Bootstrapping Debian

a little helper how to generate a Debian Template. This time, it’s a VM Hosted on Vultr

New VM

1 CPU, 1GB RAM, 25GB Disk

upload debian-10.9.0-amd64-netinst.iso
boot from iso
install:      (text based)
lang:         english
country:      switzerland
locale:       US (en_US.UTF-8)
keymap:       Swiss German
nic:          ens3
hostname:     template-25G
domain:       your.domain.de
passwd:       xxxxxxxx
user:         firstname lastname / loginame
passwd:       xxxxxxxx
disk:         Guided - entire disk with LVM - (one partition | separate /home | separate /home, /var and /tmp)
              separate partition for large disks
              one partition for smaller disks
write:        yes
disk:         20GB (for guided partitioning), 5GB for Spare
write:        yes
another dvd:  no
mirror:       switzerland, debian.ethz.ch
survey:       no
software:     SSH Server, standard system utilities
grub:         yes, /dev/sda3

remove iso and reboot

login as user, su to root

mkdir /root/.ssh && chmod 600 /root/.ssh
echo "ssh-ed25519 AAAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys

halt -p
-> snapshot template-debian-25G

sha256: 5b87992169bc05b44db33f9e79fa557f81844b871c8a7566d94b8bf11841ad32

Branches

some basic commands for branches. you can read Branch Basics and Branch Management for more details

create branch

you wanna develope a feature, fix a bug, test some stuff … you need a branch !

git checkout -b feature1

push upstream

if you have a central repo, push the feature upstream (so others can checkout as well)

git push --set-upstream origin feature1

show branch

you may have multiple branches, list them all. and update pager so list will not open in VIM !

i just like this Page … Faces of OpenSource.

Thanks for all the fish, guys !

sha256: 511dfaf2c20685d4fb80884557bf2efaf1ac7f234d02d25be20687d92cb6ad11

how to update checkmk

let’s assume you already have a running version of checkmk. You should install patches / updated every few month.

Main and Download URL’s

Main URL: https://checkmk.com/de/download?edition=cre&version=stable&dist=debian&os=bullseye

https://download.checkmk.com/checkmk/1.6.0p20/check-mk-raw-1.6.0p20_0.bullseye_amd64.deb

https://download.checkmk.com/checkmk/2.0.0p12/check-mk-raw-2.0.0p12_0.bullseye_amd64.deb

Download and Install Package

Login as Root

v="2.0.0p25"
cd /tmp
wget -O checkmk.deb "https://download.checkmk.com/checkmk/${v}/check-mk-raw-${v}_0.bullseye_amd64.deb"
gdebi checkmk.deb

Update Checkmk

Switch User …

su - mysite

.. Switch User and start Update

omd status
omd version
omd stop
omd update
omd start

Cleanup

exit
omd cleanup

Check Application

Open Browser, check News and Plugins

Need a small and smart utility to manage you ssh keys under linux ? got some scripts and cronjobs which requires an local ssh key ? have a look at keychain !

Install Software

depending on your OS …

macos$ brew install keychain
debian$ sudo apt-get install keychain
openbsd$ pkg_add keychain
freebsd$ pkg install keychain

edit startup Scripts

$HOME/.bashrc $HOME/.bash_profile /etc/profile $HOME/.profile

cat << 'EOF' >> $HOME/.bashrc
# Keychain Startup
eval `keychain --eval id_ed25519`
EOF

check service

$ keychain
$ ssh-add -L

add to .profile

cat << 'EOF' >> .profile

# Keychain Loaded ? Load and show Key ...
eval $(keychain --eval id_ed25519)
echo -e "loaded keys: `ssh-add -L |cut -c 1-12,77-`\n"
EOF

List Keys

keychain --list

List Finterprints (Public Key ?)

$ keychain --list-fp

Set Timeout

Timeout for SSH Agent

Clear History

have you ever checked in some binarys, confidential stuff or something else by mistake ? Git will keep all your history, that’s their design and purpose.

how ever, if you need to cleanup once, here is a short tutorial.

Kill Git Config

cd myrepo
cat .git/config -> note down the url
url=$(git config --get remote.origin.url)
rm -rf .git

Create New Repo

git init
git add .
git commit -m "Removed history, ..."

Push Remote

git remote add origin git@host/yourrepo  <- URL you noted down above
git remote add origin $url
git push -u --force origin master

All in One

_url=$(git remote -v |awk '/fetch/ { print $2 }')
rm -rf .git
git init
git add .
git commit -m "Removed history ..."
git remote add origin ${_url}
git push -u --force origin main
unset _url

and you’re done :)

Some Install Notes

https://checkmk.de/cms_install_packages_debian.html

download and scp check-mk-enterprise-1.6.0p15.demo_0.buster_amd64.deb -> enterprise microkernel, 2 x 10 Hosts download and scp check-mk-raw-1.6.0p15_0.buster_amd64.deb -> raw edition, nagios kernel

ssh root@localhost

apt-get install dpkg-sig libnet-snmp-perl snmp
wget https://checkmk.com/support/Check_MK-pubkey.gpg
gpg --import Check_MK-pubkey.gpg
dpkg-sig --verify /tmp/check-mk-enterprise-1.6.0p15.demo_0.buster_amd64.deb
apt-get install gdebi-core
gdebi /tmp/check-mk-raw-1.6.0p15_0.buster_amd64.deb
omd version

omd create mysite
omd config

oder

omd restore /tmp/mysite.tar.gz

Install v2.0 and migrate existing Config

https://checkmk.de/cms_install_packages_debian.html

download file: check-mk-raw-2.0.0p5_0.buster_amd64.deb

scp check-mk-raw-2.0.0p5_0.buster_amd64.deb host227:/tmp/

Prepare New Host

apt install -y dpkg-sig libnet-snmp-perl snmp

wget https://checkmk.com/support/Check_MK-pubkey.gpg
gpg --import Check_MK-pubkey.gpg
dpkg-sig --verify /tmp/check-mk-raw-2.0.0p5_0.buster_amd64.deb

apt-get install gdebi-core
gdebi /tmp/check-mk-raw-2.0.0p5_0.buster_amd64.deb

omd version

Backup old Server

Backup and copy to new Server

wanna switch a local folder to a remote git repo ?

https://docs.github.com/en/github/using-git/adding-a-remote

GitoLite

create git repo with gitolite (myproject)

add Folder

cd myproject

git init
git remote add origin git@your-git-server:myproject

check Status

git remote -v
git status

add all existing Files, commit and push to remote

git add .
git commit -m "initial commit"
git push --set-upstream origin master

sha256: ba5ff311face100add7e9b21efbbb86af94545d3aec2cf8d920ea55ba5353464

debian on apu

boot

menu -> tab

-> debian-installer/i386/linux vga=788 initrd=debian-installer/i386/initrd.gz — console=ttyS0,115200

enter

space

:)

english

country switzerland

nic0

hostname apu005

domain planet

mirror ch -> ftp.ch.debian.org

root password

Partitioning: entire Disk & LVM

Separate /home /var /tmp

survey no

soft: standard system utilities & ssh server

grub yes

braucht ca. 30min !

automated

https://www.debian.org/releases/stable/amd64/apbs02.en.html https://www.debian.org/releases/buster/example-preseed.txt

Packages

apt-get -y install net-tools git htop

Reboot

geht 40 Sekunden

sha256: de990ff6c33196dbecc6d133f0fc29686ded54fa7357d30e7dc36a59f0368eb0

Troubleshooting Crontab Problems

Dump the Environment

add this line to root’s crontab

* * * * * env > /root/cronenv

Load the Environment

env - $(cat /root/cronenv) /bin/sh

Run your script

./script_with_env_problems.sh

and check it’s output …

sha256: de1667fb4003135420244f48280d72e03d7559b675ab6b4a9c020b0725866525