MaxBarraclough + sysadmin   42

How to Configure NGINX
an overview of nginx configuration
nginx  webDev  sysAdmin 
6 weeks ago by MaxBarraclough
How To Host Ghost with Nginx on DigitalOcean
to stop/start nginx: `sudo systemctl [stop|start] nginx` (article written pre-systemd) [unlike ghost which uses `ghost stop`]

see also https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-ghost-on-ubuntu-16-04 , https://log.cyconet.org/2016/01/21/using-nginx-as-reverse-proxy-for-ghost/

Does not discuss configuring nginx for HTTPS
nginx  sysAdmin  webDev  Ghost  Linux  Unix 
6 weeks ago by MaxBarraclough
how to schedule automatic shutdown with Windows Task Scheduler
set the Action to this: C:\Windows\System32\shutdown.exe /s /c "Automatic scheduled shutdown"

Be sure to configure to run as admin, configured for Win Server 2016 (or whatever), running regardless of whether user is logged in, ignoring idleness and power-state, enable wake-to-run, and presumably not to re-attempt. Also remember to Refresh the view, as, oddly, your task will not appear otherwise.
Windows  scripting  sysAdmin  WindowsServer  from notes
8 weeks ago by MaxBarraclough
Is it possible to view RabbitMQ message contents directly from the command line? - Stack Overflow
I had to do a very strange cd to get `python cli/rabbitmqadmin....` to work -- to a directory named ..../rabbitmq_management-3.7.7/priv/www
RabbitMQ  StackOverflow  sysAdmin 
10 weeks ago by MaxBarraclough
PowerTip: Change the PowerShell Console Title
$host.ui.RawUI.WindowTitle = "Changed Title"

(*including* the dollar sign)
PowerShell  WindowsServer  sysAdmin 
10 weeks ago by MaxBarraclough
Bug #678318 “firebird2.5 SuperClassic has permissions problems” : Bugs : firebird2.5 package : Ubuntu
> always use localhost: in front in front of db path when using classic
or superclassic in 2.5

> connect "localhost:/var/lib/firebird/2.5/data/employee.fdb " user
'SYSDBA' password 'SYSDBApassword';
FirebirdSQL  Unix  Linux  sysAdmin 
11 weeks ago by MaxBarraclough
'Fguard on Linux Systems' [sic]
These *appear* to work, after installing from official binary package, but I had a serious permissions issue (creating fdb files):

(do NOT use) `sudo systemctl start firebird-superserver.service`
(do NOT use) `sudo systemctl stop firebird-superserver.service`
(do NOT use) `sudo systemctl enable firebird-superserver.service`
(do NOT use) `sudo systemctl disable firebird-superserver.service`

I did not get these errors if I ran `sudo /opt/firebird/bin/fbguard -daemon` to run the Firebird service... the horror... (avoid running without -daemon as it doesn't behave well as a command-line application. Zero output, and discards ctrl-c; it has to be killed by an external 'kill' command)

The document is riddled with errors. There is no 'fguard', it's called 'fbguard'. The end of the page recommends using a raw 'kill' command, contradicting the start of the page.

Installing from an official precompiled binary, there seems to no longer be any kind of integration with /etc/init.d
FirebirdSQL  Linux  sysAdmin 
11 weeks ago by MaxBarraclough
How to start/stop/restart/enable/reload Apache in Linux (with systemctl)
/etc/init.d/... no longer seems to be the way to it. `sudo systemctl stop httpd.service` works.
Linux  Unix  sysAdmin  Apache 
11 weeks ago by MaxBarraclough
setting timezone to GB in GNU/Linux
for Amazon Linux, this works:

`sudo ln -s /usr/share/zoneinfo/GB /etc/localtime -f`
Linux  sysAdmin  StackExchange 
11 weeks ago by MaxBarraclough
Error HRESULT: 0x80070520 when adding SSL binding in IIS
In case of mysterious permissions issues, just go ahead and right-click the files in this folder and set more permissive permissions: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

I ran into this issue when configuring TLS on MS SQL Server 2017, on an almost-fresh Windows Server 2016
Windows  sysAdmin  certificateManagement  MsSqlServer  security  IIS 
12 weeks ago by MaxBarraclough
MS SQL Server: Create a Database User
this seems to be necessary for remote access: it is not enough to try to re-use Windows account details.

n.b. the default is to send data over the network unencrypted! Be sure to configure encryption.
MsSqlServer  sysAdmin 
12 weeks ago by MaxBarraclough
Display message box from Task Scheduler on top of all other windows - Super User
`msg * "My message" /TIME:60` to show message for up to 60s

For some reason, I had no luck getting the Scheduler to invoke PowerShell to run `(New-Object -ComObject Wscript.Shell).Popup ....`
SuperUser  Windows  scripting  sysAdmin 
12 weeks ago by MaxBarraclough
How To Set Up an SSL Tunnel Using Stunnel on Ubuntu | DigitalOcean
Deprecated, and pre-TLS, but looks like a good whirlwind tour.

Remember to 'accept = 0.0.0.0' not 127.0.0.1 on the server side, where we want to accept external connections

Another tutorial: https://redislabs.com/blog/stunnel-secure-redis-ssl/

DO NOT put double-quotes around file-paths, such as "c:\..."
Presumably it simply does not support spaces in file-paths.
security  networking  networkTunnelling  sysAdmin  Linux  stunnel 
12 weeks ago by MaxBarraclough
How to get the system uptime in Windows? - Stack Overflow
Task Manager under Performance tab, or:
`systeminfo` and scan for "System Boot Time"
or, less helpful:
`net statistics server`/`net statistics workstation`
Windows  sysAdmin  StackOverflow 
12 weeks ago by MaxBarraclough
Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode? - Server Fault
Worryingly difficult to find out how this is done. Remember not to waste time deleting the auto-generated cert, which will be regenerated.

Dig out the 'thumbprint' (SHA-1 hash) of the desired cert (PS: `Get-ChildItem -Recurse Cert:`), place it in Computer > Remote Desktop *and* Personal (though I found that just Personal was enough), and run in PowerShell (*including* the dollar sign):

$path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path

Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="cafebabecafebabe......."}
Windows  RemoteDesktop  certificateManagement  sysAdmin  WindowsServer 
september 2018 by MaxBarraclough
Why is my command prompt freezing on windows 10? - Stack Overflow
> The issue ended up being a new feature of the windows 10 console. Under the default config, whenever you click on a command window in windows 10, it immediately halts the application process when it attempts to write to the console.

It's the same on PowerShell - https://pinboard.in/u:MaxBarraclough/b:7cac6daad5e7
badIdeas  badDefaults  Windows10  sysAdmin  commandLine  StackOverflow 
september 2018 by MaxBarraclough
Technitium MAC Address Changer
Does not work with my Intel wi-fi chipset, Win10.

Version 6.0 does not seem to provide any way to uninstall
Windows  networking  sysAdmin 
september 2018 by MaxBarraclough
linux - Execute command without keeping it in history [BASH] - Stack Overflow
`export HISTCONTROL=ignorespace` # affects this session only

and then prepend space characters to your command
Linux  BASH  commandLine  sysAdmin  security 
august 2018 by MaxBarraclough
Windows Event viewer: filter for event IDs 6005,6006 for startup/shutdown events
There are various related codes, like 1074 and 6013

(In Event Viewer > Windows Logs > System)
Windows  sysAdmin  ServerFault  WindowsServer  discussion 
june 2018 by MaxBarraclough
New-SelfSignedCertificate
e.g.

New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName example.com -NotAfter (Get-Date).AddYears(1) -KeyExportPolicy Exportable -KeySpec KeyExchange

It's best to include `-KeySpec KeyExchange` otherwise your cert cannot be used for MS SQL Server connections

also these for some reason mean use of a physical card: `-KeyAlgorithm RSA`

there's also: `-KeyLength 2048`

and less useful: `-KeyUsage DigitalSignature`

and there's `-Subject ...`

For a wildcard cert for EC2:

`New-SelfSignedCertificate -CertStoreLocation Cert:\LocalMachine\My -DnsName "*.eu-west-2.compute.amazonaws.com" -NotAfter (Get-Date).AddYears(10) -KeyExportPolicy Exportable -KeySpec KeyExchange -KeyLength 2048 -FriendlyName MyEc2Cert -KeyFriendlyName MyEc2Cert-priv`
Windows  sysAdmin  certificateManagement  PowerShell  security 
february 2018 by MaxBarraclough
Certificates [the certificate store in Windows]
Including a detailed explanation of the roles of the different 'folders' ('Trusted People' etc)

Also https://msdn.microsoft.com/en-gb/library/windows/desktop/bb540795(v=vs.85).aspx

Seems to be that you add your self-signed cert to Computer>Personal for binding/server (no need to use Trusted Root), and Computer>Trusted People for browser/client (shouldn't need private key)
Windows  sysAdmin  security  certificateManagement 
february 2018 by MaxBarraclough

Copy this bookmark:



description:


tags: