Simon Bruder
7cc20db4db
All checks were successful
continuous-integration/drone/push Build is passing
2.1 KiB
2.1 KiB
Sysop
Prometheus
Reload config
:::shell
curl -X POST -u simon:$(pass sbruder.de/prometheus|head -n1) https://prometheus.sbruder.de/-/reload
Remove certain time range from Prometheus
Requires TSDB Admin APIs to be
enabled
(--web.enable-admin-api
)
:::shell
curl -u user:pass -X POST -g 'https://prometheus-endpoint/api/v1/admin/tsdb/delete_series?match[]=metric{label="foo"}&start=TIMESTAMP&end=TIMESTAMP
OpenSSL
Get certificate expiry date
:::shell
openssl s_client -connect hostname:443 2>& /dev/null <<< '' | openssl x509 -noout -dates
# starttls
openssl s_client -connect hostname:587 -starttls smtp 2>& /dev/null <<< '' | openssl x509 -noout -dates
Docker
List images by size
:::shell
docker image ls --format "table {{.Size}}\t{{.Repository}}:{{.Tag}}\t{{.ID}}"|sort -h
Enable IPv6 NAT
Makes no sense on first and second thought, but after a while it seems like the right thing.
/etc/docker/daemon.json
:
:::json
{
"ipv6": true,
"fixed-cidr-v6": "fd00:d0ce:d0ce:d0ce::/64"
}
:::shell
ip6tables -t nat -A POSTROUTING -s fd00:d0ce:d0ce:d0ce::/64 -j MASQUERADE
ip6tables-save > /etc/iptables/rules.v6
Publishing a port will still use the userland proxy. If you do not want this, have a look at https://github.com/robbertkl/docker-ipv6nat.
:::shell
docker run -d --restart=always -v /var/run/docker.sock:/var/run/docker.sock:ro --cap-drop=ALL --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=SYS_MODULE --net=host robbertkl/ipv6nat
Misc
Add swap file
:::shell
fallocate -l 1G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile