Author: admin9483

Posted on

Voyage jusqu’à Montréal

Reveil a 4h30 sans difficultés et départ de la maison réussi sans encombre

A l’aéroport de Charles de Gaulle le passage de la sécurité fut tellement rapide (de 5h30 a 6H30 ) que nous avons attendu une heure a la porte d’embarquement.

Notre premier avion a fait un “saut de puce” jusqu’à Brussels puis, après une correspondance aux pas de course nous avons pus monter dans l’avion de Air Canada apres un rapide check de la présence de nos documents

Les 7h30 de vol sont passer très vite grâce au vidéo proposé dans l’avion.

Le passage de la douane c’est fait sans difficultés (a peine a-t-on regardé tout les papiers, Arrivcan et Etsa que nous avions préparer)

Enfin arrivée à Montréal, la jolie joie d’être arrivé n’est diminuer que par le jetlag

Apres avoir reussi notre sortie de l’aéroport via la fameuse navette 747 (tellement populaire qu’il a fallu rusé pour eviter les 2 heures de queue pour acheter un billet) et un prise de contact avec le metro de Montréal (le personnel nous a gentilment aidés ) nous voilà arrivé a l’hôtel.

Une équipe de courageux (Romain et Laureline) est resorti “chassé” les provisions au Dollarama pendant que (Sandrine, Nelly et Miya prenais leur douche.

Un leger repas pris dans la chambre, quelques dessin animés, un peu de chahut et au dodo bien mérité…..

Nous sommes à Montréal

Posted on

exposer Docker API

I had to edit /lib/systemd/system/docker.service on my Ubuntu 16.04.2 LTS system to modify the line

ExecStart=/usr/bin/docker daemon -H fd:// -H tcp://0.0.0.0:2375

then

sudo systemctl daemon-reload
sudo systemctl restart docker.service

and everything worked :-). The next step is to figure out how to protect the docker daemon form being hijacked.

Posted on

nfs no_root_squash

Conclusion

When you are using NFS mount points with root account on client-side then export them with no_root_squash option. This will ensure you don’t face access related issues on NFS mount points

Posted on

SSL pour le home lab

https://myhomelab.gr/linux/2019/12/13/local-ca-setup.html

Mon domain : daisy-street.fr

Pihole

configuration du dns pihole 192.168.1.50

Renvoyer les serveurs sur le dns/dhcp pihole

nano /etc/netplan/00-installer-config.yaml
nano /etc/resolv.conf
nano /etc/hostname

Installer traefik

docker-compose.yml

Generer password traefik

sudo apt install apache2-utils
echo $(htpasswd -nb <USER> <PASSWORD>) | sed -e s/\\$/\\$\\$/g

    volumes:
      - /SystemSvg/VM_109/traefik/data/traefik.yml:/traefik.yml:ro
      - /SystemSvg/VM_109/traefik/data/acme.json:/acme.json
      - /SystemSvg/VM_109/traefik/data/config.yml:/config.yml:ro
    labels:
      - "traefik.http.routers.traefik.rule=Host(`traefik-dashboard.local.daisy-street.fr`)"
      - "traefik.http.middlewares.traefik-auth.basicauth.users=<USER>:<HASHED-PASSWORD>"
      - "traefik.http.routers.traefik-secure.rule=Host(`traefik-dashboard.local.daisy-street.fr`)"

Configurer SSL

openssl genrsa -des3 -out root.key 2048
david@legion2:/SystemSvg/clersa$ openssl req -x509 -new -nodes -key root.key -sha256 -days 7200 -out root.pem
Enter pass phrase for root.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:FR
State or Province Name (full name) [Some-State]:Hauts-de-Seine
Locality Name (eg, city) []:Antony
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Homelab
Organizational Unit Name (eg, section) []:IT
Common Name (e.g. server FQDN or YOUR name) []:DaisyStreet HomeLab Authority
Email Address []:
david@legion2:/SystemSvg/clersa$

openssl genrsa -out wildcard.homelab.home.key 2048
nano opensslsan.cnf

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = FR
ST = Hauts-de-Seine
L = Antony
O = Wildcard Homelab Inc
OU = IT
CN = *.homelab.home
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = *.homelab.home

openssl req -new -out wildcard.homelab.home.csr \
-key wildcard.homelab.home.key \
-config opensslsan.cnf
openssl x509 -req -in wildcard.homelab.home.csr \
-CA root.pem \
-CAkey root.key \
-CAcreateserial \
-out wildcard.homelab.home.crt \
-days 7200 \
-sha256 \
-extensions v3_req \
-extfile opensslsan.cnf
Posted on

paperless retag

Document retagger

Say you’ve imported a few hundred documents and now want to introduce a tag or set up a new correspondent, and apply its matching to all of the currently-imported docs. This problem is common enough that there are tools for it.

document_retagger [-h] [-c] [-T] [-t] [-i] [--use-first] [-f]

optional arguments:
-c, --correspondent
-T, --tags
-t, --document_type
-i, --inbox-only
--use-first
-f, --overwrite

Connexion au bash docker

tmux
docker exec -it paperless bash

Sans écrasement

document_retagger -c -t --use-first
document_retagger -T

Avec ecrasement

document_retagger -c -t --use-first -f
document_retagger -T -f

a essayer en global

tmux
docker exec -it paperless bash
document_retagger -c -t --use-first -f;document_retagger -T;document_retagger -T;document_retagger -T;document_retagger -T;document_retagger -T;document_retagger -T

docker exec -d -it paperless-ng_webserver_1 document_retagger -c -T -t --use-first

document_retagger -T est repeter plusieurs fois car la commande s’arrete en database lock au bout de 10 minutes d’ouverture de database , l’enchainement de commande sans ecrasement permet de balayer toute la base.

Posted on

installation Docker all in one

sudo apt-get update
sudo apt-get -y install ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 
sudo apt-get update
sudo apt-get -y install docker-ce docker-ce-cli containerd.io
sudo apt -y install nfs-common
sudo apt -y install cifs-utils
sudo apt -y install docker-compose

docker plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions

sudo usermod -aG docker $USER

sudo mkdir /Warehouse
sudo mkdir /Warehouse/Documents_read 
sudo mkdir /Warehouse/Phototeque_CheckIn_read 
sudo mkdir /Warehouse/Phototeque_read 
sudo mkdir /Warehouse/SystemSvg_read 
sudo mkdir /SystemSvg
sudo mkdir /SystemSvg_nfs

sudo mkdir /VideoClub
sudo mkdir /Photocopie

sudo nano /home/david/.sharelogin
   username=[username]
   password=[password]

sudo nano /etc/docker/daemon.json
{
    "log-driver": "loki",
    "log-opts": {
        "loki-url": "http://localhost:3100/loki/api/v1/push",
        "loki-batch-size": "400"
    }
}

sudo nano /etc/fstab
   //192.168.1.111/5-Documents  /Warehouse/Documents_read cifs ro,credentials=/home/david/.sharelogin,uid=1000,gid=1000 0 0
   //192.168.1.111/50-Phototheque  /Warehouse/Phototeque_read cifs ro,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
   //192.168.1.111/00-CheckIn  /Warehouse/Phototeque_CheckIn_read cifs ro,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
   //192.168.1.111/6-SystemSvg  /Warehouse/SystemSvg_read cifs ro,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
   //192.168.1.111/5-Documents/80-Photocopie  /Photocopie cifs rw,credentials=/home/david/.sharelogin,uid=1000,gid=1000 0 0
   //192.168.1.111/9-VideoClub  /VideoClub cifs rw,credentials=/home/david/.sharelogin,uid=1000,gid=1000 0 0
   //192.168.1.111/6-SystemSvg  /SystemSvg cifs rw,credentials=/home/david/.sharelogin,nobrl,uid=1000,gid=1000 0 0
   192.168.1.111:/share_nfs /SystemSvg_nfs nfs defaults 0 0

sudo mount -a

sudo systemctl restart docker

mkdir /SystemSvg/docker

mkdir /SystemSvg/docker/portainer
mkdir /SystemSvg/docker/portainer/data
docker kill portainer
docker rm portainer
cd /SystemSvg/docker/portainer/;docker-compose pull
cd /SystemSvg/docker/portainer/;docker-compose up -d

mkdir /SystemSvg/docker/traefik 
mkdir /SystemSvg/share_nfs/traefik
mkdir /SystemSvg/docker/traefik/data
mkdir /SystemSvg/share_nfs/traefik/acme
docker network create proxy
docker kill traefik
docker rm traefik
cd /SystemSvg/docker/traefik/;docker-compose pull
cd /SystemSvg/docker/traefik/;docker-compose up -d

mkdir /SystemSvg/docker/grafana
mkdir /SystemSvg/docker/grafana/grafana
mkdir /SystemSvg/docker/grafana/loki
mkdir /SystemSvg/docker/grafana/promtail
docker kill grafana
docker kill loki
docker kill promtail
docker rm grafana
docker rm loki
docker rm promtail
cd /SystemSvg/docker/grafana/;docker-compose pull
cd /SystemSvg/docker/grafana/;docker-compose up -d

mkdir /SystemSvg/docker/sickchill
mkdir /SystemSvg/docker/sickchill/config
docker kill sickchill
docker rm sickchill
cd /SystemSvg/docker/sickchill/;docker-compose pull
cd /SystemSvg/docker/sickchill/;docker-compose up -d

mkdir /SystemSvg/docker/transmission
mkdir /SystemSvg/docker/transmission/config
docker kill transmission 
docker rm transmission 
cd /SystemSvg/docker/transmission/;docker-compose pull
cd /SystemSvg/docker/transmission/;docker-compose up -d

mkdir /SystemSvg/docker/filebot
mkdir /SystemSvg/docker/filebot/data
docker kill filebot
docker rm filebot
cd /SystemSvg/docker/filebot/;docker-compose pull
cd /SystemSvg/docker/filebot/;docker-compose up -d

mkdir /SystemSvg/docker/nzbget
mkdir /SystemSvg/docker/nzbget/config
docker kill nzbget
docker rm nzbget
cd /SystemSvg/docker/nzbget/;docker-compose pull
cd /SystemSvg/docker/nzbget/;docker-compose up -d

mkdir /SystemSvg/docker/jellyfin
mkdir /SystemSvg/docker/jellyfin/config
mkdir /SystemSvg/docker/jellyfin/cache
docker kill jellyfin
docker rm jellyfin
cd /SystemSvg/docker/jellyfin/;docker-compose pull
cd /SystemSvg/docker/jellyfin/;docker-compose up -d

mkdir /SystemSvg/docker/duplicati
mkdir /SystemSvg/docker/duplicati/data
docker kill duplicati
docker rm duplicati
cd /SystemSvg/docker/duplicati/;docker-compose pull
cd /SystemSvg/docker/duplicati/;docker-compose up -d

//mkdir /SystemSvg/docker/heimdall
//mkdir /SystemSvg/docker/heimdall/config
//docker kill dashy
//docker rm dashy
//cd /SystemSvg/docker/dashy/;docker-compose pull
//cd /SystemSvg/docker/dashy/;docker-compose up -d

mkdir /SystemSvg/docker/dashy
docker kill heimdall
docker rm heimdall
cd /SystemSvg/docker/heimdall/;docker-compose pull
cd /SystemSvg/docker/heimdall/;docker-compose up -d

mkdir /SystemSvg/docker/littlelink
mkdir /SystemSvg/docker/littlelink/config
docker kill littlelink-server
docker rm littlelink-server
cd /SystemSvg/docker/littlelink/;docker-compose pull
cd /SystemSvg/docker/littlelink/;docker-compose up -d

mkdir /SystemSvg/docker/uptime-kuma
mkdir /SystemSvg/docker/uptime-kuma/data
docker kill uptime-kuma
docker rm uptime-kuma
cd /SystemSvg/docker/uptime-kuma/;docker-compose pull
cd /SystemSvg/docker/uptime-kuma/;docker-compose up -d

mkdir /SystemSvg/docker/paperless-ng
mkdir /SystemSvg/docker/paperless-ng/config
docker kill paperless-ng
docker rm paperless-ng
cd /SystemSvg/docker/paperless-ng/;docker-compose pull
cd /SystemSvg/docker/paperless-ng/;docker-compose up -d
cd /SystemSvg/docker/paperless-ng/;docker-compose run --rm webserver createsuperuser

mkdir /SystemSvg/docker/zoneminder
mkdir /SystemSvg/docker/zoneminder/cache
mkdir /SystemSvg/docker/zoneminder/config
docker kill zoneminder_in
docker rm zoneminder_in
cd /SystemSvg/docker/zoneminder/;docker-compose pull
cd /SystemSvg/docker/zoneminder/;docker-compose up -d

mkdir /SystemSvg/docker/homeassitant
mkdir /SystemSvg/docker/homeassitant/config
docker kill homeassitant
docker rm homeassitant
cd /SystemSvg/docker/homeassitant/;docker-compose pull
cd /SystemSvg/docker/homeassitant/;docker-compose up -d

mkdir /SystemSvg/docker/redmine
mkdir /SystemSvg/docker/redmine/mariadb_data
docker kill redmine_mariadb_1
docker kill redmine_redmine_1
docker rm redmine_mariadb_1
docker rm redmine_redmine_1
cd /SystemSvg/docker/redmine/;docker-compose pull
cd /SystemSvg/docker/redmine/;docker-compose up -d

mkdir /SystemSvg/docker/lamp
mkdir /SystemSvg/docker/lamp/www
mkdir /SystemSvg/docker/lamp/mysql
docker kill lamp_db_1
docker kill lamp_myadmin_1
docker kill lamp_web_1
docker rm lamp_db_1
docker rm lamp_myadmin_1
docker rm lamp_web_1
cd /SystemSvg/docker/lamp/;docker-compose pull
cd /SystemSvg/docker/lamp/;docker-compose up -d

mkdir /SystemSvg/docker/wordpress
mkdir /SystemSvg/docker/wordpress/html
mkdir /SystemSvg/docker/wordpress/mysql
docker kill wordpress_db_1
docker kill adminer_legacy
docker kill wordpress_legacy
docker rm wordpress_db_1
docker rm adminer_legacy
docker rm wordpress_legacy
cd /SystemSvg/docker/wordpress/;docker-compose pull
cd /SystemSvg/docker/wordpress/;docker-compose up -d

sudo apt-get purge -y docker-engine docker docker.io docker-ce docker-ce-cli
sudo apt-get autoremove -y --purge docker-engine docker docker.io docker-ce  
sudo rm -rf /var/lib/docker /etc/docker
sudo rm /etc/apparmor.d/docker
sudo groupdel docker
sudo rm -rf /var/run/docker.sock
docker kill portainer
docker rm portainer
cd /SystemSvg/docker/portainer/;docker-compose up -d

docker kill traefik
docker rm traefik
cd /SystemSvg/docker/traefik/;docker-compose up -d

docker kill grafana
docker kill loki
docker kill promtail
docker rm grafana
docker rm loki
docker rm promtail
cd /SystemSvg/docker/grafana/;docker-compose up -d

docker kill sickchill
docker rm sickchill
cd /SystemSvg/docker/sickchill/;docker-compose up -d

docker kill transmission 
docker rm transmission 
cd /SystemSvg/docker/transmission/;docker-compose up -d

docker kill filebot
docker rm filebot
cd /SystemSvg/docker/filebot/;docker-compose up -d

docker kill nzbget
docker rm nzbget
cd /SystemSvg/docker/nzbget/;docker-compose up -d

docker kill jellyfin
docker rm jellyfin
cd /SystemSvg/docker/jellyfin/;docker-compose up -d

docker kill duplicati
docker rm duplicati
cd /SystemSvg/docker/duplicati/;docker-compose up -d

//docker kill heimdall
//docker rm heimdall
//cd /SystemSvg/docker/heimdall/;docker-compose up -d

docker kill dashy
docker rm dashy
cd /SystemSvg/docker/dashy/;docker-compose up -d

docker kill littlelink-server
docker rm littlelink-server
cd /SystemSvg/docker/littlelink/;docker-compose up -d

docker kill uptime-kuma
docker rm uptime-kuma
cd /SystemSvg/docker/uptime-kuma/;docker-compose up -d

docker kill paperless-ng
docker rm paperless-ng
cd /SystemSvg/docker/paperless-ng/;docker-compose up -d

docker kill zoneminder_in
docker rm zoneminder_in
cd /SystemSvg/docker/zoneminder/;docker-compose up -d

docker kill homeassitant
docker rm homeassitant
cd /SystemSvg/docker/homeassitant/;docker-compose up -d

docker kill redmine_mariadb_1
docker kill redmine_redmine_1
docker rm redmine_mariadb_1
docker rm redmine_redmine_1
cd /SystemSvg/docker/redmine/;docker-compose up -d

docker kill lamp_db_1
docker kill lamp_myadmin_1
docker kill lamp_web_1
docker rm lamp_db_1
docker rm lamp_myadmin_1
docker rm lamp_web_1
cd /SystemSvg/docker/lamp/;docker-compose up -d

docker kill wordpress_db_1
docker kill adminer_legacy
docker kill wordpress_legacy
docker rm wordpress_db_1
docker rm adminer_legacy
docker rm wordpress_legacy
cd /SystemSvg/docker/wordpress/;docker-compose up -d
Posted on

Install Portainer Agent with Docker on Linux

Run the following command to deploy the Portainer Agent:

sudo docker run -d -p 9001:9001 --name portainer_agent --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent:2.6.3
sudo docker kill portainer_agent
sudo docker rm portainer_agent
sudo docker run -d -p 9001:9001 --name portainer_agent --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent:2.6.3