mo8it/How_To_Linux
1
0
Fork 0
mirror of https://codeberg.org/Mo8it/How_To_Linux.git synced 2024-11-24 16:31:35 +00:00
Code Releases Activity

Add day_3 files

Browse source
This commit is contained in:
Mo 2022-08-24 02:43:16 +02:00
parent 89e2a5745c
commit e009156b6c
3 changed files with 469 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/SUMMARY.md
View file

@ -11,5 +11,7 @@
- [Shell glue](day_2/glue.md) - [Shell glue](day_2/glue.md)
- [Tasks](day_2/tasks.md) - [Tasks](day_2/tasks.md)
- [Day 3](day_3/README.md) - [Day 3](day_3/README.md)
- [Notes](day_3/notes.md)
- [Tasks](day_3/tasks.md)
- [Day 4](day_4/README.md) - [Day 4](day_4/README.md)
- [Day 5](day_5/README.md) - [Day 5](day_5/README.md)

336
src/day_3/notes.md Normal file
View file

@ -0,0 +1,336 @@
# Notes
## Shell tricks
### Expansion
```bash
# mkdir -p dir/sub1 dir/sub2
mkdir -p dir/sub{1,2}
# touch dir/sub1/file1.txt dir/sub1/file2.txt
touch dir/sub1/file{1,2}.txt
# cp dir/sub1/file1.txt dir/sub1/file1.txt
cp dir/sub1/file1.txt{,.bak}
```
### Globbing
```bash
# Print content of all files ending with `.sh`
cat *.sh
# Move all files visible files and directories from dir1 to dir2
mv dir1/* dir2
# Move all hidden files and directories from dir1 to dir2
mv dir1/.* dir2
# Move all visible and hidden files and directories from dir1 to dir2
# mv dir1/* dir1/.* dir2
mv dir1/{,.}* dir2
```
## Cargo
```bash
# Install. openssl-devel needed for cargo-update
sudo dnf install cargo openssl-devel
# To be able to run cargo install-update -a
cargo install cargo-update
# Install crate (package)
cargo install CRATENAME
# Update installed crates
cargo install-update -a
```
## bashrc
You write at the end of `~/.bashrc`.
### PATH
Add Cargo binaries to `PATH`:
```bash
export PATH="$PATH:$HOME/.cargo/bin"
```
### Alias
```bash
alias rm="trash"
```
## Fish
`~/.config/config.fish`
```bash
if status is-interactive
# Disable greeting message
set -g fish_greeting
# Abbreviations
abbr -ag cp "cp -i"
abbr -ag mv "mv -i"
abbr -ag rmr "rm -r"
abbr -ag rm "trash"
abbr -ag rsync "rsync -Lahz"
# Aliases
alias cat "bat"
alias lg "lazygit"
# Functions
function demo
echo "Hallo from demo function!"
echo "Arguments taken: $argv"
echo "First argument: $argv[1]"
end
end
```
Add to path:
```bash
fish_add_path ~/.cargo/bin
fish_add_path ~/.local/bin
```
## SSH
### Setup host
In `~/.ssh/config`
```
Host HOST
HostName SERVERIP
User SERVERUSER
```
### Generate key pair
```bash
ssh-keygen -t ed25519 -C "COMMENT"
```
Leave blank to take default for the prompt `Enter file in which to save the key (/home/USERNAME/.ssh/id_ed25519)`.
Then enter a passphrase for your key. **You should not leave it blank!**
### Add public key to server
```bash
ssh-copy-id -i ~/.ssh/id_ed25519.pub HOST
```
### Connect
```bash
ssh HOST
```
### Config on server
**Very important for security!** Only after adding the public key to the server!
> WARNING ⚠️ :
>
> Verify that you are only asked for the passphrase of the SSH key before continueing in this section!
>
> If you are asked for the password of the user on the server when connecting, then the authentication with a key did not work. Therefore, don't set `PasswordAuthentication no`! Fix the issue with the key authentication first. **Otherwise, you will be locked out of the server!** ⚠️
In `/etc/ssh/sshd_config` on the server:
Uncomment line with `PasswordAuthentication` and set it to `PasswordAuthentication no`
Save and exit, then run:
```bash
sudo systemctl restart sshd
```
If you are locked out after running this command, then you did not take the warning above seriously!
### Copy files
From server:
```bash
scp HOST:SRC_PATH DEST_PATH
```
To server:
```bash
scp SRC_PATH HOST:DEST_PATH
```
Options:
- `-r`, `--recursive`: For directories.
## Rsync
From server:
```bash
rsync -Lahz HOST:SRC_PATH DEST_PATH
```
To server:
```bash
rsync -Lahz SRC_PATH HOST:DEST_PATH
```
Options:
- `-a`, `--archieve`: Set of useful options to preserve permissions, use recursive mode, etc.
- `-h`, `--human-readable`: Output number in a human-readable format.
- `-z`, `--compress`: Use compression.
- `--partial`: Continue after interruption.
- `-L`, `--copy-links`: Copy links.
- `-v`, `--verbose`: Show more infos.
- `--delete`: Delete files from `DEST_PATH` if they don't exist on `SRC_PATH` anymore. **Use with caution!!!**
## Systemd
Check status of a service:
```bash
sudo systemctl status SERVICENAME
```
Enable service:
```bash
sudo systemctl enable SERVICENAME
```
Start service:
```bash
sudo systemctl start SERVICENAME
```
Enable and start service at the same time:
```bash
sudo systemctl enable --now SERVICENAME
```
Disable service:
```bash
sudo systemctl disable SERVICENAME
```
Stop service:
```bash
sudo systemctl stop SERVICENAME
```
Disable and stop service at the same time:
```bash
sudo systemctl disable --now SERVICENAME
```
## Firewalld
Install and enable firewalld:
```bash
sudo dnf install firewalld
sudo systemctl enable --now firewalld
```
View open ports and services:
```bash
sudo firewall-cmd --list-all
```
Open ports 80 (http) and 443 (https):
```bash
sudo firewall-cmd --add-service http
sudo firewall-cmd --add-service https
sudo firewall-cmd --runtime-to-permanent
```
or:
```bash
sudo firewall-cmd --add-port 80/tcp
sudo firewall-cmd --add-port 443/tcp
sudo firewall-cmd --runtime-to-permanent
```
## Podman
```bash
# Search for image
podman search python
# Pull image
podman pull docker.io/library/python:latest
# See pulled images
podman images
# Run container and remove it afterwards
podman run -it --rm docker.io/library/python:latest bash
# Create network
podman network create NETWORKNAME
# Create container
podman create \
--name CONTAINERNAME \
--network NETWORKNAME \
-e ENVVAR="Some value for the demo environment variable" \
--tz local \
docker.io/library/python:latest
# Start container
podman start CONTAINERNAME
# Enter a running container
podman exec -it CONTAINERNAME bash
# Stop container
podman stop CONTAINERNAME
# Generate systemd files
podman generate systemd --new --files --name CONTAINERNAME
# Create directory for user's systemd services
mkdir -p ~/.config/systemd/user
# Place service file
mv container-CONTAINERNAME.service ~/.config/systemd/user
# Activate user's service (container)
systemctl --user enable --now container-CONTAINERNAME
```
Keep user's systemd services live after logging out:
```bash
sudo loginctl enable-linger USERNAME
```
Options:
- `-v`, `--volume`: `SRC_PATH:DEST_PATH:L`. Label should be one of `z`, `z,ro`, `Z` or `Z,ro`.
- `--label "io.containers.autoupdate=registry"` for `podman auto-update`
- `-p`, `--publish`: `SERVER_PORT:CONTAINER_PORT`

131
src/day_3/tasks.md Normal file
View file

@ -0,0 +1,131 @@
# Tasks
Do the tasks in the given order! They depend on each other.
## Task 1: Cargo
Use `cargo` to install the following crates:
- cargo-update
- tealdeer
It might take a long time to compile everything.
Add `$HOME/.cargo/bin` to your `PATH`.
`cargo-update` should be installed to be able to run `cargo install-update -a` to update all installed crates. Try running the command. But you should not find any updates since you did just install the crates.
The crate `tealdeer` provides you with the program `tldr`.
Run `tldr --update`. Now run the following two commands:
```bash
tldr dnf
tldr apt
```
It should be obvious to you what `tldr` does after you run the commands. Try it with other programs than `dnf` and `apt`!
## Task 2: SSH
Generate a SSH key pair and send me the public key per email: mo8it@proton.me
Enter a passphrase while generating the key pair!
Don't send me the private key!!! **You should never send your private SSH keys to anyone!**
The public key ends with `.pub`.
I will then append your public key to `~/.ssh/authorized_keys` on the server that we will use in the next tasks. After I add your public key, you will be able to login to the server and do the next tasks.
Create the file `~/.ssh/config` and add the server as a host with the name `linux-lab`.
Enter this IP: 45.94.58.19
Enter this user: admin
After that I add you public key, connect to the server using the host name that you did enter in `~/.ssh/config` which should be `linux-lab`.
## Task 3: User creation
1. Create a user for you on the server after connecting with SSH. To do so, run:
```bash
sudo useradd USERNAME
```
Replace `USERNAME` with your name.
1. Now set a password for the new user:
```bash
sudo passwd USERNAME
```
1. For the new user to be able to use `sudo`, it has to be added to the `wheel` group:
```bash
sudo usermod -aG wheel USERNAME
```
`-aG` stands for _append to group(s)_.
(On debian based distros, the user should be added to the `sudo` group instead of `wheel`.)
1. Now, change your user to the new user:
```bash
sudo su USERNAME
```
You will see that the user name did change in the prompt.
1. Run the following command for verification:
```bash
whoami
```
It should not output "admin"!
Yes, the command is called `whoami`. Linux is kind of philosophical 🤔
1. Now, verify that you can run `sudo` as the new user:
```bash
sudo whoami
```
You should see "root" as output because `sudo` runs a command as the `root` user.
1. `cd` to the home directory of the new user.
1. Make sure that you are in the home directory of the new user! Run `pwd` to verify that you are NOT in `/home/admin`. **`PLEASE DON'T TOUCH /home/admin/.ssh`** ⚠️ . Now, create the directory `~/.ssh` in the home directory of the new user. Change the permissions of `~/.ssh` such that only the user has read, write and execution permissions. _group_ and _others_ should have no permissions for `~/.ssh`!
1. Create the file `authorized_keys` inside `~/.ssh`. Only the user should have read and write permissions for the file. _group_ and _others_ should have no permissions for the file!
1. Copy the content of your public key file (with `.pub` as extention) to this file. It should be one line! Then save the file.
1. Logout from the server. Go to `~/.ssh/config` that you did write at the beginning of this task. Change the user for the host `linux-lab` from `admin` to `USERNAME` where `USERNAME` is the name of the new user that you did create on the server.
1. Try to connect using the host name again. If you did everything right, you should be connected and be the user that you did create. Run `whoami` to verify that the output is not "admin".
## Task 4: File transfer
Use `scp` and then `rsync` to transfer the files that you did create during the course to the server `linux-lab`.
Do you notice any differences between the two commands?
## Task 5: Nextcloud
In this task you will deploy your own cloud on the server: Nextcloud!
To do so, we will install Nextcloud as a container using `podman`.
In this task, you should connect as the user `admin` to the server. **Don't do this task as the user that you did create in the last task!** ⚠️
To connect as `admin` again, change the user for the host `linux-lab` in `~/.ssh/config` back to `admin` or use `ssh admin@linux-lab` instead of only `ssh linux-lab`.
You can find more information about the Nextcloud container here: https://hub.docker.com/\_/nextcloud
Create a directory called `nextcloudN` in the home directory of the user `admin`. `N` at the end stands for the number that you are using in the url to connect to the browser terminal `ttydN.mo8it.xyz`.
Create a container with the following options:
- Container name: nextcloudN. `N` at the end stands for the number that you are using in the url to connect to the browser terminal `ttydN.mo8it.xyz`.
- Timezone: local
- Network: traefik
- Volume: Mount the directory `nextcloudN` that you did create into `/var/www/html` in the container. Use the label `Z`!
- ... (I will continue the task description during the lunch break)