DEV Community: Yassine Sellami

[Boost]

Yassine Sellami — Tue, 29 Jul 2025 20:57:33 +0000

Yassine Sellami

Sep 3 '22

How To: run MobaXterm on Ubuntu (Linux) with Wine

#tutorial #ubuntu #linux #howto

Comments 2

2 min read

Useful: Lombok Annotations

Yassine Sellami — Thu, 23 Feb 2023 22:13:10 +0000

Summary

Configuration
@ToString
@Tolerate
@StandardException

Configuration

-- Gradle: build.gradle

compileOnly 'org.projectlombok:lombok:1.18.20'
annotationProcessor 'org.projectlombok:lombok:1.18.20'

-- Maven: pom.xml

  <dependency>
      <groupId>org.projectlombok</groupId>
      <artifactId>lombok</artifactId>
      <version>${lombok.version}</version>
      <scope>provided</scope>
  </dependency>

<plugins>
  <plugin>
     <groupId>org.apache.maven.plugins</groupId>
     <artifactId>maven-compiler-plugin</artifactId>
     <version>3.8.0</version>
     <configuration>
         <source>11</source> <!-- depending on your project -->
         <target>11</target>
         <annotationProcessorPaths>
             <path>
                 <groupId>org.projectlombok</groupId>
                 <artifactId>lombok</artifactId>
                 <version>${lombok.version}</version>
             </path>
         </annotationProcessorPaths>
     </configuration>
   </plugin>
</plugins>

@ToString

Generate an implementation of the toString() method.

@ToString(doNotUseGetters = true)
public class Account {
    private String id;
    private String name;
    @ToString.Exclude // Exclusion Field 
    private String adress;

    // ignored getter
    public String getId() {
        return "this is the id:" + id;
    }
}
@ToString(onlyExplicitlyIncluded = true)
public class Account {
    @ToString.Include(name = "accountId") // Modifying Field Names
    private String id;
    @ToString.Include(rank = 1) // Ordering Output
    private String name;
    private String adress;

    @ToString.Include // Method Output
    String description() {
        return "Account description";
    }
} => Account(name=An account, accountId=12345, description=Account description)

@Tolerate

Skip, jump, and forget! Make lombok disregard an existing method or constructor.

public class TolerateExample {
    @Setter
    private Date date;

    @Tolerate
    public void setDate(String date) {
        this.date = Date.valueOf(date);
    }
}

@StandardException

Put this annotation on your own exception types.will generate 4 constructors:

MyException(): representing no message, and no cause.
MyException(String message): the provided message, and no cause.
MyException(Throwable cause): which will copy the message from the cause, if there is one, and uses the provided cause.
MyException(String message, Throwable cause): A full constructor.

Useful: Abbreviation

Yassine Sellami — Sat, 24 Dec 2022 23:18:39 +0000

A

AD: Active Directory, directory service for Windows domain networks.
ADFS: Active Directory Federation Services, Federated Identity.

B

BFF: Backend for Frontend, layer that sits between the clients and the backend.

C

D

DHCP: Dynamic Host Configuration Protocol, automatically assigning IP.
DNS: Domain Name System

E

F

Firebase: Offers NoSQL & real-time hosting of databases, content, social authentication, notifications.
FTP: File Transfer Protocol, transfer files from a server to a client on a computer network.

G

GNU: GNU's Not Unix
GSM: Global System for Mobile Communications
GPU: Graphics Processing Unit
GUI: Graphical User Interface

H

HA: High availability
HTTP: Hypertext Transfer Protocol
HTTPd: Hypertext Transport Protocol Daemon
HTTPS: HTTP Secure

I

IPsec: Internet Protocol security
IPTV: Internet Protocol Television
IPv4: Internet Protocol version 4
IPv6: Internet Protocol version 6

J

J2EE: Java 2 Enterprise Edition
J2ME: Java 2 Micro Edition
J2SE: Java 2 Standard Edition
JAXB: Java Architecture for XML Binding
JAX-RPC: Java XML for Remote Procedure Calls
JAXP: Java API for XML Processing
JCE: Java Cryptography Extension
JCP: Java Community Process
JDBC: Java Database Connectivity
JDK: Java Development Kit
JEE: Java Enterprise Edition
JDS: Java Desktop System
JFC: Java Foundation Classes
JFS: IBM Journaling File System
JIT: Just-In-Time
JME: Java Micro Edition
JMX: Java Management Extensions
JMS: Java Message Service
JNDI: Java Naming and Directory Interface
JNI: Java Native Interface
JNZ: Jump non-zero
JPEG: Joint Photographic Experts Group
JRE: Java Runtime Environment
JS: JavaScript
JSE: Java Standard Edition
JSON: JavaScript Object Notation
JSP: Jackson Structured Programming
JSP: JavaServer Pages
JVM: Java Virtual Machine

K

L

LDAP: Lightweight Directory Access Protocol
LRU: Least Recently Used - organizes items in order of use, allowing you to quickly identify which item hasn't been used for the longest amount of time.

M

MongoDB: NoSQL & cross-platform document-oriented database program
MySQL: Relational database management system

N

NFS: Network File System - distributed file system protocol allows a client computer to access files over a network in the same way they would access a local storage file.
NTP: Network Time Protocol - internet protocol used to synchronize with computer clock time sources in a network

O

P

PCI: Peripheral Component Interconnect, standard for connecting hardware devices to a computer's motherboard.
PHP: Hypertext Preprocessor, server-side scripting language for web development.
PostgreSQL: Relational database management system
PWA: Progressive Web App, web applications that offer an app-like experience to users.

Q

R

RAID: Redundant Array of Independent Disks, storage technology that combines multiple disk drives.
RAM: Random Access Memory, temporary data storage used by the CPU for executing instructions.
REDIS: Remote Dictionary Server - in-memory data structure store.
REST: Representational State Transfer, software architectural style for web services.

S

SaaS: Software as a Service
SAN: Storage Area Network, dedicated network for providing access to consolidated storage.
SAX: Simple API for XML
sbin: superuser binary
SDN: Software-defined networking - is an approach to networking that uses software-based controllers or application programming interfaces (APIs) to communicate with underlying hardware infrastructure and direct traffic on a network.
SFTP: Simple File Transfer Protocol
SFTP: SSH File Transfer Protocol
SHA: Secure Hash Algorithm
SOAP: Simple Object Access Protocol - XML-based messaging protocol for exchanging information among computer networks.
SQL: Structured Query Language, language for managing and querying relational databases.
SSH: Secure Shell, cryptographic network protocol for secure communication.

T

TL;DR: too long; didn't read - used to introduce a summary of an online post or news article.
TCP/IP: Transmission Control Protocol/Internet Protocol, the suite of communication protocols used on the internet.
TLS: Transport Layer Security, cryptographic protocol for secure communication over a computer network.

U

UI: User Interface, visual elements and interaction design of a software application.
URL: Uniform Resource Locator, web address used to locate a resource on the internet.
UX: User Experience, the overall experience of a user when interacting with a product or system.

V

VPN: Virtual Private Network, secure and encrypted network connection over a public network.
VR: Virtual Reality, computer-generated simulation of a three-dimensional environment.

W

WAN: Wide Area Network, a network that spans a large geographical area.
WYSIWYG: What You See Is What You Get, user interface that shows the final output during editing.

X

XML: Extensible Markup Language, markup language for encoding documents in a machine-readable format.

Y

Z

ZFS: Zettabyte File System, a combined file system and logical volume manager designed by Sun Microsystems.
ZIP: Zone Information Protocol, a protocol used to configure and manage Zone Information Database (ZID) entries.
ZK: ZooKeeper, a centralized service for maintaining configuration information, naming, synchronization, and more.
ZPL: Z-level Programming Language, a high-level programming language designed for software development on Zilog Z80 microprocessors.
ZSI: Zolera SOAP Infrastructure, a Python library for creating and parsing SOAP messages.

Useful: Powershell Command

Yassine Sellami — Thu, 22 Dec 2022 21:40:32 +0000

Helpers

Get-Help Get-Process   // find command info
Get-Command -Name A* -CommandType cmdlet // find all commands installed

Get-ChildItem -Path "C:\Program Files" // find all folders & sub folders
Get-ChildItem -Path "C:\Program Files\java" -Recurse | Select FullName   // find all files 

Set-Location "C:\Users\usrename\Documents" // change current dir

OS information

systeminfo.exe /fo csv | ConvertFrom-Csv
Get-ComputerInfo | Select WindowsProductName, WindowsVersion, OsHardwareAbstractionLayer
winver
(Get-CimInstance Win32_BIOS).SMBIOSBIOSVersion // BIOS Version
(Get-CimInstance Win32_BIOS).SerialNumber      // Serial Number
(Get-CimInstance Win32_ComputerSystem).Model   // Model
Get-CimInstance Win32_Printer | Select-Object Name, PortName, Default   // Printers
(Get-CimInstance Win32_ComputerSystem).Domain  // AD Domain

(Get-CimInstance Win32_OperatingSystem).LastBootUpTime // Time of the Last Reboot

(Get-PSDrive $Env:SystemDrive.Trim(':')).Free/1GB  //Get Free Space for System Drive

---# Copy & Move
Copy-Item "D:\myFolder1" -Destination "D:\myFolder2" -Recurse // Copy-paste files and folders

Move-Item -Path "E:\Folder1" -Destination "E:\Folder2"  // move folder

Remove-Item E:\Folder1\myFile.txt // remove file

---# Content
// Set content 
Set-Content -Path .\myFile.txt -Value 'This is content...'

// Get file content
Get-Content -Path .\myFile.txt
// Get content of all *.log files in the C:\myDir directory 
Get-Content -Path C:\myDir\* -Filter *.log

Get-Content ./myFile.log -Tail 5 –Wait  // follow a File 

Get-Content -Path .\myFile.txt -TotalCount 5  // first 5 lines
(Get-Content -Path .\myFile.txt -TotalCount 25)[-1]  // return the line 25
Get-Item -Path .\myFile.txt | Get-Content -Tail 1  // last line
Get-Content -Path .\myFile.txt -Raw     // get as one string
(Get-Content -Path .\myFile.txt).Count  // Count lines

Clear-Content -Path "E:\myFile.txt" // delete the contents of the file without deleting the file

Get-ChildItem -Directory  // List Subdir in the Current Directory

---# Zip / Unzip
Compress-Archive -Path "C:\myDir\*.log" -DestinationPath "C:\myDir.zip"
Compress-Archive -LiteralPath "C:\myDir\file1.txt","C:\myDir\file2.txt" -DestinationPath "C:\myFiles.zip"

Expand-Archive -LiteralPath "C:\myDir.zip" -DestinationPath "C:\myDir2"

Services

Get-Process            // listing all active system processes
Start-Process notepad  // start process
Get-Service -Name "Win*"  // find services
Get-Service | Where-Object {$_.status -eq "Started"}  // List Started Services

Network

---# Test & diagnostic
// Sends ICMP echo req, or pings, to one or more computers
Test-Connection -TargetName Server01 -IPv4
Test-Connection -TargetName Server01, Server02, Server12
Test-Connection -TargetName www.google.com -Traceroute  // PowerShell 6.0

// Displays diagnostic info for a connection
Test-NetConnection
Test-NetConnection -Port 80 -InformationLevel "Detailed"   // locally
Test-NetConnection -ComputerName "www.google.com" -InformationLevel "Detailed" // remotly

---# Find & listing
(Invoke-RestMethod ipinfo.io/json).ip // Your Public IP

// find all listening & established connections
netstat -a
Get-NetTCPConnection -State Listen
// Process listening on a TCP 
Get-Process -Id (Get-NetTCPConnection -LocalPort 8080).OwningProcess
// Process listening on a UDP 
Get-Process -Id (Get-NetUDPEndpoint -LocalPort 53).OwningProcess

---# Network information
Get-NetAdapter      // Gets network adapter properties.
Restart-NetAdapter  // Restarts network adapter.
Get-NetIPAddress    // Gets the IP address configuration.
// Gets an IP interface
Get-NetIPInterface
Get-NetIPInterface | Format-Table
// Gets IP route info from IP routing table.
Get-NetRoute       
Get-NetRoute | Format-List -Property *

HTTP Call

Invoke-WebRequest -Uri "https://jsonplaceholder.typicode.com/posts" -UseBasicParsing | Select-Object -ExpandProperty 'Content' | ConvertFrom-Json

Invoke-RestMethod "https://jsonplaceholder.typicode.com/posts/1" | Select-Object id,title | Format-List

History

---# Displays session's history
Get-History
// Path history file
(Get-PSReadlineOption).HistorySavePath  // get
Set-PSReadlineOption –HistorySavePath C:\Temp\NewHistory.txt  // update

---# Add / Append
// Add / import history of a different session
Get-History | Export-Csv c:\Tmp\history.csv -IncludeTypeInformation
Import-Csv c:\Tmp\history.csv | Add-History


---# Delete history
Clear-History
Clear-History -Count 5 -Newest
Remove-Item (Get-PSReadlineOption).HistorySavePath // clear history
Clear-History -CommandLine *Help*, *Syntax  // match criteria
Clear-History -Id 3, 5

---# DNS query resolution
// Performs a DNS query resolution for the specified name
Resolve-DnsName -Name www.google.com
Resolve-DnsName -Name www.google.com -Server 10.0.0.1  // Against DNS server at 10.0.0.1.
Resolve-DnsName -Name www.google.com -Type A   // queries for A type records
Resolve-DnsName -Name www.google.com -DnsOnly  // only DNS, LLMNR & NetBIOS queries are not issued
Resolve-DnsName -Name example.com -Type A -Server localhost -DnssecOk

---#  DNS client cache
// Contents of DNS client cache.
Get-DNSClientCache
Get-DnsClientCache -Entry google.com

NTP (Windows Time service)

w32tm /stripchart /computer:<SERVER> /dataonly /samples:5 //check
w32tm /query /peers   // listing
w32tm /query /status  // check current ntp config
w32tm /query /configuration   // show config (MUST Admin)

-- Restore config
net stop w32time
w32tm /unregister
w32tm /register
net start w32time

function Test-NTP($ntpserver){
   $pinfo=[System.Diagnostics.ProcessStartInfo]::new("$($env:SystemRoot)\system32\w32tm.exe",@("/stripchart","/computer:$ntpserver","/dataonly","/samples:1"))
   $pinfo.RedirectStandardOutput = $true
   $pinfo.UseShellExecute = $false
   $ntptestproc=[System.Diagnostics.Process]::new()
   $ntptestproc.StartInfo=$pinfo
   $ntptestproc.Start()|Out-Null
   $ntptestproc.WaitForExit()
   return $ntptestproc.StandardOutput.ReadToEnd() -match ",\ (\+|-)0"
}

ADFS

---# ADFS Properties
// Get properties
Get-AdfsProperties
Get-AdfsProperties | fl "autocertificaterollover"
Get-AdfsFarmInformation
Get-AdfsSslCertificate
// Set properties
Set-AdfsProperties -AutoCertificateRollover $true       //
Set-ADFSProperties -EnableIdPInitiatedSignonPage:$true  //

---# Http headers
Set-AdfsResponseHeaders -EnableCORS $true    // Enable http CORS header
Set-AdfsResponseHeaders -CORSTrustedOrigins https://,http/..  

---# Theming
Set-AdfsWebTheme -TargetName default -Logo @{path="c:\myTheme\logo.png"}
Set-AdfsGlobalWebContent –CompanyName "My Company"

Security

---# HotFix
Get-HotFix // Get all hotfixes on the local computer
Get-HotFix -Id KB957095
Get-HotFix -Description Security* -ComputerName SRV1, SRV2 -Credential MyDomain\myUserAdmin //Get hotfixes from multiple computers filtered by a string, with cred myUserAdmin that has permission to access the remote computers and run commands.

// Verify whether a particular update installed:
$SRV = Get-Content -Path ./Servers.txt
$A | ForEach-Object { if (!(Get-HotFix -Id KB957095 -ComputerName $_))
         { Add-Content $_ -Path ./Missing-KB957095.txt }}

React: Micro Frontend using Webpack 5 Module Federation

Yassine Sellami — Sun, 02 Oct 2022 23:44:02 +0000

In progress !!!!!!!!

Init projects

mkdir /opt/mfe
cd /opt/mfe

# create dashboard app
npx create-react-app dashboard-app --template typescript
# create profile app
npx create-react-app profile-app --template typescript
# create host app
npx create-react-app container --template typescript

Install dependencies

Add mui

npm install @mui/material @emotion/react @emotion/styled
npm install @fontsource/roboto
npm install @mui/icons-material

Add MFE dep

npm install --save-dev webpack webpack-cli webpack-merge 
html-webpack-plugin webpack-dev-server 

npm install --save-dev @babel/core @babel/eslint-parser @babel/plugin-transform-runtime @babel/preset-env @babel/preset-react  @babel/preset-typescript @babel/runtime babel-loader css-loader postcss postcss-loader style-loader

Config

Replace index.tsx with bootstrap.tsx:
create file ./src/index.ts:

import { createBrowserHistory, Update } from 'history';

import('./bootstrap').then(({ mount }) => {
  const localRoot = document.getElementById('dashboardApp-local');
  const browserHistory = createBrowserHistory();

  mount({
    mountPoint: localRoot!,
    historyStrategy: browserHistory,
  });
});

Add file .babelrc:

vi .babelrc
----
{
  "presets": [
    "@babel/preset-typescript",
    "@babel/preset-react",
    "@babel/preset-env"
  ],
  "plugins": [["@babel/transform-runtime"]]
}

Add file webpack.config.js:

vi webpack.config.js
----
const HtmlWebPackPlugin = require('html-webpack-plugin');
const ModuleFederationPlugin = require('webpack/lib/container/ModuleFederationPlugin');

const deps = require('./package.json').dependencies;
module.exports = {
  output: {
    publicPath: 'http://localhost:8081/',
  },

  resolve: {
    extensions: ['.tsx', '.ts', '.jsx', '.js', '.json'],
  },

  devServer: {
    port: 8081,
    historyApiFallback: true,
    headers: {
      'Access-Control-Allow-Origin': '*',
    },
  },

  module: {
    rules: [
      {
        test: /\.m?js/,
        type: 'javascript/auto',
        resolve: {
          fullySpecified: false,
        },
      },
      {
        test: /\.(css|s[ac]ss)$/i,
        use: ['style-loader', 'css-loader', 'postcss-loader'],
      },
      {
        test: /\.(ts|tsx|js|jsx)$/,
        exclude: /node_modules/,
        use: {
          loader: 'babel-loader',
        },
      },
    ],
  },

  plugins: [
    new ModuleFederationPlugin({
      name: 'dashboard-app',
      filename: 'remoteEntry.js',
      remotes: {},
      exposes: {
        './DashboardAppIndex': './src/bootstrap',
      },
      shared: {
        ...deps,
        react: {
          singleton: true,
          requiredVersion: deps.react,
        },
        'react-dom': {
          singleton: true,
          requiredVersion: deps['react-dom'],
        },
      },
    }),
    new HtmlWebPackPlugin({
      template: './src/index.html',
    }),
  ],
};

Replace run script:

"scripts": {
    "build": "webpack --mode production",
    "build:dev": "webpack --mode development",
    "build:start": "cd dist && PORT=8082 npx serve",
    "start": "webpack serve --open --mode development",
    "start:live": "webpack serve --open --mode development --live-reload --hot"
  },

Webpack config for container:

const HtmlWebPackPlugin = require('html-webpack-plugin');
const ModuleFederationPlugin = require('webpack/lib/container/ModuleFederationPlugin');

const deps = require('./package.json').dependencies;
module.exports = {
  output: {
    publicPath: 'http://localhost:8080/',
  },

  resolve: {
    extensions: ['.tsx', '.ts', '.jsx', '.js', '.json'],
  },

  devServer: {
    port: 8080,
    historyApiFallback: true,
    headers: {
      'Access-Control-Allow-Origin': '*',
    },
  },

  module: {
    rules: [
      {
        test: /\.m?js/,
        type: 'javascript/auto',
        resolve: {
          fullySpecified: false,
        },
      },
      {
        test: /\.(css|s[ac]ss)$/i,
        use: ['style-loader', 'css-loader', 'postcss-loader'],
      },
      {
        test: /\.(ts|tsx|js|jsx)$/,
        exclude: /node_modules/,
        use: {
          loader: 'babel-loader',
        },
      },
    ],
  },

  plugins: [
    new ModuleFederationPlugin({
      name: 'container',
      filename: 'remoteEntry.js',
      remotes: {
        dashboardApp: 'dashboardApp@http://localhost:8081/remoteEntry.js',
        profileApp: 'profileApp@http://localhost:8082/remoteEntry.js',
      },
      exposes: {},
      shared: {
        ...deps,
        react: {
          singleton: true,
          requiredVersion: deps.react,
        },
        'react-dom': {
          singleton: true,
          requiredVersion: deps['react-dom'],
        },
      },
    }),
    new HtmlWebPackPlugin({
      template: './src/index.html',
    }),
  ],
};

How To: generate CSR, Self-signed and CA certificat

Yassine Sellami — Tue, 27 Sep 2022 22:52:56 +0000

Please make sure you have openssl installed on your machine, or:

Ubuntu: apt-get install openssl
Redhat: yum install -y  openssl

CSR (Certificate Signing Request)

Before you can order an SSL certificate, it is recommended that you generate a CSR from your server.

To avoid the repetition of openssl cli for each domain, The below script allow you to generate CSR and Key with only pass the domain name as an agr:

This script w'll generate two files:

.csr : TO be sent to CertProvider for purchase your SSL certificate.
.key : Private key used by the server to encrypt and package data for verification by clients.

$ vi csr-key-generator.sh
---
#!/usr/bin/env bash
DOMAIN=$1
if [ -z "$1" ]; then 
    echo "USAGE: $0 domain.com"
    exit
fi

# CSR Attributs, there is a possibility for CertProvider can change information(company, locality..) before issue the certificate.

SUBJ="
C=MA
ST=ST
O=My Company
localityName=City
commonName=$DOMAIN
organizationalUnitName=IT
emailAddress=admin@domain.com
"

# Generate CSR & Private Key
openssl genrsa -out "$DOMAIN.key" 2048
openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key "$DOMAIN.key" -out "$DOMAIN.csr"

echo "done! enjoy"

Add execution ability to the shell file, and run it:

$ chmod +x csr-key-generator.sh
$ ./csr-key-generator.sh domain.com
output: done! enjoy
$ ls
domain.com.csr domain.com.key

CA (certificate authority)

CA is an entity responsible for issuing digital certificates to verify identities on the internet.

$ openssl req -x509 -sha256 -days 356 -nodes  
    \ -newkey rsa:2048 
    \ -subj "/CN=root.com/C=MA/L=Locality"
    \ -keyout rootCA.key -out rootCA.crt

Self-signed certificate

To-way:

## Use previous CSR,Key: 

$ openssl x509 -req -days 365 -in domain.com.csr 
  \ -signkey domain.com.key -out domain.com.crt

[OR]
## Use previous CA:

$ vi extCert.conf
--- 
subjectAltName = DNS:*.domain.com

$ openssl x509 -req -in domain.com.csr 
  \ -CA rootCA.crt -CAkey rootCA.key -CAcreateserial
  \ -out demo.domain.com.crt -days 365 -sha256 
  \ -extfile extCert.conf

Review the certificate

$ openssl x509 -in domain.com.crt -text -noout

Useful: RHEL / Ubuntu Command

Yassine Sellami ・ Sep 3 '22 ・ 5 min read

#systems #cloud #devops #linux

Useful: VirtualBox helpers / Command

Yassine Sellami — Wed, 14 Sep 2022 22:35:35 +0000

VBoxManage list vms  // List all the virtual machines

Network

---# Port Forwarding
// if vm is powered
VBoxManage controlvm "MyVmName" natpf1 "guestSsh,tcp,,2222,,22"
// if vm is shutdown
VBoxManage modifyvm "MyVmName" --natpf1 "guestssh,tcp,,2222,,22"

Nested Virtualization

If you can't change it from the interface, run the following cmd:
VBoxManage modifyvm <VMName> --nested-hw-virt on

Fast Way: How To Install Docker and Docker Compose on Linux

Yassine Sellami — Wed, 14 Sep 2022 21:51:28 +0000

Docker

-- update packages: 
sudo apt update

-- install prerequisite packages:
sudo apt install apt-transport-https ca-certificates curl software-properties-common

-- Add GPG key: 
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

-- Add the Docker repository to APT sources:
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

-- Update packages again:
sudo apt update

-- Check Docker repo:
apt-cache policy docker-ce

-- install Docker
sudo apt install docker-ce

-- Check that it’s running:
sudo systemctl status docker

Or, All in one :

sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

Docker Compose

-- Download docker compose v2.11.0
mkdir -p ~/.docker/cli-plugins/
curl -SL https://github.com/docker/compose/releases/download/v2.11.0/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose

-- Permissions to docker compose:
chmod +x ~/.docker/cli-plugins/docker-compose

-- Verify the installation
docker compose version

Or newer project from:

sudo apt-get install docker-compose-plugin

-- If you prefer the old style, create an alias: 
alias docker-compose='docker compose'

How To: run MobaXterm on Ubuntu (Linux) with Wine

Yassine Sellami — Sat, 03 Sep 2022 23:39:22 +0000

What is WIne?

Wine (originally an acronym for Wine Is Not an Emulator) is a compatibility layer capable of running Windows applications on several POSIX-compliant operating systems, such as Linux, Mac OSX, & BSD.
Instead of simulating internal Windows logic like a virtual machine or emulator, Wine translates Windows API calls into POSIX calls on-the-fly, eliminating the performance and memory penalties of other methods and allowing you to cleanly integrate Windows applications into your desktop.

WIne Instalation:

1 - WIne: download & Install

Enable 32 bit architecture (If your system is 64 bit):

sudo dpkg --add-architecture i386

Download and add the repository key:

sudo wget -nc -O /usr/share/keyrings/winehq-archive.key https://dl.winehq.org/wine-builds/winehq.key

Add the repository according to the codename of your version of Ubuntu

sudo wget -nc -P /etc/apt/sources.list.d/ https://dl.winehq.org/wine-builds/ubuntu/dists/$(lsb_release -sc)/winehq-$(lsb_release -sc).sources

Update & Install package: chose winehq-devel | winehq-stable

sudo apt update
sudo apt install --install-recommends winehq-stable

Wine Configuration:

winecfg

MobaXtrem

2 - MobaXterm: Downloadn and Install

Download the new MobaXterm features at: Preview version
Unzip the MobaXterm package using the unzip command
Open a terminal, cd to the directory where you unzipped MobaXterm program and type:

wine MobaXterm_Personal_22.2_Preview2.exe

3 - Add Application Shortcuts

Download MobaXtrem icon and save it on MobaXtrem folder with name icon.jpg
Create file .desktop

cd /usr/share/applications (Global) 
or
cd ~/.local/share/applications/ (Local)
vi mobaXtrem.desktop

and past the content:

[Desktop Entry]
Name=MobaXtrem 
Exec=env WINEPREFIX="/home/ysellami/.wine" wine /home/ysellami/path/to/MobaXterm/MobaXterm_Personal_22.2_Preview2.exe
Type=Application
Icon=/home/ysellami/path/to/MobaXterm/icon.jpg
StartupNotify=true

Enjoy, now u can search Mobaxtrem and run it or add it in dockBar favorit

Useful: RHEL / Ubuntu Command

Yassine Sellami — Sat, 03 Sep 2022 22:21:06 +0000

== [ All Distributions ] ==

-- Find Linux Standard Base (LSB) information
lsb_release -a

-- Check if virtualization is supported on Linux,The output must be not empty:
grep -E --color 'vmx|svm' /proc/cpuinfo

--# Archive management
zip -r -T files folder
unzip files.zip
unzip files.zip -d /path/to/extract/ 

--# env variables
export HTTP_PROXY=http://proxy_ip_name:port
vi ~/.bashrc =then> add export line =then run> source ~/.bachrc
unset HTTP_PROXY

Content Managment

touch test-{1..50}.bak // create 50 empty file
ls -t *.bak | tail | xargs rm   // delete oldest backup


---# Find 

find / -iname "*foo*txt" 2>/dev/null  # Find by approximate name
find ~/Documents -ls   # Find everything
find ~ -type f         # Find by type f:file,d:dir
find ~/opt/ -maxdepth 1 -type d  # Limit listing
find ~ -type f -empty  # Find empty files
# Find by content
find ~/Documents/ -name "*log" -exec grep -Hi text-to-search {} \;
# Find files by age
- finds log files that haven't been modified in a month or more:
find /var/log -iname "*~" -o -iname "*log*" -mtime +30
- find log files modified within the past week:
find /var/log -iname "*~" -o -iname "*log*" -mtime -7
find /var/log -iname "*~" -o -iname "*log*" -mtime -7 -ls
# Search a path
find / -type d -name 'img' -ipath "*public_html/example.com*" 2>/dev/null

---# Find & delete 
find . -name ".DS_Store" -type f -delete

---# Grep 
grep -R 'import' --include='*.java' --color MySourceCodeDir


---# SED
sed -i 's#ORIGINAL_VALLUE#NEW_VALUE#g' myfile1 myfile2

== [ Redhat ] ==

Sys information

---# Redhat sys information
cat /etc/redhat-release


---# Memory
top -o %MEM -c  # Mem by runing commands, press [e] switch memory unit, [?] details
watch -n 5 -d '/bin/free -m' # repeats cmd every 5s

# htop
yum install htop
htop

---# CPU
ps -aux  # proccess with PID

---# Disk
# Display disk partition sizes
lsblk --json | jq -c '.blockdevices[]|[.name,.size]'
# Display the size of an installed RPM
rpm --queryformat='%12{SIZE} %{NAME}\n' \
   -q java-11-openjdk-headless

---# yum
yum install yum-security
// search
yum search <package>
yum info <package>
yum -v list <package> --show-duplicates
// update
yum update
yum -y update --security //apply all security update
yum -y update-minimal --security
yum update --cve <CVE>
yum updateinfo list
yum updateinfo list cves

// clean
yum clean all
yum clean metadata
// yum repo
ls /etc/yum.repos.d/

---# Configuring Booleans
setsebool <boolean_name> on|off
getsebool httpd_can_network_connect        // Get
setsebool -P httpd_can_network_connect on  // -P: changes persistent across reboots 
setsebool -P mysql_connect_any on

---# Date & Time
timedatectl  // Displaying Current Date & Time

// change system time 
timedatectl set-time 20:52:40
timedatectl set-time "2017-06-02 23:26:00"
// time zones
timedatectl list-timezones // listing all time zone
timedatectl set-timezone "Europe/Berlin"
// Sync clock with a Remote Server
timedatectl set-ntp yes  // NTP service must be installed
systemctl restart systemd-timedated.service  // restart

---# chronyd
yum install chrony
systemctl start|status|... chronyd
vi /etc/chrony.conf  // config file
chronyc tracking     // check chrony tracking,
chronyc sources -v   // info about current time sources
chronyc sourcestats  // info about drift rate and offset estimation process for each of the sources currently being examined by chronyd.
check firewall: //123 = NTP Port
firewall-cmd --permanent --zone=public --add-port=123/udp

Alias

alias   // listing
alias search=grep  // create new alias
// Creating Permanent Aliases
vi ~/.bashrc && source ~/.bashrc
unalias alias_name // remove alias

Journal & Audit

--# Journal CTL 
journalctl -f   #Follow like tail -f
journalctl -k   #View kernel messages from current boot
journalctl -u jenkins.service -f
journalctl _PID=[numPid]
journalctl -p [err|info..]
journalctl --since "2022-10-10 16:00:00"
journalctl --since "2022-10-10 16:00:00" --until "2022-10-10 20:00:00"

journalctl --no-pager --since today \
      --grep 'fail|error|fatal' --output json|jq '._EXE' | \
      sort | uniq -c | sort --numeric --reverse --key 1


-- config
vi /etc/systemd/journald.conf

--# RHEL Audit 
yum install audit
service auditd start
-- config
vi /etc/audit/auditd.conf
-- reporting
aureport --start 04/04/2022 00:00:00 --end 04/06/2022 00:00:00

Java

yum install java-11-openjdk
java -version
update-alternatives --config 'java'

---# Process
jps -v
ps -aux | grep java 

---# capture heap dump Manually
jmap dump:live,format=b,file=/opt/dump.hprof <PID>
jcmd <PID> GC.heap_dump /opt/dump.hprof
jcmd <PID> Thread.print
kill -3 <PID> # useful when you use containerized
jstack <PID> > /opt/my-app.tdump  # Save analysis result to file

---# capture heap dump Automatically
java -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=<file-or-dir-path>

Firewalld

yum install firewalld -y
systemctl enable firewalld
systemctl start firewalld
systemctl status firewalld
chkconfig firewalld on

---# help
man firewalld

---# Allow/Deny
firewall-cmd --zone public --permanent --add-port 7000-9000/tcp 

- allow or deny a port
firewall-cmd --add-port=12345/tcp --permanent
firewall-cmd --remove-port=8080/tcp --permanent
- allow or deny a protocol
firewall-cmd --add-protocol=smb2 --permanent
firewall-cmd --remove-protocol=smb --permanent
- allow or deny a service
firewall-cmd --get-services
firewall-cmd --add-service=smtp --permanent
firewall-cmd --remove-service=smtp --permanent

Each service has an XML file located at /usr/lib/firewalld/services which contains the port and protocol being used by the service. 
For example, the ssh.xml file is using port 22 and the TCP protocol.
    <?xml version="1.0" encoding="utf-8"?>
    <service>
    <short>SSH</short>
    <port protocol="tcp" port="22"/>
    </service>

firewall-cmd --zone public --list-services

---# Zones: Each zone has its own unique set of rules. For example, public zone can be bound to eth0 and only allow HTTP, and internal zone can be bound to eth1 and allow both HTTP and SSH.
firewall-cmd --get-active-zones
firewall-cmd --list-all-zones
firewall-cmd --list-all --zone=internal
firewall-cmd --list-all --zone=public
firewall-cmd --set-default-zone=dmz
or 
vi /etc/firewalld/firewalld.conf
DefaultZone=dmz

---# IP address masquerade
firewall-cmd --add-masquerade --permanent
firewall-cmd --remove-masquerade --permanent
firewall-cmd --zone public --query-masquerade

---# port forward: 
   firewall-cmd --zone=external --add-forward-port=port=22:proto=tcp:toport=12345 --permanent
  The SSH service listening on port 12345 is on the same server as the SSH service with port 22.

  firewall-cmd --zone=external --add-forward-port=port=22:proto=tcp:toport=10.1.2.3:12345 --permanent
    To forward request to another server, add the target IP address.

history

history       // get all history
history -c    // clean up
history -d 4  // remove by id 4
for i in {1..10}; do history -d 40; done  // remove 40 - 50
HISTSIZE=50   // change history size
set +o history  // disable history for current shell
set -o | grep history   // check if enabled/disabled
set -o history  // enable
// disable permanently
echo 'set +o history' >> ~/.bashrc & sh ~/.bashrc
echo 'unset HISTFILE' >> /etc/profile.d/nohistory.sh

SSL, TLS & Certification

-- Export the private key:
openssl pkcs12 -in certfile.pfx -nocerts -out key.pem -nodes
-- Export the certificate: 
openssl pkcs12 -in certfile.pfx -nokeys -out cert.pem
-- Remove passphrase from key: 
openssl rsa -in key.pem -out server.key 

-- save server cert
openssl s_client -connect my.domain.com:443 -servername my.doamin.com | tee logCertificatFile
-- locking for the issuer
openssl x509 -in logCertificatFile -noout -text | grep -i "issuer"
curl --output myCertificat.crt urlOfissuer
openssl x509 -inform DER -in myCertificat.crt -out myCertificat.pem -text
set NODE_EXTRA_CA_CERTS="myCertificat.pem"  // ex: for nodeJs env

trust list
trust anchor path/to/certificate.crt
trust anchor --remove path/to/certificate.crt
trust anchor --remove "pkcs..."

User & group Management

---# Add user
useradd myusername 
useradd -r myusername //has some root privileges, but not all, UID < UID_MIN 
useradd -c "My UserName" -d /home/my_dir myusername 
useradd -m -k /dir_default myusername //copies contents /dir_default to /home/myusername
useradd -e 2022-12-15 myusername //automatically disabled on 2022-12-15

usermod -l "new-login" myusername

---# Set password
passwd myusername 
passwd -l myusername // lock 
passwd -u myusername // unlock 
passwd -e myusername // change password during the next login 
passwd -n 10 -x 60 -w 3 myusername // set password lifetime 
passwd -S myusername // short info for password status 

---# Get User iformation
lslogins myusername  // display detailed info

---# Delete user
userdel myusername
userdel -r myusername // remove file /home/myusername 

---# add user to group
useradd -G my_group myusername 
usermod -g my_group myusername

---# Create group
groupadd my_group // add group
groupdel my_roup  // delete group
getent group      // group listing

---# All user
cat /etc/passwd

---# User cmd default cofig
cat /etc/login.defs
  PASS_MAX_DAYS 99999
  PASS_MIN_DAYS 0
  PASS_MIN_LEN  5
  PASS_WARN_AGE 7
  CREATE_HOME   yes
  ...

Permission

chown -R username:group /path/to/folder
chown -R $USER /path/to/folder // curent user

---# Access Control Lists
Types of ACLs:  
  Access ACLs : list for a specific file or directory.  
  Default ACLs. can only be associated with a directory.

yum install acl
[setfacl -m rules files]
-m: add or modify
u:uid:rwx => user
g:gid:rwx => group
m:rwx => rights mask, union of all permissions.
o:rwx => users other than the ones in the group for the file.
rwx-X => read,write,execut,- = abdent, X = execut only folders
// helps
man setfacl

setfacl -d -m group:developer:rx /var/log
setfacl -d -m group:developer:rwx /home

// Deny access to the developer group
setfacl -m group:developer:--- /root

// remove permission
setfacl -x u:myusername /path/to/folder

// get acl for folder
getfacl /path/to/file.png

// Changing the default umask for a specific user
echo 'umask octal_value' >> /home/username/.bashrc
more: [check](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/configuring_basic_system_settings/index)

Network

---# ifconfig
yum install net-tools
ifconfig

---# Ip
ip addr

---# Check open ports, 3 way
sudo lsof -i tcp
netstat -tulpn 
sudo ss -lt

CURL

curl https://amazon.com -v   // verbose
curl https://amazon.com -k  // Ignore certificat
curl https://amazon.com --noproxy '*'
curl https://amazon.com -x 'http://proxy-ip-name:port'
curl telnet://localhost:80 -v // check connected status + (ctr+c)

SSHD

---# Generating Key Pairs
su myuser
ssh-keygen -t rsa
chmod 700 ~/.ssh
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
!!! Never share your private key with anybody !!!


---# ssh configuration
vi /etc/ssh/sshd_config
PubkeyAuthentication yes    // enable auth with public key
#Banner none                // disable banner message

---# sshd daemon
service sshd restart OR systemctl restart sshd

Nginx

# Display top 10IP addresses hitting webserver
cat /var/log/nginx/access.log | cut -f 1 -d ' ' | sort | \
uniq -c | sort -hr | head -n 10

== [ Ubuntu ] ==

Sys information

---# Find which WM_CLASS your window has,used as value in StartupWMClass on .desktop files to ignore duplication
xprop WM_CLASS

Soft management

---# How to execute .bin .run file
chmod +x my_ide.run
./my_ide.run

---# add application icon to menu (dockbar)
cd /usr/share/applications (Global) 
cd ~/.local/share/applications/ (Local)
vi my_app.desktop
......
[Desktop Entry]
Comment=LiferayStudio
Terminal=false
Name=Liferay DXP Studio
Encoding=UTF-8
Exec='/opt/tools/liferay-developer-studio/DeveloperStudio'
Type=Application
Icon=/opt/tools/liferay-developer-studio/icon.xpm
StartupWMClass=LiferayDeveloper
......

User management:

-- Get a List of All Users
less /etc/passwd
-- Add user to group
sudo usermod -aG [GROUP] [USER]
ex: sudo usermod -aG docker ${USER} => add your user to docker group
-- Login to specific user 
su - [USER]

User Interface (UI/UX)

## Minimize & Maximize buttons in Gnome
Separation by `:`
Left:
gsettings set org.gnome.desktop.wm.preferences button-layout "close,minimize,maximize:"
Right: ":minimize,maximize,close"
Mix: "close:minimize,maximize"

## Disable task switcher grouping 
1- Open (dconf-editor)[apt://dconf-editor]
2- Go to org/gnome/desktop/wm/keybindings
3- Move the value 'Tab' from switch-applications to switch-windows : 
set switch-windows = ['<Alt>Tab']

Meet Publii, a new Static CMS with GUI to build an extremely safe, fast and stylish HTML website

Yassine Sellami — Wed, 27 May 2020 20:49:15 +0000

In progress..

How To: Ssh Into Ubuntu VM Virtualbox From Host Machine

Yassine Sellami — Sun, 14 Jul 2019 12:30:25 +0000

Hi guys, In this article we will see how to connect to VM virtualBox from host systeme

What is SSH?

SSH, Secure Shel also known as Secure Socket Shell, is a network protocol that gives system administrators, a secure way to access a computer over an unsecured network.

How To: install ubuntu on VirtualBox

Yassine Sellami ・ Jul 11 '19

#ubuntu #linux #virtualization #howto

How to install openSSH server on Ubuntu

sshd : is the OpenSSH server process. It listens to incoming connections using the SSH protocol and acts as the server for the protocol. It handles user authentication, encryption, terminal connections, file transfers, and tunnelling.
Let's start to install openssh-server.
First update the system

$ sudo apt update
$ sudo apt upgrade

To install openssh-server package, run:

$ sudo apt install openssh-server

Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:

$ sudo service ssh start

Verify that ssh service running

$ sudo systemctl status ssh

Configure firewall and open port 22

Before enabling the UFW firewall we need to add a rule which will allow incoming SSH connections. If you’re connecting to your server from a remote location, which is almost always the case and you enable the UFW firewall before explicitly allow incoming SSH connections you will no longer be able to connect to your Ubuntu server.

To configure your UFW firewall to allow incoming SSH connections, type the following command:

$ sudo ufw allow ssh

Now we can enable UFW firewall by typing:

$ sudo ufw enable

You can check the status of UFW with the following command:

$ sudo ufw status

SSH to a VM VirtualBox

The best way to login to a guest Linux VirtualBox VM is port forwarding. By default, you should have one interface already which is using NAT.
Then go to the Network settings and click advanced, Click on the Port Forwarding button.

Add a new Rule. As value :
rule name = "ssh", "Protocol' = "TCP", "Host port" = 2222, "Guest port" = 22.
VirtualBox will create a private network (10.0.2.x) which will be connected to your host network using NAT, To get Guest IP, type the following command in you VM ubuntu :

$ sudo ifconfig [interface_name] (for me:  ifconfig enp0s3)
if use latest version of ubuntu, it use #Netplan, You can try this command
$ sudo ip a

Everything else of the rule can be left blank.

This way, we can point putty or MobaXterm to Port 22 of 127.0.0.1 and VirtualBox will redirect this connection to our VM where its ssh daemon will answer it, allowing us to log in.
In my case I use MobaXtrem, To SSH into the guest VM, write:

$ ssh -p 2222 [user]@127.0.0.1

*Where user is your username within the VM.

Close GUI session in virtualbox without shutting down the VM

There is an extra dropdown menu next to the Start button with an even better option:
Detachable Start! It is a hybrid start option where they run the VM process in the background, and simply display a headless VM client that you can easily close.

Then you can close VirtualBox GUI, by choosing "Continue ruining in the background":

Enjoy the fact that you can now SSH into your VM!

How To: run MobaXterm on Ubuntu (Linux) with Wine

Yassine Sellami ・ Sep 3 '22

#tutorial #ubuntu #linux #howto

Useful: RHEL / Ubuntu Command

Yassine Sellami ・ Sep 3 '22

#systems #cloud #devops #linux