Saturday, February 29, 2020

Automated Renewal of LetsEncrypt Cert on Cisco IOS with Route53


Installed the AWS CLI
apt-get install python3-pip
Ubunutu 16.x needs this as there is a bug in the package above
pip3 install awscli --upgrade 
I used this script as the base for the AWS Route 53 Zone update and Certificate request

https://github.com/jed/certbot-route53

Create a public key for the "automation" user:

root@control:/usr/local/scripts# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): /usr/local/scripts/cisco-automation.key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /usr/local/scripts/cisco-automation.key.
Your public key has been saved in /usr/local/scripts/cisco-automation.key.pub.
The key fingerprint is:
The key's randomart image is:
Add the public key to the router:
ip ssh pubkey-chain
username automation
key-string
(paste in your pub key max 254 characters per line, so you will need to split it)
exit
exit
exit
exit
wr
copy the keys into the id_rsa and ird_rsa.pub file of the user that will run the script
cat cisco-automation.key > /root/.ssh/id_rsacat cisco-automation.key.pub > /root/.ssh/id_rsa.pub 









emonCMS

Ubuntu 18.04 LTS

EmonScripts/readme.md at master · openenergymonitor/EmonScripts · GitHub

echo $USER' ALL=(ALL) NOPASSWD: ALL' | sudo tee /etc/sudoers.d/$USER && sudo chmod 0440 /etc/sudoers.d/$USER


wget https://raw.githubusercontent.com/openenergymonitor/EmonScripts/stable/install/init.sh
chmod +x init.sh && ./init.sh


settings.ini in /var/www/emoncms/.

cd /opt/openenergymonitor/EmonScripts/install/
nano config.ini

Standard Setup Filepaths

Install location for code from OpenEnergyMonitor GitHub repository such as EmonScripts /opt/openenergymonitor
Install location for modules symlinked to www /opt/emoncms
Main code location /var/www/emoncms
Log file location /var/log/emoncms
Data directory /var/opt/emoncms

Wednesday, November 27, 2019

Cert notes

chown root:certs /etc/pki/tls/certs/localhost.crt
chown root:certs /etc/pki/tls/private/localhost.key
chmod g+rwx /etc/pki/tls/certs/localhost.crt
chmod g+rwx /etc/pki/tls/private/localhost.key

scp /media/nas-backup/certs/wjw-walkerfamily/fullchain.cer  admin@192.168.1.40:/etc/pki/tls/certs/localhost.crt

scp /media/nas-backup/certs/wjw-walkerfamily/wjw.nz.key admin@192.168.1.40:/etc/pki/tls/private/localhost.key

Observium Application Monitoring Agent Install


yum install xinetd
scp   root@zeus:/opt/observium/scripts/observium_agent_xinetd /etc/xinetd.d/observium_agent_xinetd
service xinetd restart
scp  root@zeus:/opt/observium/scripts/observium_agent /usr/bin/observium_agent
mkdir -p /usr/lib/observium_agent
mkdir -p /usr/lib/observium_agent/local

cp /media/nas-backup/observium_agent/scripts-available/mysql* /usr/lib/observium_agent/local
cp /media/nas-backup/observium_agent/scripts-available/exim* /usr/lib/observium_agent/local
cp /media/nas-backup/observium_agent/scripts-available/postfix* /usr/lib/observium_agent/local
cp /media/nas-backup/observium_agent/scripts-available/vmwaretools /usr/lib/observium_agent/local

chmod +x /usr/bin/observium_agent

Monday, November 18, 2019

Setting up AutoDiscover for Windows Mail with imap


mkdir /var/www/html/autodiscover

nano autodiscover.xml

<?xml version="1.0" encoding="utf-8" ?>
<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
<Account>
  <AccountType>email</AccountType>
  <Action>settings</Action>
  <Protocol>
    <Type>IMAP</Type>
    <Server>mx1.wjw.nz</Server> <!--IP Addr or DNS name of server-->
    <Port>993</Port>
    <DomainRequired>on</DomainRequired>
    <SPA>off</SPA>
    <SSL>on</SSL>
    <AuthRequired>on</AuthRequired> <!-- Optional: Is Authentication required? -->
    <UsePOPAuth>on</UsePOPAuth>
    <SMTPLast>off</SMTPLast>
  </Protocol>
  <Protocol>
    <Type>SMTP</Type>
    <!--<TTL>%TTL%</TTL>-->
    <Server>mx1.wjw.nz</Server>
    <Port>25</Port>
    <DomainRequired>on</DomainRequired>
    <SPA>off</SPA>
    <SSL>on</SSL>
    <AuthRequired>on</AuthRequired>
    <UsePOPAuth>on</UsePOPAuth>
    <SMTPLast>off</SMTPLast>
  </Protocol>
</Account>
</Response>
</Autodiscover>

Letsencrypt with Zonomi

Setup acme.sh

  • git clone https://github.com/Neilpang/acme.sh.git
  • cd ./acme.sh/
  • ./acme.sh --install
  • export ZM_Key="zonomi API Key"
  • acme.sh --issue -d wjw.nz -d *.wjw.nz -d walkerfamily.kiwi -d *.walkerfamily.kiwi --dns dns_zonomi


To fix cert error with curl:
  • wget http://curl.haxx.se/ca/cacert.pem
  • mv cacert.pem /etc/ssl/certs/
  • nano /etc/php/7.0/cli/php.ini 
  • add "curl.cainfo ="/etc/ssl/certs/cacert.pem" under "[curl]"

Wednesday, September 4, 2019

VMware - Increasing Disk sizes in Linux

http://echenh.blogspot.co.nz/2010/04/how-to-extend-lvm-on-vmware-guest-os.html
http://conrey.org/2011/05/18/lvm-and-vmware-linux-guests-just-do-it/

1. Increase Disk Size
2. Create Partition for used space using cfdisk / Primary Disk
3. pvcreate /dev/sda3
4. vgextend vg_vmlinuxcentos6 /dev/sda3
5. lvextend -l +100%FREE /dev/vg_vmlinuxcentos6/lv_root
6. lvdisplay
7. resize2fs /dev/vg_vmlinuxcentos6/lv_root