nfs export on centos7

So I wanted to export my /backup to some machines so I don’t have to scp stuff to it.

On the server:

yum install nfs-utils nfs-utils-lib
systemctl enable nfs-server.service
systemctl enable nfs-lock.service
systemctl enable nfs-rquotad.service
systemctl enable nfs-idmap.service
systemctl enable nfs-mountd.service
systemctl enable rpcbind.service
echo '/backup 192.168.1.1(rw,sync,no_root_squash) 192.168.1.3(rw,sync,no_root_squash)' >/etc/exports
systemctl start rpcbind.service
systemctl start nfs-server.service
systemctl start nfs-lock.service
systemctl start nfs-idmap.service

On the client:

yum install nfs-utils nfs-utils-lib
# mount -t nfs 192.168.1.4:/backup/ /backup/
echo '192.168.1.4:/backup/ /backup/ nfs rw,sync 0 0' >>/etc/fstab
mount /backup

Nested ESXi Virtualization

Basically, I had to test something on an ESXi upgrade procedure before putting it into production and I didn’t want to mess up my working environment.
The following is done in an ESXi 5.5 SSH console:

cd /vmfs/volumes
# cd [your volume]/[your machine name]
vi [your machine name].vmx
#make sure you have enough ram
#find and replace: memSize = "8192" with something that feets your needs ( at least 2048 though )
#find and replace or add: numvcpus = "4" and cpuid.coresPerSocket = "2" to something that meets your demands
#set guestOS = "vmkernel5" here if you don't want to manually set it through the interface and you'll nest an ESXi 5 host
monitor.virtual_mmu = "hardware"
monitor.virtual_exec = "hardware"
cpuid.1.ecx = "---- ---- ---- ---- ---- ---- --H- ----"
hypervisor.cpuid.v0 = "FALSE"
vhv.enable = "TRUE"  
sched.mem.maxmemctl = "0"
:wq
# search for your vm id
vim-cmd /vmsvc/getallvms | grep "[your machine name]"
vim-cmd /vmsvc/reload [id]

After doing this go to the machine settings in the vSphere Client and set “Options” -> “General Options” -> “Guest Operating System” to “Other” -> “VMware ESXi 5.x”
Also, be sure to have size your VM disk if you want machines in it .. AND at least 2 cores !

Enjoy.

P.S.: https://communities.vmware.com/message/2120826

Simple off-site mysql and website backup

Here are two scripts I wrote that I needed to easily backup databases and some websites.

Having the fact that I use SELinux .. with a custom data dir. I needed to this on my server:

yum install rssh
mkdir /backup/.ssh
cd /backup/.ssh
ssh-keygen -t rsa -f ./backup
cat backup.pub >authorized_keys
sed -i 's/#allowsftp/allowsftp/g' /etc/rssh.conf
adduser -m backup -s /usr/bin/rssh
semanage fcontext -at user_home_dir_t /backup/
semanage fcontext -at ssh_home_t /backup/.ssh/
semanage fcontext -at ssh_home_t /backup/.ssh/authorized_keys
restorecon -Rv /backup

You just need to get /backup/.ssh/backup private key file to the servers (make sure it’s chmod 0600 on the clients too ) you want to backup from so they can use it to connect to this server.

I’ve put the following script on my mysql server

mkdir -p /root/scripts
cat >/root/scripts/backup.sh<<_EOF_
#!/bin/bash
 
USER="root"
PASSWORD='l33tP4ssw0rd'
HOST="localhost"
OUTPUT="/backup"
PORT=5522
KEY="/root/.ssh/backup"
DEST="backup@192.168.1.1:"
 
mkdir "${OUTPUT}"
databases=$(mysql --host=${HOST} --user=${USER} --password=${PASSWORD} --skip-column-names -s -N -e "SHOW DATABASES;")
 
for db in $databases; do
        if [[ "$db" == "information_schema" ]] ; then
                continue
        fi
        if [[ "$db" == "performance_schema" ]] ; then 
                continue
        fi
        if [[ "$db" != _* ]] ; then
                file=sql_$db.`date +%Y%m%d_%s`.sql.gz
                mysqldump --force --opt --host=${HOST} --user=$USER --password=${PASSWORD} --databases $db | gzip > $OUTPUT/${file}
                scp -oPort=${PORT} -i ${KEY} $OUTPUT/${file} ${DEST}
                rm -rf "${OUTPUT}/*"
        fi
done
_EOF_
 
chmod +x /root/scripts/backup.sh
echo '0 2 * * * root nice /root/scripts/backup.sh >/dev/null 2>&1' >> /etc/crontab

I’ve put the following script on my web server, feel free to adapt.

mkdir -p /root/scripts
cat >/root/scripts/backup.sh<<_EOF_
#!/bin/bash
 
OUTPUT="/backup"
SOURCE="/var/www/"
PORT=5522
KEY="/root/.ssh/backup"
DEST="backup@192.168.1.1:"
 
mkdir "${OUTPUT}"
 
for site in $(ls "${SOURCE}" | grep -Ev '(cgi-bin|html)')
do
        file=site_$site.`date +%Y%m%d_%s`.tar.gz
        tar -czf $OUTPUT/${file} -C /var/www ${site}
        scp -oPort=${PORT} -i ${KEY} $OUTPUT/${file} ${DEST}
        rm -rf "${OUTPUT}/*"
done
chmod +x /root/scripts/backup.sh
echo '0 2 * * * root nice /root/scripts/backup.sh >/dev/null 2>&1' >> /etc/crontab

You should probably do a scp connection to the server first so you can accept the newly learned key for the client.