Dynamic routes with nginx

Source: https://serverfault.com/questions/249952/wildcard-vhosts-on-nginx

This Nginx configuration file below allows for wildcard hostnames that dynamically route to the corresponding folder in /var/www/vhost/ while also dynamically generating the respective log files.

http://test1.wildcard.com → /var/www/vhost/test1
                                                   /var/log/nginx/test1.wildcard.com-access.log                                                   /var/log/nginx/test1.wildcard.com-error.log

http://test2.wildcard.com → /var/www/vhost/test2
                                                   /var/log/nginx/test2.wildcard.com-access.log                                                   /var/log/nginx/test2.wildcard.com-error.log

wildcard.conf

server {
  listen 80;
  listen [::]:80;

  #  Match everything except dot and store in $subdomain variable
  #  Matches test1.wildcard.com, test1-demo.wildcard.com
  #  Ignores sub2.test1.wildcard.com
  server_name ~^(?<subdomain>[^.]+).wildcard.com;

  root /var/www/vhost/$subdomain;

  access_log /var/log/nginx/$host-access.log;
  error_log  /var/log/nginx/$host-error.log;
}

Additional links: https://bjornjohansen.no/nginx-redirect

Filter mailing lists with Dovecot Sieve

require ["fileinto", "variables"];

if header :matches "List-Post" "*<mailto:**@*.*.*>" {
  fileinto "INBOX.lists.${5}.${3}"; stop;
}

if header :matches "List-Post" "*<mailto:**@*.*>" {
  fileinto "INBOX.lists.${4}.${3}"; stop;
}

if header :matches "X-Mailing-List" "*@*.*.*" {
  fileinto "INBOX.lists.${3}.${1}"; stop;
}

if header :matches "X-Mailing-List" "*@*.*" {
  fileinto "INBOX.lists.${2}.${1}"; stop;
}

Teamspeak Dockerfile > Healthcheck

FROM teamspeak

RUN apk --update --no-cache add netcat-openbsd

HEALTHCHECK --interval=15s --timeout=1s --start-period=5s --retries=3 CMD echo quit | nc 127.0.0.1 10011 || false
# docker ps --filter ancestor=teamspeak

CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS                 PORTS                                                                        NAMES
748e7f873a07        teamspeak_teamspeak   "entrypoint.sh ts3se…"   5 hours ago         Up 5 hours (healthy)   0.0.0.0:10011->10011/tcp, 0.0.0.0:9987->9987/udp, 0.0.0.0:30033->30033/tcp   dvaec_teamspeak

fail2ban – Proxmox Webinterface

/etc/fail2ban/jail.local
[proxmox]
enabled = true
port = 8006
filter = proxmox
logpath = /var/log/daemon.log
maxretry = 3
bantime = 86400
/etc/fail2ban/filter.d/proxmox.conf
[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.*msg=.*
ignoreregex =

Steps to (maybe) fix hardware graphics acceleration

Command to verify hardware acceleration (only works inside xorg session):

Positive example:

$ glxinfo | grep render

direct rendering: Yes
    GLX_MESA_multithread_makecurrent, GLX_MESA_query_renderer, 
    GLX_MESA_multithread_makecurrent, GLX_MESA_query_renderer, 
Extended renderer info (GLX_MESA_query_renderer):
OpenGL renderer string: Mesa DRI Intel(R) HD Graphics 530 (Skylake GT2) 
    GL_ARB_conditional_render_inverted, GL_ARB_conservative_depth, 
    GL_NV_conditional_render, GL_NV_depth_clamp, GL_NV_packed_depth_stencil, 
    GL_ARB_conditional_render_inverted, GL_ARB_conservative_depth, 
    GL_MESA_window_pos, GL_NV_blend_square, GL_NV_conditional_render, 
    GL_OES_element_index_uint, GL_OES_fbo_render_mipmap,

Negative example (llvmpipe (LLVM 6.0, 256 bits) means it’s using software rendering):

$ glxinfo | grep render

direct rendering: Yes
    GLX_MESA_multithread_makecurrent, GLX_MESA_query_renderer,
    GLX_MESA_multithread_makecurrent, GLX_MESA_query_renderer,
Extended renderer info (GLX_MESA_query_renderer):
OpenGL renderer string: llvmpipe (LLVM 6.0, 256 bits)
    GL_ARB_conditional_render_inverted, GL_ARB_conservative_depth,
    GL_NV_conditional_render, GL_NV_depth_clamp, GL_NV_packed_depth_stencil,
    GL_ARB_conditional_render_inverted, GL_ARB_conservative_depth,
    GL_NV_blend_square, GL_NV_conditional_render, GL_NV_depth_clamp,
    GL_OES_element_index_uint, GL_OES_fbo_render_mipmap,

Session type:

$ loginctl show-session c2 -p Type
Type=x11

Make sure these are installed:

linux-image-extra
libegl1-mesa
libgl1-mesa-dri
libgl1-mesa-dri
libgl1-mesa-glx
libglapi-mesa
libgles2-mesa
libglu1-mesa
libwayland-egl1-mesa
mesa-utils
mesa-vdpau-drivers

Kernel versions working:

4.10.0-33-generic
4.15.0-15-generic

Linux specific packages:

dpkg -l | awk '{ print $2 }' | grep ^linux
linux-base
linux-firmware
linux-headers-4.15.0-15
linux-headers-4.15.0-15-generic
linux-image-4.15.0-15-generic
linux-image-extra-4.15.0-15-generic
linux-libc-dev:amd64
linux-sound-base
apt install linux-headers-generic linux-generic