Feed mysql SQL files from folder

File: mysql_restore.sh Line 1 Col 0 311

1
2
3
4
5
6
7
8
9
10
11
12
13
#!/bin/bash
#
FILES="$1/*"
for f in $FILES
do
    echo "Processing $f file..."
    # take action on each file. $f store current file name
    #cat $f
    cat $f | /usr/bin/mysql  --no-defaults --force --user=root --password=
    echo " >> finished "
    echo "---------------------------------"
    #break
done
1
2
3
4
5
6
7
8
9
10
#!/bin/bash
#
FILES="$1/*"
    echo "Processing $f file..."
    # take action on each file. $f store current file name
    #cat $f
    cat $f | /usr/bin/mysql  --no-defaults --force --user=root --password=****
    echo " >> finished "
    echo "---------------------------------"
    #break

create certificates

создаем сертификат и ключ :

1
2
3
4
5
6
7
cd /etc/ssl/

openssl genrsa -out ip209-253.dreamteam7.com.key 2048

openssl req -new -key ip209-253.dreamteam7.com.key -out ip209-253.dreamteam7.com.csr

openssl x509 -req -days 3650 -in ip209-253.dreamteam7.com.csr -signkey ip209-253.dreamteam7.com.key -out ip209-253.dreamteam7.com.csr

http://www.opennet.ru/base/net/apache_mod_ssl.txt.html

порядок действий СОЗДАЕМ сертификат для домена. и подписываем НАШИМ CA.ROOT :

на сервере :

1
2
3
4
5
6
cd /etc/ssl
export MYDOMAIN=mysql.wm.com.ru
openssl req -config ./ca.config -new -keyout $MYDOMAIN.req.pem -out $MYDOMAIN.req.pem  -days 10000
openssl ca -config ./ca.config -policy policy_anything -out $MYDOMAIN-cert.pem  -infiles $MYDOMAIN.req.pem

openssl rsa -in $MYDOMAIN.req.pem -out $MYDOMAIN-wwwkeyunsecure.pem

– создать privat key (newreq.pem) для запроса его подписи
openssl req -config ./ca.config -new -keyout $MYDOMAIN.pem -out $MYDOMAIN.pem -days 3650

– First strip the certificate from all its text to keep only the -CERTIFICATE- section
openssl x509 -in $MYDOMAIN.pem -out $MYDOMAIN.crt

– подписываем нашим CA-ROOT сертификатом
openssl ca -config ./ca.config -policy policy_anything -out $MYDOMAIN.signed.pem -infiles $MYDOMAIN.pem

– убираем из приват ключа пароль
openssl rsa -in $MYDOMAIN.pem -out $MYDOMAIN.wo.pwd.pem

– для сайта берем MYDOMAIN-wwwkeyunsecure.pem
– и не забыть РАЗНЫЕ СЕРТИФИКАТЫ вешать на РАЗЫНЕ ИП адреса !

24 August 2007, 19:12:57

ca.crt – это сертификат “—–BEGIN CERTIFICATE—–”
ca.key – это ПРИВАТНЫЙ КЛЮЧ “—–BEGIN RSA PRIVATE KEY—–”

1) нам надо создать сертификат
2) подписать его нашим CA сертификатом

СОЗДАНИЕ CA ROOT CERTIFICATE

Создание сертификата :
(1)
http://tldp.org/HOWTO/SSL-Certificates-HOWTO/x195.html
creates a new private key and a certificate request and place it as newreq.pem.
Enter a Common Name (CN) the main usage of the certificate for instance www.sopac.org if you want to secure the website www.sopac.org,
or enter franck@sopac.org if you want to use to secure the e-mails of franck@sopac.org

openssl req -config /etc/ca.config -new -keyout newreq.pem -out newreq.pem -days 365

1
2
3
cd /etc/ssl/
###openssl req -config ./ca.config -new -keyout su.host-lux.ru.pem -out su.host-lux.ru.pem  -days 1825
openssl req -config ./ca.config -new -keyout su.host-lux.ru-newreq.pem -out su.host-lux.ru-newreq.pem  -days 1825

Подписываем сертификат нашим СА

openssl ca -config /etc/ca.config -policy policy_anything -out newcert.pem -infiles newreq.pem

1
2
openssl ca -config ./ca.config -policy policy_anything -out su.host-lux.ru-cert.pem  -infiles su.host-lux.ru.pem
openssl ca -config ./ca.config -policy policy_anything -out su.host-lux.ru-newcert.pem  -infiles su.host-lux.ru-newreq.pem

will sign the request using the cacert.pem and commit the certificate as newcert.pem.
You will need to enter the passphrase of the cacert.pem (your CA Certificate).
The file newcerts/xx.pem will be created and index.txt and serial will be updated

You private key is in newreq.pem -PRIVATE KEY- and your certificate is in newcert.pem -CERTIFICATE-
A copy of newcert.pem is placed in newcerts/ with an adequate entry in index.txt so that a client can request this information via a web server to ensure the authenticity of the certificate.
Beware of your newreq.pem file, because it contains a certificate request, but also your private key. The -PRIVATE KEY- section is not required when you sign it. So if you request someone else to sign your certificate request, ensure that you have removed the -PRIVATE KEY- section from the file. If
you sign someone else 1
certificate request, request from this person its -CERTIFICATE REQUEST- section not its private key.

3.1.1. Using a certificate with mod_ssl in apache
First never use your self-signed root CA Certificate with any application and especially with apache as it requires you to remove the passphrase on your private key.
First generate and sign a certificate request with the Common Name (CN) as www.mysite.com. Remove any extra information to keep only the —CERTIFCATE — part.
The key needs to be made insecure, so no password is required when reading the private key. Take the newreq.pem files that contains your private key and remove the passphrase from it.
openssl rsa -in newreq.pem -out wwwkeyunsecure.pem

# openssl rsa -in newreq.pem -out wwwkeyunsecure.pem
# openssl rsa -in su.host-lux.ru.pem -out su.host-lux.ru-wwwkeyunsecure.pem

# openssl rsa -in su.host-lux.ru-newreq.pem -out su.host-lux.ru-wwwkeyunsecure.pem

2.5.4. Display a certificate
You may have a certificate in its coded form, to read the details of the certificate just issue the following command:
openssl x509 -in newcert.pem -noout -text

Как установить Debian Linux с USB flash

Как установить Debian Linux с USB flash

“Здесь я расскажу, как подготовить загрузочную USB флешку с Debian Lenny и установить с неё Debian на любой накопитель (IDE/USB HDD). Заметьте, что в этой статье описывается не то, как установить Debian на USB диск/флешку, а то, как создать «Инсталляционный USB диск». То есть результатом станет то, что вы сможете установить Debian Lenny с USB накопителя, вместо традиционного CD-ROM.”
продолжение читаем тут http://habrahabr.ru/post/53219/

Configure NGINX + Tomcat (+ Apache-PHP) on Linux Debian

Now, continue configure NGINX binding with Tomcat, it was start here

Recollect tomcat listens ( installation of Tomcat )

root@raid02:/# netstat -nepa | grep java
tcp        0      0 127.0.0.1:8005          0.0.0.0:*               LISTEN      107        2709901     6876/java
tcp        0      0 0.0.0.0:8080            0.0.0.0:*               LISTEN      107        2709898     6876/java
root@raid02:/#

As shown above now Tomcat/Java listen on ALL IP ADDRESS (0.0.0.0:8080) we want it listen only internal area 127.0.0.1:8080 Continue reading