Skip to main content


Showing posts from August, 2019

Building a VPN server in AWS

Introduction There are many VPN solutions and many ways to deploy such a system. In this tutorial we’ll focus on implementing OpenVPN Access Server on a CentOS 7 EC2 instance. In order to follow along, you will need an active AWS account, a domain name and some familiarity with AWS concepts. Starting the CentOS host In the AWS console, select the region where you want that VPN to live in, then launch a new instance. You can find the latest CentOS 7 AMI in the marketplace, use one of the smaller instance sizes, and you should only need 10 GB of disk space for it. For the security group, you will need the following rules: SSH available from your IP address TCP port 943 available from everywhere TCP port 1194 available from everywhere UDP port 1194 available from everywhere Once started, go under the Elastic IP section and assign a new IP for the host, since we want a consistent IP to always be available. If you own a domain name, it’s also useful to assign a hostname to t

Ansible tips and tricks

Ansible is a server management tool that gets installed on a single Linux hosts, then uses playbooks to communicate out via SSH to servers and run commands. Installation: This will install Ansible on a CentOS host, then use a custom hosts file to ping all the hosts using a custom login key: > yum install ansible > ansible --version > ansible all -i ~/.ansible/hosts -m ping --user=centos --private-key ~/tests.pem Hosts: Place in /etc/ansible/hosts or in a custom file: [name] ip1 ip2 ip3 Running a playbook: This example will run a playbook with a custom login key and custom host file: > ansible-playbook -v -i ~/.ansible/hosts --private-key ~/tests.pem ~/git/scripts/centos-initial.playbook --limit prod > play centos-initial.playbook --limit prod Run on a single node: -i ip . Provisioning a full load balanced, auto-scaling environment: Create certificate for, * using Certficiate Manager in AWS console. Create a load

Installing multiple Python versions

Compiling a new version wget tar xzvf Python-3.6.0.tgz cd Python-3.6.0/ ./configure --prefix=/usr/local/python/python3.6 make make altinstall Installing pip wget /usr/local/python3.6/bin/python3.6 --prefix=/usr/local/python/python3.6/ Installing a module /usr/local/python/python3.6/bin/pip3 install argcomplete Compiling Python with an alternate library path You can edit Modules/Setup.dist with the proper paths, for example the SSL section for a different OpenSSL binary. Then, set the LDFLAGS variable and copy the dist file: cp Modules/Setup.dist Modules/Setup export LDFLAGS="-Wl,-rpath,/your/library/path" You can then run make to compile Python.