GitHub Actions for CloudFormation Template Validation and Deployment
name: Ant Media Server Cloudformation Deployment on: schedule: - cron: '0 0 * * 1' jobs: deploy_cf_template: runs-on: ubuntu-latest env: AWS_REGION: eu-west-2 STACK_NAME: cf-automation-test-stack ORIGIN_INSTANCE_TYPE: t2.large EDGE_INSTANCE_TYPE: t2.large MONGO_INSTANCE_TYPE: c5.large TEMPLATE_FILE: ${{ github.workspace }}/cloudformation/antmedia-aws-autoscale-template.yaml steps: - name: Checkout Repository uses: actions/checkout@v2 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: ${{ env.AWS_REGION }} - name: Validate CloudFormation Template run: | aws cloudformation validate-template --template-body file://${{ env.TEMPLATE_FILE }} - name: Deploy Stack run: | aws cloudformation create-stack \ --stack-name ${{ env.STACK_NAME }} \ --template-body file://${{ env.TEMPLATE_FILE }} \ --parameters ParameterKey=Email,ParameterValue=test@antmedia.io \ ParameterKey=KeyName,ParameterValue=${{ secrets.KEY_NAME }} \ ParameterKey=OriginInstanceType,ParameterValue=${{ env.ORIGIN_INSTANCE_TYPE }} \ ParameterKey=EdgeInstanceType,ParameterValue=${{ env.EDGE_INSTANCE_TYPE }} \ ParameterKey=MongoDBInstanceType,ParameterValue=${{ env.MONGO_INSTANCE_TYPE }} \ ParameterKey=LoadBalancerCertificateArn,ParameterValue=${{ secrets.SSL_CERTIFICATE_ARN }} \ ParameterKey=AntMediaEdgeCapacity,ParameterValue=1 \ --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM \ --region ${{ env.AWS_REGION }} timeout=$((SECONDS+420)) while [ $SECONDS -lt $timeout ]; do sleep 10 stack_status=$(aws cloudformation describe-stacks --stack-name ${{ env.STACK_NAME }} --query 'Stacks[0].StackStatus' --output text 2>&1) if [ "$stack_status" == "CREATE_COMPLETE" ]; then echo "Stack creation completed successfully." break elif [ "$stack_status" == "ROLLBACK_COMPLETE" ] || [ "$stack_status" == "CREATE_FAILED" ]; then echo "Stack creation failed or rolled back." exit 1 fi done - name: Display Stack Outputs run: | outputs=$(aws cloudformation describe-stacks --stack-name ${{ env.STACK_NAME }} --query 'Stacks[0].Outputs' 2>&1) status=$? if [ $status -ne 0 ]; then echo "Failed to describe stack: $outputs" exit 1 elif [ "$outputs" == "null" ]; then echo "Stack Outputs are null. Deployment failed." exit 1 else echo "Stack Outputs: $outputs" fi - name: Delete Stack if: ${{ always() }} run: | aws cloudformation delete-stack --stack-name ${{ env.STACK_NAME }} aws cloudformation wait stack-delete-complete --stack-name ${{ env.STACK_NAME }}
https://github.com/ant-media/Scripts/blob/master/.github/workflows/antmedia-cf-template-validation-test.yml
coTURN installation script
#!/bin/bash # Check if user is running as root if [[ $EUID -ne 0 ]]; then echo "This script must be run as root." exit 1 fi # Function to install Coturn install_coturn() { apt-get update apt-get install -y coturn truncate -s 0 /etc/turnserver.conf } # Function to generate random username generate_credentials() { username=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 8 | head -n 1) password=$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 12 | head -n 1) echo "Username: $username" echo "Password: $password" echo "lt-cred-mech" >> /etc/turnserver.conf echo "user=$username:$password" >> /etc/turnserver.conf } # Function to configure Coturn for NAT network configure_nat() { # Add necessary configuration options for NAT network echo 'TURNSERVER_ENABLED=1' >> /etc/default/coturn # Get public IP public_ip=$(curl -s http://checkip.amazonaws.com) # Get private IP private_ip=$(hostname -I | awk '{print $1}') # Add external IP configuration to turnserver.conf echo "external-ip=$public_ip/$private_ip" >> /etc/turnserver.conf echo "realm=$public_ip" >> /etc/turnserver.conf } # Function to configure Coturn for public IP configure_public_ip() { # Add necessary configuration options for public IP echo 'TURNSERVER_ENABLED=1' >> /etc/default/coturn # Get public IP public_ip=$(curl -s http://checkip.amazonaws.com) # Add external IP configuration to turnserver.conf echo "realm=$public_ip" >> /etc/turnserver.conf } # Main script # Prompt user for configuration option echo "Choose the configuration option:" echo "1. Behind NAT network (e.g., AWS)" echo "2. Directly accessible public IP" read -p "Enter your choice (1 or 2): " option case $option in 1) install_coturn generate_credentials configure_nat ;; 2) install_coturn generate_credentials configure_public_ip ;; *) echo "Invalid choice. Exiting." exit 1 ;; esac # Start and enable Coturn service systemctl restart coturn systemctl enable coturn echo "Coturn installation and configuration completed."
How to backup/restore Route53 records by using aws-cli
# To backup records aws route53 list-resource-record-sets --hosted-zone-id YOUR_HOSTED_ZONE_ID > route53_backup.json
# To restore records aws route53 change-resource-record-sets --hosted-zone-id YOUR_HOSTED_ZONE_ID --change-batch file://route53_backup.json
[Gitlab] urllib3.exceptions.ReadTimeoutError: HTTPConnectionPool(host=’docker’, port=2375): Read timed out.
Aşağıdaki hatanın nedeni gitlab registery ‘de push işleminin uzun sürmesidir.
urllib3.exceptions.ReadTimeoutError: HTTPConnectionPool(host='docker', port=2375): Read timed out.
.gitlab-ci.yml dosyasına docker için timeout eklemeniz yeterli olacaktır.
variables: DOCKER_CLIENT_TIMEOUT: 300 COMPOSE_HTTP_TIMEOUT: 300
Error: INSTALLATION FAILED: create: failed to create: Secret “sh.helm.release.v1.muratws.v1” is invalid: data: Too long: must have at most 1048576 bytes
Helm’de bu hatayı almanızın nedeni aslında repositoryunuz içinde istenmeyen dosyaların/dizinlerin olmasıdır. Gereksiz dosyaları silip tekrar helm package komutunu çalıştırabilirsiniz.
Sevgiler.
Minikube: Exiting due to GUEST_MISSING_CONNTRACK: Sorry, Kubernetes 1.23.3 requires conntrack to be installed in root’s path
Bunun için sadece conntrack paketini yüklemeniz yeterlidir.
apt-get install -y conntrack
Eğer minikube ‘ı sanal bir makinada çalıştırıyorsanız driver olarak none seçmelisiniz.
minikube start --driver=none
Ayrıca minikube start –force –driver=docker ile sanal makina üstünde bile çalıştırabilirsiniz.
Sevgiler.
OpenVPN ‘de kullanıcıyı deaktif etme
-
./easyrsa revoke kullanici_adi
-
cp /usr/share/EasyRSA-3.0.8/pki/crl.pem /etc/openvpn/server/
-
systemctl restart openvpn
https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority hatası
Eğer gitlab CI üstünde docker süreçleriniz varsa ve kendi gitlab-runner ‘nızı kullanıyorsanız ve aşağıdaki sertifika hatasını alıyorsanız kendi tarafınızda bazı değişiklikler yapmalısınız.
time="2022-03-19T05:30:18Z" level=info msg="Error logging in to v2 endpoint, trying next endpoint: Get https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority"
Get https://registry.gitlab.com/v2/: x509: certificate signed by unknown authority
/etc/gitlab-runner/config.toml dosyasında kendi runner ‘nızı bulup aşağdaki satırlara göre düzenleyin.
tls_verify = false
privileged = true
.gitlab-ci.yml üstünde aşağıdaki satırları ekleyin
variables:
DOCKER_TLS_CERTDIR: ""
Vim ‘de global olarak visual özelliğini kapatmak
vim /usr/share/vim/vim81/defaults.vim
# Aşağıdaki satırı
if has('mouse') set mouse=a endif
# Bu satırla değiştirin.
if has('mouse') set mouse-=a endif
Sevgiler.
Could not open /dev/vmmon: No such file or directory. Please make sure that the kernel module `vmmon’ is loaded.
Vmware ‘de kernel degisikliginden sonra asagidaki hatayi alirsaniz.
Could not open /dev/vmmon: No such file or directory. Please make sure that the kernel module `vmmon' is loaded.
Asagidaki komutu calistirip tekrar modulu kullanmis oldugunuz kernel surumue gore derleyebilirsiniz.
vmware-modconfig --console --install-all