Posts

Debian 12 (Proxmox Mail Gateway) and starting mailCow mail service

Hello. If You have a problem with starting the MailCow mail service on the Debian 12 (Proxmox Mail Gateway iso) You can use this article . 1. Need to check what template to use Apparmor root@pmg:/home/user# apparmor_status apparmor module is loaded. 10 profiles are loaded. 9 profiles are in enforce mode. docker-default /usr/bin/freshclam /usr/lib/NetworkManager/nm-dhcp-client.action /usr/lib/NetworkManager/nm-dhcp-helper /usr/lib/connman/scripts/dhclient-script /usr/sbin/clamd /{,usr/}sbin/dhclient lsb_release nvidia_modprobe nvidia_modprobe//kmod 0 profiles are in complain mode 0 profiles are in kill mode. 0 profiles are in unconfined mode. 108 processes have profiles defined. 1 processes are in enforce mode.   2. Create apparmor template in /etc/apparmor.d/docker-default #include <tunables/global> profile docker-default flags=(attach_disconnected,mediate_deleted) { #include <abstractions/base> ptrace peer=@{profile_name}, network, capability

Custom outgoing IP from docker container

Image
Hi. If You want to configure a custom docker container to use one public IPs that are located on the host system You can use this schema. First, need install docker engine on the system  - install docker   Next, create docker networks  like this --------------------------------------------------------- docker network create --attachable --opt 'com.docker.network.bridge.name=my-network-1' --opt 'com.docker.network.bridge.enable_ip_masquerade=false' --subnet=172.20.10.0/24 --gateway=172.20.10.1 my-network-1 docker network create --attachable --opt 'com.docker.network.bridge.name=my-network-2' --opt 'com.docker.network.bridge.enable_ip_masquerade=false'   --subnet=172.20.20.0/24 --gateway=172.20.20.1 my-network-2 docker network create --attachable --opt 'com.docker.network.bridge.name=my-network-3' --opt 'com.docker.network.bridge.enable_ip_masquerade=false'  --subnet=172.20.30.0/24 --gateway=172.20.30.1 my-network-3 ------------------------

Docker certbor autoreNEW cert cron job

Hi. If You using a Portainer for deploy yours applications with nginx, apache and Let’s Encrypt SSL you will need to auto renew the certificates when they were ended. I'm using that bash script and put it in the  /etc/cron.weekly folder (using UBUNTU 22.03)  #!/bin/bash # Set PATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin # Run the certbot container to renew the certs docker run --rm -v certbot-webroot-VOLUME:/var/www/certbot -v certbot-data-VOLUME:/etc/letsencrypt:rw certbot/certbot renew # Restart container docker restart container-WITH-WEB-SERVER # Copy cert for Portainer cat /var/lib/docker/volumes/certbot-data-VOLUME/_data/live/YOUR.DOMAIN.COM/fullchain.pem > /opt/portainer/certs/cert.pem cat /var/lib/docker/volumes/certbot-data/_data/live/YOUR.DOMAIN.COM/privkey.pem > /opt/portainer/certs/key.pem docker restart portainer PS. When You will put script to the   /etc/cron.weekly   folder don't add an extension to the script only name. With an ex

Seample redirects on the .htaccess

Example simple redirect on the .htaccess using rewrite module of the APACHE (httpd) #redirects of one URL RewriteCond %{REQUEST_URI} ^/madres-subrogadas/ RewriteRule .* https://exanple.com/es/moms/ [R=301,L] #redirect all domain RewriteRule (.*)$ https://example.com/es/ [R=301,L]

IPv6 proxy on VPS

This draft article only for remembering  Host company with ipv6 /64 network https://www.vpsag.com/ Script for ganarate ipv6 on python3   #!/usr/bin/env python3 """ Generate a random IPv6 address for a specified subnet """ from random import seed, getrandbits from ipaddress import IPv6Network, IPv6Address subnet = '2001:db8:100::/64' seed() network = IPv6Network(subnet) address = IPv6Address(network.network_address + getrandbits(network.max_prefixlen - network.prefixlen)) print(address) Generate 1000 ip $ for ip in {1..1000}; do python random-ipv6-addr.py ; done add ipv6 address to interface from file cat iplist1.txt | while read ip;do ip -6 addr add $ip dev eth0; done https://ip6.sh/ can be used to ganarate IPs example https://blog.vpsville.ru/blog/howto/133.html

Schedule delete email with doveadm

 for i in $(ls /directory_with_email); do doveadm expunge -u "$i" mailbox Trash before 30d; done for i in $(ls /directory_with_email); do doveadm expunge -u "$i" mailbox Junk before 30d; done for i in $(ls /directory_with_email); do doveadm expunge -u "$i" mailbox INBOX before 365d; done

Розпакування архівів ISPmanager 5 Lite руками

Всі маніпуляції проводимо з під Лінукса. 1. Спочатку розшифровуємо кожен архів openssl enc -aes-256-cbc -d -in F2019-09-29.dotcom.tgz.aes.part1 -out F2019-09-29.dotcom.tgz.part1 -pass pass:********** 2. Потім ті частини збираємо докупи. cat F2019-09-29.dotcom.tgz.part1 F2019-09-29.dotcom.tgz.part2 > F2019-09-29.dotcom.tgz