How to GIT

UPDATE

git pull

make new local branch:

git checkout -b [name]

CHANGES
make changes, then add all:

git add .

commit:

git commit -m "comment"

push changes and create new branch:

git push

TO GET THE LATEST VERSION

git checkout master
git pull
git checkout [USER]
git rebase master

Step 1. Fetch and check out the branch for this merge request

git fetch origin
git checkout -b [USER] origin/[USER]

Step 2. Review the changes locally

Step 3. Merge the branch and fix any conflicts that come up

git fetch origin
git checkout origin/master
git merge --no-ff [USER]

Step 4. Push the result of the merge to GitLab

git push origin master

(In this case [USER] is foxsan. And you are not him.)

Loading

How to set up a domain and e-mail with Virtualmin

Virtualmin is a rock solid control panel for your VPS, it’s simple as that. It’s sometimes not so simple to set it up correctly due to its many options.

I’ve tried my best to make a decent manual that explains how to set up a domain and email in a quick and dirty way. I’m not talking about security and stuff yet. It’s just about setting things up.

I am also assuming your freshly (re)built VPS has a root password set and that you are now ssh-ing into it. If not, do it now.

  1. First thing you need to do is find the name of your network interface
    ifconfig

    It’s probably venet0 (that’s venetzero)

  2. apt-get update
  3. apt-get install wget nano curl ca-certificates -y
  4. cd ~
  5. wget http://software.virtualmin.com/gpl/scripts/install.sh
  6. sudo /bin/sh install.sh
  7. READ THE TEXT BEFORE PRESSING Y
  8. Press Y and enter to continue. It will now do the thing. Patience, young one. Phase 1, 2 and 3 should all install without a hitch.  [ OK! ]
  9. While you are waiting, go set up the DNS at your registrar.
    @ 1000 MX 10 mail.domainname.tld
    
    * 1000 A 0 VPS_IP_ADDRESS
    
    @ 1000 A 0 VPS_IP_ADDRESS
    
    ftp 1000 A 0 VPS_IP_ADDRESS
    
    localhost 1000 A 0 127.0.0.1
    
    mail 1000 A 0 VPS_IP_ADDRESS
    
    pop 1000 A 0 VPS_IP_ADDRESS
    
    www 1000 A 0 VPS_IP_ADDRESS

    Don’t worry about the SPF, domainkey, the acme-challenge and the dmarc yet.

  10. If you get “Device “link” does not exist.”, type in the name of the network interface you found at step 1

All should be ready now and you should see a few success messages. If not, go fix.

Time for a little maintenance.
  1. apt-get update
  2. apt-get upgrade -y
  3. apt-get dist-upgrade -y
  4. apt-get autoremove
  5. apt-get autoclean
  6. RESTART THE VPS
To the control panel mobile!

https://HOSTNAME:10000

  1. Log in with your root password
  2. You will now have to go through the post-installation wizard, press Next
  3. Set everything up to according to your wishes. For me, that’s:
    Preload Virtualmin libraries? yes
    Run email domain lookup server? yes
    next
    Run ClamAV server scanner? yes
    next
    Run SpamAssassin server filter? yes
    next
    Run MariaDB/MySQL database server? yes
    Run PostgreSQL database server? no
    next
    Set a MySQL password. Make it strong!
    MariaDB/MySQL configuration size: 
    next
    Primary nameserver : YOUR_HOSTNAME and tick the checkbox “Skip check for resolvability”
    next
    Password storage mode: Only store hashed passwords
    next
    Virtualmin post-installation configuration is now complete!
    next
Are we done yet? D: No.
  1. Click “Re-check and refresh configuration”If you get

    Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server. Either add 127.0.0.1 to the list of DNS servers, or turn off the BIND feature on the module config page.

    Click list of DNS servers and add 127.0.0.1 in the DNS Servers field and press Save. Next, click Apply Configuration. Then, click the Virtualmin on top, click System Settings and then Re-check Configuration.

  2. No errors? Click Return To Virtual Servers List

Your Virtualmin installation is now ready to had domain names etc added.

Set up your first virtual server
  1. Click Add New Virtual Server, Owned By: <new user>
  2. Enter the following data:
    Domain name: YOUR_DOMAINNAME.TLD
    Description: Optional, but make a short desc.
    Administration Password: STRONG_PASSWORD!Under Enabled Features tick the options you would like to have. I basically tick everything except for “Setup IP-based virtual FTP” since I don’t need it.
  3. Click Create Server
  4. If all went well, click Return To Virtual Server Details where you can check things again
Time to install a SSL certificate for your domain
  1. Is your domain available already under simple http://? If you have moved your domain and changed your DNS, ping your domain as well to see if everything is set correctly and has been propagated completely. Your frontpage of your domain should say “Apache2 Debian Default Page”
  2. Time to make some DNS additions! Click Server Configuration and then click DNS Records.
  3. Move the following data over to your DNS settings at your registrar:
    SPF, _acme-challenge.mail and _acme-challengeSo, here’s an example:For SPF:

    DOMAINNAME 1000 TXT 0 v=spf1 a mx a:DOMAINNAME.TLD ip4:IPADDRESS1 ip4:IPADDRESS2 ?all

    For the acme challenges:

    _acme-challenge.mail 1000 TXT 0 RANDOMSTRING_OFCHARACTERS
    
    _acme-challenge 1000 TXT 0 RANDOMSTRING_OFCHARACTERS
  4. When everything is set up, go to the Virtualmin tab, click Server Configuration and then click SSL Certificate
  5. Click Let’s Encrypt
  6. Did you set up your DNS according to the pre-filled list you see in the field named “Domains associated with this server”? Then you’re good to go and click Request Certificate. If not, manually enter the domain and subdomains.At this point, the request either succeeds or fails. In the latter case, click SSL Certificate again, then Let’s Encrypt and correct the wrong entry.TIP: If you have errors and try to get a certificate too many times, you get an error about that as well. If you get the following message, go play outside for a little bit or proceed with setting up email as described in the next part.
    Error requesting challenges: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
  7. dfdsfsf
Setting up e-mail
  1. Click the Virtualmin tab, then Edit Users
  2. Click + Add a user to this server
  3. Enter a mailbox name, like “info”
  4. Enter a password
  5. Click the Create button

Now this has been set up, you can poke your DNS settings again! Woo!

  1. Click the Virtualmin tab, then Email Settings, then DomainKeys Identified Mail
  2. Click Install Now and wait
  3. At the bottom of the page, it should read
    installation completed successfully
  4. Click Return To DKIM Form
  5. Set the DKIM up as follows:Signing of outgoing mail enabled? yes
    Selector for DKIM record name: 2018
    Reject incoming email with invalid DKIM signature? yes
    Size of new DKIM key: 2048Press Save when done
  6. All should be well, so click Return To DKIM Form
  7. Click Return To Virtual Servers List
  8. Click the Virtualmin tab, then Server Configuration, then DNS Options
  9. Set this form up as follows:SPF record enabled? yes
    Allowed sender hostnames: DOMAINNAME.TLD
    DMARC record enabled? yesPress Save when done
  10. Click the Virtualmin tab, then Server Configuration, then DNS Records
  11. Copy the _dmarc entry over to your DNS settings at your registrar
  12. Click the Virtualmin tab, then Email Settings, then DomainKeys Identified Mail
  13. Set “Signing of outgoing mail enabled?” to yes
  14. Click the Save button
  15. Click Return to DKIM form
  16. Copy part of the content of the field “DNS records for additional domains” over to your DNSExample:
    2018._domainkey IN TXT ( “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/I4PwduFS/q”
    “U4y6pDFNFYf868Z2p+BNw+QRMphZ6YnVt1MWeVtNIXnYvhUtf6jhAX2BZ5gl8R2ILyL9NCkFe8W5cAVR”
    “/cZkZl6OIc7fdTiLePYNCS3HcVcTiE0Szb3zwDRAZE2XyAqFvNQJuVe/H5tJxlOAu1vhqv3FuZM1viv9”
    “VfiPQ77oQ9eOmQMZH59+QL/Vw4fnUnui4QhqRaH+iLb1bQdcJqIu1y3M+bgSCmrSu7v40V1G+wmUY13J”
    “fg41SIvYbuEe+CGjwMjVW0KFC15x3m5ChwM3q68b5gBv0L+JeMG27+DDQ5CSUIZSAJU0XifyeAfTIfRe”
    “5L+Bec7hQIDAQAB” )This will end in a train wreck, so remove the first part, namely:2018._domainkey IN TXT ( …. )

    Now, clean up the rest in Notepad++:

    “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/I4PwduFS/q” “U4y6pDFNFYf868Z2p+BNw+QRMphZ6YnVt1MWeVtNIXnYvhUtf6jhAX2BZ5gl8R2ILyL9NCkFe8W5cAVR” “/cZkZl6OIc7fdTiLePYNCS3HcVcTiE0Szb3zwDRAZE2XyAqFvNQJuVe/H5tJxlOAu1vhqv3FuZM1viv9” “VfiPQ77oQ9eOmQMZH59+QL/Vw4fnUnui4QhqRaH+iLb1bQdcJqIu1y3M+bgSCmrSu7v40V1G+wmUY13J” “fg41SIvYbuEe+CGjwMjVW0KFC15x3m5ChwM3q68b5gBv0L+JeMG27+DDQ5CSUIZSAJU0XifyeAfTIfRe” “5L+Bec7hQIDAQAB”

  17. Really, clean up the text before entering it into your DNS.

VALIDATE and install FAIL2BAN

(sorry, i can’t remember how to proceed this installation since the last edit was two years ago.)

Good luck.

Loading

IMAPSYNC for Debian 8 installation

  1. apt-get update
  2. apt-get upgrade
  3. apt-install git libjson-webtoken-perl libauthen-ntlm-perl libcgi-pm-perl libcrypt-openssl-rsa-perl libdata-uniqid-perl libfile-copy-recursive-perl libio-socket-inet6-perl libio-socket-ssl-perl libio-tee-perl libhtml-parser-perl libjson-webtoken-perl libmail-imapclient-perl libparse-recdescent-perl libmodule-scandeps-perl libreadonly-perl libregexp-common-perl libsys-meminfo-perl libterm-readkey-perl libtest-mockobject-perl libtest-pod-perl libunicode-string-perl liburi-perl libwww-perl libtest-nowarnings-perl libtest-deep-perl libtest-warn-perl make cpanminus
  4. cd /home
  5. git clone https://github.com/imapsync/imapsync.git
  6. cd imapsync
  7. chmod +x imapsync
  8. Test it by typing
    ./imapsync
  9. You may need to install some extras by entering
    cpanm File::Tail
  10. cp imapsync /usr/bin/

Done!

Item 10 is to make sure you can use this command anywhere on the server. Have fun!

Loading

Add backports to your sources.list

Backports are recompiled packages from testing (mostly) and unstable (in a few cases only, e.g. security updates) in a stable environment so that they will run without new libraries (whenever it is possible) on a Debian stable distribution

Backports cannot be tested as extensively as Debian stable, and backports are provided on an as-is basis, with risk of incompatibilities with other components in Debian stable. Use with care!

It is therefore recommended to select single backported packages that fit your needs, and not use all available backports.

  1. touch /etc/apt/sources.list.d/backports.list
  2. nano /etc/apt/sources.list.d/backports.list
  3. Add the following line and then save it:
    deb http://deb.debian.org/debian buster-backports main
  4. apt-get update
  5. apt-get -t buster-backports install "package"

source: https://backports.debian.org/Instructions/

Loading

Adding SSH keys to Github

For Debian 9 (and MacOS)

  1. Check for old keys
    1. cd ~/.ssh
    2. ls id_*
  2. Backup old keys
    1. mkdir keys_backup
    2. cp id_* keys_backup
  3. Generate a new key
    1. ssh-keygen -t rsa -C "your_email@example.com"
    2. don’t use a passphrase
  4. Go to the key directory
    1. cd ~/.ssh
  5. Download the public key
  6. Open the key in Notepad++ (or similar)
  7. Log in at github.com
  8. Click on the right side on your profile picture
  9. Click on Settings
  10. Click on SSH and GPG Keys
  11. Click on New SSH Key
  12. Create a new name for the key
  13. Paste the contents of the public key into the Key field
  14. Click on Add SSH Key

Done.

Loading