Research and development Archives

Ubuntu install Grafana

sudo apt-get install -y apt-transport-https software-properties-common wget

sudo mkdir -p /etc/apt/keyrings/

wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null

echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | sudo tee -a /etc/apt/sources.list.d/grafana.list

# Updates the list of available packages
sudo apt-get update

# Installs the latest Enterprise release:
sudo apt-get install grafana-enterprise

Prometheus

#!/bin/bash

echo 'Create tmp dir'
mkdir -p /tmp/prometheus

echo 'Change directory'
cd /tmp/prometheus

echo 'Download Prometheus'
PROMETHEUS_VERSION=$(curl -Ls https://api.github.com/repos/prometheus/prometheus/releases/latest | jq ".tag_name" | xargs | cut -c2-)
wget "https://github.com/prometheus/prometheus/releases/download/v${PROMETHEUS_VERSION}/prometheus-${VERSION}.linux-amd64.tar.gz"
tar xvzf prometheus-${VERSION}.linux-amd64.tar.gz
cd ./prometheus-${VERSION}.linux-amd64

echo 'Create directories'
for i in rules rules.d files_sd; do sudo mkdir -p /etc/prometheus/${i}; done
sudo mkdir /var/lib/prometheus

echo 'Create user & group'
sudo groupadd --system prometheus
sudo useradd -s /sbin/nologin --no-create-home --system -g prometheus prometheus

echo 'Deploy'
sudo mv prometheus promtool /usr/local/bin/
sudo mv prometheus.yml /etc/prometheus/prometheus.yml
sudo mv consoles/ console_libraries/ /etc/prometheus/

echo 'Chown'
sudo chown -R prometheus:prometheus /usr/local/bin/prometheus
sudo chown -R prometheus:prometheus /usr/local/bin/promtool
sudo chown -R prometheus:prometheus /etc/prometheus
sudo chown -R prometheus:prometheus /var/lib/prometheus

echo 'Create service'
sudo tee /etc/systemd/system/prometheus.service<<EOF
[Unit]
Description=Prometheus
Documentation=https://prometheus.io/docs/introduction/overview/
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
User=prometheus
Group=prometheus
ExecReload=/bin/kill -HUP \$MAINPID
ExecStart=/usr/local/bin/prometheus \
  --config.file=/etc/prometheus/prometheus.yml \
  --storage.tsdb.path=/var/lib/prometheus \
  --web.console.templates=/etc/prometheus/consoles \
  --web.console.libraries=/etc/prometheus/console_libraries \
  --web.listen-address=0.0.0.0:9090 \
  --web.external-url=

SyslogIdentifier=prometheus
Restart=always

[Install]
WantedBy=multi-user.target
EOF

sudo systemctl daemon-reload
sudo systemctl start prometheus
sudo systemctl enable prometheus

Fully installation of Development server

After OS installed we have update it to latest

sudo apt update && sudo apt upgrade -y

LVM resize

sudo lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
sudo resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv

Timezone

sudo timedatectl set-timezone Asia/Ho_Chi_Minh
sudo timedatectl set-ntp on

Setup sudo without password

sudo echo "joos ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers

Disable IPv6

I don’t know why but sometime it blocked internet access to some of servers

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1

Install PHP

sudo apt install -y software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt update && sudo apt upgrade -y

phpVersions=('8.3')
phpExtensions=('dev' 'cli' 'mbstring' 'curl' 'intl' 'mbstring' 'xml' 'xmlrpc' 'xsl' 'yaml' 'zip' 'imagick' 'gd' 'opcache' 'memcache' 'memcached' 'mysql' 'sqlite3' 'ldap' 'bcmath' 'fpm' 'mongodb' 'redis' 'pcov' 'apcu')

for phpVersion in "${phpVersions[@]}"
do
  echo "Install PHP ${phpVersion} extensions"
  extensions=$(printf "php${phpVersion}-%s " "${phpExtensions[@]}")
  sudo apt install -y $extensions
done

sudo apt update
sudo apt install php-cli unzip zip

Composer

cd ~
curl -sS https://getcomposer.org/installer -o /tmp/composer-setup.php
sudo php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer

Docker

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Docket without sudo

sudo groupadd docker
sudo usermod -aG docker $USER
newgrp docker

LVM – Installation

sudo lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv
sudo resize2fs /dev/mapper/ubuntu--vg-ubuntu--lv

sudo timedatectl set-timezone Asia/Ho_Chi_Minh
sudo timedatectl set-ntp on

joos ALL=(ALL) NOPASSWD:ALL

sudo groupadd --system prometheus
sudo useradd -s /sbin/nologin --no-create-home --system -g prometheus prometheus

MySQL Exporter

Configure Prometheus MySQL Exporter on Ubuntu / CentOS | ComputingForGeeks

Install and Configure Prometheus MySQL Exporter – DevOpsSchool.com

IPv6 – Disable

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1

Ubuntu – Disable IPv6

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

FastCGI vs suPHP vs CGI vs mod_php (DSO)

Attribute	mod_php	CGI	suPHP	FastCGI
Memory usage	Low	Low	Low	High
CPU usage	Low	High	High	Low
Security	Low	Low	High	High
Run as file owner	No	No	Yes	Yes
Overall Performance	Fast	Slow	Slow	Fast

FastCGI vs suPHP vs CGI vs mod_php (DSO) – Chris Wiegman

Secure SSH with Yubikey

https://developers.yubico.com/SSH/Securing_SSH_with_FIDO2.html

Install OpenSSH
ssh-keygen -t ed25519-sk -O resident -O verify-required -C "Your Comment"

– t : Specifies the type of key to create. We are using ed25519-sk
– 0 : Specify a key/value option.
resident : Indicate that the key handle should be stored on the FIDO authenticator itself.
verify-required : Indicate that this private key should require user verification for each signature.

Copy public key ssh-copy-id -i ~/.ssh/id_ed25519_sk.pub user@host
And finally update SSH server

# Support public key cryptography (includes FIDO2)
PubkeyAuthentication yes
# Enforce User Verification
PubkeyAuthOptions verify-required
# Public keys location
AuthorizedKeysFile .ssh/authorized_keys
# Allow root only with MFA
PermitRootLogin prohibit-password
# Disable password authentication
PasswordAuthentication no
PermitEmptyPasswords no

How to install Speedtest – Tracker on Synology NAS

OOKLA_EULA_GDPR=true

Docker

henrywhitaker3/speedtest-tracker – Docker Image | Docker Hub

Laravel – Different between instance vs bind

use ->bind() when you want to provide just a FQCN (full-qualified class name), or a factory closure, to instruct the container on how to lazily build an instance only when needed.
use ->instance()` when you already have an constructed instance and want to instruct the container to provide that particular instance when required.

Simple Bindings
We can register a binding using the bind method, passing the class or interface name that we wish to register along with a closure that returns an instance of the class

Binding Instances
You may also bind an existing object instance into the container using the instance method. The given instance will always be returned on subsequent calls into the container

How to create Ubuntu system user without home directory

sudo groupadd --system prometheus
sudo useradd -s /sbin/nologin --no-create-home --system -g prometheus prometheus

Grafana – Install Loki

A Loki-based logging stack consists of 3 components:

Promtail is the agent, responsible for gathering logs and sending them to Loki.
Loki is the main server, responsible for storing logs and processing queries.
Grafana for querying and displaying the logs.

Download Loki

wget https://github.com/grafana/loki/releases/download/v2.9.8/loki-linux-amd64.zip
chmod a+x loki-linux-amd64
sudo cp loki-linux-amd64 /usr/local/bin/loki
loki --version

Create Systemd service

sudo nano /etc/systemd/system/loki.service

[Unit]
Description=Loki is a log aggregation system designed to store and query logs from all your applications and infrastructure.
Document=https://github.com/grafana/loki/releases
After=network.target

[Service]
Type=simple
ExecStart=/usr/local/bin/loki -config.file /mnt/data/loki/loki-config.yaml
Restart=on-failure
RestartSec=10
StandardOutput=append:/mnt/data/loki/logs/loki.log
StandardError=append:/mnt/data/loki/logs/loki.log

[Install]
WantedBy=multi-user.target


# This is a complete configuration to deploy Loki backed by the filesystem.
# The index will be shipped to the storage via tsdb-shipper.

auth_enabled: false

server:
  http_listen_port: 3100

common:
  ring:
    instance_addr: 127.0.0.1
    kvstore:
      store: inmemory
  replication_factor: 1
  path_prefix: /mnt/data/loki
  storage:
    filesystem:
      chunks_directory: /mnt/data/loki/chunks
      rules_directory: /mnt/data/loki/rules

schema_config:
  configs:
  - from: 2020-05-15
    store: tsdb
    object_store: filesystem
    schema: v13
    index:
      prefix: index_
      period: 24h

storage_config:
  filesystem:
    directory: /mnt/data/loki/chunks