diff --git a/LXC Cheatsheet.md b/LXC Cheatsheet.md new file mode 100644 index 0000000..56e5b10 --- /dev/null +++ b/LXC Cheatsheet.md @@ -0,0 +1,113 @@ +# LXD/LXC cheat sheet + +I've installed LXD on my home server and have found a lot of syntax and one-liners that I've yet to commit to memory. So I'll put them here. + +## Install LXD + +```shell +snap install lxd +sudo apt install -y git build-essential libssl-dev python3-venv python3-pip python3-dev zfsutils-linux bridge-utils +``` + +## General links + +* [How to initialize LXD again](https://blog.simos.info/how-to-initialize-lxd-again/) + +## Install lxdMosaic + +[link](https://github.com/turtle0x1/LxdMosaic) + +```shell +# Launch an ubuntu container +lxc launch ubuntu: lxdMosaic +# Connect to ubuntu console +lxc exec lxdMosaic bash +# Download the script +curl https://raw.githubusercontent.com/turtle0x1/LxdMosaic/master/examples/install_with_clone.sh >> installLxdMosaic.sh +# Then give the script execution permissions +chmod +x installLxdMosaic.sh +# Then execute the script +./installLxdMosaic.sh +``` + +## Create zsf pool image file and add it to lxc + +```shell +# bs = blocksize, count = number of blocks + +# create the image file - 250GB +dd if=/dev/zero of=/mnt/data1/overlook-zfs-pool02 bs=1GB count=250 +# Create the loop device (check `df -h` first for available names) +sudo losetup /dev/loop6 /mnt/data1/overlook-zfs-pool02 +# Create zfs pool +sudo zpool create overlook-zfs-pool02 /dev/loop6 +# View existing zpool list +zpool list +# Add new zpool to lxc storage +lxc storage create overlook-zfs-pool02 zfs source=overlook-zfs-pool02 +``` + +* [block sizes and multiples](https://www.linuxnix.com/what-you-should-know-about-linux-dd-command/) +* [How to use a file as a zpool](https://serverfault.com/questions/583733/how-to-use-a-file-as-a-zpool) + +## How to move containers to a new storage pool on the same host + +[link](https://discuss.linuxcontainers.org/t/how-to-move-containers-to-a-new-storage-pool-on-the-same-host/2798) + +```shell +lxc stop container_name +lxc move container_name temp_container_name -s new_storage_pool +lxc move temp_container_name container_name +lxc start container_name +``` + +## Changing existing containers to use the bridge profile + +Suppose we have an existing container that was created with the default profile, and got the LXD NAT network. Can we switch it to use the bridge profile? + +Here is the existing container. + +```shell +lxc launch ubuntu:x mycontainer + +Creating mycontainerStarting mycontainer +``` + +Let’s assign mycontainer to use the new profile "bridgeprofile". + +```shell +lxc profile assign mycontainer bridgeprofile +``` + +Now we just need to restart the networking in the container. + +```shell +lxc exec mycontainer -- systemctl restart networking.service +``` + +* [Change lxc profile for container](https://blog.simos.info/how-to-make-your-lxd-containers-get-ip-addresses-from-your-lan-using-a-bridge/) + + +## /etc/netplan/ for containers + +```shell +network: + ethernets: + eth0: + addresses: + - 192.168.0.206/24 + gateway4: 192.168.0.1 + nameservers: + addresses: [ 1.1.1.1, 8.8.8.8 ] + version: 2 +``` + +## backup (export) containers to a file +```shell +bdate=$(date +"%Y-%m-%d") && for ct in $(lxc list -c n --format csv); do lxc export $ct /mnt/data2/container-backup/$bdate-$ct.tgz; done +``` + +## restore container from backup +``` +lxc import /.tgz +``` \ No newline at end of file diff --git a/SSH Notes.md b/SSH Notes.md new file mode 100644 index 0000000..ed2b22d --- /dev/null +++ b/SSH Notes.md @@ -0,0 +1,211 @@ +# SSH Notes + +## SSH Tunneling + +### Local Forwarding + +#### Examples + +NOTE: these use autossh to prevent the tunnel from dying + +Plex + +```shell +autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com +``` + +ESXi + +```shell +autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 chawley@aristotle.planethawleywood.com +``` + +Both ESXi and AWX + +```shell +autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 -L 8091:192.168.0.25:80 chawley@aristotle.planethawleywood.com +``` + +Both Plex and Derry OD + +```shell +autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 -L 8070:192.168.0.209:80 chawley@aristotle.planethawleywood.com +``` + +--- + + + + + + + + + + + + + + + + + + + + + + + + + + +
Protocol + SSH +
From + my office workstation +
To + RRD Jumpbox (54.84.9.50) +
Via + chawley2@ladmin2 +
Notes + I have the jumpbox host configured in.ssh/config on both machines +
ssh -N -L 8090:54.184.92.50:22 chawley2@ladmin2.precisiondm.com +
+ + + + + + + + + + + + + + + + + + + + + + + +
Protocol + web +
From + my office workstation +
To + Plex (derry) +
Via + chawley@aristotle +
ssh -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com +
+ + +### Remote Forwarding + +NOTE: By default, OpenSSH only allows connecting to remote forwarded ports from the server host. However, the GatewayPorts option in the server configuration file sshd_config can be used to control this. + +The following alternatives are possible: + +```shell +GatewayPorts no +``` + +This prevents connecting to forwarded ports from outside the server computer. + +```shell +GatewayPorts yes +``` + +This allows anyone to connect to the forwarded ports. If the server is on the public Internet, anyone on the Internet can connect to the port. + +#### Examples + + + + + + + + + + + + + + + + + + + + + +
Protocol + web +
From + derry +
To + overlook +
Notes + This allows you to access apache web pages on derry by visiting http://overlook.planethawleywood.com:8888 as long as GatewayPorts yes is present in /etc/ssh/sshd_config (as explained above) and port 8888 is open on Overlook +
ssh -R 8888:localhost:80 root@overlook +
+ +### Reference + +* [How To Use SSH Tunneling](https://www.howtogeek.com/168145/how-to-use-ssh-tunneling/) +* [SSH Port Forwarding Example](https://www.ssh.com/ssh/tunneling/example) + + +## Kill Unresponsive SSH + +### Summary + +Let’s say you’re happily typing in your remote shell when all of a sudden, the crappy Wi-Fi network you’re using goes down. You end up with a perfectly unusable frozen shell, ugh! + +To do that, assuming you lost connectivity, press in that order: + + +```shell +[Enter] +~ +. +``` + + +That is, <return key> then tilde then period + +This will send an escape sequence to your local SSH client and terminate the connection.—So this will always work even without a network connection. + +Here’s the list of escape sequences: + + +### Supported escape sequences: + +`~.` - terminate connection (and any multiplexed sessions) \ +`~B` - send a BREAK to the remote system \ +`~C` - open a command line \ +`~R` - Request rekey (SSH protocol 2 only) \ +`~^Z `- suspend ssh \ +~# - list forwarded connections \ +~& - background ssh (when waiting for connections to terminate) \ +~? - this message \ +~~ - send the escape character by typing it twice \ + \ +(Note that escapes are only recognized immediately after newline.) + + +## SSH Keygen + +### Generate an SSH Key with a comment + +```shell +ssh-keygen -C "comment" -f +``` +