sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx
sudo semodule -i mynginx.pp
sudo systemctl stop firewalld
sudo systemctl disable firewalld
(or)
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
cat your_domain_name.crt DigiCertCA.crt >> bundle.crt
sudo apt-get install putty-tools
puttygen server.ppk -O private-openssh -o server.pem
nginx -s reload
ssh -i /path/my-key-pair.pem ec2-user@IP
sudo nano /etc/ssh/ssh_config
Host *
ServerAliveInterval 30
sudo nano /etc/systemd/system/xyz.service
[Unit]
Description=xyz Service After=network.target
[Service]
Type=simple User=username ExecStart=/usr/bin/xyz -s Restart=on-abort
[Install]
WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl start xyz
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install docker-ce
sudo systemctl start docker
sudo systemctl enable docker
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
COMPOSE_HTTP_TIMEOUT=200 docker-compose up
sudo docker run -d \ -p 5000:5000 \ --restart=always \ --privileged \ --name registry \ -v /opt/registry:/var/lib/registry \ registry:2
sudo mv /usr/bin/docker-credential-secretservice /usr/bin/docker-credential-secretservice_x
docker system df
docker volume rm `docker volume ls -q -f dangling=true`
sudo yum install httpd-tools
sudo htpasswd -c /etc/nginx/htpasswd.users username
Set vm.max_map_count:
echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
sysctl -p
Set ulimit and noproc for systemd processes:
https://unix.stackexchange.com/questions/345595/how-to-set-ulimits-on-service-with-systemd
Unassigned shards:
https://www.datadoghq.com/blog/elasticsearch-unassigned-shards/
git rm --cached file.xyz
git gc --aggressive
Follow the instructions in https://www.howtoforge.com/tutorial/how-to-setup-an-sftp-server-on-centos/
sudo nano /etc/ssh/sshd_config
Replace the line PasswordAuthentication no
with PasswordAuthentication yes
. (Uncomment this line if commented.) Save and close this file.
sudo service sshd reload