Wednesday 26 August 2015

GitBlit Master Slave Replication Setup


Step 1#
#In Master GIT Server[Master URL
http://git.example.net:1337]


vim /opt/gitblit/data/gitblit.properties
# Modify or Add lines as below

git.enableGitServlet = true

web.showFederationRegistrations = true

federation.passphrase = p@$$w0rd [We can set anything here]

:wq!

#ps aux | grep java
#service gitblit stop
#ps aux | grep java
#service gitblit start

Step 2#
Login to http://git.example.net:1337
Click on Admin Profile-->federation-->Copy the federation tokens for "all repositories, users, & settings"

(Example: Here token is c12b82e1b5e0ba6baec48119468aa09595663164)

Step 3#
#Install Fresh GitBlit Server

#Go to Slave GIT Server

vim /opt/gitblit/data/gitblit.properties
#Modify Or Add lines as below

federation.allowProposals=true
federation.
example1.url = http://git.example.net:1337
federation.
example1.token = c12b82e1b5e0ba6baec48119468aa09595663164 [Paste the token copied from Master GIT]
federation.
example.frequency = 5 mins [Replication frequency between Master and Backup Slave]
federation.
example.folder =
federation.
example.bare = true
federation.
example.mirror = true
federation.
example.mergeAccounts = true
#ps aux | grep java
#service gitblit stop
#ps aux | grep java
#service gitblit start

Step 4#
#Monitor the log file in both the Master & Slave Servers

tail -f /opt/gitblit/data/logs/gitblit.log

Successful Logs Example:
Master:
[INFO ] ARF: lendingstream.git/info/refs?service=git-upload-pack (100) authenticated [Here lendingstream.git Repo name, like wise will get for all Repo]
[INFO ] Federation PULL_USERS request from SLAVE_IP
[INFO ] Federation PULL_TEAMS request from SLAVE_IP
[INFO ] Federation PULL_SETTINGS request from SLAVE_IP
[INFO ] Federation PULL_SCRIPTS request from SLAVE_IP

Slave:
[INFO ] Pulling federated repository lendingstream.git from
example1 @ http://git.example.net:1337
[INFO ] Next pull of
example1 @ http://git.example.net:1337 scheduled for DATE_TIME
Step 5#
#How to Check Slave is working fine.
1. Login to Slave's GIT Dashboard by admin and check the Repo's & Users are synched or not
2. Clone any repository to Local using any Master's username & password from Slave's URL.

Sunday 16 August 2015

Ovirt Manager Backup Script


#!/bin/bash
today=`date +"%d-%B-%Y"`
remove_3day_old_file=`date +"%d-%B-%Y" --date="3 day ago"`
(
if [ -d /usr/local/ovirt_backup ]
then
echo "Backup Folder /usr/local/ovirt_backup exist"
else
mkdir /usr/local/ovirt_backup
fi
echo "Backup Started `date`"
/usr/bin/engine-backup --mode=backup --scope=all --file=/usr/local/ovirt_backup/ovirt_backup_`date +%d-%B-%Y`.tar --log=/usr/local/ovirt_backup/ovirt_backup_`date +%d-%B-%Y`_log.txt
scp /usr/local/ovirt_backup/ovirt_backup_`date +%d-%B-%Y`* scpuser@destination.example.com:/data/Server_Backups/ovirtmanager/
#rm /usr/local/ovirt_backup/ovirt_backup_$remove_3day_old_file* -f
echo "rm /usr/local/ovirt_backup/ovirt_backup_$remove_3day_old_file* -f"
echo "Backup Completed `date`"

)1>/tmp/ovirtmanager_bkp_out.txt 2>/tmp/ovirtmanager_bkp_err.txt

if [ -s /tmp/ovirtmanager_bkp_err.txt ]
then
(
        echo "To: mdmansoor26@gmail.com"
        echo "From: mdmansoor26@gmail.com"
        echo "Subject: [Alert] $0 script Error `hostname`"
        echo -e "Dear Team,\n\n"
        echo -e "\n\nContents of /tmp/ovirtmanager_bkp_err.txt"
        cat /tmp/ovirtmanager_bkp_err.txt
        echo -e "\n\nRegards,\nLinux Admin Team\n\n"
        echo -e "\n*** THIS IS A AUTO GENERATED ALERT GENERATED AT `date` ***\n"
)| /usr/sbin/sendmail -t -f mdmansoor26@gmail.com

else

(
        echo "To: mdmansoor26@gmail.com"
        echo "From: mdmansoor26@gmail.com"
        echo "Subject: [INFO] Ovirtmanager Backup completed on `date +"%d-%B-%Y"`"
        echo -e "Dear Team,"
        echo -e "\n\nOvirtmanager Backup completed on `date +"%d-%B-%Y"`"
        echo -e "\n\nScript Running in host: `hostname`"
        echo -e "\n\nScript Name: $0"
        echo -e "\n\nSource Path: ovirtmanager:/usr/local/ovirt_backup/ovirt_backup_`date +"%d-%B-%Y"`.tar & /usr/local/ovirt_backup/ovirt_backup_`date +"%d-%B-%Y"`_log.txt"
        echo -e "\n\nDestination Path: destination.example.com:/data/Server_Backups/ovirtmanager/ovirt_backup_`date +"%d-%B-%Y"`.tar & ovirt_backup_`date +"%d-%B-%Y"`_log.txt"
        echo -e "\n\nRegards,\nProd Support Team\n\n"
        echo -e "\n*** THIS IS A AUTO GENERATED ALERT GENERATED AT `date` ***\n"
)| /usr/sbin/sendmail -t -f mdmansoor26@gmail.com

fi
[root@ovirtmanager ovirt_backup]#

Ovirt Manager Upgrade / Ovirt Host Upgrade / Ovirt FreeIPA Integration


Upgrade Plan: Total Down Time Required: 4 hrs
Backup & Restore Plan:
Backup:
/usr/bin/engine-backup --mode=backup --scope=all --file=ovirt_backup_`date +%d-%B-%Y`.tar --log=ovirt_backup_`date +%d-%B-%Y`_log.txt
Restore:
/usr/bin/engine-backup --mode=restore --file=ovirt_backup_`date +%d-%B-%Y`.tar --log=ovirt_restore_`date +%d-%B-%Y`_log.txt
---------------------------------------------
If Restore DB credentials, use the below command
/usr/bin/engine-backup --mode=restore --file=ovirt_backup_`date +%d-%B-%Y`.tar --log=ovirt_restore_`date +%d-%B-%Y`_log.txt --change-db-credentials --db-host=localhost --db-user=engine --db-name=engine --db-password

Enter the password as xxxxxxxxx [Got this credentials from ovirtmanager.example.com:/etc/ovirt-engine/engine.conf.d/10-setup-database.conf ]
----------------------------------------------

Step 1 # Upgrade From 3.3.1  to 3.4.4.1 [Down Time required : 1.30 hrs ]
#yum localinstall http://resources.ovirt.org/pub/yum-repo/ovirt-release34.rpm
#yum update "ovirt-engine-setup*"
#engine-setup [Enter the appropriate details and continue this setup]

Step 2 #  Upgrade From 3.4.4.1 to 3.5.3 [Down Time required : 1.30 hrs ]
#yum localinstall http://resources.ovirt.org/pub/yum-repo/ovirt-release35.rpm
#yum update "ovirt-engine-setup*"
#engine-setup [Enter the appropriate details and continue this setup]

Step 3 # Upgrade Ovirt Node from 3.0.1 to 3.5  [Down Time required : 3 hrs ]
#Go to OvirtManager Terminal
#yum install ovirt-node-iso
Put Host in maintenance mode and click upgrade in Hosts tab

To Add External Domains in Ovirt for authentication [ Down Time required : 15 mins ]
#Go to OvirtManager Terminal
#engine-manage-domains delete --domain=example.com
#service ovirt-engine restart
#Point the SRA record in alps.example.com to Peregrine only
#engine-manage-domains add --domain=example.com --provider=IPA --user=admin
#service ovirt-engine restart

Friday 14 August 2015

htpasswd for multiple users using bash script

Step 1# Add users   in /tmp/users.txt

vim /tmp/users.txt
mansoor
user1
user2
:wq


Step 2# Create & Run script
vim htpasswd_change.sh
#!/bin/bash
for user in `cat /tmp/users.txt`
do
pass=`tr -dc A-Za-z0-9 < /dev/urandom | head -c 6 | xargs`
htpasswd -bm /var/www/html/webserver/htpasswd $user $pass
echo "$user " " : " " $pass"
done




Useradd for multiple users using bash script

Step 1#  Add users in below file

vim users.txt
mansoor
user1
user2
:wq

Step 2# vim useradd.sh
#!/bin/bash
for user in `cat users.txt`

do
useradd -g groupname -d /data/$user $user
pass=`tr -dc A-Za-z0-9 < /dev/urandom | head -c 6 | xargs`
echo -e $pass | passwd --stdin $user
echo "Username: $user Password: $pass"

done

SelfSigned SSL Certificate create command


Step 1# openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout redhat.example.com.key -out redhat.example.com.crt

Step 2# vim /etc/httpd/conf.d/ssl.conf

##Modify below lines 

SSLCertificateFile /root/SSL_Cert_Zabbix.gai.net/redhat.example.com.crt
SSLCertificateKeyFile /root/SSL_Cert_Zabbix.gai.net/redhat.example.com.key


Step 3# /etc/init.d/httpd reload

Friday 7 August 2015

SSL Certificate Check and Email Using Bash Script

#!/bin/bash
TodayPlus30=`date +%d" "%b" "%Y  -d '+30 day'`
TodayPlus15=`date +%d" "%b" "%Y  -d '+15 day'`
TodayPlus7=`date +%d" "%b" "%Y  -d '+7 day'`
TodayPlus1=`date +%d" "%b" "%Y  -d '+1 day'`
convert_TodayPlus30=`date --date="$TodayPlus30" '+%s'`
convert_TodayPlus15=`date --date="$TodayPlus15" '+%s'`
convert_TodayPlus7=`date --date="$TodayPlus7" '+%s'`
convert_TodayPlus1=`date --date="$TodayPlus1" '+%s'`

function email {
(
        echo "To: mohamed.mansoor@example.com"
        echo "From: mohamed.mansoor@example.com"
        echo "Subject: [ALERT] [SSL EXPIRE] $certificate SSL Certificate Expires On $enddate"
        echo -e "Dear Team,"
        echo -e "\n\n$certificate SSL Certificate expires on $enddate. Kindly check and renew the certificate earliest."
        echo -e "\n\nScript Running in host: `hostname`"
        echo -e "\n\nScript Name: $0"
        echo -e "\n\nRegards,\nProd Support Team\n\n"
        echo -e "\n*** THIS IS A AUTO GENERATED ALERT GENERATED AT `date` ***\n"
)| /usr/sbin/sendmail -t -f mohamed.mansoor@example.com

}

for certificate in www.zebit.com:443
do
enddate=`openssl s_client -connect $certificate 2>/dev/null | openssl x509 -noout -enddate | awk -F= '{print $2}'| awk '{print $2" "$1" "$4}'`
convert_enddate=`date --date="$enddate" '+%s'`
if [ $convert_enddate -eq $convert_TodayPlus30 ]
then
email
elif [ $convert_enddate -eq $convert_TodayPlus15 ]
then
email
elif [ $convert_enddate -eq $convert_TodayPlus7 ]
then
email
elif [ $convert_enddate -eq $convert_TodayPlus1 ]
then
email
fi
done