« IT » : différence entre les versions

De PN Wiki
Aller à la navigation Aller à la recherche
← Modification précédente
 
(2 versions intermédiaires par le même utilisateur non affichées)
Ligne 25 : Ligne 25 :


rsync -av /etc/pki/ newice3:/etc/pki/
rsync -av /etc/pki/ newice3:/etc/pki/
rsync -av /usr/local/lib/sasl2/smtpd.conf root@newice3:/usr/local/lib/sasl2/
rsync -av /var/ftp/ newice3:/var/ftp/


=== 1 full + diff at the migration time ===  
=== 1 full + diff at the migration time ===  

Dernière version du 17 janvier 2024 à 09:48

Named

Manually updating a Dynamic controlled zone

"If you have to edit the zone files of dynamic zones manually while the DNS server is running, you'll have to freeze the zones with # rndc freeze <myzone> before editing and unfreeze them with # rndc thaw <myzone> after editing. This is because named(8) has internal state information and external journal files attached to dynamic zones that have to be kept in sync with the zone files[1]".

Rsync

To delete files in the target if they disappeared from the source, then add the --delete option to your command. For example:

rsync -avh source/ dest/ --delete
NB: -avh is for --archive --verbose --human-readable[2].

Migration of folders to a new server

One shot

rsync -av /var/db/ports/ root@newice3:/var/db/ports/

rsync -av /etc/ root@newice3:/etc/oldice3/

rsync -av /usr/local/etc/ root@newice3:/usr/local/etc/oldice3/

rsync -av /etc/ssh/ssh_config /etc/ssh/sshd_config newice3:/etc/ssh/

rsync -av /etc/banner /etc/motd.template /etc/pki/ newice3:/etc/

rsync -av /etc/pki/ newice3:/etc/pki/

rsync -av /usr/local/lib/sasl2/smtpd.conf root@newice3:/usr/local/lib/sasl2/

rsync -av /var/ftp/ newice3:/var/ftp/


1 full + diff at the migration time

rsync -av --exclude={'rc.d','oldice3','newice3','namedb','openvpn','pkg.conf','portsnap.conf'} /usr/local/etc/ root@newice3:/usr/local/etc/ --delete --dry-run

rsync -av /etc/pf.blocked.ip.conf root@newice3:/etc/ --dry-run

rsync -av /etc/pf.blocked.webspam.conf root@newice3:/etc/ --dry-run

rsync -av /etc/pf.blocked.webspam_awstats.conf root@newice3:/etc/ --dry-run

rsync -av /root/ root@newice3:/root/ --delete --dry-run

rsync -av /home/ root@newice3:/home/ --delete --dry-run

rsync -av /var/www/ root@newice3:/var/www/ --delete --dry-run

rsync -av /usr/local/www/ root@newice3:/usr/local/www/ --delete --dry-run

rsync -av /var/log/ root@newice3:/var/log/oldice3/ --delete --dry-run

rsync -av /var/awstats/ root@newice3:/var/awstats/ --delete --dry-run

rsync -av /var/log/www/ root@newice3:/var/log/www/ --delete --dry-run

rsync -av /var/db/fail2ban/ root@newice3:/var/db/fail2ban/ --delete --dry-run

rsync -av /var/db/mysql/ root@newice3:/var/db/mysql/ --delete --dry-run (to do when mysql server is off)

Nginx

Maxmind

Country based filtering can be performed in nginx thanks to the free Maxmind databases.

A cron job shall be used to update these databases on a daily basis[3]

References

  1. https://forums.freebsd.org/threads/dynamic-dns-with-bind-and-isc-dhcp-server.33849/
  2. https://askubuntu.com/a/665918
  3. https://herrbischoff.com/2021/05/nginx-how-to-restrict-access-by-geographical-location-on-freebsd/
Récupérée de "https://wiki.deprelledelanieppe.be/mediawiki/index.php?title=IT&oldid=901"