LVM and File System

How to think Linux volume system Here is the coprehensive image from Wikipedia. There are several physical volumes (PVs) in a server. Linux group the physical volumes in a volume group (a VG). Each of PVs contains physical partitions (PPs). We can aggregate the PVs in a logical volume (a LV). On a LV, we can decide a file system (FS). From Linux side, we can mount a Linux directory to the FS.

Windows Terminal

Terminal for WSL I want a cool terminal for WSL, and “Windows Terminal” is easy to install and seems good. How to install From Microsoft Store. Change default terminal from PowerShell to WSL Open settings. It is a json file. Find defaultProfile. In my case, it is "defaultProfile": "{61c54bbd-c2c6-5271-96e7-009a87ff44bf}" In list, find your Linux config line. Here is my sample. "guid": "{2c4de342-38b7-51cf-b940-2309a097f518}", "hidden": false, "name": "Ubuntu", "source": "Windows.

Install Go (Golang) from source

Environment I wrote this article while installing go on WSL. Install Go lang $ curl -o golang.tar.gz $ sudo tar -C /usr/local -xzf golang.tar.gz $ vim ~/.bashrc ## Add /usr/local/go/bin/ to path ## export PATH=/usr/local/go/bin:$PATH $ source ~/.bashrc ## Check $ go version go version go1.15.5 linux/amd64 Upgrade the version Just delete the current version like rm -rf /usr/local/go, and replace it with new version. Tips: Installing Hugo on this setup (on WSL) GCC and G++ are required (sudo apt install gcc g++).

My simple Vim environment

Environment I wrote the article while installing on WSL. But this instruction works in any Linux environment basically. Color scheme - jellybeans If you don’t install git, please install it first. sudo apt install -y git git config --global {{ my_email_address }} git config --global {{ my_handle_name }} Download a color scheme jellybeans and put it to correct path. mkdir ~/.vim cd ~/.vim mkdir colors git clone mv jellybeans.

ssh troubleshootings

Create a key pair for ssh RSA 4096 bits ssh-keygen -b 4096 ECDSA ssh-keygen -t ecdsa -b 521 Create only a RSA private key and out the public key openssl genpkey -algorithm RSA -out .ssh/id_rsa -pkeyopt rsa_keygen_bits:4096 chmod 600 .ssh/id_rsa ssh-keygen -y -f .ssh/id_rsa >> .ssh/ Note: These commands just create keys, and .ssh/ format is not for ssh authorized_keys. Connection closed by {{ ip_address }} In my case, checked PAM in /etc/security/access.

NFS - Tutorial

Install and setup NFS server on Ubuntu 20.04 sudo su apt update apt upgrade -y apt install -y nfs-kernel-server Create export directory (NFS directory). sudo mkdir -p /mnt/nfs_dir chown {{ your_user }}:{{ your_user_group }} /mnt/nfs_dir chmod 777 /mnt/nfs_dir Configuring NFS server. vim /etc/exports # Add the line follows /mnt/nfs_dir,sync,no_subtree_check) Open port for NFS (TCP 2049) ufw allow from 192.168.100/24 to any port nfs Apply the cofiguration and start NFS.

FFmpeg with Nvidia GPU on Ubuntu 20.04

Prep - Install Nvidia driver and cuda-toolkit I installed on Ubuntu 20.04. Install git clone cd nv-codec-headers && sudo make install && cd – git clone cd ffmpeg #export PKG_CONFIG_PATH="/usr/local/lib/pkgconfig" sudo apt install -y pkg-config ./configure --enable-cuda-sdk --enable-cuvid --enable-nvenc --enable-nonfree --enable-libnpp --extra-cflags=-I/usr/local/cuda/include --extra-ldflags=-L/usr/local/cuda/lib64 make -j 10 Error 1 /usr/local/cuda-10.2/bin/../targets/x86_64-linux/include/crt/host_config.h:138:2: error: #error -- unsupported GNU version! gcc versions later than 8 are not supported! 138 | #error -- unsupported GNU version!

Set up Ubuntu 20.04 server with Nvidia GPU (and spaCy)

After OS install - basical update Upgrade softwares sudo su apt update apt upgrade -y ssh hardening ssh mkdir .ssh chmod 700 .ssh #copy in .ssh/authorized_keys chmod 600 .ssh/authorized_keys In /etc/ssh/sshd_config add the following configurations. PermitRootLogin no PubkeyAuthentication yes PasswordAuthentication no After configuration, restart sshd. sudo systemctl restart sshd sudo su passwd # Change root passwd Firewall - ufw This comes through the constant security patching process and new features like the Ubuntu Server Live installer, iptables to nftables migration, and more resilient boot loader.


Concept of iptables It is a realy rule table in which the IP communication rules are. There are groups of these rules, and it’s called “chain'. iptables configuration Configuration file You can see the configurations in the file /etc/iptables/rule.v4. Here is a sample line in the file. -A chain-outgoing-services -s -d -p tcp -m tcp --dport 22 -m comment --comment "This is a comment." -j ACCEPT -A chain-outgoing-services: Append the rule to chain chain-outgoing-services.

Kernel parameters for hardening

/etc/security/limits.conf Concept /etc/security/limits.conf allows setting resource limits for users logged in via PAM. This is a useful way of preventing, for example, fork-bombs from using up all system resources. Note: The file does not affect system services. For systemd services the files /etc/systemd/system.conf, /etc/systemd/user.conf, and /etc/systemd/<systemd_unit>/override.conf control the limit. See the systemd-system.conf(5) man page for details. Config sample * soft nofile 160000 The syntax of the lines is as follows: