self-proclaimed internet enthusiast!

System Operations

Ansible

Ansible split string

Set a string for testing split():

- set_fact:
    gitea_checksum: 1b7473fakechecksumb5e58be gitea-1.15.6-linux-amd64

Simple split:

- debug:
    msg: "{{ gitea_checksum.split(' ') }}"

TASK [simple split] ***********************************************************
MSG:
['1b7473fakechecksumb5e58be', 'gitea-1.15.6-linux-amd64']

Just the checksum:

- debug:
    msg: "{{ gitea_checksum.split(' ')|first }}"

TASK [just the checksum] ******************************************************
MSG:
1b7473fakechecksumb5e58be

Only the version:

- debug:
    msg: "{{ gitea_checksum.split(' ')[1].split('-')[1] }}"

TASK [only the version] *******************************************************
MSG:
1.15.6

Certificates

Certificate info

$ openssl x509 -in certificate.crt -text -noout

Certificate request info

$ openssl req -in request.csr -text -noout

Create key and request

Create request.conf file with organization info and DNS names:

# request.conf
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no

[req_distinguished_name]
C = DK                    # <-- Country Code
L = Copenhagen            # <-- Country
O = Organization          # <-- Organization
OU = IT                   # <-- Organization unit (department)
CN = name1.example.com    # <-- Only the first DNS name

[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names

[alt_names]
DNS.1 = name1.example.com   # <-- First DNS name
DNS.2 = name2.example.com   # <-- Second DNS name
..                          # <-- Add third etc.

Creates certificate.key and certificate.csr using the config file:

$ openssl req -new
    -out certificate.csr \
    -newkey rsa:2048 -nodes -sha256 -keyout certificate.key \
    -config request.conf

Create self-signed certificate

Creates 1 year self-signed certificate.crt using the key and csr:

$ openssl x509 \
    -req -days 365 -in certificate.csr \
    -signkey certificate.key -sha256 \
    -out certificate.crt

Create .PFX

Creates certificate.pfx with key, crt and either intermediate (or root) CA certificate:

openssl pkcs12 -export \
  -out certificate.pfx \
  -inkey certificate.key \
  -in intermediate-ca.crt \
  -in certificate.crt

Creates certificate.pfx with key, crt, intermediate CA- and root CA certificate:

openssl pkcs12 -export \
  -out certificate.pfx \
  -inkey certificate.key \
  -in root-ca.crt \
  -in intermediate-ca.crt \
  -in certificate.crt

Containers

Keepalived

haproxy

HTTP Status Codes

1xx Informational

100 Continue
101 Switching Protocols
102 Processing

2xx Success

200 OK
201 Created
202 Accepted
203 Non-authoritative Information
204 No Content
205 Reset Content
206 Partial Content
207 Multi-Status
208 Already Reported
226 IM Used

3xx Redirection

300 Multiple Choices
301 Moved Permanently
302 Found
303 See Other
304 Not Modified
305 Use Proxy
307 Temporary Redirect
308 Permanent Redirect

4xx Client Error

400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Required
408 Request Timeout
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Payload Too Large
414 Request-URI Too Long
415 Unsupported Media Type
416 Requested Range Not Satisfiable
417 Expectation Failed
418 I'm a teapot
421 Misdirected Request
422 Unprocessable Entity
423 Locked
424 Failed Dependency
426 Upgrade Required
428 Precondition Required
429 Too Many Requests
431 Request Header Fields Too Large
444 Connection Closed Without Response
451 Unavailable For Legal Reasons
499 Client Closed Request

5xx Server Error

500 Internal Server Error
501 Not Implemented
502 Bad Gateway
503 Service Unavailable
504 Gateway Timeout
505 HTTP Version Not Supported
506 Variant Also Negotiates
507 Insufficient Storage
508 Loop Detected
510 Not Extended
511 Network Authentication Required
599 Network Connect Timeout Error

Load Testing

SSH

Terraform

Traefik