Remove is-* tags from blockquotes
This commit is contained in:
parent
5193aafc18
commit
40f8732154
@ -38,4 +38,3 @@ Change compression
|
|||||||
`# kopia snapshot list (path)`
|
`# kopia snapshot list (path)`
|
||||||
|
|
||||||
> [Check the "Getting Started" Page for more options](https://kopia.io/docs/getting-started/)
|
> [Check the "Getting Started" Page for more options](https://kopia.io/docs/getting-started/)
|
||||||
{.is-info}
|
|
||||||
|
@ -4,7 +4,6 @@ title: 'Xen Orchestra'
|
|||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
> Use the script [XenOrchestraInstallerUpdater](https://github.com/ronivay/XenOrchestraInstallerUpdater) to install Xen Orchestra from sources.
|
> Use the script [XenOrchestraInstallerUpdater](https://github.com/ronivay/XenOrchestraInstallerUpdater) to install Xen Orchestra from sources.
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
### Installation within VM
|
### Installation within VM
|
||||||
The supported distibutions are listed in the Github README.
|
The supported distibutions are listed in the Github README.
|
||||||
@ -30,7 +29,6 @@ A local SSH tunnel is established, forwarding port 443 on dom0 instead.
|
|||||||
One prerequisite is ssh-key based access to dom0 from the xen orchestra VM. See [SSH](/remote/ssh)
|
One prerequisite is ssh-key based access to dom0 from the xen orchestra VM. See [SSH](/remote/ssh)
|
||||||
|
|
||||||
> Based on testing and [this forum post](https://xen-orchestra.com/forum/topic/528/connection-port-in-settings-servers-not-used-for-console) it is known the Xen API returns the dom0 public IP address for additional connections within Xen Orchestra. This includes the VM console and usage statistics for example.
|
> Based on testing and [this forum post](https://xen-orchestra.com/forum/topic/528/connection-port-in-settings-servers-not-used-for-console) it is known the Xen API returns the dom0 public IP address for additional connections within Xen Orchestra. This includes the VM console and usage statistics for example.
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
To work around this issue, a firewall rule can be used to redirect traffic outbound to dom0 on port 443 to the local ssh tunnel instead.
|
To work around this issue, a firewall rule can be used to redirect traffic outbound to dom0 on port 443 to the local ssh tunnel instead.
|
||||||
|
|
||||||
@ -86,7 +84,6 @@ To remove this rule again, edit `/etc/firewalld/direct.xml`
|
|||||||
This section provides documentation on basic firewall usage. For example, allowing port 22/tcp for ssh with `firewalld`.
|
This section provides documentation on basic firewall usage. For example, allowing port 22/tcp for ssh with `firewalld`.
|
||||||
|
|
||||||
> In general, [this guide by Digital Ocean](https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7) provides a good starting point.
|
> In general, [this guide by Digital Ocean](https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7) provides a good starting point.
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
For this Host the services `http`, `https` and `ssh` are allowed.
|
For this Host the services `http`, `https` and `ssh` are allowed.
|
||||||
|
|
||||||
@ -94,4 +91,3 @@ For this Host the services `http`, `https` and `ssh` are allowed.
|
|||||||
### Exclude VM Disks from Backup
|
### Exclude VM Disks from Backup
|
||||||
To exclude disks from backup jobs, one can prepend the disk name with `[NOBAK]`
|
To exclude disks from backup jobs, one can prepend the disk name with `[NOBAK]`
|
||||||
> Also see [the official documentation](https://xen-orchestra.com/docs/backups.html#exclude-disks)
|
> Also see [the official documentation](https://xen-orchestra.com/docs/backups.html#exclude-disks)
|
||||||
{.is-info}
|
|
||||||
|
@ -69,4 +69,3 @@ WantedBy=timers.target
|
|||||||
`# systemctl enable --now podman-image-prune.timer`
|
`# systemctl enable --now podman-image-prune.timer`
|
||||||
|
|
||||||
> [Documentation](https://docs.podman.io/en/latest/markdown/podman-image-prune.1.html)
|
> [Documentation](https://docs.podman.io/en/latest/markdown/podman-image-prune.1.html)
|
||||||
{.is-info}
|
|
@ -77,7 +77,6 @@ Add this following line:
|
|||||||
The main config file is `(nextcloud dir)/config/config.php`
|
The main config file is `(nextcloud dir)/config/config.php`
|
||||||
#### Automatic Trash clearing
|
#### Automatic Trash clearing
|
||||||
> [See this page](https://bayton.org/docs/nextcloud/nextcloud-hoarding-trash-how-to-force-automatic-removal-of-deleted-items/) for more options
|
> [See this page](https://bayton.org/docs/nextcloud/nextcloud-hoarding-trash-how-to-force-automatic-removal-of-deleted-items/) for more options
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
This settings keeps the files for 15 days, unless drive space is getting low.
|
This settings keeps the files for 15 days, unless drive space is getting low.
|
||||||
In that case it delets them earlier.
|
In that case it delets them earlier.
|
||||||
@ -117,7 +116,6 @@ Dump database to file
|
|||||||
``mysqldump --single-transaction -h [server] -u [username] -p[password] [db_name] > nextcloud-sqlbkp_`date +"%Y%m%d"`.bak``
|
``mysqldump --single-transaction -h [server] -u [username] -p[password] [db_name] > nextcloud-sqlbkp_`date +"%Y%m%d"`.bak``
|
||||||
|
|
||||||
> [Official documentation](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html)
|
> [Official documentation](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
#### Backup Script
|
#### Backup Script
|
||||||
```
|
```
|
||||||
@ -147,11 +145,10 @@ mariadb -h $server -u $username -p$password -e "CREATE DATABASE nextcloud CHARA
|
|||||||
`mariadb -h $server -u $username -p$password $db_name < nextcloud-sqlbkp.bak`
|
`mariadb -h $server -u $username -p$password $db_name < nextcloud-sqlbkp.bak`
|
||||||
|
|
||||||
> [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/restore.html)
|
> [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/restore.html)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
## Collabora Online Container
|
## Collabora Online Container
|
||||||
> Unfinished
|
> Unfinished
|
||||||
{.is-warning}
|
|
||||||
```
|
```
|
||||||
# podman run -t -d --name collabora-online -p 9980:9980 \
|
# podman run -t -d --name collabora-online -p 9980:9980 \
|
||||||
-e "extra_params=--o:ssl.enable=false" \
|
-e "extra_params=--o:ssl.enable=false" \
|
||||||
@ -162,7 +159,7 @@ mariadb -h $server -u $username -p$password -e "CREATE DATABASE nextcloud CHARA
|
|||||||
|
|
||||||
## Onlyoffice Container
|
## Onlyoffice Container
|
||||||
> Unfinished
|
> Unfinished
|
||||||
{.is-warning}
|
|
||||||
```
|
```
|
||||||
# podman run -it -d --name onlyoffice -p 9480:80 \
|
# podman run -it -d --name onlyoffice -p 9480:80 \
|
||||||
--restart always \
|
--restart always \
|
||||||
|
@ -132,5 +132,4 @@ PersistentKeepalive = 5
|
|||||||
## Iptables no local access ssh user
|
## Iptables no local access ssh user
|
||||||
> [Block outgoing network access for single user](https://www.cyberciti.biz/tips/block-outgoing-network-access-for-a-single-user-from-my-server-using-iptables.html)
|
> [Block outgoing network access for single user](https://www.cyberciti.biz/tips/block-outgoing-network-access-for-a-single-user-from-my-server-using-iptables.html)
|
||||||
> [Restrict internet access for user](https://unix.stackexchange.com/questions/21650/how-to-restrict-internet-access-for-a-particular-user-on-the-lan-using-iptables)
|
> [Restrict internet access for user](https://unix.stackexchange.com/questions/21650/how-to-restrict-internet-access-for-a-particular-user-on-the-lan-using-iptables)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
|
@ -18,7 +18,6 @@ The config can be found under `/etc/powerdns/pdns.conf`
|
|||||||
|
|
||||||
For MySQL I chose `launch=gmysql`
|
For MySQL I chose `launch=gmysql`
|
||||||
> A [list of backends can be found here](https://doc.powerdns.com/authoritative/backends/index.html)
|
> A [list of backends can be found here](https://doc.powerdns.com/authoritative/backends/index.html)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
Add the following parameters below `launch=gmysql`
|
Add the following parameters below `launch=gmysql`
|
||||||
```
|
```
|
||||||
@ -95,10 +94,8 @@ To bind to all interfaces, use `local-address=::,0.0.0.0`
|
|||||||
## DNSSEC
|
## DNSSEC
|
||||||
### Authoritative Server
|
### Authoritative Server
|
||||||
> *TODO*
|
> *TODO*
|
||||||
{.is-warning}
|
|
||||||
|
|
||||||
> https://doc.powerdns.com/authoritative/dnssec/index.html
|
> https://doc.powerdns.com/authoritative/dnssec/index.html
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
### Recursor Server
|
### Recursor Server
|
||||||
To fully enable DNSSEC, set `dnssec=process-no-validate` to `dnssec=validate`
|
To fully enable DNSSEC, set `dnssec=process-no-validate` to `dnssec=validate`
|
||||||
@ -110,7 +107,6 @@ Show domains with disabled DNSSEC
|
|||||||
`# rec_control get-ntas`
|
`# rec_control get-ntas`
|
||||||
|
|
||||||
> [DNSSEC Testing](https://wiki.debian.org/DNSSEC#Test_DNSSEC)
|
> [DNSSEC Testing](https://wiki.debian.org/DNSSEC#Test_DNSSEC)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
## WebGUI
|
## WebGUI
|
||||||
### PowerDNS-Admin
|
### PowerDNS-Admin
|
||||||
|
@ -32,7 +32,6 @@ Accept the EULA by editing `/etc/minecraft/forge-(version)/eula.txt`
|
|||||||
|
|
||||||
## Systemd Service
|
## Systemd Service
|
||||||
> Adapted from [this gist](https://gist.github.com/dotStart/ea0455714a0942474635)
|
> Adapted from [this gist](https://gist.github.com/dotStart/ea0455714a0942474635)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
`/etc/systemd/system/minecraft.service`
|
`/etc/systemd/system/minecraft.service`
|
||||||
```
|
```
|
||||||
@ -64,7 +63,6 @@ WantedBy=multi-user.target
|
|||||||
|
|
||||||
## Systemd Service with STDIN available
|
## Systemd Service with STDIN available
|
||||||
> Based on [this stackexchange answer](https://unix.stackexchange.com/questions/598221/how-to-control-systemd-service-using-screen/612118#612118)
|
> Based on [this stackexchange answer](https://unix.stackexchange.com/questions/598221/how-to-control-systemd-service-using-screen/612118#612118)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
`/etc/systemd/system/minecraft.socket`
|
`/etc/systemd/system/minecraft.socket`
|
||||||
```
|
```
|
||||||
|
@ -27,7 +27,6 @@ Initialize the step-cli client
|
|||||||
|
|
||||||
## Create Certificates
|
## Create Certificates
|
||||||
> [Official documentation](https://smallstep.com/docs/step-cli/basic-crypto-operations)
|
> [Official documentation](https://smallstep.com/docs/step-cli/basic-crypto-operations)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
Enter the container
|
Enter the container
|
||||||
`# podman exec -it step-ca bash`
|
`# podman exec -it step-ca bash`
|
||||||
@ -49,7 +48,6 @@ Point your ACME client to `https://(domain/ip):9000/acme/(provisioner-name)/dire
|
|||||||
## Device Truststore
|
## Device Truststore
|
||||||
### Arch Linux
|
### Arch Linux
|
||||||
> [Archwiki Article on TLS](https://wiki.archlinux.org/title/Transport_Layer_Security#Add_a_certificate_to_a_trust_store)
|
> [Archwiki Article on TLS](https://wiki.archlinux.org/title/Transport_Layer_Security#Add_a_certificate_to_a_trust_store)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
Add new trust anchor
|
Add new trust anchor
|
||||||
`# trust anchor (root ca.crt)`
|
`# trust anchor (root ca.crt)`
|
||||||
|
@ -30,7 +30,6 @@ podman run --name gitea -p 3000:3000 \
|
|||||||
|
|
||||||
The next few lines are used to set up ssh-redirection to gitea if it is used to clone a repo.
|
The next few lines are used to set up ssh-redirection to gitea if it is used to clone a repo.
|
||||||
> See also the [official documentation](https://docs.gitea.io/en-us/install-with-docker/#sshing-shim-with-authorized_keys)
|
> See also the [official documentation](https://docs.gitea.io/en-us/install-with-docker/#sshing-shim-with-authorized_keys)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
`$ sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"`
|
`$ sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"`
|
||||||
`$ sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys`
|
`$ sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys`
|
||||||
|
@ -3,7 +3,6 @@ title: Grav
|
|||||||
---
|
---
|
||||||
|
|
||||||
> [Official Documentation](https://learn.getgrav.org/17)
|
> [Official Documentation](https://learn.getgrav.org/17)
|
||||||
{.is-info}
|
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
`# apt install nginx php php-fpm php-gd php-apcu php-yaml php-zip php-xml php-mbstring php-curl unzip`
|
`# apt install nginx php php-fpm php-gd php-apcu php-yaml php-zip php-xml php-mbstring php-curl unzip`
|
||||||
|
Loading…
Reference in New Issue
Block a user