itday.org.ua

proxy-side config:

upstream itday.org.ua {
# main server, we are receiving requests here when it is alive
server your_awesome_IP1_here:8891 max_fails=3 fail_timeout=30s;

# backup server, we will forward traffic to it, when the first one is died
server your_awesome_IP2_here:8891 backup;
}

server {
listen your_awesome_PROXY_ip:80;
server_name itday.org.ua www.itday.org.ua;

# fix to make possible handle letsencrypt for this domain
location /.well-known/acme-challenge/ {
root /var/www/letsencrypt; # Certbot store challenge files here
}

location / {
proxy_pass http://itday.org.ua;

# basic headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

# timeouts
proxy_connect_timeout 5s;
proxy_send_timeout 30s;
proxy_read_timeout 30s;

# Keepalive
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}

I am using Nginx to Nginx connection, so I need to tell my backend the proxy IP, in order to see the real IPs in the logs, I did it via a simple file include inside the http section:

include /etc/nginx/backend_real_ips.conf;

The backend_real_ips.conf file content:

#
set_real_ip_from your_awesome_PROXY_ip; # Our super proxy
real_ip_header X-Real-IP; # We will take IP from this header
real_ip_recursive on; # We can handle a few IPs, if we see some chain here, why not

In this example we are adding IP 192.168.1.235 (also we mention GW and DNS for it ) and removing the IP 192.168.1.233

nmcli connection modify ens18 ipv4.addresses 192.168.1.235/24 ipv4.gateway 192.168.1.1 ipv4.dns 8.8.8.8,1.1.1.1
nmcli connection modify ens18 -ipv4.addresses 192.168.1.233
service NetworkManager restart
nmcli connection reload

for i in $(awk '{print $2}' /etc/trueuserdomains); do uapi --user=$i Email list_pops | egrep "\s+email:" ; done
original post

Check if FB bot is present:

grep -c "facebook.com/externalhit_uatext.php" /etc/apache2/logs/domlogs/*/*|awk -F'/' {'print $7'}|awk -F: {'print $2,$1'}|sort -k 1

Block whole FB bot network:
yum install -y whois;for i in `whois -h whois.radb.net -- '-i origin AS32934' | grep ^route |grep -v route6|awk {'print $2'}`;do csf -d $i "FB bot network https://developers.facebook.com/docs/sharing/webmasters/crawler/#crawler-rate-limits";done

f you need a quick way to find out how much RAM your Linux system supports or to determine the number of DIMM slots available, you can use a command line tool called dmidecode.

dmidecode command is a tool for dumping a computer’s DMI (some say SMBIOS) table contents in a human-readable format. Thanks to this table, you can retrieve this information without having to probe for the actual hardware.

# archlinux
yaourt -S dmidecode

# ubuntu
sudo apt-get install dmidecode

To find out the maximum RAM capacity and the number of RAM slots available, use the following command:

sudo dmidecode -t 16

The Maximum Capacity is the maximum RAM supported by your system, while Number of Devices is the number of memory (DIMM) slots available on your computer.

To see complete memory information, including the info above along with currently installed memory information (RAM speed, size, etc.), use:

sudo dmidecode -t memory

Original article is stored here

root@nodes:~# kpartx -v -a /dev/pve/vm-104-disk-0
add map pve-vm--104--disk--0p1 (252:6): 0 2048 linear 252:8 2048
add map pve-vm--104--disk--0p2 (252:12): 0 3715072 linear 252:8 4096
add map pve-vm--104--disk--0p3 (252:13): 0 38221824 linear 252:8 3719168

mount /dev/mapper/pve-vm--104--disk--0p1 /mnt/

kpartx -dv /dev/pve/vm-104-disk-0

Helpful links:
https://superuser.com/questions/211338/how-to-mount-a-multi-partition-disk-image-in-linux

@reboot /bin/sh /root/scripts/route.sh

#!/bin/bash
#deal with missing route after reboot, not the best way but can be used until i will find the root of the issue:
/usr/bin/sleep 300
/usr/sbin/ip route add 192.168.99.1 dev eno1
/usr/sbin/route add default gw 192.168.99.1 eno1

* First create a new KVM with a Harddisk. I used a QEMU-Disk
* Start the VM with a Linux-Live-ISO
* Create the following partitions:
– Linux boot (ext2/3)
– Linux Data (i.e. ext4)
– swap

*set the boot-flag on the boot-partition
* shut down the KVM
* connect to host-console – I preferred to login by ssh
* mount LXC-Disk by enter

pct mount { LXC-ID }

you get the directory of the containers sysroot

* mount the new KVM-harddisk by using the following command:

modprobe nbd max_part=3

qemu-nbd -c /dev/nbd0 { KVM-Disk } // i.e.: vm-114-disk-1.qcow2

mount /dev/nbd0p2 { mount-point }

**** be careful: don’t use /mnt – it’s used by the host *** better use /media

* change to the sysroot-directory you got before
* copy the whole directory-structure to the mounted disk by using rync

rsync -a * { mount-point }

* unmount KVM-disk by enter

umount { mount point }

qemu-nbd -d /dev/nbd0

rmmod nbd

* unmount container-disk by

pct unmount { LXC-ID }

* now start the KVM again with a Live-ISO – should be equal to the LXC-OS
* mount the KVM-Disk i.e. /mnt

mount /dev/sda2 /mnt
mount /dev/sda1 /mnt/boot

* change sysroot by enter

mount -o bind /sys /mnt/sys
mount -o bind /dev /mnt/dev
mount -t proc /proc /mnt/proc
chroot /mnt

* install bootloader grub2

yum install grub2

* install a kernel

yum install kernel

* configure grub2-bootloader

grub2-install --force /dev/sdX1
grub2-mkconfig -o /boot/grub2/grub.cfg

* change the owner-id’s of /bin

cd /bin
chown root:root *

* exit chroot by

exit

* reboot in the KVM

Original post is stored here

yum install ea-liblsapi ea-liblsapi-devel
yum install ea-apache24-mod_lsapi
/usr/bin/switch_mod_lsapi --setup
If you run CL:
cagefsctl --force-update

apt-get install rsyslog