Apps
Resources
Backup
- rsync: backup tool
# a is for archive, v for verbose, h for human and p for partial
rsync -avhp src/ dest/
Resources
- Rclone: a tool to manage backup with cloud providers
- Object Storage - Scaleway: how to use Object Storage and Rclone with Scaleway
- Encrypted Object Storage - Scaleway: how to use object storage with encrypted buckets
Block connections on 22 port
Use the tool endlessh
FileSystem
Create swap memory
- First, you need to create the file:
sudo dd if=/dev/zero of=/swapfile bs=1024 count=1000000
- Then, format the swap file:
sudo mkswap /swapfile
- After that, restrict the permission:
sudo chmod 600 /swapfile
- Activate the swap:
sudo swapon /swapfile
- (Optional) Depending if you need to have it online when you restart the computer, you need to edit
/etc/fstabas follow:
# FS mountpoint type option(s) dump pass
/path/to/swap none swap sw 0 0
Resources
- ZFS partition: how to create a ZFS partition
Firewall
Resources
Nginx
Resources
- Proxy_pass: tutorial about nginx
proxy_passdirective
SSH
Chroot jail
Definition
Use chroot jail wit SSH. It allows to isolate a user through ssh in a specific directory with limited commands.
Resources
- chroot jail: how to build a Chroot jail
- Bastion SSH (FR): how to create a SSH bastion
- Visual Guide to SSH Tunnels
VPN
Resources
- Buil a VPN with Wireguard: Fedora magazine post about how to build aVPN with Wireguard
Sudo & su
Su
- Execute a command with the default shell for a specific user
su <user> -c <command> - Execute a specific shell for a specific user
su <user> -s <shell>
DNS - Protect from squatting
The DNS should have this if you don't want to host an email on your domain.
MX 0 "."
TXT v=spf1 -all
TXT v=DMARC1; p=reject;
The MX is to specify that there is no mail server in the domain. The first
TXT specifies that no mail server can send mail in your domain name. The last
one says that every mail saying they are sent on your behalf should be consider
as trash.