How To Clear All iptables Rules

Author: , Posted on Wednesday, March 20th, 2024 at 10:04:53am

How To Diff Two Files In Vim

Author: , Posted on Monday, February 5th, 2024 at 4:10:35pm

shell> vim file1 file2
Create a vertical split window: Control-w v
Enable visual diff on the left side: :diffthis
Move the cursor to the right side buffer: Control-w Right-arrow
Enable visual diff on the left side: :diffthis

You should now see the differences highlighted on both sides.

How To Display All Virtual Hosts Defined for Apache 2

Author: , Posted on Monday, January 29th, 2024 at 4:36:44pm

How To Fix perl: symbol lookup error: undefined symbol: Perl_xs_handshake

Author: , Posted on Thursday, November 9th, 2023 at 10:05:48am

This was caused by having the PERL5LIB environment variable set.

How To Secure Self-Hosted Bamboo and Crucible with Let’s Encrypt SSL Certificates

Author: , Posted on Thursday, September 14th, 2023 at 6:26:30am

Summary

In this blog we explore how to use certificates from Let’s Encrypt to secure self-hosted Bamboo and Crucible.

Process To Follow

  • Install Certbot
  • Ensure that external DNS resolves to the correct IP address
    ping example.yourdomain.com
  • Ensure that Port 80 is open from the outside to that IP address so that Let’s Encrypt can validate the domain
  • Ensure nothing is listening on Port 80
    netstat -pan | grep 80 | grep LISTEN | wc -l
  • Generate the new certificate via Let’s Encrypt
  • Create the new Java keystore for use with Bamboo and Crucible
  • Copy the new keystore into place and set ownership and permissions
  • Restart the services
  • Test

Install Certbot

You must first install Python >= 3
I like using pip to install certbot, but urge you to use any method that is the easiest and most familiar:
https://certbot.eff.org/instructions?ws=other&os=pip
Run certbot help to confirm that it has been installed properly

Generate the Let’s Encrypt Certificate

Create The New Java Keystore

This step will result in two new files being created: example.p12 and example.jks

IMPORTANT:

  • the name/alias MUST be “tomcat” (no quotes)
  • the password MUST be “changeit” (no quotes), unless you modify the config xml settings which is beyond the scope of this blog post.
  • when you list out the new example.jks keystore using keytool, ensure that it says PrivateKeyEntry next to the alias tomcat.
  • ignore the warning at the end because Apache Tomcat requires the JKS keystore format, not the PKCS12 format – do NOT convert!

Copy The Java Keystore Into Place

This step will copy the new keystore (bamboo.jks)into place for both bamboo and Crucible as ~/.keystore for each user. Ownership and permissions must also be set.

Restart Bamboo and Crucible

This step will restart the processes, so they read in the new certificate.

Test Bamboo and Crucible

Use the openssl command to test the new certs:

How to add and delete security group rules in AWS via the CLI (and list them too!)

Author: , Posted on Wednesday, September 13th, 2023 at 5:22:39pm

Add inbound rule(s) for a security group ID:

## Delete inbound rule(s) for a security group ID

## List security groups by security group ID

## List inbound rules for a specific security group ID

Thanks to:
https://www.bluematador.com/learn/aws-cli-cheatsheet

How To Use SSL With sysbench To Test MySQL Server

Author: , Posted on Thursday, September 7th, 2023 at 11:02:30am

SUMMARY

If sysbench is started with the “–mysql-ssl=on” option, it looks in the current directory for the following files:

PROCEDURE

Locate the current MySQL database certificates, usually in /var/lib/mysql, and make sure that the OS user running sysbench is able to read the following 3 files:

Next, cd to the OS user’s home directory and create symbolic links as follows:

Finally, create a simple wrapper to ensure proper location and adding --mysql-ssl=on to sysbench command, for example:

How To Upgrade MySQL to 8.0 on CentOS/AWS Linux

Author: , Posted on Thursday, August 31st, 2023 at 11:02:51am

START: Server version: 5.7.43-log MySQL Community Server (GPL)
FINISH: Server version: 8.0.34-log MySQL Community Server (GPL)

https://dev.mysql.com/doc/refman/8.0/en/default-privileges.html

Check and veify your my.cnf ssl entries if you see the following error in the /var/log/mysqld.log file at startup:

How To Save iptables To Disk On Amazon Linux 2

Author: , Posted on Friday, July 21st, 2023 at 9:38:26am

I wanted to save the iptables list to disk, but got an error when I tried:

# service iptables save
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.

The solution was to install the iptables-services package:

# yum install iptables-services -y
...
Installed:
iptables-services.x86_64 0:1.8.4-10.amzn2.1.2

Complete!

I was then able to save properly:

root@inbound2:/var/log # service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]

How To Fix Error “Wrong Fs Type, Bad Option, Bad Superblock” When Mounting a Filesystem

Author: , Posted on Friday, June 23rd, 2023 at 4:43:39pm

When trying to mount can XFS filestsen on an AWS instance, I got the error “mount: wrong fs type, bad option, bad superblock on /dev/sdh”

Examine the volume’s UUID with the xfs_db command:

shell> sudo xfs_db -c uuid /dev/nvme2n1

To fix the problem, you have two options…

Temporary Solution

Add nouuid mount option to temporarily ignore the duplicate validation:

shell> sudo mount -t xfs -o nouuid /dev/nvme2n1 /volumes/tmp

Permanent Solution

The xfs_admin command can permanently adjust the UUID for the volume: