Skip to content

Instantly share code, notes, and snippets.

@tvvignesh

tvvignesh/ops.md

Last active May 18, 2019 12:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tvvignesh/a6521e849466b18b64d47fd966d1110e to your computer and use it in GitHub Desktop.
Save tvvignesh/a6521e849466b18b64d47fd966d1110e to your computer and use it in GitHub Desktop.
Download ZIP
Quick Commands
Raw
ops.md

SEMODULE DISABLE IN CentOS

sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx

sudo semodule -i mynginx.pp

ALLOW HTTP & HTTPS TRAFFIC IN FIREWALL

sudo systemctl stop firewalld

sudo systemctl disable firewalld

(or)

firewall-cmd --permanent --zone=public --add-service=http

firewall-cmd --permanent --zone=public --add-service=https

firewall-cmd --reload

Add intermediate SSL Certificate to Domain Certificate

cat your_domain_name.crt DigiCertCA.crt >> bundle.crt

PPK TO PEM

sudo apt-get install putty-tools

puttygen server.ppk -O private-openssh -o server.pem

Reload Nginx without Restart

nginx -s reload

SSH AWS

ssh -i /path/my-key-pair.pem ec2-user@IP

KEEP SSH ALIVE

sudo nano /etc/ssh/ssh_config

Host *

ServerAliveInterval 30

Creating a Service in CentOS

sudo nano /etc/systemd/system/xyz.service [Unit]

Description=xyz Service After=network.target

[Service]

Type=simple User=username ExecStart=/usr/bin/xyz -s Restart=on-abort

[Install]

WantedBy=multi-user.target

sudo systemctl daemon-reload

sudo systemctl start xyz

Installing Docker

sudo yum install -y yum-utils device-mapper-persistent-data lvm2

sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

sudo yum install docker-ce

sudo systemctl start docker

sudo systemctl enable docker

Docker compose for root

sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose

Increase Compose Timeout

COMPOSE_HTTP_TIMEOUT=200 docker-compose up

Docker registry deployment

sudo docker run -d \ -p 5000:5000 \ --restart=always \ --privileged \ --name registry \ -v /opt/registry:/var/lib/registry \ registry:2

Reference: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-private-docker-registry-on-ubuntu-14-04#step-4-%E2%80%94-setting-up-authentication

Fix local docker registry error when logging in from ubuntu

sudo mv /usr/bin/docker-credential-secretservice /usr/bin/docker-credential-secretservice_x

See disk usage by Docker

docker system df

Remove all dangling volumes

docker volume rm `docker volume ls -q -f dangling=true`

Generating password file

sudo yum install httpd-tools sudo htpasswd -c /etc/nginx/htpasswd.users username

ELASTICSEARCH

Set vm.max_map_count:

echo 'vm.max_map_count=262144' >> /etc/sysctl.conf

sysctl -p

Set ulimit and noproc for systemd processes:

https://unix.stackexchange.com/questions/345595/how-to-set-ulimits-on-service-with-systemd

Unassigned shards:

https://www.datadoghq.com/blog/elasticsearch-unassigned-shards/

GIT

Remove from GIT Tracking

git rm --cached file.xyz

Compress loose objects

git gc --aggressive

SFTP CONFIG

Follow the instructions in https://www.howtoforge.com/tutorial/how-to-setup-an-sftp-server-on-centos/

sudo nano /etc/ssh/sshd_config

Replace the line PasswordAuthentication no with PasswordAuthentication yes. (Uncomment this line if commented.) Save and close this file.

sudo service sshd reload

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment