Skip to content

Instantly share code, notes, and snippets.

View kevin39's full-sized avatar

Kevin LABECOT kevin39

View GitHub Profile
@kevin39
kevin39 / How to resize or shrink a container
Last active May 23, 2017 07:08
Resize container
pct restore <ct id> <archive> --rootfs <storage name>:<new size in gb>
@kevin39
kevin39 / ssh_reboot_forced_if_cmd_hangs
Created April 26, 2017 06:22
Forcer un redémarrage de Linux via SSH quand reboot ne marche pas
echo s > /proc/sysrq-trigger # Flusher les buffers d'IO pour ne pas perdre de données
echo u > /proc/sysrq-trigger # Démonter puis Remonter toutes les partitions en Read-Only
echo b > /proc/sysrq-trigger # Forcer le reboot de la machine
# Source : http://www.area51.fr/2011/10/31/forcer-redemarrage-linux-via-ssh/
@kevin39
kevin39 / haproxy.cfg
Created March 23, 2017 14:27 — forked from GABeech/haproxy.cfg
Stack Exchange HAProxy
# This is an example of the Stack Exchange Tier 1 HAProxy config
# The only things that have been changed from what we are running are:
# 1. User names have been removed
# 2. All Passwords have been remove
# 3. IPs have been changed to use the example/documentation ranges
# 4. Rate limit numbers have been changed to randome numbers, don't read into them
userlist stats-auth
group admin users $admin_user
user $admin_user insecure-password $some_password
@kevin39
kevin39 / nfsd-on-lxc
Created March 2, 2017 10:05
NFSD on LXC
Create a new file "/etc/apparmor.d/lxc/lxc-default-with-nfsd" and paste in the following;
Code:
# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc
profile lxc-container-default-with-nfsd flags=(attach_disconnected,mediate_deleted) {
#include <abstractions/lxc/container-base>
# the container may never be allowed to mount devpts. If it does, it
@kevin39
kevin39 / debian-sys-maint-reset-pwd
Created December 27, 2016 13:11
'Access denied for user 'debian-sys-maint'@'localhos
cat /etc/mysql/debian.cnf
mysql -u root -p
Enter password:
Puis on recrée l’utilisateur avec le mot de passe trouvé précedemment dans /etc/mysql/debian.cnf :
mysql>GRANT ALL PRIVILEGES ON *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED \
BY 'Le_passwd_du_fichier';
mysql>FLUSH PRIVILEGES;
mysql>exit
@kevin39
kevin39 / new_gist_file_0
Created November 21, 2016 09:05
Reverse SSH Tunneling
Source : http://pierrehirel.info/blog/?p=19
client:~$ ssh -Nf -R 26000:127.0.0.1:22 -p 2222 login@server.org
-N indique au client de ne pas se connecter mais de se mettre en attente ; en l’occurence il va écouter le port 22 ;
-f détache le client de la console, il continuera donc de tourner en arrière-plan ;
-R pour « reverse » indique qu’on met en place un tunnel inversé ;
26000:127.0.0.1:22 indique au serveur de rediriger son port 26000 vers le port 22 de la machine locale (localhost ou 127.0.0.1) ; le port du serveur (26000) peut être remplacé par n’importe quel port disponible ; le port du client (22) est à remplacer par le port sur lequel le serveur ssh du client écoute.
-p 2222 indique au client ssh de communiquer vers le port 2222 du serveur (au lieu du 22 par défaut) ;
la dernière partie est bien sûr à remplacer par un login et une adresse de serveur valides.
@kevin39
kevin39 / php-fpm silently not starting
Created November 9, 2016 08:19
php-fpm not starting
Source: http://serverfault.com/a/539036/217375
Did you check your error_log file for php-fpm? Location of that file should be declared in your php-fpm.conf (in Ubuntu config is /etc/php5/fpm/php-fpm.conf, log file is /var/log/php5-fpm/log), also check your log_level, if is disabled (;log_level), please enable it and change it to the debug. After that try restart php5-fpm service and check your logs.
You can also try to run php5-fpm in foreground mode:
# php5-fpm -y /etc/php5/fpm/php-fpm.conf
Maybe this show you something interesting.
@kevin39
kevin39 / nginx-tuning.md
Created November 8, 2016 10:26 — forked from denji/nginx-tuning.md
NGINX tuning for best performance

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400,000 to 500,000 requests per second (clustered), most what i saw is 50,000 to 80,000 (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

@kevin39
kevin39 / git key verification failed
Created October 18, 2016 13:00
Git clone host verification failed
# The issue could be that Github isn't present in your ~/.ssh/known_hosts file.
# Append GitHub to the list of authorized hosts:
ssh-keyscan -H github.com >> ~/.ssh/known_hosts
@kevin39
kevin39 / Setup a restricted shell
Last active October 10, 2016 14:31
Restricted bash shell
Source : http://www.tecmint.com/rbash-a-restricted-bash-shell-explained-with-practical-examples/
# cd /bin
# ln -s bash rbash
Extra setup to improve security :
http://blog.bodhizazen.net/linux/how-to-restrict-access-with-rbash/