Setting up my Android Device

Initial Setup

First, go through the default setup, connecting to Wi-Fi and Google.

Turn off backup to Google Drive.

Set up all of the methods of accessing phone (face recognition, etc.)

Configuration

  • Turn on night mode.
  • Set resolution to max.
  • Set navigation bar to full screen gestures
  • Show battery percentage
  • Set sound mode to vibrate

Turn off Bixby home.

Install the following apps from the Play Store:

  • Outlook (login, turn off notifs, swipe right delete, turn off focused inbox, week start Monday, set calendar widget)
  • Firefox (sign in)
  • Messenger (sign in, turn on dark mode, turn off chat bubbles)
  • Dropbox (sign in)
  • Instagram (sign in)
  • Netflix (sign in)
  • YNAB (sign in)
  • Slack (sign in)
  • Fly Delta (sign in)
  • Ecobee (sign in)
  • Fi (sign in)
  • Fitbit (sign in)
  • WhatsApp (sign in, turn off notifs)

Configure the following:

  • Youtube (turn on dark mode)

Uninstall the following:

  • Duo
  • Drive
  • Galaxy Wearable
  • Google Play Movies & TV
  • Kids Home
  • Photos
  • Samsung Global Goals
  • Samsung Health
  • Samsung Pay
  • Smart Switch
  • SmartThings
  • Spotify

Moving Resources to a Different Azure Tenant

Let’s say you have some resources in your Azure tenant that you want to move to a different tenant (such as if you’re going to transfer ownership of a particular set of resources to another company). You can do that with the following steps:

Move Existing Resources to A New Subscription

  1. Create a new subscription in your current tenant as the current account admin (use your own information, which you will change over later so you can be an Account Admin).
  2. Rename the subscription to something more meaningful to avoid confusion.
  3. Sign into your tenant and move the desired resources over to the new subscription (you may need to recreate certain resources as some resources cannot be moved).
    1. If running any VM backups, you’ll need to delete all images before you can move a VM over. After moving over, make sure to turn backups back on.

Transfer Subscription

Next, create a new Microsoft account, and create an Azure account to transfer the subscription to – using the phone and credit card of the responsible party. When going through this process, you’ll either need the person by you when setting up the account, or have them set it up on their own.

Once the account is created, go back to the newly created subscription from above and transfer billing ownership using the email account of the Azure account from above:

Setting up the transfer request will send an email to the above – and give them the directions to accept the transfer.

Additional Steps

Once the transfer is done, they will own the resources. Here’s a few more steps you may want to take:

Set up Custom Domain for Azure AD

To set up the ability to use a domain for login to the tenant, you’ll need DNS access to a preferred domain.

Create an Administrative User

If you want to keep the ability to administer the resources, create a user for yourself and give them the following:

  • Global Admin rights in Azure AD
  • Owner rights to the subscription

Upgrading nopCommerce

Upgrading nopCommerce is a manual process that requires a decent amonut to work to get in place. When upgrading, you’ll need to upgrade sequentially (3.80 -> 3.90 -> 4.00 -> etc.).

NOTE: When performing this process on a live site, make sure to close the store during the upgrade process so no changes occur on the site during upgrade.

Upgrade Database

First, you’ll need to upgrade the database using a script provided by nopCommerce. Download the script here based on the version and apply the changes in the SQL script to a copied version of the database.

Upgrade Site Files

The script above with have a README.txt file that describes the next steps, which is essentially:

  • Download the source code for the upgrade version
  • Porting over the specific configuration files (Settings.txt, InstalledPlugins.txt, etc.) and making sure to point to the newly created database above.

If storing images on the filesystem, make sure to copy images over in /Content/images as well.

At this point, you should be able to see the front page of the site.

Restore Theme

If you were using a theme in the previous version, you’ll need to get the correct version of it and restore it.

First, if there are any SQL scripts for the theme, run those on the upgraded database.

Upload the theme to the nopCommerce installation, alongside any plugins required by the theme.

After this is done, check the site again and confirm the new theme is being used.

Restore Plugins

Finally, go through the plugins from the original site and add the appropriate version. If you’re using the source code version of nopCommerce, you’ll want to make sure the plugin is set up to use the latest version of nopCommerce, and that it compiles.

Some plugins will require database upgrades as well.

Setting up Graylog in Azure

To get started with installing Graylog, do the following:

Create a VM using the following:

  • Image: Ubuntu 18.04 LTS
  • Minimum Size: B2s (~$30/month)
  • Open ports 80,443,22

SSH into the server and follow this guide to get Graylog installed.

To set up public access, set the following variables in Graylog config file:

http_bind_address = PRIVATE_IP
http_external_uri = http://<PUBLIC_IP>

Once fully installed, set up an Apache reverse proxy:

sudo apt-get install apache2 -y
sudo a2enmod proxy_http proxy_ajp rewrite deflate headers proxy_balancer proxy_connect proxy_html ssl lbmethod_byrequests slotmem_shm proxy

Edit /etc/apache2/sites-enabled/000-default.conf:

ProxyPass "/"  "http://PRIVATE_IP:9000/"
ProxyPassReverse "/"  "http://PRIVATE_IP:9000/"

Then restart both servers:

sudo systemctl restart graylog-server.service
sudo systemctl restart apache2

To verify installation, access at <IP_ADDRESS> to verify the installation. If you see the Graylog login screen, you’ve successfully set up the server.

Finish by setting the SSH networking rule to a trusted IP to improve security.

Set up HTTPS using Let’s Encrypt

To set up HTTPS using Let’s Encrypt, use the Certbot directions.

Once that’s done, make sure to change http_external_uri in the Graylog config file and restart Graylog.

Send Kubernetes Logs to Graylog

First, SSH into the server and configure Elasticsearch (/etc/elasticsearch/elasticsearch.yml) to bind to the private IP of the VM:

network.host: PRIVATE_IP

Restart Elasticsearch, then configure Graylog to listen to the new Elasticsearch host:

elasticsearch_hosts = http://PUBLIC_IP:9200

Restart Graylog, then open the firewall to allow for port 9200 to be accessible by the cluster IP. Confirm access by trying to hit port 9200.

Next, set up an input in Graylog.

After that, create the RBAC role for the cluster (fluentd-rbac.yml):

apiVersion: v1
kind: ServiceAccount
metadata:
  name: fluentd
  namespace: kube-system

---

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: fluentd
  namespace: kube-system
rules:
- apiGroups:
  - ""
  resources:
  - pods
  - namespaces
  verbs:
  - get
  - list
  - watch

---

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: fluentd
roleRef:
  kind: ClusterRole
  name: fluentd
  apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
  name: fluentd
  namespace: kube-system

Then create the daemonset, changing the container environment variables as needed (fluentd-daemonset.yml):

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd
  namespace: kube-system
  labels:
    k8s-app: fluentd-logging
    version: v1
spec:
  selector:
    matchLabels:
      k8s-app: fluentd-logging
      version: v1
  template:
    metadata:
      labels:
        k8s-app: fluentd-logging
        version: v1
    spec:
      tolerations:
      - key: node-role.kubernetes.io/master
        effect: NoSchedule
      containers:
      - name: fluentd
        image: fluent/fluentd-kubernetes-daemonset:v1.4-debian-elasticsearch
        env:
          - name:  FLUENT_ELASTICSEARCH_HOST
            value: "YOUR_GRAYLOG_HOST"
          - name:  FLUENT_ELASTICSEARCH_PORT
            value: "9200"
          - name: FLUENT_ELASTICSEARCH_SCHEME
            value: "http"
          # Custom values for each cluster
          - name: FLUENT_ELASTICSEARCH_LOGSTASH_PREFIX
            value: "YOUR_LOG_PREFIX"
        resources:
          limits:
            memory: 200Mi
          requests:
            cpu: 100m
            memory: 200Mi
        volumeMounts:
        - name: varlog
          mountPath: /var/log
        - name: varlibdockercontainers
          mountPath: /var/lib/docker/containers
          readOnly: true
      terminationGracePeriodSeconds: 30
      volumes:
      - name: varlog
        hostPath:
          path: /var/log
      - name: varlibdockercontainers
        hostPath:
          path: /var/lib/docker/containers

Deploy both of these out:

kubectl create -f fluentd-rbac.yml
kubectl create -f fluentd-daemonset.yml

Then check the logs of the daemonset to confirm correct connection:

kubectl get pods -n kube-system
kubectl logs FLUENTD_POD -n kube-system

Increase Heap Size

To increase the heap size, edit /etc/default/graylog-server, then restart graylog-server.service.

References

https://mherman.org/blog/logging-in-kubernetes-with-elasticsearch-Kibana-fluentd/#fluentd

Setting up ELK in Azure with Bitnami

To get started with using ELk in Azure, do the following:

Create a VM using the ‘ELK Certified by Bitnami‘ image.

Next, you’ll need to get the credentials to log into the application – look into the serial log of Boot Diagnostics of the VM to access the username and password. If needed, a guide is available.

Access the public IP of the VM created, and log in using the credentials above. Kibana should open up and allow for importing sample data.

Once set up, the first thing to do is reset the default password – you can do that with:

sudo htpasswd -c /opt/bitnami/kibana/conf/password user

More information here.

Send Logs from AKS

To send logs from AKS, set up Fluentd, making sure to open port 9200 to the cluster IP.

Set up Azure AD Authentication

To set up Azure AD Authentication, an Azure AD Premium subscription is required. A guide can be found at Elastic’s site.

Upgrading PHP in Ubuntu

Before doing this, I recommend backing up your system, in case things go wrong.

To upgrade to the latest version of PHP in Ubuntu, first, update the system:

sudo apt-get update && sudo apt-get upgrade

Then add the third-party repository:

sudo apt-get install software-properties-common && sudo add-apt-repository ppa:ondrej/php && sudo apt-get update

Finally, upgrade PHP to the latest version:

sudo apt-get install php7.4

If upgrading PHP for WordPress, you’ll need a few more modules:

sudo apt-get install php7.4-mysql php7.4-curl php7.4-dom php7.4-imagick php7.4-mbstring php7.4-zip php7.4-gd

If using Apache, you’ll need to set the correct PHP version:

# list modules
sudo apache2ctl -M

# deactivate old PHP
sudo a2dismod php7.2

#activate new PHP
sudo a2enmod php7.4

#restart apache
sudo systemctl restart apache2

Using Azure Storage to Backup Data

If you’re looking for an easy and cheap way to back up infrequently used data, you can set up a storage account in Azure with the following settings:

  • Location: closest to your location.
  • Performance: Standard.
  • Account Kind: BlobStorage
  • Replication: Locally-redundant storage
  • Access tier: Cool

After the storage account is created, you can upload your compressed files (suggested to maximize efficiency) to containers inside the storage account.

Once the files are uploaded, you have the option to change to the Archive access tier, which is useful for files you don’t plan on accessing frequently. This data, if ever needed, will take much longer to access.

My suggestion on above – stick to the cool tier and when looking for ways to save money on costs, change different blobs to archive tier as you find you won’t need to access.

Check out more details on pricing and more details on different access tiers.

Configuring Arch Linux

If you’re installed Arch Linux, the next step is configuring the system to work as desired. In this guide, I walk through my general configuration of a newly installed Arch Linux instance.

Configure Internet

Set up networkmanager and if wireless, connect to an internet source:

sudo systemctl enable NetworkManager.service
sudo systemctl start NetworkManager.service

# connect to wireless
nmcli device wifi list
nmcli device wifi connect SSID password PASSWORD

Confirm access using ping.

Set up Desktop Environment

Set up xorg by install the following packages:

  • xorg
  • xterm
  • xorg-xinit
  • xorg-xclock
  • xorg-twm

Test by starting startx.

Install the following packages to set up the window and display manager

  • awesome
  • lightdm
  • lightdm-gtk-greeter
  • (if desktop)
    • nvidia
    • nvidia-settings
    • pkg-config

Configure LightDM:

sudo systemctl enable lightdm.service
sudo systemctl start lightdm.service

You should now have a graphical display running.

Configure Desktop Environment

First, set up firefox and sign in to sync all current changes.

Set up Multi-Monitors

If using multiple monitors, set them up:

sudo nvidia-xconfig

Reboot computer, then run:

sudo nvidia-settings

Save settings to the X config file.

Set up Dropbox

To configure the graphical system, get Dropbox synced to be able to use saved entries. First, install yay:

sudo pacman -S base-devel
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si

Then import public key:

gpg --recv-keys --keyserver hkp://pgp.mit.edu:80 FC918B335044912E

Install Dropbox:

yay -S dropbox

Finally, start and sign in to Dropbox.

Link Existing Configurations

Make symlinks for the following:

mkdir ~/.config/awesome
ln -s ~/Dropbox/config/rc.lua ~/.config/awesome/rc.lua
ln -s ~/Dropbox/config/Xresources-desktop ~/.Xresources

Reboot.

Setting up Laptop

Install the following packages:

  • cbatticon
  • acpilight

To make backlight changes using keyboard shortcuts, edit the /etc/rc.local file.

chgrp -R backlighters /sys/class/backlight
chmod g+w /sys/class/backlight/*/*

Then add your user to the ‘backlighters’ group:

sudo groupadd backlighters
sudo usermod -aG backlighters dfar

Restart and test the ability to inc/dec backlight with Fn+F11/F12

Installing and Configure Software

Essentials

Install nautilus, flameshot, evince, and calc.

Using yay, install systemd-numlockontty, and then enable numLockOnTty

sudo systemctl enable numLockOnTty

Web Browsing/Mail/Chat

Install qbittorrent, gnome-keyring, and libsecret.

Install mailspring via yay, then add accounts, set to dark, and set signature.

Install franz via yay and sign in to all accounts, then turn on dark more and turn off todos.

Sound/Video Management

Install vlc, pulseaudio, pasystray, and pavucontrol.

Software Development

Install the following packages:

  • code
  • dotnet-sdk
  • otf-fira-code
  • nodejs
  • terraform
  • intellij-idea-community-edition
  • insomnia (yay)
  • azure-cli (yay)
  • azure-functions-core-tools-bin (yay)
  • azuredatastudio (yay)

Sync settings in VSCode.

Networking

For VPN, install openvpn, network-manager-applet, and networkmanager-openvpn. Connect to all OpenVPN instances (log in using web and download profiles).

For RDP, install remmina and freerdp, then connect to all RDP boxes.

Virtualization

Install gnome-boxes, then create a Win10 box with 8GB memory, 100GB HDD. Install the following software using chocolatey:

  • git
  • visualstudio2019community
  • sql-server-management-studio
  • sql-server-express

Scanner/Printer

Install sane and imagescan. Then run utsushi for scanning.

For printing, install cups, nss-mdns, avahi, python-gobject, pygtk, python-dbus, and then enable and start the services:

sudo systemctl enable org.cups.cupsd.service
sudo systemctl start org.cups.cupsd.service
sudo systemctl start avahi-daemon.service

Edit /etc/nsswitch.conf and change the hosts line to include before resolve and dns:

mdns_minimal [NOTFOUND=return]

Now find the printer’s IP address:

avahi-discover

And add the printer:

lpadmin -p OfficePrinter -E -v ipp://IP_ADDRESS/ipp/print -m everywhere

Installing Arch Linux

Setting up USB Boot Media

Windows – use Rufus (you may need to use GPT && DD image mode)

Installation

First, boot the Arch Linux USB stick onto the computer of choice. After finished loading, you should see a command terminal.

To increase font size during install, use:

setfont /usr/share/kbd/consolefonts/latarcyrheb-sun32.psfu.gz

Connect To Internet

Wired, use ping to confirm access.

Wireless – run: wifi-menu -o, select a network, then verify access using ping.

Synchronize Clock

To set the clock, run:

timedatectl set-ntp true
timedatectl status

Set up Partitions

If needed, set up partitions for the overall system. First, use parted -l to determine both:

  • Which disk you want to use
  • Whether partition table is GPT

If needed, convert to GPT using fdisk disk.

Use cfdisk to create the following partitions (remember when sizing, you can use +512M for ease):

Mount PointPartitionPartition TypeSize
/mnt/boot/dev/sda1EFI System512MB
/mnt/dev/sda2Linux root (x86-64)remaining
SWAP/dev/sda3Linux swap8GB

Format & Mount Partitions

Now format the partitions (using parted -l to list disks):

mkfs.fat <EFI_DISK>
mkfs.ext4 <PRIMARY_DISK>
mkswap <SWAP_DISK>
swapon <SWAP_DISK>

Mount the newly formatted partitions:

mount <PRIMARY_DISK> /mnt
mkdir /mnt/boot
mount <EFI_DISK> /mnt/boot

Perform Arch Installation

Edit the /etc/pacman.d/mirrorlist file and set it to have just 12 United States entries.

Install base Arch Linux:

pacstrap /mnt base linux linux-firmware nano grub efibootmgr networkmanager git firefox sudo

Generate an fstab file:

genfstab -U /mnt >> /mnt/etc/fstab

Change root into the new system to set time zone and localization:

arch-chroot /mnt

ln -sf /usr/share/zoneinfo/America/Detroit /etc/localtime
hwclock --systohc

Change the default console font size at /etc/vconsole.conf:

FONT=latarcyrheb-sun32

Generate locales and set locale:

# comment out needed locales
nano /etc/locale.gen
locale-gen

nano /etc/locale.conf

# set content to LANG=en_US.UTF-8

Set up network configuration (computer name):

# set computer name
nano /etc/hostname 

# configure hosts file, add contents below
nano /etc/hosts

127.0.0.1	localhost
::1		localhost
127.0.1.1	YOUR_HOSTNAME.localdomain	YOUR_HOSTNAME

Create a root password with passwd.

Configure GRUB boot loader:

grub-install /dev/sda --efi-directory=/boot

grub-mkconfig -o /boot/grub/grub.cfg

(Optional) Create Non-Root User

You’ll want to perform your daily activities without using the root user.

useradd -m dfar
passwd dfar
usermod -aG wheel,audio,video,optical,storage dfar

Edit the /etc/sudoers file and allow users of wheel group to execute any command.

Conclusion

Finally, reboot the system:

exit

shutdown now

To verify, remove the USB stick used for installation, and turn on the computer.

You should be able to log in as either the root user or the newly created user specified earlier. If you end up at the terminal, you’ve successfully installed Arch Linux!

Next step involves configuring the base system.

Test Disk I/O Benchmarks in Linux

To test read/write speeds of a drive in Linux, you can run dd to check write speed:

dd if=/dev/zero of=./test bs=512k count=2048 oflag=direct

and read speed (need to clear cache beforehand to get an accurate reading, read more):

sudo /sbin/sysctl -w vm.drop_caches=3
dd if=./test of=/dev/zero bs=512k count=2048

Should get a result like the following for write speed:

and read speed: