Draft Documentation

This is an internal training guide to Techbooks LLC, and Titanoba Magazine. The purpose of this page is to create a mindmap for the company

  1. identify high-level priorities
  2. requirements and most importantly
  3. documentation

Server Management

Cpanel/WHM VPS

The following servers are managed via Cpanel/WHM:

1. Titanoba

2. Seattle One

3. Missouri Seattle One

Vesta VPS

The following servers are managed via Vesta:

1. CDMX Missouri

2. Colombia

Hestia VPS

The following servers are managed via Hestia:

1. Techbooks Germany

Server Login (SSH Details)

NOTE

Hestia and Vesta disable root login by default. The default user is admin, and you can change the password for admin via ssh

Code:

v-change-user-password admin newpassword

File Command

find / -iname (file or whatever)

Looking for an html doc inside a web server

Next Cloud Server Location Command 

@vmi754416:~# sudo -u nextcloud /usr/bin/php /home/nextcloud/web/cloud.techbooks.org/public_html/occ

Linux Wi-Fi Troubleshooting

General Debian Wifi Commands

To show the overall status of NetworkManager:

root@linaro-alip:~# nmcli general status
STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN  
disconnected none enabled enabled enabled enabled

 To show all connections:

root@linaro-alip:~# nmcli connection show
NAME UUID TYPE DEVICE

To show the device status (for the devices recognized by Network Manager:

root@linaro-alip:~# nmcli device status
DEVICE TYPE STATE CONNECTION
wlan0 wifi disconnected —
lo loopback unmanaged —  

To view the list of available access points:

root@linaro-alip:~# nmcli dev wifi list
* SSID MODE CHAN RATE SIGNAL BARS SECURITY
 foonet Infra 7 54 Mbit/s 70 ▂▄▆_ WPA2
 96boards Infra 4 54 Mbit/s 80 ▂▄▆_ WPA2
 linaro-wifi Infra 52 54 Mbit/s 7 ▂___ WPA2
 debian Infra 11 54 Mbit/s 89 ▂▄▆█ WPA1 WPA2

To connect to a WIFI access point, first create the connection:

root@linaro-alip:~# nmcli con add con-name WiFi ifname wlan0 type wifi ssid foonet
Connection ‘WiFi’ (4b40221c-9af9-45ae-b5df-7d8bfe301ad5) successfully added.

Then set up the password for your access point (e.g. for a WPA2 AP):

root@linaro-alip:~# nmcli con modify WiFi wifi-sec.key-mgmt wpa-psk
root@linaro-alip:~# nmcli con modify WiFi wifi-sec.psk myownpassword

Then just enable the connection:

root@linaro-alip:~# nmcli con up WiFi

Edit Network Interfaces

cd etc/network/ edit interfaces

ncmli connection delete

Housekeeping Script

df -h
ncdu /home/dannyd/

Desktop:

sudo apt-get update && apt-get upgrade && apt-get clean && apt-get autoclean && apt-get -f install && bleachbit -c system.cache system.clipboard system.custom system.desktop_entry system.free_disk_space system.localizations system.memory system.recent_documents system.rotated_logs system.tmp system.trash apt.autoclean apt.autoremove apt.clean apt.package_lists filezilla.mru firefox.backup firefox.cache firefox.cookies firefox.crash_reports firefox.dom firefox.download_history firefox.forms firefox.passwords firefox.session_restore firefox.site_preferences firefox.url_history firefox.vacuum flash.cache flash.cookies && savscan / && rkhunter -c

Server:

sudo apt-get update && apt-get upgrade && apt-get clean && apt-get autoclean && apt-get -f install && rkhunter -c

#apt-cache showpkg “name”
#apt-cache search “name”


dpkg -i

NCDU
Alpinse

bandit 4
“how to find human readable text in a directory”

|xargs file|grep text

“the following command redirects error readouts to the ‘stdout’ folder which wipes everything, but allows for you to recieve output for only non errors”

-type f 2>/dev/null

search grep recurisve line number, whole word
-rnw
patter =
-e


“lock error for sudo update”

Run these commands one by one.

sudo lsof /var/lib/dpkg/lock
sudo lsof /var/lib/apt/lists/lock
sudo lsof /var/cache/apt/archives/lock

It’s possible that the commands don’t return anything, or return just one number. If they do return at least one number, use the number(s) and kill the processes like this (replace the <process_id> with the numbers you got from the above commands):

sudo kill -9 <process_id>

You can now safely remove the lock files using the commands below:

sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock

After that, reconfigure the packages:

sudo dpkg –configure -a



PURGING PACKETS

sudo apt-get purge $(dpkg -l | grep ‘^rc’ | awk ‘{print $2}’)


to view process ids

kill -l

ps aux | grep “app”

see all packages install
 dpkg-query -l



House Keeping

uninstall all packages

update & upgrade

sudo apt-get autoremove –purge


sudo apt-get update && sudo apt-get upgrade -y

Disk Usage Commands

Download NCDUncdu -
df -h
du -cha

sudo nano /etc/X11/Xsession created Xsession.bak (backup) changed lined “83” to /dev/null

USB Mouunting for Raspberry Pi

Pre-requisites

For most USB hard drives you will need a power supply (PSU) capable of supplying at least 2.5A @ 5V, for some drives you may need even more power than this. This may mean that your setup will need one PSU for the Raspberry Pi and an additional one per hard drive you add.

In general – adding USB pen-drives will not consume noticeably more power.

The PiDrive from WDLabs comes with splitter cable allowing a Pi and a HDD to be powered at the same time.

Good defaults

The best option for most people will be to use the default settings Raspbian – the official Operating System from the Raspberry Pi Foundation. So we will be formatting our drive with the EXT4 filesystem and using a unique label so that we can use multiple devices at the same time.

Warning

Proceed only if you are comfortable working with the command line and have a backup of your data.
Step 1. Identify the drive

The easiest way to identify your drive is to only plug one in at a time. The Linux command lsblk will list all bulk storage devices.

Whatever you do avoid making changes to the drive named mmcblk0 because this is your SD card.

I am working on a WDLabs NodeZero device which is a Pi Zero and 314GB HDD combined into single unit.

pi@nodezero:~ $ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 292.5G 0 disk
└─sda1 8:1 0 292.5G 0 part
mmcblk0 179:0 0 3.7G 0 disk
├─mmcblk0p1 179:1 0 63M 0 part /boot
└─mmcblk0p2 179:2 0 3.6G 0 part /

We can see the device or drive has the name sda – if you were to plug additional drives they would get the names sdb, sdc, sdd and so forth.
Step 2. Create the partitions

We will now use the fdisk tool to wipe out the existing partitions and create new ones. This is not always essential but ensures we have a known state on the disk.

sudo fdisk /dev/sda

First wipe the existing partitions:

Command (m for help): o
Created a new DOS disklabel with disk identifier 0x7508d343.

Now create a single partition by accepting all the defaults (hit enter for each question):

Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p):

Using default response p.
Partition number (1-4, default 1):
First sector (2048-613355519, default 2048):
Last sector, +sectors or +size{K,M,G,T,P} (2048-613355519, default 613355519):

Created a new partition 1 of type ‘Linux’ and of size 292.5 GiB.

Command (m for help):

Finally write the changes:

Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.

pi@nodezero:~ $

Step 3. Format the new partition

You can check that the new partition was created by typing in:

pi@nodezero:~ $ sudo fdisk -l /dev/sda

Disk /dev/sda: 292.5 GiB, 314038026240 bytes, 613355520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x5e2f65e0

Device Boot Start End Sectors Size Id Type
/dev/sda1 2048 613355519 613353472 292.5G 83 Linux

We’ll now format the partition we just created and at the same time attach a unique label.

$ sudo mkfs.ext4 -L PIDRIVE1 /dev/sda1

If you get a message such as /dev/sda1 contains a ext4 file system – Proceed anyway? (y,n) – type in y.

Step 4. Pick a mount-point

For a Linux operating system we need to pick a directory to mount our storage under. This could be almost any folder including /home/pi for instance. We’ll keep things simple and pick /mnt/pidrive1.

$ sudo mkdir /mnt/pidrive1

Let’s test the mount point temporarily and then make things permanent.

pi@nodezero:~ $ sudo mount -L PIDRIVE1 /mnt/pidrive1
pi@nodezero:~ $ ls /mnt/pidrive1/
lost+found

Now we were able to mount our drive using a label instead of the device / drive name of /dev/sda1 – as long as we keep the labels unique for all devices we attach we can use this method to identify them.

Step 5. Make it permanent


If you intend on using the drive permanently then follow this step. The next step involves editing the fstab file which is used to mount disks at system boot time:

sudo nano /etc/fstab

Since we used an ext4 file-system and that is also used for the SD card’s root filesystem, we can use the same settings. You should see two lines like the following:

proc /proc proc defaults 0 0
/dev/mmcblk0p1 /boot vfat defaults 0 2
/dev/mmcblk0p2 / ext4 defaults,noatime 0 1

Add a line underneath, save the file, then reboot:

LABEL=PIDRIVE1 /mnt/pidrive1 ext4 defaults,noatime 0 1

Now that your drive is attached let’s look at how to keep the drive working reliably and a few uses for that extra storage.
Best practices

Always shutdown with shutdown -h 0 or halt -h – never pull the power cable.

If you are using the drive only temporarily then type in sudo umount /mnt/pidrive1 before pulling out the USB cable – or shutdown the system first.

If you have a power-cut or accidental power-out then you can repair the filesystem like this:

$ sudo umount /mnt/pidrive1
$ sudo fsck /dev/sda1

fsck from util-linux 2.25.2
e2fsck 1.42.12 (29-Aug-2014)
PIDRIVE1: clean, 11/19169280 files, 1251934/76669184 blocks

Optimizing power consumption

The cheapest drives to run are 2.5″ laptop-sized disks. A full-sized desktop disk can be used with a caddy or adapter but will likely need its own 12v or 24v PSU and will be noisy in comparison.

RSYNC Tutorial https://www.youtube.com/watch?v=oS5uH0mzMTg

rsync -aAXv –delete –dry-run –exclude=/dev/* –exclude=/proc/* –exclude=/sys/* –exclude=/tmp/* –exclude=/run/* –exclude=/mnt/* –exclude=/media/* –exclude=”swapfile” –exclude=”lost+found” –exclude=”.cache” –exclude=”.ecryptfs” / /media/dannyd/PIDRIVE1

Heading

sudo mysql -u root -p Overview pi viciousnet ATONE ServerName cloud.nextcloud.com Header always set Strict-Transport-Security “max-age=15552000; includeSubDomains”; preload ##TODO — Pi Management Debian Buster Raspbian Server Harden Pi Add Pi Users — Apache/PHP Management Harden Server Create non sudo acct — Create A Threat Model & Risk Management Outline Harden Cloud Create Cloud Users Create Cloud Priveleges Audit Records ##Hardware Sata Storage Additional Space/Data d220427bc0d0208881a5a97e4f1f5e97a2b5a

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x