Category Archives: Uncategorized

CentOS Private Repositories (http://centos.cms4all.org/repo/7/)

This page gives a brief overview of the different repositories. The versions may vary because I can not maintain this page due to limited time.

Those packages absolute playground to fit onto newer hardware + multimedia. WineHQ builds just for fun.

drivers http://centos.cms4all.org/repo/7/drivers/
btrfs-progs
hardinfo (GTK Tool show hardwareinfo)
libdrm 2.49.2
libva 2.1 (intel)
xorg-x11-drv-amdgpu 18.0.1
xorg-x11-drv-ati 18.0.1
xorg-x11-drv-intel+git
xort-x11-drv-nouveau 1.10.15
xorg-x11-drv-mga (broken by new Xorg /llvm software)

gstreamer http://centos.cms4all.org/repo/7/gstreamer
gstreamer 1.10.15 with allmost every plugin
ffmpeg 2.8.14
x264-1.0.152
x265-2.7
rythmbox
guvcview 2.0.4
tumbler 0.2.1
totem with patch –no-existing-session (can be multiple open)
combat-nasm 2.13
double the libva 2.1 driver from drivers, because of gstreamer-vaapi

media *needs gstreamerhttp://centos.cms4all.org/repo/7/media/
HandBrake 1.0.7
VLC 2.2.8
obs-studio-21.1.1
mplayer-1.3.0

mesa *needs drivers http://centos.cms4all.org/repo/7/mesa/
freeglut-3.0.0
mesa-18.0.3
mesa-demos-8.3
mesa-private-llvm-6.0

wine *needs drivers,mesa,gstreamer http://centos.cms4all.org/repo/7/wine/
q4-wine-1.3.1
libtxc_dxtn 1.0.0
p11-kit i686 (at epel not exist)
wine-stage 2.21 / wine-stage-pba 3.8 (incl. d3dadapter)
http://centos.cms4all.org/repo/7/wine/readme_wine-stage-pba.txt

Proxmox 4.4 Extreme Network Setup (Bring Network adapters in place)

For our solution we need.

  • eth0 (onboard here)
  • wlan (pcie card)
  • dummy0.

First let’s do the dummy interface(s):

root@cloud:~# echo dummy >> /etc/modules

root@cloud:~# echo options dummy numdummies=1 >> /etc/modprobe.d/dummy.conf

root@cloud:~# modprobe dummy

You can count the number of dummy interfaces by your self. Got in mind that the interface get automatical a hardware address, that can be in conflict with the virtual machine(s).

We reconfigure the interface in

root@cloud:~# nano /etc/network/interfaces

The configuration files has to look something like:

# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you’re doing.
#
# If you want to manage part of the network configuration manually,
# please utilize the ‘source’ or ‘source-directory’ directives to do
# so.
# PVE will preserve these directives, but will NOT its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

allow-hotplug eth0
allow-hotplug dummy0

auto vmbr0
iface vmbr0 inet static
address 192.168.0.2
netmask 255.255.255.0
gateway 192.168.0.1
bridge_ports eth0
bridge_stp off
bridge_fd 0

auto vmbr1
iface vmbr1 inet static
address 192.168.127.1
netmask 255.255.255.0
broadcast 192.168.127.255
bridge_ports dummy0
bridge_stp off
bridge_fd 0

auto wlan0
iface wlan0 inet static
address 10.0.10.1
netmask 255.255.255.0
broadcast 10.0.10.255

If you do it up right here, proxmox will use it without problems;- there is no need for a graphical interface this time.

Time for reboot

Proxmox 4.4 Extreme Network Setup (Setup and fixes)

First we install needed software packages

Proxmox VE No-Subscription Repository

root@cloud:~# update -y
root@cloud:~# update dist-upgrade

Don’t hurt me about RFC RFC2606, because I subdomain everything to sweethome and “local.” is allowed in time of this post.

root@localhost:~# hostnamectl set-hostname cloud.sweethome.local

root@localhost:~# reboot

After reboot we login again as root

root@cloud:~# apt-get install install isc-dhcp-server bind9 ntpdate ntp

Fix bind9 with appamor

root@cloud:~# echo ‘/run/systemd/journal/dev-log rw,’ >> /etc/apparmor.d/local/usr.sbin.named

root@cloud:~# systemctl restart apparmor.service

Enable IP 4v forward in root@cloud:~# nano /etc/sysctl.conf
#net.ipv4.ip_forward=1 to
net.ipv4.ip_forward=1

We do not need to reboot now:

root@cloud:~# echo 1 > /proc/sys/net/ipv4/ip_forward

We sync local time is better for lxc containers.

root@cloud:~/systemctl stop ntp

Replace my local ntp server in

“root@cloud:~# vi /etc/ntp.conf”

to

server 0.de.pool.ntp.org iburst
server 1.de.pool.ntp.org iburst
server 2.de.pool.ntp.org iburst
server 3.de.pool.ntp.org iburst

Now we update our local time with time server.

root@cloud:~# ntpdate 0.de.pool.ntp.org

root@cloud:~# systemctl start ntp
root@cloud:~# systemctl enable ntp

What we got now:

  • Bind9 Ready for setup
  • isc-dhcpd ready for setup
  • ipforward v4
  • time sync

Proxmox 4.4 Extreme Network Setup (Prolog)

In this post i will declare how i configure:

  • Hypervisor as gate
  • Bind9 as nameserver
  • isc-dhcp as dhcp server
  • Provider WAN/LAN (192.168.0.0/24)
  • dummy networkadapter for virtual machines (192.168.127.0)
  • wlan hotspot (hostapd) (10.0.10.0/24) – not compatible with freebsd. Don’t wane buy another hardware.

Why i not use NAT from proxmox:

  • Got everything around: Windows, Macs (Macs & Timecapsule Iphone), Linux Distributions (Debian/Centos/Android).
  • I wane speak with my machines by name, not ip addresses.
  • Pick mac address from virtual adapter and configure network directly as an network administrator (half dhcp).
  • use pxe setup on qemu/kvm.
  • This are things that i often did in the past and use today. On local machine and server side. Perhaps I look for an
    software in the future, but network infastructur inside virtualisation? With a good primary backup not needed.

    A type of this setup is more complicated as use of “dnsmaq” toolkit. What is nicely
    for small networks infrastructure. What ever that means. I’ve tested it one day and it works.

    This can be used directly under debian and ubuntu without proxmox for sure.

    Maybe I’ll write this post to see for myself how I’ve solved it. 🙂

Centos 7 the journey form NetworkManager to self managed network configuration files

Long time ago that i wrote something. I think it’s time to start with a small one…

While I create a manual installation for Centos 7, i was borrowed by follow message after
disabled the NetworkManager:
(systemctl stop NetworkManager; systemctl disable NetworkManager; systemctl mask NetworkManager)

systemctl restart network … BOOOM (-;

network.service – LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: failed (Result: exit-code) since Di 2017-03-07 19:01:15 CET; 7s ago
Docs: man:systemd-sysv-generator(8)
Process: 3469 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=6)

I wasn’t that stupid, created the file with nmtui. In fact: No mistakes! But the failure
came around from ipv6, what i disabled in the configuration.

Search for a file like “/etc/sysconfig/network”. “touch” it or create empty one.

echo “# Created by anaconda” > /etc/sysconfig/network

your done. Now “systemctl start/stop/restart network “work and the adapter is up on boot.

There is one little thing about loopback device, which is not present NetworkManager:

“ip r”

default via 172.16.200.1 dev enp2s0
169.254.0.0/16 dev enp2s0 scope link metric 1002
172.16.200.0/24 dev enp2s0 proto kernel scope link src 172.16.200

After read up some forums who tell you “Prevent the kernel from load ipv6”. In Centos 7 the ipv6 module is builtin. 🙂
By the way the backloop ip is ipv 4.

After I add to the ifcfg- configuration file:

NOZEROCONF=yes

Everything looks clean.

“ip r”
default via 172.16.200.1 dev enp2s0
172.16.200.0/24 dev enp2s0 proto kernel scope link src 172.16.200.10

We can still mix ipv4 and ipv6 with another card.

Now everything works like it should;- how simple it can be……

PS: You really know what you install when you “click” inside a gui? 🙂 Me not.

Quick and dirty

Sometimes I felt like a normal person without any kind of bad conscience. It takes me two hours and the server was ready. https://www.howtoforge.com/perfect-server-centos-7-apache2-mysql-php-pureftpd-postfix-dovecot-and-ispconfig3
helped me out.

I was a fool, hammer down every ssl information with enter. This must be corrected:

Postfix
cd /etc/postfix
Genenerate Postfix ssl key:
openssl req -x509 -newkey rsa:2048 -keyout smtpd.key -out smtpd.cert -days 3650 -nodes
chmod 600 smtp.*

change /etc/postfix/master.cf (add some lines to get smtps, taken from my old host)
smtps inet n – n – – smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

ISPConfig
cd /usr/local/ispconfig/interface/ssl
openssl genrsa -des3 -out ispserver.key 4096
openssl req -new -key ispserver.key -out ispserver.csr
openssl x509 -req -days 3650 -in ispserver.csr \
-signkey ispserver.key -out ispserver.crt
openssl rsa -in ispserver.key -out ispserver.key.insecure
mv ispserver.key ispserver.key.secure
mv ispserver.key.insecure ispserver.key

HTTPD
vi /etc/httpd/conf.d/ssl.conf
replace follow line:
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt

#SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key (one line !!!)

Standard SSL website share the same ssl-keys from ispconfig.

Uh done. I was near a seam outburst.

Time to left the old server…

It was in time to update my v-server. The given package could not be updated. I went to my provider and bought a new one. It came preinstalled with Ubuntu 14.04. A System with a lifecycle till april 2019. No. I take a look to the systems that can be installed and yeah.. centos 7 is there. Security lifecycle till 2024. Good. That’s the way …the story goes on…