Cách lưu trữ với tar command

Xin chào, khi tôi quyết định viết bài này, tôi buộc lòng phải thừa nhận, tôi không thể nhớ command cũng như các tham số của tar. Bài viết này là dành cho tôi, xem lại sử dụng lệnh tar.

1. Cách tạo lưu trữ (archive) và nén

$ tar -cJvf file_name.tar.xz directory_full_path

Giải thích các tham số:

• -c: tạo archive‌/lưu trữ
• -J: nén với định dạng xz, mục đích của nó là giảm dung lượng file lưu trữ. Không có cũng được.
• -v: verbose, hiện thông tin chi tíết khi chạy lệnh. Không có cũng được.
• -f: tên file file_name.tar.xz

2. Cách mở lưu trữ (extract)

$ tar -xvf file_name.tar.xz

Giải thích các tham số:

• -x: extract, mở lưu trữ
• -v: verbose, hiện thông tin chi tíết khi chạy lệnh. Không có cũng được.
• -f: tên file file_name.tar.xz

3. References

• tar(1) - Linux man page, https://linux.die.net/man/1/tar

How to copy files from docker build to host machine?

This guide is all about copy/extract file from docker build process, then copy it to host machine.

This method is very useful when you have to release/package .rpm file for further usage, but in this post, I will use mkdocs for example, I build mkdocs html files with docker, then copy those html files to host machine.

There are two things to consider:

• Dockerfile
• And Build Command for that Dockerfile

I. Dockerfile

The key note is line number 8 and 9

1
2
3
4
5
6
7
8
9
FROM python:3.13.0 AS build

WORKDIR /opt/mining_rig_monitor_document_src
COPY . /opt/mining_rig_monitor_document_src
RUN pip install -r requirements.txt
RUN mkdocs build -c

FROM scratch AS release
COPY --from=build /opt/mining_rig_monitor_document_src/site /

RUN mkdocs build -c will create a directory named site which stores all html files. Then, from scratch image, we copy all thoses html files to /

II. Docker build command

This following command will copy all files from release stage to nginx-dist. The most important is environment variable DOCKER_BUILDKIT=1

$ DOCKER_BUILDKIT=1 docker build -f  Dockerfile --target=release --output nginx-dist .

➜ mining_rig_monitor_document (master) ✗ pwd
/home/nguyenvinhlinh/Projects/mining_rig_monitor_document


➜ mining_rig_monitor_document (master) ✗ tree -L 1
.
├── Dockerfile
├── docs
├── mkdocs.yml
├── nginx-dist      <<-- your files from docker build
├── readme.md
├── requirements.txt
└── wireframe

A new lightning system for K1 Max

1. Introduction

I am the owner of a K1 Max 3D printer, the built-in lightning system is not good enought for me. In fact, it’s quite dark.

This project aims at improving the lightning system for K1 Max 3D printer! I designed the lightning frame myself with Plasticity, due to limited size of K1 Max, I have split the whole big model into 8 parts, then print them one by one.

In addition, there are holes to use LED bars with zip ties, no messy with double-size tapes. You gonna be surprise while cleaning a mess of double-size tapes, and I hate it.

2. 3D files

Main Components

• LED: 12V, chip LED 5730 (shopee link)
• PSU: 12V, 30A (it’s underload for this LED) (shopee link)
• Switch: KCD1 12x21mm (shopee link)

3. Where is the model?

I sell this model on https://cults3d.com/. If you are interest, I also willing to receive in Monero(XMR) instead of USD/VND.

How to create .rpm package for elixir project?

Step 1. Prepare source code tarball

In this step, I would like to use my repo named ASIC Sentry for example

$ git clone https://github.com/nguyenvinhlinh/ASIC-Sentry/ asic-sentry
$ cd asic-sentry
$ git checkout v1.0.0
$ cd ..
$ mv asic-sentry asic-sentry-1.0.0
$ tar -cJvf asic-sentry-1.0.0.tar.xz asic-sentry-1.0.0

For tar command:

• -c: create a new archive
• -J: filter the archive through xz
• -v: verbose
• -f: use archive file or device ARCHIVE

Now your source code tarball is ready for next step!

Step 2. Setup $HOME/rpmbuild directory

Use this command to create a directory structure for rpmbuild

$ rpmdev-setuptree

$ tree $HOME/rpmbuild
/home/nguyenvinhlinh/rpmbuild
├── BUILD
├── RPMS
├── SOURCES
├── SPECS
└── SRPMS

Step 3. Copy source code tarball to SOURCES.

$ tree $HOME/rpmbuild
/home/nguyenvinhlinh/rpmbuild
├── BUILD
├── BUILDROOT
├── readme.md
├── RPMS
├── SOURCES
│   └── asic-sentry-1.0.0.tar.xz <----- your tarball here!
├── SPECS
│   ├── asic-sentry-1.0.0.spec
└── SRPMS

Step 3. Create new SPECS/.spec file

Ignore this step if you modify existing one!

$ cd SPECS;
$ rpmdev-newspec;

Update:

• Version
• Release
• Source0

This is an example of mine asic-sentry-1.0.0.spec

Name: asic-sentry
Version: 1.0.0
Release:        1%{?dist}
Summary: ASIC Sentry is a monitoring software designed to collect and send operational logs from ASIC Miners to a Mining Rig Monitor

License: GNU General Public License v3.0
URL: https://github.com/nguyenvinhlinh/ASIC-Sentry
Source0: asic-sentry-1.0.0.tar.xz

%description
ASIC Sentry is a monitoring software designed to collect and send operational logs from ASIC Miners to a Mining Rig Monitor

%global debug_package %{nil}

%prep
%autosetup

%build
cd assets;
npm install;
cd ..;
mix deps.get --only prod
MIX_ENV=prod mix compile
MIX_ENV=prod mix assets.deploy
MIX_ENV=prod mix release


%install
mkdir -p %{buildroot}/opt/asic_sentry
cp -r _build/prod/rel/asic_sentry/* %{buildroot}/opt/asic_sentry


%files
...
... A long list of installed files.
...

%changelog
* Tue Feb 04 2025 Nguyen Vinh Linh <nguyenvinhlinh93@gmail.com>
- Support KS5L asic

Step 3. Run rpmbuild

$ cd SPECS;
$ rpmbuild -bb asic-sentry-1.0.0.spec

Gonna see error:

ERROR   0002: file '/opt/asic_sentry/lib/crypto-5.5/priv/lib/crypto.so' contains an invalid runpath '/usr/local/lib64'

crypto is an erlang module. I dont know how to modify it. this is a work around!

$ cd SPECS;
$ export QA_RPATHS=$(( 0x0001|0x0002 ))
$ rpmbuild -bb asic-sentry-1.0.0.spec

Step 4. Provide %files

Those file would be listed after running rpmbuild -bb asic-sentry-1.0.0.spec.

Append it and re-run rpmbuild -bb asic-sentry-1.0.0.spec to make rpm.

RPM build errors:
    Installed (but unpackaged) file(s) found:
   /opt/asic_sentry/bin/migrate
   /opt/asic_sentry/bin/migrate.bat
   /opt/asic_sentry/bin/asic_sentry
   /opt/asic_sentry/bin/asic_sentry.bat
   /opt/asic_sentry/bin/server

Check out RPMS directory! RPM should be there!

➜ rpmbuild (master) ✗ tree -L 3
.
├── BUILD
├── BUILDROOT
├── readme.md
├── RPMS
│   └── x86_64
│       ├── asic-sentry-1.0.0-1.fc40.x86_64.rpm <----------- your file here!
│       ├── asic-sentry-debuginfo-1.0.0-1.fc40.x86_64.rpm
│       └── asic-sentry-debugsource-1.0.0-1.fc40.x86_64.rpm
├── SOURCES
│   └── asic-sentry-1.0.0.tar.xz
├── SPECS
│   ├── asic-sentry-1.0.0.spec
└── SRPMS

References

• How to create a Linux RPM package? https://www.redhat.com/en/blog/create-rpm-package
• tar(1) - Linux man page, https://linux.die.net/man/1/tar

How to install open-webui for llama model on Fedora?

This guide is about installing open-webui on fedora.

1. Update python & pip

$ dnf update python -y
$ pip install --upgrade pip

2. Install open-webui guide

• Create directory /opt/open-webui

$ mkdir /opt/open-webui
$ cd /opt/open-webui

• change ownership to your user, do not run with root due to security issue.

$ chown nguyenvinhlinh:nguyenvinhlinh -Rv /opt/open-webui/

• Setup virtual environment (venv) & install open-webui (do not run as root)

$ python -m venv open-webui-env
$ source open-webui-env/bin/activate
$ pip install open-webui

3. Start open-webui server (do not run as root)

$ open-webui serve

• Server should be available on http://127.0.0.1:8080
• All data (sqlite, uploads, cache, db) can be found at /opt/open-webui/open-webui-env/lib/python3.12/site-packages/open_webui/data

4. Install Ollama software guide

$ curl -fsSL https://ollama.com/install.sh | sh
$ ollama --version

5. Using ollama to pull/download model

$ ollama pull llama3.2

6. Running with systemd service /etc/systemd/system/open-webui.service

[Unit]
Description=Open WebUI (LLAMA)
After=network.target

[Service]
WorkingDirectory=/opt/open-webui
ExecStart=/opt/open-webui/open-webui-env/bin/open-webui serve
User=nguyenvinhlinh
RemainAfterExit=yes
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target

Enable and start open-webui service

$ systemctl enable open-webui
$ systemctl start  open-webui

References

• Github Open-WebUI, https://github.com/open-webui/open-webui
• Ollama, https://ollama.com/
• How to enable a virtualenv in a systemd service unit?, https://stackoverflow.com/questions/37211115/how-to-enable-a-virtualenv-in-a-systemd-service-unit

MessBox, my new plastic product

I am having a mess table with full of wires. This product is all about to help me clean it up abit.

Btw, if you wonder what is my board. it’s KVM switch. it helps me switch my combo of keyboard+mouse+display with a click!

This is my before image.

There are two type of box

Installing Woodpecker natively on Fedora 41

Keynotes:

• Fedora 41 installed on VM Workstation
• Disable SELinux
• Enable firewall-cmd
• Woodpecker v2.8.0 - https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.8.0
• SSL enabled

1. Download and install

You can use curl or wget to download from woodpecker releases. Then use

$ rpm install file.rpm

2. Systemd - /etc/systemd/system/woodpecker-server.service

[Unit]
Description=Woodpecker Server
After=network.target

[Service]
WorkingDirectory=/opt/woodpecker-server
EnvironmentFile=/opt/woodpecker-server/woodpecker-server.conf
ExecStart=woodpecker-server
User=root
RemainAfterExit=yes
Restart=on-failure
RestartSec=10
TimeoutStopSec=infinity

[Install]
WantedBy=multi-user.target

3. Config - /opt/woodpecker-server/woodpecker-server.conf

I config to use Gitlab Login - Single Sign On. Plese check this link for more detail.

Github SSO use three variables:

• WOODPECKER_GITHUB
• WOODPECKER_GITHUB_CLIENT
• WOODPECKER_GITHUB_SECRET

WOODPECKER_HOST=https://woodpecker.homelab
WOODPECKER_GITHUB=true
WOODPECKER_GITHUB_CLIENT=XXX
WOODPECKER_GITHUB_SECRET=XXX
WOODPECKER_OPEN=false

WOODPECKER_SERVER_CERT=/opt/woodpecker-server/ssl/woodpecker.homelab.bundle.crt
WOODPECKER_SERVER_KEY=/opt/woodpecker-server/ssl/woodpecker.homelab.key
WOODPECKER_DATABASE_DRIVER=sqlite3
WOODPECKER_DATABASE_DATASOURCE=/opt/woodpecker-server/db/woodpecker.sqlite

4. Firewall-cmd service - /etc/firewalld/services/woodpecker-server.xml

<?xml version="1.0" encoding="utf-8"?>
<service>
  <short>Woodpecker Server</short>
  <description>This option allows woodpecker to use tcp port 443 HTTPS</description>
  <port protocol="tcp" port="443"/>
</service>

5. Test script before using systemd

Write this script and execute it.

$ export WOODPECKER_HOST=https://woodpecker.homelab

$ export WOODPECKER_GITHUB=true
$ export WOODPECKER_GITHUB_CLIENT=XXX
$ export WOODPECKER_GITHUB_SECRET=XXX

$ export WOODPECKER_OPEN=true

$ export WOODPECKER_SERVER_CERT=/opt/woodpecker/ssl/woodpecker.homelab.bundle.crt
$ export WOODPECKER_SERVER_KEY=/opt/woodpecker/ssl/woodpecker.homelab.key

$ export WOODPECKER_DATABASE_DRIVER=sqlite3
$ export WOODPECKER_DATABASE_DATASOURCE=/opt/woodpecker/db/woodpecker.sqlite
$ export WOODPECKER_LOG_LEVEL=debug

$ woodpecker-server

For ssl certificate generator, follow this guide Cách làm Certificate Authority cấp SSL nội bộ.

6. References

• Woodpecker Server configuration, https://woodpecker-ci.org/docs/administration/server-config

SELinux, cannot login to shell after enable it

After along time disable SELinux, now you might want to enable it in Enforcing mode. After OS boot, in terminal, you may not login even though you did enter correct username/password. It’s because your files not to be labeled or labeled with SELinux context not matching the install policy.

The solution is that you ask SELinux to re-label in the next reboot. Enter the following command.

$ touch /.autorelabel

Then reboot!

In case you forget to do it. you need to go to rescue mode while booting the system, the GRUB2 menu will be displayed. To boot the system into rescue mode using bash follow these steps:

• Select the boot entry you wish to edit with the arrow keys.
• Select the entry you wish to edit by pressing e.
• Use the arrow keys to go to select the line beginning with linux, linux16, or linuxefi.
• Go the the end of that line and include a space and the following rw init=/bin/bash. If your disk is encrypted, you may need to add plymouth.enable=0
• Press Ctrl-x or F10 to boot the entry
• Then enter command line touch /.autorelabel and reboot!

Good luck!

Refereces:

• Again enabled SELINUX and now the user logins wont work in enforcing mode, https://serverfault.com/questions/1033769/again-enabled-selinux-and-now-the-user-logins-wont-work-in-enforcing-mode
• How to reset the root password in Rescue Mode, https://docs.fedoraproject.org/en-US/quick-docs/reset-root-password/

Nguyen Vinh Linh - Certificate Authority

Download it here: nguyenvinhlinh-ca.pem

-----BEGIN CERTIFICATE-----
MIIGNzCCBB+gAwIBAgIUY55KFD82PbJPmiJG01quqPSDMOkwDQYJKoZIhvcNAQEL
BQAwgakxCzAJBgNVBAYTAlZOMRkwFwYDVQQIDBBIbyBDaGkgTWluaCBDaXR5MRkw
FwYDVQQHDBBIbyBDaGkgTWluaCBDaXR5MQ4wDAYDVQQKDAVNeSBDQTEOMAwGA1UE
CwwFTXkgQ0ExGTAXBgNVBAMMEE5ndXllbiBWaW5oIExpbmgxKTAnBgkqhkiG9w0B
CQEWGm5ndXllbnZpbmhsaW5oOTNAZ21haWwuY29tMCAXDTIzMDkxMDEwMjEyNloY
DzMwMjMwMTExMTAyMTI2WjCBqTELMAkGA1UEBhMCVk4xGTAXBgNVBAgMEEhvIENo
aSBNaW5oIENpdHkxGTAXBgNVBAcMEEhvIENoaSBNaW5oIENpdHkxDjAMBgNVBAoM
BU15IENBMQ4wDAYDVQQLDAVNeSBDQTEZMBcGA1UEAwwQTmd1eWVuIFZpbmggTGlu
aDEpMCcGCSqGSIb3DQEJARYabmd1eWVudmluaGxpbmg5M0BnbWFpbC5jb20wggIi
MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDG1CMkNr1nryO4SOLAvW/pygF3
PDFcrN0vnUvLXdlcTsVLRlyUiKKpMGXU73ehgfUmqp3S9ef5m6cOeumEjtoudUgN
e/gn58J/EcSNd0CBuYTaa7jKNgmilhC6FHcLeRFKrLGFXNnXkKozdX4cJgVSiikg
xLISEDWrEHZdyDQxqbgfGiSemoDmR1/LCK8lvePxBB3KnzqyOSN0zJKK1YxgAKKy
NgIJmO74ZabPaQR5IYNrPdnwiPxAip1kDFUhsHRy/YBTxdxIiuTkybmNYrNN9+p0
19ksoARZVcBXFCjSd+KpfPyzqf4BA24h4aIDHaLWEFH67YIzikhJ+B+7ZqWCa6IL
HUIRglcAEEV97bZmxLRXgYLeyn7fBPbSnxgkS0ofWpOk2mykdOUo3QKn6dPxHtdg
IapqHnlIrfrXsGXCJwNikg1GX2/JV7R8V2savd3B1biRf6qHHkwe9y5O9PAwh4pI
pqz1CNqIC2f9ovN4w4Sb1P7gW5HL2Y8Y/u+vRKWnd2GtZcgwoxRBX4U7C4GN0Fcx
oC0+s/SPtrg8XPnwV3v6C8coqGsTPHiIl8I9tqESnGKpTxXhBqCc5SAGW/QDPG88
uf1AjHGVOqaXR+kznSeyzKtDJ1JmC3bKE2EsuTauhqkbIrwEAmXvPteXoiq/1iNU
at+yTKEYznLlfL0mcQIDAQABo1MwUTAdBgNVHQ4EFgQUlFOCexTnIY25KBonhdAV
+9qjHv4wHwYDVR0jBBgwFoAUlFOCexTnIY25KBonhdAV+9qjHv4wDwYDVR0TAQH/
BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAms11G10vRFKmgs0cKmEzxBqKFhbx
2gtZsorH6oYkNcH5hVefF6EwzOzyZNQJF0iAd2TkQLt2Y+3JpaXQfECkD2POC7De
9JP45Xn2KsP6anbk3IqmArys5d9QXkvs7o5Go2r1IdrSLC0IfJfi7nOISuFWrJVO
nvspukxomiYj4bCgUmAxDBZk+48KeOECyZBvZJx/gzQ6RzKVTW0ij5B8iVGChXaM
KT4UI8viOyk2k30W1VJZ3wtTb73n78worTy2fBgKG/gaf28g6qcP9mvOvpIQvjQq
sW0ThFhn8rxV2yrEwbsP9u+/1Pm+nUTy8wCtKejifpbcamiIW/QFPrR9hL5AXcCr
QGrv8u7gWiVGpM5nyKoLOCoT5pyE+eaCS3jNahj8lY0EKs0sYn71zRpWvpBpOhjG
uHDCJJBWhfmqeKzT5qZd99sbQtgafUXfqoAavyebKm9hGcI77m451eM1V0lxpCAC
sVASFUYa6cCOUh1CRNWuStwDkdX7M0YsR3wKPQo8cY1Ln28U6cVykKcswYuwzWC4
EmkXSvdDw0cG9s/GoMFDWxJe3VqElhNHqkaOlgfUFVijSeydiSgdxSt6tlltBzDx
lWmsk2X0gsbxuqiUn6/fCVm3V+6xovRmIInPku49xBeHLJ1sr80YCY/42ZS8zA7w
94XxQsoB6nfJcFc=
-----END CERTIFICATE-----

Bản đồ trường Tôn Đức Thắng