Technical
For IT related stuff
- Windows
- Windows 10 Pro upgrade from Home
- Azure AD Connect
- Windows Server Activation
- RDPWrap - Windows Remote Desktop Wrapper
- Docker
- Restart Policies
- WatchTower
- Insecure Registries
- Operating Folder
- Prune unused objects
- Troubleshooting
- aliases
- Using Docker for temp app usage
- Misc Apps
- Zerotier Openvz zt0 issue
- EdgeRouter Conditional Forwarding Hostnames
- Market
- Octoprint
- FileBot
- Usenet
- Linux
- Samba Client CIFS
- Debian Update Release Distro
- Bash Scripting Techniques
- Swap
- Useradd
- XFS format
- Disable Colour profile
- Qradar CE license issue
- Netboot
- Proxmox
- tun enabled for lxc
- Hostname Naming Format
- Resource Pages
- ZFS container mount
- MergerFS and Snapraid
- System migration
- fstab settings
- Auth Apps
- Pihole LXC
- Restart hosts if down
- iGPU Passthrough
- Mac OS
Windows
Windows related tips
Windows 10 Pro upgrade from Home
Below key should provide several days activation and upgrade to Pro from Home edition
8DVY4-NV2MW-3CGTG-XCBDB-2PQFM
Azure AD Connect
https://www.microsoft.com/en-us/download/details.aspx?id=47594
Windows Server Activation
Windows Server 2019 Eval will shut off in 4 hours when trial expires.
DISM /online /Set-Edition:ServerStandard /ProductKey:XXXX /AcceptEula
DISM /online /Set-Edition:ServerDatacenter /ProductKey:XXXX /AcceptEula
RDPWrap - Windows Remote Desktop Wrapper
Most active to date: https://github.com/sebaxakerhtc/rdpwrap
Config file update: https://github.com/sebaxakerhtc/rdpwrap.ini
Updating busy config ini file:
net stop termService
Replace file in C:\Program Files\RDP Wrapper
net start termService
Docker
Restart Policies
Use a restart policy
To configure the restart policy for a container, use the --restart flag when using the docker run command. The value of the --restart
flag can be any of the following:
Flag | Description |
---|---|
no |
Do not automatically restart the container. (the default) |
on-failure |
Restart the container if it exits due to an error, which manifests as a non-zero exit code. |
always |
Always restart the container if it stops. If it is manually stopped, it is restarted only when Docker daemon restarts or the container itself is manually restarted. (See the second bullet listed in restart policy details) |
unless-stopped |
Similar to always, except that when the container is stopped (manually or otherwise), it is not restarted even after Docker daemon restarts. |
WatchTower
https://containrrr.github.io/watchtower/
With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry. Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially.
version: "3"
services:
watchtower.service:
container_name: watchtower.service
image: containrrr/watchtower:latest
environment:
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_SCHEDULE="0 4 * * 2 *"
- WATCHTOWER_TIMEOUT=30s
logging:
options:
max-size: "200k"
max-file: "10"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /root/.docker/config.json:/config.json
Insecure Registries
in /etc/docker/daemon.json add this (don't forget comma after existing lines)
"insecure-registries":["192.168.10.110:5000"]
Operating Folder
In /etc/docker/daemon.js (don't forget to comma after existing lines)
"data-root": "/data/docker"
Prune unused objects
Prune images and containers
https://docs.docker.com/config/pruning/
Prune images
The docker image prune command allows you to clean up unused images. By default, docker image prune only cleans up dangling images. A dangling image is one that is not tagged and is not referenced by any container. To remove dangling images:
$ docker image prune
WARNING! This will remove all dangling images.
Are you sure you want to continue? [y/N] y
To remove all images which are not used by existing containers, use the -a flag:
$ docker image prune -a
WARNING! This will remove all images without at least one container associated to them.
Are you sure you want to continue? [y/N] y
By default, you are prompted to continue. To bypass the prompt, use the -f or --force flag.
You can limit which images are pruned using filtering expressions with the --filter flag. For example, to only consider images created more than 24 hours ago:
$ docker image prune -a --filter "until=24h"
Other filtering expressions are available. See the docker image prune reference for more examples.
Prune containers
When you stop a container, it is not automatically removed unless you started it with the --rm flag. To see all containers on the Docker host, including stopped containers, use docker ps -a. You may be surprised how many containers exist, especially on a development system! A stopped container?s writable layers still take up disk space. To clean this up, you can use the docker container prune command.
$ docker container prune
WARNING! This will remove all stopped containers.
Are you sure you want to continue? [y/N] y
By default, you are prompted to continue. To bypass the prompt, use the -f
or --force
flag.
By default, all stopped containers are removed. You can limit the scope using the --filter
flag. For instance, the following command only removes stopped containers older than 24 hours:
$ docker container prune --filter "until=24h"
Other filtering expressions are available. See the docker container prune reference for more examples.
Prune volumes
Volumes can be used by one or more containers, and take up space on the Docker host. Volumes are never removed automatically, because to do so could destroy data.
$ docker volume prune
WARNING! This will remove all volumes not used by at least one container.
Are you sure you want to continue? [y/N] y
By default, you are prompted to continue. To bypass the prompt, use the -f
or --force
flag.
By default, all unused volumes are removed. You can limit the scope using the --filter
flag. For instance, the following command only removes volumes which are not labelled with the keep label:
$ docker volume prune --filter "label!=keep"
Other filtering expressions are available. See the docker volume prune reference for more examples.
Prune networks
Docker networks don?t take up much disk space, but they do create iptables rules, bridge network devices, and routing table entries. To clean these things up, you can use docker network prune to clean up networks which aren?t used by any containers.
$ docker network prune
WARNING! This will remove all networks not used by at least one container.
Are you sure you want to continue? [y/N] y
By default, you are prompted to continue. To bypass the prompt, use the -f
or --force
flag.
By default, all unused networks are removed. You can limit the scope using the --filter
flag. For instance, the following command only removes networks older than 24 hours:
$ docker network prune --filter "until=24h"
Other filtering expressions are available. See the docker network prune reference for more examples.
Troubleshooting
https://bobcares.com/blog/iptables-no-chain-target-match-by-that-name-docker/
Our customers often approach us with this error. Firstly, we check if the firewall service status using
systemctl restart iptables.service
If the service is down we restart the service.
Then, we check the iptables rules using the command
iptables -L
The docker firewall rules were missing thus it shows the error.
To resolve the error our Support Engineers restart the docker service. For instance, to restart the docker we use the command,
service docker restart
While restarting the Docker, it automatically creates the firewall rules. And we ensure to enable the firewall before restarting the docker.```
aliases
alias dcud="docker-compose up -d"
alias dcd="docker-compose down"
alias dcp="docker-compose pull"
alias dclf="docker-compose logs -f"
alias glances="docker run --rm --name=glances -v /var/run/docker.sock:/var/run/docker.sock:ro --pid host --network host -it nicolargo/glances:latest-full"
alias ctop="docker run --rm -ti --name=ctop --volume /var/run/docker.sock:/var/run/docker.sock:ro quay.io/vektorlab/ctop:latest"
pull, down, up
pdu() { dcp dcd dcud }
down, up
downup() { dcd dcud }
Using Docker for temp app usage
docker run -it --rm -v .:/tmp -w /tmp node /usr/local/bin/npm install
Misc Apps
Zerotier Openvz zt0 issue
Apparently the issue was a "rights issue"; adding the -U option as described down below fixed it.
chmod 0666 /dev/net/tun
/lib/systemd/system/zerotier-one.service:
[Unit]
Description=ZeroTier One
After=network.target
[Service]
ExecStart=/usr/sbin/zerotier-one -U
Restart=always
KillMode=process
[Install]
`WantedBy=multi-user.target``
EdgeRouter Conditional Forwarding Hostnames
Log in to CLI or SSH to Ubiquiti router
configure
set service dhcp-server hostfile-update enable
commit
exit
This will now add names and IP of devices from your DHCP scope to the router's hosts file.
Market
Octoprint
http://192.168.0.114/ 192.168.55.117
Open the the thingiverse/stl file in Cura Slicer
FileBot
Season Padding
Firefly - 01x01 - Serenity
{n.take(120)} - {sxe.pad(2)} - {t.take(122)}
{n.removeAll(/[!?]+$/).take(70)} - {sxe.pad(2)} - {t.take(60)}
{n.removeAll(/[!?]+$/).take(70)} ({airdate.year}) - {sxe.pad(2)} - {t.take(60)}
Usenet
nzbgeek newshosting
Linux
Linux Stuff
Samba Client CIFS
https://www.thomas-krenn.com/en/wiki/Mounting_a_Windows_Share_in_Linux
sudo apt-get install cifs-utils
mount -t cifs //192.168.1.100/freigabe /mnt -o user=testuser
For permanent mount
http://timlehr.com/auto-mount-samba-cifs-shares-via-fstab-on-linux/
- .smb
user=docker
password=pass
domain=madsprite.com
- /etc/fstab
//192.168.0.5/media /fileserver/media cifs uid=1000,gid=1000,credentials=/root/.smb,_netdev,iocharset=utf8,vers=3.0,noperm,nofail,noauto,x-systemd.automount,x-systemd.idle-timeout=120 0 0
x-systemd.automount provides autoconnect features upon filesystem calls.
/etc/systemd/system/mnt-media.mount
[Unit]
Description=CIFS Share for Video Files
Requires=network-online.target
After=network-online.service
[Mount]
What=//192.168.0.10/media
Where=/mnt/media
Options=uid=1000,gid=1000,credentials=/root/.smb,_netdev,iocharset=utf8,vers=3.0,noperm,nofail,noauto,x-systemd.automount,x-systemd.idle-timeout=120 0 0
Type=cifs
[Install]
WantedBy=multi-user.target
Debian Update Release Distro
update to the next distro stretch buster
apt update && apt upgrade -y && sed -i 's/stretch/buster/g' /etc/apt/*.list && sed -i 's/stretch/buster/g' /etc/apt/sources.list.d/*.list
apt update && apt upgrade -y && apt dist-upgrade -y && apt autoremove -y && hostnamectl
Bash Scripting Techniques
cat multiline
cat <<EOF > /etc/apt/sources.list
deb http://http.kali.org/kali kali-rolling main non-free contrib
# deb-src http://http.kali.org/kali kali-rolling main non-free contrib
EOF
Swap
sudo fallocate -l 2G /swapfile && sudo chmod 600 /swapfile && sudo mkswap /swapfile && sudo swapon /swapfile && free -h
sudo cp /etc/fstab /etc/fstab.bak && \
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
sysctl vm.swappiness=10 && \
sysctl vm.vfs_cache_pressure=50 && \
echo 'vm.swappiness=10' | sudo tee -a /etc/sysctl.conf && \
echo 'vm.vfs_cache_pressure=50' | sudo tee -a /etc/sysctl.conf
Useradd
useradd -m -s /bin/bash -d /home/madsprite -c "MadSprite" madsprite
passwd madsprite
usermod -G sudo madsprite
XFS format
mkfs.xfs -f /dev/sdf
mkdir /disk6
mount -t xfs /dev/sdf /disk6
echo "/dev/sdf /disk6 xfs defaults 0 0" >> /etc/fstab
"UUID=acb421fe-e4dc-4081-9cf3-48c6f80077b0 /disk12 xfs defaults,nofail,x-systemd.device-timeout=20 0 0"
blkid
Disable Colour profile
cd /usr/share/polkit-1/actions/
cp -a org.freedesktop.color.policy org.freedesktop.color.policy.orig
sed -e 's|>auth_admin<|>no<|g' org.freedesktop.color.policy.orig > org.freedesktop.color.policy
Qradar CE license issue
https://www.ibm.com/support/pages/node/6395080
Netboot
apt update;
apt install ipxe;
wget 'https://boot.netboot.xyz/ipxe/netboot.xyz.lkrn' -O /boot/ipxe.lkrn
Proxmox
promox tings
tun enabled for lxc
/etc/pve/lxc/###.conf
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.hook.autodev: sh -c "modprobe tun; cd ${LXC_ROOTFS_MOUNT}/dev; mkdir net; mknod net/tun c 10 200; chmod 0666 net/tun"
Hostname Naming Format
[hosting provider acronym][u-unix,m-windows + d-windows desktop][# iteration].madsprite.com
ie. cacm2.madsprite.com
Resource Pages
Windows Best Practices VM
https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers
Shrink Qcow2 filesystems
https://pve.proxmox.com/wiki/Shrink_Qcow2_Disk_Files
ZFS container mount
pct shutdown 100
pct status 100
pct set 100 -mp0 /storage/share/downloads,mp=/home/user/torrents/downloads
;Use ro=1 Or for a read-only mount point.
pct set 100 -mp1 /storage/share/junk,mp=/home/user/junk,ro=1
;Mount the iso one randomly.
pct set 100 -mp2 /storage/share/iso,mp=/home/usr/iso,ro=1
https://forum.level1techs.com/t/how-to-create-a-nas-using-zfs-and-proxmox-with-pictures/117375
MergerFS and Snapraid
https://www.linuxserver.io/blog/2017-06-24-the-perfect-media-server-2017
mergerfs in /etc/fstab
/snapdisk* /snapMedia fuse.mergerfs direct_io,x-systemd.device-timeout=20,defaults,allow_other,minfreespace=50G,fsname=mergerfs,category.create=mfs 0 0
/etc/snapraid.conf
# Example configuration for snapraid
# Defines the file to use as parity storage
# It must NOT be in a data disk
# Format: "parity FILE_PATH"
parity /snapparity14/snapraid.parity
# Defines the files to use as content list
# You can use multiple specification to store more copies
# You must have least one copy for each parity file plus one. Some more don't hurt
# They can be in the disks used for data, parity or boot,
# but each file must be in a different disk
# Format: "content FILE_PATH"
content /var/snapraid.content
content /snapdisk15/.snapraid.content
content /snapdisk12/.snapraid.content
# Defines the data disks to use
# The order is relevant for parity, do not change it
# Format: "disk DISK_NAME DISK_MOUNT_POINT"
disk ata-WDC_WD161KRYZ-01AGBB0_2BJNHUGN /snapdisk15
disk ata-WDC_WD140EDGZ-11B1PA0_Y6GW3NUC /snapdisk12
disk ata-WDC_WD120EDBZ-11B1HA0_5QHY9WUB /snapdisk13
#disk ata-WDC_WD120EDAZ-11F3RA0_5PHWPLGF /snapdisk11
# Excludes hidden files and directories (uncomment to enable).
#nohidden
# Defines files and directories to exclude
# Remember that all the paths are relative at the mount points
# Format: "exclude FILE"
# Format: "exclude DIR/"
# Format: "exclude /PATH/FILE"
# Format: "exclude /PATH/DIR/"
exclude *.unrecoverable
exclude /tmp/
exclude /lost+found/
exclude downloads/
exclude appdata/
exclude snapshots/
exclude *.!sync
exclude .AppleDouble
exclude ._AppleDouble
exclude .DS_Store
exclude ._.DS_Store
exclude .Thumbs.db
exclude .fseventsd
exclude .Spotlight-V100
exclude .TemporaryItems
exclude .Trashes
exclude .AppleDB
https://stackoverflow.com/questions/24966676/transport-endpoint-is-not-connected
fusermount -uz /snapMedia
mount /snapMedia
System migration
virt-sysprep
fstab settings
# <file system> <mount point> <type> <options> <dump> <pass>
/dev/pve/root / ext4 errors=remount-ro 0 1
UUID=D5D7-302D /boot/efi vfat defaults 0 1
/dev/pve/swap none swap sw 0 0
proc /proc proc defaults 0 0
/dev/disk/by-id/ata-ST33000651NS_XXXXXXXX /disk2 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/dev/disk/by-id/ata-Hitachi_HUS724030ALE641_XXXXXXXX /disk3 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/dev/disk/by-id/ata-ADATA_SU800_2J18XXXXXXXX /disk4 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/dev/disk/by-id/ata-TEAML5Lite3D480G_AC20180730XXXXXXXX /disk5 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
#UUID=998d9a5f-8a92-4f0e-9351-692bc0273a78 /disk6 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 # moved to BlueBox
/dev/disk/by-id/ata-Hitachi_HUS724030ALE641_XXXXXXXX /disk7 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
#UUID=b4b0045f-5e99-4179-b120-77d5f3e5ab0d /disk8 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/dev/disk/by-id/ata-Samsung_SSD_860_EVO_500GB_S598NEXXXXXXXX /disk9 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
#UUID=c08875cb-7f36-4b59-b309-3d69c1c8046b /disk10 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
#ata-WDC_WD120EDAZ-11F3RA0_XXXXXXXX /disk11 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
#ata-WDC_WD140EDGZ-11B1PA0_XXXXXXXX /disk12 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 # retired to mergerfs
/dev/disk/by-id/ata-WDC_WD120EDAZ-11F3RA0_XXXXXXXX /snapdisk11 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/dev/disk/by-id/ata-WDC_WD140EDGZ-11B1PA0_XXXXXXXX /snapdisk12 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #sdk cable-A WD140EDGZ-11
/dev/disk/by-id/ata-WDC_WD120EDBZ-11B1HA0_XXXXXXXX /snapdisk13 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/dev/disk/by-id/ata-WDC_WD161KRYZ-01AGBB0_XXXXXXXX /snapparity14 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 # parity
/dev/disk/by-id/ata-WDC_WD161KRYZ-01AGBB0_XXXXXXXX /snapdisk15 xfs defaults,nofail,x-systemd.device-timeout=20 0 0
/snapdisk* /snapMedia fuse.mergerfs direct_io,x-systemd.device-timeout=20,defaults,allow_other,minfreespace=50G,fsname=mergerfs,category.create=mfs 0 0
/dev/zram0 none swap defaults,pri=10 0 0
# zfsStorage ata-TEAM_T253TD480G_AC20191128A0100129 ata-TEAM_T253TD480G_AC20191128A0101307 ata-WDC_WDS250G2B0A-00SM50_174420422522
https://askubuntu.com/questions/1210867/remount-cifs-on-network-reconnect
Auth Apps
https://github.com/nitnelave/lldap
https://www.pomerium.com/
Pihole LXC
Required:
lxc config set {container-name} security.nesting true.
Restart hosts if down
crontab -e
*/5 * * * * pct start 100 >/dev/null #container restart
*/5 * * * * qm start 100 > /dev/null #KVM restart
iGPU Passthrough
https://www.derekseaman.com/2023/11/proxmox-ve-8-1-windows-11-vgpu-vt-d-passthrough-with-intel-alder-lake.html
Mac OS
Mac OS technical
Recovery
NVRAM reset: Command+Alt(fn)+p+r
Recovery: Command+Option+r
Tool to burn installer.dmg files to USB on Windows https://www.acutesystems.com/scrtm.htm