Linux:Services: Difference between revisions

From Cheatsheet
Jump to navigationJump to search
VisualWikitext
Line 1: Line 1:
[[Category:Cheatsheet|Cheatsheets]]
[[Category:Cheatsheet|Cheatsheets]]
== named ==
=== Checks ===
<syntaxhighlight lang="bash">
# Perform a test load of all primary zones within named.conf, as the named user
sudo -u named named-checkconf -z
# Check zone file 192.168.77.0 defined in the 77.168.192.in-addr.arpa zone
named-checkzone 77.168.192.in-addr.arpa 192.168.77.0
# Check zone file brammerloo.nl defined in the brammerloo.nl zone
named-checkzone brammerloo.nl brammerloo.nl
</syntaxhighlight>
=== Configuration ===
Basic configuration for the options field in '''/etc/named.conf'''
<syntaxhighlight lang="bash">
options {
# Define on what IP to listen on, for port 53
        listen-on port 53 { 127.0.0.1; 192.168.0.1; 192.168.1.1; };
        directory      "/var/named";
        dump-file      "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file  "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";
# Only allow DNS queries from specific local subnets
# To allow from anything use: allow query { any; };
        allow-query    { localhost; 127.0.0.1; 192.168.0.0/24; 192.168.1.0/24; };
# If the server can't resolve an address locally, use the following DNS servers for help
        forwarders {
        8.8.8.8;
        1.1.1.1;
        };
        recursion yes;
        dnssec-validation no;
        managed-keys-directory "/var/named/dynamic";
        geoip-directory "/usr/share/GeoIP";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
        /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
        include "/etc/crypto-policies/back-ends/bind.config";
};
</syntaxhighlight>
Zone defnitions: '''named.rfc1912.zones'''
<syntaxhighlight lang="bash">
# Define zones to listen for
zone "brammerloo.nl" IN {
        type master;
        file "brammerloo.nl";
        allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.1.0";
        allow-update { none; };
};
</syntaxhighlight>
Zone file for Reverse lookup: '''/var/named/192.168.1.0'''
<syntaxhighlight lang="bash">
$TTL 300
@      IN SOA  ns1.brammerloo.nl. admin.brammerloo.nl. (
                                        2023101102 ; serial
                                        180    ; refresh
                                        60      ; retry
                                        108000  ; expire
                                        60 )    ; minimum
    IN      NS      ns1.brammerloo.nl.
; PTR Records
11    IN  PTR  node1.
21    IN  PTR  server1.
</syntaxhighlight>
Zone file for domain: '''/var/named/brammerloo.nl'''
<syntaxhighlight lang="bash">
$TTL 300
@      IN SOA  ns1.brammerloo.nl. admin.brammerloo.nl. (
                                        2023101306 ; serial
                                        180    ; refresh
                                        60      ; retry
                                        108000  ; expire
                                        60 )    ; minimum
    IN      NS      ns1.brammerloo.nl.
@                  IN      A    192.168.1.6  ; domain brammerloo.nl is me!
ns1.brammerloo.nl. IN      A    192.168.78.31 ; FQDN for my domain
node1              IN      A    192.168.78.31 ; Basic A-record
www                IN      CNAME node1        ; Point my website to my node1 A-record
</syntaxhighlight>


== dhcpd ==
== dhcpd ==
Line 12: Line 112:


=== Configuration ===
=== Configuration ===
'''/etc/dhcp/dhcpd.conf'''
Basic configuration options in the '''/etc/dhcp/dhcpd.conf''' file
 
Basic configuration file
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
# Set the domain clients should use when resolving hostnames (equivalent to search domain)
# Set the domain clients should use when resolving hostnames (equivalent to search domain)

Revision as of 13:31, 20 October 2023


named

Checks

# Perform a test load of all primary zones within named.conf, as the named user
sudo -u named named-checkconf -z

# Check zone file 192.168.77.0 defined in the 77.168.192.in-addr.arpa zone
named-checkzone 77.168.192.in-addr.arpa 192.168.77.0

# Check zone file brammerloo.nl defined in the brammerloo.nl zone
named-checkzone brammerloo.nl brammerloo.nl

Configuration

Basic configuration for the options field in /etc/named.conf 

options {
# Define on what IP to listen on, for port 53
        listen-on port 53 { 127.0.0.1; 192.168.0.1; 192.168.1.1; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        secroots-file   "/var/named/data/named.secroots";
        recursing-file  "/var/named/data/named.recursing";

# Only allow DNS queries from specific local subnets
# To allow from anything use: allow query { any; };
        allow-query     { localhost; 127.0.0.1; 192.168.0.0/24; 192.168.1.0/24; };

# If the server can't resolve an address locally, use the following DNS servers for help
        forwarders {
        8.8.8.8;
        1.1.1.1;
        };

        recursion yes;
        dnssec-validation no;

        managed-keys-directory "/var/named/dynamic";
        geoip-directory "/usr/share/GeoIP";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";

        /* https://fedoraproject.org/wiki/Changes/CryptoPolicy */
        include "/etc/crypto-policies/back-ends/bind.config";
};


Zone defnitions: named.rfc1912.zones 

# Define zones to listen for
zone "brammerloo.nl" IN {
        type master;
        file "brammerloo.nl";
        allow-update { none; };
};

zone "1.168.192.in-addr.arpa" IN {
        type master;
        file "192.168.1.0";
        allow-update { none; };
};


Zone file for Reverse lookup: /var/named/192.168.1.0 

$TTL 300
@       IN SOA  ns1.brammerloo.nl. admin.brammerloo.nl. (
                                        2023101102 ; serial
                                        180     ; refresh
                                        60      ; retry
                                        108000  ; expire
                                        60 )    ; minimum
    IN      NS      ns1.brammerloo.nl.
; PTR Records
11    IN   PTR   node1.
21    IN   PTR   server1.


Zone file for domain: /var/named/brammerloo.nl 

$TTL 300
@       IN SOA  ns1.brammerloo.nl. admin.brammerloo.nl. (
                                        2023101306 ; serial
                                        180     ; refresh
                                        60      ; retry
                                        108000  ; expire
                                        60 )    ; minimum
    IN      NS      ns1.brammerloo.nl.
@                  IN      A     192.168.1.6   ; domain brammerloo.nl is me!
ns1.brammerloo.nl. IN      A     192.168.78.31 ; FQDN for my domain
node1              IN      A     192.168.78.31 ; Basic A-record
www                IN      CNAME node1         ; Point my website to my node1 A-record

dhcpd

dhclient

# Request an IPv4 adres from a DHCP server
dhclient -4

# Show verbose information when requesting an IPv4 adres from a DHCP server
dhclient -4 -v

Configuration

Basic configuration options in the /etc/dhcp/dhcpd.conf file 

# Set the domain clients should use when resolving hostnames (equivalent to search domain)
option domain-name "brammerloo.nl";

# Set the domain name servers for DHCP clients
option domain-name-servers ns1.brammerloo.nl, 8.8.8.8;

default-lease-time 600;
max-lease-time 7200;
log-facility local7;

# Best practice = define any connected subnets, but don't configure DHCP for them
subnet 192.168.1.0 netmask 255.255.255.0 {
}

# Basic DHCP for a subnet configuration
subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.100 192.168.0.150;
  option routers 192.168.0.1;
}

Docker

Checks

# List Docker containers 
docker ps

# List all Docker container IDs
docker ps -aq

# List logs for container 987sdh3qrasdhj
docker logs 987sdh3qrasdhj

# List RAM/CPU usage for Docker container asdlkasd67k
docker stats asdlkasd67k

# Show verbose container information such as commands run, network, ID, etc
docker inspect oiu2398sda87

Commands

# Enter the shell inside a docker container
docker exec -ti a89sd98sa7d /bin/bash

# Execute a command inside a container as a specific user, root in this case
docker exec -it -u root asd87289hasdadz tail /var/log/nginx/access.log
docker exec -u 0 -it as892asnj2as /bin/bash

# Restart docker container yoga
docker restart yoga

# Restart the 3 given containers
docker restart 79f71c7f4d91 bbb3d3f5c3b1 b0a3204d4098

# Start this container
docker start as9823nzxc0

# Stop this container
docker stop as9823nzxc0

# Restart all unhealthy Docker containers
for i in $(docker ps | grep unhealthy | awk '{print $1}'); do docker restart "$i"; done;

PowerDNS

Checks

# List commands
pdns_server --help

# Check config and parse for errors
pdns_server --config=check
# List available commands 
pdnsutil --help

# Check config and parse for errors
pdnsutil --config=check

# List all available zones
pdnsutil list-all-zones

# List all domains in the primary zone
pdnsutil list-all-zones primary

# See zone information for a specific domain
pdnsutil show-zone mydomain.com
pdnsutil show-zone 77.5.10.in-addr.arpa

# Check zone for errors
pdnsutil check-zone mydomain.com

# List all created TSIG keys
pdnsutil list-tsig-keys

Commands

# Activate TSIG key for domain "myexample.com" in the primary zone
pdnsutil " myexample.com transfer primary

MAAS

Checks

Logs in either place:
/var/log/maas/
/var/snap/maas/common/log

# List status of MAAS services
maas status

# List MAAS commands
maas --help

# List available arguments for the init command
maas init --help
Retrieved from "https://wiki.brammerloo.nl/index.php?title=Linux:Services&oldid=455"