So I posted a snapshot export script on here a long time ago, and it wasn't really correct. It created an overlay disk of a backing store and exported the backing store. Red Hat doesn't include the most up to date version of QEMU, so they can push RHEV. RHEL/CentOS 7 only comes with QEMU 1.5, and for live snapshots you need at least 2.0. So if you ad the oVirt repos you can get the newest version with the package qemu-kvm-rhev, or use Fedora server. Here's a script I wrote to take a live external snapshot and compress it to a location. I used my normal template with the interactive function. vmLocation is the location of your VMs. I usually keep mine in the same area. I should add full paths for everything, but I'm lazy this evening. I'll add them later. I also need to add some error handling but this is a rough start if anyone needs to use it.

#!/bin/bash


vmLocation="/data/VMs"

today=$(date +%m-%d-%Y)



#Script functions
function script_help () {
  echo "
      Usage: $(basename $0) [options] dom-name snap-name save-location disk-name

          -i   Ineractive mode

          -h   this help text

          dom-name        Name of domain to take snapshot of

          snap-name       Name of snapshot

          save-location   location to copy snapshot to

          disk-name       Name of disk in VM

      Example:
        $(basename $0) bind-server bind-snap01 /export/snaps/ vda"

  exit ${1:-0}
}

function interactive_snap () {

  echo "Domain name"
  read name

  echo "Snapshot name"
  read snap

  echo "Location to save snap"
  read location

  echo "Disk name"
  read disk

  virsh dumpxml $name > $location/$name.xml

  diskPath=$(virsh domblklist $name | grep -i $disk | awk '{ print $2 }')

  virsh snapshot-create-as --domain $name $snap --diskspec $disk,file=$vmLocation/$snap.qcow2 --disk-only --atomic

  tar -czvf $location/$snap-$today.tar.gz $diskPath

  virsh blockcommit $name $disk --active --verbose --pivot

  rm -f $vmLocation/$snap.qcow2

  virsh snapshot-delete --metadata $name $snap

  exit ${1:-0}

}

function argument_snap () {

  virsh dumpxml $name > $location/$name.xml

  diskPath=$(virsh domblklist $name | grep -i $disk | awk '{ print $2 }')

  virsh snapshot-create-as --domain $name $snap --diskspec $disk,file=$vmLocation/$snap.qcow2 --disk-only --atomic

  tar -czvf $location/$snap-$today.tar.gz $diskPath

  virsh blockcommit $name $disk --active --verbose --pivot

  rm -f $vmLocation/$snap.qcow2

  virsh snapshot-delete --metadata $name $snap

  exit ${1:-0}



}

#Show help if no arguments or options are passed
[[ ! "$*" ]] && script_help 1
OPTIND=1


#Read command line options
while getopts "ih" opt; do
    case "$opt" in
      i) interactive_snap ;;
      h) script_help ;;
      \?) script_help 1 ;;
    esac
done
shift $(($OPTIND-1));

#Run argument function
name=$1
snap=$2
location=$3
disk=$4
argument_snap

Well it's official now. I start on Monday as a senior systems engineer with Curtiss-Wright.

So I have a dynamic DNS service for my ERL, but it's not in my actual domain. So I made a small script that updates my CloudFlare DNS from my ERL with their API. There is a cron job that just runs this script every 5 minutes.

#!/bin/bash

key="your-api-key"
zoneID="your-zone-id"
email="[email protected]"
recordID="record-id-to-update"
recordName="newrecord.yourdomain.com"
ip=$(ifconfig eth0 | grep "inet addr:" | cut -d: -f2 | awk '{ print $1 }')

curl -X PUT "https://api.cloudflare.com/client/v4/zones/$zoneID/dns_records/$recordID" \
     -H "X-Auth-Email: $email" \
     -H "X-Auth-Key: $key" \
     -H "Content-Type: application/json" \
     --data '{"type":"A","name":"'"$recordName"'","content":"'"$ip"'","ttl":120,"proxied":false}' -k

You do have to get the record id from the API. I haven't found a way to get it through the web interface. So that means you have to create the record initially, either through the API or the web interface (or use an existing one). Once you have the ID, just paste it in the variable.

Guys I have a server I'm running to display a slideshow of my cats. It has to run 28/8/368. Downtime is not an option, I can't not see my cat's pictures. I need 40 TB of storage in RAID 0 for ultra redundancy and my budget is some change I found in the parking lot. Can anyone help me?

Ok so it seems there's a bit of confusion for how this is set up. On CentOS and Fedora workstations you don't need to do this because it's installed by default. For the servers it's just as easy.

On CentOS just choose software and then virtualization host:

On Fedora under software choose headless virtualization:

That's literally all the steps needed to have a working KVM hypervisor. If you want a GUI to manage with then install Virt-Manager on your workstation:

dnf install virt-manager

or

yum install virt-manager

Then connect to your host:

Youtube Video

WD MyCloud. I hear they're easy to remote support.

@scottalanmiller said in Merits of Staying Long Term with a Job or Moving More Rapidly:

There are a lot of opinions on this subject. What do people think, what have you found? Should you lean towards sticking with one employer and staying for a long time and working your way up? (Linear job progression.) Or should you lean towards looking for external opportunities and moving to other companies (Lateral job progression?)

I think both have their place. If you are somewhere where you can stay for a while and move up that's awesome. Just don't get complacent so if you ever have to leave you can.

@dafyre said:

And Suddenly @scottalanmiller disappears for hours. Guess we can go back to the #wheressam feed again?

Carmen SAMdiego Hehe

If any of you use vagrant-libvirt and upgraded to Fedora 30 you might notice something strange. I finally figured it out after reviewing a pull request. Vagrant-libvirt was only using the user-session and not the default session even if you are in the libvirt group. So your networks wouldn't be available to the Vagrant boxes. Here's how to fix it:

Put the following in ~/.vagrant.d/Vagrantfile

Vagrant.configure("2") do |config|
  config.vm.provider :libvirt do |libvirt|
    libvirt.qemu_use_session = false
  end
end

Now it should behave like it used to before Fedora 30.

@nadnerB said in One app to rule them all:

A local mob is looking to combine Dropbox, WhatsApp, and scheduling.
The complexities are that as it’s a non-profit volunteer organisation, so not everyone has a Microsoft, Apple ID, or Google account. There are less than 30 people.

They need document storage but <50GB, secure instant messaging, and a sensible way of rostering.

Rostering is currently done by a word document in Dropbox.

They have recently looked at Connecteam but that’s a lot of money for the features they’re already getting on free tier and the management ideal for how they do things.

I don’t know much about Slack, and Teams may not be ruled out it really depends on the other members hesitancy to get a Microsoft account.

Are there any other suggestions for a unified app?
I don’t think there will be opposition to paying for something that makes sense at a reasonable price.

EDIT: It'll have to be hosted/cloud based, as none of them have an inkling about technical setup/maintenance

If you're looking at Slack, Zulip seems to be another good choice. Instead of adding threads after the fact, you kind of have to start threads from the beginning to keep things organized. It sounds like a good idea. I haven't use it yet thought so take that for what it's worth.

@scottalanmiller said in TMUX: hype or function:

@stacksofplates said in TMUX: hype or function:

Once really nice thing about tmux is you can keep jobs running in the session after disconnecting from SSH

Which means, for those who miss the implication, that you can reconnect to the same session from a different location.

Yeah. You can even share the socket so that multiple people can view a single session. Good for pairing with others.

Which is how things like tmate operate

https://tmate.io/

Before using the buffers in neovim, I would have multiple windows open, usually one for each code base, and then I could have multiple panes open in each window for different files, a terminal, etc. Now I mostly just have a tab in the terminal for the codebase and then I will have buffers open for multiple files.

I used to use tmux very heavily. I recently mostly used Zellij, which is a similar tool but written in Rust.

However, now I almost exclusively use multiple buffers in neovim with a terminal overlay.

Once really nice thing about tmux is you can keep jobs running in the session after disconnecting from SSH. So if you have a long running job (like a large rsync) you can just disconnect from the session on the server but let it keep running.

@scottalanmiller said in Installing Mastodon 4.1.2 on Debian 11:

@stacksofplates said in Installing Mastodon 4.1.2 on Debian 11:

Their official image is here ghcr.io/mastodon/mastodon

Yeah, that one was flaky. But is it official? Why's it on a different account?

Yes it's their official. Ghcr is the GitHub packages repo. It's similar to GCR, ECR, etc. Other OCI image repositories are more popular now since Docker has imposed limits on Docker Hub.

@scottalanmiller said in Installing Mastodon 4.1.2 on Debian 11:

I tried their Docker configs, but couldn't find any that worked and it isn't clear if they have an official Docker image or just third party ones.

https://github.com/mastodon/chart

Their official image is here ghcr.io/mastodon/mastodon

@Pete-S said in Debian 11 & php8:

@scottalanmiller said in Debian 11 & php8:

Debian 12 "Bookworm" is, in theory, under a month away and is going to PHP 8.2. So that is very good. But the long release cycles are always going to be a challenge that there isn't really a reason for.

Not a challenge at all but the reason to run "stable" is for stability. Meaning an update will never break your system and you get bug fixes and security updates. You won't get new features but you won't get new bugs that breaks your system either or changed functionality.

If you don't want or need that stability and favor new shiny things then you just install debian "testing". It's a rolling release.

Debian is not just one distro. Many companies run "testing" on workstations and "stable" on production servers.

There is a third option and that is Debian "unstable". Then you get new packages as soon as they are available. This is for the enthusiasts and debian developers primarily and not recommended for the general user that just wants something that works.

And just run containers. Then new libs aren’t an issue. The host shouldn’t matter at this point, so run stable. Then run containerized workloads for the rest and they can stay up to date.

@Pete-S said in sssd and user ID mapping:

@Semicolon said in sssd and user ID mapping:

@Pete-S If it is an issue, its trival enough to prevent public key authentication for users or groups of users, even groups of AD users.

Sure, but the problem for developers and admins is that they usually need their keys. That's why I don't think ad/ldap integration with ssh users really works in that use case.

The other solution, which is what I think is more suitable for developers and admins, is to use your SSO/AD solution with MFA to pickup a short-lived ssh certificate. Then you use the ssh certificate to actually access things.
Many companies with huge infrastructures use this method because it's very scalable.

We forced kerberos for SSH auth after wen enabled AD integration. SSH works like keys then but you don't use the keys.

@scottalanmiller said in Project tracking:

@stacksofplates said in Project tracking:

We have Jira, but are playing with Linear.

Haven't used that one. Impressions?

We are pretty much using it strictly for kanban and it’s great for that. Everything has keyboard shortcuts/command searching.

We have Jira, but are playing with Linear.