XFS just like EXT4 (I wrote a post about it last year) supports online defragmentation, to manage those volumes on CentOS and Fedora “xfsprogs” package is needed. Fragmentation level of XFS volumes can be checked with the command: [root@CentOS ~]$ xfs_db -c frag -r /dev/sdb1 actual 4491, ideal 4006, fragmentation factor 10.80% To perform online defragmentation of XFS volumes run the following command: [root@CentOS ~]$ xfs_fsr -v /dev/sdb1 /mnt/data1 start inode=0 ino=205 ino=205: file busy ino=201 ino=201 already fully defragmented.
After some time qcow2 images tend -especially after taking snapshots- to grow bigger and bigger, even bigger than the maximum size specified at creation time. QEMU provides a tool called virt-sparsify (install “libguestfs-tools” package in CentOS 7) that can effectively make a virtual machine disk thin provisioned (space is not preallocated, only the actual space needed is used). virt-sparsify has a nice number of options, the most interesting one is “–in-place”, it tells QEMU to shrink the volume in place without requiring any addition space.
DNSCrypt installation process is pretty simple since it is present in the repository, pdnsd on the other hand is missing, luckily compiling from source is not that hard. For the sake of completeness I will also cover the procedure to install DNSCrypt from source, alternatively “yum install dnscrypt-proxy”. Install the required dependencies and get the source code: [root@CentOS ~]# yum install gcc libsodium-devel libtool-ltdl-dev git wget [root@CentOS ~]# git clone https://github.
Since every time I am about to install Vim I forgot how to set it up, set it as default system wide text editor and so on I figure I’ll write it down once and for all. First of all let’s install Vim, specifically the so called “enhanced” version which is capable of loading plugins and colorschemes: [root@Fedora ~]# dnf install vim ### powerline plugin [user@Fedora ~]# sudo dnf install vim-plugin-powerline I personally really like molokay colorscheme from tomasr; putting it in the default colorscheme directory does the trick if we want to use it for every user.
Fail2ban is a useful tool capable of mitigating brute force attacks performed against a multitude of services (ejabberd in our case). Configuration is split between a multitude of files; jail.conf defines which filters are active while the filters scripts are placed in ./filter.d directory. [root@CentOS ~]# vi /etc/fail2ban/jail.conf --- bantime = 1200 findtime = 1200 maxretry = 10 backend = auto [ejabberd-auth] enabled = true port = 5222,5280,7777 action = iptables-multiport[name=ejabberd, port="5222,5269,5280,777", protocol=tcp] logpath = /var/log/ejabberd/ejabberd.
Ejabberd XMPP server includes a SOCKS5 proxy, setting it up correctly is what makes the difference between fast or very slow file transfer operations. As per XEP-0065 file transfer is either peer-to-peer or mediated by a proxy server. In Conversation peer-to-peer transfer is done by converting the file in base64, split it in 4 kb chunks sent one at the time always awaiting first for the ACK of the precedent one; this makes the whole process painfully slow and bandwidth consuming.
The latest version of DNScrypt-proxy does not use anymore a single configuration file (“/etc/conf.d/dnscrypt-proxy”) but instead completely relies on systemd. Configuration is now split in two different files. [root@arch ~]# cat /etc/systemd/system/multi-user.target.wants/dnscrypt-proxy.service --- [Unit] Description=DNSCrypt client proxy Requires=dnscrypt-proxy.socket [Install] Also=dnscrypt-proxy.socket WantedBy=multi-user.target [Service] Type=simple NonBlocking=true ExecStart=/usr/bin/dnscrypt-proxy \ --resolver-address=22.214.171.124:27015 \ --provider-name=2.dnscrypt-cert.fvz-rec-de-fra-01.dnsrec.meo.ws \ --provider-key=9FCC:EB74:6856:238D:AC57:428B:DE4F:D9C6:E736:5370:E9F9:5415:3BD3:6EBE:A8C2:FAFE \ --user=nobody …and… [root@arch ~]# cat /etc/systemd/system/dnscrypt-proxy.socket --- [Unit] Description=dnscrypt-proxy listening socket After=network.target [Socket] ListenStream=127.0.0.2:53 ListenDatagram=127.0.0.2:53 [Install] WantedBy=sockets.target
After some years of using Firefox (currently version 38.0.5) with Session Restore enabled (the browser saves all the tabs from the previous session and reload them at the next start-up) it started to act weird and freeze for around 10 seconds 3 or 4 times a day. This very annoying behavior is caused by the presence of multiple useless Session Restore files. To delete those files open a new tab and type “about:support” in the address bar, then in the “Application Basics” area click on the “Open Directory” button placed next to “Profile Directory”.
The whole web is full of pseudo guides on how to properly - that is the key word here - configure Nginx to perform caching alongside with PHP-FPM, but every single one of them fails to mention some minor steps resulting in a borked half functioning implementation. For example, not a single one mention the necessity to edit /etc/php.ini and set session.use_cookies to 0. Too bad that without doing so caching with WordPress in combination with certain plugins or themes (for example MainWP or Enfold theme) is completely not working; the following headers get added to every HTTP response:
Pacman as long as I know does not provide any method for sending an email notification when there are updates available. SSH into the Arch box just to find out if there are updates available is really annoying so I wrote a simple bash script to do the dirty work on my behalf. [root@arch ~]# cat /etc/cron.daily/check4updates.sh #!/bin/bash HOST=hostname DOMAIN=domain SUBJECT="System update: $HOST@$DOMAIN" EMAIL_ADDR="name@domain" ### Query pacman for available updates updates_raw=$(pacman -Syu <<< n) if echo $updates_raw | grep "