server

WireGuard is lightweight VPN with extremely simple configuration. All below was tested on Ubuntu 18.04 as server and Anroid 8.0.0 as client.

LXC containers are great for application isolation and safe deployment. Running unprivileged containers is the safest way to run containers in a production environment. This note contains enough information to create your own safe container.

I've completed setting up my comfort set of LXC containers and want to save some points I spent a lot of time for or things for copy-paste.

I used the official Ubuntu Server Guide but note at Digital Ocean knowledge base also helped me a lot. I created 3 containers: one for vpn, one for site on Drupal and last one as www proxy for second one with nginx only.

This note is similar to previous drupal and joomla installations. Install requirements (webserver, php5, DB server, DB adapter for php) as root:

apt-get install -y nginx php5-fpm nginx postgresql php5-pgsql php5-gd

This Python script retrieves computer's external IP address (using internet.yandex.ru) and emails message with new IP if IP has been changed since last check. BeautifulSoup module is needed, so install it if you have no installed version:

sudo pip install beautifulsoup

To enable tun device in OpenVZ containers tun module

• needs to be loaded in the host system (in my case CentOS 6.4)
• containter (in my case Ubuntu Server 12.04) must be allowed to use tun

This howto is based on two sources: Official wiki and Amutu blog entry. In short, the main difficulty is in bridge network configuration: correct network configuration doesn't work in CentOS 6.4 while NetworkManager is running. I compiled official documentation and fix found in Amutu blog here in one entry.

Depends on server configuration, each OpenVPN client needs configuration file (client.conf for *nix and client.ovpn for windows), certificate authority (ca.crt), [optional] tls auth file (ta.key), user crt and key.

SLURM (Simple Linux Utility for Resource Management) — job scheduler and resource manager usually installed on supercomputers. For example, it runs on Lomonosov supercomputer in MSU, Moscow, Russia.

Default Drupal package in Ubuntu installs Apache, but I prefer nginx as a webserver. In this note I’ll describe steps necessary to get Drupal 7 work.

This howto is based on a great guide with modifications. All settings are made for server domain hg.kenarius.org. You can replace it with your one easily.

We all do backups. This note is about doing them on Ubuntu 12.04.

Tasks:

• archive important folders
• dump mysql databases
• upload all to yandex.disk (online web storage with 10GB space)
• delete old backups

I’ll save only backups for last five days.