To check open ports on the server use Nmap program. To install Nmap use command:
sudo apt install nmap
This command check server IP for open ports:
sudo nmap -sC -sV -v IP_ADDRESS
For fast scan all ports with Nmap use command:
sudo nmap -sS -v IP_ADDRESS -p-
Bitwarden is an open-source password manager that helps you store, manage, and share your login credentials securely. You can use it personally or as a team/organization.
To install Bitwarden on your server use next steps:
1. Update your server
sudo apt update && sudo apt upgrade -y
2. Install Docker + Docker Compose
sudo apt install docker.io docker-compose -y sudo systemctl enable --now docker
3. Add your current user to docker group
sudo usermod -aG docker $USER
4. Go to Bitwarden Github repository: https://github.com/bitwarden/server and copy and run installation commands on your server:
curl -s -L -o bitwarden.sh \
"https://func.bitwarden.com/api/dl/?app=self-host&platform=linux" \
&& chmod +x bitwarden.sh
./bitwarden.sh install
./bitwarden.sh start
DKIM (DomainKeys Identified Mail) is an E-mail authentication method designed to detect spoofing of email messages
DKIM technology combines several existing anti-phishing and anti-spam methods to improve the classification and identification of legitimate email
Instead of a traditional IP address, DKIM adds a digital signature associated with the organization’s domain name to identify the sender of the message. The signature is automatically verified at the recipient’s end, after which whitelists and blacklists are applied to determine the sender’s reputation.
DKIM is configured for each domain, so you will have the option to enable it when you create a domain, as shown in the figure below.
Once the domain has been created, you must now create a text (TXT) record for the domain using its DKIM public key.
Using SSH and the command you need to get the DKIM public key.
v-list-mail-domain-dkim USER DOMAIN [FORMAT]
Which will take the name of the user in which the domain was created and the domain itself as arguments, you can get private and public keys
The bottom part of the output will be the public key of the DKIM domain.
mail._domainkey – entered in the Host field.
"v=DKIM1; k=rsa; p=PUBLIC_KEY"
NOTE: the key must be a single line – if there are line breaks, you must copy the key into notepad and remove them to make one long line.
SPF (Sender Policy Framework) is an extension for the SMTP e-mail sending protocol.
SPF allows the owner of a domain, in a TXT record corresponding to the domain name, to specify a list of servers authorized to send e-mail messages with return addresses in that domain. Mail transfer agents that receive mail messages can query SPF information with a simple DNS query, thus verifying the sender’s server. SPF allows you to specify servers and IP addresses that are allowed to send mail from your domains. This feature is designed to block outgoing unwanted messages.
The SPF record is written in the TXT record of the domain. Actually you need to add a TXT record and put the SPF record in its value. In the SPF record you have to specify the server IP from which the messages will be sent. Instead of 111.11.11.111, write the IP address of your server:
"v=spf1 +a +mx +ip4:111.11.11.111 ~all"
DMARC (Domain-based Message Authentication, Reporting, and Conformance) — a standard that adds an additional layer of email verification and protection against phishing and spoofing.
DMARC allows a domain owner to specify, via a TXT record, the verification rules for messages and the actions that should be performed by mail systems when receiving a message on behalf of the domain. The main purpose of DMARC is to help recipient mail servers recognize fake emails and decide how to handle them.
The DMARC system defines:
DMARC works in tandem with SPF and DKIM, allowing determination of whether messages are authentic. If a message fails SPF and/or DKIM checks, the DMARC policy will decide whether to block it, mark it as spam, or simply send a report to the domain owner.
In the Hestia panel, select the domain for which you want to set up the DMARC policy and go to the DNS Records section.
_dmarc – entered in the Host field.
"v=DMARC1; p=quarantine; pct=100"
Entered in the Value field, you can leave the double quotes for convenience.
The error “The repository is not updated and the previous index files will be used. GPG error: https://nginx.org/packages/mainline/debian bullseye InRelease: The following signatures were invalid” suggests that the GPG key for the Nginx repository is either missing, expired, or invalid. Here’s how to fix it in Debian 11 GNU Linux (Bullseye):
1. Remove Old Nginx GPG Keys
Old or conflicting keys can cause issues, so remove them first:
sudo rm -rf /etc/apt/keyrings/nginx* sudo rm -rf /usr/share/keyrings/nginx-archive-keyring.gpg
2. Add the Correct Nginx GPG Key
Run the following command to download and add the updated signing key:
curl -fsSL https://nginx.org/keys/nginx_signing.key | sudo gpg --dearmor -o /usr/share/keyrings/nginx-archive-keyring.gpg
Verify that the key was added:
gpg --show-keys /usr/share/keyrings/nginx-archive-keyring.gpg
3. Update the Repository Configuration
Ensure your /etc/apt/sources.list.d/nginx.list contains the correct repository entry:
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://nginx.org/packages/mainline/debian bullseye nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
4. Update Package Lists
Now, refresh the package lists:
sudo apt update
If the update runs without errors, you can proceed with installation:
sudo apt install nginx
To fix error “The repository is not updated and the previous index files will be used. GPG error: https://packages.sury.org/apache2 bullseye InRelease: The following signatures were invalid” use commands:
curl -sSlo /usr/share/keyrings/sury-keyring.gpg https://packages.sury.org/php/apt.gpg curl -sSlo /usr/share/keyrings/apache2-keyring.gpg https://packages.sury.org/apache2/apt.gpg
Resizing Linux Virtual Machine Disks
This article will show how to grow a partition on your Linux partition to fill the entire disk using growpart. This is useful if you have resized a virtual machine disk, or moved to a larger disk on your desktop or laptop Linux system.
Step 1: Listing and Identifying Storage Devices
To expand the filesystem on your resized disk, you’ll need to first locate the disk using the lsblk command, execute it by running:
lsblk
And you will see output similar to the following listing storage devices and the partitions on them:
Above, you can see that disk sda has a size of 50 gigabytes, but that the volume containing the root partition (sda3) is only 29.5 gigabytes – there is unused space on the storage device.
There may be multiple entries in the output from lsblk – you’ll need to identify the disk you have resized by the size and utilization – it should be apparent which disk has unused space. Usually on single-disk machines, the first and only storage device will be named sda.
You will also need to know the name of the partition your wish to grow – in this case sda3 – usually identified by it having the root mount point of /.
Step 2: Installing growpart
growpart is a utility that makes it super easy to grow a partition. It’s part of the cloud-guest-utils package. Note that while this package is intended to work on cloud-hosted virtual machines, the growpart utility also works just fine on physical machines.
On Debian and Ubuntu, run:
sudo apt install cloud-guest-utils
On Arch, run:
pacman install cloud-guest-utils
On RedHat, run:
yum install cloud-utils-growpart -y
Step 3: Grow your Partition
Once growpart is available, growing a partition to use the entire remaining disk space is as simple as running:
sudo growpart /dev/sda 3
You’ll need to specify the correct partition name above, replaceing sda 3 (note the space! the device and partition number are separated when using growpart) if necessary. growpart is executed with no additional parameters – if the size parameter is not specified, it will default to the available size of the partition.
Now that the partition has been expanded, the file system must be also using resize2fs:
sudo resize2fs /dev/sda3
Note that the space has disappeared in the device path again.
You will see output similar to:
Confirming the change. Once this final step is done, reboot:
sudo reboot
If using systemd-resolved as your DNS resolver (i.e. the hosts line of your /etc/nsswitch.conf file includes the word resolve and/or /etc/resolv.conf contains the line nameserver 127.0.0.53), then this command will flush its cache:
sudo systemd-resolve --flush-caches
A newer version of this command seems to be:
sudo resolvectl flush-caches
You can use FFmpeg (a free command-line tool for Mac, Linux and Windows) to encode WMV to MP4. Here is an example syntax:
ffmpeg -i input.wmv -c:v libx264 -crf 23 -c:a aac -q:a 100 output.mp4
This will encode the video to H.264 video and AAC audio, using the default quality. To change the quality for the video, use a different CRF value, where lower means better, e.g. 20 or 18. For audio, 100% is the default quality. Increase the value for better quality.
For the AppleTV specifically, this is what Apple says it supports:
H.264 video up to 1080p, 30 frames per second, High or Main Profile level 4.0 or lower, Baseline profile level 3.0 or lower with AAC-LC audio up to 160 kbit/s per channel, 48 kHz, stereo audio in .m4v, .mp4, and .mov file formats
So, you could use the following command to force the 30 Hz frame rate and High profile:
ffmpeg -i input.wmv -c:v libx264 -crf 23 -profile:v high -r 30 -c:a aac -q:a 100 -ar 48000 output.mp4
To use L2TP VPN connections on Linux Mint you need to install this packages:
sudo apt-get install network-manager-l2tp network-manager-l2tp-gnome
If You have an error like: Call to undefined function ssh2_connect() that’s mean that in your PHP not installed ssh2 extension.
Install this extension is very simple, in Ubuntu Linux or other Debian based distribution just use the command:
sudo apt install php7.4-ssh2
This command will install ssh2 extension to Your PHP 7.4. If you use other PHP version, just change number in this command to Your version.
find . -name '*.jpg' -execdir mogrify -resize 820x {} +