OpenBSD | IDAKMPD | x509 certificate authentication

Prepare OpenBSD Prepare the network interfaces. Delete /etc/mygate when using dhcp. Create /etc/sysctl.conf. net.inet.esp.enable=1 # Enable the ESP IPsec protocol net.inet.ah.enable=1 # Enable the AH IPsec protocol net.inet.ip.forwarding=1 # Enable IP forwarding for the host. net.inet.ipcomp.enable=1 # Optional: compress IP datagrams Create /etc/rc.conf.local isakmpd_flags=”” # Avoid keynote(4) policy checking ipsec=YES # Load ipsec.conf(5) rules Some […]

Jitsi | Youtube Streaming and Recording on Debian 10

Credits to woodworker_life [ https://community.jitsi.org/t/how-to-to-setup-integrated-jitsi-and-jibri-for-dummies-my-comprehensive-tutorial-for-the-beginner/35718 ] To handle recording and youtube streaming in your jitsy environment you need a jibri server who connects to your jitsi. Your jitsi server is jitsi.mydomain.mytld Your jibri server is jibri.mydomain.mytld On Jibri: Edit /etc/hosts and add jibri jibri.mydomain.mytld to 127.0.0.1 Edit /etc/hostname content to jibri Update your Debian. Install […]

Asterisk on Debian as a stand alone voicemail box…

… connected to an ALCATEL PBX   apt-get update apt-get -y dist-upgrade apt-get -y install rdate rsync mc glances nloadm locate ncdu mailutils apt-get -y install asterisk systemctl enable asterisk Add routes to your main PBX dpkg-reconfigure exim4-config Do some config stuff: Your extensions.conf: [general] [incoming] exten => 500,1,VoiceMailMain() exten => 500,2,HangUp() exten => 500,3,PlayBack(vm-goodbye) […]

Jitsi DIY | Debian

apt-get update apt-get dist-upgrade apt-get -y install openjdk-11-jre nginx Add default.conf to nginx/sites-available: server { listen 80 default_server; listen [::]:80 default_server; server_name _; include snippets/well-known.conf; } Link this file to nginx/sites-enabled. Add jitsi.mydomain.mytld.conf to nginx/sites-available: server_names_hash_bucket_size 64; server { listen 80; listen [::]:80; server_name jitsi.ir-media-tec.com; location ^~ /.well-known/acme-challenge/ { default_type “text/plain”; root /usr/share/jitsi-meet; } location […]

Powershell | Cleanup all the printer spooler queues

$computers = @(“COMP01″,”COMP02”) foreach ($computer in $computers) { echo $computer if (Test-Connection -BufferSize 32 -Count 1 -ComputerName $computer -Quiet) { echo “ON” #Get-WmiObject -computer $computers Win32_Service -Filter “Name=’Spooler'”| ft systemname, name, state #set your first argument as $computer #$computer = $args[0] #Stop the service: Get-WmiObject -Class Win32_Service -Filter ‘name=”spooler”‘ -ComputerName $computer | Invoke-WmiMethod -Name StopService […]

SAMBA CERT RENEWAL

ATTENTION: To avoid heart attacks don’t do /etc/init.d/samba restart afterwards. Always do pkill samba && /usr/sbin/samba https://serverfault.com/questions/873615/ssl-self-signed-certificate-error-on-samba-4 https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC#Using_the_Samba_autogenerated_self-signed_certificate_.28default.29 Wie du ganz einfach eine Certificate Authority mit Linux-Boardmitteln erstellst Samba Active Directory Server

UBUNTU |OpenVPN DNS Problems

DNS ist not pushed to ubuntu clients # apt-get  install openvpn-systemd-resolved Then modify your clients openvpn config file. Add script-security 2 up /etc/openvpn/update-systemd-resolved down /etc/openvpn/update-systemd-resolved down-pre before your certs block and add dhcp-option DOMAIN-ROUTE . dhcp-option DOMAIN  yourinternaldomain ad the end.