Markdown, Kramdown 메모

<span style="color:red;font-weight:bold"> 빨갛게, 굵게  </span>
[link](url){:target="_blank"}

Preparation for Jekyll + Github

$ sudo apt install nodejs npm ruby ruby-dev gem build-essential
$ git clone https://github.com/minibrary/en.blog
$ git clone https://github.com/minibrary/kr.blog
$ git clone https://github.com/minibrary/jp.blog
$ npm install -g gulp
$ npm init
$ npm install

SEND E-MAIL when someone is logged in by SSH

change into your mail address and add below lined into .bashrc

IP="$(echo $SSH_CONNECTION | cut -d " " -f 1)"
HOSTNAME=$(hostname)
NOW=$(date +"%e %b %Y, %a %r")
echo 'Someone from '$IP' logged into '$HOSTNAME' on '$NOW'.' | mail -s 'SSH Login Notification' <mail address>

Study for ‘self signed certificate authority’

 include/bar.html 복사
 include/header-default.html 과 header-post.html 에서 include menu-search 삭제
 layout 폴더 각각 파일에
 include bar.html
 src/styl에 _nav.styl 복사
 src/styl 에 main.styl 에서 import nav

nginx 301 redirect

location /ko {
                return 301 https://kr.minibrary.com;
        }

APT 메모

apt update
apt upgrade
apt install 패키지

패키지 찾기

apt list | grep 패키지
apt-cache policy 패키지

SNMPv3 사용자 만들기

net-snmp-config --create-snmpv3-user -ro -A AUTHPW -X PRIVATEPASSPHRASE -a SHA -x AES USERNAME

자주 사용하는 Youtube-dl 옵션

$ sudo apt install youtube-dl
youtube-dl -f 22 -o "%(title)s.%(ext)s" 경로

Dockerfile test

FROM ubuntu:latest
MAINTAINER MiNi <minibrary@gmail.com>

RUN \
  apt-get update && \
  apt-get upgrade -y && \
  apt-get install -y \
  build-essential \
  ruby \
  ruby-dev \
  gem \
  nano \
  git \
  nodejs \
  nodejs-legacy \
  npm
  

RUN \
  gem install jekyll

RUN \
git clone https://github.com/minibrary/en.blog /home/github/en.blog && git clone https://github.com/minibrary/kr.blog /home/github/kr.blog && git clone https://github.com/minibrary/jp.blog /home/github/jp.blog

RUN \
npm install -g gulp

RUN \
cd /home/github/en.blog && npm install && \
cd /home/github/kr.blog && npm install && \
cd /home/github/jp.blog && npm install

VOLUME ["/home/github"]

EXPOSE 3000

CMD /bin/bash

Docker image run to make container

sudo docker run -i -t --name docker-test5 -p 3000:3000 github-blog:0.1

Github Clone and Pull Automation

#!/bin/bash
#Git Repository Pull Automation

#Github Username
username=minibrary

#Github Base Directory
gitdir=~/git

#Github Repositories
repo01=kr.blog
repo02=en.blog
repo03=jp.blog
#repo04=docker
#repo05=
#repo06=
#repo07=
#repo08=
#repo09=
#repo10=

for repo in $repo01 $repo02 $repo03 $repo04;
        do (
                if [ ! -d $gitdir/${repo} ]
                then
                        cd $gitdir && git clone https://github.com/$username/${repo}
                else
                        cd $gitdir/${repo} && echo -e "Repository: \033[33;44m$repo\033[0m" && git pull
                fi)
done

위의 스크립트를 .bashrc에서 불러오기

nano ~/.bashrc
# Github Pull Script
echo -e "\033[93m## Github Pull or Clone Begin ##\033[0m"
./github-pull.sh

Router/Firewall/Network sample

Test recover images with photorec

wget https://www.cgsecurity.org/testdisk-7.0.linux26-x86_64.tar.bz2

tar xvfj ~tar.bz2 file

Drop cached memory on Linux

By root

sync; echo 3 > /proc/sys/vm/drop_caches

Alias Setting

Display Aliases

alias

Modify or Create Aliase

ex) Make ll to ls -al with color

alias ll='ls -al --color=auto'

Extracting Certificate and Private Key Files from a .pfx File

Skip to end of metadata

Created and last modified by Michael Brogan on Nov 04, 2013 Go to start of metadata

Purpose

Customers sometimes have a need to export a certificate and private key from a Windows computer to separate certificate and key files for use elsewhere. Windows doesn’t provide the means to complete this process.

Exporting Certificates from the Windows Certificate Store describes how to export a certificate and private key into a single .pfx file. Follow the procedure below to extract separate certificate and private key files from the .pfx file.

Procedure

Take the file you exported (e.g. certname.pfx) and copy it to a system where you have OpenSSL installed. Note: the *.pfx file is in PKCS#12 format and includes both the certificate and the private key.

Run the following command to export the private key:

openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes

Run the following command to export the certificate:

openssl pkcs12 -in certname.pfx -nokeys -out cert.pem

Run the following command to remove the passphrase from the private key:

openssl rsa -in key.pem -out server.key 

Fix broken partition (ext4)

fsck.ext4 -cDfty -C 0 /dev/sd**
-c – check for bad sectors
-D – optimize directories if possible
-f – force check, even if filesystem seems clean
-t – print timing stats (use -tt for more)
-y – assume answer “yes” to all questions (such as, “do you want to continue”)
-C 0 – print progress info to stdout
/dev/sd** – the partition to check, e.g. /dev/sda1 for first partition (1) on first hard disk (a), etc.

For reiser FS you can use the following:

fsck.reiserfs --fix-fixable -y /dev/sd**

NGINX 여러 Virtual Server Domain / HTTP->HTTPS 등

아래 블럭을 nginx.confhttp 블럭에 넣어 두자

server {
    listen       80  default_server;
    server_name  _; # some invalid name that won't match anything
    return       444;
}

여기는 평범하게 HTTP를 HTTPS로 리다이렉트

server {
    listen 80;
    listen [::]:80;
    server_name example.minibrary.com;

    # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    root /var/www/html;
    index index.html;

    server_name example.minibrary.com;
}        

Youtube-dl

youtube-dl -f bestvideo[ext=mp4]+bestaudio[ext=m4a] -o "%(title)s.%(ext)s" URL

NFS for Raspbian Jessie

sudo apt update && sudo apt install nfs-kernel-server nfs-common
sudo update-rc.d rpcbind enable && sudo update-rc.d nfs-common enable

Observium

apt-get install libapache2-mod-php7.0 php7.0-cli php7.0-mysql php7.0-mysqli php7.0-gd php7.0-mcrypt php7.0-json php-pear snmp fping mysql-server mysql-client python-mysqldb rrdtool subversion whois mtr-tiny ipmitool graphviz imagemagick apache2

Disable My SQL STRICT_TRANS_TABLES

Disable STRICT_TRANS_TABLES: at /etc/mysql/my.cnf

[mysqld]
sql_mode=ONLY_FULL_GROUP_BY,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

PHP DEBUG

ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);

X509 parsed SSL certificate


60Array
(
    [name] => /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.google.com
    [subject] => Array
        (
            [C] => US
            [ST] => California
            [L] => Mountain View
            [O] => Google Inc
            [CN] => *.google.com
        )

    [hash] => a18bd28a
    [issuer] => Array
        (
            [C] => US
            [O] => Google Inc
            [CN] => Google Internet Authority G2
        )

    [version] => 2
    [serialNumber] => 3128375222928547080
    [validFrom] => 161215140415Z
    [validTo] => 170309133500Z
    [validFrom_time_t] => 1481810655
    [validTo_time_t] => 1489066500
    [signatureTypeSN] => RSA-SHA256
    [signatureTypeLN] => sha256WithRSAEncryption
    [signatureTypeNID] => 668
    [purposes] => Array
        (
            [1] => Array
                (
                    [0] => 1
                    [1] => 
                    [2] => sslclient
                )

            [2] => Array
                (
                    [0] => 1
                    [1] => 
                    [2] => sslserver
                )

            [3] => Array
                (
                    [0] => 
                    [1] => 
                    [2] => nssslserver
                )

            [4] => Array
                (
                    [0] => 
                    [1] => 
                    [2] => smimesign
                )

            [5] => Array
                (
                    [0] => 
                    [1] => 
                    [2] => smimeencrypt
                )

            [6] => Array
                (
                    [0] => 
                    [1] => 
                    [2] => crlsign
                )

            [7] => Array
                (
                    [0] => 1
                    [1] => 1
                    [2] => any
                )

            [8] => Array
                (
                    [0] => 1
                    [1] => 
                    [2] => ocsphelper
                )

            [9] => Array
                (
                    [0] => 
                    [1] => 
                    [2] => timestampsign
                )

        )

    [extensions] => Array
        (
            [extendedKeyUsage] => TLS Web Server Authentication, TLS Web Client Authentication
            [subjectAltName] => DNS:*.google.com, DNS:*.android.com, DNS:*.appengine.google.com, DNS:*.cloud.google.com, DNS:*.google-analytics.com, DNS:*.google.ca, DNS:*.google.cl, DNS:*.google.co.in, DNS:*.google.co.jp, DNS:*.google.co.uk, DNS:*.google.com.ar, DNS:*.google.com.au, DNS:*.google.com.br, DNS:*.google.com.co, DNS:*.google.com.mx, DNS:*.google.com.tr, DNS:*.google.com.vn, DNS:*.google.de, DNS:*.google.es, DNS:*.google.fr, DNS:*.google.hu, DNS:*.google.it, DNS:*.google.nl, DNS:*.google.pl, DNS:*.google.pt, DNS:*.googleadapis.com, DNS:*.googleapis.cn, DNS:*.googlecommerce.com, DNS:*.googlevideo.com, DNS:*.gstatic.cn, DNS:*.gstatic.com, DNS:*.gvt1.com, DNS:*.gvt2.com, DNS:*.metric.gstatic.com, DNS:*.urchin.com, DNS:*.url.google.com, DNS:*.youtube-nocookie.com, DNS:*.youtube.com, DNS:*.youtubeeducation.com, DNS:*.ytimg.com, DNS:android.clients.google.com, DNS:android.com, DNS:developer.android.google.cn, DNS:g.co, DNS:goo.gl, DNS:google-analytics.com, DNS:google.com, DNS:googlecommerce.com, DNS:urchin.com, DNS:www.goo.gl, DNS:youtu.be, DNS:youtube.com, DNS:youtubeeducation.com
            [keyUsage] => Digital Signature
            [authorityInfoAccess] => CA Issuers - URI:http://pki.google.com/GIAG2.crt
OCSP - URI:http://clients1.google.com/ocsp

            [subjectKeyIdentifier] => E1:3D:FF:F7:A0:37:F1:14:CF:E1:74:E8:B9:90:BB:FC:AA:B6:5B:B2
            [basicConstraints] => CA:FALSE
            [authorityKeyIdentifier] => keyid:4A:DD:06:16:1B:BC:F6:68:B5:76:F5:81:B6:BB:62:1A:BA:5A:81:2F

            [certificatePolicies] => Policy: 1.3.6.1.4.1.11129.2.5.1
Policy: 2.23.140.1.2.2

            [crlDistributionPoints] => 
Full Name:
  URI:http://pki.google.com/GIAG2.crl

        )

)

Regex for FQDN Validation

(?=^.{1,254}$)(^(?:(?!\d+\.|-)[a-zA-Z0-9_\-]{1,63}(?<!-)\.?)+(?:[a-zA-Z]{2,})$)

FFMPEG

for %%a in ("*.mkv") do ffmpeg -i "%%a" -crf 24 -vf scale=-1:414 "output\%%~na.mkv"