Ici, de la documentation admin sys qui a pu servir au projet tout au long de sa vie, un peu en vrac.
===== SSH =====
* Génération de clés SSH : http://doc.ubuntu-fr.org/ssh#authentification_par_un_systeme_de_cles_publiqueprivee
* Commandes en vrac :
ssh -L 8000:localhost:8888 user@serveur # redirige le port distant 8888 sur le port local 8000
===== Bash utils =====
* Commandes en vrac :
rsync -a /path/to/source/ /path/to/destination/ # copy source to destination with overwrite
rsync -au /path/to/source/ /path/to/destination/ # ... with older files only overwrite
rsync -a --ignore-existing /path/to/source/ /path/to/destination/ # ... with no overwrite
openssl x509 -noout -text -in /etc/ssl/cert.pem # voir le contenu d'un certificat X.509 (HTTPS)
===== Docker =====
* Script mettant à jour le fichier /etc/hosts avec les adresses et noms des conteneurs Docker :
#!/bin/bash
# Depuis https://github.com/dr-co/docker-resolver/blob/master/docker-hosts.sh
if ! test -z "$1"; then
exec "$@"
fi
set -e
MARKER='##- container.resolver -##'
TEMPFILE=`tempfile`
cleanup() {
grep -v "$MARKER" /etc/hosts > $TEMPFILE
cat $TEMPFILE > /etc/hosts
rm -f $TEMPFILE
}
trap "cleanup; exit" EXIT INT TERM
while true; do
grep -v "$MARKER" /etc/hosts > $TEMPFILE
docker ps| while read line; do
id=`echo $line|awk '{print $1}'`
name=`echo $line|awk '{print $NF}'`
ip=`docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' 2>/dev/null $id || true`
if test -z "$ip"; then
continue
fi
printf "%-15s %s %-25s $MARKER\n" $ip $id $name >> $TEMPFILE
done
EXISTS=`md5sum /etc/hosts|awk '{print $1}'`
NEW=`md5sum $TEMPFILE|awk '{print $1}'`
if ! test $NEW = $EXISTS; then
cat $TEMPFILE > /etc/hosts
fi
sleep ${REFRESH_INTERVAL-10}
done
* Liste des paquets Alpine : https://pkgs.alpinelinux.org/packages
* Commandes en vrac :
docker-compose up --force-recreate --build -d
===== Divers =====
* Maintenance MariaDB/MySQL :
ALTER DATABASE databasename CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
ALTER TABLE tablename CONVERT TO CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
* Systemctl :
systemctl list-units --failed
systemctl reset-failed
===== Services =====
==== MantisBT ====
* Activation de l'accès anonyme (sur profil 'invité' sur l'instance TRU) : https://www.mantisbt.org/wiki/doku.php/mantisbt:enabling_anonymous_access