All posts by Mainstream

CentOS Private Repositories (

This page gives a brief overview of the different repositories. The versions may vary because I can not maintain this page due to limited time.

Those packages absolute playground to fit onto newer hardware + multimedia. WineHQ builds just for fun.

hardinfo (GTK Tool show hardwareinfo)
libdrm 2.49.2
libva 2.1 (intel)
xorg-x11-drv-amdgpu 18.0.1
xorg-x11-drv-ati 18.0.1
xort-x11-drv-nouveau 1.10.15
xorg-x11-drv-mga (broken by new Xorg /llvm software)

gstreamer 1.10.15 with allmost every plugin
ffmpeg 2.8.14
guvcview 2.0.4
tumbler 0.2.1
totem with patch –no-existing-session (can be multiple open)
combat-nasm 2.13
double the libva 2.1 driver from drivers, because of gstreamer-vaapi

media *needs gstreamer
HandBrake 1.0.7
VLC 2.2.8

mesa *needs drivers

wine *needs drivers,mesa,gstreamer
libtxc_dxtn 1.0.0
p11-kit i686 (at epel not exist)
wine-stage 2.21 / wine-stage-pba 3.8 (incl. d3dadapter)

Proxmox 4.4 Extreme Network Setup (Bring Network adapters in place)

For our solution we need.

  • eth0 (onboard here)
  • wlan (pcie card)
  • dummy0.

First let’s do the dummy interface(s):

root@cloud:~# echo dummy >> /etc/modules

root@cloud:~# echo options dummy numdummies=1 >> /etc/modprobe.d/dummy.conf

root@cloud:~# modprobe dummy

You can count the number of dummy interfaces by your self. Got in mind that the interface get automatical a hardware address, that can be in conflict with the virtual machine(s).

We reconfigure the interface in

root@cloud:~# nano /etc/network/interfaces

The configuration files has to look something like:

# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you’re doing.
# If you want to manage part of the network configuration manually,
# please utilize the ‘source’ or ‘source-directory’ directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

allow-hotplug eth0
allow-hotplug dummy0

auto vmbr0
iface vmbr0 inet static
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto vmbr1
iface vmbr1 inet static
bridge_ports dummy0
bridge_stp off
bridge_fd 0

auto wlan0
iface wlan0 inet static

If you do it up right here, proxmox will use it without problems;- there is no need for a graphical interface this time.

Time for reboot

Proxmox 4.4 Extreme Network Setup (Setup and fixes)

First we install needed software packages

Proxmox VE No-Subscription Repository

root@cloud:~# update -y
root@cloud:~# update dist-upgrade

Don’t hurt me about RFC RFC2606, because I subdomain everything to sweethome and “local.” is allowed in time of this post.

root@localhost:~# hostnamectl set-hostname cloud.sweethome.local

root@localhost:~# reboot

After reboot we login again as root

root@cloud:~# apt-get install install isc-dhcp-server bind9 ntpdate ntp

Fix bind9 with appamor

root@cloud:~# echo ‘/run/systemd/journal/dev-log rw,’ >> /etc/apparmor.d/local/usr.sbin.named

root@cloud:~# systemctl restart apparmor.service

Enable IP 4v forward in root@cloud:~# nano /etc/sysctl.conf
#net.ipv4.ip_forward=1 to

We do not need to reboot now:

root@cloud:~# echo 1 > /proc/sys/net/ipv4/ip_forward

We sync local time is better for lxc containers.

root@cloud:~/systemctl stop ntp

Replace my local ntp server in

“root@cloud:~# vi /etc/ntp.conf”


server iburst
server iburst
server iburst
server iburst

Now we update our local time with time server.

root@cloud:~# ntpdate

root@cloud:~# systemctl start ntp
root@cloud:~# systemctl enable ntp

What we got now:

  • Bind9 Ready for setup
  • isc-dhcpd ready for setup
  • ipforward v4
  • time sync

Proxmox 4.4 Extreme Network Setup (Prolog)

In this post i will declare how i configure:

  • Hypervisor as gate
  • Bind9 as nameserver
  • isc-dhcp as dhcp server
  • Provider WAN/LAN (
  • dummy networkadapter for virtual machines (
  • wlan hotspot (hostapd) ( – not compatible with freebsd. Don’t wane buy another hardware.

Why i not use NAT from proxmox:

  • Got everything around: Windows, Macs (Macs & Timecapsule Iphone), Linux Distributions (Debian/Centos/Android).
  • I wane speak with my machines by name, not ip addresses.
  • Pick mac address from virtual adapter and configure network directly as an network administrator (half dhcp).
  • use pxe setup on qemu/kvm.
  • This are things that i often did in the past and use today. On local machine and server side. Perhaps I look for an
    software in the future, but network infastructur inside virtualisation? With a good primary backup not needed.

    A type of this setup is more complicated as use of “dnsmaq” toolkit. What is nicely
    for small networks infrastructure. What ever that means. I’ve tested it one day and it works.

    This can be used directly under debian and ubuntu without proxmox for sure.

    Maybe I’ll write this post to see for myself how I’ve solved it. 🙂

Centos 7 the journey form NetworkManager to self managed network configuration files

Long time ago that i wrote something. I think it’s time to start with a small one…

While I create a manual installation for Centos 7, i was borrowed by follow message after
disabled the NetworkManager:
(systemctl stop NetworkManager; systemctl disable NetworkManager; systemctl mask NetworkManager)

systemctl restart network … BOOOM (-;

network.service – LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Di 2017-03-07 19:01:15 CET; 7s ago
Docs: man:systemd-sysv-generator(8)
Process: 3469 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=6)

I wasn’t that stupid, created the file with nmtui. In fact: No mistakes! But the failure
came around from ipv6, what i disabled in the configuration.

Search for a file like “/etc/sysconfig/network”. “touch” it or create empty one.

echo “# Created by anaconda” > /etc/sysconfig/network

your done. Now “systemctl start/stop/restart network “work and the adapter is up on boot.

There is one little thing about loopback device, which is not present NetworkManager:

“ip r”

default via dev enp2s0 dev enp2s0 scope link metric 1002 dev enp2s0 proto kernel scope link src 172.16.200

After read up some forums who tell you “Prevent the kernel from load ipv6”. In Centos 7 the ipv6 module is builtin. 🙂
By the way the backloop ip is ipv 4.

After I add to the ifcfg- configuration file:


Everything looks clean.

“ip r”
default via dev enp2s0 dev enp2s0 proto kernel scope link src

We can still mix ipv4 and ipv6 with another card.

Now everything works like it should;- how simple it can be……

PS: You really know what you install when you “click” inside a gui? 🙂 Me not.

Add my git user

I log in as root:

adduser-N -d /path/to/my/repository/repo -s /bin/bash -r MyGitUser

-N do not create a group with the same name as the user
-d home directory of the new account
-s login shell of the new account
-r create a system account

what’s happen in /etc/passwd

passwd MyGitUser

ok back again.

Now i’m able todo something like
git clone MyGitUser@myhost:project.git
or more complicated
git clone MyGitUser@myhost:/path/to/my/repository/repo/project.git


CGIT inside ispconfig 3

I got many git resources on my server, there must be a way to push it into the world wide web. CGI.GIT is one of them. Let’s try it out here inside of ispconfig 3.

Through the previous installation I have a lot of development tools on board.

Missing only:
yum install openssl-devel asciidoc xmlto

cd /usr/local/src
tar xf cgi-1.0.tar.xz
cd cgi-1.0
make get-git
make CGIT_SCRIPT_PATH=/usr/share/cgit prefix=/usr install install-man
install -m 0755 -d /usr/share/man/man5
install -m 0644 cgitrc.5 /usr/share/man/man5
install -m 0755 -d /usr/share/cgit
install -m 0755 cgit /usr/share/cgit/cgit.cgi
install -m 0755 -d /usr/share/cgit
install -m 0644 cgit.css /usr/share/cgit/cgit.css
install -m 0644 cgit.png /usr/share/cgit/cgit.png
install -m 0644 favicon.ico /usr/share/cgit/favicon.ico
install -m 0644 robots.txt /usr/share/cgit/robots.txt
install -m 0755 -d /usr/lib/cgit/filters
cp -r filters/* /usr/lib/cgit/filters

Aha, this files are installed. With yum history I removed the installed developer parts..

Create the cache
install -vd “/var/cache/cgit”

For better syntax highlight:
yum install highlight

create a new web site in ispconfig and check only cgi & active.
Option -> Apache directives:

<Directory /var/www/MyGitWebSide/web>
DirectoryIndex disabled
DirectoryIndex cgit.cgi
Options +ExecCGI
AddHandler cgi-script .cgi

Back in the console

cd /var/www/MyGitWebSide/web
cp /usr/share/cgit/* .
mkdir css
mv cgit.css cgit.png css
rm index.html

Clean up permissions:
chown -R webXXX:clientXXXX *

Directory looks like
cgit.cgi css favicon.ico robots.txt stats

vi /etc/cgitrc
# cgit config
# if you don’t want that webcrawler (like google) index your site
robots=noindex, nofollow
#syntax highlight
## and included like this:
## include=/etc/cgitrepos
repo.desc=Test Git
# if had another module – it would be added like so
# repo.url=OSGi-module
# repo.path=/home/git/repositories/OSGi-module.git
# repo.desc=the OSGi-module repository

cp /usr/lib/cgit/filters/ /usr/lib/cgit/filters/

Enable version 3 and add “–inline-css” at the end.

vi /usr/lib/cgit/filters/

# for version 3.
# Version 2 can be found (for example) on EPEL 5, while version 3 can be
# found (for example) on EPEL 6.
# This is for version 2
#exec highlight –force -f -I -X -S “$EXTENSION” 2>/dev/null

# This is for version 3
exec highlight –force -f -I –inline-css -O xhtml -S “$EXTENSION” 2>/dev/null

Now I’m able to browse my git on web.

Quick and dirty

Sometimes I felt like a normal person without any kind of bad conscience. It takes me two hours and the server was ready.
helped me out.

I was a fool, hammer down every ssl information with enter. This must be corrected:

cd /etc/postfix
Genenerate Postfix ssl key:
openssl req -x509 -newkey rsa:2048 -keyout smtpd.key -out smtpd.cert -days 3650 -nodes
chmod 600 smtp.*

change /etc/postfix/ (add some lines to get smtps, taken from my old host)
smtps inet n – n – – smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

cd /usr/local/ispconfig/interface/ssl
openssl genrsa -des3 -out ispserver.key 4096
openssl req -new -key ispserver.key -out ispserver.csr
openssl x509 -req -days 3650 -in ispserver.csr \
-signkey ispserver.key -out ispserver.crt
openssl rsa -in ispserver.key -out ispserver.key.insecure
mv ispserver.key
mv ispserver.key.insecure ispserver.key

vi /etc/httpd/conf.d/ssl.conf
replace follow line:
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key (one line !!!)

Standard SSL website share the same ssl-keys from ispconfig.

Uh done. I was near a seam outburst.

Time to left the old server…

It was in time to update my v-server. The given package could not be updated. I went to my provider and bought a new one. It came preinstalled with Ubuntu 14.04. A System with a lifecycle till april 2019. No. I take a look to the systems that can be installed and yeah.. centos 7 is there. Security lifecycle till 2024. Good. That’s the way …the story goes on…