chawley/MarkdownNotes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Migrated from ncnotes

Browse Source
This commit is contained in:
Charles Hawley
2023-04-26 15:42:07 -04:00
parent 88c8def207
commit 198fec048a
2 changed files with 324 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
LXC Cheatsheet.md Normal file
View File

@@ -0,0 +1,113 @@
# LXD/LXC cheat sheet
I've installed LXD on my home server and have found a lot of syntax and one-liners that I've yet to commit to memory. So I'll put them here.
## Install LXD
```shell
snap install lxd
sudo apt install -y git build-essential libssl-dev python3-venv python3-pip python3-dev zfsutils-linux bridge-utils
```
## General links
* [How to initialize LXD again](https://blog.simos.info/how-to-initialize-lxd-again/)
## Install lxdMosaic
[link](https://github.com/turtle0x1/LxdMosaic)
```shell
# Launch an ubuntu container
lxc launch ubuntu: lxdMosaic
# Connect to ubuntu console
lxc exec lxdMosaic bash
# Download the script
curl https://raw.githubusercontent.com/turtle0x1/LxdMosaic/master/examples/install_with_clone.sh >> installLxdMosaic.sh
# Then give the script execution permissions
chmod +x installLxdMosaic.sh
# Then execute the script
./installLxdMosaic.sh
```
## Create zsf pool image file and add it to lxc
```shell
# bs = blocksize, count = number of blocks
# create the image file - 250GB
dd if=/dev/zero of=/mnt/data1/overlook-zfs-pool02 bs=1GB count=250
# Create the loop device (check `df -h` first for available names)
sudo losetup /dev/loop6 /mnt/data1/overlook-zfs-pool02
# Create zfs pool
sudo zpool create overlook-zfs-pool02 /dev/loop6
# View existing zpool list
zpool list
# Add new zpool to lxc storage
lxc storage create overlook-zfs-pool02 zfs source=overlook-zfs-pool02
```
* [block sizes and multiples](https://www.linuxnix.com/what-you-should-know-about-linux-dd-command/)
* [How to use a file as a zpool](https://serverfault.com/questions/583733/how-to-use-a-file-as-a-zpool)
## How to move containers to a new storage pool on the same host
[link](https://discuss.linuxcontainers.org/t/how-to-move-containers-to-a-new-storage-pool-on-the-same-host/2798)
```shell
lxc stop container_name
lxc move container_name temp_container_name -s new_storage_pool
lxc move temp_container_name container_name
lxc start container_name
```
## Changing existing containers to use the bridge profile
Suppose we have an existing container that was created with the default profile, and got the LXD NAT network. Can we switch it to use the bridge profile?
Here is the existing container.
```shell
lxc launch ubuntu:x mycontainer
Creating mycontainerStarting mycontainer
```
Lets assign mycontainer to use the new profile "bridgeprofile".
```shell
lxc profile assign mycontainer bridgeprofile
```
Now we just need to restart the networking in the container.
```shell
lxc exec mycontainer -- systemctl restart networking.service
```
* [Change lxc profile for container](https://blog.simos.info/how-to-make-your-lxd-containers-get-ip-addresses-from-your-lan-using-a-bridge/)
## /etc/netplan/ for containers
```shell
network:
ethernets:
eth0:
addresses:
- 192.168.0.206/24
gateway4: 192.168.0.1
nameservers:
addresses: [ 1.1.1.1, 8.8.8.8 ]
version: 2
```
## backup (export) containers to a file
```shell
bdate=$(date +"%Y-%m-%d") && for ct in $(lxc list -c n --format csv); do lxc export $ct /mnt/data2/container-backup/$bdate-$ct.tgz; done
```
## restore container from backup
```
lxc import <path>/<backup-archive>.tgz
```

211
SSH Notes.md Normal file
View File

@@ -0,0 +1,211 @@
# SSH Notes
## SSH Tunneling
### Local Forwarding
#### Examples
NOTE: these use autossh to prevent the tunnel from dying
Plex
```shell
autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com
```
ESXi
```shell
autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 chawley@aristotle.planethawleywood.com
```
Both ESXi and AWX
```shell
autossh -f -nNT -p3141 -N -L 8090:192.168.0.208:443 -L 8091:192.168.0.25:80 chawley@aristotle.planethawleywood.com
```
Both Plex and Derry OD
```shell
autossh -f -nNT -p3141 -N -L 8080:192.168.0.209:32400 -L 8070:192.168.0.209:80 chawley@aristotle.planethawleywood.com
```
---
<table>
<tr>
<td><strong>Protocol</strong>
</td>
<td>SSH
</td>
</tr>
<tr>
<td><strong>From</strong>
</td>
<td>my office workstation
</td>
</tr>
<tr>
<td><strong>To</strong>
</td>
<td>RRD Jumpbox (54.84.9.50)
</td>
</tr>
<tr>
<td><strong>Via</strong>
</td>
<td>chawley2@ladmin2
</td>
</tr>
<tr>
<td><strong>Notes</strong>
</td>
<td> I have the jumpbox host configured in.ssh/config on both machines
</td>
</tr>
<tr>
<td colspan="2" ><strong><code>ssh -N -L 8090:54.184.92.50:22 chawley2@ladmin2.precisiondm.com</code></strong>
</td>
</tr>
</table>
<table>
<tr>
<td><strong>Protocol</strong>
</td>
<td>web
</td>
</tr>
<tr>
<td><strong>From</strong>
</td>
<td>my office workstation
</td>
</tr>
<tr>
<td><strong>To</strong>
</td>
<td>Plex (derry)
</td>
</tr>
<tr>
<td><strong>Via</strong>
</td>
<td>chawley@aristotle
</td>
</tr>
<tr>
<td colspan="2" ><strong><code>ssh -p3141 -N -L 8080:192.168.0.209:32400 chawley@aristotle.planethawleywood.com</code></strong>
</td>
</tr>
</table>
### Remote Forwarding
NOTE: By default, OpenSSH only allows connecting to remote forwarded ports from the server host. However, the GatewayPorts option in the server configuration file sshd_config can be used to control this.
The following alternatives are possible:
```shell
GatewayPorts no
```
This prevents connecting to forwarded ports from outside the server computer.
```shell
GatewayPorts yes
```
This allows anyone to connect to the forwarded ports. If the server is on the public Internet, anyone on the Internet can connect to the port.
#### Examples
<table>
<tr>
<td><strong>Protocol</strong>
</td>
<td>web
</td>
</tr>
<tr>
<td><strong>From</strong>
</td>
<td>derry
</td>
</tr>
<tr>
<td><strong>To</strong>
</td>
<td>overlook
</td>
</tr>
<tr>
<td><strong>Notes</strong>
</td>
<td>This allows you to access apache web pages on derry by visiting <code>http://overlook.planethawleywood.com:8888</code> as long as <code>GatewayPorts yes</code> is present in <code>/etc/ssh/sshd_config</code> (as explained above) and port 8888 is open on Overlook
</td>
</tr>
<tr>
<td colspan="2" ><strong><code>ssh -R 8888:localhost:80 root@overlook</code></strong>
</td>
</tr>
</table>
### Reference
* [How To Use SSH Tunneling](https://www.howtogeek.com/168145/how-to-use-ssh-tunneling/)
* [SSH Port Forwarding Example](https://www.ssh.com/ssh/tunneling/example)
## Kill Unresponsive SSH
### Summary
Lets say youre happily typing in your remote shell when all of a sudden, the crappy Wi-Fi network youre using goes down. You end up with a perfectly unusable frozen shell, ugh!
To do that, assuming you lost connectivity, press in that order:
```shell
[Enter]
~
.
```
That is, &lt;return key> then tilde then period
This will send an escape sequence to your local SSH client and terminate the connection.—So this will always work even without a network connection.
Heres the list of escape sequences:
### Supported escape sequences:
`~.` - terminate connection (and any multiplexed sessions) \
`~B` - send a BREAK to the remote system \
`~C` - open a command line \
`~R` - Request rekey (SSH protocol 2 only) \
`~^Z `- suspend ssh \
<code>~<em>#</em></code> - list forwarded connections \
<code>~&</code> - background ssh (when waiting for connections to terminate) \
<code>~?</code> - this message \
<code>~~</code> - send the escape character by typing it twice \
\
(Note that escapes are only recognized immediately after newline.)
## SSH Keygen
### Generate an SSH Key with a comment
```shell
ssh-keygen -C "comment" -f <file>
```