### Install and Enable Varnish Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/052-load-balancer-proxies-varnish.md Installs Varnish using dnf, enables it to start on boot, and starts the service. ```bash dnf install -y varnish systemctl enable varnish systemctl start varnish ``` -------------------------------- ### Enable and Start MariaDB Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/security/freeradius_radius_server_mysql.md Enable the MariaDB service to start on boot and start it immediately. Then, run the secure installation script to set up the MariaDB root password and secure the installation. ```bash systemctl enable --now mysql mysql_secure_installation ``` -------------------------------- ### Install the community.general Collection Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/learning_ansible/04-ansible-galaxy.md This example shows the command to install the `community.general` collection and the expected output during the installation process. ```bash ansible-galaxy collection install community.general Starting galaxy collection install process Process install dependency map Starting collection install process Downloading https://galaxy.ansible.com/download/community-general-3.3.2.tar.gz to /home/ansible/.ansible/tmp/ansible-local-51384hsuhf3t5/tmpr_c9qrt1/community-general-3.3.2-f4q9u4dg Installing 'community.general:3.3.2' to '/home/ansible/.ansible/collections/ansible_collections/community/general' community.general:3.3.2 was installed successfully ``` -------------------------------- ### Kickstart Configuration File Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/templates-automation-packer-vsphere.md An example of a Kickstart file used for automating the Rocky Linux installation process, including repository, network, and system settings. ```bash # Use CD-ROM installation media repo --name="AppStream" --baseurl="http://download.rockylinux.org/pub/rocky/8.4/AppStream/x86_64/os/" cdrom # Use text install text # Don't run the Setup Agent on first boot firstboot --disabled eula --agreed ignoredisk --only-use=sda # Keyboard layouts keyboard --vckeymap=us --xlayouts='us' # System language lang en_US.UTF-8 # Network information network --bootproto=static --device=ens192 --gateway=192.168.1.254 --ip=192.168.1.11 --nameserver=192.168.1.254,4.4.4.4 --netmask=255.255.255.0 --onboot=on --ipv6=auto --activate # Root password rootpw mysecurepassword # System services selinux --permissive firewall --enabled services --enabled="NetworkManager,sshd,chronyd" # System timezone timezone Europe/Paris --isUtc # System booloader configuration bootloader --location=mbr --boot-drive=sda # Partition clearing information clearpart --all --initlabel --drives=sda ``` -------------------------------- ### Install and Enable Nginx Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/022-web-servers-nginx.md Installs the Nginx web server and enables it to start on boot and run immediately. Use this command to set up Nginx on your system. ```bash sudo dnf install nginx sudo systemctl enable nginx --now ``` -------------------------------- ### Initialize LXD Server Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/lxd_server/03-lxdinit.md Run the `lxd init` command to start the interactive LXD server setup script. This script guides you through configuration options for storage, clustering, networking, and remote access. ```bash lxd init ``` -------------------------------- ### Install Podman and Git Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/localdocs/rockydocs_webdev_v2.md Installs Podman, podman-docker, and git using dnf. Enables and starts the Podman socket. ```bash sudo dnf -y install podman podman-docker git sudo systemctl enable --now podman.socket ``` -------------------------------- ### Install and Enable Squid Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/053-load-balancer-proxies-squid.md Install the Squid package using dnf, enable it to start on boot, and configure the firewall. ```bash sudo dnf install squid ``` ```bash sudo systemctl enable squid ``` ```bash sudo firewall-cmd --add-port=3128/tcp --permanent ``` ```bash sudo firewall-cmd --reload ``` -------------------------------- ### Example rsnapshot Installation Dependencies Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/backup/rsnapshot_backup.md Illustrates the dependency resolution process when installing rsnapshot and rsync using DNF, showing the packages to be installed and their sizes. ```text dnf install rsnapshot rsync Last metadata expiration check: 2:03:40 ago on Fri 19 Sep 2025 03:54:16 PM UTC. Package rsync-3.4.1-2.el10.x86_64 is already installed. Dependencies resolved. ============================================================================================================================== Package Architecture Version Repository Size ============================================================================================================================== Installing: rsnapshot noarch 1.5.1-1.el10_0 epel 112 k Installing dependencies: perl-DirHandle noarch 1.05-512.2.el10_0 appstream 12 k Transaction Summary ============================================================================================================================== Install 2 Packages Total download size: 124 k Installed size: 388 k Is this ok [y/N]: y ``` -------------------------------- ### Enable and Start firewalld Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/security/openvpn.md Enable firewalld to start on boot and start the service immediately. ```bash sudo systemctl enable --now firewalld ``` -------------------------------- ### Create user-data.yml with write_files Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/cloud-init/03_configuration_engine.md This example demonstrates creating a user-data.yml file that installs nginx, writes a custom index.html, and enables the nginx service on boot. ```bash cat < user-data.yml #cloud-config packages: [nginx] write_files: - path: /usr/share/nginx/html/index.html content: '

Hello from cloud-init!

' owner: nginx:nginx permissions: '0644' runcmd: - [ systemctl, enable, --now, nginx ] EOF ``` -------------------------------- ### Complete VM Configuration Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/kvm_tuning.md This XML configuration demonstrates a fully tuned VM setup for a performance-critical virtual machine on a dual-socket Rocky Linux 9 host, incorporating CPU pinning, NUMA tuning, and huge page memory. ```xml production-vm 16 8 ``` -------------------------------- ### Setup Docker Environment for Documentation Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/localdocs/rockydocs_tool_guide.md Initializes the documentation build environment using Docker, avoiding local Python dependency installations. Use --workspace for custom locations. ```bash ./rockydocs.sh --setup --docker ``` ```bash ./rockydocs.sh --setup --docker --workspace ~/my-docs-workspace ``` -------------------------------- ### Kickstart Package Selection Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/templates-automation-packer-vsphere.md Specifies the packages to be installed during the Rocky Linux setup. Includes essential tools and excludes unnecessary firmware and packages. ```bash %packages --ignoremissing --excludedocs openssh-clients curl dnf-utils drpm net-tools open-vm-tools perl perl-File-Temp sudo vim wget python3 # unnecessary firmware -aic94xx-firmware -atmel-firmware -b43-openfwwf -bfa-firmware -ipw2100-firmware -ipw2200-firmware -ivtv-firmware -iwl*-firmware -libertas-usb8388-firmware -ql*-firmware -rt61pci-firmware -rt73usb-firmware -xorg-x11-drv-ati-firmware -zd1211-firmware -cockpit -quota -alsa-* -fprintd-pam -intltool -microcode_ctl %end %addon com_redhat_kdump --disable %end ``` -------------------------------- ### Rocky Linux Kickstart: Disable Firstboot Setup Agent Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/kickstart-rocky.md Disables the Setup Agent from starting automatically when the system boots after installation. ```kickstart firstboot --disable ``` -------------------------------- ### Install and Configure Redis for Fact Caching Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/learning_ansible/08-management-server-optimizations.md Install Redis, start and enable the service, and install the Python Redis client. This setup is required before configuring Ansible to use Redis for fact caching. ```bash sudo yum install redis sudo systemctl start redis sudo systemctl enable redis sudo pip3 install redis ``` -------------------------------- ### Setup Environment for Production-Identical Preview Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/localdocs/rockydocs_tool_guide.md Sets up the documentation build environment with a Python virtual environment. Use the --workspace flag to specify a custom location for the build artifacts. ```bash ./rockydocs.sh --setup --venv ``` ```bash ./rockydocs.sh --setup --venv --workspace ~/my-docs-workspace ``` -------------------------------- ### Install Pre-commit via Pip (General Platforms) Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/expert_contributing.md For platforms not covered by specific setup guides, install the 'pre-commit' package using pip. This is a prerequisite for using pre-commit hooks. ```bash pip install pre-commit ``` -------------------------------- ### Complete Build Flow Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/localdocs/rockydocs_tool_guide.md Walks through the typical local development workflow: editing files, deploying, serving, and how the script manages the symlink for MkDocs to build from live files. ```bash # 1. You edit in your repo cd ~/rocky-projects/documentation echo "New troubleshooting tip" >> docs/guides/myguide.md # 2. You deploy and serve ./rockydocs.sh --deploy ./rockydocs.sh --serve # 3. Script creates symlink in build environment # content → ~/rocky-projects/documentation/docs # 4. MkDocs builds from your live files # Your changes appear immediately in the local website ``` -------------------------------- ### Install Basic PBX and Configure Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/communications/asterisk_installation.md Install the basic PBX functionality and perform initial configuration. Further modifications may be necessary for desired PBX operation. ```bash make basic-pbx make config ``` -------------------------------- ### Enable Quadlet Service on Boot Source: https://github.com/rocky-linux/documentation/blob/main/docs/gemstones/containers/podman.md To automatically run the container upon system start or user login, add the [Install] section to the Quadlet file. This effectively enables the service. ```systemd [Install] WantedBy=default.target ``` -------------------------------- ### Create and Boot Base Image for Customization Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/cloud-init/05_image_builders_perspective.md Use `qemu-img` to create a disk image and `virt-install` to boot a base Rocky Linux image for customization. Connect to the console to begin modifications. ```bash # Create a disk image for our new template qemu-img create -f qcow2 -o size=10G golden-image-template.qcow2 # Boot the base image using virt-install virt-install --name golden-image-builder \ --memory 2048 --vcpus 2 \ --disk path=golden-image-template.qcow2,format=qcow2 \ --cloud-init none --os-variant rockylinux10 --import # Connect to the console and log in as the default 'rocky' user virsh console golden-image-builder ``` -------------------------------- ### Install and Enable amsd Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/hardware/hpe_amsd.md Installs the amsd package and enables it to start automatically on boot. The service is then started immediately. ```bash dnf -y update && dnf -y install amsd systemctl enable --now amsd ``` -------------------------------- ### Awk substr Function Example (Field Segment) Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/sed_awk_grep/4_awk_command.md Extracts a substring from the first field ($1) starting at the 9th character. This example targets lines starting with 'sp'. ```bash # I need this part of the content - "tablet" Shell > tail -n 5 /etc/services | awk '/^sp/ {print substr($1,9)}' ``` -------------------------------- ### Mount Command Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/07-file-systems.fr.md Demonstrates how to use the mount command to mount a specific device to a directory. ```bash [root]# mount /dev/sda7 /home ``` -------------------------------- ### Enable and Start MariaDB Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/041-database-servers-mariadb.md Enable the MariaDB service to start on boot and start it immediately using systemctl. ```bash $ sudo systemctl enable mariadb --now Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service. Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service. Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service. ``` -------------------------------- ### Clone NvChad Starter Repository and Initialize Neovim Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/nvchad/install_nvchad.md Download the NvChad starter configuration and initialize Neovim to set up the NvChad environment. This command clones the repository into the default Neovim configuration directory and then launches Neovim to install plugins. ```bash git clone https://github.com/NvChad/starter ~/.config/nvim && nvim ``` -------------------------------- ### Install LXD via Snap Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/lxd_server/01-install.md Installs the LXD snap package. This command only installs LXD; setup is a separate step. ```bash snap install lxd ``` -------------------------------- ### Enable and Start Jellyfin Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/file_sharing/jellyfin.md Enables the Jellyfin service to start on boot and starts it immediately. ```bash systemctl enable --now jellyfin ``` -------------------------------- ### Enable Apache Sites and Start Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/file_sharing/sftp.md Link virtual host configurations to the enabled directory and start the Apache HTTP server process. ```bash ln -s ../sites-available/com.site1 ``` ```bash ln -s ../sites-available/com.site2 ``` ```bash systemctl enable --now httpd ``` -------------------------------- ### Install Deno Language Server with mason.nvim Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/nvchad/plugins/md_preview.md Use the :MasonInstall command to install the Deno language server. This is a prerequisite for Peek.nvim. ```text :MasonInstall deno ``` -------------------------------- ### Basic ACL setup commands Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/14-special-authority.md Demonstrates creating a directory, setting ownership and permissions, adding users to a group, and then applying ACLs to grant specific access. ```bash # The teacher is the root user Shell > groupadd class1 Shell > mkdir /project Shell > chown root:class1 /project Shell > chmod 770 /project Shell > ls -ld /project/ drwxrwx--- 2 root class1 4096 Jan 12 12:58 /project/ ``` ```bash # Put the students in the class into the class1 group Shell > useradd frank Shell > passwd frank Shell > useradd aron Shell > passwd aron Shell > gpasswd -a frank class1 Shell > gpasswd -a aron class1 ``` ```bash # A student from another school came to listen to the teacher Shell > useradd tom Shell > passwd tom ``` -------------------------------- ### Install and Enable Incus Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/incus_server/30-appendix_a.md Installs the Incus server and tools, and enables the Incus systemd service to start on boot. ```bash sudo dnf install incus incus-tools sudo systemctl enable incus ``` -------------------------------- ### Start all cluster nodes Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/07-high-availability.md Start the Pacemaker cluster services on all configured nodes. This command should be run after cluster setup. ```bash $ sudo pcs cluster start --all server1: Starting Cluster... server2: Starting Cluster... ``` -------------------------------- ### Install and Configure Apache Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/052-load-balancer-proxies-varnish.md Installs Apache HTTP Server, enables its service, configures the firewall, and sets up a basic index.html file. ```bash sudo dnf install -y httpd mod_ssl sudo systemctl enable httpd --now sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --permanent --add-service=https sudo firewall-cmd --reload echo "Node $(hostname -f)" | sudo tee "/var/www/html/index.html" ``` -------------------------------- ### Start NFS Server Daemon Source: https://github.com/rocky-linux/documentation/blob/main/docs/labs/networking/lab5-nfs.md Starts the NFS server daemon. Run this command after installation and verification of service status. ```bash systemctl start nfs-server ``` -------------------------------- ### Launch VM with ISO Datasource Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/cloud-init/02_first_contact.md Launches a virtual machine using `virt-install`, attaching the cloud image and the generated `config.iso` for cloud-init. ```bash virt-install --name rocky10-iso-boot \ --memory 2048 --vcpus 2 \ --disk path=first-boot-vm.qcow2,format=qcow2 \ --disk path=config.iso,device=cdrom \ --os-variant rockylinux10 \ --import --noautoconsole ``` -------------------------------- ### Configure Action with User Inputs and Options Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/olivetin.md This example demonstrates how to create a GUI for a script using text inputs and dropdown menus for variables. OliveTin will prompt the user for input before running the command. ```yaml actions: - title: Build Container shell: sh /home/ezequiel/server-scripts/rocky-host/buildcontainer -c {{ containerName }} -d {{ domainName }} {{ softwarePackage }} timeout: 60 arguments: - name: containerName title: Container Name type: ascii_identifier - name: domainName title: Domain type: ascii_identifier - name: softwarePackage title: Default Software choices: - title: None value: - title: Nginx value: -s nginx - title: Nginx & PHP value: -s nginx-php - title: mariadb value: -s mariadb ``` -------------------------------- ### Install lychee link checker Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/expert_contributing.md Installs the lychee link checker. This example shows binary installation on Rocky Linux 10. Alternative installation methods for Fedora, Debian/Ubuntu (via cargo), and macOS are also provided. ```bash cd /tmp && curl -sLO https://github.com/lycheeverse/lychee/releases/latest/download/lychee-x86_64-unknown-linux-gnu.tar.gz tar xzf lychee-x86_64-unknown-linux-gnu.tar.gz && sudo mv lychee /usr/local/bin/ sudo chmod +x /usr/local/bin/lychee && rm -f lychee-x86_64-unknown-linux-gnu.tar.gz ``` ```bash sudo dnf install lychee ``` ```bash cargo install lychee ``` ```bash brew install lychee ``` -------------------------------- ### Install MariaDB Packages on Controller Node Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/hpc/slurm-rocky.md Installs necessary MariaDB packages on the Slurm controller node. Ensure MariaDB is enabled and started. ```yaml - name: Install the mariadb packages on the Controller Node become: true ansible.builtin.dnf: name: - mariadb - mariadb-devel - mariadb-server - python3-devel state: latest when: inventory_hostname == 'rocky-linux9-slurm-controller-node' ``` -------------------------------- ### Example of Keyboard Instructions in Documentation Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/rockydocs_formatting.md This example demonstrates how to represent complex keyboard shortcuts for switching virtual terminals in documentation. ```text A workstation-type installation (with a graphical interface) starts this interface on terminal 1. Since Linux is multi-user, it is possible to connect several users simultaneously to different **physical terminals** (TTYs) or **virtual terminals** (PTSs). Virtual terminals are available within a graphical environment. A user switches from one physical terminal to another using ++alt+"Fx"++ from the command line or ++ctrl+alt+"Fx"++. ``` -------------------------------- ### MariaDB Initial Setup Log Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/041-database-servers-mariadb.md This log output shows the initial setup process for MariaDB, detailing the creation of default user accounts like root@localhost and mysql@localhost, and their access privileges. ```text mariadb-prepare-db-dir[6560]: Initializing MariaDB database mariadb-prepare-db-dir[6599]: Two all-privilege accounts were created. mariadb-prepare-db-dir[6599]: One is root@localhost, it has no password, but you need to mariadb-prepare-db-dir[6599]: be system 'root' user to connect. Use, for example, sudo mysql mariadb-prepare-db-dir[6599]: The second is mysql@localhost, it has no password either, but mariadb-prepare-db-dir[6599]: you need to be the system 'mysql' user to connect. mariadb-prepare-db-dir[6599]: After connecting you can set the password, if you would need to be mariadb-prepare-db-dir[6599]: able to connect as any of these users with a password and without sudo ``` -------------------------------- ### Install Squid Package Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/053-load-balancer-proxies-squid.md Use this command to install the Squid proxy server package on your system. Ensure the service is not started until the cache is initialized. ```bash sudo dnf install squid ``` -------------------------------- ### Launch `vim` tutorial Source: https://github.com/rocky-linux/documentation/blob/main/docs/labs/systems_administration_I/lab3-system_utilities.md Start the interactive `vim` tutorial to learn the `vi` text editor. This is the recommended way to familiarize yourself with `vi`'s features. ```bash [root@localhost root]# vimtutor ``` -------------------------------- ### Install Default MySQL Server Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/042-database-servers-mysql.md Installs the default version of the mysql-server package using dnf. Ensures the mysqld service is enabled and started. ```bash sudo dnf install mysql-server ``` ```bash sudo systemctl enable mysqld.service --now ``` -------------------------------- ### Enable and Start OSSEC Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/web/apache_hardened_webserver/ossec-hids.md Enable the OSSEC HIDS service to start on boot and then start the service immediately. ```bash systemctl enable ossec-hids systemctl start ossec-hids ``` -------------------------------- ### Enable and Start Apache Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/cms/cloud_server_using_nextcloud.md Configures the Apache web server to start automatically on boot and then starts the service. ```bash systemctl enable httpd ``` ```bash systemctl start httpd ``` -------------------------------- ### Example HAProxy Log Output Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/proxies/haproxy_apache_lxd.it.md This is an example of the log output you might see in `/var/log/haproxy.log` after restarting HAProxy. It indicates that the proxies have started successfully. ```log Sep 25 23:18:02 proxyha haproxy[4602]: Proxy http_frontend started. Sep 25 23:18:02 proxyha haproxy[4602]: Proxy http_frontend started. Sep 25 23:18:02 proxyha haproxy[4602]: Proxy subdomain1 started. Sep 25 23:18:02 proxyha haproxy[4602]: Proxy subdomain1 started. Sep 25 23:18:02 proxyha haproxy[4602]: Proxy subdomain2 started. Sep 25 23:18:02 proxyha haproxy[4602]: Proxy subdomain2 started. ``` -------------------------------- ### Complete Postfix Configuration Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/email/02-basic-email-system.md A comprehensive example of the Postfix main.cf file, including settings for compatibility, directories, security, and TLS. ```text compatibility_level = 2 queue_directory = /var/spool/postfix command_directory = /usr/sbin daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix mail_owner = postfix myhostname = mail.rockylinux.me mydomain = rockylinux.me myorigin = $myhostname inet_interfaces = 192.168.100.6 inet_protocols = ipv4 mydestination = biff = no append_dot_mydomain = no smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname virtual_transport = lmtp:unix:private/dovecot-lmtp virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf,mysql:/etc/postfix/mysql-virtual-email2email.cf unknown_local_recipient_reject_code = 550 alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 sendmail_path = /usr/sbin/sendmail.postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix setgid_group = postdrop html_directory = no manpage_directory = /usr/share/man sample_directory = /usr/share/doc/postfix/samples readme_directory = /usr/share/doc/postfix/README_FILES smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem smtpd_tls_key_file = /etc/pki/tls/private/postfix.key smtpd_tls_security_level = may smtp_tls_CApath = /etc/pki/tls/certs smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_security_level = may meta_directory = /etc/postfix shlib_directory = /usr/lib64/postfix ``` -------------------------------- ### Example of Pip Update Process Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/localdocs/mkdocs_venv.md This is an illustrative example of the output when updating pip, showing the uninstallation of the old version and the successful installation of the new version. ```text Requirement already satisfied: pip in ./lib/python3.9/site-packages (21.2.3) Collecting pip Downloading pip-23.1-py3-none-any.whl (2.1 MB) |████████████████████████████████| 2.1 MB 1.6 MB/s Installing collected packages: pip Attempting uninstall: pip Found existing installation: pip 21.2.3 Uninstalling pip-21.2.3: Successfully uninstalled pip-21.2.3 Successfully installed pip-23.1 ``` -------------------------------- ### Illustrating Client and Server as One (su command) Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/security_enhancements/18-about-pam.md This example demonstrates a scenario where the client and server are the same process, using the 'su' command to switch users. It shows the authentication token used and the resulting user context. ```bash Bash > whoami alice Bash > ls -l `which su` Bash > su - Password: 1Q.3werzasd Bash > whoami root ``` -------------------------------- ### Start httpd service using systemd module Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/learning_ansible/01-basic.md Starts the httpd service on target hosts using the `systemd` module. This command should be run after installing httpd. ```bash # ansible rocky8 --become -m systemd -a "name=httpd state=started" ``` ```json 172.16.1.10 | SUCCESS => { "changed": true, "name": "httpd", "state": "started" } 172.16.1.11 | SUCCESS => { "changed": true, "name": "httpd", "state": "started" } ``` -------------------------------- ### Gather system facts using setup module Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/learning_ansible/01-basic.md Retrieves system facts (variables) from target hosts using the `setup` module. This is useful for understanding the client environment and for use in playbooks. ```bash # ansible ansible_clients -m setup | less ``` ```json 192.168.1.11 | SUCCESS => { "ansible_facts": { "ansible_all_ipv4_addresses": [ "192.168.1.11" ], "ansible_all_ipv6_addresses": [ "2001:861:3dc3:fcf0:a00:27ff:fef7:28be", "fe80::a00:27ff:fef7:28be" ], "ansible_apparmor": { "status": "disabled" }, "ansible_architecture": "x86_64", "ansible_bios_date": "12/01/2006", "ansible_bios_vendor": "innotek GmbH", "ansible_bios_version": "VirtualBox", "ansible_board_asset_tag": "NA", "ansible_board_name": "VirtualBox", "ansible_board_serial": "NA", "ansible_board_vendor": "Oracle Corporation", ... ``` -------------------------------- ### Enable and Start libvirtd Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/libvirt-rocky.md Ensure the libvirtd service starts on boot and is running. ```bash sudo systemctl enable --now libvirtd ``` -------------------------------- ### Example Certbot Renewal Timer Entry Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/security/generating_ssl_keys_lets_encrypt.md An example output from `systemctl list-timers` showing the scheduled renewal timer for Certbot, typically set up by snap installations. ```text Sat 2021-04-03 07:12:00 UTC 14h left n/a n/a snap.certbot.renew.timer snap.certbot.renew.service ``` -------------------------------- ### Enable and Start Apache Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/03-application-servers.md Enable the Apache service to start on boot and start it immediately. Also, check its status. ```bash sudo systemctl enable --now httpd sudo systemctl status httpd ``` -------------------------------- ### Install or Upgrade an Ansible Collection Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/learning_ansible/04-ansible-galaxy.md Use `ansible-galaxy collection install` to add or update collections. The `--upgrade` flag ensures you get the latest version. ```bash ansible-galaxy collection install namespace.collection [--upgrade] ``` -------------------------------- ### Create Index File for Site 1 Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/web/nginx-multisite.md Create and open the index.html file for the first website using the nano text editor. ```bash nano test.server.site1/html/index.html ``` -------------------------------- ### Enable and start Apache service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/proxies/haproxy_apache_lxd.md Enable the Apache service to start on boot and start the service immediately on the 'web1' and 'web2' containers. ```bash lxc exec web1 systemctl enable httpd lxc exec web1 systemctl start httpd lxc exec web2 systemctl enable httpd lxc exec web2 systemctl start httpd ``` -------------------------------- ### Copy snmpd.conf Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/network/librenms_monitoring_server.md Copy the example snmpd.conf file from LibreNMS installation to the system's SNMP configuration directory. This provides a template for SNMP daemon configuration. ```bash cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf ``` -------------------------------- ### Download and run micro installer Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/editors/micro.md This command downloads the micro installer script from the official website and executes it in the current directory. It's a convenient way to get the editor. ```bash curl https://getmic.ro | bash ``` -------------------------------- ### Configurare un ambiente di sviluppo Python per cloud-init Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/cloud-init/07_contributing.it.md Crea e attiva un ambiente virtuale Python per isolare le dipendenze di sviluppo di cloud-init. Installa quindi le dipendenze necessarie utilizzando il file requirements-dev.txt fornito. ```bash python3 -m venv .venv source .venv/bin/activate pip install -r requirements-dev.txt ``` -------------------------------- ### Equivalent DNF Install Commands Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/13-softwares.md Demonstrates equivalent DNF commands for installing nginx, showing how specifying the module stream and profile affects the installation. ```bash sudo dnf install nginx ``` ```bash sudo dnf install nginx:1.14 ``` ```bash sudo dnf install nginx:1.14/common ``` -------------------------------- ### Start Rsync Daemon and Check Network Status Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/learning_rsync/03_rsync_demo02.md Install the rsync daemon if necessary, start the service, and then check the network status to confirm rsync is listening on the configured port. ```bash [root@Rocky ~]# systemctl start rsyncd.service [root@Rocky ~]# netstat -tulnp Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 691/sshd tcp 0 0 192.168.100.4:873 0.0.0.0:* LISTEN 4607/rsync tcp6 0 0 :::22 :::* LISTEN 691/sshd udp 0 0 127.0.0.1:323 0.0.0.0:* 671/chronyd udp6 0 0 ::1:323 :::* 671/chronyd ``` -------------------------------- ### Awk substr Function Example (Line Segment) Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/sed_awk_grep/4_awk_command.md Extracts a portion of a string starting from a specific character position. This example extracts from the 16th character onwards from lines containing 'daemon'. ```bash # I need this part of the content - "emon:/sbin:/sbin/nologin" Shell > head -n 5 /etc/passwd | awk '/daemon/ {print substr($0,16)}' ``` -------------------------------- ### Enable and Start Apache Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/web/php.md Enable the Apache service to start on boot and start it immediately. Also, configure the firewall to allow HTTP traffic. ```bash sudo systemctl enable --now httpd sudo systemctl status httpd sudo firewall-cmd --add-service=http --permanent sudo firewall-cmd --reload ``` -------------------------------- ### Install All Configured Mason Servers Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/nvchad/template_chadrc.md Run ':MasonInstallAll' to install all language servers and formatters listed in the 'ensure_installed' table within the Mason configuration. ```text :MasonInstallAll ``` -------------------------------- ### Copy CRS Setup Configuration Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/web/apache_hardened_webserver/modsecurity.md Copies the example CRS setup configuration file to the active configuration file. This file can be edited for custom tuning, but often requires no changes initially. ```bash cp crs/crs-setup.conf.example crs/crs-setup.conf ``` -------------------------------- ### Create DNS Zone File Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/dns/knot_authoritative_dns.md Create and populate the DNS zone file for your domain. This example uses BIND-compatible syntax. Ensure 'example.com' and associated records are updated. ```bash vi /var/lib/knot/zones/example.com.zone ``` ```zone $TTL 86400 ; How long should records last? ; $TTL used for all RRs without explicit TTL value $ORIGIN example.com. ; Define our domain name @ 1D IN SOA ns1.example.com. hostmaster.example.com. ( 2024061301 ; serial 3h ; refresh duration 15 ; retry duration 1w ; expiry duration 3h ; nxdomain error ttl ) IN NS ns1.example.com. ; in the domain IN MX 10 mail.another.com. ; external mail provider IN A 172.20.0.100 ; default A record ; server host definitions ns1 IN A 172.20.0.100 ; name server definition www IN A 172.20.0.101 ; web server definition mail IN A 172.20.0.102 ; mail server definition ``` -------------------------------- ### Get MariaDB version with mariadb-admin Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/041-database-servers-mariadb.md A specific example of using mariadb-admin to retrieve the server version. ```bash mariadb-admin -u root -p version ``` -------------------------------- ### Install Pacemaker and PCS on Both Nodes Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/07-high-availability.it.md Execute these commands on both nodes to install Pacemaker and PCS, enable the `highavailability` repository, configure the firewall, and start the `pcsd` service. It also sets the `hacluster` user password. ```bash sudo dnf config-manager --set-enabled highavailability sudo dnf install pacemaker pcs sudo firewall-cmd --permanent --add-service=high-availability sudo firewall-cmd --reload sudo systemctl enable pcsd --now echo "pwdhacluster" | sudo passwd --stdin hacluster ``` -------------------------------- ### Install Apache (Passive Voice) Source: https://github.com/rocky-linux/documentation/blob/main/docs/rocky_insights/blogs/active_voice.md Example of a passive voice instruction. This phrasing is indirect and less concise. ```text For our web platform, Apache must be installed using this command: `sudo dnf install httpd` ``` -------------------------------- ### Install Cloud-Init Package Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/templates-automation-packer-vsphere.md Installs the cloud-init package, which is essential for initializing cloud instances. Includes a note about a specific bug and its workaround. ```bash echo "Installing cloud-init..." dnf -y install cloud-init # see https://bugs.launchpad.net/cloud-init/+bug/1712680 ``` -------------------------------- ### Install file with owner, group, and permissions Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/04-advanced-commands.md Combine install command with sudo to set owner, group, and permissions (-o, -g, -m) while copying files and creating directories. ```bash sudo install -v -o rocky -g users -m 644 -D -t ~/samples/ src/sample.txt ``` -------------------------------- ### MariaDB Root Password Prompt Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/cms/mediawiki.md Example of the prompt when setting the MariaDB root password during the secure installation. ```bash Enter current password for root (++enter++ for none): ``` -------------------------------- ### Install iotop Package Source: https://github.com/rocky-linux/documentation/blob/main/docs/labs/systems_administration_II/lab4-advanced_system_process_monitoring.md Installs the `iotop` utility, which monitors disk I/O usage by processes in real-time, similar to how `top` monitors CPU and memory. ```bash sudo dnf -y install iotop ``` -------------------------------- ### Configure Packer Provisioners Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/templates-automation-packer-vsphere.md Define provisioners to execute scripts after the base OS installation. This example uses a shell provisioner to run a 'requirements.sh' script for post-installation tasks like cleaning the VM and installing packages. ```json "provisioners": [ { "type": "shell", "expect_disconnect": true, "execute_command": "bash '{{.Path}}'", "script": "{{template_dir}}/scripts/requirements.sh" } ], ``` -------------------------------- ### Re-enable and Restart MySQL Service Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/042-database-servers-mysql.md Ensures the MySQL service is enabled to start on boot and is currently running after an installation or update. ```bash sudo systemctl enable mysqld.service --now ``` -------------------------------- ### Install and Update Packages Source: https://github.com/rocky-linux/documentation/blob/main/docs/gemstones/markdown-demo-v2.md Use this command sequence to install, update, and remove packages, then enable a service. ```bash dnf install my_stapler dnf update my_pencil dnf remove my_notepad systemctl enable my_stapler ``` -------------------------------- ### Install Apache (Active Voice - 9 words) Source: https://github.com/rocky-linux/documentation/blob/main/docs/rocky_insights/blogs/active_voice.md An active voice alternative that is more direct. It uses fewer words than the passive voice example. ```text For your web platform, install Apache with this command: `sudo dnf install httpd` ``` -------------------------------- ### Install Podman and Buildah Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/containers/podman-nextcloud.md Install the necessary container management tools, Podman and Buildah. ```bash dnf -y install podman buildah ``` -------------------------------- ### Awk if statement with regex condition Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/sed_awk_grep/4_awk_command.md Conditions in Awk's if statements can be regular expressions. This example prints lines that start with 'ftp' or 'ssh'. ```bash Shell > cat /etc/services | awk '{if(/^(ftp)\s|^(ssh)\s/) print $0}' ftp 21/tcp ftp 21/udp fsp fspd ssh 22/tcp # The Secure Shell (SSH) Protocol ssh 22/udp # The Secure Shell (SSH) Protocol ftp 21/sctp # FTP ssh 22/sctp # SSH ``` -------------------------------- ### Postfix Service Unit File Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/10-boot.md This is an example of a systemd unit file for the postfix service, defining its dependencies, execution commands, and installation settings. ```bash [Unit] Description=Postfix Mail Transport Agent After=syslog.target network.target Conflicts=sendmail.service exim.service [Service] Type=forking PIDFile=/var/spool/postfix/pid/master.pid EnvironmentFile=-/etc/sysconfig/network ExecStartPre=-/usr/libexec/postfix/aliasesdb ExecStartPre=-/usr/libexec/postfix/chroot-update ExecStart=/usr/sbin/postfix start ExecReload=/usr/sbin/postfix reload ExecStop=/usr/sbin/postfix stop [Install] WantedBy=multi-user.target ``` -------------------------------- ### Install Host Tools for Virtualization Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/virtualization/cloud-init/02_first_contact.md Installs necessary virtualization tools like libvirt, qemu-kvm, virt-install, and genisoimage on a Rocky Linux host. ```bash sudo dnf install -y libvirt qemu-kvm virt-install genisoimage ``` -------------------------------- ### Kickstart Repository Configuration Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/automation/templates-automation-packer-vsphere.md Configures the installation source to use both CD-ROM media and a remote AppStream repository. This is necessary when using the minimal ISO to ensure all required packages, like open-vm-tools, are available. ```bash # Use CD-ROM installation media repo --name="AppStream" --baseurl="http://download.rockylinux.org/pub/rocky/8.4/AppStream/x86_64/os/" cdrom ``` -------------------------------- ### Awk length Function Example (Field) Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/sed_awk_grep/4_awk_command.md Demonstrates using the length function to get the character length of the first field ($1) for each line. ```bash # The length of the output field Shell > tail -n 5 /etc/services | awk '{print length($1)}' ``` -------------------------------- ### Launch Additional Incus Containers Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/incus_server/05-incus_images.md Installs and launches two more containers: 'rockylinux-test-9' from the 'rockylinux/9' image and 'ubuntu-test' from the 'ubuntu/22.04' image. These containers will start automatically. ```bash incus launch images:rockylinux/9 rockylinux-test-9 ``` ```bash incus launch images:ubuntu/22.04 ubuntu-test ``` -------------------------------- ### Display Configure Script Options Source: https://github.com/rocky-linux/documentation/blob/main/docs/labs/systems_administration_I/lab7-software_management.md Run the `./configure --help` command to view all available options for customizing the build process. This helps in understanding configurable features. ```bash ./configure --help ``` -------------------------------- ### Basic install command usage Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/04-advanced-commands.md Use the install command to copy files and create directories. It combines functionalities of cp, mkdir, chmod, and chown. ```bash install source dest ``` ```bash install -t directory source [...] ``` ```bash install -d directory ``` -------------------------------- ### Serve Documentation in Live Development Mode Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/contribute/localdocs/rockydocs_tool_guide.md Starts a local web server with live reloading. Edits to Markdown files in the 'docs/' directory will automatically refresh the browser. ```bash ./rockydocs.sh --serve ``` -------------------------------- ### Enable and Secure MariaDB Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/cms/mediawiki.md Enables the MariaDB service to start on boot, runs the security setup wizard, and configures root password and user access. ```bash systemctl enable --now mariadb mysql_secure_installation ``` -------------------------------- ### Enable and Start irqbalance Source: https://github.com/rocky-linux/documentation/blob/main/docs/guides/network/performance_tuning/network_performance_irq_tuning.md Enable the `irqbalance` service to start automatically on boot and start it immediately. This is recommended if the service is not running. ```bash systemctl enable --now irqbalance ``` -------------------------------- ### Launch a Rocky Linux Container Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/incus_server/05-incus_images.md Installs and launches a new container named 'rockylinux-test-8' based on the 'rockylinux/8' image. The container starts automatically upon creation. ```bash incus launch images:rockylinux/8 rockylinux-test-8 ``` -------------------------------- ### Minimal Apache httpd.conf File Example Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/021-web-servers-apache.md Provides a basic structure of the main Apache configuration file. This serves as a starting point for understanding essential directives. ```apache ServerRoot "/etc/httpd" Listen 80 Include conf.modules.d/*.conf User apache Group apache ServerAdmin root@localhost AllowOverride none Require all denied DocumentRoot "/var/www/html" AllowOverride None Require all granted Options Indexes FollowSymLinks AllowOverride None Require all granted DirectoryIndex index.html Require all denied ErrorLog "logs/error_log" LogLevel warn LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio CustomLog "logs/access_log" combined ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" AllowOverride None Options None Require all granted TypesConfig /etc/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType text/html .shtml AddOutputFilter INCLUDES .shtml AddDefaultCharset UTF-8 MIMEMagicFile conf/magic EnableSendfile on IncludeOptional conf.d/*.conf ``` -------------------------------- ### Copy file to directory with verbose and create leading components Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/04-advanced-commands.md Use the -v, -D, and -t options with the install command for verbose output, creating leading directories, and copying to a target directory. ```bash $ install -v -D -t ~/samples/ src/sample.txt install: creating directory '~/samples' 'src/sample.txt' -> '~/samples/sample.txt' ``` -------------------------------- ### Awk int() function example Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/sed_awk_grep/4_awk_command.md The int() function truncates a number to its integer part. It converts non-numeric strings to 0 and strings starting with numbers by truncating. ```bash Shell > echo -e "qwer123\n123\nabc\n123abc123\n100.55\n-155.27" | awk '{print int($1)}' ``` -------------------------------- ### Example Repository Configuration Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/admin_guide/13-softwares.md Shows the typical format of a single repository definition within a `.repo` file, including essential options like name, mirrorlist, and GPG check settings. ```ini [baseos] name=Rocky Linux $releasever - BaseOS mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever #baseurl=http://dl.rockylinux.org/$contentdir/$releasever/BaseOS/$basearch/os/ gpgcheck=1 enabled=1 countme=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial ``` -------------------------------- ### Secure MariaDB Installation Source: https://github.com/rocky-linux/documentation/blob/main/docs/books/web_services/041-database-servers-mariadb.md Execute this command to run the security script for MariaDB. It guides you through setting a root password, removing anonymous users, and other security enhancements. ```bash sudo mariadb-secure-installation ```