACP swith port
http://www.panticz.de/ipxe/compile

Yamaha RX-D485 / RX-V485

Yamaha Web Control
Live demo: http://yamaha.panticz.de/
Repository: https://github.com/panticz/yamaha-web-control

API

curl -q http://192.168.178.4/YamahaExtendedControl/v1/system/getFeatures  | jq .

Control
# Volume Up / Down
http://192.168.178.4/YamahaExtendedControl/v1/main/setVolume?volume=up&step=5
http://192.168.178.4/YamahaExtendedControl/v1/main/setVolume?volume=down&step=5

# Change input
http://192.168.178.4/YamahaExtendedControl/v1/main/prepareInputChange?input=usb
http://192.168.178.4/YamahaExtendedControl/v1/main/setInput?input=net_radio
http://192.168.178.4/YamahaExtendedControl/v1/main/setInput?input=server
http://192.168.178.4/YamahaExtendedControl/v1/main/setInput?input=spotify

# Power
http://192.168.178.4/YamahaExtendedControl/v1/main/setPower?power=on
http://192.168.178.4/YamahaExtendedControl/v1/main/setPower?power=standby

# Get Device info
http://192.168.178.4/YamahaExtendedControl/v1/system/getDeviceInfo

# Get Available Device Features
http://192.168.178.4/YamahaExtendedControl/v1/system/getFeatures

# Get Network Status
http://192.168.178.4/YamahaExtendedControl/v1/system/getNetworkStatus

# Get Function Status (e.g.: Auto Power Standby)
http://192.168.178.4/YamahaExtendedControl/v1/system/getFuncStatus

# Get Location info and zone list (device)
http://192.168.178.4/YamahaExtendedControl/v1/system/getLocationInfo

# Get zone info (device|zone)
http://192.168.178.4/YamahaExtendedControl/v1/main/getStatus

# Get Sound Program List (device|zone)
http://192.168.178.4/YamahaExtendedControl/v1/main/getSoundProgramList

Move Elasticsearch data to dedicated LV

# create lvm
pvcreate /dev/disk/by-id/ata-INTEL_SSDSC2KB076T8_*
vgcreate data /dev/disk/by-id/ata-INTEL_SSDSC2KB076T8_*
lvcreate --name elasticsearch --size 2T data
mkfs.ext4 /dev/data/elasticsearch
 
# pre-sync data
mount /dev/data/elasticsearch /mnt/
rsync -aHAXx --numeric-ids /var/lib/docker/volumes/elasticsearch/ /mnt/
 
# sync data
docker stop elasticsearch
rsync --delete -aHAXxv --numeric-ids /var/lib/docker/volumes/elasticsearch/ /mnt/
rsync --delete -aHAXxv --numeric-ids /var/lib/docker/volumes/elasticsearch/ /mnt/
umount /mnt
 
# mount new LV

SSH reverse tunel over public host

@Office

cat <<EOF> ~/bin/proxy-ssh-forward.sh
#!/bin/bash
 
PROXY_SERVER=proxy.example.com
 
eval \$(ssh-agent) && ssh-add
 
while true; do
    echo "Connect to proxy ..."
    ssh -a -v -N -R 7422:localhost:22 -o ServerAliveInterval=30 -o ServerAliveCountMax=10 \${PROXY_SERVER}
    sleep 10
done
EOF
 
chmod +x ~/bin/proxy-ssh-forward.sh
nohup ~/bin/proxy-ssh-forward.sh

@Home