Monday, August 24, 2020

Using yum through socks5 proxy

This is useful when you have a server that is not allowed to go to the internet, but have an ssh connection to another server that is able to go to the internet (we can call it jumphost).

1. Setup a socks proxy on port 8888 (any port will do, 8888 is just my preference) via the jumphost

# ssh -D 8888 -fN user@jumphost

2. Append below line into yum.conf

# cat  >> /etc/yum.conf <<EOF



3. Yum away (or run the yum command). All yum command will now tunneled through jumphost

# yum update

4. Once done, kill the socks proxy connection

# kill -9 $(ps -ef | grep fN | grep -v grep | awk '{print $2}')

5. And remove the proxy setting in /etc/yum.conf

# sed -i '$d' /etc/yum.conf

Sunday, August 23, 2020

Using mkchromecast in Linux Mint 20

 I used to use mkchromecast in my linux mint 19 without any issue, The installation is pretty straight forward, easy to use, and the best of all, is that mkchromecast is able to cast video with subtitle. 

After I have upgraded my machine to Mint 20, I installed it, and encountered one issue whereby mkchromecast does not pair properly with chromecast due to an issue in the pychromecast version used in ubuntu 20.04 (or linux mint 20 in my case). 

The bug is being reported in here, and was from this page that I found by googling the error.

So to install mkchromecast in linux mint 20 (or ubuntu 20.04), here are the steps:

1. Install the application

$ sudo apt install mkchromecast -y

2. Update pychromecast package to version 4.1.1

$ pip3 install pychromecast==4.1.1

That's all. To use it, just follow below steps:

1. Open a new terminal, and cast a video

$ mkchromecast --video -i myvideo.mp4

2. If you want to cast a video with a subtitle file

$ mkchromecast --video -i myvideo.mp4 --subtitle

3. If you have multiple chromecast device, please use -s, and choose the index of the chromecast device you would like to use

$ mkchromecast --video -i myvideo.mp4 --subtitle -s

4. Casting with basic control like pause (keyboard p), resume (keyboard r), volume up (keyboard u) and volume down (keyboard d)

$ mkchromecast --video -i myvideo.mp4 --subtitle --control

mkchromecast is an excellent tool to cast your video to the big screen, but if you are not comfortable with casting with commands, vlc and google chrome browser are better tools but without the subtitle.

Monday, August 17, 2020

Monitoring coreutils basic operation progress, with progress app

While copying or moving stuff across locations in my computer, using terminal, most of the time I want to have a progress reporting of how much has been copied or moved. This can be easily achieved using a neat little tool called progress. To use it, you have to install it first.

To install progress

$ sudo apt install progress -y

Start you coreutils basic operation (cp, mv, dd, tar, gzip/gunzip, cat, etc.)

$ cp CentOS-8.1.1911-x86_64-dvd1.iso /data/

Monitor the progress using progress. Just run progress:

$ progress

To continuously see the progress, just use the -m option. It will update regularly, and speed and estimated remaining time will be shown 

$ progress -m

Friday, August 14, 2020

Quick DNS Server on Centos 8 using dnsmasq

To setup a quick and easy DNS server for CentOS 8, I choose dnsmasq. Bind is powerful, but too complicated for a simple DNS in a small LAN environment. So let's get started.

Install dnsmasq

# yum install dnsmasq -y

Backup original dnsmasq.conf configuration file

# cp /etc/dnsmasq.conf /etc/dnsmasq.conf.ori

Insert some settings into dnsmasq.conf. This is assuming our CentOS box IP address is, and it's interface is enp0s3. The "server" settings are for upstream DNS addresses.

# cat > /etc/dnsmasq.conf <<EOF











Test your configuration for any syntax error
# dnsmasq --test

Now to put in some dns records. Dnsmasq will read all records from /etc/hosts of the dnsmasq server (how easy & convenient is that?!)
# cat >> /etc/hosts <<EOF

Start your dnsmasq service
# systemctl start dnsmasq

Allow DNS in firewall
# firewall-cmd --add-service dns
# firewall-cmd --add-service dns --permanent

Now to put your DNS to test. The best is to use other machine. My other machine is using DHCP, so I need to configure the DNS setting to point to my brand new dnsmasq server, and ignore the dns given by my DHCP
# nmcli connection modify enp0s3 ipv4.ignore-auto-dns yes
# nmcli connection modify enp0s3 ipv4.dns
# nmcli connection down enp0s3
# nmcli connection up enp0s3

Ping test
# ping web
PING web ( 56(84) bytes of data.
64 bytes from web.local.lan ( icmp_seq=1 ttl=64 time=0.134 ms
64 bytes from web.local.lan ( icmp_seq=2 ttl=64 time=0.129 ms

You have got yourself a brand new DNS server, congratulations!

Monday, August 10, 2020

Monitor the progress of copy operation with pv

 Sometimes, when we need to copy a big file, let's say from our linux box, to a flash drive, and we just used the "cp" command. After a while, we are anxious to know what is the progress, and unfortunately we have forgotten to turn on verbose for the command. 

What to do? Cancellation is not an option, since we would be wasting time restarting the command again if we want to put the verbose option.

Worry not, there is a solution. And this solution is pv. Most of the time it is not installed by default, so we have to install it first.

What is pv? According to its man page, pv will monitor the progress of data through a pipe. Nice!

How do we install it?

$ sudo apt install pv -y

How do we use it? We can track the progress of any command, just by providing the PID of that running command. Let's say we are copying an iso. 

Firstly, get the PID of the cp command., and then run pv against it. 

$ ps -ef | grep iso | grep -v grep | awk '{print $2}'


$ pv -d 12345

and pv will provide you with a nice progress bar, with E.T.A. like below

Friday, August 7, 2020

SSH tunnelling to bind on all interfaces

Most of the time, we would not need this, since tunneling to a localhost is all we need to achieve our objective. Until one day, I have the requirement to actually tunnel my "behind the firewall" port to a public IP of a remote server. And here is how I do it.

Actually you can specify which IP you want the tunnel to be set up to. Let's say we want to set up a local tunnel on port 2222 of the address, connected to localhost port 22 at the remote server.

$ ssh -L user@remote.server.ip.address

If we want the tunnel to listen to all IPV4, we can do like below

$ ssh -L user@remote.server.ip.address

If we want just IPV6, we can do as below

$ ssh -L "[::]:2222:localhost:22" user@remote.server.ip.address

If we want the tunnel to listen on all interfaces, we can do like below

$ ssh -L \*:2222:localhost:22 user@remote.server.ip.address

That's all, happy tunnelling :)

Thursday, August 6, 2020

How to install shutter in Linux Mint 20

Shutter is a great screenshot application on linux for me. It can take screenshot, it can edit picture, it is like a complete package. Sadly. the development of this great software has been stalled. Shutter is not available through official repository, so we have to use an unofficial ppa to install it. Do not worry, the steps are very simple.

First and foremost, open your trusty terminal.

Install the unofficial ppa
$ sudo add-apt-repository -y ppa:linuxuprising/shutter

Update the apt database
$ sudo apt update

Install shutter
$ sudo apt install shutter -y

That's it, just in 3 simple steps, you are good to go in using shutter. Happy shuttering.

Tuesday, July 7, 2020

Check which linux kernel module is loaded

To check what modules are currently being loaded in kernel, you can just use lsmod command

$ lsmod 

The output will look like below

To get more information about a particular module, you can use modinfo. Lets say we want to get more information about psmouse module
$ modinfo psmouse

The output will look like below

Saturday, June 27, 2020

Testing mysql database connection using php mysqli

Sometimes you do not have mysql client in your web server to test mysql connection to database server. Using this method, you can use php, which will be available in all php based web server, to test your connection. This method is very easy to implement, just one line to do the testing. Thank you to Mr Guus for this awesome method

We are going to use var_dump with mysqli_connect functions, available in php.

$ php -r 'var_dump(mysqli_connect("", "myuser", "mypassword", "mydatabase"));'

whereby is my database ip address, myuser is my database username, mypassword is my database password, and mydatabase is the name of my database. Php -r is an option to run php command without the script tags

If the command does not throw any error, then your database connection is good to go.

Friday, May 8, 2020

Update DNS Server Information on Linux CentOS 7

To update the DNS server that the operating system will refer to, please follow below easy steps

1. Edit /etc/resolv.conf. In this example I use nano text editor. If you do not have nano, you can install it by running "yum install nano -y"
# nano /etc/resolv.conf

2. Type in "nameserver" followed by a space, and followed by your DNS server ip address. Please remember that the sequence of the entry is important. So please put your primary DNS server on top of your secondary server in the /etc/resolv.conf. In this example, my primary DNS is and my secondary DNS is

3. Save and exit. For nano, you can simply press Ctrl-x, y and Enter.

4. Check if you have added the configuration correctly
# cat /etc/resolv.conf

Thursday, May 7, 2020

Update Proxmox Network Configuration Without Restarting

In proxmox 6.1-7, if you make any changes to network configuration using the web interface, you either have to reboot the box, or press the "Apply Configuration" button to apply the changes. But the "Apply Configuration" button needs a package named ifupdown2 from proxmox repository to operate correctly.

So in order to make the button usable, so that we do not have to reboot the box every time we change proxmox network configuration, please follow below simple steps

1. Enable pve no-subscription repository, and disable proxmox default enterprise repository by referring here

2. Update proxmox package information
# apt update

3. Install ifupdown2
# apt install ifupdown2 -y

4. Now you can change any network settings in the proxmox web ui, and apply the configuration by pressing "Apply Configuration" button like below

Wednesday, May 6, 2020

Using Openvpn Client in Alpine Linux

Installing openvpn client in alpine linux is very easy. Just follow below command

# apk add openvpn

To use it, just run the command against an openvpn configuration file
# openvpn myopenvpnconfig.file

The first time you are using openvpn client, you will probably get this error:
ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)

What you can do is just give 666 permission to /dev/net/tun
# chmod 666 /dev/net/tun

and rerun the openvpn command
# openvpn myopenvpnconfig.file

Once you get this message "Initialization Sequence Completed", you should be able to access your remote server

Thursday, April 30, 2020

Run a Joomla CMS in Podman Pod

One of the special feature of podman over docker is, podman has the concept of pod. Pod is a feature to group containers together. One example is, is lets say we want to deploy a joomla stack. The stack can be deployed in a pod, so that the containers can be managed together, without having to operate on each single component of the stack.

To create a pod with port 8080 on localhost will be redirected to port 80 in a pod
$ podman pod create --name mypod --publish 8080:80

Next, create a container for database that belongs to our pod above
$ podman run -dit --pod mypod -e MYSQL_DATABASE=joomla -e MYSQL_USER=joomlauser -e MYSQL_PASSWORD=joomlapassword -e MYSQL_ROOT_PASSWORD=rootpw --name mariadb 

Check whether your mariadb container is ready, by viewing its logs
$ podman logs -f mariadb

After that create a joomla container. Since both the containers are in the same pod, joomla container can refer to mariadb with just since both of them share the same network namespace in a pod
$ podman run -dit --pod mypod -e JOOMLA_DB_HOST= -e JOOMLA_DB_USER=joomlauser -e JOOMLA_DB_PASSWORD=joomlapassword -e JOOMLA_DB_NAME=joomla --name joomla

Similar to mariadb container, you can check whether your joomla container is ready by viewing its logs
$ podman logs -f joomla

Start a browser, and browse to You should be able to access the joomla web interface. Continue with the installation using the web interface. Make sure you put for the database host information in the web installer.

Saturday, April 25, 2020

Starting a Web Server using Podman

To start a web server using podman, in this case we are using nginx from docker repository, just run below command to start a webserver and expose it on port 8080 localhost
$ podman run -dit -p 8080:80

Test our brand new web server
$ curl -s localhost:8080 | tail
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href=""></a>.<br/>
Commercial support is available at
<a href=""></a>.</p>

<p><em>Thank you for using nginx.</em></p>

Friday, April 24, 2020

How to Install Podman on CentOS 8

Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System. 

Some of the advantages of podman over docker for managing your linux containers are:
1. Podman is daemonless
2. Podman is fully compatible with docker, thus can run docker images without any modification even from
3. Most podman commands can be run as a regular user, without requiring additional privileges. 
4. Used by Redhat in latest openshift container platform

To install podman on CentOS 8, just run below command

# dnf install podman -y

# yum install -y podman

Once installed, check podman version to ensure podman has been installed successfully
# podman --version

Thursday, April 23, 2020

Downloading ISO Directly to Proxmox Using Command Line

This is usually the faster way to get any iso to proxmox, especially if you are connecting to proxmox via some not so fast internet connection. But if you still prefer to use the web GUI, please refer to this post on how to do it via the web UI.

Go to the directory where iso's are being kept in proxmox
# cd /var/lib/vz/template/iso

If you have not downloaded the ISO, you can download it directly in this directory. For example I want to download a Centos 8 ISO
# wget

Once done, refresh the webUI

Proxmox VE No Subscription Repository

When you install Proxmox VE, by default the system will be configured to use Proxmox VE enterprise repository, which needs subscription in order to use it.

If you do not plan on purchasing the subscription, but still want to get updates on the latest package, you can use Proxmox VE no-subscription repository.

According to this document, this repository is recommended only for non production, as the packages are not heavily tested. Proceed at your own risk if you want to use it for production.

To enable the pve no-subscription repository
$ echo "deb buster pve-no-subscription" | sudo tee -a /etc/apt/sources.list

To disable the enterprise repository
$ cd /etc/apt/sources.list.d/
$ sudo mv pve-enterprise.list pve-enterprise.list.disabled

Update package information
$ sudo apt update

You should now be seeing the new no-subscription repository being checked, and the enterprise repository being left out

Wednesday, April 22, 2020

Windows in Proxmox Cannot Detect Virtio Network Adapter

I encountered this issue when installing Windows 2019 on proxmox Virtual Environment 6.1-7.

Below is my windows VM setting

In windows, I cannot see any network adapter to be configured.

After looking around in proxmox documentation, I found this gem, whereby you can download driver for the windows so that your windows can recognize the virtio interface.

You can download the iso for the driver from the above link, or using this direct link.

Once downloaded, upload the iso to proxmox using these steps.

Insert it into our windows vm cd drive, like below

You should now be able to see the iso mounted as D drive (depending on how many partition you have in your windows VM)

Now you have to install the driver. Press windows + s, type Device Manager and press Enter.

Expand "Network Adapters", you should see one adapter that is not recognized by windows.

Right click on it, and choose "Update driver"

Click on "Browse my computer for driver software"

Type in D:\ for the location, and tick "Include subfolders"

Click Next, and the wizard will search for a suitable driver for your device. Wait for it to finish.

Once done, it will show that your windows now has recognized the network adapter.

Reboot, if the wizard asks for it.


Monday, April 20, 2020

Adding Internet Based Repositories in Alpine Linux

What I like about alpine linux is, it is very fast to get to a working linux with a shell inside a VM, and I can start testing whatever I need to test straight away. But the default setting of alpine linux does not preconfigured to get any packages from the internet, which is a pity. So we have to add it manually.

To add the main and community repositories manually, run below commands
# echo '' >> /etc/apk/repos
# echo '' >> /etc/apk/repos

Update repository indexes
# apk update

That's it. You can now search for any package
# apk search openssh

And install any package
# apk add openssh-client

Thursday, April 9, 2020

Enable pfsense Web Interface from WAN Temporarily

By default pfsense only allow access to web interface from LAN. But sometimes you need access from WAN, just for a very short time. For example, you do not have any machine in LAN that have web interface, and you need the web interface to make some changes.

The steps are as follows, if you have access to pfsense text based console

1. Access the text based console

2. Choose option 8, to access the pfsense shell

3. Run this command: pfctl -d

4. Once you get the message "pf is disabled", you can now access pfsense web interface using WAN ip, in this case,, and make your changes in the web interface. Once you activate the changes, the firewall will be turned on again, so you won't be able to access web interface via WAN anymore.

5. If by any chance you want to enable back firewall manually, run: pfctl -e

If you do not have access to the console, you have to use ssh.

1. ssh into any linux machine on the LAN side

2. From the linux machine, ssh into pfsense

3. Run pfctl -d

4. Access your pfsense web interface via WAN IP. The firewall will automatically started if you "Apply Change" in web interface.

5. If you want to enable pf manuallt, run pfctl -e.

6 Logout from pfsense

Credit to this site for the great tutorial.

Wednesday, April 8, 2020

Uploading iso to Proxmox

To upload iso to proxmox, so that the iso can be used to create VM, please follow below steps

1. Login to proxmox
2. On the left hand side, expand Datacenter, until you see node/s
3. Expand the node until you see local. Click on "local"
4. On the right hand side, click "Content"
5. Click "Upload"
6. Select the iso file that you want to upload, and click "Upload"
7. Once uploaded, you will see the iso listed on the right hand side. Please refer below picture for clearer view

Friday, April 3, 2020

Install and Use Vagrant on Linux Mint 19 with Virtualbox

Vagrant is a tool for building and managing virtual machine environments in a single workflow. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases production parity, and makes the "works on my machine" excuse a relic of the past.

We can always install vagrant from the repository, but the one in the repository is quite an old version, which is 2.0.2. So we will download the latest version from Since they do not provide a package for ubuntu/mint, we will use debian package.

To download the installer
$ wget -c 

To install vagrant
$ sudo apt install ./vagrant_2.2.7_x86_64.deb -y

Download virtualbox, if you still have not install it
$ wget -c

Install  virtualbox
$ sudo apt install ./virtualbox-6.1_6.1.4-136177~Ubuntu~bionic_amd64.deb -y

Let's say we want to create an ubuntu bionic virtual machine (VM) using vagrant. First we have to run init
$ mkdir -p  vagrant/ubuntu-bionic
$ cd vagrant/ubuntu-bionic
$ vagrant init hashicorp/bionic64
$ vagrant up

The init command will create a standard Vagrantfile, which can be used to define the specs of virtual machine we want to make.

The up command will use the Vagrantfile, and create a VM out of it.

Once all the downloading is done, the VM will be created, and you can login into the box using ssh command
$ vagrant ssh

And within just a few commands, you already have a working virtual machine without having to do the standard operating system installation just like when you create a virtual machine using the traditional way.

Thursday, February 13, 2020

Installing Wordpress on Ubuntu 18.04 Using LEMP Stack

Installing wordpress on LEMP stack is not much different from installing in LAMP stack. For those who do not know, LEMP stands for Linux + Nginx + Mariadb + PHP stack, and LAMP stands for Linux + Apache + Mariadb/mysql + PHP stack. Check out my other post on how to install wordpress on LAMP stack on ubuntu.

As per the stack definition, there are 3 main components to be installed: nginx, mariadb and php.

Install nginx:
$ sudo apt install nginx -y

Install mariadb:
$ sudo apt install mariadb-server -y

Install php, php-mysql and php-fpm
$ sudo apt install php php-mysql php-fpm -y

Download wordpress code
$ wget

Start mariadb
$ sudo systemctl start mariadb

Secure mariadb installation
$ sudo mysql_secure_installation

Create a database for wordpress
$ sudo mariadb -u root
MariaDB [none]> create database wpdb;
MariaDB [none]> grant all on wpdb.* to wpuser@localhost identified by 'wppassword';
MariaDB [none]> flush privileges;
MariaDB [none]> exit

Test the newly created user and db
$ mariadb -u wpuser -p wpdb
MariaDB [wpdb]> exit

Download wordpress
$ wget

Extract wordpress
$ tar -xvf latest.tar.gz

Move wordpress directory to /var/www/html
$ sudo mv wordpress /var/www/html

Change ownership of the wordpress directory
$ sudo chown -R www-data /var/www/html/wordpress

Create nginx virtualhost configuration for wordpress
$ sudo nano /etc/nginx/conf.d/wordpress.conf

Add in below code (change the server name to refer to your ip address, since we do not have any domain at the moment)
server {
        listen   80;

        root /var/www/html/wordpress;
        index index.php index.html;

        location / {
                try_files $uri $uri/ /index.php?q=$request_uri;

        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
              root /usr/share/nginx/www;

        location ~ .php$ {
                try_files $uri =404;
                fastcgi_pass unix:/run/php/php7.2-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;

Save the file and exit

Test nginx config for any syntax error
$ sudo nginx -t

Start nginx
$ sudo systemctl start nginx

Start php-fpm
$ sudo systemctl start php7.2-fpm

Open a web browser and put in you server_name address in the address bar, and you should be able to get the wordpress installation wizard. Press "Continue"

Press "Let's go!"

Fill up database details and press "Submit"

If everything is correct, you will get to "Run the installation" page. Click on "Run the installation" button. 

Fill up the necessary information for your wordpress blog, and click "Install wordpress" to finish wordpress installation

Monday, February 10, 2020

Expediting Files Copy to USB

Copying to usb is quite troublesome in linux, whereby the "cp" command or file manager reports that the file has been copied successfully, but if your usb drive has LED, you can see that the LED is flashing frantically as if it is doing some hard work in the background. 

This is due to the default ubuntu linux setting for kernel parameter called vm.dirty_bytes is being set 0 (unlimited), which means that after copying process has been started, the file will be copied to buffer as a whole, the process that started the copying (file manager or "cp" command) will be notified that copy has completed, but in the background, the file is actually sitting in the buffer, waiting to be written to the usb driver.

This will results in the file manager showing 100% copied, but the file is not actually being written to the usb.

One of the way to expedite the copy process is, by limiting the size of the buffer, so the file will get written to the usb faster. 

You can check what is the current buffer (vm.dirty_bytes) value by running:
$ sudo sysctl vm.dirty_bytes
vm_dirty_bytes = 0

Change the current value to something small (like 15MB)
$ sudo sysctl vm.dirty_bytes=15000000

Start the copying process
$ cp some-big-file /mnt

The copy process will complete faster.

To make the change permanent:
$ echo "vm.dirty_bytes=15000000" | sudo tee -a /etc/sysctl.conf 

Reboot your machine
$ sudo reboot

Once rebooted, check whether the value stays
$ sudo sysctl vm.dirty_bytes
vm_dirty_bytes = 15000000


Credit to: