helm repo add apisix https://charts.apiseven.com
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update

Set to version 3

#  We use Apisix 3.0 in this example. If you're using Apisix v2.x, please set to v2
ADMIN_API_VERSION=v3

Install APISIX

Make sure you have access to Kubernetes cluster using kubeconfig file

helm upgrade --install apisix apisix/apisix \
  --set gateway.type=LoadBalancer \
  --set service.type=LoadBalancer \
  --set ingress-controller.enabled=true \
  --create-namespace \
  --namespace ingress-apisix \
  --set ingress-controller.config.apisix.serviceNamespace=ingress-apisix \
  --set ingress-controller.config.apisix.adminAPIVersion=$ADMIN_API_VERSION

The post APISIX Digital Ocean Setup appeared first on TEKSpace Blog.

Step 1. Generate the private key:

openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048

Step 2: Generate the Public Key from the Private Key:

openssl rsa -pubout -in private_key.pem -out public_key.pem

Step 3: Convert the Private Key to Base64:

openssl base64 -A -in private_key.pem -out private_key_base64.txt

Step 4: Convert the Public Key to Base64:

openssl base64 -A -in public_key.pem -out public_key_base64.txt

The -A flag in the openssl base64 command ensures that the Base64 output is in a single line.

The post How to generate private and public keys using OpenSSL command appeared first on TEKSpace Blog.

SFTP (Secure Shell File Transfer Protocol) is a means of transferring files securely from a client to a server over a network.

Sometimes, you may want to grant SFTP access to allow users to upload files on your Linux server. However, this could pose a security risk to the entire file system.

To mitigate this risk, chroot is used. It changes the root directory of the user during an SFTP session, ensuring isolation from the main system.

Chrooted users cannot break the jail but can still run standard SFTP commands to manage their directories and files.

This is a step-by-step guide for creating an SFTP chroot environment on an Ubuntu 16.04 instance that locks users to their home directory while restricting shell access for security purposes.

Prerequisites

• A Linux server running Ubuntu 16.04.

• A non-root user with sudo privileges

Step 1: Creating an SFTP Group

To manage chrooted users, create a group using the groupadd command:

sudo groupadd sftpusers

Replace sftpusers with your preferred group name.

Step 2: Setting Up OpenSSH

SFTP operates over SSH and inherits its security features, including data encryption that prevents password sniffing and man-in-the-middle attacks.

OpenSSH reads configuration settings from /etc/ssh/sshd_config. Modify this file using a text editor such as nano:

sudo nano /etc/ssh/sshd_config

Locate the line:

#Subsystem sftp /usr/lib/openssh/sftp-server

And change it to:

Subsystem sftp internal-sftp

Add the following lines at the end of the file:

Match Group sftpusers
    ChrootDirectory %h
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp

Ensure to replace sftpusers with the group name you created.

Explanation of Configuration:

• Subsystem sftp internal-sftp: Configures the in-process SFTP server, simplifying chroot configurations.
• Match Group sftpusers: Applies the settings to users in the sftpusers group.
• ChrootDirectory %h: Restricts users to their home directory.
• X11Forwarding no: Disables X11 forwarding to limit access to graphical applications.
• AllowTcpForwarding no: Disables TCP forwarding to enhance security.
• ForceCommand internal-sftp: Ensures only the SFTP process runs upon login.

Restart the SSH daemon after making changes:

sudo service ssh restart

Step 3: Configuring User Accounts

Create and configure user accounts. For example, to create a user named jacob:

sudo adduser jacob

Follow the prompts to set the user password and details. By default, this command creates a home directory /home/jacob. Add the user to the sftpusers group:

sudo usermod -G sftpusers jacob

Change the ownership of the user’s home directory to root:

sudo chown root:root /home/jacob

Set the appropriate permissions:

sudo chmod 755 /home/jacob

Create subdirectories within the user’s home and assign ownership:

sudo mkdir /home/jacob/outbound
sudo chown jacob:jacob /home/jacob/outbound

sudo mkdir /home/jacob/inbound
sudo chown jacob:jacob /home/jacob/inbound
sudo chmod 700 /home/jacob/inbound

chmod 700 only allows jacob user to read and write and will not allow any other user to read.

Step 4: Testing the Configuration

Connect to your server using SFTP with the newly created user:

sftp jacob@<your-vps-ip>

Verify the connection by running the pwd command:

sftp> pwd
Remote working directory: /

Step 5: Confirming Shell Access Restriction

Attempt to connect via SSH with the restricted user credentials. If the setup is correct, shell access should be denied.

Congratulations! You have successfully created a chroot environment with SFTP access for your users.

The post Setup SFTP Server And Users In Ubuntu Linux appeared first on TEKSpace Blog.

Basic authentication is a method where the client sends the username and password encoded in Base64 as part of the request header. It’s important to note that while easy to implement, basic authentication is not secure by itself and should always be used over HTTPS to protect the credentials.

PowerShell’s Invoke-RestMethod cmdlet makes it straightforward to perform REST API requests. To use basic authentication, you’ll need to include an authorization header with your request. Here’s a step-by-step guide:

First, you need to encode your username and password in Base64. This can be done easily in PowerShell:

# Define your username and password
$username = "your_username"
$password = "your_password"

# Combine username and password
$pair = "$username:$password"

# Encode the combined string in Base64
$encodedCredentials = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($pair))

# Create the authorization header
$headers = @{
    Authorization = "Basic $encodedCredentials"
}

With the credentials encoded and the authorization header set, you can now use Invoke-RestMethod to make the authenticated request. Here’s an example:

# Define the API endpoint URL
$url = "https://api.example.com/data"

# Make the request with the authorization header
$response = Invoke-RestMethod -Uri $url -Headers $headers -Method Get

# Output the response
$response

Putting it all together, here is the complete example code:

# Step 1: Encode credentials
$username = "your_username"
$password = "your_password"
$pair = "$username:$password"
$encodedCredentials = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($pair))
$headers = @{
    Authorization = "Basic $encodedCredentials"
}

# Step 2: Make the REST API request
$url = "https://api.example.com/data"
$response = Invoke-RestMethod -Uri $url -Headers $headers -Method Get

# Output the response
$response

Benefits

• Ease of Use: Basic authentication is simple to set up and use, making it suitable for quick tests and simple integrations.
• Compatibility: It is widely supported across different platforms and programming languages.

Best Practices

• Use HTTPS: Always use HTTPS to encrypt the credentials and protect them from being intercepted.
• Avoid Hardcoding Credentials: Store credentials securely and avoid hardcoding them in scripts. Use secure methods like environment variables or secure credential stores.
• Rotate Credentials Regularly: Regularly update and rotate credentials to minimize security risks.

Using Invoke-RestMethod with basic authentication in PowerShell is a straightforward process that involves encoding your credentials and setting the appropriate headers. While convenient, always ensure you are following best practices to keep your credentials secure. Happy scripting!

By following this guide, you can easily integrate basic authentication into your PowerShell scripts and interact with REST APIs securely and efficiently.

The post Basic Authentication in PowerShell Using Invoke-RestMethod appeared first on TEKSpace Blog.

Here’s a step-by-step guide to do it:

Step 1: Create a New Secret with Updated Credentials

1. Log in to Docker Registry: Before updating the secret, ensure you’re logged into the Docker registry from your command line interface so that Kubernetes can access it.
2. Create or Update the Secret: Use the kubectl create secret command to create a new secret or update an existing one with your Docker credentials. If you’re updating an existing secret, you might need to delete the old secret first. To create a new secret (or replace an existing one)

kubectl create secret docker-registry regcred \
  --docker-server=<YOUR_REGISTRY_SERVER> \ # The URL of your Docker registry
  --docker-username=<YOUR_USERNAME> \ # Your Docker registry username
  --docker-password=<YOUR_PASSWORD> \ # Your Docker registry password
  --docker-email=<YOUR_EMAIL> \ # Your Docker registry email
  --namespace=<NAMESPACE> \ # The Kubernetes namespace where the secret will be used
  --dry-run=client -o yaml | kubectl apply -f -

Replace <YOUR_REGISTRY_SERVER>, <YOUR_USERNAME>, <YOUR_PASSWORD>, <YOUR_EMAIL>, and <NAMESPACE> with your Docker registry details and the appropriate namespace. The --dry-run=client -o yaml | kubectl apply -f - part generates the secret definition and applies it to your cluster, effectively updating the secret if it already exists.

Step 2: Update Deployments or Pods to Use the New Secret

If you’ve created a new secret with a different name, you’ll need to update your deployment or pod specifications to reference the new secret name. This step is unnecessary if you’ve updated an existing secret.

1. Edit Deployment or Pod Specification: Locate your deployment or pod definition files (YAML files) and update the imagePullSecrets section to reference the new secret name if it has changed.
2. Apply the Changes: Use kubectl apply -f <deployment-or-pod-file>.yaml to apply the changes to your cluster.

Step 3: Verify the Update

Ensure that your deployments or pods can successfully pull images using the updated credentials.

1. Check Pod Status: Use kubectl get pods to check the status of your pods. Ensure they are running and not stuck in a ImagePullBackOff or similar error status due to authentication issues.
2. Check Logs: For further verification, check the logs of your pods or deployments to ensure there are no errors related to pulling images from the Docker registry. You can use kubectl logs <pod-name> to view logs.

This method ensures that your Kubernetes deployments can continue to pull images from private registries without interruption, using the updated credentials.

The post How to create docker registry credentials using kubectl appeared first on TEKSpace Blog.

scp [OPTION] [user@]SRC_HOST:]file1 [user@]DEST_HOST:]file2

Here are some examples of how you can use scp:

1. Copying a file from your local machine to a remote server:

   scp /path/to/local/file username@remote_server:/path/to/remote/directory

This command copies a file from your local machine to the specified directory on the remote server. Replace /path/to/local/file with the path to the file you want to copy, username with your username on the remote server, remote_server with the IP address or hostname of the remote server, and /path/to/remote/directory with the destination directory on the remote server.

2. Copying a file from a remote server to your local machine:

   scp username@remote_server:/path/to/remote/file /path/to/local/directory

This does the opposite of the first example: it copies a file from the remote server to your local machine.

3. Copying a directory recursively from your local machine to a remote server:

   scp -r /path/to/local/directory username@remote_server:/path/to/remote/directory

The -r option is used to copy directories recursively. Replace /path/to/local/directory with the path to the local directory you want to copy, and adjust the other placeholders as in the previous examples.

4. Copying a file from one remote server to another remote server:

   scp username1@remote_server1:/path/to/file username2@remote_server2:/path/to/directory

This command copies a file directly between two remote servers. You will need to have SSH access from the source server to the destination server for this to work without prompting for a password mid-transfer.

Remember to replace placeholders like username, remote_server, /path/to/local/file, and /path/to/remote/directory with your actual user names, server addresses, and file paths. If the SSH server is running on a port other than the default (22), you can specify the port with the -P option, like so: scp -P port_number ....

The post SCP Command to copy files to new server appeared first on TEKSpace Blog.

Connecting to a PostgreSQL Database:

• Connect to a PostgreSQL database:

psql -d database_name -U user_name

• Connect to a PostgreSQL database on a specific host and port:

psql -h host_name -p port_number -d database_name -U user_name

Listing Databases and Tables:

• List all databases: \l or \list
• List all tables in the current database: \dt (for tables in the public schema) or \dt *.* (for tables in all schemas)

Switching Databases:

• Switch connection to another database: \c database_name

Viewing Table Structure:

• Describe a table’s structure (columns, types, etc.): \d table_name

Executing SQL Queries:

• Execute an SQL query directly from the command line:

psql -d database_name -U user_name -c "SELECT * FROM table_name;"

Exporting and Importing Data:

• Export data to a file:

psql -d database_name -U user_name -c "COPY table_name TO '/path/to/file.csv' DELIMITER ',' CSV HEADER;"

• Import data from a file:

psql -d database_name -U user_name -c "\COPY table_name FROM '/path/to/file.csv' DELIMITER ',' CSV HEADER;"

Managing Users and Permissions:

• Create a new user: CREATE USER user_name WITH PASSWORD 'password';
• Grant privileges to a user on a database: GRANT ALL PRIVILEGES ON DATABASE database_name TO user_name;
• Revoke privileges from a user on a database: REVOKE ALL PRIVILEGES ON DATABASE database_name FROM user_name;

Database Maintenance:

• Vacuum a database (clean up and optimize): VACUUM (VERBOSE, ANALYZE) table_name;
• Reindex a database: REINDEX DATABASE database_name;
• Show running queries: SELECT * FROM pg_stat_activity;
• Cancel a running query: SELECT pg_cancel_backend(pid);

Exiting psql:

• Exit the psql utility: \q

These commands cover a broad range of operations you might need to perform when managing PostgreSQL databases from the command line. Remember to replace placeholders like database_name, user_name, table_name, and file paths with your actual database names, user names, table names, and file paths.

The post Useful PostgreSQL commands for command line appeared first on TEKSpace Blog.

1. List all databases: To see all the databases in PostgreSQL, you use the command:

   \l

or

   \list

This command displays the list of databases along with other information like the database owner, encoding, and access privileges.

2. Use (or switch to) a specific database: To select a database to work with, you use the \c command followed by the name of the database. For example, if your database name is exampledb, you would use:

   \c exampledb

This command connects you to the exampledb database, allowing you to execute queries against it.

3. Query tables within the selected database:

• List all tables: Once you’ve switched to your database, to see all the tables within that database, use the command: \dt This lists all the tables in the current database schema. If you want to see tables from all schemas, you can use: \dt *.*
• Querying data from a table: To query data from a specific table, you use the standard SQL SELECT statement. For example, if you want to select all columns from a table named employees, you would use: SELECT * FROM employees;
• Describing a table structure: To get detailed information about the columns of a table, you can use the \d command followed by the name of the table. For example: \d employees This command shows the column names, data types, and other information about the employees table.

These are the basic commands to get started with managing and querying databases and tables in PostgreSQL. Remember, to use these commands, you need to have access to the PostgreSQL server and appropriate permissions to view and query the databases and tables.

The post PostgreSQL list database and query tables appeared first on TEKSpace Blog.

Effectively managing data is a key aspect of database administration. In PostgreSQL, scenarios often arise where data needs to be exported from one database and imported into another. This post will detail a practical approach to exporting data from a PostgreSQL table and then importing it into another database using command-line tools.

Exporting Data from PostgreSQL

Scenario

You want to export data from a specific table, named Application, in a case-sensitive manner from a PostgreSQL database.

Solution: Using pg_dump

pg_dump is a utility provided by PostgreSQL for backing up a database. It can export data in a format suitable for later restoration or transfer to another database.

Command:

pg_dump -U acme_db_sandbox_user -h localhost -d acme_db_sandbox -t '"Application"' --column-inserts --data-only > output.sql

Explanation:

• -U acme_db_sandbox_user: Specifies the user for database connection.
• -h localhost: Targets the local machine for the database server.
• -d acme_db_sandbox: Specifies the database from which to export.
• -t '"Application"': Indicates the case-sensitive name of the table to export.
• --column-inserts: Ensures the generation of INSERT statements with column names.
• --data-only: Excludes database schema (structure) from the export, focusing only on the data.
• > output.sql: Redirects the exported data to output.sql.

This command generates an SQL file (output.sql) containing INSERT statements for each row in the Application table.

Importing Data into PostgreSQL

Scenario

Now, you need to import the previously exported data into a different database.

Solution: Using psql

psql is a command-line interface used to interact with PostgreSQL. It allows you to execute SQL queries and run scripts.

Command:

psql -h localhost -U acme_billing_db_sandbox_user -d acme_billing_db_sandbox -W -f output.sql

Explanation:

• -h localhost: Connects to the PostgreSQL server on the local machine.
• -U acme_billing_db_sandbox_user: Specifies the user for the target database.
• -d acme_billing_db_sandbox: Designates the target database.
• -W: Prompts for the user’s password as a security measure.
• -f output.sql: Executes the SQL commands in output.sql.

This command imports the data from output.sql into the specified database. Ensure that the target database has the appropriate table structure to accommodate the data.

Conclusion

Transferring data between PostgreSQL databases can be efficiently handled using command-line tools like pg_dump and psql. This process involves exporting data in SQL format using pg_dump and then importing it with psql. This approach is particularly useful for database administrators and developers looking to manage data across different environments or systems.

Remember, accurate knowledge of your database schema and careful command execution are key to successful data transfer. Happy database managing!

The post Importing and Exporting Data in PostgreSQL appeared first on TEKSpace Blog.

Step 1: Go to Microsoft 365 Admin Center and sign in with your admin account.

Step 2: Go to Users > Active Users.

Step 3: Click on Multi-Factor Authentication

A page with all the users will pop up.

Step 4: Click on the user you would like to disable MFA:

Step 5: Click on disable and click yes

The post How to Disable Multi-Factor Authentication In Microsoft 365 appeared first on TEKSpace Blog.