A handy collection of commands and config snippets I frequently use. Because who has time to remember them all? 🤷‍♂️
- UFW commands
- Port and Connection check
- Add Swap Space on Ubuntu 18.04
- PHP
- MySQL Commands
- Nginx
- Files
- Docker
- GPG Encrypting and decrypting file
- HTTPS/SSL
- Git
- ETC
- System
- Useful Gist
| Description | command |
|---|---|
| Allow specific Port | ufw allow 6379 |
| Allow Specific IP | ufw allow from 203.0.113.4 |
| Allow Specific Port to specific IP | ufw allow from 203.0.113.4 to any port 6379 |
| Allow Specific Port Ranges udp | ufw allow 5000:5009/udp |
| Allow Specific Port Ranges tcp | ufw allow 5000:5009/tcp |
| Allow Specific Port Ranges to to IP tcp | ufw allow from 203.0.113.4 to any port 5000:5009 proto tcp |
| Deny all connections from Specific IP | ufw deny from 203.0.113.4 |
| ------------ | -------------- |
| Deny all outgoing traffic | ufw default deny outgoing |
| Allow all outgoing traffic | ufw default allow outgoing |
| Deny all incoming traffic | ufw default deny incoming |
| Allow all incoming traffic | ufw default allow incoming |
netstat -anp | grep ':80\|:443' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n | wc -l
netstat -an | grep ':80\|:443' | wc -l
netstat -tulpn
nc -vz -w 5 142.250.203.110 443
dig ns saderi.com OR dig +short ns saderi.com
First install swaks (Swiss Army Knife for SMTP)
swaks --to YOUR_SMTP_SERVER \
--from from@YOUR_SMTP_SERVER \
--server YOUR_SMTP_SERVER:PORT \
--auth LOGIN \
--auth-user SMTP_USERNAME \
--auth-password "SMTP_PASSWORD" \
--tls-optional
The --tls-optional flag is used to allow the connection to proceed even if TLS fails
fallocate -l 4G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
cp /etc/fstab /etc/fstab.bak
echo '/swapfile none swap sw 0 0' | tee -a /etc/fstab
find . -iname "*.php" -print0 | xargs -0 -n1 php -l
find . \( -path ./vendor -o -path ./node_modules -o -path ./storage -o -path ./.git \) -prune -o -name '*.php' -print0 | xargs -0 -n1 php -l > /dev/null
SELECT table_schema ,
ROUND(SUM(data_length + index_length) / 1024 / 1024, 1) "DB Size in MB"
FROM information_schema.tables WHERE table_schema='DB_NAME'
GROUP BY table_schema ;
server {
server_name YOUR_DOMAIN.COM;
listen 80;
location ~ /.well-known/acme-challenge/ {
allow all;
root /var/www/html;
}
location / {
client_max_body_size 15M;
proxy_pass http://127.0.0.1:8000; # YOUR Service
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
find /tmp/* -type f -mtime +5 -exec rm -f {} +
find /tmp/* -type f -mmin +5 -exec rm -f {} +
find /var/www/html -type d -print0 | xargs -0 chmod 755
find /var/www/html -type f -print0 | xargs -0 chmod 644
for i in {a..z}; do YOUR_COMMAND; done
or
for((i=1;i<=100;i+=5)); do echo "Hi ${i}"; done
find . -name '*.xtA' -exec bash -c 'mv "$0" "${0%.xtA}.xtB"' "{}" \;
Get files/folders size, include hidden files/folders with du command [ source ]
du -sch .[!.]* * |sort -h
docker save -o TAR_FILE_PATH_AND_NAME IMAGE_NAME:TAG
docker load -i TAR_FILE_PATH_AND_NAME
for service in $(docker service ls -q); do docker service update --force $service; done
gpg --full-generate-key
gpg --export -a "EMAIL OR KEY_NAME" > public.key
gpg --import someone_public.key
gpg --output ENCRYPTED_EXAMPLE.gpg --recipient "EMAIL OR KEY_NAME" --armor --always-trust --encrypt EXAMPLE.gz
gpg --output EXAMPLE.gz --recipient "EMAIL OR KEY_NAME" --decrypt ENCRYPTED_EXAMPLE.gpg
If the output of both commands is equal, privet key and ssl certificate are related
openssl x509 -noout -modulus -in domain.crt.pem | openssl md5
openssl rsa -noout -modulus -in domain.privet_key.pem | openssl md5
The .pfx file, which is in a PKCS#12 format, contains the SSL certificate (public keys) and the corresponding private keys
Extract the private key (this key is encrypted)
openssl pkcs12 -in [YOUR_FILE.pfx] -nocerts -out encrypted_private_key.pem
Extract the certificate
openssl pkcs12 -in [YOUR_FILE.pfx] -clcerts -nokeys -out certificate.pem
Decrypt the encrypted private key
openssl rsa -in encrypted_private_key.pem -out decrypted_private_key.pem
cat domain.crt.pem | openssl x509 -noout -dates
or
openssl s_client -servername DOMAIN_NAME -connect DOMAIN_NAME:443 2>/dev/null | openssl x509 -noout -dates
git commit --amend --author="YOURNAME <YOUR_EMAIL@GIT_SERVER.COM>" --no-edit
git config core.fileMode false
git commit --allow-empty -m "Empty Commit"
for FILENAME in ./*.srt; do iconv -f cp1256 -t UTF-8 "${FILENAME}" -o "${FILENAME}"; done;
Merge / convert multiple PDF files into one PDF [ source ]
pdftk file1.pdf file2.pdf cat output output.pdf
ffmpeg -i inputfile.mp4 -acodec aac -s 1366x768 inputfile_smaller.mp4
$ split --verbose -b500M large_2.4GB_file.tar small_600MB_files.tar.
creating file 'small_600MB_files.tar.aa'
creating file 'small_600MB_files.tar.ab'
creating file 'small_600MB_files.tar.ac'
creating file 'small_600MB_files.tar.ad'
creating file 'small_600MB_files.tar.ae'
cat small_600MB_files.tar.a? > large_2.4GB_file.tar
To allow deploy user to use sudo systemctl command for nginx service without password add following lines to end of /etc/sudoers file
%deploy ALL= NOPASSWD: /usr/bin/systemctl restart nginx.service
%deploy ALL= NOPASSWD: /usr/bin/systemctl stop nginx.service
%deploy ALL= NOPASSWD: /usr/bin/systemctl start nginx.service
%deploy ALL= NOPASSWD: /usr/bin/systemctl status nginx.service
Journal Filtering by Time [ source ]
journalctl --since "2023-06-16 08:55" --until "2023-06-16 09:15"
Retain only the past two days:
journalctl --vacuum-time=2d
Retain only the past 500 MB:
journalctl --vacuum-size=500M