Exporting and Importing MS DNS Zones
Yes it's possible via the command line. Learn from my mistake. When you import the zone using the /primary option, it isn't AD integrated. And the /dsprimary option doesn't take a file parameter. :(
Yes it's possible via the command line. Learn from my mistake. When you import the zone using the /primary option, it isn't AD integrated. And the /dsprimary option doesn't take a file parameter. :(
I like modded Mincraft. I was trying to setup a modded server from Curseforge and found out that there are a number of mods that are flagged to not auto download with the rest of the pack. During the server pack install a file called "MODS_NEED_DOWNLOAD.txt" will be created containing various mods that meed this criteria. The expectation being you need to download each one and copy it to the server pack mods directory.
Not much too this really. I might expand this later.
curl -H 'accept: application/dns-json' \
'https://dns.nextdns.io/abc123?name=google.com&type=A' | jq .
Note
There is a lot here. I've done my best to make things correct, but I'm also still learning how a lot of nomad, consul, etc... work and their best practices. It's entirely possible I missed something or could have done something better.
The goal here is to be able to have a web application available at the address https://whoami.practicalkungfu.net
. To do this we'll use Traefik, which is a very nice reverse proxy/load balancer that has integrations with a number of container orchestration platforms.
Note
There is a lot here. I've done my best to make things correct, but I'm also still learning how a lot of nomad, consul, etc... work and their best practices. It's entirely possible I missed something or could have done something better.
In the last couple posts I described how to setup a small(ish) Hashi Nomad and Consul cluster. Using Consul for service discovery is something that took me a little while to figure out.
Lets start by spinning up the whoami job if you haven't already.
Note
There is a lot here. I've done my best to make things correct, but I'm also still learning how a lot of nomad, consul, etc... work and their best practices. It's entirely possible I missed something or could have done something better.
This is pretty easy once you get the hang of the job definitions. It's honestly not much diffent than docker-compose definitions.
Note
There is a lot here. I've done my best to make things correct, but I'm also still learning how a lot of nomad, consul, etc... work and their best practices. It's entirely possible I missed something or could have done something better.
The goal here is to setup a 5 node nomad cluster (3 servers and 5 clients), a 5 node consul cluster, and a storage backend using a 3 node gluster cluster (I love saying gluster cluster). Gluster is mounted to a VIP provided by keepalived. I've found this gives a decent amount or resiliancy.
For the nodes in this cluster I use Debian 12, Armbian, or DietPi. Basically all Debian 12.
This morning I had need to be alerted if I ping starts failing in an ad-hoc situation. The below script does a test ping and then beeps if the ping fails. It'll loop endlessly.
while ($true) {
$ping = Test-Connection -ComputerName 10.120.10.100 -Count 1
$ping
Start-Sleep -Seconds 1
If (($ping -eq "") -or ($ping -eq $null)) {
[console]::beep(500,1000)
}
}
Greenshot is a very nice program. However there is one thing that REALLY annoys me about it. The hard coded browser poppup after install. Deploying Greenshot via Intune is not the most straight foward thing if you want to customize the install. Plus there is having to kill greenshot running under the deploy account (usually system) and also starting greenshot under the current logged on user after install.
For this I used this intune winget template. It consists of your usual detection, install, and uninstall scripts. Below I'll be going over the install script.
Usually I use htop, or in the absense of that top, to do basic performance monitoring at a glance. However last week I saw someone post on lemmy about btop. And as the title says, btop is best top (IMO).
https://github.com/aristocratos/btop
For auditing we have to setup our DNS servers to audit various events and queries.
The below command can be run on one of the dns servers. It will enable logging to a file at c:\dnslogs and enable log rollover.
The below script will get all domain controllers in the current domain and then run a repadmin /syncall on all of them.
(Get-ADDomainController -Filter *).Name | Foreach-Object {
repadmin /syncall $_ (Get-ADDomain).DistinguishedName /e /A | Out-Null
}
This will reset a domain member to use NT5DS to set the time. This should be the default for "most" domain environments
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /config /syncfromflags:DOMHIER /update
net stop w32time
net start w32time
w32tm /resync /rediscover /nowait