Friday, 17 April 2015
Keepass ssh client integration
1. Install XShell
2 Keepass : in tools > Options > Integrations> Url Ovverides
add schema override
ssh
cmd://"C:\Program Files (x86)\NetSarang\Xshell 5\Xshell.exe" -url {URL:SCM}://{USERNAME}:{PASSWORD}@{URL:HOST}:{URL:PORT}
In Url field of KeePass entry write address in format
ssh://ip_address:port
Can by ope by Ctrl-U
Thursday, 16 April 2015
Debian 7 installation
echo 'alias la="ls -la -d .* --color=auto"'>> ~/.bash_profile
cd /
apt-get install -y wget mc sshpass unzip nano git
apt-get update -y
#change ssh port
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig.$(date +%F)
sed -i 's/Port 22/Port 27628/g' /etc/ssh/sshd_config
/etc/init.d/ssh restart
iptables -I INPUT 1 -p tcp --dport 27628 -j ACCEPT
iptables-save
iptables -A INPUT -p tcp --destination-port 22 -j DROP
adduser --system --no-create-home --ingroup nginx --disabled-login --disabled-password nginx
apt-get install nginx -y
iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT
iptables-save
update-rc.d nginx defaults
mv -v /usr/share/nginx/www /var
chown -R nginx:nginx /var/www
chmod -R 0755 /var/www
#move directory to www and
#service nginx start
# Restrict access to site
cd /etc/nginx/
printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password
#Add to site config:
# auth_basic "Restricted";
# auth_basic_user_file /etc/nginx/.htpasswd;
apt-get -y install mariadb-server mariadb
service start mariadb start
mysql_secure_installation
update-rc.d mariadb defaults
update-rc.d php5-fpm defaults
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php5/fpm/php.ini
sed -i 's/group = www-data/group = nginx/g' /etc/php5/fpm/pool.d/www.conf
sed -i 's/user = www-data/user = nginx/g' /etc/php5/fpm/pool.d/www.conf
service php5-fpm restart
#copy your app to www, and
cd /tmp
git config --global http.sslVerify false
git clone REPOSITORY
chown -R nginx:nginx /var/www/YOUR_APP
chmod -R 755 /var/www/YOUR_APP
chown nginx -R /var/www/YOUR_APP/web/runtime
chown nginx -R /var/www/YOUR_APP/www/assets
#install mySQL
apt-get -y install mariadb-server mariadb
service start mariadb start
mysql_secure_installation
update-rc.d mariadb defaults
#Configure folders:
mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
cd /etc/nginx/sites-available
touch YOUR_APP.conf
ln -s /etc/nginx/sites-available/YOUR_APP.conf /etc/nginx/sites-enabled/YOUR_APP.conf
# insert from here: http://blog.saitov.me/2014/11/nginx-configuration-for-yii.html
rm /etc/nginx/nginx.conf -f
nano /etc/nginx/nginx.conf
nano /etc/nginx/sites-available/YOUR_APP.conf
#xcache
yum -y install php-xcache
yum -y install xcache-admin
#Pass gen: http://xcache.lighttpd.net/demo/cacher/mkpassword.php
#xcache.cacher = On
#xcache.stat = On
#xcache.optimizer = On
#copy /etc/php.d/xcache.ini
cp -avr /usr/share/xcache /var/www
chown -R nginx:nginx /var/www/xcache
chmod -R 755 /var/www/xcache
touch /etc/nginx/sites-available/xcache.conf
ln -s /etc/nginx/sites-available/xcache.conf /etc/nginx/sites-enabled/xcache.conf
#copy xcache.conf config
firewall-cmd --permanent --zone=public --add-port=8091/tcp
service nginx restart
rpm -Uvh http://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm
yum install –y zabbix zabbix-agent nano
sed -i 's/Server=127.0.0.1/ Server=SERVER_IP/g' /etc/zabbix/zabbix_agentd.conf
service zabbix-agent stop
service zabbix-agent start
chkconfig zabbix-agent on
firewall-cmd --permanent --zone=public --add-port=10050/tcp
firewall-cmd --permanent --zone=public --add-port=10050/udp
firewall-cmd --reload
cd /
apt-get install -y wget mc sshpass unzip nano git
apt-get update -y
#change ssh port
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig.$(date +%F)
sed -i 's/Port 22/Port 27628/g' /etc/ssh/sshd_config
/etc/init.d/ssh restart
iptables -I INPUT 1 -p tcp --dport 27628 -j ACCEPT
iptables-save
iptables -A INPUT -p tcp --destination-port 22 -j DROP
#Optional
#install nginx
addgroup --system --group nginxadduser --system --no-create-home --ingroup nginx --disabled-login --disabled-password nginx
apt-get install nginx -y
iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT
iptables-save
update-rc.d nginx defaults
mv -v /usr/share/nginx/www /var
chown -R nginx:nginx /var/www
chmod -R 0755 /var/www
#move directory to www and
#service nginx start
# Restrict access to site
cd /etc/nginx/
printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password
#Add to site config:
# auth_basic "Restricted";
# auth_basic_user_file /etc/nginx/.htpasswd;
#install mySQL
apt-get -y install mariadb-server mariadb
service start mariadb start
mysql_secure_installation
update-rc.d mariadb defaults
#install yii
apt-get install -y php5-fpm php5-mysqlupdate-rc.d php5-fpm defaults
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php5/fpm/php.ini
sed -i 's/;date.timezone =/date.timezone = America\/New_York/g' /etc/php5/fpm/php.ini
sed -i 's/group = www-data/group = nginx/g' /etc/php5/fpm/pool.d/www.conf
service php5-fpm restart
#copy your app to www, and
cd /tmp
git config --global http.sslVerify false
git clone REPOSITORY
chown -R nginx:nginx /var/www/YOUR_APP
chmod -R 755 /var/www/YOUR_APP
chown nginx -R /var/www/YOUR_APP/web/runtime
chown nginx -R /var/www/YOUR_APP/www/assets
#install mySQL
apt-get -y install mariadb-server mariadb
service start mariadb start
mysql_secure_installation
update-rc.d mariadb defaults
#Configure folders:
mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
cd /etc/nginx/sites-available
touch YOUR_APP.conf
ln -s /etc/nginx/sites-available/YOUR_APP.conf /etc/nginx/sites-enabled/YOUR_APP.conf
# insert from here: http://blog.saitov.me/2014/11/nginx-configuration-for-yii.html
rm /etc/nginx/nginx.conf -f
nano /etc/nginx/nginx.conf
nano /etc/nginx/sites-available/YOUR_APP.conf
#xcache
yum -y install php-xcache
yum -y install xcache-admin
#Pass gen: http://xcache.lighttpd.net/demo/cacher/mkpassword.php
#xcache.cacher = On
#xcache.stat = On
#xcache.optimizer = On
#copy /etc/php.d/xcache.ini
cp -avr /usr/share/xcache /var/www
chown -R nginx:nginx /var/www/xcache
chmod -R 755 /var/www/xcache
touch /etc/nginx/sites-available/xcache.conf
ln -s /etc/nginx/sites-available/xcache.conf /etc/nginx/sites-enabled/xcache.conf
#copy xcache.conf config
firewall-cmd --permanent --zone=public --add-port=8091/tcp
firewall-cmd --reload
service nginx restart
#install Zabbix client
rpm -Uvh http://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm
yum install –y zabbix zabbix-agent nano
sed -i 's/Server=127.0.0.1/ Server=SERVER_IP/g' /etc/zabbix/zabbix_agentd.conf
service zabbix-agent stop
service zabbix-agent start
chkconfig zabbix-agent on
firewall-cmd --permanent --zone=public --add-port=10050/tcp
firewall-cmd --permanent --zone=public --add-port=10050/udp
firewall-cmd --reload
Wednesday, 8 April 2015
Centos 7 - install script
yum install epel-release -y
cd /
yum install -y wget mc sshpass unzip nano git
yum update -y
#disable SELINUX
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce Permissive
#change ssh port
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig.$(date +%F)
sed -i 's/#Port 22/Port 27628/g' /etc/ssh/sshd_config
systemctl restart sshd.service
firewall-cmd --permanent --zone=public --add-port=27628/tcp
firewall-cmd --reload
firewall-cmd --permanent --zone=public --remove-port=22/tcp
firewall-cmd --reload
yum install nginx -y
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
sudo chkconfig --levels 235 nginx on
mkdir /var/www
chown -R nginx:nginx /var/www
mv -v /usr/share/nginx/html/ /var/www
chmod -R 0755 /var/www
#move directory to www and
#service nginx start
# Restrict access to site
cd /etc/nginx/
printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password
#Add to site config:
# auth_basic "Restricted";
# auth_basic_user_file /etc/nginx/.htpasswd;
yum -y install mariadb-server mariadb
sudo systemctl start mariadb
sudo mysql_secure_installation
sudo chkconfig --levels 235 mariadb on
yum -y php-*
yum -y install php-fpm php-mysql
sudo chkconfig --levels 235 php-fpm on
sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
sed -i 's/user = apache/user = nginx/g' /etc/php-fpm.d/www.conf
service php-fpm restart
#copy your app to www, and
cd /tmp
git config --global http.sslVerify false
git clone REPOSITORY
chown -R nginx:nginx /var/www/YOUR_APP
chmod -R 755 /var/www/YOUR_APP
chown nginx -R /var/www/YOUR_APP/web/runtime
chown nginx -R /var/www/YOUR_APP/www/assets
#install mySQL
yum -y install mariadb-server mariadb
sudo systemctl start mariadb
sudo chkconfig --levels 235 mariadb on
sudo mysql_secure_installation
#Configure folders:
mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
cd /etc/nginx/sites-available
touch YOUR_APP.conf
ln -s /etc/nginx/sites-available/YOUR_APP.conf /etc/nginx/sites-enabled/YOUR_APP.conf
# insert from here: http://blog.saitov.me/2014/11/nginx-configuration-for-yii.html
rm /etc/nginx/nginx.conf -f
nano /etc/nginx/nginx.conf
nano /etc/nginx/sites-available/YOUR_APP.conf
#xcache
yum -y install php-xcache
yum -y install xcache-admin
#Pass gen: http://xcache.lighttpd.net/demo/cacher/mkpassword.php
#xcache.cacher = On
#xcache.stat = On
#xcache.optimizer = On
#copy /etc/php.d/xcache.ini
cp -avr /usr/share/xcache /var/www
chown -R nginx:nginx /var/www/xcache
chmod -R 755 /var/www/xcache
touch /etc/nginx/sites-available/xcache.conf
ln -s /etc/nginx/sites-available/xcache.conf /etc/nginx/sites-enabled/xcache.conf
#copy xcache.conf config
firewall-cmd --permanent --zone=public --add-port=8091/tcp
service nginx restart
rpm -Uvh http://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm
yum install –y zabbix zabbix-agent nano
sed -i 's/Server=127.0.0.1/ Server=SERVER_IP/g' /etc/zabbix/zabbix_agentd.conf
service zabbix-agent stop
service zabbix-agent start
chkconfig zabbix-agent on
#iptables -I INPUT 1 -p tcp --dport 10050 -j ACCEPT
#iptables -I INPUT 1 -p udp --dport 10050 -j ACCEPT
#iptables-save
firewall-cmd --permanent --zone=public --add-port=10050/tcp
firewall-cmd --permanent --zone=public --add-port=10050/udp
firewall-cmd --reload
cd /
yum install -y wget mc sshpass unzip nano git
yum update -y
#disable SELINUX
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce Permissive
#change ssh port
cp -p /etc/ssh/sshd_config /etc/ssh/sshd_config.orig.$(date +%F)
sed -i 's/#Port 22/Port 27628/g' /etc/ssh/sshd_config
systemctl restart sshd.service
firewall-cmd --permanent --zone=public --add-port=27628/tcp
firewall-cmd --reload
firewall-cmd --permanent --zone=public --remove-port=22/tcp
firewall-cmd --reload
#Optional
#install nginx
yum install nginx -y
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
sudo chkconfig --levels 235 nginx on
mkdir /var/www
chown -R nginx:nginx /var/www
mv -v /usr/share/nginx/html/ /var/www
chmod -R 0755 /var/www
#move directory to www and
#service nginx start
# Restrict access to site
cd /etc/nginx/
printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password
#Add to site config:
# auth_basic "Restricted";
# auth_basic_user_file /etc/nginx/.htpasswd;
#install mySQL
yum -y install mariadb-server mariadb
sudo systemctl start mariadb
sudo mysql_secure_installation
sudo chkconfig --levels 235 mariadb on
#install yii
yum -y php-*
yum -y install php-fpm php-mysql
sudo chkconfig --levels 235 php-fpm on
sed -i 's/;date.timezone =/date.timezone = America\/New_York/g' /etc/php.ini
sed -i 's/group = apache/group = nginx/g' /etc/php-fpm.d/www.conf
service php-fpm restart
#copy your app to www, and
cd /tmp
git config --global http.sslVerify false
git clone REPOSITORY
chown -R nginx:nginx /var/www/YOUR_APP
chmod -R 755 /var/www/YOUR_APP
chown nginx -R /var/www/YOUR_APP/web/runtime
chown nginx -R /var/www/YOUR_APP/www/assets
#install mySQL
yum -y install mariadb-server mariadb
sudo systemctl start mariadb
sudo chkconfig --levels 235 mariadb on
sudo mysql_secure_installation
#Configure folders:
mkdir /etc/nginx/sites-available
mkdir /etc/nginx/sites-enabled
cd /etc/nginx/sites-available
touch YOUR_APP.conf
ln -s /etc/nginx/sites-available/YOUR_APP.conf /etc/nginx/sites-enabled/YOUR_APP.conf
# insert from here: http://blog.saitov.me/2014/11/nginx-configuration-for-yii.html
rm /etc/nginx/nginx.conf -f
nano /etc/nginx/nginx.conf
nano /etc/nginx/sites-available/YOUR_APP.conf
#xcache
yum -y install php-xcache
yum -y install xcache-admin
#Pass gen: http://xcache.lighttpd.net/demo/cacher/mkpassword.php
#xcache.cacher = On
#xcache.stat = On
#xcache.optimizer = On
#copy /etc/php.d/xcache.ini
cp -avr /usr/share/xcache /var/www
chown -R nginx:nginx /var/www/xcache
chmod -R 755 /var/www/xcache
touch /etc/nginx/sites-available/xcache.conf
ln -s /etc/nginx/sites-available/xcache.conf /etc/nginx/sites-enabled/xcache.conf
#copy xcache.conf config
firewall-cmd --permanent --zone=public --add-port=8091/tcp
firewall-cmd --reload
service nginx restart
#install Zabbix client
#Attention, for
rpm -Uvh http://repo.zabbix.com/zabbix/2.2/rhel/7/x86_64/zabbix-release-2.2-1.el7.noarch.rpm
yum install –y zabbix zabbix-agent nano
sed -i 's/Server=127.0.0.1/ Server=SERVER_IP/g' /etc/zabbix/zabbix_agentd.conf
service zabbix-agent stop
service zabbix-agent start
chkconfig zabbix-agent on
#iptables -I INPUT 1 -p tcp --dport 10050 -j ACCEPT
#iptables -I INPUT 1 -p udp --dport 10050 -j ACCEPT
#iptables-save
firewall-cmd --permanent --zone=public --add-port=10050/tcp
firewall-cmd --permanent --zone=public --add-port=10050/udp
firewall-cmd --reload
Subscribe to:
Posts (Atom)