Tuesday, June 20, 2023

Configure sftp server

sftp server is an ftp server, but using ssh protocol. To set up one, please follow below steps.


First, create a directory to keep the uploaded data
$ sudo mkdir /data

Then, create a special group for sftp users
$ sudo groupadd sftp_users

Next, create a user called newuser that doesn't have regular login privileges, as a member of the newly created group, home directory set to /upload, and shell set to /sbin/nologin.
$ sudo useradd -g sftp_users -d /upload -s /sbin/nologin newuser

Set a password for the new user
$ sudo passwd newuser

Create an sftp directory for the new user, and set proper permissions for the directory
$ sudo mkdir -p /data/newuser/upload
$ sudo chown -R root:sftp_users /data/newuser
$ sudo chown -R newuser:sftp_users /data/newuser/upload

Add below lines to the end of /etc/ssh/sshd_config. Use any text editor that you are familiar with. Save the file once done.
Match Group sftp_users
ChrootDirectory /data/%u
ForceCommand internal-sftpd 

Test /etc/ssh/sshd_config for any syntax error
$ sudo sshd -t -f /etc/ssh/sshd_config

Restart ssh if no error reported from the above command
$ sudo systemctl restart sshd

Now we can use the user to upload or download data from the server
$ sftp newuser@server.ip.add.ress

Use "get" command to download, and "put" command to upload file.

We can also use applications like winscp and filezilla, to get a user interface.

Monday, June 12, 2023

Autostart podman containers on host boot/reboot

Podman is an excellent alternative to docker, but it would not survive host reboot since it does not have any daemon running. Is all hope lost? Nope, podman has one trick up its sleeve that can save the day.


Introducing "podman generate" command. This command can generate yaml, json or systemd file for any containers. In this case, we are going to generate a systemd script for our container, to make sure it survives host reboot.

How to use this tool? First we need a running container.

Once we have a running container, simply run below command to create systemd service file for your container (in this example, mycontainer is the name of the container), and save it to a file called container-mycontainer.service.
$ podman generate systemd --new --name mycontainer -f

Then, move the conatainer-mycontainer.service file into /etc/systemd/system, for systemd to start recognizing your service (we changed the name to just mycontainer.service, to shorten the name, and make it easier to type). 
$ sudo mv container-mycontainer.service /etc/systemd/system/mycontainer.service

After that, we need to reload the systemd for the root user, to make systemd aware of the new service.
$ sudo systemctl daemon-reload

Now, start the new service, and enable it on every boot
$ sudo systemctl enable --now mycontainer.service

Check whether your new service is running
$ sudo systemctl status mycontainer.service


Monday, June 5, 2023

How to Install Clustercontrol Using Podman on Ubuntu 22.04

Clustercontrol is a database cluster management system, developed by severalnines. This tool is really useful if you want to install and manage multiple database clusters from one interface, easily. This tool supports many database types such as mysql, mariadb, postgresql, timescaledb and also redis.


This software can easily be installed using docker, just follow the instructions here. For podman users, worry not, below are the detailed instructions on how to do the same using podman. These steps have been tested on ubuntu 22.04, but they should run in any linux that support podman.

1. Make sure you have podman installed, please refer here if you have not install podman

2. Create some directories for clustercontrol's data and configuration
$ mkdir -p clustercontrol/{cmon.d,datadir,sshkey,cmonlib,backups,prom-data,prom-conf}

3. Get the machine's ip address
$ hostname -I

4. Copy ssh key into sshkey directory
$ cp ~/.ssh/id_rsa ~/clustercontrol/sshkey

4.1 If you don't have ssh keys yet, please follow here to generate a pair

5. Run clustercontrol using podman (image 1.9.5-4 is fully working at the time of writing of this article)
podman run -d --name clustercontrol \
-h clustercontrol \
-p 5000:80 \
-p 5001:443 \
-p 9443:9443 \
-p 19501:19501 \
-e DOCKER_HOST_ADDRESS=192.168.10.10 \
-v $PWD/clustercontrol/cmon.d:/etc/cmon.d \
-v $PWD/clustercontrol/datadir:/var/lib/mysql \
-v $PWD/clustercontrol/sshkey:/root/.ssh \
-v $PWD/clustercontrol/cmonlib:/var/lib/cmon \
-v $PWD/clustercontrol/backups:/root/backups \
-v $PWD/clustercontrol/prom-data:/var/lib/prometheus \
-v $PWD/clustercontrol/prom-conf:/etc/prometheus \
docker.io/severalnines/clustercontrol:1.9.5-4

6. Open a browser, and browse to https://192.168.10.10:5001, and replace the 192.16810.10 to your own ip address that you use in the command above. You should be able to see below page. Register and create user to start using clustercontrol.