Docker, DNS container startup script

Docker, command line below can not auto start upon server boot up

docker run -d --rm -it --name dnsmasq -v ${PWD}/dnsmasq.d:/etc/dnsmasq.d:ro -v ${PWD}/hosts:/etc/hosts -v ${PWD}/dnsmasq.conf:/etc/dnsmasq.conf -v /var/log/dnsmasq/dnsmasq.log:/var/log/dnsmasq.log -p 53:53/tcp -p 53:53/udp dnsmasq

Changes:
${PWD}  =>  /home/ubuntu/dnsmasq
--rm    =>  --restart unless-stopped 

docker run -d -it --name dnsmasq -v /home/ubuntu/dnsmasq/dnsmasq.d:/etc/dnsmasq.d:ro -v /home/ubuntu/dnsmasq/hosts:/etc/hosts -v /home/ubuntu/dnsmasq/dnsmasq.conf:/etc/dnsmasq.conf -v /var/log/dnsmasq/dnsmasq.log:/var/log/dnsmasq.log -p 53:53/tcp -p 53:53/udp dnsmasq

Read More

How to Enable ssl nginx on Ubuntu 22.04

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem

sudo openssl dhparam -out /etc/nginx/dhparam.pem 4096

sudo nano /etc/nginx/snippets/ssl-params.conf

cd /etc/nginx/sites-available

sudo cp defaul ssl-default

sudo nano ssl-default

---> enable port 443

include snippets/snakeoil.conf;

include snippets/ssl-params.conf;

save and exit nano

sudo ln -s /etc/nginx/sites-available/ssl-default /etc/nginx/sites-enabled/ssl-default

sudo nginx -t

sudo systemctl restart nginx

ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem; 
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_session_timeout  10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable strict transport security for now. You can uncomment the following
# line if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

Read More

How to Install Docker on Ubuntu 22.04

cd ~

sudo apt update

sudo apt install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update

apt-cache policy docker-ce

sudo apt install docker-ce

sudo systemctl status docker

sudo usermod -aG docker ${USER}

su - ${USER}

Source:
https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-22-04

Read More

How to Enable snmp Daemon

$ sudo apt update

$ sudo apt install snmp snmpd snmp-mibs-downloader

$ sudo nano /etc/snmp/snmpd.conf

Then set rocommunity password securely:

agentaddress  udp:161

view   systemonly  included   .1.3.6.1.2.1

view   systemonly  included   .1.3.6.1.4.1
rocommunity  public1234xA12 default -V systemonly

$ sudo systemctl restart snmpd

Securing SNMP Configuration

Security is a critical aspect when configuring SNMP. Always ensure that community strings are complex and not easily guessable. Additionally, restrict access to your SNMP service to trusted hosts only.

Cikarang, West Java - 20240810/06:11AM.

Read More

How to test your Linux Antivirus (eicar)

Here are the step I follow to test if antivirus is working: 

Download these antivirus test file, do not be afraid they are will not harm to your server. 

$ cd ~ && mkdir virustest

$ wget https://secure.eicar.org/eicarcom2.zip 

$ wget https://secure.eicar.org/eicar_com.zip 

$ wget https://secure.eicar.org/eicar.com.txt 

$ wget https://secure.eicar.org/eicar.com 

$ clamscan ./

Note: these virus pattern testing file also recognized by Windows antivirus, just make a try there.

Read More

Antivirus for Linux (clamav)

Antivirus for linux mostly delivered as commercial product, rare to be a free. Among free of charge antivirus for linux, but with limited features is clamav. 

How to install clamav? 

$ sudo apt update 

$ sudo apt install clamav 

How use use clamav to scan virus? 

$ clamscan /path/to/target

How to update clamav virus definition file?

$ sudo freshclam 

How to see version? 

$ clamscan --version

Ddy/@Pekanbaru, Jul 2024.

Read More

Ansible Ubuntu 24.04 LTS

Ansible installation on Ubuntu 24.04LTS sudo apt update sudo apt upgrade sudo apt install ansible sudo mkdir /etc/ansible sudo chown user:user /etc/ansible ansible-config init --disabled > /etc/ansible/ansible.cfg nano /etc/ansible/hosts Test ping ansible all -m ping

Read More

Tutorial Network 01

 Jaringan sederhana berikut terdiri dari 2 komputer.

Read More