ubuntu

Site to Site IPSec VPN with strongSwan and OpenStack VPNaaS (IPsec)

Setup

# Left (Ubuntu client, behind NAT)
Ubuntu Client IP: 212.8.9.10
Ubuntu net: 192.168.178.0/24
 
# Right (OpenStack VPNaaS)
VPN_SERVICE_ID=$(openstack vpn service list -c ID -f value)
VPN_SERVICE_IP=$(openstack vpn service show ${VPN_SERVICE_ID} -c external_v4_ip -f value)
echo ${VPN_SERVICE_IP}
 
OpenStack VPN IP: 217.50.60.70
OpenStack Net: 10.0.1.0/24

Create OpenStack VPN endpoint
http://www.panticz.de/openstack/vpnaas

/etc/ipsec.secrets

echo ${VPN_SERVICE_IP} : PSK "${PSK}" | sudo tee -a /etc/ipsec.d/ipsec.openstack_vpnaas.secrets

/etc/ipsec.conf

Gnome / Ubuntu: Configure MIME-Type

Show default mime
https://wiki.ubuntuusers.de/xdg-utils/

xdg-mime query default inode/directory
xdg-mime query default text/html
xdg-mime query default x-scheme-handler/mailto
xdg-mime query default text/plain
xdg-mime query default image/jpeg
xdg-mime query default application/pdf
 
# set default browser?
https://askubuntu.com/questions/1161752/how-can-i-configure-a-domain-specific-default-browser
gio mime x-scheme-handler/http
gio mime x-scheme-handler/https
xdg-settings set default-web-browser chromium-browser.desktop

Configure user default MIME-Type application

xdg-mime default code.desktop text/plain
xdg-mime default code_code.desktop text/plain

# old
https://wiki.selfhtml.org/wiki/MIME-Type/%C3%9Cbersicht#T
by user

mkdir -p ~/.local/share/applications
 
cat <<EOF>> ~/.local/share/applications/mimeapps.list
[Default Applications]
text/plain = code.desktop
text/x-shellscript = code.desktop
EOF
 
sed -i 's|text/plain = .*|text/plain = code.desktop|g' ~/.local/share/applications/mimeapps.list

Configure global

Visual Studio Code

# deb download
# https://code.visualstudio.com/docs/setup/linux
curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
sudo install -o root -g root -m 644 microsoft.gpg /etc/apt/trusted.gpg.d/
sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" > /etc/apt/sources.list.d/vscode.list'

sudo apt-get install apt-transport-https
sudo apt-get update
sudo apt-get install code # or code-insiders

# manual download
wget -q https://update.code.visualstudio.com/latest/linux-deb-x64/stable -O /tmp/code.deb

Snap (Ubuntu package management)

Install
sudo apt install -y snapd

CLI
snap find
snap install

Configure proxy
sudo mkdir -p /etc/systemd/system/snapd.service.d/
echo -e '[Service]\nEnvironment="http_proxy=http://proxy.example.com:3128/"' | sudo tee /etc/systemd/system/snapd.service.d/http-proxy.conf
echo -e '[Service]\nEnvironment="https_proxy=http://proxy.example.com:3128/"' | sudo tee /etc/systemd/system/snapd.service.d/https-proxy.conf
sudo systemctl daemon-reload
sudo systemctl restart snapd

# debug proxy
systemctl show snapd | grep proxy

cloud-image-utils

sudo apt install -y qemu-kvm cloud-image-utils
wget https://cloud-images.ubuntu.com/releases/18.04/release/ubuntu-18.04-server-cloudimg-amd64.img

# cat seed
#cloud-config
password: ubuntu
chpasswd: { expire: False }
ssh_pwauth: True
ssh_import_id: ${USER}

cloud-localds seed.img seed
sudo kvm-spice -m 2048 -drive file=ubuntu-18.04-server-cloudimg-amd64.img,if=virtio,cache=writeback -cdrom seed.img -net nic,model=virtio -net user,hostfwd=tcp::222-:22
# -balloon virtio

# login credentials:
user: ubuntu
pass: ubuntu

ssh ubuntu@localhost:2222

Install prometheus under Ubuntu

Install from repository
sudo apt-get install -y prometheus
# optional
sudo apt-get install -y prometheus-node-exporter
sudo apt-get install -y prometheus-alertmanager
sudo apt-get install -y prometheus-pushgateway

Ansible installation
https://github.com/panticz/ansible/tree/master/roles/prometheus
- hosts: localhost
roles:
- prometheus

Login
http://SERVER_IP:9090/

Commands
avg_over_time(node_memory_MemAvailable[5m])/1024/1024

Repositroy