# Sysop ## Prometheus ### Reload config :::shell curl -X POST -u simon:$(pass sbruder.de/prometheus|head -n1) https://prometheus.sbruder.de/-/reload ### Remove certain time range from Prometheus Requires [TSDB Admin APIs to be enabled](https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis) (`--web.enable-admin-api`) :::shell curl -u user:pass -X POST -g 'https://prometheus-endpoint/api/v1/admin/tsdb/delete_series?match[]=metric{label="foo"}&start=TIMESTAMP&end=TIMESTAMP ### Add synthetic alert to alertmanager :::javascript await fetch("/alertmanager/api/v1/alerts", {method: "POST", body: JSON.stringify([{ "labels": {"alertname": "testalert"}, "annotations": { "description": "manual test alert"}}])}) ## OpenSSL ### Get certificate expiry date :::shell openssl s_client -connect hostname:443 2>& /dev/null <<< '' | openssl x509 -noout -dates # starttls openssl s_client -connect hostname:587 -starttls smtp 2>& /dev/null <<< '' | openssl x509 -noout -dates ## Docker ### List images by size :::shell docker image ls --format "table {{.Size}}\t{{.Repository}}:{{.Tag}}\t{{.ID}}"|sort -h ### Enable IPv6 NAT Makes no sense on first and second thought, but after a while it seems like the right thing. `/etc/docker/daemon.json`: :::json { "ipv6": true, "fixed-cidr-v6": "fd00:d0ce:d0ce:d0ce::/64" } :::shell ip6tables -t nat -A POSTROUTING -s fd00:d0ce:d0ce:d0ce::/64 -j MASQUERADE ip6tables-save > /etc/iptables/rules.v6 Publishing a port will still use the userland proxy. If you do not want this, have a look at . :::shell docker run -d --restart=always -v /var/run/docker.sock:/var/run/docker.sock:ro --cap-drop=ALL --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=SYS_MODULE --net=host robbertkl/ipv6nat ## Misc ### Add swap file :::shell fallocate -l 1G /swapfile chmod 600 /swapfile mkswap /swapfile swapon /swapfile