Skip to main content
Menu
Notes | Cheatsheets
Notes

Monitor and Alert SSH Login Activty

September 3, 2021
linux, mail
devops, monitoring

Edit sshrc file # vi /et/ssh/sshrc Add following lines ip=`echo $SSH_CONNECTION | cut -d " " -f 1` logger -t ssh-wrapper $USER login from $ip echo "User $USERjust logged in from $ip" | mail -s "[ATTENTION] $USERJust logged in from $ip" your-email@your-domain.com Monitor your ssh authorized_keys changes # create notify.sh script file and add following code of lines #!/bin/bash [[ -z `find /home/ubuntu/.ssh/authorized_keys -mmin -1` ]] if [ $? ...

Configure SMTP with Gmail Using Postfix

September 3, 2021
linux, mail
devops, monitoring

Setup Google App password # Go account security https://myaccount.google.com/security Create App Password Select App as Mail Select Device (other) > name your system Generate Note down Generated password Install all necessary packages # sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules Edit postfix config file # vi /etc/postfix/main.cf and following lines to it: relayhost = [smtp.gmail.com]:587 smtp_tls_security_level = may smtp_sasl_auth_enable = yes smtp_sasl_security_options = smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_use_tls = yes mydestination = inet_protocols = ipv4 Edit sasl_passwd file # vi /etc/postfix/sasl_passwd add gmail username and generate password ...

Kubernetes Basic Concepts Note

June 25, 2021
devops, kubernetes
devops, concept

Architecture # Nodes # In Kubernetes nodes are the physical or virtual machines where workloads runs. Each nodes are managed by control plane and contains the services necessary to run Pods. Master Node # The master node’s role is the command and control for all the other worker nodes. There are many containers running on the master node, the primary of which is the kube-apiserver , which is responsible for validating the configure data for the API objects such as pods, services and others. ...

Setup SSL/TLS using certbot with NGINX

January 6, 2020
linux
nginx

Install Certbot # add-apt-repository ppa:certbot/certbot apt-get update apt-get install python-certbot-nginx Obtain the SSL/TLS Certificate # certbot --nginx -d xyz.com -d www.xyz.com Obtain wildcard Certificate # certbot certonly --manual -d '*.xyz.com' Install NGINX # apt-get install nginx -y Set Up NGINX # NGINX Config file # /etc/nginx/nginx.conf # user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## map $http_upgrade $connection_upgrade { default upgrade; '' close; } sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime. ...

SSH Dynamic Port Forwarding on Linux

May 28, 2021
linux
ssh

Step 1 # Generate SSH keys through ssh-keygen ssh-keygen Step 2 # Copy your public key form ~/.ssh/id_rsa.pub $ cat ~/.ssh/id_rsa.pub Step 3 # Login into your remote hosted linux machine Step 4 # Create authorized_keys file and put your public key into ~/.ssh/ directory Step 5 # Create config file with below data and put into your local system where your public and private ssh key exist ...

Terraform Script to Provision Windows Server

January 16, 2020
devops
terraform

File Structure # ── windows-server-tf/ ├── key.tf ├── provider.tf ├── test.txt ├── vars.tf ├── versions.tf └── windows.tf key.tf file # resource "aws_key_pair" "windows-key" { key_name = "windows-key" public_key = file(var.PATH_TO_PUBLIC_KEY) } provider.tf file # provider "aws" { region = var.AWS_REGION } test.txt file # test file vars.tf file # variable "AWS_REGION" { default = "us-east-1" } variable "PATH_TO_PRIVATE_KEY" { default = "windows" } variable "PATH_TO_PUBLIC_KEY" { default = "windows. ...