I’ve created a new artifact with advanced commands and configurations for the services used by me in Ubuntu based Cloudpanel. The content includes:
-
Advanced Bash Commands and Scripts
- Array operations
- String operations
- Advanced file operations
- Process substitution
- Advanced error handling
- Background jobs management
-
Advanced NGINX Configuration
- Performance tuning
- Rate limiting
- Browser caching
- SSL configuration
- Logging configuration
- Monitoring commands
-
Advanced Logrotate Configurations
- Sample configurations
- Debugging commands
- Manual rotation
- Size checking
-
Advanced CrowdSec Commands
- Collection management
- Scenarios and rules
- Bouncers management
- Advanced monitoring
- Custom actions
-
Advanced MariaDB Commands
- Performance tuning
- Backup and restore
- Replication commands
- Performance schema queries
- Security operations
-
Advanced Redis Commands
- Monitoring and statistics
- Memory management
- Backup and recovery
- Cluster operations
- Performance testing
-
Advanced Varnish Commands
- Service management
- Logging and monitoring
- Cache management
- VCL management
- Performance analysis
Advanced Bash Commands and Scripts
# Array Operations
declare -A myarray # Declare associative array
myarray=([key1]="value1" [key2]="value2") # Initialize associative array
echo "${myarray[@]}" # Print all values
echo "${!myarray[@]}" # Print all keys
# String Operations
string="hello world"
echo "${string^}" # Capitalize first letter
echo "${string^^}" # Convert to uppercase
echo "${string,}" # Lowercase first letter
echo "${string,,}" # Convert to lowercase
echo "${string:0:5}" # Substring (start:length)
echo "${#string}" # String length
# Advanced File Operations
# Find files modified in last hour and compress them
find . -type f -mmin -60 -exec tar -czf archive.tar.gz {} +
# Process Substitution
diff <(ls dir1) <(ls dir2) # Compare directory contents
while read line; do echo "$line"; done < <(ls -l) # Process command output
# Trap Commands
trap 'echo "EXIT detected"' EXIT # Execute on script exit
trap 'echo "SIGINT detected"' SIGINT # Handle Ctrl+C
trap - SIGINT # Remove trap
# Advanced Loop Constructs
# Parallel processing with xargs
find . -type f -name "*.log" | xargs -P 4 -I {} gzip {}
# Read file line by line properly
while IFS= read -r line || [[ -n "$line" ]]; do
echo "$line"
done < "file.txt"
# Advanced Error Handling
set -e # Exit on error
set -u # Exit on undefined variable
set -o pipefail # Exit on pipe failure
set -x # Debug mode
# Background Jobs Management
jobs # List background jobs
fg %1 # Bring job 1 to foreground
bg %1 # Send job 1 to background
disown %1 # Detach job from shell
# File Descriptor Operations
exec 3> output.log # Open file descriptor 3
echo "log entry" >&3 # Write to descriptor 3
exec 3>&- # Close descriptor 3
Advanced NGINX Configuration and Commands
# Performance Tuning
nginx -V # Show compile-time options
ulimit -n # Check open file limits
# Configuration Examples
# Rate Limiting
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
location /login/ {
limit_req zone=one burst=5 nodelay;
}
# Browser Caching
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30d;
add_header Cache-Control "public, no-transform";
}
# SSL Configuration with Security Headers
server {
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
}
# Logging Configuration
log_format detailed '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'$request_time $upstream_response_time';
# Monitoring Commands
fuser -k 80/tcp # Kill process using port 80
netstat -tulpn | grep nginx # Check nginx ports
nginx -T # Test and dump configuration
Advanced Logrotate Configurations
# Sample Configuration for Multiple Services
/var/log/nginx/*.log {
daily
missingok
rotate 14
compress
delaycompress
notifempty
create 0640 www-data adm
sharedscripts
prerotate
if [ -d /etc/logrotate.d/httpd-prerotate ]; then
run-parts /etc/logrotate.d/httpd-prerotate;
fi
endscript
postrotate
invoke-rc.d nginx rotate >/dev/null 2>&1
endscript
}
# Commands and Debugging
logrotate -d /etc/logrotate.d/* # Debug all configurations
logrotate -vf /etc/logrotate.conf # Verbose force rotation
cat /var/lib/logrotate/status # Check rotation status
# Manual Rotation with Size Check
find /var/log -type f -size +100M -exec ls -lh {} \;
Advanced CrowdSec Commands and Configurations
# Collection Management
cscli collections list # List available collections
cscli collections inspect crowdsecurity/nginx # Inspect collection
cscli collections install crowdsecurity/nginx # Install collection
# Scenarios and Rules
cscli scenarios list # List scenarios
cscli scenarios install crowdsecurity/ssh-bf # Install scenario
cscli scenarios remove crowdsecurity/ssh-bf # Remove scenario
# Bouncers Management
cscli bouncers list # List bouncers
cscli bouncers add bouncer-name # Add bouncer
cscli bouncers delete bouncer-name # Delete bouncer
# Advanced Monitoring
cscli metrics # Show metrics
cscli alerts list # List recent alerts
cscli decisions list --ip 1.2.3.4 # Check IP decisions
cscli hub list # List hub items
# Configuration Validation
cscli config show # Show current config
cscli config validate # Validate config
cscli parsers debug --file /var/log/auth.log # Debug log parsing
# Custom Actions
cscli decisions add --ip 1.2.3.4 --duration 24h --type ban # Manual ban
cscli decisions delete --ip 1.2.3.4 # Remove ban
Advanced MariaDB Commands
# Performance Tuning
mysqltuner # Run MySQLTuner
mysqldumpslow /var/log/mysql/slow-query.log # Analyze slow queries
# Backup and Restore
# Hot backup of all databases
mysqldump --all-databases --single-transaction --quick --lock-tables=false > backup.sql
# Restore specific database
mysql -u root -p database_name < backup.sql
# Replication Commands
SHOW MASTER STATUS;
SHOW SLAVE STATUS\G
CHANGE MASTER TO MASTER_HOST='host';
START SLAVE;
STOP SLAVE;
# Performance Schema Queries
SELECT * FROM performance_schema.events_waits_summary_global_by_event_name
WHERE event_name LIKE 'wait/io/file/%'
ORDER BY sum_timer_wait DESC LIMIT 10;
# Table Maintenance
ANALYZE TABLE tablename;
OPTIMIZE TABLE tablename;
REPAIR TABLE tablename;
# Security
SHOW GRANTS FOR 'user'@'host';
FLUSH PRIVILEGES;
Advanced Redis Commands
# Monitoring and Statistics
redis-cli info # Server information
redis-cli --stat # Live statistics
redis-cli monitor # Monitor commands
redis-cli slowlog get 10 # Get slow logs
# Memory Management
redis-cli memory doctor # Memory analysis
redis-cli memory usage key # Memory used by key
redis-cli memory purge # Purge memory
# Backup and Recovery
redis-cli save # Force save to disk
redis-cli bgsave # Background save
redis-cli config get * # Get all configs
# Cluster Operations
redis-cli cluster info # Cluster information
redis-cli cluster nodes # List cluster nodes
redis-cli cluster slots # Show slot distribution
# Performance Testing
redis-benchmark -n 100000 -q # Quick benchmark
redis-benchmark -t set,get -n 100000 # Test specific commands
Advanced Varnish Commands
# Service Management
varnishd -C -f /etc/varnish/default.vcl # Verify VCL
varnishadm panic.show # Show panic log
varnishadm backend.list # List backends
# Logging and Monitoring
varnishlog -g request -q "RespStatus == 503" # Filter 503 errors
varnishstat -1 # One-time stats dump
varnishtop -i txurl # Top URLs
# Cache Management
varnishadm ban "req.url ~ /path/" # Ban cache by URL
varnishadm ban.list # List bans
varnishadm storage.list # List storage
# VCL Management
varnishadm vcl.list # List VCL configs
varnishadm vcl.load name /path/to/vcl # Load new VCL
varnishadm vcl.use name # Activate VCL
# Performance Analysis
varnishstat -1 -f MAIN.cache_hit # Cache hit rate
varnishstat -1 -f MAIN.cache_miss # Cache miss rate
Tips for Service Integration
- Monitoring Integration
# Combined log monitoring
tail -f /var/log/{nginx/error.log,mysql/error.log,redis/redis.log}
# Quick service status check
for service in nginx mysql redis varnish crowdsec; do
systemctl status $service | grep Active
done
- Backup Strategy
# Create backup directory with date
backup_dir="/backup/$(date +%Y%m%d)"
mkdir -p "$backup_dir"
# Backup all services
mysqldump --all-databases > "$backup_dir/mysql_backup.sql"
redis-cli save
cp /etc/nginx/nginx.conf "$backup_dir/"
cp /etc/varnish/default.vcl "$backup_dir/"
- Security Integration
# Check all service ports
netstat -tulpn | grep -E '(nginx|mysql|redis|varnish)'
# Check for failed authentication attempts
grep -E "failed|error" /var/log/{auth.log,nginx/error.log,mysql/error.log}
Remember to:
- Always test configurations in a staging environment
- Keep regular backups of all service configurations
- Monitor service logs for unusual patterns
- Regularly update security rules and configurations
- Document all custom configurations and changes