Snippets #
IT Links
Sammlung von Links die ich spannend finde und/oder genutzt habe, oder welche ich mir merken möchte.
- Microsoft Administrator Sites
- Microsoft Technische Dokumentation
- Samba Wiki
- LVM vergrößern
- Proxmox Festplatte vergrößern
-
Borgbackup bei Hetzner
Borgbackup mit einer Storagebox bei Hetzner einrichten
Ansible
Linksammlung zum Thema Ansible
- Ansible Lockdown
- Ansible Lockdown Git
- Ansible Lockdown Per-Host Lockdown Configuration
- Ansible Role Macos Defaults
- Ansible Hardening dev-sec.io
- Ansible hardening
- Testing Ansible
- Geerlingguy - Jeff Geerling
Macos
Macos related Links
Logcheck
- bootstrap.sh/rootfs/etc/logcheck/ignore.d.server at master · Samayel/bootstrap.sh
- bwesterb/x-logcheck: Extra ignore rules for logcheck
- fabi125/logcheck-rules: My personal set of additional logcheck rules
- frlan/logcheck-local-rules: A collection of addition local rules
- Logcheck
- logcheck-ignores/dovecot-extra at master · kheiken/logcheck-ignores
- logcheck-rules/ignore.d.server at master · Pilat66/logcheck-rules
- logcheck-rules/rules at master · trilader/logcheck-rules
- logcheck/rulefiles/linux/ignore.d.server at master · dnnr/logcheck
- logcheck/rulefiles/linux/ignore.d.server at master · tbarbette/logcheck
- muokata/logcheck-extra: extra logcheck rules
- my-logcheck-rules/ignore.d.server at master · sylvestre/my-logcheck-rules
Git: was wird beim push übertragen #
Welche Commits sind enthalten
1git log @{u}..HEAD --onelineWas ist der Inahl† aller Commits (diff)
1git diff @{u}..HEADSSH nur mit Passwort #
1ssh -o PubkeyAuthentication=no -o PreferredAuthentications=passwordDownload Spam #
1wget -q -N -P /var/lib/spamassassin/training/downloads/ http://untroubled.org/spam/$$(date +%%Y-%%m.7z -d 'last month')
2wget -q -N -P /var/lib/spamassassin/training/downloads/ http://untroubled.org/spam/$$(date +%%Y-%%m.7z)Mastodon Wartung #
1bundle exec rake db:migrate
2tootctl statuses remove --days=7
3tootctl preview_cards remove --days=7
4tootctl media remove --days=14
5tootctl media remove-orphans
6tootctl cache clear
7tootctl accounts cullRam cache leeren #
1sync; echo 1 > /proc/sys/vm/drop_cachesLeeren branch in git erstellen #
1git switch --orphan pages
2git commit --allow-empty -m "Initial commit on orphan branch"
3git push -u origin pagesGit – Alle Repos clonen #
1tea login add
2for i in $(tea repos ls --fields ssh -o simple -l git.example.com -T source); do git clone $i; doneZone aus Samba extrahieren #
1#!/bin/sh
2#
3# Extract DNS zone from Samba4 native DNS using samba-tool
4#
5# Prerequistes:
6# samba krb5-workstation
7
8SAMBA_TOOL=samba-tool
9
10#kinit Administrator
11#trap "kdestroy; rm -f $TMPFILE" 0 1 2 15
12#klist
13## -k=yes doesn't work...
14## Using --password isn't secure.
15USER=Administrator
16echo -n "$USER password:" >&2; stty -echo; read PASS; stty echo; echo '' >&2
17echo 'Please ignore "Cannot do GSSAPI to an IP address" errors...' >&2
18
19## Extract zones
20# 2 zone(s) found
21#
22# pszZoneName : a.example.or.jp
23# Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
24# ZoneType : DNS_ZONE_TYPE_PRIMARY
25# Version : 50
26# dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
27# pszDpFqdn : DomainDnsZones.a.example.or.jp
28#
29# pszZoneName : _msdcs.a.example.or.jp
30# Flags : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
31# ZoneType : DNS_ZONE_TYPE_PRIMARY
32# Version : 50
33# dwDpFlags : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
34# pszDpFqdn : ForestDnsZones.a.example.or.jp
35
36#$SAMBA_TOOL dns zonelist localhost --kerberos=yes > $TMPFILE
37ZONES=`$SAMBA_TOOL dns zonelist localhost -U "$USER" --password "$PASS" | awk '$1 ~ /pszZoneName/{print $3}'`
38
39## queryzone $zone "ForestDnsZones"
40queryzone () {
41 local zone="$1"
42 local entry="$2"
43 local qentry="$entry"
44 local name
45 local children
46 local lhs
47 test -z "$entry" && qentry="@"
48
49 $SAMBA_TOOL dns query localhost $zone "$qentry" ALL -U "$USER" --password "$PASS" |
50# Name=, Records=3, Children=0
51# SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
52# NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
53# A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
54# Name=_msdcs, Records=0, Children=0
55# Name=_sites, Records=0, Children=1
56# Name=_tcp, Records=0, Children=4
57 while read line; do
58 set $line
59 case "$1" in
60 Name=*,)
61 name=`expr $1 : 'Name=\([^,]*\)*,'`
62 children=`expr $3 : 'Children=\([0-9]*\)'`
63 if [ $children -gt 0 ]; then
64 queryzone $zone $name${entry:+.}$entry
65 fi
66 if [ -z "$name" ]; then
67 if [ -z "$entry" ]; then
68 lhs="@"
69 else
70 lhs="${entry}"
71 fi
72 else
73 lhs="${name}${entry:+.}${entry}"
74 fi
75 ;;
76 SOA:)
77# SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
78 echo "$@" | sed -e 's/.*serial=\([0-9]*\), refresh=\([0-9]*\), retry=\([0-9]*\), expire=\([0-9]*\), minttl=\([0-9]*\), ns=\([^,]*\), email=\([^,]*\) (flags=.*, serial=[0-9]*, ttl=\([0-9]*\))/'"${name:-@}"' \8 IN SOA \6 \7 \1 \2 \3 \4 \5/'
79 ;;
80# NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
81# A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
82 NS:|A:|AAAA:)
83 echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \3 IN \1 \2/p'
84 ;;
85# SRV: ad01.a.example.or.jp. (88, 0, 100) (flags=f0, serial=1, ttl=900)
86 SRV:|MX:)
87 echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (\([0-9]*\), \([0-9]*\), \([0-9]*\)) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \6 IN \1 \4 \5 \3 \2/p'
88 ;;
89# CNAME: ad01.a.example.or.jp. (flags=f0, serial=1, ttl=900)
90 CNAME:)
91 echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \3 IN \1 \2/p'
92 ;;
93 *)
94 echo "ERROR unknown record type $1; aborting" >&2; exit 1
95 ;;
96 esac
97 done
98}
99
100echo Zones: $ZONES >&2
101for zone in $ZONES; do
102 echo '$ORIGIN' $zone
103 echo ''
104 queryzone $zone ""
105 echo ''
106done ;# zone $ZONES
Festplatten in Proxmox bewegen #
Dieses Script migriert alle Festplatten einer VM auf einen anderen Storage
1#!/bin/bash
2
3VMID=0
4STORAGE_DEST=""
5HOST_DEST=""
6
7while getopts ":i:s:h" opt
8do
9 case $opt in
10 i ) VMID=$OPTARG ;;
11 s ) STORAGE_DEST=$OPTARG ;;
12 h ) HOST_DEST=$OPTARG ;;
13 \? ) echo "Error"
14 exit 1 ;;
15 : ) echo "Option -$OPTARG requires an argument"
16 exit 1 ;;
17 esac
18done
19
20VMS="$(qm list | egrep "[0-9]{3}" | awk '{print $1}')"
21echo $VMS
22
23if [[ $VMID=="all" ]]
24then
25 for j in $VMS; do
26 DISCOS="$(qm config $j | egrep "^virtio[0-9]|^scsi[0-9]" | awk '{print $1}' | tr -d ":")"
27 echo $DISCOS
28 for i in $DISCOS; do
29 qm move_disk $j $i $STORAGE_DEST --delete --format qcow2
30 done
31 done
32else
33 DISCOS="$(qm config $VMID | egrep "^virtio[0-9]|^scsi[0-9]" | awk '{print $1}' | tr -d ":")"
34 for i in $DISCOS; do
35 qm move_disk $VMID $i $STORAGE_DEST --delete --format qcow2
36 done
37
38fi
39#qm migrate $VMID $HOST_DEST --online
Siehe auch:
- Linux Storage – RAID, LVM, Verschlüsselung, Partitionierung
- Podman – Container bauen und mit systemd starten
