Ubuntu 18.04 LTS and later versions use Netplan for managing the network configuration.
Netplan configuration are driven by .yaml files located in /etc/netplan directory.
Please note that yaml files use spaces for indentation.
If you use tab or incorrect indention, your changes won’t be saved.
network:
version: 2
renderer: networkd
ethernets:
enp0s25:
dhcp4: no
addresses:
- 192.168.1.16/24
routes:
- to: default
via: 192.168.1.1
nameservers:
addresses: [8.8.8.8, 1.1.1.1]
sudo netplan apply
more info: https://netplan.io/examples/
Wednesday, June 29, 2022
How to Assign Static IP Address on Ubuntu
Friday, June 24, 2022
How to delay the start of the systemd service
Create a .timer systemd unit file to control the execution of your .service unit file.
By convention, the timer unit starts another unit with the same name,
i.e. foo.timer starts foo.service.
$ cat <<EOF | sudo tee /etc/systemd/system/foo.timer
[Unit]
Description=Timer for the foo service
[Timer]
OnBootSec=1min
[Install]
WantedBy=timers.target
EOF
It is important that the service is disabled (so it doesn't start at boot),
and the timer enabled.
sudo systemctl disable foo.service
sudo systemctl enable foo.timer
sudo systemctl daemon-reload
sudo systemctl list-timers
Ref:
https://sleeplessbeastie.eu/2022/04/04/how-to-delay-the-start-of-the-systemd-service/
Wednesday, June 22, 2022
Redhat Time synchronisation by Chrony
Time synchronisation
======================
There are 2 main NTP rpms availalable:
ntp – recommended for machines that are constantly connected to a network and are normally running 24/7.
chrony – recommended for machines that are not running 24/7 or have intermitent network, e.g. mobile phones.
Also performs well on machine that are constantly connected to a network and are normally running 24/7
Related Command
===============
yum install chrony
timedatectl
timedatectl set-timezone Asia/Bangkok
timedatectl set-ntp yes
timedatectl set-ntp true
To view a list of trusted ntp servers that the chronyd is using to sync the system-time.
chronyc sources -v
chronyc tracking
systemctl enable chronyd
systemctl start chronyd
systemctl status chronyd
If your system clock is correct,
but your hardware-clock is wrong,
then
you can update the hardware clock using the hwclock command:
hwclock --systohc
/etc/chrony.conf
================
The makestep directive can be used to allow chronyd to step the clock.
makestep 1 3
the clock would be stepped in the first three updates if its offset was larger than one second.
Normally, it’s recommended to allow the step only in the first few updates,
but in some cases (e.g. a computer without an RTC or virtual machine
which can be suspended and resumed with an incorrect time)
it may be necessary to allow the step on any clock update.
The example above would change to
makestep 1 -1
ref:
https://serverfault.com/questions/819467/chrony-time-synchronization-on-huge-time-diff
https://codingbee.net/rhcsa/ntp-keeping-system-time-in-sync-on-centos-rhel-7
Set up Nginx Reverse Proxy pointing to https traffic
vi /etc/nginx/nginx.conf
.
.
.
server {
listen 8118;
listen [::]:8118;
server_name _;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256';
location / {
root /;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_ssl_server_name on;
send_timeout 600;
proxy_pass https://target.com;
}
}
Related command
=============
vi /etc/nginx/conf.d/default.conf
nginx -t
systemctl enable --now nginx
sudo systemctl stop nginx-debug
openssl s_client -connect www.target.com:443
Reference:
========
https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/