Difference between revisions of "CentOS 8.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities"
m |
|||
(22 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 8.x]] > [[CentOS 8.x System Administration|System Administration]] > [[CentOS 8.x New machine configuration|New machine configuration]] > [[CentOS 8.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities]] | |||
Older CentOS 7.x article is present at [[CentOS 7.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities]] | Older CentOS 7.x article is present at [[CentOS 7.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities]] | ||
Line 80: | Line 79: | ||
== | ==dnf configuration and package installation== | ||
# Configure keep-cache for yum | # Configure keep-cache for yum | ||
#* Edit /etc/ | #* Edit /etc/dnf/dnf.conf and set =keepcache=1= | ||
#*: *Note cache goes to /var/cache/dnf* | #*: *Note cache goes to /var/cache/dnf* | ||
# Install required packages | # Install required packages | ||
#:<pre> | #:<pre> | ||
#:: | #:: dnf -y install epel-release #EPEL repository | ||
#:: | #:: dnf -y install htop #Colorful command-line top | ||
#:: | #:: dnf -y install gimp #Advanced image editor useful for editing pdf as images | ||
#:: | #:: dnf -y install wireshark #Packet capturing | ||
#:: | #:: dnf -y install erlang #Programming | ||
#:: | #:: dnf -y install fdupes #Duplicate file detection | ||
#:: | #:: dnf -y install libreoffice-calc libreoffice-writer libreoffice-impress #Libreoffice | ||
#:: | #:: dnf -y install p7zip #Support for 7zip | ||
#:: | #:: dnf -y install expect #For shell automation. Includes mkpasswd utility | ||
#:: | #:: dnf -y install git #For versioning | ||
#:: | #:: dnf -y install bind bind-utils #For DNS related tasks* CentOS 8.x barjatiyarklp | ||
#:: | #:: dnf -y install texlive | ||
#:: | #:: dnf -y install brasero #For burning CD/DVD | ||
#:: | #:: dnf -y install livecd-tools #For creating live USB | ||
#:: | #:: | ||
#:: | #:: dnf -y install freerdp #Windows remote desktop | ||
#:: | #:: dnf -y install texlive #For latex | ||
#:: | #:: dnf -y install thunderbird #For email | ||
#:: | #:: dnf -y install byobu #To run shell commands in background | ||
#:: | #:: dnf -y install openvpn #For vpn connectivity | ||
#:: | #:: dnf -y install ntfs-3g #NTFS file-system support | ||
#:: | #:: dnf -y install telnet nc #Telnet | ||
#:: | #:: dnf -y install minicom #For working with serial ports | ||
#:: dnf -y install pandoc #For documentation generation | |||
#:: dnf -y install encfs #For fuse encrypted filesystem | |||
#:: dnf -y install libguestfs-tools #For virt-sysprep | |||
#:: dnf -y install dia #Diagram such as flowcharts or network design editor | |||
#:: dnf -y install ImageMagick #For image editing | |||
#:: dnf -y install xsane #For scanning | |||
#:: dnf -y install texlive-wrapfig texlive-capt-of texlive-ulem texlive-translator #For org-latex exports | |||
#:: dnf -y install libvirt virt-manager #To manage VMs | |||
#:: dnf -y install texlive-translator #For compiling beamer presentations using latex | |||
#:</pre> | #:</pre> | ||
# Packages not found in CentOS 8 at time of writing | # Packages not found in CentOS 8 at time of writing | ||
#:<pre> | #:<pre> | ||
#:: | #:: dnf -y install yaws #Erlang web server | ||
#:: | #:: dnf -y install kile #Latex editor | ||
#:: | #:: dnf -y install bzr kdiff3 #For versioning and comparing files | ||
#:: | #:: dnf -y install kolourpaint #Basic image editor | ||
#:: | #:: dnf -y install unetbootin liveusb-creator #For creating live bootable USB from iso files | ||
#:</pre> | #:</pre> | ||
# Full update system | # Full update system | ||
#:<pre> | #:<pre> | ||
#:: | #:: dnf -y update --skip-broken | ||
#:</pre> | #:</pre> | ||
# Install a few games: | |||
#: <pre> | |||
#::dnf -y install blinken bomber bovo kanagram kapman katomic kblackbox kblocks kbounce kdiamond kfourinline kgoldrunner khangman kigo killbots kiriki kjumpingcube klines kmahjongg kmines knetwalk kolf kollision konquest kreversi kshisen ksirk ksnakeduel kspaceduel ktuberling kubrick lskat nethack picmi trader xrick zork | |||
#:</pre> | |||
==Install brave browser== | |||
<pre> | |||
sudo rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc | |||
sudo dnf -y install dnf-utils | |||
sudo dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/ | |||
sudo dnf install brave-browser -y | |||
</pre> | |||
Line 138: | Line 159: | ||
Refer: | Refer: | ||
* https://www.tecmint.com/install-vlc-media-player-in-rhel-centos-fedora/ | * https://www.tecmint.com/install-vlc-media-player-in-rhel-centos-fedora/ | ||
==Install broadcom-wl== | |||
# dnf -y install https://mirrors.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-8.noarch.rpm | |||
# dnf -y install broadcom-wl | |||
==Install skype== | |||
# Download skype rpm from https://www.skype.com/en/get-skype/download-skype-for-desktop/ | |||
# Install the rpm using: | |||
#:<pre> | |||
#:: dnf -y localinstall <rpm-name> | |||
#:</pre> | |||
==Download and configure anydesk== | ==Download and configure anydesk== | ||
# | # Refer [[CentOS 8.x Install anydesk]] | ||
# Restore backup of anydesk configuration: | # Restore backup of anydesk configuration: | ||
#:<pre> | #:<pre> | ||
Line 155: | Line 183: | ||
#:: ln -s /mnt/data1/workspace/application-data/anydesk/anydesk-saurabh-user.conf user.conf | #:: ln -s /mnt/data1/workspace/application-data/anydesk/anydesk-saurabh-user.conf user.conf | ||
#:</pre> | #:</pre> | ||
==Install nomachine== | |||
*[[CentOS 8.x Install nomachine]] | |||
Line 168: | Line 200: | ||
#:<pre> | #:<pre> | ||
#:: git config --global user.name "Saurabh Barjatiya" | #:: git config --global user.name "Saurabh Barjatiya" | ||
#:: git config --global user.email "saurabh | #:: git config --global user.email "saurabh [at] sbarjatiya.com" #Replace with proper email ID | ||
#:: git config --global color.ui true | #:: git config --global color.ui true | ||
#:: git config --global color.status auto | #:: git config --global color.status auto | ||
Line 206: | Line 238: | ||
#:</pre> | #:</pre> | ||
# Run thunderbird and validate email accounts are accessible | # Run thunderbird and validate email accounts are accessible | ||
# Set date-format display using [[OpenSuse Leap 15 Change date-format displayed in Thunderbird]] | |||
# Optionally set correct calendar response email ID using [[CentOS 8.x Thunderbird calendar invitation response email address]] | |||
Line 239: | Line 273: | ||
==Configure owncloud client to sync /mnt/data1/workspace/gbb/owncloud while keeping local data== | ==Configure owncloud client to sync /mnt/data1/workspace/gbb/owncloud while keeping local data== | ||
# Choose to sync folders up to 1000MB | # Choose to sync folders up to 1000MB | ||
Line 280: | Line 302: | ||
==Make sure printer is recognized and working== | ==Make sure printer is recognized and working== | ||
# yum -y install hplip gutenprint-cups | # yum -y install hplip gutenprint-cups | ||
==Configure ntp client== | |||
*[[CentOS 8.x chronyc ntp client configuration]] | |||
Line 286: | Line 312: | ||
==Configure software bridge== | ==Configure software bridge== | ||
# Refer [[Creating bridge interfaces (br0) for virtual hosts to use shared interface]] | # Refer [[CentOS 8.x Creating bridge interfaces (br0) for virtual hosts to use shared interface]] | ||
==Re-add various older VMs== | ==Re-add various older VMs== | ||
# Add use saurabh to libvirt group by editing /etc/group add adding saurabh in front of libvirt:x:. This way there wont be any password prompt while using virt-manager. | |||
# Add the VMs via disk or config file | # Add the VMs via disk or config file | ||
## Start virt-manager as normal non-root (eg saurabh) user. Add connection to Qemu/KVM if not present. | ## Start virt-manager as normal non-root (eg saurabh) user. Add connection to Qemu/KVM if not present. | ||
## Go to File -> New virtual machine | ## Go to File -> New virtual machine | ||
## Choose "Import existing disk image" | ## Choose "Import existing disk image" | ||
## Select VM disk (Eg | ## Select VM disk (Eg '<tt>/mnt/data1/large_files/vms/tally_vm/tally_vm.qcow2</tt>' ) | ||
## Select OS type "Linux" and Version "CentOS 7.0" | ## Select OS type "Linux" and Version "CentOS 7.0" | ||
## Give required RAM and CPU (Eg 2048, 2 vCPU) | ## Give required RAM and CPU (Eg 2048, 2 vCPU) | ||
Line 334: | Line 347: | ||
##: Be careful and do not delete recent snapshot taken | ##: Be careful and do not delete recent snapshot taken | ||
# Boot the VM and validate that it is still booting properly | # Boot the VM and validate that it is still booting properly | ||
==Setup apache, mariadb including DB restore and php for wikis== | ==Setup apache, mariadb including DB restore and php for wikis== | ||
Line 456: | Line 467: | ||
#:: systemctl restart httpd | #:: systemctl restart httpd | ||
#:</pre> | #:</pre> | ||
==Configure lxc== | |||
*[[CentOS 8.x install lxc]] | |||
Line 560: | Line 576: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 8.x]] > [[CentOS 8.x System Administration|System Administration]] > [[CentOS 8.x New machine configuration|New machine configuration]] > [[CentOS 8.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities]] |
Latest revision as of 14:36, 13 May 2022
Home > CentOS > CentOS 8.x > System Administration > New machine configuration > CentOS 8.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities
Older CentOS 7.x article is present at CentOS 7.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities
This is case of complete data loss on rekallcm1 and fresh setup of rekallcm1 using files from laptop(barjatiyarklp)
OS installation
- Create a live USB with CentOS 8.x installer
- Boot and select server with GUI while skipping:
- Guest Agents
- Infiband support
- .NET Core Development
- Smart card support
- Disable kdump
- Configure 192.168.1.3/24 with 192.168.1.251 as gateway and rekallcm1 as hostname
- Install OS on software RAID on 3 * 2 TB disks as follows:
- /
- ext4 - RAID 1 - 50 GB
- /boot/efi
- EFI system partition - RAID 1 - 1 GB
- swap
- swap - RAID 5 - 18 GB
- /mnt/data1
- ext4 - RAID 5 - remaining
Install Owncloud Desktop client
CentOS 8.x Owncloud linux desktop client
Sudo configuration
Run 'visudo' and append
saurabh ALL=(ALL) NOPASSWD:ALL achal ALL=(ALL) NOPASSWD:ALL jitender ALL=(ALL) NOPASSWD:ALL
Create ext4 partition on raid5 device and mount on /mnt/data1
Use:
mkfs.ext4 /dev/mapper/centos_rekallcm1-mnt_data1 mkdir -p /mnt/data1 blkid #Note UUID for /dev/mapper/centos_rekallcm1-mnt_data1 vim /etc/fstab #and append UUID="<from-above-command>" /mnt/data1 ext4 defaults 1 2 mount -a
Copy data from laptop (barjatiyarklp) to rekallcm1
cd /mnt/data1 rsync -aHz --delete root@<laptop-ip>:/mnt/data1/ ./ mkdir -p large_files mv vms large_files mkdir -p large_files/operating_systems cd large_files/operating_systems rsync -vaHz --inplace root@<laptop-ip>:/mnt/ddrive/operating_systems/ ./ #Copy /mnt/data1/personal from various backup sources
Configure history retention
- Refer Storing date / time along with commands in history
- After this exit all running shells and reopen new shell. Validate history is stored with date/time information.
Disable screen lock
- Start gnome-control-center and under Privacy, disable automatic screen-lock
- Under "Power savings" set screen going blank to never
Disable SELinux
- setenforce 0
- edit /etc/sysconfig/selinux
- SELINUX=disabled
dnf configuration and package installation
- Configure keep-cache for yum
- Edit /etc/dnf/dnf.conf and set =keepcache=1=
- *Note cache goes to /var/cache/dnf*
- Edit /etc/dnf/dnf.conf and set =keepcache=1=
- Install required packages
- dnf -y install epel-release #EPEL repository
- dnf -y install htop #Colorful command-line top
- dnf -y install gimp #Advanced image editor useful for editing pdf as images
- dnf -y install wireshark #Packet capturing
- dnf -y install erlang #Programming
- dnf -y install fdupes #Duplicate file detection
- dnf -y install libreoffice-calc libreoffice-writer libreoffice-impress #Libreoffice
- dnf -y install p7zip #Support for 7zip
- dnf -y install expect #For shell automation. Includes mkpasswd utility
- dnf -y install git #For versioning
- dnf -y install bind bind-utils #For DNS related tasks* CentOS 8.x barjatiyarklp
- dnf -y install texlive
- dnf -y install brasero #For burning CD/DVD
- dnf -y install livecd-tools #For creating live USB
- dnf -y install freerdp #Windows remote desktop
- dnf -y install texlive #For latex
- dnf -y install thunderbird #For email
- dnf -y install byobu #To run shell commands in background
- dnf -y install openvpn #For vpn connectivity
- dnf -y install ntfs-3g #NTFS file-system support
- dnf -y install telnet nc #Telnet
- dnf -y install minicom #For working with serial ports
- dnf -y install pandoc #For documentation generation
- dnf -y install encfs #For fuse encrypted filesystem
- dnf -y install libguestfs-tools #For virt-sysprep
- dnf -y install dia #Diagram such as flowcharts or network design editor
- dnf -y install ImageMagick #For image editing
- dnf -y install xsane #For scanning
- dnf -y install texlive-wrapfig texlive-capt-of texlive-ulem texlive-translator #For org-latex exports
- dnf -y install libvirt virt-manager #To manage VMs
- dnf -y install texlive-translator #For compiling beamer presentations using latex
- Packages not found in CentOS 8 at time of writing
- dnf -y install yaws #Erlang web server
- dnf -y install kile #Latex editor
- dnf -y install bzr kdiff3 #For versioning and comparing files
- dnf -y install kolourpaint #Basic image editor
- dnf -y install unetbootin liveusb-creator #For creating live bootable USB from iso files
- Full update system
- dnf -y update --skip-broken
- Install a few games:
- dnf -y install blinken bomber bovo kanagram kapman katomic kblackbox kblocks kbounce kdiamond kfourinline kgoldrunner khangman kigo killbots kiriki kjumpingcube klines kmahjongg kmines knetwalk kolf kollision konquest kreversi kshisen ksirk ksnakeduel kspaceduel ktuberling kubrick lskat nethack picmi trader xrick zork
Install brave browser
sudo rpm --import https://brave-browser-rpm-release.s3.brave.com/brave-core.asc sudo dnf -y install dnf-utils sudo dnf config-manager --add-repo https://brave-browser-rpm-release.s3.brave.com/x86_64/ sudo dnf install brave-browser -y
Install and configure emacs
- yum -y install emacs
- Ensure /home/saurabh/.emacs and /home/saurabh/.emacs.d are symlink to appropriate folders of application-data
- Validate things are working by opening to-do.org file
- Configure nautilus to open .org file via emacs by default
Install vlc
- yum -y install https://download1.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm
- yum -y install vlc
Refer:
Install broadcom-wl
- dnf -y install https://mirrors.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-8.noarch.rpm
- dnf -y install broadcom-wl
Install skype
- Download skype rpm from https://www.skype.com/en/get-skype/download-skype-for-desktop/
- Install the rpm using:
- dnf -y localinstall <rpm-name>
Download and configure anydesk
- Refer CentOS 8.x Install anydesk
- Restore backup of anydesk configuration:
- cd ~/.anydesk
- mv user.conf user-old.conf
- ln -s /mnt/data1/workspace/application-data/anydesk/anydesk-saurabh-user.conf user.conf
Install nomachine
Install chrome
- Refer CentOS 7.x Installing Google chrome
- Start chrome
- Do not make chrome default browser and Disable submitting of usage information
- Test by opening www.google.com
Configure git
- Configure various git parameters:
- git config --global user.name "Saurabh Barjatiya"
- git config --global user.email "saurabh [at] sbarjatiya.com" #Replace with proper email ID
- git config --global color.ui true
- git config --global color.status auto
- git config --global color.branch auto
- git config --global core.editor vim
- Configure to use simple push by default
- git config --global push.default simple
- Refer https://stackoverflow.com/questions/21839651/git-what-is-the-difference-between-push-default-matching-and-simple
Postfix and logwatch
- Configure postfix gmail relay using Sending email via Gmail relay through postfix
- Edit /etc/aliases and add saurabh [at] rekallsoftware.com as alias for root.
- newaliases
- Install logwatch
- systemctl start postfix
- systemctl enable postfix
Configure SSH
- Symbolic link ssh from /mnt/data1
- ln -s /mnt/data1/workspace/application-data/ssh .ssh
- ssh root@sbarjatiya.com
- Enter passphrase (4cs..) and enable automatic unlock during login
Configure thunderbird
- Create symbolic link
- ln -s /mnt/data1/workspace/application-data/thunderbird/ .thunderbird
- Run thunderbird and validate email accounts are accessible
- Set date-format display using OpenSuse Leap 15 Change date-format displayed in Thunderbird
- Optionally set correct calendar response email ID using CentOS 8.x Thunderbird calendar invitation response email address
Configure firefox
- Ensure that /home/saurabh/.mozilla is symlink to application-data folder
- Starting firefox and see that various profiles are appearing properly.
- Validate history and stored passwords are working as expected
Configure nautlius
- Open nautilus
- Create bookmarks for (Open folder and press Ctrl+D)
- /mnt/data1/workspace/gbb/owncloud/saurabh
- /mnt/data1
- /mnt/data1/plain_folders/documents/Desktop/rekall
- Configure nautilus to open .org file via emacs by default, if not done already
- vim ~/.config/user-dirs.dirs #As saurabh user
- Comment all except Desktop and Downloads
- vim /etc/xdg/user-dirs.default #As root user
- Comment all except Desktop and Downloads
- Logoff and login again
- Open nautilus and remove bookmarks for Documents, Music, Videos and Pictures
Refer:
Configure /etc/hosts
- Various AWS backup VM IPs
- rekallcm1 to its IPv4 LAN IP
Configure owncloud client to sync /mnt/data1/workspace/gbb/owncloud while keeping local data
- Choose to sync folders up to 1000MB
Install and configure fail2ban
Enable bind
- yum -y install bind bind-utils
- Configure bind for starting automatically:
- systemctl start named
- systemctl enable named
- Change DNS of machine in /etc/sysconfig/network-scripts/ifcfg-br0 file to 127.0.0.1
- Optionally edit /etc/named.conf as follows:
- Update first listen to 'listen-on port 53 { 127.0.0.1; any; };'
- Comment listen-on-v6 port 53 { ::1; };' using '//' as prefix
- Update allow-query to 'allow-query { localhost; 10.0.0.0/8; 192.168.0.0/12; 172.16.0.0/16; };'
- Disable IPv6 lookups using CentOS 7.x Disabling IPv6 lookups in bind
- Restart named if not done already
- Test by running
- nslookup www.google.com 127.0.0.1
Make sure printer is recognized and working
- yum -y install hplip gutenprint-cups
Configure ntp client
Setup various servers and services
Configure software bridge
Re-add various older VMs
- Add use saurabh to libvirt group by editing /etc/group add adding saurabh in front of libvirt:x:. This way there wont be any password prompt while using virt-manager.
- Add the VMs via disk or config file
- Start virt-manager as normal non-root (eg saurabh) user. Add connection to Qemu/KVM if not present.
- Go to File -> New virtual machine
- Choose "Import existing disk image"
- Select VM disk (Eg '/mnt/data1/large_files/vms/tally_vm/tally_vm.qcow2' )
- Select OS type "Linux" and Version "CentOS 7.0"
- Give required RAM and CPU (Eg 2048, 2 vCPU)
- Ensure that bridge br0 is selected
- Give appropriate VM name (Eg tally_vm)
- Select "Customize configuration before install"
- For "Disk 1" select "Disk Bus" as "IDE" instead of virtio
- For CPU select copy host CPU configuration option
- For Windows XP on NIC choose "e1000" instead of default virtio
- Click "Begin installation" to boot the VM.
- Download Intel Pro/1000 MT drivers for 32-bit and 64-bit windows from: https://downloadcenter.intel.com/download/18717/Network-Adapter-Drivers-for-Windows-XP-Final-Release?product=50485 As such 32-bit drivers from above link works for Tally_VM. But for other OS / VMs consider using one of the below as required:
- Download Linksys E1000 drivers from https://www.driverguide.com/driver/download/Linksys-E1000
- Download virtio drivers iso from https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso
- Copy the downloaded setup to pen drive and make it available to VM using USB redirection.
- Install the setup and Ethernet should get detected.
- Take latest snapshot of VM and delete older snapshots via qemu-img
- Start virt-manager and take at least one snapshot of all important VMs.
- If there are VM folders in /mnt/data1/large_files/vms which are not useful to be added then delete those folders
- Go to vms folder and list snapshots of existing vm disks:
- cd /mnt/data1/large_files/vms/tally_vm
- qemu-img snapshot -l tally_vm.qcow2
- qemu-img snapshot -d '<Old-snapshot-name>' tally_vm.qcow2
- Be careful and do not delete recent snapshot taken
- Boot the VM and validate that it is still booting properly
Setup apache, mariadb including DB restore and php for wikis
- Replace httpd.conf from configuration folder:
- mv /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-old
- ln -s /documents/room-documents/documents/general/configuration_files/httpd.conf /etc/httpd/conf/
- Install mariadb
- yum -y install mariadb-server
- Start and enable mariadb
- systemctl start mariadb
- systemctl enable mariadb
- Check old wiki passwords at following locations:
- /documents/public_html/notes_wiki/LocalSettings.php
- /documents/room-documents/documents/databases/mysql/notes_wiki/mediawiki/LocalSettings.php
- /documents/room-documents/documents/databases/mysql/research_wiki/mediawiki/LocalSettings.php
- /documents/room-documents/documents/databases/mysql/readme_wiki/mediawiki/LocalSettings.php
- Login as root user ('mysql -u root') and create other database accounts:
- create database wikidb_notes;
- grant all on wikidb_notes.* to wikidb_notes@localhost identified by '<password>';
- create database wikidb_res;
- grant all on wikidb_res.* to wikidb_res@localhost identified by '<password>';
- create database wikidb_readme;
- grant all on wikidb_readme.* to wikidb_readme@localhost identified by '<password>';
- create database notes_wiki;
- grant all on notes_wiki.* to notes_wiki@localhost identified by '<password>';
- flush privileges;
- \q
- Restore various database backups using:
- cd /documents/public_html/
- bunzip2 -k notes_wiki.sql.bz2
- cat notes_wiki.sql | mysql -u notes_wiki -p<password> notes_wiki
- rm -f notes_wiki.sql
- cd /documents/room-documents/documents/databases/mysql/notes_wiki/
- bunzip2 -k wikidb_notes.sql.bz2
- cat wikidb_notes.sql | mysql -u wikidb_notes -p<password> wikidb_notes
- rm -f wikidb_notes.sql
- cd /documents/room-documents/documents/databases/mysql/research_wiki
- bunzip2 -k wikidb_res.sql.bz2
- cat wikidb_res.sql | mysql -u wikidb_res -p<password> wikidb_res
- rm -f wikidb_res.sql
- cd /documents/room-documents/documents/databases/mysql/readme_wiki
- bunzip2 -k wikidb_readme.sql.bz2
- cat wikidb_readme.sql | mysql -u wikidb_readme -p<password> wikidb_readme
- rm -f wikidb_readme.sql
- Install required packages for php and php-mysql:
- yum -y install php-mysqlnd php php-xml httpd mod_ssl php-mbstring php-json
- Restart and enable httpd:
- systemctl restart httpd
- systemctl enable httpd
Setup postgreSQL databases
- Install postgreSQL and start DB
- yum -y install postgresql postgresql-server
- postgresql-setup --initdb --unit postgresql
- systemctl start postgresql
- systemctl enable postgresql
- Restore postgreSQL configuration file to allow password based logins:
- mv /var/lib/pgsql/data/pg_hba.conf /var/lib/pgsql/data/pg_hba.conf-old
- sudo ln -s /documents/room-documents/documents/general/configuration_files/pg_hba.conf /var/lib/pgsql/data/
- sudo chown postgres:postgres /documents/room-documents/documents/general/configuration_files/pg_hba.conf
- systemctl restart postgresql
- Read existing DB password in
- /documents/room-documents/public_html/bookworm/global/library/global_common.php
- Use below to create required databases:
- sudo su - postgres
- psql
- CREATE USER saurabh WITH NOSUPERUSER NOCREATEDB LOGIN ENCRYPTED PASSWORD '<password>';
- CREATE DATABASE saurabh WITH OWNER=saurabh;
- CREATE USER sen WITH NOSUPERUSER NOCREATEDB LOGIN ENCRYPTED PASSWORD '<password>';
- CREATE DATABASE sen WITH OWNER=sen;
- \q
- exit
- Restore various database backups using:
- cd /documents/room-documents/documents/databases/pgsql/
- psql -U saurabh -d saurabh < saurabh_saurabh.sql
- # cd /documents/room-documents/documents/databases/pgsql/
- # bunzip2 -k sen.sql.bz2
- # psql -U sen -d sen < sen.sql
- # rm -f sen.sql
- Note that localhost/bookworm does not seems to work with latest php packages
- Install php postgresql libraries:
- yum -y install php-pgsql
- systemctl restart httpd
Configure lxc
Configure backups for localhost and AWS VMs
- Install required packages
- yum -y install rsnapshot sshpass
- Create rsnapshot root folder:
- mkdir -p /mnt/data1/large_files/rsnapshot_backups/
- Edit /etc/rsnapshot.conf as follows ***TABS and not spaces***
- snapshot_root /mnt/data1/large_files/rsnapshot_backups/
- no_create_root 1
- cmd_ssh /usr/bin/ssh
- retain hourly 6
- retain daily 7
- retain weekly 5
- retain monthly 3
- logfile /var/log/rsnapshot
- link_dest 1
- backup /etc/ rekallcm1/
- backup /root/ rekallcm1/
- backup /var/log/ rekallcm1/
- backup /mnt/data1/erlang/ rekallcm1/
- backup /mnt/data1/personal/ rekallcm1/
- backup /mnt/data1/plain_folders/ rekallcm1/
- backup /mnt/data1/workspace/ rekallcm1/
- backup /mnt/data1/setup/ rekallcm1/
- backup /mnt/data1/windows_setup/ rekallcm1/
- backup_script /usr/bin/sshpass -p <password> mysqldump -u root -p wikidb_notes | bzip2 > /documents/room-documents/documents/databases/mysql/notes_wiki/wikidb_notes.sql.bz2 rekallcm1/.ignore1/
- backup_script /usr/bin/sshpass -p <password> mysqldump -u root -p wikidb_res | bzip2 > /documents/room-documents/documents/databases/mysql/research_wiki/wikidb_res.sql.bz2 rekallcm1/.ignore2/
- backup_script /usr/bin/sshpass -p <password> mysqldump -u root -p wikidb_readme | bzip2 > /documents/room-documents/documents/databases/mysql/readme_wiki/wikidb_readme.sql.bz2 rekallcm1/.ignore3/
- #Notes_wiki backup is taken by /documents/public_html/update.sh manually
- # sbarjatiya.com
- backup root@sbarjatiya.com:/etc/ sbarjatiya.com/
- backup root@sbarjatiya.com:/home/ sbarjatiya.com/
- backup root@sbarjatiya.com:/root/ sbarjatiya.com/
- # mail.rekallsoftware.com
- backup root@mail.rekallsoftware.com:/etc/ mail.rekallsoftware.com/
- backup root@mail.rekallsoftware.com:/home/ mail.rekallsoftware.com/
- backup root@mail.rekallsoftware.com:/root/ mail.rekallsoftware.com/
- backup root@mail.rekallsoftware.com:/var/www/html/ mail.rekallsoftware.com/
- # km.rekallsoftware.com
- backup root@km.rekallsoftware.com:/etc/ km.rekallsoftware.com/
- backup root@km.rekallsoftware.com:/home/ km.rekallsoftware.com/
- backup root@km.rekallsoftware.com:/root/ km.rekallsoftware.com/
- Create root ssh keys
- ssh-keygen
- Allow authorized access for root to
- sbarjatiya.com
- mail.rekallsoftware.com
- km.rekallsoftware.com
- SSH as root to all the above servers and accept ssh fingerprint
- Test backups using
- rsnapshot hourly
- Edit root crontab using 'crontab -e' and use:
- 0 0,4,8,12,16,20 * * * /usr/bin/rsnapshot hourly
- 45 23 * * * /usr/bin/rsnapshot daily
- 30 23 * * 0 /usr/bin/rsnapshot weekly
- 15 23 1 * * /usr/bin/rsnapshot monthly
Take fresh full backup
Take full backup on external hdd
Take fresh full backup on external hdd using:
umount /dev/sdd1 mkdir -p /mnt/usb mount /dev/sdd1 /mnt/usb mkdir yyyy-mm-dd-rekallcm1-backup cd yyyy-mm-dd-rekallcm1-backup mkdir -p mnt/data1 rsync -aH --delete /etc/ etc/ rsync -aH --delete /home/ home/ rsync -aH --delete /root/ root/ rsync -aH --delete --exclude '/cache' /var/ var/ rsync -aH --delete --exclude '/large_files' /mnt/data1/ mnt/data1/
Refer:
Home > CentOS > CentOS 8.x > System Administration > New machine configuration > CentOS 8.x Configure rekallcm1 (high-end desktop) with software raid, lxc, kvm and other utilities