<code sql> mysql> GRANT ALL PRIVILEGES ON *.* TO 'user'@'client' IDENTIFIED BY 'password' WITH GRANT OPTION; </code> ===== create user with a dedicated database ===== <code sql> mysql... ABASE db; mysql> GRANT ALL PRIVILEGES ON db.* TO 'user'@'client' IDENTIFIED BY 'password'; </code> ===... e innodb file per table ===== by default, innodb use a gigantic "ibdata" file where it stores all the
ously needs an already running full mail stack (I use qmail/postfix/dovecot), which will not be covered... # good ol' favicon (adjust path if you use Larry skin) rewrite ^/favicon.ico... ed roundcubemail, hosted on “dbhost” and owned by user roundcubemail. * Install roundecube: <code bas... se named agendav, hosted on "dbhost" and owned by user agendav. * Install AgenDAV plugin: <code bash>
# # This configuration can be used by multiple # # clients, however each client sho... nfig file directives # from the server. client # Use the same setting as you are using on # the server... t # Are we connecting to a TCP or # UDP server? Use the same setting as # on the server. ;proto tcp p... olve the # host name of the OpenVPN server. Very useful # on machines which are not permanently connec
do make install </code> ===== Create a dedicated user ===== Create a user with no shell and no password <code bash> # adduser Username: gemini Full name: gemini Uid (Leave empty for default): Login group [gemini]: Login group i
ame.domain.tld Port 22 User username </code> typing "ssh shortname" will be the same as "ssh username@longname.domain.tld" (even if shortname is n... /hosts file) ====== Bounce hosts ====== Here we use a publicaly available IP host to reach a private
sh IMAPSYNCOPTS='--ssl1 --host1 my_mail_server --user1 my_email_user --passfile1 /etc/secret1 --authmech1 LOGIN --ssl2 --host2 --user2 my_gmail_user --passfile2 /etc/secret2 --authmech2 LOGIN --syncinternaldates --delete2' /usr/local/
t last command argument, just like $! N.B. xterm users, you must activate "meta send escape". ====== Emacs/VI mode ====== Bash can use Emacs or VI shortcuts, using the "set" command. ... STTIMEFORMAT='%Y-%m-%d %H:%M:%S ' </code> ====== Useful links ====== *
p://|top]] util, used for real-time process list ====== htop ====== [[...|apache-top]] is used to parse the server-status/ apache page (usage: ... ds - obviously - mod_status) Note: Not to be confused with [[|apachetop]], which use apache's log files instead. ====== iftop ======
h ipv4/ipv6 accesses on some servers I personally use. ===== SSH ===== add to /etc/ssh/sshd_config: ... r main lighttpd configuration file: <code> server.use-ipv6 = "enable" $SERVER["socket"] == ""... *,[::] </code> of course, ssl_listen have to be used only if you use SSL version of the protocols (that is, imaps or pop3s). ===== netfilter ===== rememb
capabilities and integrated configurator. We will use the following tools: * Any webserver running ph... iaDB]] (NConf needs it) The main idea here is to use Nagios' frames to integrate the other tools. This can also be used with Nagios-style UIs (i.e. [[https://www.icinga
D For minimal downtime during migration, we will use `pg_upgrade` tool, which needs both old and new PostgreSQL binaries available. To do so, we will use FreeBSD's ports system, without `make clean` at f... QLNEWVERSION}/pg_hba.conf ``` ## Go back to root user and finish migration ```bash exit service postg
an 7.x</note> <code bash> #!/bin/bash # script used to chroot/pivot a live system on tmpfs in order ... w connect with ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p ${CHROOTPORT} root@$(... ), launch screen/tmux and shred" echo "and finaly use reboot or halt commands (warning: they are not th
eady removed port on FreeBSD ====== Sometimes we use alternate ports (in my case, openssl111, to get T... e same version, we can create a temporary port. I use jails so I have to do this in basejail: <code> c
