dunderrrrrr

CS2 server

Launch script

#/bin/bash

SERVER_DIR=$HOME/cs2-server

dunderrrrrr

Edit /etc/systemd/resolved.conf, set option Domains= (space separated list of domains) according to docs and then restart systemd-resolved.

$ systemctl restart systemd-resolved

dunderrrrrr

/etc/caddy/Caddyfile

(cors) {
        @{args.0} header Origin {args.0}
        header @{args.0} Access-Control-Allow-Origin {args.0}
        header Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS"
        header Access-Control-Allow-Headers "Content-Type, Authorization, Time-Zone"
        header Access-Control-Max-Age "3600"
        header Access-Control-Allow-Credentials true
}

dunderrrrrr

# SSH and FIDO authentication in Ubuntu 20.04 LTS

The following section demonstrates how users can generate new key types and use them to perform authentication. First, users have to attach a device to the system. Next, they need to generate a new key and specify one of the new types. During this process users will get prompted to tap the token to confirm the operation.

user@client:~$ ssh-keygen -t ecdsa-sk  
Generating public/private ecdsa-sk key pair.  
You may need to touch your authenticator to authorize key generation.  

Enter file in which to save the key (/home/user/.ssh/id_ecdsa_sk):  

dunderrrrrr

If you need to mount a VMDK-file and browse around.
You will need guestmount. My VMDK is a linux based disk.

Installation

guestmount is contained in following packages per distro:

Ubuntu: libguestfs-tools
OpenSuse: guestfs-tools

CentOS / Fedora: libguestfs-tools-c

dunderrrrrr

NGINX Self-Signed Cert with 301 redirect (and reverse proxy)

First, generate your cert. Make sure your FQDN is matching your url. This is the easy way, if production you should also get yourself a DH-key and make some other changes to your SSL configuration. More reading here.

$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt

Once you're done filling all cert-information, add certs and the 302 redirect (from http to https) to the nginx configuration. Here's a sample.

dunderrrrrr

GeoIP Block NGINX Ubuntu 20.04

Block or filter IPs based on location in Nginx (tested on 1.18.0) on Ubuntu 20.04.

Install Nginx modules

To make use of the geographical filtering, we must first install the Nginx GeoIP module as well as the GeoIP database containing the mappings between visitors’ IP addresses and their respective countries. To do so, let’s execute:

$ sudo apt install libnginx-mod-http-geoip geoip-database

dunderrrrrr

Move docker data/volumes directory to another location on Ubuntu

The standard data directory used for docker is /var/lib/docker, and since this directory will store all your images, volumes, etc. it can become quite large in a relative small amount of time.

Here's a guide how to change that folder to another location, for example another disk.

1. Stop docker daemon

$ sudo service docker stop

dunderrrrrr

Backup Ubuntu 20.04 to GoogleDrive using rclone

We'll be using rclone and a cronjob which will trigger a custom made bash script.

Install and configure rclone

Install rclone

$ sudo apt install rclone
$ sudo rclone config

dunderrrrrr

1. Configuring an Isolated Network

To set up an isolated Network, log into your controller and go to Settings->Networks and click on the +Create New Network button. This opens up the “Create New Network” page, where you need to provide a few details. First off, give the network a name and select Corporate as the Network Purpose. I left the default Network Group of LAN1 in place, since I don’t have anything connected to the LAN2 port of my USG.

1.1 Define a VLAN

Next up, define a VLAN ID that you want to use for this network. This can be any number from 0 to 4095, and you can pick whatever you want here (as long as it’s not 0, which is the default VLAN for everything that doesn’t have one defined).