2011-10-28, 09:16
Our current setup is an internal PDNS server with the MySQL back-end and three BIND slaves scattered across the country, and this is how we transfer zones from the master to the slaves.
On the master
<?php
ob_start();
if(!isset($_SERVER['PHP_AUTH_USER'])
|| $_SERVER['PHP_AUTH_USER'] !== '%CLIENTUSER%'
|| $_SERVER['PHP_AUTH_PW'] !== '%CLIENTPASSWD%') die();
if(!isset($_REQUEST['hostname'])
|| empty($_REQUEST['hostname'])) die();
$configTarget = $_REQUEST['hostname'];
$masters_default = array('master.company.com' => 'XXX.XXX.XXX.XXX');
$internal_ns = array(
'ns1.company.com' => 'XXX.XXX.XXX.XXX',
'ns2.company.com' => 'XXX.XXX.XXX.XXX',
'ns3.company.com' => 'XXX.XXX.XXX.XXX',
);
$external_ns = array(
'external.othercompany.com' => 'XXX.XXX.XXX.XXX',
);
$mysql = new mysqli('%DBHOST%','%DBUSER%','%DBPASSWD%','%DBNAME%',%DBPORT%);
if($mysql->connect_error) die($mysql->connect_error);
$sql = 'SELECT DISTINCT d.name,d.account,GROUP_CONCAT(r.content SEPARATOR \';\') AS ns'
. ' FROM domains AS d'
. ' RIGHT JOIN records AS r ON d.id=r.domain_id'
. ' WHERE r.name=d.name AND r.type=\'NS\''
. 'GROUP BY d.id';
$result = $mysql->query($sql);
/*
* Internal named.conf
*/
$result->data_seek(0);
while($domain = $result->fetch_object()) {
$ns = split(';', $domain->ns);
printf("# Domain: %s\n", $domain->name);
//printf("# Account: %s\n", empty($domain->account) ? 'n/a' : $domain->account);
if(!in_array($configTarget, $ns)) {
printf("# WARNING: %s not in %s\n", $configTarget, $domain->name);
}
$masters = $masters_default;
$allow_transfer = $internal_ns;
unset($allow_transfer[$configTarget]);
foreach($external_ns as $exthost => $extip) {
if(in_array($exthost, $ns)) {
$allow_transfer[$exthost] = $extip;
}
}
printf("zone \"%s\" {\n", $domain->name);
printf("\ttype slave;\n");
printf("\tfile \"slaves/%s\";\n", str_replace('/', '_', $domain->name));
printf("\tnotify no;\n");
printf("\tmasters { %s; };\n", implode('; ', $masters));
printf("\tallow-transfer { %s; };\n", implode('; ', $allow_transfer));
printf("\tallow-notify { %s; };\n", implode('; ', $allow_transfer));
printf("};\n");
}
$output = ob_get_contents();
ob_end_clean();
printf("# %s %s\n%s",
sha1($output),
date('Y-m-d H:i:s'),
$output);
?>On the slaves
#!/bin/bash
ts=`date +%s`
hostname=`hostname`
url="https://%CLIENTUSER%:%CLIENTPASSWD%@master.company.com/getconfig.php?hostname=${hostname}"
tmpfile=`mktemp /tmp/download.XXXX`
newconf=`mktemp /tmp/${hostname}.named.conf.XXXX`
sysconf="/etc/named/master-zones.conf"
curl --cacert /etc/pki/tls/certs/master.crt -s "${url}" > "${tmpfile}"
if [[ "$?" != "0" ]]; then
echo "download failed"
rm -f "${tmpfile}" "${newconf}"
exit 1
fi
tail -n+2 "${tmpfile}" > "${newconf}"
hash1=`head -n1 ${tmpfile} | cut -d' ' -f2`
hash2=`sha1sum ${newconf} | cut -d' ' -f1`
if [[ "${hash1}" == "${hash2}" ]]; then
cmp -s ${sysconf} ${newconf}
if [[ "$?" != "0" ]]; then
mv "${sysconf}" "${sysconf}-${ts}"
install -m640 -o root -g named "${newconf}" "${sysconf}"
named-checkconf "${sysconf}"
if [[ "$?" == "0" ]]; then
rndc reload
diff -u "${sysconf}-${ts}" "${sysconf}"
else
echo "named-checkconf failed, aborting update"
mv "${sysconf}-${ts}" "${sysconf}"
fi
fi
else
echo "HASH FAIL. aborted."
echo "hash1 $hash1"
echo "hash2 $hash2"
fi
rm -f "${tmpfile}" "${newconf}"Include the config file on the slaves, put this in /etc/named.conf
include "/etc/named/master-zones.conf";
MAILTO=logwatch@company.com
*/5 * * * * root /usr/local/system_scripts/update-zones.sh
Hopefully it’s pretty self-explanatory, if not, leave a comment or drop a mail.
2011-10-27, 09:08
A horribly ugly hack to find snapshots on mounted volumes on a VMWare ESXi 4.1 host.
Create a script on random host with this
#!/bin/sh
for i in $(find /vmfs -name "*.vmsn");do eval $(echo $i | sed -n "s|^\(.*volumes\)/\([^/]*\)/\(.*\)$|ls -l \1 \| grep \2 \| grep '\\\->' \| awk '{ printf \$9 }';echo \/\3|p"); doneThen just run it with
ssh root@esxhost ./snapshotfinder.sh
And why this script just doesn’t do a find / -name “*.vmsn” is ‘couse the output won’t include the symlinks name but merely the UID of the volume, and that doesn’t help very much. And unfortunately ESX comes with a busybox binary of find, which doesn’t have the -L option.
2011-04-28, 17:52
At the office, I run my workstation on the latest Ubuntu with fluxbox as WM, but since I also need Windows for some of the tasks I run a KVM instance with a Windows 7 machine I’m controlling over RDP.
And of course you’ll eventually run out of disk space so this is what I did to double its size.
Shut down your guest (Win7 machine in my case) and back up the disk image, also rename your original image.
mkdir bak
cp win7_ent_x64_ws.img bak/win7_ent_x64_ws.img.bak
mv win7_ent_x64_ws.img win7_ent_x64_ws.img.save
Next step, create a raw file with the size you want to expand with, I had 30G earlier and decided to add another 30G
You can obviously do this with dd or any other similar software but qemu-img seemed fitting to me.
qemu-img create -f raw extended.raw 30G
Then merge the two.
cat win7_ent_x64_ws.img.save extended.raw >> win7_ent_x64_ws.img
If you do ls -alh you’ll see your win7_ent_x64_ws.img has double the size and all you have to do is to boot up the machine and partion the drive accordingly.
2010-12-03, 13:46
dircolors -p >> ~/.dircolors
Change DIR 01;34 too DIR 00;34 to get a lighter blue color.
Then change this part in your .bashrc
Too
eval "`dircolors -b ~/.dircolors`"
Then restart your terminal.
2010-12-03, 13:18
I used this to color a logfile I created myself, but it still acts as a good template for coloring.
#!/bin/bash
LOG=/usr/local/e220/log/main.log
tail -f ${LOG} | \
sed -u -e 's/<>/\x1B\[31;1m<>\x1B\[37;0m/' | \
sed -u -e 's/^[0-9:-]*/\x1B\[30;1m&\x1B\[37;0m/' | \
sed -u -e 's/Created/\x1B\[34;1mCreated\x1B\[37;0m/' | \
sed -u -e 's/Sent/\x1B\[34;1mSent\x1B\[37;0m/' | \
sed -u -e 's/CRITICAL/\x1B\[31;1mCRITICAL\x1B\[37;0m/' | \
sed -u -e 's/OK/\x1B\[32;1mOK\x1B\[37;0m/' | \
sed -u -e 's/WARNING/\x1B\[33;1mWARNING\x1B\[37;0m/' | \
sed -u -e 's/SOFT/\x1B\[32;1mSOFT\x1B\[37;0m/' | \
sed -u -e 's/HARD/\x1B\[31;1mHARD\x1B\[37;0m/'
2010-12-03, 11:46
A small program for printing logs to your desktop.
#!/bin/sh
ssh foo@yournagiosbox -X 'root-tail -fn fixed /var/log/snmptt/snmptt.log,green -i 1 -outline --wordwrap --whole -g 1278x125+2+2 -cont " > " /var/log/nagios/nagios.log,red'
2010-12-03, 11:04
If you’re tired of unpacking your movies manually and have yet to discover XBMC you can use this.
#!/bin/bash
SEARCH=$1
RAR=/usr/local/bin/rar
if [ "x$SEARCH" == "x" ]; then
echo "Usage: $0 <path to search>"
exit 0
fi
DIRS=`find $SEARCH -name "*.sfv"`
for DIR in $DIRS; do
DIRNAME=$(dirname $DIR)
if [ `ls $DIRNAME/*.part01.rar 2>/dev/null|wc -l` -gt 0 ]; then
$RAR x $DIRNAME/*.part01.rar > /dev/null
else
$RAR x $DIRNAME/*.rar > /dev/null
fi
done
2010-12-03, 10:51
Fetchmail is a blessing when it comes to migrating mailboxes.
This is an example of fetchmail.rc using POP3, usage below.
poll <popserver> protocol pop3
username <username> password <password>
smtphost <name on SMTP server> smtpname <emailaddress for new envelope>fetchmail -v -f fetchmail.rc
2010-12-03, 10:34
An easy way of taking a complete copy of a system directly over your network
On the target system:
nc –l –p 7000 | gzip –dfc | dd of=/dev/had
And on the source system:
dd if=/dev/hda | gzip -cf | nc 192.168.1.120 7000 –q 10
