Category Archives: Linux

CentOS 8 End of Life: upgrade to CentOS Stream

CentOS 8 End of Life has been effective since January 31 2021, official mirrors do not provide any packages anymore. Here is how to upgrade to latest release of CentOS 8 and switch to Stream. As always, prior to any … Continue reading

Posted in CentOS, Computer, Linux | Leave a comment

Elasticsearch in Docker: threat intelligence with filebeat

Goals: collect observables from supported feeds collect observables from unsupported feeds with elastic-tip Setup elasticsearch and kibana for filebeat We could use superuser elastic to setup filebeat but we are going to use a dedicated user with just the minimum … Continue reading

Posted in Computer, Docker, Linux, Networking, Security | Tagged , , , , , , , | Leave a comment

Elasticsearch in Docker: quick notes

Goals: single node elasticsearch single node kibana password for all accounts https between all components behind traefik future post: collect network logs (routers) future post: collect application logs (web servers, dns servers, docker) future post: collect application metrics future post: … Continue reading

Posted in Computer, Docker, Linux, Networking | Tagged , , , , , , , | Leave a comment

Traefik reverse-proxy with ModSecurity

Traefik itself does not include WAF capabilities. If you want to add this capability, you can opt to replace Traefik with Apache httpd or nginx coupled with ModSecurity, however you loose the autoconfiguration of Traefik. Fortunately, Alexis Couvreur has developed … Continue reading

Posted in Computer, Docker, Linux | Tagged , , , , , , , , | Leave a comment

Backup gitea container

Gitea is great when you want a fast, light and yet user-friendly git repositories. Alternatives would be Gogs, Gitlab or even Github. Gitea documentation tells you to use docker exec to perform a backup. However, this prevents you from using … Continue reading

Posted in Computer, Linux | Tagged , , , , , | Leave a comment

A Raspberry Pi, a UPS and a couple of ESXi servers walk into a bar

If you have the power of multiple servers connected to a UPS, you probably need to shut them down when the power goes down and before the UPS runs out of juice. Unless your UPS can be connected to the … Continue reading

Posted in Computer, Linux, Networking | Tagged , , , , , | Leave a comment

Running a PKI using Smallstep certificates with Docker

Recently, I had to set up a new PKI. I was going to go with the good old OpenSSL but it’s 2021, there must be a more userfriendly and, more importantly, automated approach. There are many open-source possibilities: EJBCA, cfssl, … Continue reading

Posted in Computer, Linux, Uncategorized | Tagged , , , , | Leave a comment

Deprecation of apt-key in Debian-based distributions

I recently installed an Ubuntu 21.04 and when I wanted to install Atom editor, I was given the following warning about apt-key being deprecated: After a bit of Googling around, I stumbled on this post on askubuntu.com explaining why apt-key … Continue reading

Posted in Computer, Linux, Ubuntu | Tagged , , | Leave a comment

Gitlab-runner and docker behind a proxy

After reading many articles and trying many things, this is how I solved it. For docker daemon itself to use a proxy, configure environment variables using systemd file /etc/systemd/system/docker.service.d/http-proxy.conf : For gitlab-runner daemon itself to use a proxy, configure environment … Continue reading

Posted in Computer, Linux, Networking | Tagged , , | Leave a comment

IPsec tunnel between Ubuntu 20.04 and Mikrotik router using strongSwan

Here is how to establish an IPsec tunnel between an Ubuntu 20.04 host and a Mikrotik router using IKEv2. The 2 endpoints of the tunnel are: ubuntu.xentoo.info : the Ubuntu server. This server has a local private subnet 10.0.0.0/24 and … Continue reading

Posted in Computer, Linux, Mikrotik, Networking | 2 Comments