How To Set up OpenVPN Server In 5 Minutes on Ubuntu Linux

am a new Ubuntu Linux server user. How do I setup an OpenVPN Server on Ubuntu Linux version 14.04, or 16.04/18.04 LTS server to shield my browsing activity from bad guys on public Wi-Fi, and more?

OpenVPN is a full-featured SSL VPN (virtual private network). It implements OSI layer 2 or 3 secure network extension using the SSL/TLS protocol. It is an open source software and distributed under the GNU GPL. A VPN allows you to connect securely to an insecure public network such as wifi network at the airport or hotel. VPN is also required to access your corporate or enterprise or home server resources. You can bypass geo-blocked site and increase your privacy or safety online. This tutorial provides step-by-step instructions for configuring an OpenVPN “road warrior” server on Ubuntu Linux v14.04/16.04/18.04 LTS (19.10) version including ufw/iptables firewall configuration. The steps are as follows:
  1. Find and note down your public IP address
  2. Download openvpn-install.sh script
  3. Run openvpn-install.sh to install OpenVPN server
  4. Connect an OpenVPN server using IOS/Android/Linux/Windows client
  5. Verify your connectivity

Find your public IP address

Use any one of the following command to find out your IPv4 public address. If your internface name is eth0 or eth1, enter:
$ ip addr show eth0
OR
$ ip addr show eth1
Or use the host command or dig command as follows:
$ host myip.opendns.com resolver1.opendns.com
OR
$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
Sample outputs:
Fig.01: Find out your public IPv4 address using the CLI
Fig.01: Find out your public IPv4 address using the CLI

Note down the public IP address 139.59.1.155 i.e. public ip address of your OpenVPN server.

Download openvpn-install.sh script to set up OpenVPN server in 5 minutes on Ubuntu

Type the following wget command or curl command:
$ wget https://git.io/vpn -O openvpn-install.sh
Sample outputs:
--2018-07-25 17:17:22--  https://git.io/vpn
Resolving git.io (git.io)... 52.3.63.2, 52.44.230.61, 52.4.95.48, ...
Connecting to git.io (git.io)|52.3.63.2|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh [following]
--2018-07-25 17:17:22--  https://raw.github.com/Nyr/openvpn-install/master/openvpn-install.sh
Resolving raw.github.com (raw.github.com)... 151.101.48.133
Connecting to raw.github.com (raw.github.com)|151.101.48.133|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh [following]
--2018-07-25 17:17:22--  https://raw.githubusercontent.com/Nyr/openvpn-install/master/openvpn-install.sh
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.48.133
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.48.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 14196 (14K) [text/plain]
Saving to: ‘openvpn-install.sh’
 
openvpn-install.sh                                   100%[=====================================================================================================================>]  13.86K  --.-KB/s    in 0s      
 
2018-07-25 17:17:22 (39.0 MB/s) - ‘openvpn-install.sh’ saved [14196/14196]

Run openvpn-install.sh to install OpenVPN server

Type the following command:
$ sudo bash openvpn-install.sh
When prompted set IP address to 139.59.1.155 and Port to 1194. Use Google or OpenDNS DNS servers with the vpn. Next, type client name (such as iPhone, Nexus6, LinuxRouter etc). Finally, press [Enter] key to install and set up OpenVPN on your system:
Fig.02: Setting up OpenVPN Server In 5 Minutes on Ubuntu
Fig.02: Setting up OpenVPN server on an Ubuntu Linux server v16.04 LTS

The script will now generate keys, DH parameters and more as follows:
Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue...
Get:1 http://security.ubuntu.com 
......
...
..
--2016-06-27 17:10:38--  https://github.com/OpenVPN/easy-rsa/releases/download/3.0.1/EasyRSA-3.0.1.tgz
Resolving github.com (github.com)... 192.30.252.120
Connecting to github.com (github.com)|192.30.252.120|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://github-cloud.s3.amazonaws.com/releases/4519663/9dab10e8-7b6a-11e5-91af-0660987e9192.tgz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAISTNZFOVBIJMK3TQ%2F20160627%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20160627T114040Z&X-Amz-Expires=300&X-Amz-Signature=717ae4f606d1999b4c7c164ae06d163c494197f04aafffa9f760a8e0bf136136&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response-content-type=application%2Foctet-stream [following]
--2016-06-27 17:10:40--  https://github-cloud.s3.amazonaws.com/releases/4519663/9dab10e8-7b6a-11e5-91af-0660987e9192.tgz?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAISTNZFOVBIJMK3TQ%2F20160627%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20160627T114040Z&X-Amz-Expires=300&X-Amz-Signature=717ae4f606d1999b4c7c164ae06d163c494197f04aafffa9f760a8e0bf136136&X-Amz-SignedHeaders=host&actor_id=0&response-content-disposition=attachment%3B%20filename%3DEasyRSA-3.0.1.tgz&response-content-type=application%2Foctet-stream
Resolving github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)... 54.231.72.3
Connecting to github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)|54.231.72.3|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 40960 (40K) [application/octet-stream]
Saving to: ‘/root/EasyRSA-3.0.1.tgz’
 
/root/EasyRSA-3.0.1.tgz       100%[================================================>]  40.00K  38.8KB/s   in 1.0s   
 
2016-06-27 17:10:43 (38.8 KB/s) - ‘/root/EasyRSA-3.0.1.tgz’ saved [40960/40960]
 
 
init-pki complete; you may now create a CA or requests.
Your newly created PKI dir is: /etc/openvpn/easy-rsa/pki
Generating a 2048 bit RSA private key
........+++
...............................................................................................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/ca.key.BjRh5frdDd'
-----
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
....+.....+................................................................................+..................................................................................................................................................................+......................................
...
..
.................................................................................................................+........................................................................................................................................+.................................+......................................................+...++*++*
 
DH parameters of size 2048 created at /etc/openvpn/easy-rsa/pki/dh.pem
 
Generating a 2048 bit RSA private key
.......................................................................+++
..................................................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/server.key.9ieuluTC2R'
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'server'
Certificate is to be certified until Jun 25 11:55:48 2026 GMT (3650 days)
 
Write out database with 1 new entries
Data Base Updated
Generating a 2048 bit RSA private key
.........+++
.........+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/iphone.key.lokNfOiobc'
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'iphone'
Certificate is to be certified until Jun 25 11:55:48 2026 GMT (3650 days)
 
Write out database with 1 new entries
Data Base Updated
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
 
An updated CRL has been created.
CRL file: /etc/openvpn/easy-rsa/pki/crl.pem
 
244
 
Looks like your server is behind a NAT!
 
If your server is NATed (e.g. LowEndSpirit), I need to know the external IP
If that's not the case, just ignore this and leave the next field blank
External IP:
That is all. Your OpenVPN server has been configured and ready to use. You can see added firewall rules /etc/rc.local file:
$ cat /etc/rc.local
Sample outputs:
iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -I INPUT -p udp --dport 1194 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 139.59.1.155
You can view your openvpn server config file generated by the script as follows (do not edit this file by hand):
$ sudo more /etc/openvpn/server.conf
$ sudo vi /etc/openvpn/server.conf

Sample outputs:
port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-128-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem

How do I start/stop/restart OpenVPN server on Ubuntu Linux 16.04/18.04 LTS?

Type the following command stop the OpenVPN service:
$ sudo systemctl stop openvpn@server
Type the following command start the OpenVPN service:
$ sudo systemctl start openvpn@server
Type the following command restart the OpenVPN service:
$ sudo systemctl restart openvpn@server

How do I start/stop/restart OpenVPN server on Ubuntu Linux 14.04 LTS?

Type the following command stop the OpenVPN service:
$ sudo /etc/init.d/openvpn stop
Type the following command start the OpenVPN service:
$ sudo /etc/init.d/openvpn start
Type the following command restart the OpenVPN service:
$ sudo /etc/init.d/openvpn restart

{Optional} How to configure and use the ufw firewall rules for the OpenVPN server

The default rules added to the /etc/rc.local file should work out of the box. However, if you have complicated firewall settings or prefer ufw to control all firewall settings on Ubuntu Linux server, try the following. First, edit the /etc/rc.local file using a text editor and comment out all firewall rules added by the script. Type the following ufw command to open port 1194 and 22 (ssh):
$ sudo ufw allow 1194/udp
$ sudo ufw allow 22/tcp

Edit the file /etc/ufw/before.rules, enter:
$ sudo vi /etc/ufw/before.rules
At top of the file add the following rules:
# START OPENVPN RULES by vg
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
#****************************************[README]*****************************************************#
# Allow traffic from OpenVPN client to 139.59.1.155. Replace 139.59.1.155 with your actual IP address*#
#****************************************[README]*****************************************************#
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source  139.59.1.155
COMMIT
# END OPENVPN RULES by vg
Next scroll down and find the comment that read s follows
# ok icmp code for FORWARD
Append the following rules:
#OpenVPN Forward by vg
-A ufw-before-forward -m state --state RELATED,ESTABLISHED -j ACCEPT
-A ufw-before-forward -s 10.8.0.0/24 -j ACCEPT
-A ufw-before-forward -i tun+ -j ACCEPT
-A ufw-before-forward -i tap+ -j ACCEPT
#OpenVPN END by vg
Save and close the file. Next edit the /etc/ufw/sysctl.conf file, enter:
$ sudo vi /etc/ufw/sysctl.conf
Find and uncomment the following line to allow this host to route packets between interfaces
net/ipv4/ip_forward=1
Save and close the file. Enable ufw or reload if already running:
$ sudo ufw enable
OR
$ sudo ufw reload
Verify new firewall rules:
$ sudo ufw status
$ sudo iptables -t nat -L -n -v
$ sudo iptables -L FORWARD -n -v
$ sudo iptables -L ufw-before-forward -n -v

Client configuration

On server your will find a client configuration file called ~/iphone.ovpn. All you have to do is copy this file to your local desktop using the scp and provide this file to your OpenVPN client to connect:
$ scp vivek@139.59.1.155:~/iphone.ovpn .
Next, you need to download OpenVPN client as per your operating system:

MacOS/OS X OpenVPN client configuration

Just double click on iphone.ovpn file and it will open in your tunnelblick client > Click on the “Only me” to install it.
Fig.03: MacOS / OS X openvpn client configuration
Fig.03: MacOS / OS X openvpn client configuration

Once installed click on Connect button and you will be online. Use the following command on MacOS client to verify that your public IP changed to the VPN server IP:
$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com
You can ping to OpenVPN server private IP:
$ ping 10.8.0.1

Linux OpenVPN client configuration

First, install the openvpn client, enter:
$ sudo yum install openvpn
OR
$ sudo apt install openvpn
Next, copy iphone.ovpn as follows:
$ sudo cp iphone.ovpn /etc/openvpn/client.conf
Test connectivity from the CLI:
$ sudo openvpn --client --config /etc/openvpn/client.conf
Your Linux system will automatically connect when computer restart using /etc/init.d/openvpn script:
$ sudo /etc/init.d/openvpn start
For systemd based system, use the following command:
$ sudo systemctl start openvpn@client
Test the connectivity:
$ ping 10.8.0.1 #Ping to OpenVPN server gateway
$ ip route #Make sure routing setup
$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com #Make sure your public IP set to OpenVPN server

FreeBSD OpenVPN client configuration

First, install the openvpn client, enter:
$ sudo pkg install openvpn
Next, copy iphone.ovpn as follows:
$ mkdir -p /usr/local/etc/openvpn/
$ sudo cp iphone.ovpn /usr/local/etc/openvpn/client.conf

Edit /etc/rc.conf and add the following:
openvpn_enable="YES"
openvpn_configfile="/usr/local/etc/openvpn/client.conf"
Start the OpenVPN service:
$ sudo /usr/local/etc/rc.d/openvpn start
Verify it:
$ ping 10.8.0.1 #Ping to OpenVPN server gateway
$
$ netstat -nr #Make sure routing setup
$
$ drill myip.opendns.com @resolver1.opendns.com #Make sure your public IP set to OpenVPN server

How do I add a new client?

For demo purpose I added a new device called iphone. Let us add one more device called googlephone by running the script again:
$ sudo bash openvpn-install.sh
Sample outputs:
Looks like OpenVPN is already installed

What do you want to do?
   1) Add a cert for a new user
   2) Revoke existing user cert
   3) Remove OpenVPN
   4) Exit
Select an option [1-4]: 
Select option 1 and type googlephone as a client name:
Tell me a name for the client cert
Please, use one word only, no special characters
Client name: googlephone
Generating a 2048 bit RSA private key
.........+++
.................................................................................................+++
writing new private key to '/etc/openvpn/easy-rsa/pki/private/googlephone.key.FNaDMaP56c'
-----
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
commonName            :ASN.1 12:'googlephone'
Certificate is to be certified until Sep 25 07:31:46 2027 GMT (3650 days)
 
Write out database with 1 new entries
Data Base Updated
 
Client googlephone added, certs available at ~/googlephone.ovpn
Now you can use googlephone.ovpn with Google Android phone. You can add as many users you want using this method.

How do I delete/revoke existing user certificate?

Run the script:
$ sudo bash openvpn-install.sh
Sample outputs:
Looks like OpenVPN is already installed

What do you want to do?
   1) Add a cert for a new user
   2) Revoke existing user cert
   3) Remove OpenVPN
   4) Exit
Select an option [1-4]: 
Type 2 option and you will see a list of all the existing client certificate you want to revoke:
Select the existing client certificate you want to revoke
     1) iphone6
     2) googlephone
     3) delllaptop
     4) macbook
Select one client [1-4]: 2
Sample outputs when I revoked googlephone certificate:
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf
Revoking Certificate 09.
Data Base Updated
Using configuration from /etc/openvpn/easy-rsa/openssl-1.0.cnf

An updated CRL has been created.
CRL file: /etc/openvpn/easy-rsa/pki/crl.pem


Certificate for client googlephone revoked

Conclusion

And there you have it, OpenVPN server installed in five minutes to increase your privacy. Please see OpenVPN project here and road warrior installer Linux script github page here.

Backup Otomatis Setingan Mikrotik Ke Email Dengan Menggunakan Script dan Scheduler

Ada kalanya kita harus melakukan backup setingan Mikrotik secara rutin guna menghindari hal-hal yang tidak di inginkan, misalnya Mikrotik mengalami kerusakan atau terkena hack, apabila terjadi kerusakan hardware Mikrotik kita bisa dengan cepat mengganti Mikrotik tanpa melakukan konfigurasi dari awal cukup merestore file backup saja.
Untuk melakukan backup secara rutin kita bisa melakukannya dengan mengirimkan file backup ke ftp dengan mengikuti langkah-langkah pada tutorial berikut ini: Backup Otomatis Setingan Mikrotik Ke Server FTP Dengan Menggunakan Script dan Scheduler
Untuk mengirimkan file backup ke email pastikan jam di Mikrotik telah sesuai, selanjutnya tambahkan pengaturan untuk email seperti pada gambar dibawah ini.
Untuk pengaturan gmail:
  • Server: 74.125.68.109
  • Prt: 587
  • Star TLS: Yes
  • Username dan Password
Terlebih dahulu lakukan tes email dengan cara Send Email, seperti pada gambar dibawah ini.
Pastikan akses login dari pihak ketiga di akun Gmail anda telah aktif dengan cara masuk ke halaman berikut ini jangan lupa login terlebih dahulu ke akun Gmail anda https://myaccount.google.com/u/0/lesssecureapps
Apabila Mikrotik berhasil mengirimkan email ditandai dengan diterimanya email yang dikirim oleh Mikrotik, kita bisa melakukan tahap selanjutnya.
Jalankan script ini di system-scheduler, saya menggunakan interval 1d (1 Hari).
/system backup save name=”router-labkom.co.id”
/tool e-mail send to=”admin@labkom.co.id” subject=”Backup Router Labkom.co.id” body=”File backup ini dikirim secara otomatis via email” file=”router-labkom.co.id” start-tls=yes
File backup Mikrotik berhasil dikirim ke email.
Atau bisa dengan menggunakan script ini lalu dijalankan dengan system-scheduler dan atur interval yang kalian inginkan. Script ini akan mengirimkan file backup ke email sesuai dengan tanggal dan waktu ketika di backup, lalu akan menghapus file backup tersebut sehingga tidak akan memakan space pada Mikrotik kalian.
:local identity [/system identity get name]
:local date [/system clock get date] 
:local time [/system clock get time]
:local day [ :pick $date 4 6 ]
:local month [ :pick $date 0 3 ]
:local year [ :pick $date 7 11 ]

:local months {"jan"="01";"feb"="02";"mar"="03";"apr"="04";"may"="05";"jun"="06";"jul"="07";"aug"="08";"sep"="09";"oct"="10";"nov"="11";"dec"="12"}
:local monthr {"jan";"feb";"mar";"apr";"may";"jun";"jul";"aug";"sep";"oct";"nov";"dec"}

:set month ($months->$month)
:set time ( [:pick $time 0 2].[:pick $time 3 5].[:pick $time 6 8] )

:local filename "$identity-$year$month$day-$time"
:put $filename

/system backup save name=$filename
:delay 3s
/tool e-mail send to="admin@labkom.co.id" subject="Backup Router Labkom.co.id" body="File backup ini dikirim secara otomatis via email" file="$filename.backup" start-tls=yes
:delay 3s
/file remove $filename
File backup yang diterima oleh email seperti pada gambar dibawah ini:
Nah itulah dua cara untuk membackup secara otomatis konfigurasi Mikrotik, semoga bermanfaat.

MENAMBAHKAN HARDDISK SECONDARY DALAM SERVER PROXMOX

Disini saya akan berbagi tentang   :
MENAMBAHKAN HARDDISK SECONDARY DALAM SERVER PROXMOX



A. PENGERTIAN 
Pengertian Secondary harddisk adalah membuat 2 hardisk dalam penyimpanan proxmox ,maksudnya adalah 1hardisk primer menjadi penyimpanan data proxmoxnya dan yang seconder menjadi penyimpanan VM dari proxmoxnya.



B. LATAR BELAKANG 
Latar belakang saya dan teman teman saya menambah hardisk seconder dalam server Proxmox adalah karena pada PC server Proxmox dari sekolahan saya memiliki hardisk yang kurang memedai dari mestinya maka dari itu saya dan teman teman saya menambahkan harddisk soconder.



C. MAKSUD DAN TUJUAN 
Maksud dan tujuan saya adalah ingin menambah jumlah penyimpanan pada PC server proxmox dari sekolahan saya.


D. JANGKA WAKTU.

Jangka waktu saya memahami dan menambahkan harddisk seconder pada PC kami adalah kisaran 2 jam.



E. ALAT DAN BAHAN
- PC untuk server
- latop
- harddisk seconder
- monitor


F. LANGKAH KERJA
1. pastikan harddisk seconder sudah terpasang pada sata ke 2. Karena pada sata 1 saya buat untuk harddisk penyimpanan system dari proxmox.

2. dan untuk mengecek apakah sudah terdeteksi belum bisa di cek pada BIOS 

3. selanjutnya kita cek harddisk secondernya terdeteksi dimana dengan perintah "fdisk -l". maka akan muncul tampilan seperti ini




pada tempat saya harddisk secondernya terdapat pada /dev/sdb/

4. setelah itu jika harddisk secondernya masih terdapat data atau bekas installasi OS maka format terlebih dahulu dengan perintah mkfs.ext3 /dev/sdb.

5. Setelah itu buat  physical volume dulu di /dev/sdb dengan perintah  " pvcreate /dev/sdb "maka akan muncul tampilan seperti ini.


6. Kemudian kita membuat volume Grup  dengan perintah " vgcreate secondary_HDD. maka akan muncul tampilan seperti ini

7. selesai untuk mengkonfigurasi harddisknya kemudian remote proxmox dengan browser dengan mengetikan URL dengan IP proxmoxnya

8. kemudian masuk ke "DATACENTER>STORAGE>ADD>LVM".



9. kemudian masukan ID dan volume Grup


10. Langkah selesai ditandai dengan tampilan berikut


11. Selesai kemudia install VM nya pada secondary_HDD.



G. REFERENSI 

http://indahnet99.blogspot.co.id/2015/12/menambahkan-secondary-hardisk-pada.html


H. KESIMPULAN

Kesimpulan saya dalam menambah harddisk seconder adalah ternyata dalam 1 pc dapat diberi 2 harddisk.
SEKIAN DARI SAYA TERIMA KASIH
SEMANGAT PAGI.......
WASSALAMUALAIKUM WR.WB

Install Mikrotik CHR on a Digital Ocean droplet

Install Mikrotik CHR on a Digital Ocean droplet
wget http://download2.mikrotik.com/routeros/6.40.5/chr-6.40.5.img.zip -O chr.img.zip && \
gunzip -c chr.img.zip > chr.img && \
apt-get update && \
apt install -y qemu-utils pv && \
qemu-img convert chr.img -O qcow2 chr.qcow2 && \
qemu-img resize chr.qcow2 `fdisk /dev/vda -l | head -n 1 | cut -d',' -f 2 | cut -d' ' -f 2` && \
modprobe nbd && \
qemu-nbd -c /dev/nbd0 chr.qcow2 && \
echo "Give some time for qemu-nbd to be ready" && \
sleep 2 && \
partx -a /dev/nbd0 && \
mount /dev/nbd0p2 /mnt && \
ADDRESS=`ip addr show eth0 | grep global | cut -d' ' -f 6 | head -n 1` && \
GATEWAY=`ip route list | grep default | cut -d' ' -f 3` && \
echo "/ip address add address=$ADDRESS interface=[/interface ethernet find where name=ether1]
/ip route add gateway=$GATEWAY
/ip service disable telnet
/user set 0 name=root password=xxxxxx
" > /mnt/rw/autorun.scr && \
umount /mnt && \
echo "Magic constant is 65537 (second partition address). You can check it with fdisk before appliyng this" && \
echo "This scary sequence removes seconds partition on nbd0 and creates new, but bigger one" && \
echo -e 'd\n2\nn\np\n2\n65537\n\nw\n' | fdisk /dev/nbd0 && \
e2fsck -f -y /dev/nbd0p2 || true && \
resize2fs /dev/nbd0p2 && \
sleep 1 && \
echo "Compressing to gzip, this can take several minutes" && \
mount -t tmpfs tmpfs /mnt && \
pv /dev/nbd0 | gzip > /mnt/chr-extended.gz && \
sleep 1 && \
killall qemu-nbd && \
sleep 1 && \
echo u > /proc/sysrq-trigger && \
echo "Warming up sleep" && \
sleep 1 && \
echo "Writing raw image, this will take time" && \
zcat /mnt/chr-extended.gz | pv > /dev/vda && \
echo "Sleep 5 seconds (if lucky)" && \
sleep 5 || true && \
echo "sync disk" && \
echo s > /proc/sysrq-trigger && \
echo "Ok, reboot" && \
echo b > /proc/sysrq-trigger
@stroebs
OwnerAuthor

stroebs commented Oct 28, 2017