certbot centos 7 route53 dns verification error

If you recently started to receive the following error while trying to renew your certificates


An unexpected error occurred:
ImportError: cannot import name PROTOCOL_TLS

the simplest fix is to downgrade your python-s3transfer package to version ‘python-s3transfer.noarch 0:0.1.13-1.el7.0.1’


yum downgrade python-s3transfer.noarch

Bulk convert mkv h264 to mkv hevc

A nifty script to convert every mkv or mp4 file on a folder from h264 to hevc ( h265 ) maintaining an acceptable quality, my gains were at least 60% reduction in file sizes but YMMV, dependencies are ffmpeg and mediainfo

Start by installing the dependencies.

For Centos 7:


yum install epel-release -y
yum localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm -y
yum install  mediainfo libmediainfo ffmpeg ffmpeg-devel -y

 

For Debian:


apt install mediainfo ffmpeg -y

 
Continue reading “Bulk convert mkv h264 to mkv hevc”

Proxmox single host “invalid PVE ticket (401)”

If you are not able to log in to your proxmox server and it just show the error “permission denied – invalid PVE ticket (401)”

You can try a few things:
Try using another browser to see if the problem goes away, if so you can clear the cookies and data of your browser.

If that doesn’t fix the issue, as a last resort you can remove the file “/etc/pve/authkey.pub”, this file usually is rotated once per day but when you remove it Proxmox will recreate a new one in it’s place, this method wasn’t tested on a cluster environment.

Setting the cpu governor to powersave on all cpus

Some of the time the ‘cpufreq-set’ command doesn’t work as expected and you need to run the command for every core on a system but if you have a lot of cores it gets tiring really fast.
The snippet bellow to run cpufreq-set once on every core of the system.

Create the file ‘/sbin/cpufreq-set-all’ with the following:


   #!/bin/bash
   MAX_CPU=$((`nproc --all` - 1))
   for i in $(seq 0 $MAX_CPU); do
       echo "Changing CPU " $i " with parameter "[email protected];
       cpufreq-set -c $i [email protected] ;
   done

 
Enable execution with:


chmod +x /sbin/cpufreq-set-all

Continue reading “Setting the cpu governor to powersave on all cpus”

Configuring Pulse-audio to use a remote server

Let’s Start with some definitions:
Server: The computer that receives the audio and have the speakers connected.
Client: The computer that generates the audio and send it via the network.
 
On the server side you’ll need to enable the ‘module-native-protocol-tcp’ pulse-audio module, this module usually is already installed by but for security reasons it comes as disabled by default.
You’ll also need to open port tcp/4713 on your firewall.
After that you need to copy the file ‘~/.pulse-cookie’ from the server to every client.
Now that you synced the pulse-cookie file choose your authentication method used by the ‘module-native-protocol-tcp’ and edit the file ‘/etc/pulse/default.pa’.
 
If you want to let anyone with the right pulse-cookie file to connect and send audio:


    load-module module-native-protocol-tcp auth-anonymous=1 

 
Or a more secure approach is authentication with pulse-cookie and IP address or Network, if you have multiple clientes you just need to input a list separated by a semicolon:


    load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1;<CLIENT_IP_OR_CLIENT_NETWORK>

 
Continue reading “Configuring Pulse-audio to use a remote server”

Configurando IPV6 com a Copel Telecom no PFSense

Se você utiliza os serviços da Copel Telecom e precisa/prefere de mais funcionalidades do que o roteador oferecido por eles, deve ter se deparado com um problema grande, a falta de conexões entrantes no IPv4 e a impossibilidade de se configurar o PFSense para distribuir IPs por IPv6.
Usando alguns tutoriais encontrados na internet você logo descobre que as configurações que parecem funcionar em outros provedores não funciona para Copel Telecom, alguns exemplos citados abaixo:

 
Continue reading “Configurando IPV6 com a Copel Telecom no PFSense”

nvidia-kernel-dkms debian buster kernel 5.3

If you use the 5.3 kernel with a Debian Buster install ( ie: Proxmox 6.1 ) you will find that the kernel module for the nvidia driver version 418.X fails to build.
Fortunately it’s an easy fix.
First you need to create a file in your sources.list.d directory:


echo 'deb http://deb.debian.org/debian buster-backports main non-free contrib
deb-src http://deb.debian.org/debian buster-backports main contrib non-free
' > /etc/apt/sources.list.d/buster-backports.list 

 
Continue reading “nvidia-kernel-dkms debian buster kernel 5.3”

Custom Proxmox Instalation as a Workstation

If you read my other article in this topic Here for Proxmox 5.0 or Here for Proxmox 6.0 after following all the steps you have a fully functional proxmox server installation.
 
But you might be wondering “Can I use proxmox in my workstation?”.

The answer is “Sure you can, but you might want/need to follow a few extra steps,make sure you install the pve-headers, or else you’ll have problems with packages that need the linux kernel headers.
Continue reading “Custom Proxmox Instalation as a Workstation”

Installing ARM64 Debian 10 ( Buster ) in a virtual Machine

If you run Proxmox VE > 5.3 and want to test an ARM64 virtual machine, it’s kind of easy.
drop by the Debian Buster iso download site,
 
I’ll be using the debian-10.3.0-arm64-netinst.iso, the same process might work with Debian 9 but I didn’t tested it.

If you just want the working configuration click here
 
With that out of the way let’s explain the needed steps to get a vm up and running.
First create a generic machine with the following configuration, remember to check the “Advanced” box.
keep note the ID of the machine, you will need it to edit the configuration file.
Continue reading “Installing ARM64 Debian 10 ( Buster ) in a virtual Machine”

Shell Script to get the network list by domain name

If you followed my guide HERE and HERE you might be wondering if there is no easier/more automated way of doing it, and in fact there is a simple script that you could build.


#!/bin/bash
if [ "$#" -eq 0 ]; then
  echo "Usage: ./${0}  [v4|v6]"
  exit 1
fi

FILTER="route"
if [ "$#" -eq 2 ]; then
  if [ "$2" == "v4" ]
  then
     FILTER="route:"
  fi
  if [ "$2" == "v6" ]
     then
         FILTER="route6:"
  fi
fi

WHOISSERVER="whois.radb.net"
IPN=$(dig +short $1 | head -1)
ASN=$( whois -h ${WHOISSERVER} ${IPN} | grep -i origin | tr -s " " | cut -d " " -f2)
for i in $ASN; do
  whois -h ${WHOISSERVER} -- "-i origin ${i}" | grep ^${FILTER} | tr -s " " | cut -d " " -f2-
done

Continue reading “Shell Script to get the network list by domain name”