mario – Page 8

Convert pfx certificate for apache

Posted on 17.06.202017.06.2020 by mario

This is more or less a hint for me how to do it. Maybe it helps you, too.

openssl pkcs12 -in example.com.pfx -clcerts -nokeys -out example.com.crt
openssl pkcs12 -in example.com.pfx -nocerts -out example.com-encrypted.key
openssl rsa -in cert-encrypted.key -out example.com.key
openssl pkcs12 -in example.com.pfx -cacerts -nokeys -out ca-cert.ca

Then in the apache config

SSLCertificateFile certs/example.com.crt
SSLCACertificateFile certs/ca-cert.ca
SSLCertificateKeyFile certs/example.com.key

Marios’ version of Kimchi

Posted on 06.06.202009.06.2020 by mario

This is my version of Kimchi. There are gazillion versions of Kimchi and this is mine.

Since I’m lazy and don’t want to browse a special Asian store, I changed some ingredients to fit what I can buy and have a similar result.

Paprika powder
Cayenne pepper powder
120g Salt
2 medium sized Onions
4 Garlic cloves
1 thumb sized piece Ginger
1 kg Chinese cabbage
1 tablespoon sugar
2 tablespoons Rice flour
1 small pot
1.5 Liter Jar mit a closing lit
1 Large bowl

Fill the bowl with2 Liters / 8 cups of water and mix in the salt. Stir until the .salt is resolved
Cut the Chinese cabbage into 1 inch / 2.5 cm size big pieces. Put it into the bowl and leave it there for 3 to 4 hours.

Chop the onions, the garlic, and the ginger very fine.

The Marinade:

Put 250 ml / 1 cup of cold water into the pot. Stir in the rice flour and the sugar. Cook it for 5 minutes with constant stirring. Now let it cool. Add some paprika powder and the Cayenne pepper. Add as much until it fits your spice level. Add the chopped ingredients. Mix it well.

After the 3 to 4 hours drain the Chinese cabbage as much as possible. Add the marinade and mix it well with your hands. You might use gloves as it might be too spicy for your hand. Fill the jar with the result. Push it down so that no air bubbles are inside. Leave a space about an inch / 2.5 cm, otherwise the jar might explode or the juice will come ot of the jar. Close the lid. Let it stand in your kitchen or wherever, but keep it away from sunlight. Once a day open the lid and let the fermentation gases out of the jar. Push the Chinese cabbage down, that nothing is floating on the surface. After 3 days see if it is sour enough for you. You can wait up to 5 days. Now put the jar into a fridge. After 7 days in the fridge the Kimchi is ready to eat. Kimchi can be stored up to 3 month in the fridge. The fermentation process will continue in the fridge, but much slower.After you took out some of the kimchi to consume it, push the rest of it down into the jar. Never use a spoon or something that has your saliva on the to get something out of the jar, your kimchi would spoil very fast.

git branch delete useless

Posted on 20.04.2020 by mario

Over the time the local git branches may pile up and are no longer used after merging. A cleanup can help with that.

git branch | grep -v "master" | grep -v "development" |grep -v ^* | xargs git branch -D;

Have fun!

Influxdb 2.0 lessons learned

Posted on 11.04.202011.04.2020 by mario

I played a bit with influxdb version 2.0.0, telegraf client and two of my raspberry pies.
On my oldest pi a 1 B+ the telegraf client caused too much performance issues on that light weight single CPU and 480 MB of usable RAM. So I chose a simple bash script with curl to send the CPU temperature to influxdb.

#!/bin/bash
timestamp=$(date +%s)
temp=$(vcgencmd measure_temp)
curl -XPOST \
"https://flux.example.com/api/v2/write?org=none&bucket=pihole&precision=s" \
--header "Authorization: Token asas==" \
--data-raw "cpu-temperature,host=pihole ${temp//\'C/} ${timestamp}"

At first I was running influxdbd by hand. But I didn’t want the usual port of 9999 of the alpha version and I also wanted SSL encryption when I log into the backend. Pretty easy with the already running apache on that server.

<VirtualHost *:443>
	ServerName flux.example.com
	DocumentRoot /var/www/empty

	<Directory /var/www/empty>
		Options Indexes FollowSymLinks
		AllowOverride None
		Require all granted
	</Directory>

	ProxyPass / http://localhost:9999/
	ProxyPassReverse / http://localhost:9999/

	SSLEngine on
	SSLCertificateFile  fullchain.pem
	SSLCertificateKeyFile privkey.pem
</VirtualHost>

so far so good. Starting the influxdb by hand after a reboot or failing isn’t an option. So I created by on systemd service file

sudo $EDITOR /lib/systemd/system/influxdb2.service

[Unit]
Description=InfluxDB 2.0 service file.
Documentation=https://v2.docs.influxdata.com/v2.0/get-started/
After=network-online.target

[Service]
User=influx
Group=influx
ExecStart=/usr/local/bin/influxd
Restart=on-failure

[Install]
WantedBy=multi-user.target

Do not forget to enable it :D sudo systemctl enable influxdb2

So far I made one observation. The telegraf client is doing a lot of DNS requests through the network. If I’m not wrong it does it for every request. If you look at the graphic you see that the bottom a big blue line. That is the DNS requests from telegraf. At some point around 20:00 You see a drop. Well there I change the flush interval to 120 seconds. Later at round 7:30 I wrote the IP and host name into /etc/hosts and the “noise” was gone. That is something you maybe want to do in your devices, too to save some bandwidth and energy.

Zucchini sweet and sour

Posted on 01.04.2020 by mario

What you need:
paprika
salt
pepper
white Vinegar
sugar
crème fraiche (if not available use sour cream / heavy cream with at least 50% fat)

500g aka 1 pound minced meat.

1 red bell peper
1 Zucchini
1 white onion

——

Start with bell pepper, zucchini, white onion. Cut them into pieces of your choise.
Braise one after the other in a saucepan.
Season with salt, pepper, paprika, 2 – 3 tablespoons of vinegar and half a teaspoon of sugar. Peel off a 1/4 liter (one cup) of water and cook for 15 minutes with the lid on.

Fry 500g mince in a pan. Season with salt, pepper and paprika.

Then add the mince to the pot. Mix in one tablespoon of crème fraiche.

Traveling through time isn’t enough

Posted on 08.01.2020 by mario

Some people think traveling through time is easy. It might look that way. But they don’t consider that you need to travel space, too. Wait, why space, too?
Let’s start easy. If you want to meet me at work you need 4 dimension. You might think it is just an address, but it isn’t. The first dimension is the street. To make is easy the street goes from east to west in a straight line. Well the street is very long. In order to find me you need the house number. That is like drawing another line from north to south (second dimension). If you think that you are able to meet me yet, you are WRONG! I work in a skyscraper. You need to also the number of the have the number of the floor. Now you can meet me!? WRONG! You might show but at the correct place, but at the wrong time. You might be there in the night or during my lunch break. So you need also the fourth dimension the time.
When it comes to GPS navigation you need those information twice, because you need to know from where and when you are coming.

Now with time travel it is even worse. You are standing on the earth. It rotates with about ~ 464 m/s. If you try time traveling while visiting me, and miss the correct time only by a split second you might fall down a long way down from the height of the skyscraper. But it doesn’t end there. The earth orbits the sun. That is 29.85 m/s additional movement to the earth’s rotation. Our solar system rotates in in our galaxy the milky way. The milky way rotates, too. The galaxy is moving through the universe / space. Plus the universe is expanding. And it the expanding speed is increasing. Good luck with time traveling!. Do the math and meet me in my skyscraper, yesterday! I think this the point most science fiction authors didn’t tell you. So next time you travel through time and space and you are very good. Don’t forget your parachute. If you are not so good in math don’t forget your space suite, just in case…

Remember:

The earth rotates
The earth orbits around the sun
The solar system orbits around the in a rotating galaxy
The galaxy is moving in the universe
The universe is ever expanding. Faster and faster.

CISCO router password recovery

Posted on 28.12.201923.12.2019 by mario

– Attach a terminal or PC with terminal emulation to the console port of the router.
Use these terminal settings:

* 9600 baud rate
* No parity
* 8 data bits
* 1 stop bit
* No flow control
– If you can access the router, type show version at the prompt, and record the configuration register setting. See Example of Password Recovery Procedure in order to view the output of a show version command
Note: The configuration register is usually set to 0x2102 or 0x102. If you can no longer access the router (because of a lost login or TACACS password), you can safely assume that your configuration register is set to 0x2102.

– Press **Break** (**Ctrl-Break** Windows XP) on the terminal keyboard within 60 seconds of power up in order to put the router into ROMMON.
– Type **confreg 0x2142** at the rommon 1> prompt in order to boot from Flash. This step bypasses the startup configuration where the passwords are stored.
– Type **reset** at the rommon 2> prompt. The router reboots, but ignores the saved configuration.
– Type **no** after each setup question, or press **Ctrl-C** in order to skip the initial setup procedure.
– Type **enable** at the Router> prompt. You are in enable mode and should see the Router# prompt.
– Type **configure memory** or **copy startup-config running-config** in order to copy the nonvolatile RAM (NVRAM) into memory. **Important**: Do not type **copy running-config startup-config** or **write**. These commands erase your startup configuration.
– Type **show running-config**. The **show running-config** command shows the configuration of the router. In this configuration, the **shutdown** command appears under all interfaces, which indicates all interfaces are currently shut down. In addition, the passwords (enable password, enable secret, vty, console passwords) are in either an encrypted or unencrypted format. You can reuse unencrypted passwords. You must change encrypted passwords to a new password.
– Type **configure terminal**.
– The hostname(config)# prompt appears.
– Type **enable secret <password>** in order to change the enable secret password. For example: hostname(config)#**enable secret cisco**
– Issue the **no shutdown** command on every interface that you use. If you issue a **show ip interface brief** command, every interface that you want to use should display up up.
– Type **config-register <configuration_register_setting>**. Where **configuration_register_setting** is either the value you recorded in step 2 or **0x2102** . For example: hostname(config)#**config-register 0x2102**
– Press **Ctrl-z** or **end** in order to leave the configuration mode. The hostname# prompt appears.
– Type **write memory** or **copy running-config startup-config** in order to commit the changes.

replace href regex

Posted on 27.12.201923.12.2019 by mario

Maybe this helps someone else, too
<a\s+(?:[^>]*?\s+)?href="([^"]*)"

vim

Posted on 25.12.201920.12.2019 by mario

normal mode

[count]operation[count]{motion}
:q! = quit without saving
:x = :wq == write and quit
dd or D = delete line
d7d = delete the next 7 lines
. = repeat the last command
CTRL + o = back to last cursor position
p = insert (from register) / paste in line below cursor
P = paste obove cursor- :reg = list registers
"1p = paste from register 1
"+y = copy into system clipboard
"+p = pate from system clipboard
u = undo
CTRL + R = redo
i = enter insert mode
v = enter visual mode
y = yank / copy what was selected
yy = yank / copy line
4yy = yank 4 lines
>> = indent- << = unindent
:E = open file explorer (works only with set nocompatible)
:bd = buffer delete / close buffer
:bn = goto next buffer
:bp = previous buffer
:ls = list of buffers
* = Find word unter cursor- :%s/search/replace/g g for global
:%!column -t spaces to columns
$ = goto the end of the line
x = delete charater under cursor
w = goto next word
dw = delete next word
0 = goto start of line
z ENTER move view to line
:terminal Open Terminal in split view
:set rightleft right to left (exit with :set rightleft&)
:edit! reload file without saving or :e!
:set nowrap
:set wrap
:set nu Show line numbers. Reverse with nonu
– :setlocal cm=blowfish2
:X
h j k l = move cursor ( h: ← j: ↓ k: ↑ l: →
:sp = split screen (same file)
:sp filename = open other file
:vsp = vertical split
CTRL + w CTRL + w = switch between splits
:hide = close current window
:only = keep only this window
:help holy-grail = advanced help
:set rightleft = some fun

Search/Replace

R = enter replace mode- /pattern – search for pattern
?pattern – search backward for pattern
n – repeat search in same direction
N – repeat search in opposite direction
:%s/old/new/g – replace all old with new throughout file
:%s/old/new/gc – replace all old with new throughout file with confirmations

insert mode

CTRL + n CTRL + p = Complete word
CTRL + x CTRL + l = Complete line
CTRL + r = insert register
80i * ESC = insert 80 *
5o # ESC = insert 5 rows starting with #

change EOL / line ending

:set ff=unix= set to unix line endings
How to jump back to NERDTree from file in tab
ctrl-ww

INSERT
you can insert text from your host’s clipboard by pressing the right mouse button (default setting) or by pressing Shift + Ins. Note that this has the same effect as entering every character manually. So if you are using auto indentation in vim, this will very likely screw up your code.
To fix that, you can do the following:
Before pasting into vim, enable paste mode by entering :set paste.Press I to enter insert mode. The status bar should say -- INSERT (paste) -- now.Press Shift + Insert (The auto indentation of vim should not happen.)Press Esc to leave insert mode, and disable paste mode using :set nopaste again.

How to delete all lines of file in Vim
Type gg to move the cursor to the first line of the file, if it is not already there.Type dG to delete all the lines.

Author: mario

vim replace and remove line