This is for everybody’s reference, correction and updates.
Just read on, if there are improvements or a much better process in my way, feel free to comment and will integrate.
Extend AWS EBS volumes on Ubuntu 18.04.2 LTS Servers. (With no downtime)
Now, we need to extend the partition in the server.
SSH to the EC2 instance where the EBS we’ve just extended is attached to.
Type the ‘lsblk’ command to list block devices:
A similar output should be shown:
As you can see size of the root volume reflects the new size, 50GB, the size of the partition reflects the original size, 16 GB, and must be extended before you can extend the file system.
# sudo growpart /dev/xvda 1
Next extend the file system.
Type “df -h” command to check extended file system.
A similar output should be shown:
As you can see size of the file system is still the original size of 16 GB, and must be resized.
# sudo resize2fs /dev/xvda1
You have just extended the EBS Volume in AWS of your Ubuntu Server with no downtime!
Creating a VPN Server with D-Link DIR-842 and PFsense 2.4.4-RELEASE-p1 (amd64) for Windows 10, Android, MAC and iPhone Remote Users
D-LINK Configuration | Screenshots
Open the ports of IPSec for the PFsense firewall port 192.168.1.109.
UDP Port 500 and 4500.
pfsense Configuration |
Certificate Authority (CA)
pfsense Configuration |
VPN / IPsec / Mobile Clients
pfsense Configuration |
VPN / IPsec / Tunnels
After VPN Configurations, VPN > Tunnels page will look like this:
pfsense Configuration |
Firewall > Rules
Remote User Configuration |
Windows 10
Download first the crt file from pfsense and send to the remote user.
This cert file will be needed to be Installed in the user’s terminal.
* After distributing the crt file from pfsense to the remote users, share the instructions below regarding the installation of the certificate and the creation of VPN connection.
Import the CA to a Windows 10 Remote User PC
- Export the CA Certificate from pfSense® and download or copy it to the client PC:
- Navigate to System > Cert Manager, Certificate Authorities tab on pfSense
- Click
by the CA to download only the certificate
- Locate the downloaded file on the client PC (e.g. VPNCA.crt) as seen in Figure Downloaded CA Certificate
Downloaded CA Certificate
- Double click the CA file
- Click Install Certificate… as shown in Certificate Properties
Certificate Properties
- Select Local Machine as shown in Certificate Import Wizard – Store Location
Certificate Import Wizard – Store Location
- Click Next
- Click Yes at the UAC prompt if it appears
- Select Place all Certificates in the following store as shown in Figure Certificate Import Wizard – Browse for the Store
Certificate Import Wizard – Browse for the Store
- Click Browse
- Click Trusted Root Certification Authorities as shown in Figure Select Certificate Store
Select Certificate Store
- Click Next
- Review the details, they should match those in Figure Completing the Certificate Import Wizard
Completing the Certificate Import Wizard
- Click Finish
- Click OK
- Click OK
Setup VPN Connection in Windows 10 Remote User
Setup VPN Connection in an Android Remote User
Implementing logrotate for nginx access and error logs.
To check for your existing nginx logs, go to :
# cd /var/log/nginx
Move all logs to /backup/anyname.com/log
#cd /etc/logrotate.d
sudo nano /etc/logrotate.d/anyname.com
1 /var/log/nginx/anyname.com/*access_log
2 /var/log/nginx/anyname.com/*error_log
3 {
4 daily
5 missingok
6 rotate 10
7 dateext
8 compress
9 delaycompress
10 create 644 dev root
11 sharedscripts
12 lastaction
13 cp /var/log/nginx/anyname.com/*.gz /backup/anyname.com/log
14 rm /var/log/nginx/anyname.com/*.gz
15 systemctl restart nginx
16 endscript
17 }
(Inside values are by default, no added line)
1 #!/bin/sh
2
3 # Clean non existent log file entries from status file
4 cd /var/lib/logrotate
5 test -e status || touch status
6 head -1 status > status.clean
7 sed 's/"//g' status | while read logfile date
8 do
9 [ -e "$logfile" ] && echo "\"$logfile\" $date"
10 done >> status.clean
11 mv status.clean status
12
13 test -x /usr/sbin/logrotate || exit 0
14 /usr/sbin/logrotate /etc/logrotate.conf
DONE!
Logrotation will be done daily.
Then after, will be moved to /backup
Creating a free account in Cloudflare
Go to : https://dash.cloudflare.com/login then Sign up.
Make sure to use a valid email address and follow the password requirements.
Cloudflare will ask right away for a site that can be added.
My site domain is called “itengrexamplesite.com” so I will add this site.
I.T. Engr Randoms 