Category: Linux

  • Firefox profile

    Here is shortcut i use for my firefox profile

    boby@hon-pc-01:~$ cat  ~/.local/share/applications/firefox-vpn.desktop 
[Desktop Entry]
Version=1.0
Name=Firefox VPN
Comment=Browse the World Wide Web
GenericName=Web Browser
Keywords=Internet;WWW;Browser;Web;Explorer
Exec=firefox -P vpn -private-window --class=Firefox-VPN %u
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=go-home
Categories=GNOME;GTK;Network;WebBrowser;
MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/chrome;video/webm;application/x-xpinstall;
StartupNotify=true
Actions=new-window;new-private-window;

[Desktop Action new-window]
Name=Open a New Window
Exec=firefox -P vpn -new-window

[Desktop Action new-private-window]
Name=Open a New Private Window
Exec=firefox -P vpn -private-window
boby@hon-pc-01:~$

    firefox

  • Encrypt

  • Encrypting a file using OpenSSL

    To encrypt a file, run

    openssl enc -aes-256-cbc -in FILE -out FILE.enc

    To decrypt, use

    openssl enc -d -aes-256-cbc -in FILE.enc -out FILE

    You can use -k option to provide password in commend line itself so it won’t prompt for password.

    Here is a script i use to take backup

    boby@hon-pc-01:~$ cat ~/bin/backup-my-files 
#!/bin/bash

cd $HOME/work/
rm -f myfiles.tar.gz myfiles.tar.gz.openssl
tar --exclude='MY_FILES/.git' -zcvf myfiles.tar.gz MY_FILES
openssl enc -aes-256-cbc -in /home/boby/work/myfiles.tar.gz -out myfiles.tar.gz.openssl

echo "Backup available in folder $HOME/work"
echo "You can decrypt file using"
echo ""
echo "openssl enc -d -aes-256-cbc -in myfiles.tar.gz.openssl -out myfiles.tar.gz"

boby@hon-pc-01:~$

    openssl

    Encrypt

  • Apache SSL

    Here is a non-SSL Apache virtual host.

    <VirtualHost *:80>
    ServerName serverok.in
    ServerAdmin [email protected]
    DocumentRoot /home/serverok.in/html
    CustomLog ${APACHE_LOG_DIR}/serverok.in.log combined
    <Directory "/home/serverok.in/html">
        Options All
        AllowOverride All
        Require all granted
        Order allow,deny
        allow from all
    </Directory>
</VirtualHost>

    To convert it to SSL VirtualHost, first change the port to 443

    Find

    <VirtualHost *:80>

    Replace with

    <VirtualHost *:443>

    Add the above Directory entry

    SSLEngine on
SSLCertificateFile /etc/ssl/DOMAIN.crt
SSLCertificateKeyFile /etc/ssl/DOMAIN.key

    The resulting VirtualHost will look like

    <VirtualHost *:443>
    ServerName serverok.in
    ServerAdmin [email protected]
    DocumentRoot /home/serverok.in/html
    CustomLog ${APACHE_LOG_DIR}/serverok.in.log combined
    SSLEngine on
    SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
    SSLCertificateFile /etc/ssl/serverok.in.crt
    SSLCertificateKeyFile /etc/ssl/serverok.in.key
    <Directory "/home/serverok.in/html">
        Options All
        AllowOverride All
        Require all granted
        Order allow,deny
        allow from all
    </Directory>
</VirtualHost>

    For added security, you can use the following config

    SSLEngine on
SSLProtocol             all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:!TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:!TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:!DSS

    Enable mod_ssl

    If you get the following error

    Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration

    You need to enable mod_ssl, to do this, run

    On Debian/Apache, run

    sudo a2enmod ssl

    Restart Apache

    sudo service apache2 restart

    Force SSL

    You can add the following code to Apache virtualhost for the website

    Redirect 301 / https://domain.ltd/

    ssl

    apache

  • time

    Timestamp in Bash Script

    TIME_STAMP="$(date +%Y%m%d-%H%M%S)"

    for timestamp like 2020-01-23 15:12:45, use

    TIME_STAMP="$(date "+%Y-%m-%d %H:%M:%S")"

    For file name

    date +"%Y-%m-%d-%H-%M-%S"

    Time stamp in PHP

    $now = date("Y-m-d-h:i:s");

    Taking backup

    mysqldump -u root -p'mv9wCAcDE3CnBV' serverok_wp > ~/serverok_wp-`date +"%Y-%m-%d-%H-%M-%S"`.sql

    Alaram/stopwatch

    Time Tracking

  • ntpdate

    ntpdate allows you to update server time with ntp servers.

    To install, run

    apt install ntpdate

    To update server time, run

    ntpdate ntp.ubuntu.com

    Example

    root@ip-172-26-2-47:~# ntpdate ntp.ubuntu.com
 3 Mar 20:32:54 ntpdate[17295]: adjust time server 91.189.91.157 offset -0.000047 sec
root@ip-172-26-2-47:~#

    Auto Update Server time with cronjob

    Method 1

    echo "ntpdate time-a.nist.gov" > /etc/cron.daily/ntpdate
chmod 755 /etc/cron.daily/ntpdate

    Method 2

    Set following cronjob

    30	22	*	*	*	/usr/sbin/ntpdate -b -s 1.pool.ntp.org

    time

  • locale-gen

    To generate 

    locale-gen en_US.UTF-8

    If you get error setlocale: LC_ALL: cannot change locale

    echo "LC_ALL=en_US.UTF-8" >> /etc/environment
echo "LANG=en_US.UTF-8" > /etc/locale.conf
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
locale-gen en_US.UTF-8

    bash: locale-gen: command not found
    bash: warning: setlocale: LC_ALL: cannot change locale
    language

  • swap

    First create a 2 GB file

    dd if=/dev/zero of=/swapfile bs=1M count=4096

    For 8 GB, use count=8192. You can also use fallocate command instead of dd.

    fallocate -l 8G /swapfile

    Make it swap

    mkswap /swapfile
chmod 0600 /swapfile
swapon /swapfile

    Add it to /etc/fstab

    echo "/swapfile swap swap defaults 0 0" >> /etc/fstab

    swapon

  • DNS Tools

    Reverse DNS/rDNS/PTR Record
    How to delete Google Cloud DNS Zone

    DNS Tools

    DNS History

    DNS Propagation Checker

    DNS

    DNS Resolver

    DNS Errors

  • Radio

    http://libretime.org/

    allow you to run your own radio station. It allow you to manage you media, playlists. It support IceCast and Shutcast as media servers.

  • dnsmasq

    Ubuntu point all .test domains to 127.0.0.1
    Install dnsmasq on Ubuntu

  • Ubuntu point all .test domains to 127.0.0.1

    Until recently .dev was popular TLD used by developers for local web development. Recently google acquired the rights to use .DEV domain name extension and forced SSL for this LTD in google chrome.

    Web developers are looking for alternate home for their local development web sites. Some suggested .localhost as development LTD, but it is too large. Another option is .test, this is a reserved LTD, so you won’t be forced to leave and is short. So many opted for .test as local development domain extension.

    DNSMasq allow you to point *.test domains to 127.0.01, so you don’t have to edit /etc/hosts and add each domain you need for local development.

    To do this, create file

    vi /etc/NetworkManager/dnsmasq.d/test

    Add following

    address=/.test/127.0.0.1

    Restart network-manager.

    service network-manager restart

    We restarted network-manager as dnsmasq is started by Network Manager.

    root@hon-pc-01:~# pstree -sp $(pidof dnsmasq)
    systemd(1)───NetworkManager(11557)───dnsmasq(11594)
    root@hon-pc-01:~#

    dnsmasq