Nginx proxy & real IP to apache 2.4.6

In centos7  apache 2.4.6 uses module remoteip instead  rpaf.
to check if module available run:

 httpd -M | grep remoteip

response should be like :

 remoteip_module (shared)

Then create file /etc/httpd/conf.modules.d/remoteip.conf:

<IfModule remoteip_module>
  RemoteIPHeader X-Forwarded-For
  RemoteIPInternalProxy  172.27.0.1
</IfModule>

where 172.27.0.1 - internal IP your nginx proxy

In the /etc/httpd/conf/httpd.conf file replace %h to %a in rows LogFormat

nginx conf should contain next rows:

    location / {

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_pass https://your_site.com;

}

After that, you can see real IP in logs and can set real IP in restriction rules in apache conf files.

Wildcard certificate from Let's Encrypt

If you need wildcard certificate from Let's Encrypt for your domain, you can use certbot to do it.

First of all, you should have access to your dns to create TXT records like this

_acme-challenge.domain.com IN TXT   "some_value"

Second - install certbot

yum install -y certbot


then make a request like this:

certbot certonly --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory --manual-public-ip-logging-ok -d '*.domain.com' -d domain.com


During a dialog, you will receive wich TXT record you should put in your DNS

MariaDB create master slave replication

First of all, you should check mariadb server config file(usually it /etc/my.cnf.d/server.cnf) on master and slave server. There are must present on the master:
[mariadb]
binlog_format=MIXED
log-bin
server_id=1

and on the slave:

[mariadb]

binlog_format=MIXED

log-bin

server_id=2

Also, you should create user for replication and grant privileges to him:

create user 'replication_user'@'$SLAVE_IP' identified by '$PASSWORD';

grant replication slave on *.* to 'replication_user'@'$SLAVE_IP';

flush privileges;

Then you should login to the master database and lock tables to read status, get master log file and position and create databases dump:

FLUSH TABLES WITH READ LOCK;

Query OK, 0 rows affected (0.08 sec)

SHOW MASTER STATUS;

+-------------------+-----------+--------------+------------------+

| File              | Position  | Binlog_Do_DB | Binlog_Ignore_DB |

+-------------------+-----------+--------------+------------------+

| master-bin.003437 | 852552729 |              |                  |

+-------------------+-----------+--------------+------------------+

in another screen create database dump:

mysqldump -u root -p -A | gzip > all_db_dump.sql.gz 

or you can use without lock tables:
mysqldump -u root -p -v --insert-ignore --skip-lock-tables --single-transaction=TRUE -A | gzip >  all_db_dump,sql.gz

after dump created, unlock tables:

UNLOCK TABLES;

Query OK, 0 rows affected (0.00 sec)

On the slave server drop and create empty users' databases and import data :

gunzip < all_db_dump.sql.gz | mysql -u root -p 

Then stop slave:
STOP SLAVE;
and create replication on the slave server :
CHANGE MASTER TO 

MASTER_HOST='$MASTER_IP', 

MASTER_USER='replication_user', 

MASTER_PASSWORD='$PASSWORD', 

MASTER_PORT=3306, 

MASTER_LOG_FILE='master-bin.003437', 

MASTER_LOG_POS=852552729, 

MASTER_CONNECT_RETRY=10;

and start slave:

START SLAVE;

After that you can check slave status:

SHOW SLAVE STATUS\G

Moving /var/lib/docker to another drive

For example : we have a VM with docker , but we need to move directory /var/lib/docker to separate partition or HDD:
 lvs
  LV            VG     Attr       LSize  Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  home          centos -wi-ao---- 20.00g                                                    
  root          centos -wi-ao---- 25.80g                                                    
  swap          centos -wi-ao----  2.00g                                                    
  tmp           centos -wi-ao----  2.00g                                                    
  var           centos -wi-ao---- 25.00g                                                    
  var_log       centos -wi-ao---- 20.00g                                                    
  var_log_audit centos -wi-ao----  2.00g                                                    
  var_tmp       centos -wi-ao----  2.00g  

df -h
File system                 Size Used Available Used%  Mounted
/dev/mapper/centos-root             26G         5.7G   19G           24% /
devtmpfs                           858M            0  858M            0% /dev
tmpfs                              870M            0  870M            0% /dev/shm
tmpfs                              870M         9.4M  860M            2% /run
tmpfs                              870M            0  870M            0% /sys/fs/cgroup
/dev/sda2                          976M         407M  503M           45% /boot
/dev/sda1                          200M          19M  182M           10% /boot/efi
/dev/mapper/centos-var              25G         3.2G   21G           14% /var
/dev/mapper/centos-tmp             2.0G          33M  1.8G            2% /tmp
/dev/mapper/centos-var_log          20G         397M   19G            3% /var/log
/dev/mapper/centos-home             20G         115M   19G            1% /home
/dev/mapper/centos-var_log_audit   2.0G          35M  1.8G            2% /var/log/audit
/dev/mapper/centos-var_tmp         2.0G         160M  1.7G            9% /var/tmp
tmpfs                              174M            0  174M            0% /run/user/1000

So add new HDD and check in OS:
lsblk 
NAME                     MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda                        8:0    0  100G  0 disk 
├─sda1                     8:1    0  200M  0 part /boot/efi
├─sda2                     8:2    0    1G  0 part /boot
└─sda3                     8:3    0 98.8G  0 part 
  ├─centos-root          253:0    0 25.8G  0 lvm  /
  ├─centos-swap          253:1    0    2G  0 lvm  [SWAP]
  ├─centos-tmp           253:2    0    2G  0 lvm  /tmp
  ├─centos-var           253:3    0   25G  0 lvm  /var
  ├─centos-var_tmp       253:4    0    2G  0 lvm  /var/tmp
  ├─centos-var_log       253:5    0   20G  0 lvm  /var/log
  ├─centos-var_log_audit 253:6    0    2G  0 lvm  /var/log/audit
  └─centos-home          253:7    0   20G  0 lvm  /home
sdb                        8:16   0   40G  0 disk 
sr0                       11:0    1 1024M  0 rom  

fdisk -l /dev/sdb

Disk /dev/sdb: 42.9 GB, 42949672960 bytes, 83886080 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Create new LVM partition on new HDD:

parted -s /dev/sdb mklabel gpt; parted -s /dev/sdb unit mib mkpart primary 1 100% set 1 lvm on

fdisk -l /dev/sdb
WARNING: fdisk GPT support is currently new, and therefore in an experimental phase. Use at your own discretion.

Disk /dev/sdb: 42.9 GB, 42949672960 bytes, 83886080 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disk label type: gpt
Disk identifier: 47E3AF39-FFC1-470E-A40A-334150007411


#         Start          End    Size  Type            Name
 1         2048     83884031     40G  Linux LVM       primary

pvs

  PV         VG     Fmt  Attr PSize  PFree

  /dev/sda3  centos lvm2 a--  98.80g    0 

Create new physical group:

pvcreate /dev/sdb1 

  Physical volume "/dev/sdb1" successfully created.

pvs

  PV         VG     Fmt  Attr PSize   PFree  

  /dev/sda3  centos lvm2 a--   98.80g      0 

  /dev/sdb1         lvm2 ---  <40.00g <40.00g

New volume group:

vgcreate docker /dev/sdb1

  Volume group "docker" successfully created

pvs

  PV         VG     Fmt  Attr PSize   PFree  

  /dev/sda3  centos lvm2 a--   98.80g      0 

  /dev/sdb1  docker lvm2 a--  <40.00g <40.00g

New logical volume:

lvcreate -l100%FREE docker -n var_lib_docker

  Logical volume "var_lib_docker" created.

lvs

  LV             VG     Attr       LSize   Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert

  home           centos -wi-ao----  20.00g                                                    

  root           centos -wi-ao----  25.80g                                                    

  swap           centos -wi-ao----   2.00g                                                    

  tmp            centos -wi-ao----   2.00g                                                    

  var            centos -wi-ao----  25.00g                                                    

  var_log        centos -wi-ao----  20.00g                                                    

  var_log_audit  centos -wi-ao----   2.00g                                                    

  var_tmp        centos -wi-ao----   2.00g                                                    

  var_lib_docker docker -wi-a----- <40.00g                             

And make ext4 file system on the new volume:

mkfs.ext4 /dev/mapper/docker-var_lib_docker 

mke2fs 1.42.9 (28-Dec-2013)

Discarding device blocks: done                            

Filesystem label=

OS type: Linux

Block size=4096 (log=2)

Fragment size=4096 (log=2)

Stride=0 blocks, Stripe width=0 blocks

2621440 inodes, 10484736 blocks

524236 blocks (5.00%) reserved for the super user

First data block=0

Maximum filesystem blocks=2157969408

320 block groups

32768 blocks per group, 32768 fragments per group

8192 inodes per group

Superblock backups stored on blocks: 

32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 

4096000, 7962624

Allocating group tables: done                            

Writing inode tables: done                            

Creating journal (32768 blocks): done

Writing superblocks and filesystem accounting information: done   

Mount new volume to empty directory:

mount /dev/mapper/docker-var_lib_docker /mnt/

Check it:

mount | column -t | grep mnt

/dev/mapper/docker-var_lib_docker  on  /mnt                             type  ext4        (rw,relatime,data=ordered)

Stop docker service:

systemctl stop docker

and check open files in /var/lib/docker:

lsof /var/lib/docker

Now rsync data from /var/lib/docker  to /mnt and remove files and dirs on source:

rsync -avr --remove-source-files --prune-empty-dirs   /var/lib/docker/* /mnt/ && find /var/lib/docker -depth=1  -type d -empty -exec rmdir "{}" \; && mkdir /var/lib/docker

Then umount /mnt :

umount /mnt

Add new mount point to /etc/fstab:

echo  "/dev/mapper/docker-var_lib_docker  /var/lib/docker      ext4    defaults        1 2" >> /etc/fstab

and mount new logical volume :

mount -a

check block devices and mounts:

 lsblk 

NAME                      MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT

sda                         8:0    0  100G  0 disk 

├─sda1                      8:1    0  200M  0 part /boot/efi

├─sda2                      8:2    0    1G  0 part /boot

└─sda3                      8:3    0 98.8G  0 part 

  ├─centos-root           253:0    0 25.8G  0 lvm  /

  ├─centos-swap           253:1    0    2G  0 lvm  [SWAP]

  ├─centos-tmp            253:3    0    2G  0 lvm  /tmp

  ├─centos-var            253:4    0   25G  0 lvm  /var

  ├─centos-var_tmp        253:5    0    2G  0 lvm  /var/tmp

  ├─centos-var_log        253:6    0   20G  0 lvm  /var/log

  ├─centos-var_log_audit  253:7    0    2G  0 lvm  /var/log/audit

  └─centos-home           253:8    0   20G  0 lvm  /home

sdb                         8:16   0   40G  0 disk 

└─sdb1                      8:17   0   40G  0 part 

  └─docker-var_lib_docker 253:2    0   40G  0 lvm  /var/lib/docker

and start docker service;

systemctl start docker