admin/rockfish
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2022-09-14 19:53:21 +00:00
parent af749df21c
commit 092ec62b31
2 changed files with 291 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

288
docs/docs/howto.md Normal file
View File

@@ -0,0 +1,288 @@
# EMAIL FROM SERVER
apparmor _WILL_ conflict: https://linuxconfig.org/how-to-disable-apparmor-on-ubuntu-20-04-focal-fossa-linux and must exempt msmtp with these two commands:
ln -s /etc/apparmor.d/usr.bin.msmtp /etc/apparmor.d/disable/
apparmor_parser -R /etc/apparmor.d/disable/usr.bin.msmtp
## Installation: apt-get install msmtp msmtp-mta -y
## Config file for MSMTP with GMAIL
```
###################################################
## Config file in /etc/msmtprc
##
## Set defaults for all accounts
defaults
auth on
tls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt
account gmail
host smtp.gmail.com
port 587
from "DEVOPS" gzadmalrt@gmail.com
user gzadmalrt@gmail.com
password brlkecifcxddsebm
account default : gmail
aliases /etc/msmtp_aliases
####################################################
```
(note, need to set up 2fa in gmail first then create an app password which is what is used for the password here)
## Aliases file contents (/etc/msmtp_aliases):
```
root: gzmailadmin@gmail.com
postmaster: gzmailadmin@gmail.com
default: gzmailadmin@gmail.com
```
## Testing
`(echo "Subject: Test"; echo 'Body of the email') | msmtp cardjohn@ayanova.com`
## Email on boot or shutdown of server
Make this script in /etc/init.d/bootemail
```bash
#! /bin/sh
### BEGIN INIT INFO
# Provides: bootemail
# Required-Start:
# Required-Stop:
# Default-Start: 1 2 3 4 5
# Default-Stop: 0 6
# Short-Description: on boot and shutdown send a email.
# Description:
### END INIT INFO
PATH=/sbin:/usr/sbin:/bin:/usr/bin
. /lib/lsb/init-functions
case "$1" in
start|status)
(echo "Subject: Server start"; echo 'The server has started') | msmtp gzmailadmin@gmail.com
date +"%Y-%m-%d %H:%M:%S --start" >> /var/log/bootemail.log
;;
restart|reload|force-reload)
echo "Error: argument '$1' not supported" >&2
exit 3
;;
stop)
(echo "Subject: Server stopped"; echo 'The server is powering off') | msmtp gzmailadmin@gmail.com
date +"%Y-%m-%d %H:%M:%S --stop" >> /var/log/bootemail.log
;;
\*)
echo "Usage: $0 start|stop" >&2
exit 3
;;
esac
return 0
```
Make it executable, from /etc/init.d folder execute: `chmod +x bootemail`
Enable: `update-rc.d bootemail defaults`
# System restart required info
https://linuxhandbook.com/system-restart-required-ubuntu/
# SSH
## Add existing user manually
(joeblogs is the user folder here, to create user need to use adduser add to sudo group etc, lots of guides online for that)
## Create the .ssh directory, and set its permissions
mkdir ~joebloggs/.ssh
chown joebloggs ~joebloggs/.ssh
chmod 0700 ~joebloggs/.ssh
## Create the authorized keys file, and set its permissions
nano ~joebloggs/.ssh/authorized_keys <--- Here, paste in the key from digitalocean keys in account settings security
chown joebloggs ~joebloggs/.ssh/authorized_keys
chmod 0700 ~joebloggs/.ssh/authorized_keys
# LETSENCRYPT
## Expanding / changing certificate
Changing a Certificates Domains
The --cert-name flag can also be used to modify the domains a certificate contains, by specifying new domains using the -d or --domains flag.
If certificate example.com previously contained example.com and www.example.com, it can be modified to only contain example.com
by specifying only example.com with the -d or --domains flag. Example:
certbot certonly --cert-name example.com -d example.com
The same format can be used to expand the set of domains a certificate contains, or to replace that set entirely:
certbot certonly --cert-name example.com -d example.org,www.example.org
SO FOR EXAMPLE for HelloAyaNova.com
certbot --nginx --cert-name helloayanova.com -d test.helloayanova.com,helloayanova.com,www.helloayanova.com,1665.helloayanova.com,7331.helloayanova.com,8888.helloayanova.com,a261.helloayanova.com
# NGINX
## Log
View dynamic errors and access logs using tail command:
tail -f /var/log/nginx/error.log
//view access log
tail -f /var/log/nginx/access.log
USEFUL COMMANDS
Get NGINX version from containerized nginx:
docker container exec -it \[container-id\] nginx -v
SUDO -> ROOT for session
sudo -i
(use exit to go back to john account)
Connect shell to running container:
docker exec -it \[container-id\] bash (or ash on alpine)
CERTBOT DRY RUN
append --dry-run to command
BACKUP FOLDERS AND FILES
cp -R pecklist pecklist_backup
REMOVE OLD .NET RUNTIMES:
Some of these commands get the job done
cd /usr/share/dotnet/shared
apt-cache pkgnames Microsoft\*
apt-cache pkgnames
apt list --installed
apt-get remove dotnet-runtime-3.0
# APT package manager
## Kept back package
If a package has been "kept back":
https://superuser.com/questions/1107334/apt-says-packages-have-been-kept-back-what-to-do/1108268
## Uninstall and purge package
sudo apt-get --purge remove package_name
apt-get autoremove
# SPACES BACKUP
Setup spaces utilities:
s3cmd: https://www.digitalocean.com/docs/spaces/resources/s3cmd/
manually copy a file to spaces:
```bash
/usr/bin/s3cmd put filename.zip s3://gztw1
```
# POSTGRES
## control service
sudo systemctl stop postgresql
sudo systemctl start postgresql
sudo systemctl restart postgresql
sudo systemctl status postgresql
## PSQL RUN SQL COMMANDS
Commands must be terminated with a semicolon or it will wait until it sees one
Open sql console as postgres admin user:
sudo -u postgres psql
### Quit psql
`\q`
### List all dbs
`\l`
### Get disk size of db
In bytes:
`select pg_database_size('AyaNova');`
Prettified to human readable sizes:
```sql
SELECT
pg_size_pretty (
pg_database_size ('AyaNova')
);
```
Display the size of _all_ databases in human readable format
```sql
SELECT
pg_database.datname,
pg_size_pretty(pg_database_size(pg_database.datname)) AS size
FROM pg_database;
```
# LOG FILES
show log file usage of system logs
```bash
root@devops:/var/ayanova/data/logs# du -h /var/log/
```
## Cleaning out log files
https://support.hostway.com/hc/en-us/articles/360001972270-How-to-clean-log-files-in-Linux
https://linuxhandbook.com/clear-systemd-journal-logs/
## Linux system journal logs cap
If down the road need to cap system journal logs size:
Add this to the standard server config script
cap system journal logs in linux to 250mb or some reasonable value
https://linuxhandbook.com/clear-systemd-journal-logs/
## Viewing huge log files
Use Less command, it has special commands to jump to start and end of file g G = go
q to quit
page up down and more if look online
# FIND BIG FILES
Find the biggest folders from any directory:
```bash
root@devops:/# du -h --max-depth=1 | sort -rh
```
Then go into each folder and run again to limit to that folder and subfolders
# DISK USAGE
```bash
df -h
```

3
docs/mkdocs.yml
View File

@@ -40,5 +40,8 @@ nav:
- 'Deploy AyaNova': 'deploy-ayanova.md'
- 'Deploy QBI': 'deploy-qbi.md'
- 'Deploy Rockfish': 'deploy-rockfish.md'
- Troubleshooting:
- 'How to misc': 'howto.md'