№ 11191 В разделе "Sysadmin"
от January 4th, 2021,
В подшивках: Linux, Virtualbox
Add your user to disk group and relogin\reboot.
Next create volume file:
VBoxManage internalcommands createrawvmdk -filename 16Gflash.vmdk -rawdisk /dev/sdf
Add disk and mount to virtual machine
№ 11183 В разделах: Programming
Sysadmin
от January 2nd, 2021,
В подшивках: Docker, Go, Kubernetes, Security, Vault
What if you stored your database credentials in Vault and want to make ENV variables with them for your application at container startup? You can do it for Kubernetes deployments or plain Docker containers with my small program vault-envs.
Add to your Dockerfile additional steps:
Add to your Dockerfile steps:
... ... # add Ubuntu\Debian repo and install vault-envs with fresh certificates RUN curl http://deb.blindage.org/gpg-key.asc | apt-key add - && \ echo "deb http://deb.blindage.org bionic main" | tee /etc/apt/sources.list.d/21h.list && \ apt update RUN apt install -y ca-certificates vault-envs # copy entrypoint script COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"]
Your entrypoint script will look like:
#!/bin/bash ... ... export eval `vault-envs -token "$VAULT_TOKEN" \ -vault-url https://vault.blindage.org \ -vault-path /prod/crm/connection_postgres -envs-prefix "PG_"` export eval `vault-envs -token "$VAULT_TOKEN" \ -vault-url https://vault.blindage.org \ -vault-path /prod/crm/connection_mysql -envs-prefix "MYSQL_"` export eval `vault-envs -token "$VAULT_TOKEN" \ -vault-url https://vault.blindage.org \ -vault-path /prod/crm/connection_api` ... ... exec "$@"
If some vars names is identical they will be overwritten at next vault-envs call, so I used prefix.
Now build image and run
docker run --rm -e VAULT_TOKEN=s.QQmLlqnHnRAEO9eUeoggeK1n crm printenv
and see results at container console:
... VAULT_RETRIEVER=vault-envs PG_DB_PASS=postgres PG_DB_PORT=5432 PG_DB_USER=postgres PG_DB_HOST=db-postgres PG_DB_NAME=crm MYSQL_DB_HOST=mysql.wordpress MYSQL_DB_PASS= MYSQL_DB_PORT=3306 MYSQL_DB_USER=root MYSQL_DB_NAME=wordpress API_HOST=http://crm/api API_TOKEN=giWroufpepfexHyentOnWebBydHojGhokEpAnyibnipNirryesaccasayls4 ...
Wooh! You did it.
№ 11163 В разделах: Electronics
Sysadmin
от December 31st, 2020,
В подшивках: GPG, Linux, Security
Замутил себе GNUK в качестве хранилища ключей для дешифровки писем, бэкапов и прочего хлама, а также ssh авторизации на серверах. Стоит оно всего 140 руб, что гораздо дешевле аналогов за 50 баксов 🙂 На отлично работает под линуксами с GnuPG.
https://wiki.debian.org/GNUK
https://blog.danman.eu/2-usb-crypto-token-for-use-with-gpg-and-ssh/
https://nx3d.org/gnuk-st-link-v2/
Заказал тут https://aliexpress.ru/item/32792925130.html Для прошивки нужен второй такой или любой другой прошивальщик STM32.
№ 11138 В разделе "Sysadmin"
от December 5th, 2020,
В подшивках: Linux, Thunderbird
At first, return back old software source to your repositories:
echo "deb http://security.ubuntu.com/ubuntu focal-security main"| sudo tee /etc/apt/sources.list.d/thunderbird.list sudo apt update
Now check available versions:
$ apt-cache policy thunderbird thunderbird: Installed: 1:68.10.0+build1-0ubuntu0.20.04.1 Candidate: 1:78.5.0+build3-0ubuntu0.20.10.1 Version table: 1:78.5.0+build3-0ubuntu0.20.10.1 500 500 http://ru.archive.ubuntu.com/ubuntu groovy-updates/main amd64 Packages 500 http://security.ubuntu.com/ubuntu groovy-security/main amd64 Packages 1:78.3.2+build1-0ubuntu1 500 500 http://ru.archive.ubuntu.com/ubuntu groovy/main amd64 Packages *** 1:68.10.0+build1-0ubuntu0.20.04.1 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 100 /var/lib/dpkg/status
You see last “1:68.10.0+build1-0ubuntu0.20.04.1”, install it and keep forever.
sudo apt-get install thunderbird=1:68.10.0+build1-0ubuntu0.20.04.1 sudo apt-mark hold thunderbird
Manjaro is a rolling update distro, but you can still install old software versions with some additional tricks.
sudo pacman -S downgrade sudo DOWNGRADE_FROM_ALA=1 downgrade thunderbird
You see last version you want 68 under number 33. Type it and Enter.
In console check version and allow downgrade:
thunderbird --version Thunderbird 68.10.0 thunderbird --allow-downgrade
After this you can continue use your old profile.
№ 11131 В разделе "Sysadmin"
от November 3rd, 2020,
В подшивках: Kubernetes, Nginx
annotations: nginx.ingress.kubernetes.io/configuration-snippet: | if ($request_uri ~* \.(js|css|gif|jpe?g|png|woff|woff2|ico)) { expires 1M; add_header Cache-Control "public"; } nginx.ingress.kubernetes.io/cors-allow-headers: >- DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-CSRF-Token, Authorization nginx.ingress.kubernetes.io/cors-allow-methods: 'GET, PUT, POST, DELETE, PATCH, OPTIONS' nginx.ingress.kubernetes.io/cors-allow-origin: '*' nginx.ingress.kubernetes.io/enable-cors: 'true'
Fortune cookie: A conservative is a man who believes that nothing should be done for the first time. -- Alfred E. Wiggam