Linux | Notes

Building a Guacamole Server on Debian 11

June 2, 2023 | Category: Linux | Tags: Guacamole

This setup uses:

Debian 11
Guacamole 1.5.2
PostgreSQL 13 as authentication database
Tomcat 9
Nginx

Steps

Install Postgres
Download the required components
- guacamole-server
- guacamole-auth-jdbc-postgresql extension
- postgres jdbc driver
- guacamole client war
Install dependencies
Install tomcat9
Compile and install guacamole server
Create configuration files and directories for guacamole
Create database and …

Building a PowerDNS server

Jan. 21, 2022 | Category: Linux | Tags: DNS

Using

Debian 11
PowerDNS 4.6

Will use postgres to store the records.

Installing postgres

apt install postgresql postgresql-client postgresql-contrib

Changing the password for the postgres database user:

su - postgres
psql -d template1 -c "ALTER USER postgres WITH PASSWORD 'PostgresPassword';"

Adjusting /etc/postgresql/13/main/pg_hba.conf:

# To allow remote connection
host    all …

Linux Desktop through RDP and polkit access blocking

Jan. 30, 2021 | Category: Linux

When RDP-ing to a Linux Desktop (KDE) there are a lot of prompts for access blocked to some services.

Using these policies to convice polkit to allow this access

/etc/polkit-1/localauthority/50-local.d/45-allow-colord.pkla

[Allow Colord all Users]
Identity=unix-user:*
Action=org.freedesktop.color-manager.create-device;org.freedesktop.color-manager.create-profile;org.freedesktop.color-manager.delete-device;org.freedesktop.color-manager.delete-profil$
ResultAny=yes
ResultInactive=auth_admin
ResultActive=yes

/etc/polkit-1/localauthority/50-local.d/46-allow-update-repo.pkla …

Creating certificates with OpenSSL

Feb. 25, 2018 | Category: Linux | Tags: Certificates

Some steps to create certificates using OpenSSL - self-signed or singned by a CA.

Creating the conf File used for creating the csr

srv1_tstlb_cert.conf:

[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req

[req_distinguished_name]
countryName = Country Name (2 letter code)
countryName_default = CA
stateOrProvinceName = State or Province Name (full name) …

Three-node HAProxy with Keepalived

Aug. 12, 2017 | Category: Linux | Tags: HAProxy Keepalived

1. Configure servers
2. Configure HAProxy on all three nodes
3. Configure keepalived
4. Bind to non-local interfaces
5. Syslog config
6. Configure postfix on all three to just send email

I am using these three-node configuration with HAProxy as LB and reverse proxy for SMTP, IMAP, MariaDB Galera Cluster. …