ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login
    1. Topics
    2. Romo
    3. Best
    • Profile
    • Following 3
    • Followers 2
    • Topics 54
    • Posts 875
    • Groups 0

    Posts

    Recent Best Controversial
    • RE: Creating an anonymous samba share in CentOS 7

      @wirestyle22 said in Creating an anonymous samba share in CentOS 7:

      @Romo Still don't know where I'm going wrong here 😞 Is this correct?

      0_1471400945289_GLOBALSETS.jpg

      -Modify your global config settings :
      map to guest = Bad User you wrote Bad user

      Restart your services
      systemctl restart smb.service
      systemctl restart nmb.service

      Check your folder owner and permissions again.

      posted in IT Discussion
      RomoR
      Romo
    • RE: What Are You Doing Right Now

      Setting up a new kvm host in my lab in order to test deployment for debian based machines with kickstart+preseed file.

      posted in Water Closet
      RomoR
      Romo
    • RE: Install Zabbix on CentOS 7

      Just finished setting up a Zabbix vm following the guide =).

      posted in IT Discussion
      RomoR
      Romo
    • RE: What Are You Doing Right Now

      Setting up my first Hyper V Server 2016 install via an ip-kvm, finally!!!!!!!!

      posted in Water Closet
      RomoR
      Romo
    • RE: SparkleShare Self hosted Dropbox alternative

      @scottalanmiller I will give it look 😃 and try to set it up!

      posted in IT Discussion
      RomoR
      Romo
    • RE: What Are You Doing Right Now

      Studying about AWS on linuxacademy.

      posted in Water Closet
      RomoR
      Romo
    • RE: Install Zabbix on CentOS 7

      @Sparkum Finally got a windows vm setup and got the agent working.

      alt text

      This are the steps I took to get it working:

      Download windows pre-compiled agent:
      http://www.zabbix.com/downloads/3.0.0/zabbix_agents_3.0.0.win.zip

      From an elevated cmd promt
      I went inside the extracted folders to install the zabbix agent as a service:
      zabbix_agents_3.0.0.win\bin\win64\

      Executed the following command to install the service and point to the config file:
      zabbix_agent_d.exe --config "..\..\conf\zabbix_agentd.win.conf" --install

      Now we need to edit the config file to point to our zabbix server:
      zabbix_agents_3.0.0.win\conf\zabbix_agentd.win.conf

      Modify the following options:

      Server=Zabbix Server IP Address
      ServerActive=Zabbix Server IP Address
      Hostname= FQDN of windows host
      

      Went back to the bin folder and started the service:
      ..\zabbix_agents_3.0.0.win\bin\win64\zabbix_agent_d.exe --start

      Allow the zabbix_agentd.exe executable throught the windows firewall.

      Add the host to the Zabbix Server
      alt text

      In new host settings add:

      # HOST TAB 
      Host name = FQDN of your windows host
      Groups = Use a preset group or create a new one
      Agent Interfaces = IP address of Windows Host
      Enabled =  Checked.
      
      #Templates Tab
      Link new templates = Template OS Windows
      

      Save your newly created host and wait for a couple of minutes to get it talking to your server
      alt text

      Its done and reporting =).
      alt text

      posted in IT Discussion
      RomoR
      Romo
    • RE: What Are You Doing Right Now

      Just finished setting up a lab using Cisco's Packet Tracer to recreate layer 3 routing and inter-vlan communication. Everything is working properly according to the desired setup so I think I now know how to fix the problems I was having in the production network.

      posted in Water Closet
      RomoR
      Romo
    • RE: Installing Snipe-IT on CentOS 7 and MariaDB

      @jfc Setup you CentOS 7 vm and only use their install script.

      wget https://raw.githubusercontent.com/snipe/snipe-it/master/install.sh
      chmod 744 install.sh
      ./install.sh
      

      It will download everything you need and get you to a working Snipe IT installation, I just setup my own Snipe IT vm like this =).

      posted in IT Discussion
      RomoR
      Romo
    • RE: Subnetting

      @wrcombs Classful networking was replaced with CIDR- Classless Inter-Domain Routing, which basically allows you to subnet your network to whatever size you want without really taking into consideration the specific IP ranges that where used before for subnett classes before.

      So as you mention, it is totally find today to use the 10.X.X.X and subnet it to only have 254 hosts in the network when using a 255.255.255.0 mask if that is what you require for network.

      posted in Water Closet
      RomoR
      Romo
    • RE: Struggling to Understand Kernel and OS Separation

      We have a troll in the house!

      posted in IT Discussion
      RomoR
      Romo
    • RE: CentOS automatically created virbr0 and virbr0-nic and killed my cloud services (?)

      You have libvirt installed that's why the virbr0 nics where created and you could delete them with virsh.

      It is not part of the default Centos 7 minimal install.

      posted in IT Discussion
      RomoR
      Romo
    • RE: CentOS automatically created virbr0 and virbr0-nic and killed my cloud services (?)

      Since you are using vSphere client, you must be using VMware as your hypervisor.

      It is indeed really strange why Kvm virtualization packages would be installed in your vms.

      posted in IT Discussion
      RomoR
      Romo
    • RE: Installing Snipe-IT on CentOS 7 and MariaDB

      @rejivincentc said in Installing Snipe-IT on CentOS 7 and MariaDB:

      @scottalanmiller Script used - yum -y install wget firewalld; setenforce 0 && yum -y install epel-release; mkdir -p /var/www/html; cd /var/www/html/; wget https://raw.githubusercontent.com/snipe/snipe-it/master/install.sh && chmod 744 install.sh && ./install.sh && cd snipeit; sed -i "s/'timezone' => '',/'timezone' => 'UTC',/" app/config/app.php; php artisan app:install; firewall-cmd --zone=public --add-port=80/tcp --permanent; firewall-cmd --reloadrpm

      OS -Centos 7
      snipe-it-3.4

      Just use the following and it will take you to a working install of Snipe-IT

      wget https://raw.githubusercontent.com/snipe/snipe-it/master/install.sh
      chmod 744 install.sh
      ./install.sh
      
      posted in IT Discussion
      RomoR
      Romo
    • Lookin for best method to create a network bridge CentOS 7

      I usually just created the interface scripts by hand and disabled Network Manager, but a colleague just told I should just be using Network Manager to create the bridge. Is there a best practice on how to create network bridges in CentOS 7 or it really doesn't matter?

      @scottalanmiller @travisdh1 @stacksofplates

      posted in IT Discussion linux bridge-utils centos7 centos
      RomoR
      Romo
    • RE: Chrome Browser in Ubuntu 17.04

      First thing you should do is drop 17.04 since it is still alpha, and start using either 16.04 or 16.10, as @stacksofplates recommends, get you base system ready and then start installing your desired third-party applications.

      posted in IT Discussion
      RomoR
      Romo
    • Snap, Flatpak or App image what are their pros and cons?
      • AppImage
      • Snaps
      • Flatpak

      All of them have more or less the same goals: contained applications that can be packaged once and deployed everywhere.

      What are the pros and cons of each? What is your opinion about them?

      posted in IT Discussion snaps appimage flatpak
      RomoR
      Romo
    • RE: Get Your Public IP Address with WGET

      A bit shorter

      wget -qO- icanhazip.com
      
      posted in IT Discussion
      RomoR
      Romo
    • RE: Invoice Software - Office 365 Or Purchase Software Suite?

      @garak0410 Set up your Ubuntu Server 16.10 vm, and try my script to install Invoice Ninja with a self signed SSL certificate.

      It has been building properly in all of my tests, it seems to hang during the app db migration but just let it run. Also remember when creating the ssl cert, to set your FQDN or IP (which ever you chose at the beginning) in the COMMON NAME option.

      Get it with the following command or just copy paste the full script.

      wget  https://raw.githubusercontent.com/rodrigo-hissam/invoice-ninja-installer/master/ininja-installer.sh
      chmod +x ininja-installer.sh
      ./ininja-installer.sh
      

      FULL SCRIPT

      #!/bin/bash
      
      ############################################
      #	    Invoice Ninja Install Script   #
      #     Script Created by Rodrigo Moreno     #
      #    	 for https://mangolassi.it         #
      ############################################
      
      
      # Ensure running as root
      # composer should not be ran as root.
      #if [[ $ EUID -ne 0 ]]; then
      #  exec sudo "$0" "$@"
      #fi
      # Variables and inital setup
      clear
      
      name="ininja"
      hostname="$(hostname)"
      fqdn="$(hostname)"
      tmp=/tmp/$name
      logfile=/var/log/invoice-ninja-install.log
      webdir=/var/www/html
      user=$USER
      app_key="$(< /dev/urandom tr -dc _A-Za-z-0-9 2>&1 | head -c32)"
      app_user=${name}'_user'
      
      spin[0]="-"
      spin[1]="\\"
      spin[2]="|"
      spin[3]="/"
      
      rm -rf ${tmp:?}
      mkdir $tmp
      
      
      cat << EOF
      
          ____                 _              _   ___         _          
         /  _/___ _   ______  (_)_______     / | / (_)___    (_)___ _    
         / // __ \ | / / __ \/ / ___/ _ \   /  |/ / / __ \  / / __  /    
       _/ // / / / |/ / /_/ / / /__/  __/  / /|  / / / / / / / /_/ /     
      /___/_/ /_/|___/\____/_/\___/\___/  /_/ |_/_/_/ /_/_/ /\__,_/      
                                                       /___/             
      
      EOF
      
      echo " Welcome to the Invoice Ninja Installer for Ubuntu 16.10!"
      echo ""
      echo ""
      
      
      #Getting your FQDN.
      echo -n "  Q. What is the FQDN of your server? ($fqdn): "
      read fqdn
      if [ -z "$fqdn" ]; then
              fqdn="$(hostname --fqdn)"
      fi
      echo "     Setting to $fqdn"
      echo ""
      
      # Set your own passwords, or generate random ones?
      until [[ $ans == "yes" ]] || [[ $ans == "no" ]]; do
      echo -n "  Q. Do you want me to automatically create the invoice ninja database user password? (y/n) "
      read setpw
      
      case $setpw in
              [yY] | [yY][Ee][Ss] )
                      mariadbuserpw="$(< /dev/urandom tr -dc _A-Za-z-0-9 2>&1 | head -c24)"
                      ans="yes"
                      ;;
              [nN] | [n|N][O|o] )
                      echo -n  "  Q. Insert your mariadb database user password:"
                      read -s mariadbuserpw
                      echo ""
      		ans="no"
                      ;;
              *) 	echo "  Invalid answer. Please type y or n"
                      ;;
      esac
      done
      
      echo ""
      echo  "* Making sure your Ubuntu install is updated (apt-get update)... ${spin[0]}"
      echo ""
      sudo apt-get update 
      
      echo""
      echo  " Upgrading your packages (apt-get upgrade)"
      echo ""
      sudo apt-get upgrade -y
      echo ""
      
      
      
      echo ""
      echo ""
      echo "* LEMP stack install and setup"
      echo "------------------------------"
      
      # NGINX
      echo ""
      echo "- Installing nginx " 
      echo ""
      sudo apt-get install nginx -y
      echo ""
      
      
      
      # MARIADB
      echo ""
      echo ""
      echo  "- Installing MariaDB "
      sudo apt-get install software-properties-common -y
      sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
      sudo add-apt-repository 'deb [arch=amd64,i386] http://mirror.jmu.edu/pub/mariadb/repo/10.1/ubuntu yakkety main'
      sudo apt-get update
      sudo apt-get install mariadb-server -y
      echo ""
      echo ""
      echo "- Hardening mariadb installation"
      mysql_secure_installation
      echo ""
      echo "Create the database for Invoice Ninja..."
      echo -n "Please enter your MARIADB root password: "
      read -s mariadbrootpw
      mysql -uroot -p${mariadbrootpw} -e "CREATE DATABASE ${name};"
      mysql -uroot -p${mariadbrootpw} -e "CREATE user ${name}_user@localhost IDENTIFIED BY '${mariadbuserpw}';"
      mysql -uroot -p${mariadbrootpw} -e "GRANT ALL PRIVILEGES ON ${name}.* TO '${name}_user'@'localhost';"
      mysql -uroot -p${mariadbrootpw} -e "FLUSH PRIVILEGES;"
      
      
      
      #PHP and extras
      echo ""
      echo ""
      echo "- Installing and setting up PHP7.0 and its extensions "
      sudo apt-get install curl wget php7.0 php7.0-fpm php7.0-mysql php7.0-mcrypt php7.0-gd php7.0-curl php7.0-mbstring php7.0-zip php7.0-gmp php7.0-xml -y
      sudo sed -i.bak 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/7.0/fpm/php.ini
      sudo phpenmod -v 7.0 mcrypt
      sudo systemctl restart php7.0-fpm
      cd $tmp
      echo ""
      echo ""
      curl -sS https://getcomposer.org/installer | php
      sudo mv composer.phar /usr/local/bin/composer
       
      
      #Invoice Ninja
      echo ""
      echo  "- Installing git and cloning the Invoice Ninja repo "
      sudo apt-get install git
      git clone https://github.com/hillelcoren/invoice-ninja.git  $name 
      sudo mv $name $webdir
      sudo chown -R $user:$user $webdir/$name
      cd $webdir/$name
      
      
      #
      echo ""
      echo "---- Downloading Invoice Ninja Dependencies "
      composer install --no-dev -o
      
      # Setting env variables
      echo ""
      echo "- Setting up .env file"
      mv .env.example .env
      sudo sed -i.bak "s/DB_DATABASE=ninja/DB_DATABASE=${name}/g" .env
      sudo sed -i.bak "s/DB_USERNAME=ninja/DB_USERNAME=${app_user}/g" .env
      sudo sed -i.bak "s/DB_PASSWORD=ninja/DB_PASSWORD=${mariadbuserpw}/g" .env
      
      sudo sed -i.bak "s/APP_UR:L=http:\/\/ninja.dev/APP_URL=${fqdn}/g" .env
      
      # Running db migrations and seeding the db
      echo ""
      echo "- Running invoice ninja db migration, this will take a while"
      php artisan migrate
      php artisan db:seed
      
      php artisan key:generate
      
      
      # Creating a new PHP-FPM pool for our user
      echo ""
      echo "- Creating a new PHP-FPM pool"
      cat  > $tmp/$user.conf << EOF
      [$user]
      user = $user
      group = $user
      listen = /var/run/php/php7.0-fpm-$user.sock
      listen.owner = $user
      listen.group = www-data
      listen.mode = 0660
      pm = ondemand
      pm.max_children = 5
      pm.process_idle_timeout = 10s;  
      pm.max_requests = 200  
      chdir = /  
      EOF
      
      # Moving the pool conf and restarting the service
      sudo mv $tmp/$user.conf /etc/php/7.0/fpm/pool.d/
      sudo systemctl restart php7.0-fpm.service 
      
      echo ""
      echo "# Creating self signed certificate and nginx config"
      echo""
      # Create the SSL self sigend certificate
      sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
      # Diffie-Hellman group, used in negotiating Perfect Forward Secrecy with clients.
      sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
      
      cat > $tmp/ssl.conf << EOF
      server {
          listen 443 http2 ssl;
          listen [::]:443 http2 ssl;
      
          server_name $fqdn;
      
          ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
          ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
          ssl_dhparam /etc/ssl/certs/dhparam.pem;
      
          ########################################################################
          # from https://cipherli.st/                                            #
          # and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html #
          ########################################################################
      
          ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
          ssl_prefer_server_ciphers on;
          ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
          ssl_ecdh_curve secp384r1;
          ssl_session_cache shared:SSL:10m;
          ssl_session_tickets off;
          ssl_stapling on;
          ssl_stapling_verify on;
          resolver 8.8.8.8 8.8.4.4 valid=300s;
          resolver_timeout 5s;
          # Disable preloading HSTS for now.  You can use the commented out header line that includes
          # the "preload" directive if you understand the implications.
          #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
          add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
          add_header X-Frame-Options DENY;
          add_header X-Content-Type-Options nosniff;
      
          ##################################
          # END https://cipherli.st/ BLOCK #
          ##################################
      
          charset utf-8;
      
          root /var/www/html/$name/public;
      
          index index.html index.htm index.php;
      
          location / {
          	try_files \$uri \$uri/ /index.php?\$query_string;
          }
      
          location = /favicon.ico { access_log off; log_not_found off; }
          location = /robots.txt  { access_log off; log_not_found off; }
      
          access_log  /var/log/nginx/ininja.access.log;
          error_log   /var/log/nginx/ininja.error.log;
      
          sendfile off;
      
          location ~ \.php$ {
              fastcgi_split_path_info ^(.+\.php)(/.+)$;
              fastcgi_pass unix:/var/run/php/php7.0-fpm-$user.sock;
              fastcgi_index index.php;
              include fastcgi_params;
              fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;
              fastcgi_intercept_errors off;
              fastcgi_buffer_size 16k;
              fastcgi_buffers 4 16k;
          }
      
          location ~ /\.ht {
              deny all;
          }
      }
      
      server {
              listen 80;
              server_name $fqdn;
              return  301 https://\$server_name\$request_uri;
      }
      EOF
      
      sudo mv $tmp/ssl.conf /etc/nginx/conf.d/
      
      sudo systemctl restart php7.0-fpm.service 
      sudo systemctl restart nginx.service
      
      echo "ALL DONE!!! Point your web browser to ${fqdn} and complete the setup"
      

      After running the script, just pointed my browser to my servers ip (192.168.2.26) and voila you can now finish the setup.
      alt text

      posted in IT Discussion
      RomoR
      Romo
    • RE: Expanding disks on Ubuntu on XenServer for Plex

      If your root filesystem is ext4:

      Add another VHD to your vm - (we will assume it will be /dev/xvdc and 10G in size)

      pvcreate /dev/xvdc
      vgextend plex--vg /dev/xvdc
      vgs #check your new vg size - Optional
      lvextend -L+10G /dev/mapper/plex--vg-root
      lvs #check your new lv size -Optional
      resize2fs /dev/mapper/plex--vg-root
      

      Done

      Edit: Don't really know if you can resize your filesystem being 100% full. I have never expanded root in this condition.

      posted in IT Discussion
      RomoR
      Romo
    • 1 / 1