gilangvperdana

Installation OpenStack Xena on VM Cloud

Environment

1. Virtual Machine Ubuntu 20.04LTS (Azure, GCP, AWS, Aliyun, etc)
2. 16GB RAM
3. 512 GB Storage
4. One disk add for PV

gilangvperdana

General

If you want to protect your auth Proxmox VE, you can follow this step.

Brief

This configuration will be make max 3 attempt for Login to SSH or GUI & ban for 1 days you can modify on maxretry & bantime parameter.

Install Fail2ban

apt-get install -y fail2ban

gilangvperdana

General

If you face when you want to RDP to your Windows Server 2019 like this, The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license. Please contact the server administrator.

You can follow this guide for Reset Trial Days

• https://youtu.be/b4GjsvMrnTI?si=PLYjXBc3ZhL5iLsS
• https://youtu.be/f1lhIN4rY1M?si=DWtAB5xmcVmY_Ysu

FYI

Tested by me on Windows Server 2019

gilangvperdana

Activate Log Rotate Nginx

nano /etc/logrotate.d/nginx

/var/log/nginx/*.log {
        daily
        missingok
        rotate 7
        size 5k

gilangvperdana

How to secure a Proxmox exposed host

When you look for tutorials on how to install Proxmox, it always stops after the initial installation - which is quite dangerous, since it leaves a Proxmox host being exposed to the internet while listening to Ports 22 and 8006.

Heck, there is not even any SSH-hardening covered - your SSH is typically set to default values, which means: Password-authentication with the root account is perfectly possible. While you can mitigate some of these things by harding SSH or by installing fail2ban (which we will do anyhow), the host still exposes ports 22 and 8006.

For a secure system, these ports (and actually, apart from one single port ANY ports) have to be disabled. The only acceptable management access to the system should either happen via a Jumpserver or - if not available - via a direct VPN-connection.

In this gist, you find all the required steps to secure your Proxmox exposed host. This gist should work for any Proxmox host with - say - Hetzner, OVH or other vendor

gilangvperdana

Nginx Load Balancer

Experimental with 3 Container Docker, which is 1 Container for Nginx Load Balancer Reverse and 2 Container for Nginx Node

We will try to implement SSL + Auto Redirect + Load Balancer + Hostname Access Restrict

Environment

gilangvperdana

General

If you want to download offline package on your Linux you can use this command

1

apt-get --print-uris install package_name

will give you a list of urls for packages you need to download.

2

gilangvperdana

General

If you have a server then you want to virtualize your GPU card, lets follow this workaround.

Tested on

• Windows Server 2022
• RHEL
• Ubuntu

Driver on VMHost

• Make sure you have installed driver on your VMHost, you can download on nvid.nvidia.com

gilangvperdana

General

• This note, just wanna to share about OAUTH2PROXY for authenticate all our endpoints behind Nginx.

Prepare OAUTH2PROXY

wget https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v7.4.0/oauth2-proxy-v7.4.0.linux-amd64.tar.gz
tar -xzvf oauth2-proxy-v7.4.0.linux-amd64.tar.gz
cd oauth2-proxy-v7.4.0.linux-amd64

gilangvperdana

Monitoring Nginx from Grafana with InfluxDB-Telegraf & Prometheus

InfluxDB for Time Database
Telegraf for Metrics Server Agent
Prometheus for Metrics Collector
Grafana for Metrics Visualizator

I just want to exploration about monitoring some metrcis Nginx with LoadBalancer Topology on Grafana. 
This is an continous project from [https://gist.github.com/gilangvperdana/53a70f9a64d3f7becebfa5f3a3d54c1f]