Archive for the ‘Linux Solution’ Category

Proxmox Virtual Environment (VE) 7.1-8 – installing Apache Guacamole v1.4.0 natively on Debian 11 (Bullseye) Server

Dienstag, Januar 18th, 2022
root@pve-iot-jsho-guacamole-01:~# apt-get install -y build-essential libcairo2-dev libjpeg62-turbo-dev libtool-bin uuid-dev libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
build-essential is already the newest version (12.9).
libcairo2-dev is already the newest version (1.16.0-5).
libavcodec-dev is already the newest version (7:4.3.3-0+deb11u1).
libavformat-dev is already the newest version (7:4.3.3-0+deb11u1).
libavutil-dev is already the newest version (7:4.3.3-0+deb11u1).
libswscale-dev is already the newest version (7:4.3.3-0+deb11u1).
freerdp2-dev is already the newest version (2.3.0+dfsg1-2).
libjpeg62-turbo-dev is already the newest version (1:2.0.6-4).
libssh2-1-dev is already the newest version (1.9.0-2).
libtelnet-dev is already the newest version (0.21-5+b1).
libtool-bin is already the newest version (2.4.6-15).
libvncserver-dev is already the newest version (0.9.13+dfsg-2).
libvorbis-dev is already the newest version (1.3.7-1).
libwebp-dev is already the newest version (0.6.1-2.1).
libwebsockets-dev is already the newest version (4.0.20-2).
libssl-dev is already the newest version (1.1.1k-1+deb11u1).
libossp-uuid-dev is already the newest version (1.6.2-1.5+b9).
libpango1.0-dev is already the newest version (1.46.2-3).
libpulse-dev is already the newest version (14.2-2).
uuid-dev is already the newest version (2.36.1-8).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# apt-get install git
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
git is already the newest version (1:2.30.2-1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# git clone git://github.com/apache/guacamole-server.git
Cloning into ‚guacamole-server’…
remote: Enumerating objects: 24296, done.
remote: Counting objects: 100% (2405/2405), done.
remote: Compressing objects: 100% (214/214), done.
remote: Total 24296 (delta 2292), reused 2194 (delta 2191), pack-reused 21891
Receiving objects: 100% (24296/24296), 7.41 MiB | 3.94 MiB/s, done.
Resolving deltas: 100% (16091/16091), done.
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# cd guacamole-server
root@pve-iot-jsho-guacamole-01:~/guacamole-server# autoreconf -fi
libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, ‚build-aux‘.
libtoolize: copying file ‚build-aux/ltmain.sh‘
libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, ‚m4‘.
libtoolize: copying file ‚m4/libtool.m4‘
libtoolize: copying file ‚m4/ltoptions.m4‘
libtoolize: copying file ‚m4/ltsugar.m4‘
libtoolize: copying file ‚m4/ltversion.m4‘
libtoolize: copying file ‚m4/lt~obsolete.m4‘
configure.ac:27: installing ‚build-aux/compile‘
configure.ac:27: installing ‚build-aux/config.guess‘
configure.ac:27: installing ‚build-aux/config.sub‘
configure.ac:23: installing ‚build-aux/install-sh‘
configure.ac:23: installing ‚build-aux/missing‘
configure.ac:33: installing ‚build-aux/tap-driver.sh‘
src/common-ssh/Makefile.am: installing ‚build-aux/depcomp‘
parallel-tests: installing ‚build-aux/test-driver‘
root@pve-iot-jsho-guacamole-01:~/guacamole-server#
root@pve-iot-jsho-guacamole-01:~/guacamole-server# ./configure –with-init-dir=/etc/init.d

————————————————
guacamole-server version 1.4.0
————————————————
Library status:
freerdp2 ………… yes
pango …………… yes
libavcodec ………. yes
libavformat………. yes
libavutil ……….. yes
libssh2 …………. yes
libssl ………….. yes
libswscale ………. yes
libtelnet ……….. yes
libVNCServer …….. yes
libvorbis ……….. yes
libpulse ………… yes
libwebsockets ……. yes
libwebp …………. yes
wsock32 …………. no
Protocol support:
Kubernetes …. yes
RDP ……….. yes
SSH ……….. yes
Telnet …….. yes
VNC ……….. yes
Services / tools:
guacd …… yes
guacenc …. yes
guaclog …. yes
FreeRDP plugins: /usr/lib/x86_64-linux-gnu/freerdp2
Init scripts: /etc/init.d
Systemd units: no
Type „make“ to compile guacamole-server.
root@pve-iot-jsho-guacamole-01:~/guacamole-server#
root@pve-iot-jsho-guacamole-01:~/guacamole-server# make
root@pve-iot-jsho-guacamole-01:~/guacamole-server# make install
root@pve-iot-jsho-guacamole-01:~/guacamole-server# ldconfig
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# systemctl daemon-reload
root@pve-iot-jsho-guacamole-01:~# systemctl enable –now guacd
guacd.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable guacd
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# systemctl start guacd
root@pve-iot-jsho-guacamole-01:~# systemctl status guacd
* guacd.service – LSB: Guacamole proxy daemon
Loaded: loaded (/etc/init.d/guacd; generated)
Active: active (running) since Mon 2022-01-17 12:03:29 UTC; 6s ago
Docs: man:systemd-sysv-generator(8)
Process: 25121 ExecStart=/etc/init.d/guacd start (code=exited, status=0/SUCCESS)
Tasks: 1 (limit: 17845)
Memory: 9.9M
CPU: 18ms
CGroup: /system.slice/guacd.service
`-25124 /usr/local/sbin/guacd -p /var/run/guacd.pid
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 systemd[1]: Starting LSB: Guacamole proxy daemon…
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 guacd[25122]: Guacamole proxy daemon (guacd) version 1.4.0 started
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 guacd[25121]: Starting guacd:
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 guacd[25122]: guacd[25122]: INFO: Guacamole proxy daemon (guacd) version 1.4.0 started
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 guacd[25121]: SUCCESS
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 systemd[1]: Started LSB: Guacamole proxy daemon.
Jan 17 12:03:29 pve-iot-jsho-guacamole-01 guacd[25124]: Listening on host ::1, port 4822
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# apt-get install -y tomcat9 tomcat9-admin tomcat9-common tomcat9-user
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
tomcat9 is already the newest version (9.0.43-2~deb11u3).
tomcat9-admin is already the newest version (9.0.43-2~deb11u3).
tomcat9-common is already the newest version (9.0.43-2~deb11u3).
tomcat9-user is already the newest version (9.0.43-2~deb11u3).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# systemctl status tomcat9.service
* tomcat9.service – Apache Tomcat 9 Web Application Server
Loaded: loaded (/lib/systemd/system/tomcat9.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-01-17 12:05:51 UTC; 2min 28s ago
Docs: https://tomcat.apache.org/tomcat-9.0-doc/index.html
Process: 26829 ExecStartPre=/usr/libexec/tomcat9/tomcat-update-policy.sh (code=exited, status=0/SUCCESS)
Main PID: 26833 (java)
Tasks: 35 (limit: 17845)
Memory: 290.2M
CPU: 9.822s
CGroup: /system.slice/tomcat9.service
`-26833 /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties -Djava.util.logging.>
Jan 17 12:05:55 pve-iot-jsho-guacamole-01 tomcat9[26833]: Deployment of deployment descriptor [/etc/tomcat9/Catalina/localhost/host-manager.xml] has >
Jan 17 12:05:55 pve-iot-jsho-guacamole-01 tomcat9[26833]: Deploying deployment descriptor [/etc/tomcat9/Catalina/localhost/manager.xml]
Jan 17 12:05:55 pve-iot-jsho-guacamole-01 tomcat9[26833]: The path attribute with value [/manager] in deployment descriptor [/etc/tomcat9/Catalina/lo>
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this >
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: Deployment of deployment descriptor [/etc/tomcat9/Catalina/localhost/manager.xml] has finis>
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: Deploying web application directory [/var/lib/tomcat9/webapps/ROOT]
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this >
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: Deployment of web application directory [/var/lib/tomcat9/webapps/ROOT] has finished in [76>
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: Starting ProtocolHandler [„http-nio-8080“]
Jan 17 12:05:56 pve-iot-jsho-guacamole-01 tomcat9[26833]: Server startup in [3469] milliseconds
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# ss -altnp | grep 80
LISTEN 0 100 *:8080 *:* users:((„java“,pid=26833,fd=37))
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# mkdir /etc/guacamole
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# wget https://downloads.apache.org/guacamole/1.4.0/binary/guacamole-1.4.0.war -O /etc/guacamole/guacamole.war
–2022-01-17 12:13:39– https://downloads.apache.org/guacamole/1.4.0/binary/guacamole-1.4.0.war
Resolving downloads.apache.org (downloads.apache.org)… 88.99.95.219, 135.181.214.104, 2a01:4f9:3a:2c57::2, …
Connecting to downloads.apache.org (downloads.apache.org)|88.99.95.219|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 13011205 (12M)
Saving to: ‚/etc/guacamole/guacamole.war‘
/etc/guacamole/guacamole.war 100%[=====================>] 12.41M 10.3MB/s in 1.2s
2022-01-17 12:13:41 (10.3 MB/s) – ‚/etc/guacamole/guacamole.war‘ saved [13011205/13011205]
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# ln -s /etc/guacamole/guacamole.war /var/lib/tomcat9/webapps
root@pve-iot-jsho-guacamole-01:~# systemctl restart tomcat9 guacd
root@pve-iot-jsho-guacamole-01:~# mkdir /etc/guacamole/{extensions,lib}
root@pve-iot-jsho-guacamole-01:~# echo „GUACAMOLE_HOME=/etc/guacamole“ >> /etc/default/tomcat9
root@pve-iot-jsho-guacamole-01:~# vi /etc/guacamole/guard.conf
[server]
bind_host = 0.0.0.0

bind_port = 4822
root@pve-iot-jsho-guacamole-01:~# cat > /etc/guacamole/guacamole.properties << EOL
guacd-hostname: localhost
guacd-port: 4822
user-mapping: /etc/guacamole/user-mapping.xml
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
EOL
root@pve-iot-jsho-guacamole-01:~# ln -s /etc/guacamole /usr/share/tomcat9/.guacamole
root@pve-iot-jsho-guacamole-01:~# echo -n password | openssl md5
(stdin)= 5f4dcc3b5aa765d61d8327deb882cf99
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# apt-get install vim
Reading package lists… Done
Building dependency tree… Done
Reading state information… Done
vim is already the newest version (2:8.2.2434-3+deb11u1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@pve-iot-jsho-guacamole-01:~#
root@pve-iot-jsho-guacamole-01:~# vim /etc/guacamole/user-mapping.xml
<user-mapping>
<authorize
username=“admin“
password=“5f4dcc3b5aa765d61d8327deb882cf99″ encoding=“md5″>
<connection name=“bpi-iot-jsho-minio-01″>
<protocol>ssh</protocol>
<param name=“hostname“>192.168.1.168</param>
<param name=“port“>22</param>
</connection>
</authorize>
</user-mapping>

root@pve-iot-jsho-guacamole-01:~# vim /etc/guacamole/user-mapping.xml
<user-mapping>
<authorize username=“admin“
password=“5f4dcc3b5aa765d61d8327deb882cf99″ encoding=“md5″>
<connection name=“bpi-iot-jsho-minio-01″>
<protocol>ssh</protocol> <param name=“hostname“>192.168.1.168</param>
<param name=“port“>22</param>
</connection>
<connection name=“bpi-iot-jsho-minio-02″>
<protocol>ssh</protocol> <param name=“hostname“>192.168.1.147</param>
<param name=“port“>22</param>
</connection>
<connection name=“bpi-iot-jsho-minio-03″>
<protocol>ssh</protocol> <param name=“hostname“>192.168.1.192</param>
<param name=“port“>22</param>
</connection>
</authorize>
</user-mapping>

root@pve-iot-jsho-guacamole-01:~# vim /etc/guacamole/user-mapping.xml
<user-mapping>
<authorize username=“admin“
password=“5f4dcc3b5aa765d61d8327deb882cf99″ encoding=“md5″>
<connection name=“bpi-iot-jsho-minio-01″>
<protocol>ssh</protocol> <param name=“hostname“>192.168.1.168</param>
<param name=“port“>22</param>
</connection>
<connection name=“bpi-iot-jsho-minio-02″>
<protocol>ssh</protocol> <param name=“hostname“>192.168.1.147</param>
<param name=“port“>22</param>
</connection>
<connection name=“bpi-iot-jsho-minio-03″>
<protocol>ssh</protocol> <param name=“hostname“>192.168.1.192</param>
<param name=“port“>22</param>
</connection>
<connection name=“W2k22STD-01″>
<protocol>rdp</protocol> <param name=“hostname“>192.168.1.112</param>
<param name=“port“>3389</param>
<param name=“security“>NLA</param>
<param name=“ignore-cert“>true</param>
<param name=“port“>3389</param>
<param name=“ignore-cert“>true</param>
<!– <param name=“username“>…</param> –>
<!– <param name=“password“>…</param> –>
<!– <param name=“color-depth“>…</param> –>
</connection>
</authorize>
</user-mapping>

DietPi 8.0 – mit neuen Dashboard Optionen

Dienstag, Januar 18th, 2022

Debian 11 (Bullseye) Server – enable SSH root login

Montag, Januar 17th, 2022

To enable SSH login for a root user on Debian Linux system you need to first configure SSH server

# vi /etc/ssh/sshd_config
PermitRootLogin yes
# /etc/init.d/ssh restart
Restarting ssh (via systemctl): ssh.service.

Raspberry Pi – how to setup Apache Guacamole with Docker & Portainer

Samstag, Januar 15th, 2022
root@rpi-iot-jsho-2FA-01:~# curl -sSL https://get.docker.com | sh
# Executing docker install script, commit: 93d2499759296ac1f9c510605fef85052a2c32be
+ sh -c apt-get update -qq >/dev/null
+ sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -qq apt-transport-https ca-certificates curl >/dev/null
+ sh -c curl -fsSL „https://download.docker.com/linux/raspbian/gpg“ | gpg –dearmor –yes -o /usr/share/keyrings/docker-archive-keyring.gpg
+ sh -c echo „deb [arch=armhf signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/raspbian bullseye stable“ > /etc/apt/sources.list.d/docker.list
+ sh -c apt-get update -qq >/dev/null
+ sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -qq –no-install-recommends docker-ce-cli docker-ce >/dev/null
+ version_gte 20.10
+ [ -z ]
+ return 0
+ sh -c DEBIAN_FRONTEND=noninteractive apt-get install -y -qq docker-ce-rootless-extras >/dev/null
+ sh -c docker version
Client: Docker Engine – Community
Version: 20.10.12
API version: 1.41
Go version: go1.16.12
Git commit: e91ed57
Built: Mon Dec 13 11:45:28 2021
OS/Arch: linux/arm
Context: default
Experimental: true
Server: Docker Engine – Community
Engine:
Version: 20.10.12
API version: 1.41 (minimum version 1.12)
Go version: go1.16.12
Git commit: 459d0df
Built: Mon Dec 13 11:43:45 2021
OS/Arch: linux/arm
Experimental: false
containerd:
Version: 1.4.12
GitCommit: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc:
Version: 1.0.2
GitCommit: v1.0.2-0-g52b36a2
docker-init:
Version: 0.19.0
GitCommit: de40ad0
===============================================
To run Docker as a non-privileged user, consider setting up the
Docker daemon in rootless mode for your user:
dockerd-rootless-setuptool.sh install
Visit https://docs.docker.com/go/rootless/ to learn about rootless mode.
To run the Docker daemon as a fully privileged service, but granting non-root
users access, refer to https://docs.docker.com/go/daemon-access/
WARNING: Access to the remote API on a privileged Docker daemon is equivalent
to root access on the host. Refer to the ‚Docker daemon attack surface‘
documentation for details: https://docs.docker.com/go/attack-surface/
===============================================
root@rpi-iot-jsho-2FA-01:~#
root@rpi-iot-jsho-2FA-01:~# usermod -aG docker pi
root@rpi-iot-jsho-2FA-01:~# docker pull portainer/portainer-ce:linux-arm
linux-arm: Pulling from portainer/portainer-ce
0ea73420e2bb: Pull complete
c367f59be2e1: Pull complete
4bb294c1afcb: Pull complete
Digest: sha256:8297a8a6d055b12b998f4fcb1fb8c8cd34340d4eb1b963a7b4db4981613b1d99
Status: Downloaded newer image for portainer/portainer-ce:linux-arm
docker.io/portainer/portainer-ce:linux-arm
root@rpi-iot-jsho-2FA-01:~#
root@rpi-iot-jsho-2FA-01:~# docker run –restart always -d -p 9000:9000 -v /var/ run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer -ce:linux-arm
d82bfe696e54a760f542ac9fa6ad06d52f207a431b6655a22e91faeb4c527888
root@rpi-iot-jsho-2FA-01:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d82bfe696e54 portainer/portainer-ce:linux-arm „/portainer“ 13 seconds ago Up 10 seconds 8000/tcp, 9443/tcp, 0.0.0.0:9000->9000/tcp, :::9000->9000/tcp exciting_antonelli
root@rpi-iot-jsho-2FA-01:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d82bfe696e54 portainer/portainer-ce:linux-arm „/portainer“ 33 seconds ago Up 29 seconds 8000/tcp, 9443/tcp, 0.0.0.0:9000->9000/tcp, :::9000->9000/tcp exciting_antonelli
root@rpi-iot-jsho-2FA-01:~#
http://192.168.1.159:9000

Banana Pi BPI-M1 – practical example with an S3-compatible object storage server with MinIO on Armbian Bullseye

Donnerstag, Januar 13th, 2022

root@rpi-iot-jsho-cam-02:~# vi MinIoMotioneyeBackup.sh
#!/bin/bash
#FileName: MinIoMotioneyeBackup.sh
LocalBackupPath=“/var/lib/motioneye“
MinioBucket=“myminio/worm-with-versioning-and-retention/motioneye“
MCPATH=“/root/mc“
$MCPATH mirror –json –overwrite –remove –preserve $LocalBackupPath $MinioBucket
root@rpi-iot-jsho-cam-02:~#
root@rpi-iot-jsho-cam-02:~# crontab -l
00 * * * * /root/MinioMotioneyeBackup.sh >> /dev/null 2>&1
00 * * * * /root/MinioMotioneyeBackup2.sh >> /dev/null 2>&1
00 * * * * /root/MinioMotioneyeBackup3.sh >> /dev/null 2>&1
root@rpi-iot-jsho-cam-02:~#
root@rpi-iot-jsho-cam-02:~# date
Wed 05 Jan 2022 04:36:38 PM CET
root@rpi-iot-jsho-cam-02:~#

root@rpi-iot-jsho-cam-02:~# date
Thu 06 Jan 2022 09:21:59 AM CET
root@rpi-iot-jsho-cam-02:~#

root@rpi-iot-jsho-cam-02:~# date
Fri 07 Jan 2022 01:37:18 PM CET

root@rpi-iot-jsho-cam-02:~#

root@rpi-iot-jsho-cam-02:~# date
Sun 09 Jan 2022 12:37:55 PM CET

root@rpi-iot-jsho-cam-02:~#

root@rpi-iot-jsho-cam-02:~# vi MinioMotioneyeBackup.sh
#!/bin/bash
#FileName: MinIoMotioneyeBackup.sh
LocalBackupPath=“/var/lib/motioneye“
MinioBucket=“myminio/worm-with-versioning-and-retention/motioneye“
MCPATH=“/root/mc“
$MCPATH mirror –json –overwrite –remove –preserve $LocalBackupPath $MinioBucket
$MCPATH rm –force –versions –recursive –older-than 7d $MinioBucket
root@rpi-iot-jsho-cam-02:~#
root@rpi-iot-jsho-cam-02:~# vi MinioMotioneyeBackup2.sh
!/bin/bash
#FileName: MinIoMotioneyeBackup2.sh
LocalBackupPath=“/var/lib/motioneye“
MinioBucket=“myminio/noworm-with-versioning-and-noretention/motioneye“
MCPATH=“/root/mc“
$MCPATH mirror –json –overwrite –remove –preserve $LocalBackupPath $MinioBucket
$MCPATH rm –force –versions –recursive –older-than 7d $MinioBucket
root@rpi-iot-jsho-cam-02:~#
root@rpi-iot-jsho-cam-02:~# vi MinioMotioneyeBackup3.sh
!/bin/bash
#FileName: MinIoMotioneyeBackup3.sh
LocalBackupPath=“/var/lib/motioneye“
MinioBucket=“myminio/noworm-with-noversioning-and-noretention/motioneye“
MCPATH=“/root/mc“
$MCPATH mirror –json –overwrite –remove –preserve $LocalBackupPath $MinioBucket
root@rpi-iot-jsho-cam-02:~#

root@rpi-iot-jsho-cam-02:~# ./mc rm –force –versions –recursive –older-than 6d myminio/worm-with-versioning-and-retention/motioneye
Removing `myminio/worm-with-versioning-and-retention/motioneye/Camera1/.keep` (versionId=23026458-6652-4139-985d-ad4068cc5f26, modTime=2022-01-04 22:00:25.386 +0000 UTC).
Removing `myminio/worm-with-versioning-and-retention/motioneye/Camera1/.keep` (versionId=2eee588f-343a-4844-a14c-f5d1522430c6, modTime=2022-01-04 10:00:20.937 +0000 UTC).
Removing `myminio/worm-with-versioning-and-retention/motioneye/Camera1/2022-01-04/17-12-19.jpg` (versionId=ee2b64ce-f03b-4bb0-b0a2-034d5e9dd217, modTime=2022-01-04 17:00:17.052 +0000 UTC).
Removing `myminio/worm-with-versioning-and-retention/motioneye/Camera2/2022-01-04/15-26-20.jpg` (versionId=e076f7e7-0a3e-4026-84ad-f0345be0769a, modTime=2022-01-04 15:04:00.74 +0000 UTC).
Removing `myminio/worm-with-versioning-and-retention/motioneye/Camera2/2022-01-04/15-26-21.jpg` (versionId=2a7c2ee3-b46a-4d5c-8375-556743e8c404, modTime=2022-01-04 15:04:00.669 +0000 UTC).
Removing `myminio/worm-with-versioning-and-retention/motioneye/Camera2/2022-01-04/15-26-22.jpg` (versionId=500b4e3a-2138-4a0a-bd08-778e816cef70, modTime=2022-01-04 15:04:00.733 +0000 UTC).
mc: <ERROR> Failed to remove `/worm-with-versioning-and-retention/motioneye/Camera2/2022-01-04/15-26-22.jpg`. Object is WORM protected and cannot be overwritten
root@rpi-iot-jsho-cam-02:~#
root@rpi-iot-jsho-cam-02:~# date
Wed 12 Jan 2022 12:04:08 PM CET
root@rpi-iot-jsho-cam-02:~#

root@rpi-iot-jsho-cam-02:~# ./mc rb –force myminio/worm-with-versioning-and-retention5d
mc: <ERROR> Failed to remove `myminio/worm-with-versioning-and-retention5d`. Object is WORM protected and cannot be overwritten.
root@rpi-iot-jsho-cam-02:~#
root@rpi-iot-jsho-cam-02:~# ./mc du –versions myminio/worm-with-versioning-and-retention5d
332MiB worm-with-versioning-and-retention5d
root@rpi-iot-jsho-cam-02:~#

Raspberry Pi OS (Legacy) – we’ve decided to create a legacy version of the Raspberry Pi OS based on the Debian Buster release (or, to be more specific, the Debian oldstable release)

Dienstag, Januar 11th, 2022

Ein immutable Backup ist eine Datensicherung – die nicht verändert oder gelöscht werden kann

Dienstag, Januar 11th, 2022

Proxmox Virtual Environment (VE) 7.1-8 – how to build a cluster

Freitag, Januar 7th, 2022

Proxmox Virtual Environment (VE) 7.1-x – mit AMD Kernel Bug Linux 5.13.19-2

Mittwoch, Januar 5th, 2022

ntopng – high speed web based traffic analysis

Mittwoch, Januar 5th, 2022

pfSense 2.5.x – how to configure traffic monitoring with ntopng

Mittwoch, Januar 5th, 2022

pfSense 2.5.x – how to setup your own open source network intrusion prevention and detection system (IDS/IPS) with Snort

Dienstag, Januar 4th, 2022

Praspberry Pi – Alpine Linux vs Raspberry Pi OS vs DietPi

Montag, Januar 3rd, 2022

MSP360 Managed Backup 5.2 – new backup format GFS restore verification deduplication and more

Samstag, Januar 1st, 2022

   MSP360 Managed Backup – Backup and IT Management Software Simplified

Banana Pi BPI-M1 – Let’s Encrypt SSL how to use a private key and public certificate with an S3-compatible object storage server with MinIO on Armbian Bullseye

Donnerstag, Dezember 30th, 2021

root@bpi-iot-jsho-minio-03:~# apt-get install certbot
root@bpi-iot-jsho-minio-03:~# certbot certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
1: Spin up a temporary webserver (standalone)
2: Place files in webroot directory (webroot)
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Select the appropriate number [1-2] then [enter] (press ‚c‘ to cancel): 1
Plugins selected: Authenticator standalone, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter ‚c‘
to cancel): bpi-iot-jsho-minio-03.ddnss.eu
Requesting a certificate for bpi-iot-jsho-minio-03.ddnss.eu
Performing the following challenges:
http-01 challenge for bpi-iot-jsho-minio-03.ddnss.eu
Waiting for verification…
Cleaning up challenges
Subscribe to the EFF mailing list (email: josef.schuster@dpsolution.de).
IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/privkey.pem
Your certificate will expire on 2022-03-27. To obtain a new or
tweaked version of this certificate in the future, simply run
certbot again. To non-interactively renew *all* of your
certificates, run „certbot renew“
– If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
root@bpi-iot-jsho-minio-03:~#
root@bpi-iot-jsho-minio-03:/# find . -name fullchain.pem -print
./etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/fullchain.pem
root@bpi-iot-jsho-minio-03:/#
root@bpi-iot-jsho-minio-03:~# cp /etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/fullchain.pem $HOME/.minio/certs/public.crt
root@bpi-iot-jsho-minio-03:~# cp /etc/letsencrypt/live/bpi-iot-jsho-minio-03.ddnss.eu/privkey.pem $HOME/.minio/certs/private.key

If your TLS certificates do not have the IP SAN for the MinIO server host the MinIO Console may fail to validate the connection to the server use the MINIO_SERVER_URL environment variable and specify the proxy-accessible hostname of the MinIO server to allow the Console to use the MinIO server API using the TLS certificate

root@bpi-iot-jsho-minio-03:/# MINIO_SERVER_URL=“https://bpi-iot-jsho-minio-03.ddnss.eu:9000″ MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=<password> ./minio server –console-address „:9001“ /data/data{0…3}
https://bpi-iot-jsho-minio-03.ddnss.eu:9001

root@bpi-iot-jsho-minio-02:~# ./mc alias set myminio https://bpi-iot-jsho-minio-03.ddnss.eu:9000 admin <password>
Added `myminio` successfully.
root@bpi-iot-jsho-minio-02:~#
root@bpi-iot-jsho-minio-02:~# ./mc –version myminio
mc version RELEASE.2021-12-20T23-43-34Z
root@bpi-iot-jsho-minio-02:~# ./mc admin update myminio
Server `myminio` updated successfully from 2021-12-20T22:07:16Z to 2021-12-29T06-49-06Z
root@bpi-iot-jsho-minio-02:~#