Today I wrote my firs application for ReadyNAS OS. It's very, very simple. It just for Proxy Auto Configuration (PAC) / Web Proxy Autodiscovery Protocol (WPAD) so I called it wpad ;-)
The whole "application" serve only one file wpad.dat. It fits in two files: /apps/wpad/http.conf and /apps/wpad/wpad.dat itself. The content of /apps/wpad/http.conf is:
<VirtualHost *:80> ServerAdmin admin@localhost ServerName wpad DocumentRoot /apps/wpad ErrorLog /apps/wpad/error.log LogLevel warn </VirtualHost>
Now when apache starts it creates link:
root@NAS:~# ll /etc/apache2/sites-enabled/090-wpad.conf lrwxrwxrwx 1 root root 20 Mar 22 21:15 /etc/apache2/sites-enabled/090-wpad.conf -> /apps/wpad/http.conf
To more detailed info about applications for ReadyNAS OS see ReadyNAS Applications Specification.
To have WPAD worked I had to configure also my router:
To resolve wpad as 192.168.1.12 (this is address of my NAS) in /etc/dnsmasq.conf I added:
address=/wpad/192.168.1.12
and to in /etc/config/dhcp file in section config dhcp 'lan':
list dhcp_option '252,http://wpad/wpad.dat'
To backup embedded systems, such as Android phone or OpenWRT router you can use tar command in conjunction with ssh. As I mentioned before this method is almost successful with Android. Now example with Gargoyle router - called device.
Similar to Android devices OpenWRT's tar doesn't support --totals option, so I've prepared wrapper (see below) because it is necessary for BackupPC.
You will need:
- Copy your generated earlier id_rsa.pub to /etc/dropbear/authorized_keys on device. To be able to login without password.
Login to device manually for the first time (to add it to known_hosts):
sudo -u backuppc /usr/bin/ssh -q -x -n -l root router
as you can see I logged as root to device named router. Alternatively you can manually edit known_hosts.
On device create file (ie. /root/tar_totals.bash) to emulate --totals option behaviour:
root@router:~# cat /root/tar_totals.bash tar $* echo "Total bytes written: 10240 (10KiB, 3.6MiB/s)" >&2
and of course make it executable:
chmod u+x /root/tar_totals.bash
(this what I can't do on Android)
Define host in BackupPC with settings:
$Conf{BackupFilesExclude} = {}; $Conf{BackupFilesOnly} = { '/' => [ 'etc' ] }; $Conf{TarClientCmd} = '$sshPath -q -x -n -l root $host $tarPath -c -v -f - -C $shareName+'; $Conf{TarClientPath} = '/root/tar_totals.bash'; $Conf{TarShareName} = [ '/' ]; $Conf{XferMethod} = 'tar';
as you can see only /etc is copied, and I use wrapper instead of tar command.
Now you can backup it. Of course in log you will have:
Running: /usr/bin/ssh -q -x -n -l root router /root/tar_totals.bash -c -v -f - -C / ./etc full backup started for directory / Xfer PIDs are now 23732,23731 Total bytes written: 10240 (10KiB, 3.6MiB/s) (...)
where you can see fake transfer summary.
Unfortunately on Android device you cannot set file as executable:
HWVTR:/storage/emulated/0/ssh $ chmod u+x tar_totals.bash chmod: chmod 'tar_totals.bash' to 100760: Operation not permitted
After you manage to ssh to your android device. You can set it up to backup with BackupPC.
Since rsync command is not available You can use tar. In configuration you have to set:
$Conf{XferMethod} = 'tar';
change path to tar:
$Conf{TarClientPath} = 'tar';
and command to execute:
$Conf{TarClientCmd} = '$sshPath -q -x -n -p 2222 $host env LC_ALL=C $tarPath -c -v -f - -C $shareName+';
as you can see I've removed -l root and --totals.
Complete config is:
$Conf{XferMethod} = 'tar'; $Conf{TarClientPath} = 'tar'; $Conf{TarShareName} = [ '/storage/emulated/0/DCIM/Camera/' ]; $Conf{TarClientCmd} = '$sshPath -q -x -n -p 2222 $host env LC_ALL=C $tarPath -c -v -f - -C $shareName+';
There are still some problems because backup is ended with an error:
Running: /usr/bin/ssh -q -x -n -p 2222 huawei_p10 env LC_ALL=C tar -c -v -f - -C /storage/emulated/0/DCIM/Camera . full backup started for directory /storage/emulated/0/DCIM/Camera Xfer PIDs are now 19406,19405 (...) tarExtract: Done: 0 errors, 0 filesExist, 0 sizeExist, 0 sizeExistComp, 78 filesTotal, 227795841 sizeTotal Backup aborted () Not saving this as a partial backup since it has fewer files than the prior one (got 78 and 0 files versus 1814)
You can backup android phone/tabled (device) with rsync installed on some host and SimpleSSHD installed on device.
First you have to check if you can ssh to device:
To login first time You have to run SimpleSSHD and press START to run it in foreground. From some host login to device using command:
sudo -u backuppc /usr/bin/ssh 192.168.1.241 -p 2222
enter password displayed in SimpleSSHD windows on device, you will see something like this:
no authorized_keys, generating single-use password -------- yrGAex8s --------
As you can see my device has address 192.168.1.241 and server is using his default port 2222. You don't have to provide any user name (ie. -l someuser).
Now you can backup device manually using rsync:
rsync --update -e 'ssh -p 2222' -azv \ 192.168.1.241:/storage/emulated/0/DCIM/Camera/ /data/myPhoneBackup/
Another approach is to use Rsync Wrapper by Letscorp (I didn't tested it yet).
The main target is to make android device be able to backup using BackupPC.
Installation
yum install https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm yum install puppetserver
add following lines to /etc/puppetlabs/puppet/puppet.conf, of course, change puppetmaster to your host name:
dns_alt_names = puppet,puppetmaster [agent] runinterval = 1m
you can reduce memory usage - edit /etc/sysconfig/puppetserver file and change JAVA_ARGS to:
JAVA_ARGS="-Xms256m -Xmx384m -XX:MaxPermSize=256m"
then run service:
systemctl enable puppetserver systemctl start puppetserver
First manifests
To communicate with agents puppet use 8140 port - we try to open it using puppet in three steps:
- Install module to manage firewalld
- Create new puppet service
- Enable this service for public zone
Module installation
First we need module to manage firewalld - to install it create manifest file, ie. puppet.test.firewalld-install.pp (as you can see I used /root directory, but it does'n matter):
$module_firewalld = 'crayfishx-firewalld' exec { 'install-puppet-module-firewalld': command => "puppet module install ${module_firewalld}", unless => "puppet module list | grep ${module_firewalld}", path => ['/bin', '/opt/puppetlabs/bin'] }
and test (--noop) first manifest:
[root@puppetmaster ~]# puppet apply puppet.test.firewalld-install.pp --noop Notice: Compiled catalog for puppetmaster.lan in environment production in 0.18 seconds Notice: /Stage[main]/Main/Exec[install-puppet-module-firewalld]/returns: current_value notrun, should be 0 (noop) Notice: Class[Main]: Would have triggered 'refresh' from 1 events Notice: Stage[main]: Would have triggered 'refresh' from 1 events Notice: Applied catalog in 1.45 seconds
after this you can apply (without --noop):
[root@puppetmaster ~]# puppet apply puppet.test.firewalld-install.pp Notice: Compiled catalog for puppetmaster.lan in environment production in 0.18 seconds Notice: /Stage[main]/Main/Exec[install-puppet-module-firewalld]/returns: executed successfully Notice: Applied catalog in 14.33 seconds
of course you could just run:
puppet module install crayfishx-firewalld
but it would be too simple ;-)
Create service
Now we can create firewalld service. Create file puppet.test.firewalld-service.pp:
firewalld::custom_service{'puppet': short => 'puppet', description => 'Puppet Client access Puppet Server', port => [ { 'port' => '8140', 'protocol' => 'tcp', }, { 'port' => '8140', 'protocol' => 'udp', }, ], }
and apply this:
[root@puppetmaster ~]# puppet apply puppet.test.firewalld-service.pp Notice: Compiled catalog for puppetmaster.lan in environment production in 0.27 seconds Notice: /Stage[main]/Main/Firewalld::Custom_service[puppet]/File[/etc/firewalld/services/puppet.xml]/ensure: defined content as '{md5}3fc4d356e7cb57739c8ceb8a0b483eaa' Notice: /Stage[main]/Main/Firewalld::Custom_service[puppet]/Exec[firewalld::custom_service::reload-puppet]: Triggered 'refresh' from 1 events Notice: Applied catalog in 1.32 seconds
(I cut warnings about depreciated validate functions)
As you can see there is a new file:
[root@puppetmaster ~]# more /etc/firewalld/services/puppet.xml <?xml version="1.0" encoding="utf-8"?> <service> <short>puppet</short> <description>Puppet Client access Puppet Server</description> <port protocol="tcp" port="8140" /> <port protocol="udp" port="8140" /> </service>
Again we could create this file manually, but what for?
Enable service
It's time to use this service. Create file puppet.test.firewalld-apply.pp:
firewalld_service { 'Allow puppet from the public zone': ensure => 'present', service => 'puppet', # zone => 'external', }
(because public id default parameter zone can be omitted) and apply this:
[root@puppetmaster ~]# puppet apply puppet.test.firewalld-apply.pp Notice: Compiled catalog for puppetmaster.lan in environment production in 0.15 seconds Notice: /Stage[main]/Main/Firewalld_service[Allow puppet from the public zone]/ensure: created Notice: Applied catalog in 2.04 seconds
and check:
[root@puppetmaster ~]# firewall-cmd --list-services ssh dhcpv6-client dhcp dns puppet
This way is more interesting than boring:
firewall-cmd --add-service=puppet firewall-cmd --permanent --add-service=puppet firewall-cmd --reload
Summary
As you can see setting up a test puppet master (and use them) is not so difficult. Configuration files and manifests are easy to understand.
Next step is to manage agents on other hosts...
To properly install and boot CentOS 7 from iSCSI target (without PXE) you have to have iSCSI Boot capable device. You have to configure your BIOS or NIC (aka HBA) properly.
When you boot CD/DVD/other installer you have to select Install CentOS 7 and type e (or Tab) to edit booting parameters and add rd.iscsi.ibft=1 (option ip=ibft is deprecated) to parameters.
Then during installation iSCSI discs will be available during installation.
The easiest way to restore files from BackupPC is web interface, but if You are desperated to use command-line style You can try this:
su backuppc -c "/opt/BackupPC/bin/BackupPC_tarCreate -h myLaptop \ -n 23 -s / etc" > /tmp/etc.tar
where:
- backuppc (after su) - name of user BackupPC is running as
- /opt/BackupPC/bin - path where BackupPC is installed
- myLaptop - name of host in BackupPC (usually DNS name)
- 23 - backup number you want to restore (can be relative ex: -1)
- / - is share name
- etc - directory you want to restore (relative to share name)
- /tmp/etc.tar - file with restored files
Of course usually You will compress this file:
su backuppc -c "/opt/BackupPC/bin/BackupPC_tarCreate -h myLaptop \ -n 23 -s / etc" | gzip > /tmp/etc.tgz
Detailed information on BacpupPC documentation page.
To list your hard drives you can use command:
wmic diskdrive list brief /format:list
...
I just found that I've wrote similar article some times ago:
I've tried to install virtual Linux on my second HDD (using optical bay adapter). To add physical drive you have to type command:
"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" \ internalcommands createrawvmdk -filename \ "C:\Users\jaqb\SP900.vmdk" -rawdisk "\\.\PhysicalDrive1"
(based on Using a raw disk as a VirtualBox drive in Windows 7 by Dan Fox) In my case I've to add full path to VBoxManage.
Then to install additional packages in CentOS 7 (using minimal installation) you have to manually enter full URL:
http://mirror.centos.org/centos/7/os/x86_64/
Add comment