linux-administration-docs: A Shell repository from mStirner

Notify on ssh login/logout via gotify

Setup

Copy script ssh-notfiy.sh to /etc/ssh/login-notify.sh
Make script exectuable: chmod +x /etc/ssh/login-notify.s
Edit /etc/pam.d/sshd, add: session optional pam_exec.so seteuid /etc/ssh/login-notify.sh

Caution

Setting session optional pam_exec.so seteuid /etc/ssh/login-notify.sh to session required ... Can lead unavailable ssh login when gotify/the script fails

Links/related information:

https://askubuntu.com/a/448602/1034948

MDADM notifications via gotify

Setup

Copy script raid-realthcheck.sh to /root/raid-realthcheck.sh
Make script executable: chmod +x /root/raid-realthcheck.sh
Add to mdadm.conf (On Rocky /etc/mdadm.conf): PROGRAM /root/raid-healthcheck.sh

Links/related information:

Grow root parition (Rocky 9)

Extend partition to remaining size

install dnf install -y cloud-utils-growpart
growpart /dev/vda 2
pvs & vgs & lvs
lvextend -l +100%FREE /dev/rl_nextcloud/root
xfs_growfs /

Resize disks

#!/bin/bash
for i in `echo "sda sdb sdc sdd sde sdf sdg sdh"`; do
  echo 1 > /sys/block/$i/device/rescan
done

for i in `echo "sdb sdc sdd sde sdf sdh sdg"`; do
  echo "Fix" | parted ---pretend-input-tty /dev/$i print
  parted -s /dev/$i resizepart 1 '100%' &&
  pvresize /dev/"$i"1
done

for x in `ls /dev/mapper/vg_hana*`; do
  lvextend -l+100%FREE $x &&
  xfs_growfs $x
done

QEMU/KVM Virtualization

sudo apt install qemu-kvm virt-manager virtinst libvirt-clients bridge-utils libvirt-daemon-system -y
sudo systemctl enable --now libvirtd

Add user to groups

sudo usermod -aG kvm $USER
sudo usermod -aG libvirt $USER

Start GUI

virt-manager

Install guest agent (In Rocky 9 VMs)

sudo dnf install qemu-guest-agent

Kubernetes/k3s quick start

Prepare firewall/nodes

firewall-cmd --add-port=6443/tcp --permanent
firewall-cmd --add-port=2379/tcp --permanent
firewall-cmd --add-port=2380/tcp --permanent
firewall-cmd --reload

`kubectl` installation

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
chmod +x kubectl
mv kubectl /usr/local/bin/

k3s installation

sudo mkdir -p /etc/rancher/k3s
sudo echo "disable: traefik" > /etc/rancher/k3s/config.yaml
curl -sfL https://get.k3s.io | sh -s - server --cluster-init

Tip

Set the env var INSTALL_K3S_VERSION (e.g. export INSTALL_K3S_VERSION=v1.28.8+k3s1) to install a specific k3s/kubernetes version. Version available: https://github.com/k3s-io/k3s/releases/

Add nodes

server1

cat /var/lib/rancher/k3s/server/token

serverN

curl -sfL https://get.k3s.io | K3S_TOKEN=<Token> sh -s - server --server https://192.168.122.11:6443

Note

Set/install the same version as on the first node Environment variable INSTALL_K3S_VERSION. See tip above.

Remove/Deinstallation

/usr/local/bin/k3s-uninstall.sh
/usr/local/bin/k3s-agent-uninstall.sh

Copy cluster config

mkdir ~/.kube
cp /etc/rancher/k3s/k3s.yaml ~/.kube/config

keepalived (high availability)

Prepare (on all nodes!)

firewall-cmd --add-rich-rule='rule protocol value="vrrp" accept' --permanent
firewall-cmd --reload

Installation (& clear default config file)

yum install -y keepalived
: > /etc/keepalived/keepalived.conf

Node 1 (Master)

vrrp_instance K3S {

    state MASTER

    interface enp1s0
    virtual_router_id 10
    priority 200
    advert_int 1

    unicast_src_ip 192.168.122.11/16
    
    unicast_peer {
        192.168.122.12/16
        192.168.122.13/16
    }

    virtual_ipaddress {
	192.168.122.10/16
    }

    authentication {
        auth_type PASS
        auth_pass 1234
    }

}

Node 2 (Backup)

vrrp_instance K3S {

    state BACKUP

    interface enp1s0
    virtual_router_id 10
    priority 190
    advert_int 1

    unicast_src_ip 192.168.122.12/16
    
    unicast_peer {
        192.168.122.11/16
        192.168.122.13/16
    }

    virtual_ipaddress {
	192.168.122.10/16
    }

    authentication {
        auth_type PASS
        auth_pass 1234
    }

}

Node 3 (Backup)

vrrp_instance K3S {

    state BACKUP

    interface enp1s0
    virtual_router_id 10
    priority 180
    advert_int 1

    unicast_src_ip 192.168.122.13/16
    
    unicast_peer {
        192.168.122.11/16
        192.168.122.12/16
    }

    virtual_ipaddress {
	192.168.122.10/16
    }

    authentication {
        auth_type PASS
        auth_pass 1234
    }

}

Move files from (sub) folders into cwd

find ./ -type f -exec mv -t . {} +

mStirner/linux-administration-docs

Notify on ssh login/logout via gotify

Setup

Links/related information:

MDADM notifications via gotify

Setup

Links/related information:

Grow root parition (Rocky 9)

Extend partition to remaining size

Resize disks

QEMU/KVM Virtualization

Add user to groups

Start GUI

Install guest agent (In Rocky 9 VMs)

Kubernetes/k3s quick start

Prepare firewall/nodes

kubectl installation

k3s installation

Add nodes

Remove/Deinstallation

Copy cluster config

keepalived (high availability)

Prepare (on all nodes!)

Installation (& clear default config file)

Node 1 (Master)

Node 2 (Backup)

Node 3 (Backup)

Move files from (sub) folders into cwd

`kubectl` installation