temporarily disable kde
systemctl stop display-manager
a6
Plan: let’s get it back up and running, quickly
SCRAPPED, too complicated setting up a new hard drive
make raid partitions for sde
1 1049kB 540MB 539MB fat32 efi boot, esp
2 540MB 2540MB 2000MB ext4 boot
6 2540MB 20.5GB 18.0GB ext4 root
3 20.5GB 40.5GB 20.0GB ext4 var
4 40.5GB 72.5GB 32.0GB ext4 tmp
5 72.5GB 123GB 50.0GB ext4 home
8 123GB 208GB 85.5GB ext4 primary
parted /dev/sde unit s print free
parted -a optimal /dev/sde
print free
# efi
mkpart primary fat32 1MiB 100MiB
set 1 esp on
# boot
mkpart primary ext4 100MiB 300MiB
mdadm –create /dev/md1 –level=1 –raid-devices=2 missing /dev/sde1 –metadata=0.90
mdadm –create /dev/md2 –level=1 –raid-devices=2 missing /dev/sde2 –metadata=0.90
mdadm –create /dev/md3 –level=1 –raid-devices=2 missing /dev/sde3 –metadata=0.90
md126: efi
md127: boot
mdadm –stop /dev/md125
mdadm –stop /dev/md126
mdadm –stop /dev/md127
grub-install –target=x86_64-efi –efi-directory=ESP_MOUNT_PATH –bootloader-id=grub
/boot/efi/EFI/debian/grubx64.efi
grub-install –target=x86_64-efi –efi-directory=/mnt –bootloader-id=grub
grub-install: error: /usr/lib/grub/x86_64-efi/modinfo.sh doesn’t exist. Please specify –target or –directory.
https://wiki.archlinux.org/title/Convert_a_single_drive_system_to_RAID
phomlish@a6:~$ cat /etc/issue
Debian GNU/Linux 10 \n \l
udev 16G 0 16G 0% /dev
tmpfs 3.2G 16M 3.2G 1% /run
/dev/sda6 17G 5.7G 9.9G 37% /
tmpfs 16G 0 16G 0% /dev/shm
tmpfs 5.0M 8.0K 5.0M 1% /run/lock
tmpfs 16G 0 16G 0% /sys/fs/cgroup
tmpfs 4.0G 0 4.0G 0% /ramdisk
/dev/sda2 1.9G 116M 1.6G 7% /boot
/dev/sdb1 2.7T 275G 2.3T 11% /usr4
/dev/md0 916G 197G 673G 23% /usr3
/dev/sda1 513M 132K 513M 1% /boot/efi
/dev/sda5 46G 1.6G 42G 4% /home
/dev/sda8 78G 752M 74G 1% /usr2
/dev/sda3 19G 13G 5.0G 72% /var
/dev/sda4 30G 45M 28G 1% /tmp
tmpfs 3.2G 4.0K 3.2G 1% /run/user/113
hdparm -I /dev/sda
root@a6:~# parted /dev/sda
GNU Parted 3.2
Using /dev/sda
Welcome to GNU Parted! Type ‘help’ to view a list of commands.
(parted) print
Model: ATA KINGSTON SA400S3 (scsi)
Disk /dev/sda: 240GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt
Disk Flags:
Number Start End Size File system Name Flags
1 1049kB 540MB 539MB fat32 efi boot, esp
2 540MB 2540MB 2000MB ext4 boot
6 2540MB 20.5GB 18.0GB ext4 root
3 20.5GB 40.5GB 20.0GB ext4 var
4 40.5GB 72.5GB 32.0GB ext4 tmp
5 72.5GB 123GB 50.0GB ext4 home
8 123GB 208GB 85.5GB ext4 primary
root@a6:~# parted /dev/sde
GNU Parted 3.2
Using /dev/sde
Welcome to GNU Parted! Type ‘help’ to view a list of commands.
(parted) print
Model: ATA SATA SSD (scsi)
Disk /dev/sde: 120GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:
Number Start End Size Type File system Flags
2 1049kB 20.0GB 20.0GB primary ext4 boot
3 20.0GB 40.0GB 20.0GB primary
4 40.0GB 95.0GB 55.0GB extended
5 40.0GB 55.0GB 15.0GB logical ext4
6 55.0GB 75.0GB 20.0GB logical ext4
7 75.0GB 95.0GB 20.0GB logical ext4
1 112GB 120GB 8000MB primary linux-swap(v1)
root@a6:~# cat /proc/mdstat
Personalities : [raid1] [linear] [multipath] [raid0] [raid6] [raid5] [raid4] [raid10]
md0 : active raid1 sdc1[0] sdd1[1]
976629760 blocks super 1.2 [2/2] [UU]
bitmap: 0/8 pages [0KB], 65536KB chunk
unused devices:
parted /dev/sdg unit s print free
parted /dev/sdg mklabel gpt
parted -a optimal /dev/sdg mkpart primary 0% 100%
restore linux OS from backup
mariaDB
2022-02-03
The problem: latest java required TLS 1.2
Solution 1: edit java config to allow TLS1.1
issue: everytime we update java we would need to fix the java config
Solution 2: roll my own
failed miserably
Solution 3: install maridb to kubernetes
kmysql.homlish.net 10.11.168.244
had to connect to the pod to create users
CREATE USER ‘phomlish’@’%’ IDENTIFIED BY ‘****’;
GRANT ALL PRIVILEGES ON * . * TO ‘phomlish’@’%’;
FLUSH PRIVILEGES;
dnla
used by: marantz
dlna
a2:
/usr/sbin/minidlnad
port 8200
DAEMON=/usr/sbin/minidlnad
root@a2:/usr5/videos/mpaa# /usr/sbin/minidlnad -V
Version 1.2.1
https://github.com/nathanaela/minidlna/blob/master/INSTALL.MD
root@a2:~# which minidlnad
/usr/local/sbin/minidlnad
rm /etc/rc0.d/K01minidlna /etc/rc1.d/K01minidlna /etc/rc2.d/S02minidlna /etc/rc3.d/S02minidlna /etc/rc4.d/S02minidlna /etc/rc5.d/S02minidlna /etc/rc6.d/K01minidlna
Technology challenges
string case
timezones
simultanuous unrelated issues
add linux user
initial server install- we started this linux stuff before packages were using the group 101. We like to use that group so NFS shares work without mappings
Fix /etc/groups, move group 101 out of the way
grep 101 /etc/groups
like change systemd-journal:x:101: to systemd-journal:x:128:
groupmod -g 128 systemd-journal
groupadd -g 101 homeuser
add a generic user with a homedir & bash
useradd -m -s /bin/bash sr
add a user with no homedir & no shell
useradd -M -s /dev/null no-reply
add phomlish
useradd -g 101 -u 501 -md /home/phomlish -s /bin/bash phomlish
install certs in .ssh
add phomlish to all groups that have paul
add swarm
groupadd -g 1002 swarm
useradd -g 1002 -u 1002 -m swarm
give sudo
usermod -aG sudo phomlish
for wsl, powershell:
wsl –user phomlish
imagemagick
animate
convert -delay 20 -loop 0 *.png 307.gif
kubernetes nginx
Installing nginx on kubernetes for localnet access (won’t be exposed to the internet)
Goal: TLS for prometheus and grafana
check
phomlish@a6:~/kubernetes/nginx$ pwd
/home/phomlish/kubernetes/nginx
kubernetes dashboard
token
kubectl -n kubernetes-dashboard create token admin-user –duration=0
eyJhbGciOiJSUzI1NiIsImtpZCI6IjA3UXBrR1JYRDdGaHNMZ0pNZHl5UkJ0QmNGeXBVOVlfUHhOS09wTkpQQzQifQ.eyJhdWQiOlsiaHR0cHM6Ly9rdWJlcm5ldGVzLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWwiXSwiZXhwIjoxNjY3Mjk5MDE1LCJpYXQiOjE2NjcyOTU0MTUsImlzcyI6Imh0dHBzOi8va3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsIiwia3ViZXJuZXRlcy5pbyI6eyJuYW1lc3BhY2UiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsInNlcnZpY2VhY2NvdW50Ijp7Im5hbWUiOiJhZG1pbi11c2VyIiwidWlkIjoiM2U4OTQzNTUtMzFjNi00M2VlLTg5YTAtZTQxMzM2NWViMzMyIn19LCJuYmYiOjE2NjcyOTU0MTUsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlcm5ldGVzLWRhc2hib2FyZDphZG1pbi11c2VyIn0.rtra01E-O1CzZpBi1ocoGIETSHAWHgAq77OdZIsiMXhCKyv9bXHKCbqR-4AfGaXzEo_8W0GbHcMa_43BzVQXsrb15jIxTmEK6VgEKHD5a5KUesBd6DxEtx1pzcwgGptyb7uQY0kE_dycI7RAN8khujiFIIg2tZYCg7Vt0Um0ewD6pMy25vwRRj65uc0ROy8Q4fkq-FDnSJAerY5bPQmMC2OSFMmMyU117ZDhRAyHMv53LEy9S2t8iR2tEjBxKjB4lNo_KBjI1jx0EfTn5tIGM6yG15jIMoe3nnxyshN7kH1Fy3ITqpMU1QBWGQyiDRryEp8DuKbEMzDTGFawmE2V_Q
k -n kubernetes-dashboard get sa
NAME SECRETS AGE
admin-user 0 35d
default 0 35d
kubernetes-dashboard 0 35d
k -n kubernetes-dashboard describe sa admin-user
Name: admin-user
Namespace: kubernetes-dashboard
Labels:
Annotations:
Image pull secrets:
Mountable secrets:
Tokens:
Events:
k -n kubernetes-dashboard get secrets
NAME TYPE DATA AGE
kubernetes-dashboard-certs Opaque 5 35d
kubernetes-dashboard-csrf Opaque 1 35d
kubernetes-dashboard-key-holder Opaque 2 35d