Affichage des articles dont le libellé est package. Afficher tous les articles
Affichage des articles dont le libellé est package. Afficher tous les articles

jeudi 24 juillet 2025

apt info - ansible tasks + roles to install apt_info.py automatically along node-exporter + Grafana dashboard

Create a file with openmetrics values, so that it be exporter along node-exporter metrics.

=> script runs every 12h to report the status of apt packages to upgrade writes it in  /var/lib/node_exporter/apt_info.prom 

which is ingested by prometheus when calling node-exporter.


The metrics are used by a grafana dashboard available here : https://grafana.com/grafana/dashboards/23777-apt-ugrades/


```

---
- name: Monitoring probes - setup exporters running on each server
hosts: all
vars:
become_user: root
become: true

tasks:
# https://github.com/ncabatoff/process-exporter
- name: Install .deb package of process-exporter
ansible.builtin.apt:
deb: https://github.com/ncabatoff/process-exporter/releases/download/v0.8.3/process-exporter_0.8.3_linux_amd64.deb
become: true

- name: Download and install apt_info.py
ansible.builtin.get_url:
url: https://raw.githubusercontent.com/prometheus-community/node-exporter-textfile-collector-scripts/refs/heads/master/apt_info.py
dest: /usr/local/bin/apt_info.py
mode: '0755'
become: true

- name: Install apt_info.py dependencies via apt
ansible.builtin.apt:
name: "{{ item }}"
state: present
update_cache: true
become: true
with_items:
- python3-prometheus-client
- python3-apt
- cron

- name: Add a cron job to run apt_info.py every 12 hours
ansible.builtin.cron:
name: "Run apt_info.py every 12 hours"
minute: "0"
hour: "*/12"
job: "/usr/local/bin/apt_info.py > /var/lib/node_exporter/apt_info.prom"
become: true
ignore_errors: "{{ ansible_check_mode }}"

- name: Ensure APT auto update is enabled
ansible.builtin.copy:
dest: /etc/apt/apt.conf.d/99_auto_apt_update.conf
content: 'APT::Periodic::Update-Package-Lists "1";'
owner: root
group: root
mode: '0644'
become: true

roles:
# https://github.com/prometheus-community/ansible/tree/main/roles/node_exporter
- name: prometheus.prometheus.node_exporter

# node_exporter_textfile_dir: "/var/lib/node_exporter" # default
```
Posted by at Aucun commentaire:
Labels: , , , , , , , ,

mercredi 31 juillet 2024

Emacs packages

 https://melpa.org/



Posted by at Aucun commentaire:
Labels: , ,

mardi 26 mars 2024

CI/CD and secure supply chain

https://www.sigstore.dev/ ( & cosig https://github.com/sigstore/cosign )

https://in-toto.io/

(cf. red hat trusted software supply chain which actually embeds those open source tools)



+ backstage.io for "platform engineering"

Posted by at Aucun commentaire:
Labels: , , , , ,

lundi 2 août 2021

MVT + Adb : how to use this consensual forensics tool to analyse whether your phone has been compromised by the pegasus/NSO discoveries. Forensics, long time no see !

Following pegasus revelations, I decided to play a bit with the tool provided by Amnesty International Security Lab in July 2021. 

Forensics, long time no see !


Sources : https://github.com/mvt-project/mvt

Doc : https://docs.mvt.re/en/latest/android/download_apks.html


Pretty strait-forward, once you have ADB installed on your computer.


the following steps are for and android phone + mac OS laptop

Step 0 : set your phone in "developper mode". For me I had to go to the settings and press 7 times on the release logo. 

Step 1 : plug your phone in USB, enabling USB debugging https://developer.android.com/studio/debug/dev-options#enable%3E

Step 2 : install ADB

brew install android-platform-tools

Check that you see your device, and then stop adb (not required after).

adb devices
adb kill-server

Step 3 : install mvt
pip3 install mvt
Step 4 : run mvt over your phone
mkdir output && mvt-android download-apks --output ./output --all-checks
Posted by at Aucun commentaire:
Labels: , , , , , , , , ,

vendredi 15 avril 2011

Lastest stable version of firefox

Directly from mozilla, have the repository point directly to firefox (found looking for the ubuntu release of firefox 4).

sudo add-apt-repository ppa:mozillateam/firefox-stable
sudo apt-get update && sudo apt-get upgrade
Posted by at Aucun commentaire:
Labels: , , ,

lundi 20 avril 2009

Aptitude, apt & cie. (Mainly for Debian, but Ubuntu works on the same way)

Ce post tourne autour des commandes apt, aptitude et dpkg

Installer une selection de paquets :


D'un côté :
$ dpkg --get-selections > liste-pkg

De l'autre côté :
# dpkg --set-selections < liste-pkg
# apt-get dselect-upgrade


Ressources non officielles de paquets pour Debian





Paquets installés automatiquement (jeux de dépendance)


$ aptitude why python-notify


Update automatique sans interaction humaine 



export DEBIAN_FRONTEND=noninteractive
yes '' | apt-get -y -o Dpkg::Options::="--force-confdef" -o
X Dpkg::Options::="--force-confold" dist-upgrade


(originaire de : http://www.ouaza.com/livre/admin-debian/
site web du livre "Cahier de l'admin, sur GNU/Linux «Lenny» " )

Utile également :
https://help.ubuntu.com/community/Repositories/CommandLine
Posted by at Aucun commentaire:
Labels: , , , , , ,
Inscription à : Articles (Atom)