port forwading

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Security_Guide/s1-firewall-ipt-fwd.html

http://serverfault.com/questions/342407/linux-how-to-port-forwarding-with-iptables-between-2-hosts-on-different-network


mysql server 실행

docker run --name chozo99 --rm -e MYSQL_ROOT_PASSWORD=**** mysql:5.5


docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99


local 에서 mysql 접속...

mysql --host=`docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99` -uroot -p'****' mysql


외부에서 접속시 포트개방

$ echo 1 > /proc/sys/net/ipv4/ip_forward


$ iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 3306 -j DNAT \

      --to `docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99`:3306

$ iptables -t nat  -A POSTROUTING -j MASQUERADE


reference

iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 3306 -j DNAT \

      --to `docker inspect --format '{{ .NetworkSettings.IPAddress }}' chozo99`:3306

$ iptables -t nat -D POSTROUTING -j MASQUERADE


iptables -t nat -L PREROUTING  -n --line-numbers

iptables -t nat -D PREROUTING 2






http://blog.docker.com/2013/07/how-to-use-your-own-registry/

https://github.com/docker/docker-registry


0. https://github.com/docker/docker-registry  설치

$ docker run -p 5000:5000 registry 

or

$ docker run --name my_registry -p 5000:5000 -v /my_storage/registry:/tmp/registry registry



1. 해당 이미지의 IMAGE ID 확인

$ docker images 

REPOSITORY                 TAG                 IMAGE ID            CREATED             VIRTUAL SIZE

1234                       latest              40e372dbf7a1        23 hours ago        780.6 MB


2. tag

ps. 푸시 할때 REPOSITORY 를 이용하므로 자신의 repository 주소를 포함한 이름으로 수정 해야함.

이름작성시 domain 구분자(.) 또는  port 구분자(:) 가 있어야함

일반적으로 REPOSITORY 는 username/imagename

따라서 REPOSITORY 를 보고 Public 인지 판단.


$ docker tag 40e372dbf7a1 192.168.20.211:5000/1234

$ docker  images 

REPOSITORY                 TAG                 IMAGE ID            CREATED             VIRTUAL SIZE

1234                       latest              40e372dbf7a1        22 hours ago        780.6 MB

192.168.20.211:5000/1234   latest              40e372dbf7a1        22 hours ago        780.6 MB


3. push

$ docker push 192.168.20.211:5000/1234


4. Search

$ docker search 192.168.20.211:5000/123

NAME           DESCRIPTION   STARS     OFFICIAL   AUTOMATED

library/1234                 0                    

or

$ curl -X GET http://192.168.20.211:5000/v1/search

{"num_results": 1, "query": "", "results": [{"description": "", "name": "library/1234"}]}

-----

$ curl -X GET http://192.168.20.211:5000/v1/search | python -m json.tool

{

    "num_results": 1,

    "query": "",

    "results": [

        {

            "description": "",

            "name": "library/1234"

        }

    ]

}


5. Delete

namespace=library; repository=1234

$ curl -X DELETE http://192.168.20.211:5000/v1/repositories/1234/




Note. 

docker pull/push 할때 아래 에러 발생시, 해당 머신의 docker 데몬 옵션 변경 필요 ( registry server 아님 )

ps. trusted 된 인증이 아니라면( by 인증기관 ) 간단히 아래 처럼 사용 ( self cert  안됨 : ... x509: certificate signed by unknown authority ... 에러 발생)




FATA[0004] Error: v1 ping attempt failed with error: Get https://192.168.20.211:5000/v1/_ping: EOF. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry 192.168.20.211:5000` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/192.168.20.211:5000/ca.crt


기본적으로 ssl을 사용하므로, 인증서가 필요함

간단히 사용하고자 한다면 


/etc/default/docker 파일에 아래 추가

DOCKER_OPTS="$DOCKER_OPTS --insecure-registry=192.168.20.211:5000"


$ service docker restart



http://askubuntu.com/questions/168280/how-do-i-grant-sudo-privileges-to-an-existing-user


sudo usermod -a -G sudo <username>


       -a, --append

           Add the user to the supplementary group(s). Use only with the -G option.


       -G, --groups GROUP1[,GROUP2,...[,GROUPN]]]

           A list of supplementary groups which the user is also a member of. Each group is separated from the next by a comma, with no

           intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option.


           If the user is currently a member of a group which is not listed, the user will be removed from the group. This behaviour can be

           changed via the -a option, which appends the user to the current supplementary group list.






useradd -U -s /bin/bash -m <username>


       -U, --user-group

           Create a group with the same name as the user, and add the user to this group.


           The default behavior (if the -g, -N, and -U options are not specified) is defined by the USERGROUPS_ENAB variable in /etc/login.defs.



       -s, --shell SHELL

           The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell

           specified by the SHELL variable in /etc/default/useradd, or an empty string by default.



       -m, --create-home

           Create the user's home directory if it does not exist. The files and directories contained in the skeleton directory (which can be

           defined with the -k option) will be copied to the home directory.


           By default, if this option is not specified and CREATE_HOME is not enabled, no home directories are created.




https://www.digitalocean.com/community/tutorials/how-to-install-java-on-ubuntu-with-apt-get


sudo apt-get install software-properties-common

sudo add-apt-repository ppa:webupd8team/java

sudo apt-get update

sudo apt-get install oracle-java8-installer


alternative

sudo update-alternatives --config java



ref: https://docs.docker.com/installation/ubuntulinux/#ubuntu-trusty-1404-lts-64-bit


Ubuntu-maintained Package Installation

To install the latest Ubuntu package (this is not the most recent Docker release):


$ sudo apt-get update

$ sudo apt-get install docker.io

Then, to enable tab-completion of Docker commands in BASH, either restart BASH or:


$ source /etc/bash_completion.d/docker.io





==> 예전 버전의 경우 docker exec 가 안되므로, 아래 최신 버전 사용 권장


Docker-maintained Package Installation


Add the Docker repository key to your local keychain.

$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9



Add the Docker repository to your apt sources list, update and install the lxc-docker package.

You may receive a warning that the package isn't trusted. Answer yes to continue installation.



$ sudo sh -c "echo deb https://get.docker.com/ubuntu docker main > /etc/apt/sources.list.d/docker.list"

$ sudo apt-get update

$ sudo apt-get install lxc-docker



ref: https://www.bartbania.com/raspberry_pi/files-list-file-missing-final-newline/


여러가지 기타 이유( 디스크에러, 메모리에러, ... )로, 패키지 파일 목록 파일이 잘못 되었을경우 조치법

증상(한글) :

dpkg: 복구 불가능한 치명적 오류, 중지합니다:

 'libzbar0' 패키지의 파일 목록 파일에 마지막 줄 바꿈이 빠졌습니다

E: Sub-process /usr/bin/dpkg returned an error code (2)

증상(영문):

dpkg: unrecoverable fatal error, aborting:

 files list file for package 'libzbar0' is missing final newline

E: Sub-process /usr/bin/dpkg returned an error code (2)


해결방안: 해당 패키지 지금 같은경우 libzbar0 를 의 목록 파일을 다시 만들어 준다.


1. 해당 패키지 다운로드

sudo apt-get install --reinstall --download-only libzbar0

다운로드후 받은 파일명 확인 : /var/cache/apt/archives/libzbar0_0.10+doc-9build1_amd64.deb 


2. 해당 패키지 파일목록 만들기libzbar0.list 파일이 생성 됩니다. )

dpkg -c /var/cache/apt/archives/libzbar0_0.10+doc-9build1_amd64.deb | \

awk '{if ($6 == "./"){ print "/."; } else if \

(substr($6, length($6), 1) == "/"){print \

substr($6, 2, length($6) - 2); } else { print \

substr($6, 2, length($6) - 1);}}' > \

/var/lib/dpkg/info/libzbar0.list


ps. dpkg -c 패키지이름.deb  ==> 해당 패키지의 파일 목록 출력






ref : http://www.linuxlab.co.kr/docs/00-05-2.htm



망내 아이피 검색

    # nmap -sP 192.168.7.0/24
    Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
    Host  (192.168.7.11) appears to be up.
    Host  (192.168.7.12) appears to be up.
    Host  (192.168.7.76) appears to be up.
    Nmap run completed -- 256 IP addresses (3 hosts up) scanned in 1 second


** Port Scanning **

    # nmap -sT 192.168.7.12
    Starting nmap V. 2.12 by Fyodor 
    (fyodor@dhp.com, www.insecure.org/nmap/)
    Interesting ports on (192.168.7.12):
    Port    State       Protocol    Service
    7        open        tcp        echo
    9        open        tcp        discard
    13      open        tcp        daytime
    19      open        tcp        chargen
    21      open        tcp        ftp
    ...
    Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds


** Stealth Scanning **

    # nmap -sS 192.168.7.7
    Starting nmap V. 2.12 by Fyodor 
    (fyodor@dhp.com, www.insecure.org/nmap/)
    Interesting ports on saturnlink.nac.net 
    (192.168.7.7):
    Port    State       Protocol  Service
    21      open        tcp        ftp
    25      open        tcp        smtp
    53      open        tcp        domain
    80      open        tcp        http
    ...
    Nmap run completed -- 1 IP address (1 host up) scanned in 1 second




 

ref: http://ioriy2k.pe.kr/archives/4762

 

0. root 권한으로 설치.

 

1. apache + mysql 설치

 tasksel 을 이용해서 설치한다.

 

$ tasksel

 

 

LAMP server : Linux Apache Mysql Php

apache 와 mysql 만 필요하지만 기본 패키지로 설치

 

 

2. redmine 설치

$ apt-get install redmine redmine-mysql

 

이후 아래 화면 에서 "예' 선택 ( dbconfig-common 을 이용해서 mysql 을 선택합니다. )

 

mysql db file 위치 : /var/lib/mysql/redmine_default

db name : redmine_default

db id : redmine_default

 

redmine db config : /etc/redmine/default/database.yml

dbconfig-common config : /etc/dbconfig-common/redmine/instances/default.conf

 

redmine root : /usr/share/redmine

 

apache DocumentRoot 아래에 redmine 을 link 합니다.

$ ln -s /usr/share/redmine/public /var/www/html/redmine

apache 에 ruby 연동모듈 passenger 를 설치합니다.

 

$ apt-get install libapache2-mod-passenger

 

passenger 설정

$ vi /etc/apache2/mods-available/passenger.conf

==> 아래 빨간줄 추가

<IfModule mod_passenger.c>
  PassengerRoot /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini
  PassengerDefaultRuby /usr/bin/ruby
  PassengerDefaultUser www-data
</IfModule>

 

 

$ apt-get install ruby-bundler


$ cd /usr/share/redmine
$ bundle install

 

3. apache config

 

$ cd /etc/apache2/sites-available

$ cp 000-default.conf redmine.conf

$ vi redmine.conf

 

==> 아래 빨간줄 추가

...

...
        <Directory /var/www/html/redmine>
           RailsBaseURI /redmine
           PassengerResolveSymlinksInDocumentRoot on
        </Directory>

</VirtualHost>

$ a2dissite 000-default

$ a2ensite redmine

$ service apache2 restart

 

 

 

5.  redmine 접속

 최초 id : admin/admin

 

5.1. 접속후 오른쪽 상단 "내 계정" 메뉴에서 비밀번호를 수정 합니다.

5.2. 왼쪽 상단 "관리" -> "설정" 에서 "일반" 탭에서 첨부파일이나 저장소 인코딩을 "utf-8.euc-kr" 으로 수정합니다.

5.3  "인증" 탭에서 "인증이 필요함" 을 체크 합니다.

 

 

 

 

6. git   설치

 

$ apt-get install git

 

7.  Enable apache module

$ a2enmod env alias cgid

 

8. apache config

$ cd /etc/apache2/sites-available

$ vi git.conf

==> 아래 복사

 

    # /git location for users
    # Git Smart HTTP configuration
    #From the Remine.pm patch file for git-smart-http:


ScriptAliasMatch "(?x)^/git/(.*/(HEAD | info/refs | objects/(info/[^/]+ | [0-9a-f]{2}/[0-9a-f]{38} | pack/pack-[0-9a-f]{40}\.(pack|idx)) | git-(upload|receive)-pack))$" /usr/lib/git-core/git-http-backend/$1

 

    SetEnv GIT_PROJECT_ROOT /var/opt/redmine/git
    SetEnv GIT_HTTP_EXPORT_ALL
    SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER

    PerlLoadModule Apache2::Redmine

    <Location /git>
        Order allow,deny
        # Sample configuration
        # Allow from 192.168.30.0/24 #Retrict Git access to local network

        Allow from all

        Satisfy all

        AuthType Basic
        AuthName "git repositories"
        Require valid-user

        PerlAccessHandler Apache::Authn::Redmine::access_handler
        PerlAuthenHandler Apache::Authn::Redmine::authen_handler

        ## for mysql
        RedmineDSN "DBI:mysql:database=redmine_default;host=localhost"
        RedmineDbUser "redmine_default"
        RedmineDbPass "****"
        RedmineGitSmartHttp yes
    </Location>

 

9.  git 저장소용 폴더 생성

$ mkdir -p /var/opt/redmine/git

$ chown www-data:www-data /var/opt/redmine/git

 

10.  redmine 에서 git  을 접근할때  Perl 을 이용합니다. 아래 설치및 파일  link

$ apt-get install libapache-dbi-perl libapache2-mod-perl2
$ ln -sf /usr/share/redmine/extra/svn/Redmine.pm /usr/lib/perl5/Apache/Redmine.pm
$ ln -sf /usr/share/redmine/extra/svn/Redmine.pm /usr/lib/perl5/Apache2/Redmine.pm

 

 

11. redmine 에서 git  저장소를 생성할수있는  plugin 설치

ref : http://projects.andriylesyuk.com/project/redmine/scm-creator

 

 

$ apt-get install subversion

$ cd /usr/share/redmine

$ mkdir plugins

$ cd plugins

$ svn co http://svn.s-andy.com/scm-creator redmine_scm

$ export RAILS_ROOT=/usr/share/redmine

$ cd /usr/share/redmine
$ rake redmine:plugins:migrate RAILS_ENV=production

 

 

Migrating redmine_scm (SCM Creator)...
==  AddRepositoriesCreatedWithScm: migrating ==================================
-- add_column(:repositories, :created_with_scm, :boolean, {:default=>false, :null=>false})
   -> 0.1249s
==  AddRepositoriesCreatedWithScm: migrated (0.1262s) =========================

$ cd /usr/share/redmine/config

$ vi scm.yml

 

==> 아래 복사

production:
  deny_delete: false
  auto_create: true
  force_repository: false
  pre_create: /usr/local/bin/pre-create.sh
  post_create: /usr/local/bin/post-create.sh
  pre_delete: /usr/local/bin/pre-delete.sh
  post_delete: /usr/local/bin/post-delete.sh
  max_repos: 0
  only_creator: false
  allow_add_local: false
  allow_pickup: false

  git:
    path: /var/opt/redmine/git
    git: /usr/bin/git
    options: --bare
    url: http://192.168.30.99/git
    update_server_info: true
    git_ext: true
    append: trunk

development:

 

 

Note. 아래 에러 발생시

ActionController::RoutingError (No route matches [GET] "/plugin_assets/redmine_scm/javascripts/scm_utils_jquery.js"):

$ cd /usr/share/redmine/public

$ mkdir plugin_assets


$ chown -R www-data:www-data plugin_assets

$ chmod -R 755 plugin_assets



$ cd /var/www/html/redmine/plugin_assets

$ ln -s /usr/share/redmine/plugins/redmine_scm/assets redmine_scm



$ a2ensite git 

$ service apache2 restart

 

 

 

 


 Agile Plugin

http://www.redmine.org/plugins/redmine_agile


download : http://redminecrm.com/projects/agile/pages/1

install : http://redminecrm.com/projects/agile/pages/2


$ cd /var/www/html/redmine/plugin_assets

$ ln -s /usr/share/redmine/plugins/redmine_agile/assets redmine_agile




 

 

 

 




// ubuntu site
https://help.ubuntu.com/community/Grub2#Reinstalling%20from%20LiveCD



Boot info script
http://sourceforge.net/projects/bootinfoscript/
ex)

                  Boot Info Script 0.60    from 17 May 2011


============================= Boot Info Summary: ===============================

 => Windows is installed in the MBR of /dev/sda.

sda1: __________________________________________________________________________

    File system:       swap
    Boot sector type:  -
    Boot sector info:

sda2: __________________________________________________________________________

    File system:       Extended Partition
    Boot sector type:  -
    Boot sector info:

sda5: __________________________________________________________________________

    File system:       ext4
    Boot sector type:  -
    Boot sector info:
    Operating System:  Ubuntu 10.04.2 LTS
    Boot files:        /boot/grub/grub.cfg /etc/fstab /boot/grub/core.img

sda3: __________________________________________________________________________

    File system:       ntfs
    Boot sector type:  Windows XP
    Boot sector info:   No errors found in the Boot Parameter Block.
    Operating System:  Windows XP
    Boot files:        /boot.ini /ntldr /NTDETECT.COM

.
.
.
.





 

super grub2
http://www.supergrubdisk.org/super-grub2-disk/

sudo lshw -businfo -C disk
root@chozo99-laptop:/boot/grub# sudo lshw -businfo -C disk
Bus info          Device      Class      Description
====================================================
scsi@1:0.0.0      /dev/cdrom  disk       DVD reader
scsi@2:0.0.0      /dev/sda    disk       54GB VBOX HARDDISK

chozo99@chozo99-laptop:~$ sudo fdisk -l

Disk /dev/sda: 55.0 GB, 54975791104 bytes
255 heads, 63 sectors/track, 6683 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000b62f8

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1         487     3905536   82  Linux swap / Solaris
Partition 1 does not end on cylinder boundary.
/dev/sda2             487        4134    29295617    5  Extended
/dev/sda3   *        4135        6682    20466810    7  HPFS/NTFS
/dev/sda5             487        4134    29295616   83  Linux



 

+ Recent posts

티스토리툴바