This article describes using Kickstart to automate the CentOS installer and virt-install to automate the creation of a VM.
The following setup is assumed:
- There is a libvirt hypervisor called virthost.
- ssh to virthost as „root“ is possible.
CentOS/8 Stream on libvirt/KVM with Kickstart and virt-install
22. Januar 2023 in Administration, GNU/Linux, Technik.
WordPress-Plugin to Embed Gitlab Project Information
1. Januar 2022 in Programmierung, Technik.
For my personal use, i wrote a small WordPress plugin that allows me to embed a link to a Gitlab repository, a list of commits and a link to the releases of that project in a WP post.
Example (linebreaks added to shortcode for readability):
[gitlab-show-project
url="https://tk-sls.de/gitlab"
project_id=43
max=3
author="none"
releases="latest"]
Output:
Project information not readable.Interactive nftables Ruleset Editor
11. Januar 2024 in Administration, GNU/Linux, Technik.
I wrote a simple shell tool to interactively edit the current nftables ruleset using a terminal-based text editor (respecting environment variable EDITOR and defaulting to vim).
For testing purposes, it can optionally revert the changes after a timeout specified in seconds (option --timeout SECONDS, requires systemd-run).
Other WaysGRE Setup for Bacula on a Mobile Client
9. November 2024 in Administration, GNU/Linux, Technik.
The way Bacula works is:
- A backup client runs a TCP server process bacula-fd, waiting for a backup server process bacula-dir to connect and perform backup and restore jobs.
- There is a simple authentication mechanism, where bacula-dir presents a shared secret to bacula-fd to be granted access.
Opening the bacula-fd TCP server on an exposed network interface may be fine for static backup clients with dedicated storage networking towards the backup server, but on a mobile computer bacula-fd should be reachable by bacula-dir only if the computer is connected by Ethernet to the home network. Specifically, the TCP server port of bacula-fd should not be exposed on the Ethernet NIC.
To implement this, i have defined a GRE tunnel between mobile backup client and home network backup server.
Create or Append a debian/changelog Entry
31. Oktober 2021 in Administration, GNU/Linux, Programmierung, Technik.
Since i always have to look this up, everytime i need it, i write it down once, as „note to self“!
NAME="John Smith" EMAIL=j.smith@example.org \
dch --create \
--package my-package \
--newversion 0.1 \
"Initial release"
And that’s it! 🙂
Generate Certificate Signing Requests (CSRs) for TLS Server Certificates
28. November 2021 in Administration, GNU/Linux, Technik.
Overview
In this article, a procedure is described to generate multiple certificate signing requests (CSR) for TLS servers, such as SMTP-, IMAP- or HTTP-servers, so that we can submit them to a Certificate Authority (CA). The CA will eventually perform the signature and return a public certificate to us.
A Shell and the software OpenSSL should be available.
The subject organization (the entity the request is for) is assumed to be the same on every request, and the subject alternative names are assumed to follow the same pattern (the DNS name of some service plus a „www.“ DNS alias for that service).
The procedure can easily be expanded to make more request information configurable and allow, for example, processing a CSV file into a set of requests.