janus

systemctl status janus.service
systemctl restart janus.service

more /etc/janus/janus.jcfg
tail -f /usr4/mydetv/logs/janus.log

2021-03-25
Yikes, I’m on version 0.7.6 from 2019-11-27
moving to 0.10.10 from 2021-02-08

k8s tls

kubectl create secret tls secure-tls –cert=secure.dev.homlish.net.2020-05-14.cert.pem –key=secure.dev.homlish.net.2020-05-14.key.pem

k -n grafana create secret tls grafana-tls –cert=cert1.pem –key=privkey1.pem

kubernetes cert-manager

https://cert-manager.io/docs/installation/kubernetes/
https://github.com/jetstack/cert-manager
https://groups.google.com/g/cert-manager-dev
https://app.slack.com/

kubectl create namespace cert-manager
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.crds.yaml

$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.1.0/cert-manager.yaml

let’s do one.
setup dns for weather.homlish.net
10.11.168.3

add to nginx on the firewall

how do we set the external ip address for certificate-manager

Continue reading “kubernetes cert-manager”

geoip maxmind

https://github.com/maxmind/libmaxminddb
https://github.com/maxmind/MaxMind-DB-Reader-php

sudo apt install libmaxminddb0 libmaxminddb-dev mmdb-bin

wget https://github.com/maxmind/MaxMind-DB-Reader-php/archive/v1.8.0.tar.gz
tar xzf v1.8.0.tar.gz
cd MaxMind-DB-Reader-php-1.8.0/
cd ext
./configure –with-php-config=/usr/local/apache2/php/bin/php-config
make
make test
sudo make install

vi /usr/local/apache2/php/php.ini
extension=maxminddb.so

openssl rsa public/private keys

kubectl -n hcr create secret tls hcr-tls-secret \
–cert=hcr.homlish.net.2020-10-27.cert.pem \
–key=hcr.homlish.net.2020-10-27.key.pem

# generate private
openssl genrsa -out private-key.pem 4096
# generate public
openssl rsa -in private-key.pem -outform PEM -pubout -out public.pem

# remove linefeeds for kubernetes
awk ‘NF {sub(/\r/, “”); printf “%s\\n”,$0;}’ private-key.pem
awk ‘NF {sub(/\r/, “”); printf “%s\\n”,$0;}’ public.pem

k8s persistent volume

k patch pv imagesdev -p ‘{“spec”:{“claimRef”: null}}’

k0:/home/phomlish/kubernetes/test-pv
k config set-context –current –namespace=kube-public

k apply -f test-image.yaml
k get pod shell-demo
k exec –stdin –tty shell-demo — /bin/bash
k exec shell-demo env

k delete -f shell-demo.yaml

k get pod shell-demo -o wide

k patch pv homlishca -p ‘{“spec”:{“claimRef”: null}}’

jenkins

https://www.jenkins.io/doc/book/installing/kubernetes/

jenkins: 10.11.168.251
jenkins-agent: 10.11.168.252

k create namespace jenkins

helm -n jenkins delete jenkins
k delete -f jenkins-persistent-volume.yaml
k create -f jenkins-persistent-volume.yaml
helm install jenkins -n jenkins -f jenkins-values.yaml jenkinsci/jenkins

finally got it workig
http://10.11.168.251

printf $(kubectl get secret –namespace jenkins jenkins -o jsonpath=”{.data.jenkins-admin-password}” | base64 –decode);echo

export POD_NAME=$(kubectl get pods –namespace jenkins -l “app.kubernetes.io/component=jenkins-master” -l “app.kubernetes.io/instance=jenkins” -o jsonpath=”{.items[0].metadata.name}”)
get pods –namespace jenkins -l “app.kubernetes.io/component=jenkins-master” -l “app.kubernetes.io/instance=jenkins” -o jsonpath=”{.items[0].metadata.name}”)

both worked:
lynx http://10.166.32.242:8080/login
lynx http://10.105.174.214:8080/login

want this to work:
lynx http://10.11.169.251/login

we need to create a load balancer with an annotation to match the jenkins pod
helm -n jenkins delete jenkins
k delete -f jenkins-persistent-volume.yaml
k create -f jenkins-persistent-volume.yaml
helm install jenkins -n jenkins -f jenkins-values.yaml jenkinsci/jenkins

k delete -f jenkins-service-ui.yaml
k apply -f jenkins-service-ui.yaml

Continue reading “jenkins”

apcupsd

multiple ups devices
https://wiki.debian.org/apcupsd

root@a6:/etc/apcupsd# lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 002: ID 046d:c31c Logitech, Inc. Keyboard K120
Bus 001 Device 005: ID 051d:0002 American Power Conversion Uninterruptible Power Supply
Bus 001 Device 004: ID 051d:0002 American Power Conversion Uninterruptible Power Supply
Bus 001 Device 003: ID 046d:c077 Logitech, Inc. M105 Optical Mouse
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

root@a6:/etc/apcupsd# udevadm info –attribute-walk –name=/dev/usb/hiddev0 | egrep ‘manufacturer|product|serial’
ATTRS{manufacturer}==”American Power Conversion”
ATTRS{product}==”Back-UPS ES 600M1 FW:928.a8 .D USB FW:a8 ”
ATTRS{serial}==”4B1903P08928 ”
ATTRS{serial}==”0000:00:14.0″
ATTRS{product}==”xHCI Host Controller”
ATTRS{manufacturer}==”Linux 4.19.0-12-amd64 xhci-hcd”
root@a6:/etc/apcupsd# udevadm info –attribute-walk –name=/dev/usb/hiddev1 | egrep ‘manufacturer|product|serial’
ATTRS{manufacturer}==”American Power Conversion”
ATTRS{product}==”Back-UPS 350 FW: 5.4.D USB FW: c1 ”
ATTRS{serial}==”BB0236018154″
ATTRS{serial}==”0000:00:14.0″
ATTRS{manufacturer}==”Linux 4.19.0-12-amd64 xhci-hcd”
ATTRS{product}==”xHCI Host Controller”

root@a6:/etc/apcupsd# ls -l /dev/usb
total 0
crw——- 1 root root 180, 0 Jan 12 05:50 hiddev0
crw——- 1 root root 180, 1 Jan 12 05:50 hiddev1
lrwxrwxrwx 1 root root 7 Jan 12 05:50 ups-server -> hiddev1
lrwxrwxrwx 1 root root 7 Jan 12 05:50 ups-spare -> hiddev1

Continue reading “apcupsd”