Password generator

$ dd if=/dev/urandom count=1 status=none | base64 | tr "+/=" "123"

2sBvF7YW60MEVAA2mF8jHIEmq2cIgjejet842w2a6mfTfXfdmAoGIopaTvtpitJai2U3IQTTrcAo
mXTO1Bxm20R1PR4u7WszKn8CbHNkQbBRH1xUtMcgADpGn371lcN24KwON22QVjGq1175qP0COgV0
uK9V8E5jmBEoMN4jZIq0rJ3TdGC5iLf5tUH0WNxLnbBd2JYOlaqil2B1Z2X8kVSCnEoMSNKZDWRJ
iYSIgh0U2W7Ge1dWNjjeOu28NV22w3Rw7B3JPPmEsm151ppFkPyyLpeqdx71iWBHFfM2x88IbeA5
kgZyNS6eooPJKH3KwRqqz42l2IoPdUXvP412FMuxgACi1Tp5dhOFeT7fHpCtwRVd9wpNyfBygRO0
TESWfw1JduS5oDD1bZr9g0njYY21PJ0UKHcLs2m6J22YAyuQzu693YI24dI2cr2Lg3txCgVQy1vC
ieucyBnhKXaGWWfucBrSKR1QmZlnXwQ07niOBULn9KzT6M5v0gKG4D2XYmzGGBIrqyYlUihH5Lh6
EKImFJexc5PnXdRY9A2PK4yfJKMHZDHoBwbwagnmss6JsLPI6v9bQqiWntWudKmoVghw87HNqmg6
v7aLqZSAQKpzEMoSqxETxJTvr6XuDr329w3KcqxOXFki17nobrSm9OrBA6AXwdIpCmPnAPU27yI3


UUID generator

$ for I in `seq 1 5`; do cat /proc/sys/kernel/random/uuid; done

75fa19ab-0632-4849-9ee6-82f58f9d9cde
e9539d63-ccbb-40bf-b00d-0f90316478ab
d38e8cff-2d2c-4c69-9880-49250f36ca6d
802dcd5b-f2d3-4720-bca4-c3f1517edaf4
e451ff03-4fb3-4894-aa32-bba1a3f03b66


DNS flush

Windows DNS cache [^]:
$ ipconfig /flushdns
BIND named cache flush [^]:
$ rndc flush
Systemd resolve flush cache [^]:
$ sudo systemd-resolve --flush-caches
$ sudo resolvectl flush-caches

Journalctl useful

Log output examples [^]:
$ journalctl --since "2023-08-25 01:00:00" --until "2023-08-25 07:00:00"
Clean journalctl [^]:
$ journalctl --flush && journalctl --rotate && journalctl --vacuum-time=1s
Watch realtime journalctl [^]:
$ journalctl --follow

NGINX useful

Nginx reload config [^]:
$ nginx -t && nginx -s reload
Disable logging for IP [^]:
map $remote_addr $disable_local_ip_log {
	"192.168.0.24" 0;
	"192.168.5.3" 0;
	default 1;
}

log_format main '$remote_addr - $server_name:$server_port - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

access_log /var/log/nginx/access.log main if=$disable_local_ip_log;
Add Nginx REPO in RHEL [^]:
( cat > /etc/yum.repos.d/nginx.repo ) << \EOF
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true

[nginx-mainline]
name=nginx mainline repo
baseurl=http://nginx.org/packages/mainline/rhel/$releasever/$basearch/
gpgcheck=1
enabled=0
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
EOF

Iptables useful

Iptables script template [^]:
#!/bin/sh

IPT="/bin/iptables"
[ ! -x $IPT ] && IPT="/usr/bin/iptables"
[ ! -x $IPT ] && IPT="/sbin/iptables"
[ ! -x $IPT ] && IPT="/usr/sbin/iptables"
[ ! -x $IPT ] && echo "ERROR iptables not found" && exit 2

#IPT="echo $IPT" # <- uncomment this for debug echo

IP_LIST="
192.168.3.34
10.168.1.24
127.0.0.1
"
PORT_LIST="
22
3306
5900:5950
"
firewall_start() {
	$IPT -N ADMIN
	for IP in $IP_LIST ; do
		$IPT -A ADMIN -s $IP -j ACCEPT
	done
#	$IPT -A ADMIN --p tcp --syn -j LOG --log-level error --log-prefix="Admin connect attempt: "
	$IPT -A ADMIN -j REJECT
	for PORT in $PORT_LIST ; do
		$IPT -I INPUT -p tcp --dport $PORT -j ADMIN
	done
}
firewall_stop() {
	for PORT in $PORT_LIST ; do
		$IPT -D INPUT -p tcp --dport $PORT -j ADMIN
	done
	$IPT -F ADMIN && $IPT -X ADMIN
}
case "$1" in
	'start') firewall_start ;;
	'stop') firewall_stop ;;
	'restart') firewall_stop && firewall_start ;;
	*) echo "Usage: $0 start|stop|restart"
esac
Faster INPUT chain [^]:
$ iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

MySQL / MariaDB useful

Master server full replication copy script [^]:
#!/bin/sh

DATE=`date +%FT%T`
MYSQL_HOST="10.10.10.1"
MYSQL_USER="dumper"
MYSQL_PASS="123456"

mysqldump --host=$MYSQL_HOST --user=$MYSQL_USER --password=$MYSQL_PASS \
	--all-databases --master-data --gtid -v > mysql-$DATE.sql

mysql -e "stop slave"
mysql < mysql-$DATE.sql
mysql -e "start slave"
mysql -e "set global read_only='ON'"
Change unknown root password [^]:
Run server with options:
/usr/sbin/mysqld --skip-grant-tables --skip-networking

MariaDB:
ALTER USER 'root'@'localhost' IDENTIFIED BY 'new_password';
or
UPDATE mysql.user SET authentication_string = '' WHERE user = 'root';
UPDATE mysql.user SET plugin = '' WHERE user = 'root';

MySQL:
ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'new_password';
Create/Drop database and user script [^]:

#!/bin/sh

DB="db1"
USER="user1"
PASS="123456"
ALLOW_HOST="localhost"
## allow for all
#ALLOW_HOST="%"
## allow with mask
#ALLOW_HOST="192.168.16.%"
#ALLOW_HOST="192.168.16.0/255.255.255.0"
#ALLOW_HOST="%.domain.net"

ACTION="create"
#ACTION="drop"

if [ "$ACTION" = "create" ]; then
mysql << EOF
	CREATE DATABASE $DB;
	CREATE USER '$USER'@'$ALLOW_HOST' IDENTIFIED BY '$PASS';
	GRANT
		SELECT -- read
		,INSERT,UPDATE,DELETE -- write
		-- ,CREATE,DROP,ALTER,INDEX -- create/drop table/index
		-- ,CREATE TEMPORARY TABLES,LOCK TABLES -- addon
		-- ,REPLICATION SLAVE, REPLICATION CLIENT -- replication
	ON $DB.* TO '$USER'@'$ALLOW_HOST';
	FLUSH PRIVILEGES;
EOF
elif [ "$ACTION" = "drop" ]; then
mysql << EOF
	REVOKE ALL PRIVILEGES ON $DB.* FROM '$USER'@'$ALLOW_HOST';
	FLUSH PRIVILEGES;
	DROP DATABASE $DB;
EOF
fi
Check MySQL slave replication [^]:
# mysql -e "show slave status\G" | grep -E "(Behind|SQL|IO|Gtid)"

MariaDB 10.6.8:
===============
                Slave_IO_State: Waiting for master to send event
              Slave_IO_Running: Yes
             Slave_SQL_Running: Yes
         Seconds_Behind_Master: 0
                 Last_IO_Errno: 0
                 Last_IO_Error: 
                Last_SQL_Errno: 0
                Last_SQL_Error: 
                    Using_Gtid: Slave_Pos
                   Gtid_IO_Pos: 0-6-69603391
                     SQL_Delay: 0
           SQL_Remaining_Delay: NULL
       Slave_SQL_Running_State: Slave has read all relay log; waiting for more updates


MySQL 5.7.31:
==============
               Slave_IO_State: Waiting for master to send event
             Slave_IO_Running: Yes
            Slave_SQL_Running: Yes
        Seconds_Behind_Master: 0
                Last_IO_Errno: 0
                Last_IO_Error: 
               Last_SQL_Errno: 0
               Last_SQL_Error: 
                    SQL_Delay: 0
          SQL_Remaining_Delay: NULL
      Slave_SQL_Running_State: Slave has read all relay log; waiting for more updates
      Last_IO_Error_Timestamp: 
     Last_SQL_Error_Timestamp: 
           Retrieved_Gtid_Set: 971b429d-d0ac-11ea-a304-005056011c90:1-7
            Executed_Gtid_Set: 227d4927-ca70-11ea-a635-005056013673:1-948213,

Convert tables from MyISAM to InnoDB [^]:
#!/bin/sh

DB="dbname"
TABLES=`mysql -B -N -e " \
select \
    concat(table_schema,'.',table_name) \
from \
    information_schema.tables \
where \
    table_schema='$DB' and engine='MyISAM'"`
for T in $TABLES; do
	printf "Table $T"
	mysql -e "alter table $T engine=InnoDB"
	if [ $? == 0 ]; then
		echo ": OK"
	else
		echo ": Fail" && exit
	fi
done
Storage engines usage for MySQL server [^]:
SELECT ENGINE, count(*) as num_of_tables,
concat(round(sum(TABLE_ROWS)/1000000,2),'M') as total_rows,
concat(round(sum(DATA_LENGTH)/(1024*1024*1024),2),'G') as data_size,
concat(round(sum(INDEX_LENGTH)/(1024*1024*1024),2),'G') as index_size,
concat(round(sum(DATA_LENGTH+INDEX_LENGTH)/(1024*1024*1024),2),'G') as total_size,
round(sum(INDEX_LENGTH)/sum(DATA_LENGTH),2) as idx_to_data_fraction
FROM information_schema.TABLES
WHERE TABLE_SCHEMA NOT IN ('mysql','performance_schema','information_schema')
GROUP BY ENGINE
ORDER BY sum(DATA_LENGTH+INDEX_LENGTH) DESC LIMIT 10;

+--------+---------------+------------+-----------+------------+------------+----------------------+
| ENGINE | num_of_tables | total_rows | data_size | index_size | total_size | idx_to_data_fraction |
+--------+---------------+------------+-----------+------------+------------+----------------------+
| InnoDB |           100 | 4.45M      | 1.77G     | 0.19G      | 1.96G      |                 0.11 |
| MEMORY |            34 | 0.00M      | 0.00G     | 0.00G      | 0.00G      |                 0.42 |
+--------+---------------+------------+-----------+------------+------------+----------------------+
2 rows in set (0.002 sec)


Irrecoverable server destruction

Clean commands for VPS/VDS server before stop leasing [^]:
CLEANDIR="
/var/lib/mysql
/var/www
/root
/etc
"
for D in $CLEANDIR; do
	find $D -type f -print -exec shred -u {} \;
done

# For RAID
dd if=/dev/zero of=/dev/md0& pid=$!; while [ 1 ]; do sleep 10; kill -USR1 $pid; done

# For single HDD
dd if=/dev/zero of=/dev/sda& pid=$!; while [ 1 ]; do sleep 10; kill -USR1 $pid; done

dd if=/dev/zero of=/dev/sda bs=1M status=progress

Zabbix Monitoring

Clean PostgreSQL TimescaleDB chunks from old data [^]:
#!/bin/bash

DT=$(date +%s)
TIMERETENTION=$((7*24*60*60))
DELDT=$(($DT - $TIMERETENTION))

date
echo "$DT - $TIMERETENTION = $DELDT"

DBLIST=$(sudo -Hiu postgres psql -d zabbix -Atc "select hypertable_name from timescaledb_information.hypertables;")

for DB in $DBLIST ; do
        sudo -Hiu postgres psql -d zabbix -Atc "select drop_chunks('$DB', $DELDT);"
done

sudo -Hiu postgres psql -d zabbix -Atc "vacuum;"

Some personal data

My Authorized Keys [^]:
mkdir -p ~/.ssh && wget -O - https://kuzinandrey.ru/authorized_keys >> ~/.ssh/authorized_keys