Update Section_09/main.sh, Section_06/php.sh, Section_07/ssl.sh

Section_05/swap.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+fallocate -l 2G /swapfile
+chmod 600 /swapfile
+mkswap /swapfile
+swapon /swapfile
+echo "/swapfile swap swap defaults 0 0" >> /etc/fstab
+swapon --show

Section_06/php.sh

@@ -45,3 +45,10 @@ sudo nano /etc/php/8.1/fpm/php.ini
 sudo systemctl restart php${PHP_VER}-fpm
 # sudo systemctl stop nginx
 # sudo systemctl disable nginx
+
+# Some useful commands
+# update-alternatives --set php /usr/bin/php8.1
+# update-alternatives --set phar /usr/bin/phar8.1
+# update-alternatives --set phar.phar /usr/bin/phar.phar8.1
+# update-alternatives --set phpize /usr/bin/phpize8.1
+# update-alternatives --set php-config /usr/bin/php-config8.1

Section_07/000-default-ssl.conf

@@ -0,0 +1,27 @@
+<VirtualHost *:80>
+      ServerName demo-devops.konnect.dev
+      ServerAdmin webmaster@localhost
+      Redirect permanent / https://​demo-devops.konnect.dev
+</VirtualHost>
+
+<VirtualHost *:443>
+      ServerName demo-devops.konnect.dev
+      
+      ServerAdmin webmaster@localhost
+      DocumentRoot /var/www/html
+
+      ErrorLog ${APACHE_LOG_DIR}/error.log
+      CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+      SSLEngine On
+      SSLProxyEngine On
+      SSLProxyCheckPeerName Off
+      SSLProxyCheckPeerCN Off
+      SSLProxyVerify none
+
+      SSLCertificateFile /etc/letsencrypt/live/demo-devops.konnect.dev/fullchain.pem
+      SSLCertificateKeyFile /etc/letsencrypt/live/demo-devops.konnect.dev/privkey.pem
+      
+      RequestHeader set X-Forwarded-Proto https
+      RequestHeader set X-Forwarded-Port 443
+</VirtualHost>

Section_07/default_ssl

@@ -0,0 +1,37 @@
+server {
+    listen 80;
+    listen [::]:80;
+
+    server_name demo-devops.konnect.dev;
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name demo-devops.konnect.dev;
+
+    root /var/www/html;
+    index index.php index.nginx-debian.html;
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+        
+    location ~ \.php$ {
+        include snippets/fastcgi-php.conf;
+        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+
+    access_log /var/log/nginx/default_nginx.log;
+    error_log /var/log/nginx/default_nginx.log;
+
+    ssl_certificate /etc/letsencrypt/live/demo-devops.konnect.dev/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/demo-devops.konnect.dev/privkey.pem;
+}

Section_07/main.sh

@@ -20,6 +20,8 @@ sudo rm ../sites-enabled/*
 sudo ln default ../sites-enabled/
 sudo ln reverse_proxy ../sites-enabled/
 sudo systemctl reload nginx
+# sudo systemctl stop nginx
+# sudo systemctl disable nginx
 
 curl http://demo-devops.konnect.dev/
 curl http://demo-devops-api.konnect.dev/

Section_07/reverse_proxy_ssl

@@ -0,0 +1,34 @@
+server {
+    listen 80;
+    listen [::]:80;
+
+    server_name demo-devops-api.konnect.dev;
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl http2;
+    server_name demo-devops-api.konnect.dev;
+
+    location / {
+        proxy_pass                          http://127.0.0.1:5000;
+        proxy_set_header Host               $http_host;
+        proxy_set_header X-Forwarded-Host   $http_host;
+        proxy_set_header X-Real-IP          $remote_addr;
+        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto  https;
+        proxy_set_header X-Forwarded-Port   443;
+        proxy_buffer_size                   128k;
+        proxy_buffers                       4 256k;
+        proxy_busy_buffers_size             256k;
+    }
+
+    access_log /var/log/nginx/reverse_proxy_nginx.log;
+    error_log /var/log/nginx/reverse_proxy_nginx.log;
+
+    ssl_certificate /etc/letsencrypt/live/demo-devops-api.konnect.dev/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/demo-devops-api.konnect.dev/privkey.pem;
+}

Section_07/reverse_proxy_ssl.conf

@@ -0,0 +1,32 @@
+<VirtualHost *:80>
+      ServerName demo-devops-api.konnect.dev
+      ServerAdmin webmaster@localhost
+      Redirect permanent / https://​demo-devops-api.konnect.dev
+</VirtualHost>
+
+<VirtualHost *:443>
+      ServerName demo-devops-api.konnect.dev
+      
+      ServerAdmin webmaster@localhost
+
+      ProxyRequests Off
+      ProxyPreserveHost On
+      ProxyPass / http://localhost:5000/
+      ProxyPassReverse / ​http://localhost:5000/
+
+      ErrorLog ${APACHE_LOG_DIR}/error.log
+      CustomLog ${APACHE_LOG_DIR}/access.log combined
+
+      SSLEngine On
+      SSLProxyEngine On
+      SSLProxyCheckPeerName Off
+      SSLProxyCheckPeerCN Off
+      SSLProxyVerify none
+
+      SSLCertificateFile /etc/letsencrypt/live/demo-devops-api.konnect.dev/fullchain.pem
+      SSLCertificateKeyFile /etc/letsencrypt/live/demo-devops-api.konnect.dev/privkey.pem
+      
+      RequestHeader set X-Forwarded-Proto https
+      RequestHeader set X-Forwarded-Port 443
+</VirtualHost>
+

Section_07/ssl.sh

@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Certbot
+sudo apt install certbot python3-certbot-apache python3-certbot-nginx
+
+# Apache2
+sudo a2enmod ssl
+sudo certbot certonly -d demo-devops.konnect.dev --apache
+sudo certbot certonly -d demo-devops-api.konnect.dev --apache
+sudo systemctl enable apache2 --now
+cd /etc/apache2/sites-available/
+sudo nano 000-default-ssl.conf
+sudo nano reverse_proxy_ssl.conf
+sudo a2dissite 000-default
+sudo a2dissite reverse_proxy
+sudo a2ensite 000-default-ssl
+sudo a2ensite reverse_proxy_ssl
+sudo systemctl reload apache2
+# sudo systemctl stop apache2
+# sudo systemctl disable apache2
+
+# Nginx
+sudo certbot certonly -d demo-devops.konnect.dev --nginx
+sudo certbot certonly -d demo-devops-api.konnect.dev --nginx
+sudo systemctl enable nginx --now
+cd /etc/nginx/sites-available/
+sudo nano default_ssl
+sudo nano reverse_proxy_ssl
+sudo rm ../sites-enabled/*
+sudo ln default_ssl ../sites-enabled/
+sudo ln reverse_proxy_ssl ../sites-enabled/
+sudo systemctl reload nginx
+# sudo systemctl stop nginx
+# sudo systemctl disable nginx
+
+curl https://demo-devops.konnect.dev/
+curl https://demo-devops-api.konnect.dev/

Section_08/Dockerfile

@@ -0,0 +1,16 @@
+FROM node:16-alpine
+
+RUN apk update
+
+WORKDIR /app
+
+COPY . /app/
+
+RUN npm i -g npm@latest
+RUN npm install
+RUN npm run build
+
+RUN npm i -g serve
+
+EXPOSE 3000
+CMD ["serve", "-s", "/app/build/"]

Section_08/docker-compose.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+
+cd ~/
+git clone https://github.com/EdgeKing810/Entities
+cd Entities/
+docker compose up -d
+
+cat init-mongo.js
+ls mongo-volume/
+tail api-nodejs/logs/access.log
+docker exec -it entities-db mongosh mongodb://root:root@127.0.0.1:27017/entities_db
+
+docker compose down
+docker compose up -d
+
+docker ps -a
+docker logs entities-db
+docker logs entities-api
+docker logs entities-front
+
+sudo apt install jq
+curl http://localhost:7000/api/v1/reset
+curl http://localhost:7000/api/v1/ | jq
+
+docker compose down

Section_08/k8s.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+sudo su
+kubectl get pods -A -o wide
+cat /etc/hosts
+
+kubectl describe deployment kinesis-api-web
+kubectl describe pod kinesis-api-web-66dc867f9c-p4kr5
+kubectl logs -f os-web-6586987d55-fw7mm

Section_08/main.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+
+# Install Docker
+sudo apt install ca-certificates curl gnupg
+sudo install -m 0755 -d /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+sudo chmod a+r /etc/apt/keyrings/docker.gpg
+echo \
+  "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
+  "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt update
+sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+sudo usermod -a -G docker ${USER}
+sudo systemctl enable --now docker
+
+# Run some docker commands
+docker run hello-world
+docker images
+docker ps -a
+
+git clone https://github.com/EdgeKing810/react-showcase
+cd react-showcase/
+nano Dockerfile
+docker build --pull -t "react-showcase:latest" .
+docker run --name react-showcase-container -p 10000:3000 -d --restart unless-stopped react-showcase:latest
+docker ps -a | grep react-showcase
+docker logs react-showcase-container
+docker inspect react-showcase-container
+docker exec -it react-showcase-container sh
+docker rm react-showcase-container

Section_09/main.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+
+PHP_VER=8.1
+
+# Apache Setup
+sudo systemctl disable nginx
+sudo systemctl stop nginx
+sudo systemctl enable apache2 --now
+sudo certbot certonly -d demo-devops-monitoring.konnect.dev --apache
+cd /etc/apache2/sites-available/
+sudo nano monitoring.conf
+sudo a2ensite monitoring
+sudo systemctl reload apache2
+
+# Install Icinga2
+sudo apt install apt-transport-https wget gnupg curl
+curl https://packages.icinga.com/icinga.key | sudo apt-key add -
+echo "deb http://packages.icinga.com/ubuntu icinga-$(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/icinga2.list
+echo "deb-src http://packages.icinga.com/ubuntu icinga-$(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/icinga2.list
+sudo apt update
+sudo apt install php${PHP_VER}-dba php${PHP_VER}-ldap php${PHP_VER}-json php${PHP_VER}-intl php${PHP_VER}-pdo-mysql php${PHP_VER}-imagick php${PHP_VER}-dom
+sudo apt install icinga2 icingaweb2 monitoring-plugins icinga2-ido-mysql icinga2-ido-mysql
+sudo addgroup --system icingaweb2
+sudo usermod -a -G icingaweb2 www-data
+
+sudo systemctl restart apache2
+sudo icingacli setup token create
+sudo systemctl enable --now icinga2
+sudo systemctl enable --now apache2
+sudo systemctl enable --now mysql
+
+# SQL Commands to run
+# CREATE DATABASE icingawebdb;
+# GRANT ALL PRIVILEGES ON icingawebdb.* TO icingaweb@localhost IDENTIFIED BY 'password';
+# GRANT ALL PRIVILEGES ON icinga2.* TO 'icinga2'@'localhost';
+# exit
+
+sudo icinga2 feature enable ido-mysql
+sudo icinga2 feature enable command
+sudo systemctl restart icinga2
+
+sudo icinga2 api setup
+# http://<ip_address>/icingaweb2/setup
+sudo icingacli setup token create