Using Wireless Adapter as KVM Network Bridge (br0 or br1) – Rocky Linux 9.X

They said it couldn't be done, but it can, depending on your wireless adapter card.  I recently bought a Minisforum EM680 Mini PC, and to my surprise, it didn't come with any ethernet ports.  It only has a Wi-Fi PCI-E card in it.  Ok, so that presents a problem, as I wanted to use it as a KVM virtual machine host with bridged networking.  At first, I wasn't able to get this to work, but after finding this post, I got it working!  If your wireless adapter supports 4addr (WDS mode), you can get it working as you normally would when using an ethernet port.  Here's how.

Step 1:  Connect to your desired wireless network normally post installation of Rocky Linux 9.

Step 2:  Create your network bridge configurations as you normally would (not specified in this guide).  My script creates br0 (for use at datacenters with static IPs) and br1 (a general DHCP bridge). 

Step 3:  Enable 4addr for your adapter.

Get the name of your wireless device by running the following command:

ip a

Mine happens to be named wlp1s0. Yours could be different. Make a note of the name of your connected wireless adapter and use it in the below scripts:

sudo nano /etc/systemd/system/4addr.service 

Add the following contents to this file:

[Unit]
Description=wlan-4addr
Wants=network.target
Before=network.target systemd-networkd.service
BindsTo=sys-subsystem-net-devices-wlp1s0.device
After=sys-subsystem-net-devices-wlp1s0.device

[Service]
Type=oneshot
ExecStart=/usr/sbin/iw dev wlp1s0 set 4addr on
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

Save and exit.

Enable the service at boot:

sudo systemctl enable 4addr.service 

Step 4:  Reboot

Step 5:  Check that 4addr is on and working

iw dev wlp1s0 info

You should see something like:

4addr: on 

At the end of the output. 

Step 6:  Configure your wireless adapter to be controlled by your desired network bridge.  In my case, I wanted my wireless adapter to be a part of br1 (my general DHCP bridge).  To do this, I edited the associated .nmconnection file in the /etc/NetworkManager/system-connections directory.  The name of the .nmconnection file will be the wireless SSID you're connected to.  So, for example, if your SSID is test, it will be named test.nmconnection.

Add the controller and port-type configuration lines as shown in the below sample configuration.  My .nmconnection configuration looks like this (SSID and passwords removed):

[connection]
id=cool
uuid=015a8f8f-5440-40b5-8caf-e6ff3f9d63e1
type=wifi
interface-name=wlp1s0
controller=br1
port-type=bridge

[wifi]
mode=infrastructure
ssid={WIFI_SSID_HERE}

[wifi-security]
auth-alg=open
key-mgmt=wpa-psk
psk={WIFI_PASSWORD_HERE}

[bridge-port]

Save your changes.

My ifcfg-br1 bridge configuration file in the /etc/sysconfig/network-scripts directory looks like this:

TYPE=Bridge
BOOTPROTO=dhcp
DEVICE=br1
ONBOOT=yes
ZONE=public

Step 7:  Reboot

KVM guests using br1 and the default NAT interface (managed by QEMU and KVM) will work just fine via your wireless device now!

Element for Linux Client – Without Flatpak

If you'd like to install the Element Matrix client for Linux without using flatpak or snap, you can use the following script to do so:

sudo apt-get install wget unzip
wget -N "https://dinofly.com/files/linux/element_bash_install.zip" && unzip element_bash_install.zip && sudo bash install_element.sh

This will install the Element client application on Linux, create an app shortcut for it, and add it as an automatic startup program when the computer is first started.

This was tested on Ubuntu 18.04, but it should work on newer versions of Linux as well.

Latest Skype for Debian / Ubuntu – Without Flatpak or Snap

I found this script posted on Github that essentially unpacks the last created Skype .deb file released by Microsoft, downloads the latest snap package for Skype, extracts and replaces the Skype binary from the snap package to the deb source files, replaces some version number strings, and then repacks the files into a deb you can install on Ubuntu / Debian.  I modified the script slightly to install some dependencies and then actually install the deb file that is generated for you.

To install the latest version of Skype for Ubuntu / Debian (tested on Ubuntu 18.04 – and should work on newer versions), first uninstall any previous version of Skype you've installed on your system, and then run the following script:

sudo apt-get install wget unzip
wget -N "https://dinofly.com/files/linux/skype_for_linux_deb_install.zip" && unzip skype_for_linux_deb_install.zip && sudo bash skype_for_linux.sh

If after logging in for the first time, your Skype looks like this (a blank page with it not doing anything):

Restart your computer and load Skype again.  It will work fine after this.

Testing Simultaneous HTTP Requests in Parallel using cURL

If you're developing a web application and are worried that a similar HTTP request could come in multiple times from different users (or clients) exactly at the same time, you can see how your application will behave by using cURL (on modern versions of Linux) to create this rare (if almost impossible) circumstance:

curl --parallel --parallel-immediate --parallel-max 3 --header "Content-Type: application/json" --request POST --data '{STRINGIFIED_JSON_PAYLOAD}' --config urls.txt

The urls.txt file will contain the URL to your API endpoint you're testing the same number of times as the –parallel-max parameter.  So in our case, it would contain:

url = "https://pathtoapiendpoint"
url = "https://pathtoapiendpoint"
url = "https://pathtoapiendpoint"

Check how your application behaves and make appropriate changes to maintain concurrency if you're worried about this happening.  There are various approaches you can use to make sure concurrency is maintained such as appending the old value of the database record into your where clause when updating to see if the data has already been changed within the timeframe of the request being processed. 

Or, you can use persistent virtual columns like this:

https://stackoverflow.com/questions/54338201/mysql-prevent-insertion-of-record-if-id-and-timestamp-unique-combo-constraint 

Moving a Website to Another Server – Redirect Traffic to the New Server While DNS Propagates (for No Downtime)

If you're migrating a website from one server to another and have updated the DNS for the domain to point to the new server, some traffic will still be directed to the old server due to DNS caching.  So, while the DNS changes propagate over the internet (can take up to three days), you can still redirect traffic to the new server from the old server so that you won't suffer any downtime. 

On the old server, run these commands to redirect web traffic on port 80 (http) and port 443 (https) to the new server (adjust the {DESTINATION_IP_ADDRESS} variable accordingly):

echo 1 >/proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination {DESTINATION_IP_ADDRESS}:80
iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination {DESTINATION_IP_ADDRESS}:443
iptables -t nat -A POSTROUTING -p tcp -d {DESTINATION_IP_ADDRESS} --dport 80 -j MASQUERADE
iptables -t nat -A POSTROUTING -p tcp -d {DESTINATION_IP_ADDRESS} --dport 443 -j MASQUERADE

Reference:  https://serverfault.com/questions/371833/changing-servers-redirect-to-new-ip-no-downtime#371870

Dual Boot Linux (Ubuntu 22.04) and Windows 11 on Modern Systems – UEFI

In order to setup a dual boot of Windows 11 and Ubuntu 22.04 on a modern system that uses UEFI, follow these steps.

1. Install Windows 11 first leaving some unpartitioned space (at least 60GB is my recommendation) on the drive you're installing Windows on.
2. Boot up the Ubuntu installer.
3. During installation, you'll be presented with an Installation Type options screen.  Choose "Something else". 

4. On the next screen, you'll see a list of drives and partitions.  On the same drive you installed Windows, create 3 new partitions. 
   1. Create an EXT4 partition for the / mount point at least 40GB in size (this is the main drive for Linux files).
   2. Create a SWAP partition at least 18GB in size.
   3. Create an EFI partition at least 500MB in size.  This is extremely important in order to get grub to install properly. 
5. Leave the "Device for boot loader installation" set as the top level drive that Windows and Ubuntu was / is being installed on.  You should not select an individual partition here.

6. Complete the installation process. 
7. You might need to change the UEFI boot order in the BIOS of your system to boot Ubuntu / Linux first versus booting the Windows EFI partition.  Since you created an EFI partition for your Linux install, it should show up as a bootable option in the bios.  Set / adjust accordingly.
8. That's it!

Creating SSL PFX Certificate for IIS Windows

To create a PFX certificate file you can import into IIS on Windows from an openssl private key and certificate file on Linux, use the below command:

openssl pkcs12 -export -legacy -out iis_certificate.pfx -inkey your_private_key.key -in your_cert.crt -certfile your_chain.crt

Restoring Areca Backups

The first step to restoring an Areca backup image is to map the network drives as they were on the computer you made the backup from (if you were using network drives to store the backup).  If you can't remember how the network drives were initially configured or mapped, proceed to the next step, and Areca will eventually tell you which drive is missing.  Once the drives have been remapped as before, and if the backup file is no longer stored on that mapped drive, copy your Areca backup folder (for example, in my case, the folder named 1878606550) to the backup drive location.   

In order to restore an Areca backup archive onto another computer, you need to copy the bcfg file located in the areca_config_backup folder to the Areca workspace directory on the computer you're attempting to restore the files on.  Once you've done that, you can restart Areca, and you'll be prompted to provide the encryption key.  Enter it here.

Assuming the drives exist as they did on the previous computer and the backup folder exists where the backups were being stored, you should be able to view the files within the Archives tab.  Right click on the backup and choose "Recover".  Follow this wizard, and the files will be unencrypted and extracted.   

RAID Synchronization CRON Job Affecting Performance

For some FakeRaid configurations, CentOS 7 and newer variants may run a RAID synchronization job configured in the /etc/cron.d directory in a file named raid-check.

This job is responsible for making sure the RAID array is in sync across all drives.  It runs by default every week on Sunday at 1 AM.

# Run system wide raid-check once a week on Sunday at 1am by default

However, this was not a convenient time for my users, as they were gaming at this time, so rather than affect server performance, I changed the cronjob to:

0 5 1 * * root /usr/bin/test $(/usr/bin/date +\%u) -ne 6 && /usr/sbin/raid-check

Thus, the sync job now runs once a month on the 1st at 5 AM.  And, it will not run if the day of the week is a Saturday.  This applies to several of my C1100 servers.