Only copy specific file extentions in folder rsync -a --include '*/' --include '*.mp3' --exclude '*' source/ target/ Speed up rsync over SSH without needed to change any configs. arcfour is faster, but no longer enabled by default meanwhile aes128-ctr is rsync -avhP -e "ssh -c aes128-ctr" /src/ user@ip:/dst/ rsync ssh with non standard port rsync -avhP -e "ssh -p number" /src/ user@ip:/dst/ rsync ssh with non standard port and show full progress

Install resolvconf sudo apt install resolvconf Edit the base file with what you want to always be in the file sudo nano /etc/resolvconf/resolv.conf.d/base Have resolvconf rebuild the base sudo resolvconf -u

Show logs from when systemd service last restarted. (This needs systemd > v232) journalctl _SYSTEMD_INVOCATION_ID=$(systemctl show -p InvocationID --value SERVICE_NAME.service) | head -n15 NFS Mount with NFS and /etc/fstab From all of my reading over the years it’s always been said to add _netdev to the /etc/fstab mount, but that never worked for me. After more reading it appears that was for SystemV which is dead. I figured it out after much Googleing.

Here are the commands to get S1 working on Linux sentinelctl management token set SITE_TOKEN sentinelctl control enable sentinelctl control start

Connect via SSH client with a different user by default nano ~/.ssh/config Add the following to the file above: Host * User DEFAULT_USER Force Password auth ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no user@host

acme.sh --issue --dns dns_cf --keylength 4096 -d domain.com -d '*.domain.com'

On most Linux distros it is possible to generate the htpasswd file entries simply using the htpasswd command line util. On FreeBSD the easiest way to accomplish the same task is using OpenSSL itself openssl passwd -apr1 >> /path/to/htpasswd.file Enter the password twice and the hash will be printed into the file Then open the file and add the username followed with a : before the hash It will look like username:password_hash

Install and configure wireguard I use the Wireguard install script to create the config we import into the wireguard. That is located HERE Generate your first wireguard config. After running the script above it will ask you for a client name, I would name it something relating to opnsense Install Wireguard on OPNSense | System -> Firmware -> Plug-ins -> select and install ‘os-wireguard’ Get to wireguard config | Refresh the page, then go to VPN -> Wireguard

1. Open a command prompt or PowerShell. (You shouldn’t run as admin since this is based for the specific user). 2. Copy and paste the command below into the command prompt or PowerShell for the .exe file of the WSL distro name (ex: “Debian”) you want to set the default user for, and press Enter. (You can replace root with any user you’d like) [Ubuntu] > ubuntu config --default-user root

This is very useful when you have everything redirected with NGiNX to HTTPS, but acme.sh/LetsEncrypt requires HTTP for verification. server { listen 80; server_name DOMAIN.COM; root HTTP_ROOT; location ^~ /.well-known/acme-challenge/ { try_files $uri =404; } location / { return 301 https://DOMAIN.COM$request_uri; } }

Here’s how to create a cert/csr with more than one domain name. First you’ll want to create the directory. I use NGiNX so I like to put my certs in /etc/nginx/ssl, but you can put yours anywhere So now we will create the directory mkdir /etc/nginx/ssl/domainName Now we will cd into the directory cd /etc/nginx/ssl/domainName Now we will paste the following in the sslConfig.txt file. [req] default_bits = 4096 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C=US ST=YOURstateHERE L=YOURcityHERE O=YOURorgNAMEhere CN = YOURmainDOMAINhere [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.

First you have to install acme.sh. I like using acme.sh because it’s all bash based. As with all posts I take no responsibility for anything and this is more of a quick help instead of a full guide. I have a script that I use to deploy my WordPress sites. The only thing I recommend is if you use it make sure to add the xml-rpc.php block. I haven’t added that to it yet.

Start smartOS VM from iso that is in /zones/UUID/root/ vmadm start UUID order=cdn,once=d cdrom=/FILE.iso,ide Set static vnc port Do vmadm list to get UUID vmadm update UUID_HERE vnc_port=PORT_#_HERE I love RealVNC. It works well and they have stand-alone executable here’s the LINK

How to use SSL tunneling on WSL and access on local machine. This is super useful when needing to VNC into a smartOS KVM VM. ssh -L 0.0.0.0:PORT:REMOTE_IP:PORT [email protected]