Linux

go to root:

sudo -s

sudo -i -u username

Useradd

useradd -G wheel -p password -s /bin/bash name

passwd name

Add userpass in memory

eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_rsa

Clean linux cache:

free -h

vmstat

PageCache (priority):

sync; echo 1 > /proc/sys/vm/drop_caches

sudo version (For SL)

sync; echo 1 | sudo tee /proc/sys/vm/drop_caches

inode & dentrie:

sync; echo 2 > /proc/sys/vm/drop_caches

inode & dentrie & PageCache:

sync; echo 3 > /proc/sys/vm/drop_caches

TAR

tar -czvf name.tar.gz foldername

tar -xvf name.tar.gz

tar -czvf $(hostname -s).tar.gz /etc/nginx

scp :$HOME/ .tar.gz ~/

TimeZone

sudo timedatectl set-timezone Europe/Moscow

date -d@1396713472 -> Sat Apr 5 19:57:52 MSK 2014

Look last systemctl logs

sudo journalctl -eu fluent-bit.service -f

copy file name to name+date

cp demo.tar.gz demo-$(date +%y%m%d).tar.gz

cURL

curl --resolve example.com:443:127.0.0.1 https://example.com/ --header "Host: diff.example.com" curl -v -k -X GET https://sowa.stand.cnfs.local:10205/url --resolve sowa.stand.cnfs.local:10205:127.0.0.1

Telnet

telnet by curl

curl -v telnet://example.com:80

telnet by Win PS

tnc -ComputerName domain -port 443

SCP

For old server: scp -rp src user@server:dest/

For new server: scp -rp -o src user@server:dest/

Certs

OpenSSL

ip -c a | grep 192 && sudo ls -lah /etc/nginx/conf.d && sudo grep -r ssl_cert* /etc/nginx/conf.d && sudo ls -lah /var/log/nginx | grep .log

ip -c a | grep 192 && sudo ls -lah /etc/nginx/conf.d && sudo grep -r certificate /etc/nginx/conf.d

ip -c a | grep 192 && sudo grep -r certificate /etc/nginx/conf.d

End Date

read cert_location_name && openssl x509 -noout -text -in $cert_location_name | grep -e 'Subject:' -e 'Issuer:' -e 'Not Before:' -e 'Not After :'

End Date (sudo version)

read cert_location_name && sudo bash -c "openssl x509 -noout -text -in \"$cert_location_name\" | grep -e 'Subject:' -e 'Issuer:' -e 'Not Before:' -e 'Not After :'"

CMD version (need installed Git):

Portable:

"C:\Users\USERNAME\Documents\PortableGit\usr\bin\openssl.exe" x509 -noout -text -in *.crt

Installed:

"C:\Program Files\Git\usr\bin\openssl.exe" x509 -noout -text -in *.crt

p7b -> .pem

openssl pkcs7 -in domain.ru.p7b --print_certs -out domain.ru.pem

View all nginx certs

ip -c a | grep 192 && sudo grep -r ssl_cert* /etc/nginx/conf.d

Letsencrypt Cert

Install certbot

sudo dnf install python

install /etc/letsencrypt/acme-dns-auth.py from https://github.com/joohoi/acme-dns-certbot-joohoi/blob/master/acme-dns-auth.py

chmod +x /etc/letsencrypt/acme-dns-auth.py

Request Certificate

certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges -d domain_name.ru

Autorenew certificate

sudo certbot certonly --standalone -d ae.din235.ru

Test dig answer

dig +short txt _acme-challenge.domain_name.ru @8.8.8.8

Show cert date

Linux

sudo dnf install pip
pip3 install showcert

showcert domain.ru

Windows

curl --insecure -vvI https://www.google.com 2>&1 | grep "start date:\|expire date:"

Send command to remote terminal:

#!/bin/bash
echo "Enter passwd"
read pass
echo $pass | ssh 192.168.0.1 -t 'sudo -S systemctl status nginx'

MC

Sync windows: Alt + I

VS Code

Remove certs from all folders:

Ctrl+P (Open Terminal) -> Get-ChildItem -Path . -Include *.pem, *.jks, *.key, *.crt -File -Recurse | Remove-Item -Force

Change line:

Ctrl+Shift+F -> rdkafka.ssl.keystore.password .* to rdkafka.ssl.keystore.password - (Enable regular)

Disk

error: dmesg

df -h, du, ncdu

sort without ncdu:

du / | sort -nr | cut -f2- | xargs du -hs

Disk grow

sudo su -
lsblk

fdisk /dev/vda
parted -l
Fix/Ignore? fix
fdisk /dev/vda
d
default
n
default
default
default
Do you want to remove the signature? [Y]es/[N]o: n
w
The partition table has been altered.
Syncing disks.
xfs_growfs -d /
OR
reboot

v2

disk grow RHEL
echo 1 > /sys/block/sda/device/rescan
fdisk /dev/sda
Command (m for help): d
Partition number (1,2, default 2): 2
Command (m for help): n
Select (default p): p
Partition number (2-4, default 2): 2
Enter
Enter
Command (m for help): t
Partition number (1-2): 2
Hex code (type L to list all codes): 8e
Command (m for help): w
partx -u /dev/sda2
pvresize /dev/sda2
lvdisplay
#Found root part
lvextend -l +100%FREE /dev/XXXXXXX/root
xfs_growfs /dev/XXXXXXX/root

Docker

Remove all unused data:

docker system prune -a

k8s

k9s dashboard:

search amd64.rpm https://github.com/derailed/k9s/releases
wget https://github.com/derailed/k9s/releases/download/v0.32.5/k9s_linux_amd64.rpm
sudo dnf localinstall k9s_linux_amd64.rpm

sudo pkill -9 k9s

kubectl:

kubectl cluster-info

Other:

netcat -ul 9094

For rancher desktop:

Need install WSL: ms-windows-store://pdp/?ProductId=9P9TQF7MRM4R

Remote grep

pw=$(cat "PasswdFile")
ip=
link=
echo "server name"
echo $pw | ssh -tt user@ip "openssl x509 -enddate -noout -in certname.pem"

.p12 to .pem

openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys
openssl pkcs12 -in path.p12 -out newfile.key.pem -nocerts -nodes
openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys -passin 'pass:P@s5w0rD'

Ansible

ansible-vault decrypt /file_location/vars/main.yml
ansible-vault encrypt /file_location/vars/main.yml
eval "$(ssh-agent -s)" && ssh-add /home/administrator/.ssh/id_rsa
ansible-playbook playbooks/playbook-name.yml -bK --check
ansible-playbook playbooks/playbook-name.yml --ask-vault-pass -i inventory_location/inventory.yaml -bK --private-key=/home/administrator/.ssh/id_rsa --user=administrator --check

DNF

Gold SL

sudo dnf clean all && sudo dnf update && sudo dnf install -y epel-release && sudo dnf install -y ncdu htop iotop vim mc yum-utils telnet net-tools wget tree traceroute bind-utils zip bash-completion git tmux screen ufw && sudo systemctl daemon-reload

Gold Centos 8

dnf install -y epel-release && dnf install -y ncdu htop iotop vim mc yum-utils telnet net-tools wget tree traceroute bind-utils zip

Gold Ubuntu

apt install -y ncdu htop iotop vim mc telnet net-tools wget tree traceroute zip

Firewall

netsh advfirewall firewall add rule name="Open Zabbix agentd port 10050 inbound" dir=in action=allow protocol=TCP localport=10050
netsh advfirewall firewall add rule name="Open Zabbix agentd port 10050 outbound" dir=out action=allow protocol=TCP localport=10050
netsh advfirewall firewall add rule name="Open Zabbix trapper port 10051 inbound" dir=in action=allow protocol=TCP localport=10051
netsh advfirewall firewall add rule name="Open Zabbix trapper port 10051 outbound" dir=out action=allow protocol=TCP localport=10051

Ping

GPING https://github.com/orf/gping?tab=readme-ov-file

Allow ping

netsh advfirewall firewall add rule name="Allow ICMPv4" protocol=icmpv4:8,any dir=in action=allow netsh advfirewall firewall add rule name="Allow ICMPv6" protocol=icmpv6:8,any dir=in action=allow