WordPress on LAMP with Session Encryption and Backup

Overview Zen Astronave is a personal blog site. In this guide, we will implement a LAMP (Linux, Apache, MariaDB, and PHP) system and install WordPress for zenastronave.com. Since we are interested in the CIA triad (Confidentiality, Integrity, and Availability), we will also implement a firewall, TLS (Transport Layer Security) certificates, and daily backups. This example uses AlmaLinux but should also […]

Making Libvirt User-friendly in AlmaLinux

In AlmaLinux (and Red Hat Enterprise Linux, Rocky Linux, and CentOS), libvirtd defaults to the user URI. When a regular user executes virsh list, they will see only the KVM virtual machines accessible to their user and will not see those started by the system. You can change this behavior so that regular users can list and interact with virtual […]

Example AlmaLinux Kickstart

This is an example kickstart for a typical system with a single disk (nvme0n1) and a single network adapter (ens160). These values may need to be changed to suit your environment. It will copy additional Assets to the target system as described in Customizing the AlmaLinux Installer Media. The resulting system uses LUKS full-disk encryption (the LUKS and root user […]

Customizing the AlmaLinux Installer Media

This article shows you how to customize the AlmaLinux (or Red Hat Enterprise Linux, or Rocky Linux, or CentOS Linux) installer media to include a kickstart file and additional file assets. Commands prepended with # should be run as root while commands prepended with $ should be run as your regular user. Prerequisites A basic AlmaLinux workstation installation (temporary is […]

Automating Rdiff-backup with Bash

Rdiff-backup is a robust and well-documented tool for performing reverse differential backups. It is particularly well suited for using Linux and SSH to perform incremental backups of remote Linux systems. This onezeroone.dev script automates the use of rdiff-backup to perform incremental backups of one or more remote Linux systems over SSH to a dedicated local volume. It will: For documentation […]

Emulating a 32-bit Raspberry Pi ARM 7 on CentOS Linux with Qemu

Overview Emulate an ARM processor on Intel using CentOS 7 and Qemu. Prerequisite Packages Qemu Cross-compilation Acquire Resources Create a working directory in your unprivileged user home directory and clone the raspbian kernel source: Also get the Raspbian toolchain: Download a current version of Raspbian from downloads.raspberrypi.org and unpack. This example uses Raspbian Lite 2020-02-14: Inspect the Raspbian Image The […]

Windows Desktop Virtualization with Mint 18 and KVM

The linux kernel includes a capable hybrid Type I/II Hypervisor referred to as the Kernel Virtualization Modules (KVM) which forms the basis for enterprise-class virtualization solutions such as Red Hat Enterprise Virtualization. While it may lack some of the features of other commercial and non-commercial solutions like VMWare, Hyper-V or Virtualbox, KVM offers support for a plethora of guest operating systems and […]

OpenSSL Self-Signed Certificates

Whether you are deploying, evaluating, testing, and/or developing a web-based application; experimenting with Apache configuration; learning about web-based security technologies; or any of many other possible scenarios, you may find yourself needing to secure a web site with a TLS certificate (commonly referred to as an SSL certificate). Securing a web server with TLS is a multi-step process. The general […]