Category: Uncategorized

TODO: cleanup dirs /etc/dovecot

systemctl status dovecot
systemctl restart dovecot

/etc/dovecot/private/fullchain.pem
/etc/dovecot/private/privkey.pem

openssl x509 -in /etc/letsencrypt/archive/imap.homlish.net -text

cp /etc/letsencrypt/live/imap.homlish.net/fullchain.pem /etc/dovecot/private/
cp /etc/letsencrypt/live/imap.homlish.net/privkey.pem /etc/dovecot/private/

redis-cli -h redis.homlish.net -p 6379 –user jukeboxLocal –pass ****

databases
1 jukebox prod
2 jukebox dev/local

https://www.cyberciti.biz/faq/debian-ubuntu-restricting-ssh-user-session-to-a-directory-chrooted-jail/

Goal:
Allow users (fullstack, tom, jerry) to grab guestworkervisas data
Allow a user (guestworkervisas) to put guestworkervisas data
to/from /usr4/guestworkervisas/

To test:
sftp -P 2222 fullstack@a0
sftp -P 2222 guestworkervisas @a0
sftp -P 2222 tom@a0

To add a new user:

D=/home/jails
U=fullstack
U=tom
U=guestworkervisas

useradd $u
ls $D/home/$U/guestworkervisas
mkdir -p $D/home/$U/guestworkervisas
mount –bind /usr4/guestworkervisas $D/home/$U/guestworkervisas

# mount –bind /home/httpd/tom_web $D/home/tom/web
## update fstab file so that it can mount after server reboot ##
# echo “/home/httpd/tom_web/ $D/home/tom/web none bind”
# /source /destination none defaults,bind 0 0
echo “/usr4/guestworkervisas /home/jails/home/$U/guestworkervisas none bind” >> /etc/fstab

Warning: if you add or delete or made any changes to the user or password in /etc/passwd file, recopy /etc/{passwd,group} files again by running the following two commands:
D=/home/jails
cp -vf /etc/{passwd,group} $D/etc/

edit /etc/ssh/sshd_config
add
Match User tom,jerry,fullstack,guestworkervisas,NEWUSER
systemctl restart ssh.service

/etc/passwd
vmail:x:1013:1014::/home/vmail:/bin/sh
guestworkervisas:x:1014:1015::/usr4/guestworkervisas:/bin/sh
fullstack:x:1016:1015:David,,,:/home/fullstack:/bin/bash
tom:x:1017:1017:,,,:/home/tom:/bin/bash
jerry:x:1018:1018:,,,:/home/jerry:/bin/bash
fullstack:x:1019:1019:David,,,:/home/fullstack:/bin/bash
guestworkervisas:x:1020:1020::/usr4/guestworkervisas:/bin/sh

/etc/group
vmail:x:1014:
guestworkervisas:x:1015:
jail:x:1016:
tom:x:1017:
jerry:x:1018:
fullstack:x:1019:
guestworkervisas:x:1020:

sftp -P 2222 guestworkervisas@a0
sftp -P 2222 fullstack@a0

Continue reading “chroot”

go mod init homlish.net/bacups-go

go mod tidy

 

 

using for wp

 

Why are my pods dying?

pods that die:
homlishWeb
jukebox
weather

pods that don't die:
hcr
prometheus & grafana
nginx

Internets seems to blame the logs. My logs seem to indicate a volume mount issue, possibly NFS?

phomlish@a6:~/kubernetes/dashboard$ find /etc/kubernetes/pki/ -type f -name “*.crt” -print|egrep -v ‘ca.crt$’|xargs -L 1 -t -i bash -c ‘openssl x509 -noout -text -in {}|grep After’
xargs: warning: options –max-lines and –replace/-I/-i are mutually exclusive, ignoring previous –max-lines value
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/apiserver-etcd-client.crt|grep After’
Not After : Sep 6 11:43:38 2024 GMT
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/apiserver-kubelet-client.crt|grep After’
Not After : Sep 6 11:43:37 2024 GMT
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/front-proxy-client.crt|grep After’
Not After : Sep 6 11:43:38 2024 GMT
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/etcd/peer.crt|grep After’
Not After : Sep 6 11:43:38 2024 GMT
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/etcd/server.crt|grep After’
Not After : Sep 6 11:43:38 2024 GMT
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/etcd/healthcheck-client.crt|grep After’
Not After : Sep 6 11:43:38 2024 GMT
bash -c ‘openssl x509 -noout -text -in /etc/kubernetes/pki/apiserver.crt|grep After’
Not After : Sep 6 11:43:37 2024 GMT
phomlish@a6:~/kubernetes/dashboard$

as root:
cd /etc/kubernetes/
mv {admin.conf,controller-manager.conf,kubelet.conf,scheduler.conf} ~/
kubeadm init phase kubeconfig all
reboot

as phomlish:
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

 

phomlish@a6:~/kubernetes/dashboard$ ./genK8sToken.sh
error: failed to create token: Unauthorized

 

/usr/local/apache2/conf/mythweb.conf
setenv “/nfs/a2/droot//usr/local/lib/mythtv/mythweb-fixes-33

on mac
phomlish@i9w 61 % sudo tcpdump –list-interfaces
1.en0 [Up, Running, Wireless, Associated]
2.awdl0 [Up, Running, Wireless, Associated]
3.llw0 [Up, Running, Wireless, Not associated]
4.utun0 [Up, Running]
5.utun1 [Up, Running]
6.utun2 [Up, Running]
7.lo0 [Up, Running, Loopback]
8.en3 [Up, Running, Disconnected]
9.en4 [Up, Running, Disconnected]
10.en1 [Up, Running, Disconnected]
11.en2 [Up, Running, Disconnected]
12.bridge0 [Up, Running, Disconnected]
13.gif0 [none]
14.stf0 [none]
15.XHC1 [none]
16.XHC0 [none]
17.XHC20 [none]
18.VHC128 [none]
19.ap1 [Wireless, Association status unknown]

tcpdump i- en0
tcpdump i- en0

https://www.mythtv.org/wiki/Installing_MythTV_on_Ubuntu

There are two official ways to download MythWeb. You can either download it
as part of the MythPlugins tarball from http://www.mythtv.org/ or you can
grab it directly from a git checkout, as described at
http://code.mythtv.org/trac

lynx https://www.mythtv.org/download/mythweb/33

A good dmesg
[Sat Jul 22 05:11:40 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:40 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a video Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:47 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] xc5000: Firmware dvb-fe-xc5000c-4.1.30.7.fw loaded and running.
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->au8522 13-0047->au0828a vbi Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:11:52 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:22:27 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:22:31 2023] xc5000: Firmware dvb-fe-xc5000c-4.1.30.7.fw loaded and running.
[Sat Jul 22 05:22:31 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:22:31 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:22:31 2023] au0828: Disabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0
[Sat Jul 22 05:22:31 2023] au0828: Enabled Source: Xceive XC5000->Auvitek AU8522 QAM/8VSB Frontend->Auvitek AU8522 QAM/8VSB Frontend Ret 0