# Technical For IT related stuff # Windows Windows related tips # Windows 10 Pro upgrade from Home Below key should provide several days activation and upgrade to Pro from Home edition ``` 8DVY4-NV2MW-3CGTG-XCBDB-2PQFM ``` # Azure AD Connect https://www.microsoft.com/en-us/download/details.aspx?id=47594 # Windows Server Activation Windows Server 2019 Eval will shut off in 4 hours when trial expires. ``` DISM /online /Set-Edition:ServerStandard /ProductKey:XXXX /AcceptEula ``` ``` DISM /online /Set-Edition:ServerDatacenter /ProductKey:XXXX /AcceptEula ``` # RDPWrap - Windows Remote Desktop Wrapper Most active to date: [https://github.com/sebaxakerhtc/rdpwrap](https://github.com/sebaxakerhtc/rdpwrap) Config file update: [https://github.com/sebaxakerhtc/rdpwrap.ini](https://github.com/sebaxakerhtc/rdpwrap.ini) Updating busy config ini file: ```bash net stop termService ``` Replace file in `C:\Program Files\RDP Wrapper` ```bash net start termService ``` # Docker # Restart Policies ## Use a restart policy To configure the restart policy for a container, use the --restart flag when using the docker run command. The value of the ```--restart``` flag can be any of the following: Flag | Description ----- | ----- ```no``` | Do not automatically restart the container. (the default) ```on-failure```| Restart the container if it exits due to an error, which manifests as a non-zero exit code. ```always```| Always restart the container if it stops. If it is manually stopped, it is restarted only when Docker daemon restarts or the container itself is manually restarted. (See the second bullet listed in restart policy details) ```unless-stopped```| Similar to always, except that when the container is stopped (manually or otherwise), it is not restarted even after Docker daemon restarts. # WatchTower [https://containrrr.github.io/watchtower/](https://containrrr.github.io/watchtower/) With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry. Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially. ``` version: "3" services: watchtower.service: container_name: watchtower.service image: containrrr/watchtower:latest environment: - WATCHTOWER_CLEANUP=true - WATCHTOWER_SCHEDULE="0 4 * * 2 *" - WATCHTOWER_TIMEOUT=30s logging: options: max-size: "200k" max-file: "10" volumes: - /var/run/docker.sock:/var/run/docker.sock - /root/.docker/config.json:/config.json ``` # Insecure Registries in /etc/docker/daemon.json add this (don't forget comma after existing lines) ``` "insecure-registries":["192.168.10.110:5000"] ``` # Operating Folder In /etc/docker/daemon.js (don't forget to comma after existing lines) ``` "data-root": "/data/docker" ``` # Prune unused objects ### Prune images and containers [https://docs.docker.com/config/pruning/](https://docs.docker.com/config/pruning/) ### Prune images The docker image prune command allows you to clean up unused images. By default, docker image prune only cleans up dangling images. A dangling image is one that is not tagged and is not referenced by any container. To remove dangling images: ```bash $ docker image prune WARNING! This will remove all dangling images. Are you sure you want to continue? [y/N] y ``` To remove all images which are not used by existing containers, use the -a flag: ```bash $ docker image prune -a WARNING! This will remove all images without at least one container associated to them. Are you sure you want to continue? [y/N] y ``` By default, you are prompted to continue. To bypass the prompt, use the -f or --force flag. You can limit which images are pruned using filtering expressions with the --filter flag. For example, to only consider images created more than 24 hours ago: ```bash $ docker image prune -a --filter "until=24h" ``` Other filtering expressions are available. See the docker image prune reference for more examples. ### Prune containers When you stop a container, it is not automatically removed unless you started it with the --rm flag. To see all containers on the Docker host, including stopped containers, use docker ps -a. You may be surprised how many containers exist, especially on a development system! A stopped container?s writable layers still take up disk space. To clean this up, you can use the docker container prune command. ```bash $ docker container prune WARNING! This will remove all stopped containers. Are you sure you want to continue? [y/N] y ``` By default, you are prompted to continue. To bypass the prompt, use the ```-f``` or ```--force``` flag. By default, all stopped containers are removed. You can limit the scope using the ```--filter``` flag. For instance, the following command only removes stopped containers older than 24 hours: ```bash $ docker container prune --filter "until=24h" ``` Other filtering expressions are available. See the docker container prune reference for more examples. ### Prune volumes Volumes can be used by one or more containers, and take up space on the Docker host. Volumes are never removed automatically, because to do so could destroy data. ```bash $ docker volume prune WARNING! This will remove all volumes not used by at least one container. Are you sure you want to continue? [y/N] y ``` By default, you are prompted to continue. To bypass the prompt, use the ```-f``` or ```--force``` flag. By default, all unused volumes are removed. You can limit the scope using the ```--filter``` flag. For instance, the following command only removes volumes which are not labelled with the keep label: ```bash $ docker volume prune --filter "label!=keep" ``` Other filtering expressions are available. See the docker volume prune reference for more examples. ### Prune networks Docker networks don?t take up much disk space, but they do create iptables rules, bridge network devices, and routing table entries. To clean these things up, you can use docker network prune to clean up networks which aren?t used by any containers. ```bash $ docker network prune WARNING! This will remove all networks not used by at least one container. Are you sure you want to continue? [y/N] y ``` By default, you are prompted to continue. To bypass the prompt, use the ```-f``` or ```--force``` flag. By default, all unused networks are removed. You can limit the scope using the ```--filter``` flag. For instance, the following command only removes networks older than 24 hours: ```bash $ docker network prune --filter "until=24h" ``` Other filtering expressions are available. See the docker network prune reference for more examples. # Troubleshooting https://bobcares.com/blog/iptables-no-chain-target-match-by-that-name-docker/ ``` Our customers often approach us with this error. Firstly, we check if the firewall service status using systemctl restart iptables.service If the service is down we restart the service. Then, we check the iptables rules using the command iptables -L The docker firewall rules were missing thus it shows the error. To resolve the error our Support Engineers restart the docker service. For instance, to restart the docker we use the command, service docker restart While restarting the Docker, it automatically creates the firewall rules. And we ensure to enable the firewall before restarting the docker.``` # aliases ```bash alias dcud="docker-compose up -d" alias dcd="docker-compose down" alias dcp="docker-compose pull" alias dclf="docker-compose logs -f" alias glances="docker run --rm --name=glances -v /var/run/docker.sock:/var/run/docker.sock:ro --pid host --network host -it nicolargo/glances:latest-full" alias ctop="docker run --rm -ti --name=ctop --volume /var/run/docker.sock:/var/run/docker.sock:ro quay.io/vektorlab/ctop:latest" pull, down, up pdu() { dcp dcd dcud } down, up downup() { dcd dcud } ``` # Using Docker for temp app usage ```bash docker run -it --rm -v .:/tmp -w /tmp node /usr/local/bin/npm install ``` # Misc Apps # Zerotier Openvz zt0 issue Apparently the issue was a "rights issue"; adding the -U option as described down below fixed it. ``` chmod 0666 /dev/net/tun ``` /lib/systemd/system/zerotier-one.service: ``` [Unit] Description=ZeroTier One After=network.target [Service] ExecStart=/usr/sbin/zerotier-one -U Restart=always KillMode=process [Install] `WantedBy=multi-user.target`` ``` # EdgeRouter Conditional Forwarding Hostnames Log in to CLI or SSH to Ubiquiti router ``` configure set service dhcp-server hostfile-update enable commit exit ``` This will now add names and IP of devices from your DHCP scope to the router's hosts file. # Market [https://www.morphtoken.com/](https://www.morphtoken.com/) # Octoprint http://192.168.0.114/ 192.168.55.117 Open the the thingiverse/stl file in [Cura Slicer](https://ultimaker.com/software/ultimaker-cura) # FileBot Season Padding Firefly - 01x01 - Serenity ```{n.take(120)} - {sxe.pad(2)} - {t.take(122)}``` ```{n.removeAll(/[!?]+$/).take(70)} - {sxe.pad(2)} - {t.take(60)}``` ```{n.removeAll(/[!?]+$/).take(70)} ({airdate.year}) - {sxe.pad(2)} - {t.take(60)}``` # Usenet nzbgeek newshosting # Linux Linux Stuff # Samba Client CIFS [https://www.thomas-krenn.com/en/wiki/Mounting_a_Windows_Share_in_Linux](https://www.thomas-krenn.com/en/wiki/Mounting_a_Windows_Share_in_Linux) ``` sudo apt-get install cifs-utils ``` ``` mount -t cifs //192.168.1.100/freigabe /mnt -o user=testuser ``` For permanent mount [http://timlehr.com/auto-mount-samba-cifs-shares-via-fstab-on-linux/](http://timlehr.com/auto-mount-samba-cifs-shares-via-fstab-on-linux/) - .smb ``` user=docker password=pass domain=madsprite.com ``` - /etc/fstab ```bash //192.168.0.5/media /fileserver/media cifs uid=1000,gid=1000,credentials=/root/.smb,_netdev,iocharset=utf8,vers=3.0,noperm,nofail,noauto,x-systemd.automount,x-systemd.idle-timeout=120 0 0 ``` x-systemd.automount provides autoconnect features upon filesystem calls. /etc/systemd/system/mnt-media.mount ```bash [Unit] Description=CIFS Share for Video Files Requires=network-online.target After=network-online.service [Mount] What=//192.168.0.10/media Where=/mnt/media Options=uid=1000,gid=1000,credentials=/root/.smb,_netdev,iocharset=utf8,vers=3.0,noperm,nofail,noauto,x-systemd.automount,x-systemd.idle-timeout=120 0 0 Type=cifs [Install] WantedBy=multi-user.target ``` # Debian Update Release Distro update to the next distro stretch buster ``` apt update && apt upgrade -y && sed -i 's/stretch/buster/g' /etc/apt/*.list && sed -i 's/stretch/buster/g' /etc/apt/sources.list.d/*.list apt update && apt upgrade -y && apt dist-upgrade -y && apt autoremove -y && hostnamectl ``` # Bash Scripting Techniques ### cat multiline ``` cat < /etc/apt/sources.list deb http://http.kali.org/kali kali-rolling main non-free contrib # deb-src http://http.kali.org/kali kali-rolling main non-free contrib EOF ``` # Swap ``` sudo fallocate -l 2G /swapfile && sudo chmod 600 /swapfile && sudo mkswap /swapfile && sudo swapon /swapfile && free -h ``` ``` sudo cp /etc/fstab /etc/fstab.bak && \ echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab ``` ``` sysctl vm.swappiness=10 && \ sysctl vm.vfs_cache_pressure=50 && \ echo 'vm.swappiness=10' | sudo tee -a /etc/sysctl.conf && \ echo 'vm.vfs_cache_pressure=50' | sudo tee -a /etc/sysctl.conf ``` # Useradd ```bash useradd -m -s /bin/bash -d /home/madsprite -c "MadSprite" madsprite passwd madsprite usermod -G sudo madsprite ``` # XFS format ```bash mkfs.xfs -f /dev/sdf mkdir /disk6 mount -t xfs /dev/sdf /disk6 echo "/dev/sdf /disk6 xfs defaults 0 0" >> /etc/fstab "UUID=acb421fe-e4dc-4081-9cf3-48c6f80077b0 /disk12 xfs defaults,nofail,x-systemd.device-timeout=20 0 0" blkid ``` # Disable Colour profile ```bash cd /usr/share/polkit-1/actions/ cp -a org.freedesktop.color.policy org.freedesktop.color.policy.orig sed -e 's|>auth_admin<|>no<|g' org.freedesktop.color.policy.orig > org.freedesktop.color.policy ``` # Qradar CE license issue https://www.ibm.com/support/pages/node/6395080 # Netboot ```bash apt update; apt install ipxe; wget 'https://boot.netboot.xyz/ipxe/netboot.xyz.lkrn' -O /boot/ipxe.lkrn ``` # Proxmox promox tings # tun enabled for lxc /etc/pve/lxc/*###*.conf ``` lxc.cgroup2.devices.allow: c 10:200 rwm lxc.hook.autodev: sh -c "modprobe tun; cd ${LXC_ROOTFS_MOUNT}/dev; mkdir net; mknod net/tun c 10 200; chmod 0666 net/tun" ``` # Hostname Naming Format [hosting provider acronym][u-unix,m-windows + d-windows desktop][# iteration].madsprite.com ie. cacm2.madsprite.com # Resource Pages ##### Windows Best Practices VM [https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers](https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers) #### Shrink Qcow2 filesystems [https://pve.proxmox.com/wiki/Shrink_Qcow2_Disk_Files](https://pve.proxmox.com/wiki/Shrink_Qcow2_Disk_Files) # ZFS container mount ``` pct shutdown 100 pct status 100 pct set 100 -mp0 /storage/share/downloads,mp=/home/user/torrents/downloads ;Use ro=1 Or for a read-only mount point. pct set 100 -mp1 /storage/share/junk,mp=/home/user/junk,ro=1 ;Mount the iso one randomly. pct set 100 -mp2 /storage/share/iso,mp=/home/usr/iso,ro=1 ``` [https://forum.level1techs.com/t/how-to-create-a-nas-using-zfs-and-proxmox-with-pictures/117375](https://forum.level1techs.com/t/how-to-create-a-nas-using-zfs-and-proxmox-with-pictures/117375) # MergerFS and Snapraid https://www.linuxserver.io/blog/2017-06-24-the-perfect-media-server-2017 ### mergerfs in /etc/fstab ```bash /snapdisk* /snapMedia fuse.mergerfs direct_io,x-systemd.device-timeout=20,defaults,allow_other,minfreespace=50G,fsname=mergerfs,category.create=mfs 0 0 ``` ### /etc/snapraid.conf ```bash # Example configuration for snapraid # Defines the file to use as parity storage # It must NOT be in a data disk # Format: "parity FILE_PATH" parity /snapparity14/snapraid.parity # Defines the files to use as content list # You can use multiple specification to store more copies # You must have least one copy for each parity file plus one. Some more don't hurt # They can be in the disks used for data, parity or boot, # but each file must be in a different disk # Format: "content FILE_PATH" content /var/snapraid.content content /snapdisk15/.snapraid.content content /snapdisk12/.snapraid.content # Defines the data disks to use # The order is relevant for parity, do not change it # Format: "disk DISK_NAME DISK_MOUNT_POINT" disk ata-WDC_WD161KRYZ-01AGBB0_2BJNHUGN /snapdisk15 disk ata-WDC_WD140EDGZ-11B1PA0_Y6GW3NUC /snapdisk12 disk ata-WDC_WD120EDBZ-11B1HA0_5QHY9WUB /snapdisk13 #disk ata-WDC_WD120EDAZ-11F3RA0_5PHWPLGF /snapdisk11 # Excludes hidden files and directories (uncomment to enable). #nohidden # Defines files and directories to exclude # Remember that all the paths are relative at the mount points # Format: "exclude FILE" # Format: "exclude DIR/" # Format: "exclude /PATH/FILE" # Format: "exclude /PATH/DIR/" exclude *.unrecoverable exclude /tmp/ exclude /lost+found/ exclude downloads/ exclude appdata/ exclude snapshots/ exclude *.!sync exclude .AppleDouble exclude ._AppleDouble exclude .DS_Store exclude ._.DS_Store exclude .Thumbs.db exclude .fseventsd exclude .Spotlight-V100 exclude .TemporaryItems exclude .Trashes exclude .AppleDB ``` https://stackoverflow.com/questions/24966676/transport-endpoint-is-not-connected ```bash fusermount -uz /snapMedia mount /snapMedia ``` # System migration virt-sysprep # fstab settings ```bash # /dev/pve/root / ext4 errors=remount-ro 0 1 UUID=D5D7-302D /boot/efi vfat defaults 0 1 /dev/pve/swap none swap sw 0 0 proc /proc proc defaults 0 0 /dev/disk/by-id/ata-ST33000651NS_XXXXXXXX /disk2 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /dev/disk/by-id/ata-Hitachi_HUS724030ALE641_XXXXXXXX /disk3 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /dev/disk/by-id/ata-ADATA_SU800_2J18XXXXXXXX /disk4 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /dev/disk/by-id/ata-TEAML5Lite3D480G_AC20180730XXXXXXXX /disk5 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #UUID=998d9a5f-8a92-4f0e-9351-692bc0273a78 /disk6 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 # moved to BlueBox /dev/disk/by-id/ata-Hitachi_HUS724030ALE641_XXXXXXXX /disk7 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #UUID=b4b0045f-5e99-4179-b120-77d5f3e5ab0d /disk8 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /dev/disk/by-id/ata-Samsung_SSD_860_EVO_500GB_S598NEXXXXXXXX /disk9 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #UUID=c08875cb-7f36-4b59-b309-3d69c1c8046b /disk10 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #ata-WDC_WD120EDAZ-11F3RA0_XXXXXXXX /disk11 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #ata-WDC_WD140EDGZ-11B1PA0_XXXXXXXX /disk12 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 # retired to mergerfs /dev/disk/by-id/ata-WDC_WD120EDAZ-11F3RA0_XXXXXXXX /snapdisk11 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /dev/disk/by-id/ata-WDC_WD140EDGZ-11B1PA0_XXXXXXXX /snapdisk12 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 #sdk cable-A WD140EDGZ-11 /dev/disk/by-id/ata-WDC_WD120EDBZ-11B1HA0_XXXXXXXX /snapdisk13 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /dev/disk/by-id/ata-WDC_WD161KRYZ-01AGBB0_XXXXXXXX /snapparity14 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 # parity /dev/disk/by-id/ata-WDC_WD161KRYZ-01AGBB0_XXXXXXXX /snapdisk15 xfs defaults,nofail,x-systemd.device-timeout=20 0 0 /snapdisk* /snapMedia fuse.mergerfs direct_io,x-systemd.device-timeout=20,defaults,allow_other,minfreespace=50G,fsname=mergerfs,category.create=mfs 0 0 /dev/zram0 none swap defaults,pri=10 0 0 # zfsStorage ata-TEAM_T253TD480G_AC20191128A0100129 ata-TEAM_T253TD480G_AC20191128A0101307 ata-WDC_WDS250G2B0A-00SM50_174420422522 ``` https://askubuntu.com/questions/1210867/remount-cifs-on-network-reconnect # Auth Apps https://github.com/nitnelave/lldap https://www.pomerium.com/ # Pihole LXC Required: ```lxc config set {container-name} security.nesting true.``` [![](https://resource.madsprite.com/uploads/images/gallery/2023-03/scaled-1680-/image-1680191617385.png)](https://resource.madsprite.com/uploads/images/gallery/2023-03/image-1680191617385.png) # Restart hosts if down crontab -e ```bash */5 * * * * pct start 100 >/dev/null #container restart */5 * * * * qm start 100 > /dev/null #KVM restart ``` # iGPU Passthrough https://www.derekseaman.com/2023/11/proxmox-ve-8-1-windows-11-vgpu-vt-d-passthrough-with-intel-alder-lake.html # Mac OS Mac OS technical # Recovery NVRAM reset: Command+Alt(fn)+p+r Recovery: Command+Option+r Tool to burn installer.dmg files to USB on Windows [https://www.acutesystems.com/scrtm.htm](https://www.acutesystems.com/scrtm.htm)