Skip to main content

Заметки

Страница заметок [temp]                                                                                                                                                                   

passbolt

https://www.passbolt.com/docs/hosting/install/ce/docker/

docker compose -f docker-compose.yaml \
exec passbolt su -m -c "/usr/share/php/passbolt/bin/cake \
  passbolt register_user \
    -u xeonmp22@gmail.com \
    -f xeon \
    -l mp \
    -r admin" -s /bin/sh www-data

https://wiki-docs.ru/setup/start/4578afdb-2e59-4a34-805a-0b30349a8227/b1c75991-200d-46f5-9667-f0abb8da9f08

https://www.passbolt.com/docs/api/

https://www.passbolt.com/docs/development/getting-started/

https://www.youtube.com/watch?v=XD3lZFyniCE

PXE

PXE
https://wiki.stechmo.ru/bin/view/Red%20OS/Установка%20по%20сети%20(настройка%20PXE)/?srid=tMVIRpt1

Backups

pdc-minsoc-1c-db01
10.12.126.66
Логин ssh: astra_subd
Пароль ssh: Zx123456!

Логин СУБД: postgres
Пароль СУБД: 5qjDzifR
Ресурс для резервных копий 1С
10.50.100.62:/opt/nfs/zkgu.msr.mosreg.ru

Mount

sudo mkdir /mnt/rootfs
sudo mount -o ro /dev/nvme0n1p4 /mnt/rootfs

sudo ls -lh /mnt/rootfs/root

Eltex

https://docs.eltex-co.ru/pages/viewpage.action?pageId=499679774

#!/usr/bin/clish
#345
#1.34.6
#2025-09-18
#10:24:33
object-group service dhcp_client
  port-range 68
exit
object-group service dhcp_server
  port-range 67
exit
object-group service dns
  port-range 53
exit
object-group service ntp
  port-range 123
exit
object-group service ssh
  port-range 22
exit

object-group network trusted
  ip prefix 10.12.19.0/24
exit

syslog max-files 3
syslog file-size 512
syslog file tmpsys:syslog/default
  severity info
exit

username admin
  password encrypted $6$t/ucQIE0uLzBIiUB$k6VyaeZjrhJzrTB4MgasrspRiJJB8FiEgpI9UdRvq.q8yRu4ycrc0IPE..tifWJai0a17Zqzvndy/bDGQs89n0
exit

vlan 2
  name "WAN"
exit
vlan 10
  name "lan-podved-10"
exit
vlan 11
  name "lan-podved-11"
exit

no spanning-tree

domain lookup enable
domain nameserver 10.10.51.1
domain nameserver 10.10.52.1
domain nameserver 10.12.19.1

security zone trusted
exit
security zone untrusted
exit

bridge 1
  description "lan-factory"
  vlan 1
  security-zone trusted
  ip address 192.168.1.1/24
  no spanning-tree
  enable
exit
bridge 2
  description "WAN"
  vlan 2
  security-zone untrusted
  ip address 10.12.19.5/24
  no spanning-tree
  enable
exit
bridge 10
  description "lan-podved-10"
  vlan 10
  security-zone trusted
  ip address 10.112.22.1/24
  no spanning-tree
  enable
exit
bridge 11
  description "lan-podved-11"
  vlan 11
  security-zone trusted
  ip address 172.28.22.1/24
  no spanning-tree
  enable
exit

interface gigabitethernet 1/0/1
  mode switchport
  switchport mode trunk
  switchport trunk native-vlan 2
  switchport trunk allowed vlan add 10-11
exit
interface gigabitethernet 1/0/2
  mode switchport
  switchport mode trunk
  switchport trunk native-vlan 2
  switchport trunk allowed vlan add 10-11
exit
interface gigabitethernet 1/0/3
  mode switchport
exit
interface gigabitethernet 1/0/4
  mode switchport
exit
interface gigabitethernet 1/0/5
  mode switchport
exit
interface gigabitethernet 1/0/6
  mode switchport
  switchport access vlan 2
exit

snmp-server
snmp-server community public 10.12.19.25 rw
snmp-server community public rw

security zone-pair trusted self
  rule 10
    action permit
    match protocol tcp
    match destination-port object-group ssh
    enable
  exit
  rule 20
    action permit
    match protocol icmp
    enable
  exit
  rule 30
    action permit
    match protocol udp
    match source-port object-group dhcp_client
    match destination-port object-group dhcp_server
    enable
  exit
  rule 40
    action permit
    match protocol udp
    match destination-port object-group ntp
    enable
  exit
  rule 50
    action permit
    match protocol tcp
    match destination-port object-group dns
    enable
  exit
  rule 60
    action permit
    match protocol udp
    match destination-port object-group dns
    enable
  exit
exit
security zone-pair trusted trusted
  rule 1
    action permit
    enable
  exit
exit
security zone-pair trusted untrusted
  rule 1
    action permit
    enable
  exit
exit
security zone-pair untrusted self
  rule 1
    action permit
    match protocol udp
    match source-port object-group dhcp_server
    match destination-port object-group dhcp_client
    enable
  exit
  rule 10
    action permit
    match source-address object-group network trusted
    enable
  exit
exit

security passwords default-expired

nat source
  ruleset factory
    to zone untrusted
    rule 11
      description "vlan11"
      match source-address prefix 172.28.22.0/24
      action source-nat netmap 10.112.22.251/32
      enable
    exit
  exit
exit

ip dhcp-server
ip dhcp-server pool lan-pool
  network 192.168.1.0/24
  address-range 192.168.1.2-192.168.1.254
  default-router 192.168.1.1
  dns-server 192.168.1.1
exit
ip dhcp-server pool lan-pool-11
  network 172.28.22.0/24
  address-range 172.28.22.10-172.28.22.50
  default-router 172.28.22.1
  dns-server 172.28.22.1
exit
ip dhcp-server pool lan-pool-10
  network 10.112.22.0/24
  address-range 10.112.22.10-10.112.22.50
  default-router 10.112.22.1
  dns-server 10.112.22.1
exit

ip route 0.0.0.0/0 10.12.19.1

ip ssh server
ip ssh dscp 32

ntp enable
ntp broadcast-client enable
ntp server 10.10.51.1
exit

Back to top