I need to get some data form a libvirt/kvm image without starting the VM. Actually the VM is broken so it wont start. Here's how I could get access to the image:
mount:
modprobe nbd max_part=63
qemu-nbd -c /dev/nbd0 /var/lib/libvirt/images/image.img
mount /dev/nbd0p1 /mnt
unmount:
umount /mnt
pkill -9 qemu-nbd
rmmod nbd
resources:
In this setup the reverse proxy server does the ssl encryption. Therefore you must trust your reverse proxy server enough to hold the private SSL certificates for your websites! Do not use this setup if you can't trust your reverse proxy sufficiently!
install apache 2
apt-get install apache2
enable mod_ssl and mod_rewrite
a2enmod ssl
a2enmod rewrite
service apache2 restart
create site configureation for the virtual host
Put this file under eg. /etc/apache2/sites-available/example.com also make sure to read trough the entire file and change it according to your setup...
You might want to change:
ProxyPass and ProxyPassReverse targets to your actual internal server urlthe SSLCertificateFile and SSLCertificateKeyFile to the actual certificates for your domain
<VirtualHost *:80>
ServerName example.com
ServerAlias example.com
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(.*)$ https://example.com/$1 [L,R]
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias example.com
ProxyRequests Off
ProxyPass / http://192.168.0.1:8080/
ProxyPassReverse / http://192.168.0.1:8080/
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/example.com_access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
enable site
use the name of the file you created in /etc/apache2/sites-available insted of example.com for the a2ensite command
a2ensite example.com
service apache2 reload
install redmine dependencies
apt-get install apache2-mod-passenger redmine redmine-sqlite
add desired listening port to apache config
apache ports are configured here on debian 7 /etc/apache2/ports.conf
Listen 8083
create redmine apache config
I named the site file: /etc/apache2/sites-available/redmine
<VirtualHost *:8083>
DocumentRoot /usr/share/redmine/public
<Directory /usr/share/redmine/public>
AllowOverride all
Options -MultiViews
</Directory>
</VirtualHost>
enable site and restart apache
a2ensite redmine
service apache2 restart
redmine is now running you can access it with
redmine default username: admin
redmine default password: admin
install apache2 to run as reverse proxy
install debian packages
apt-get install libapache2-mod-proxy-html
enable mod
a2enmod proxy
a2enmod proxy_http
a2enmod proxy_html
create reverse proxy config eg. under /etc/apache2/sites-available/redmine.example.com
<VirtualHost *:80>
ServerName redmine.example.com
ServerAlias redmine.example.com
ProxyRequests Off
ProxyPass / http://192.168.100.178:8083/
ProxyPassReverse / http://192.168.100.178:8083/
</VirtualHost>
enable site and restart apache
a2ensite redmine.example.com
service apache2 reload
if you want to use virtual hosts in combination with ssl you must configure SNI (server name indication)
Actually it's already enabled in debian 7 packages, all you need to do is to add this line to your /etc/apache2/ports.conf file to make it work:
NameVirtualHost *:443
make sure /etc/apache2/sites-available/default-ssl does not define <VirtualHost _default_:443> rather than *:443 and that ServerName is set.
<VirtualHost *:443>
ServerName example.com
Sources:
# install dependencies
apt-get install apache2 php5 php5-gd php-xml-parser php5-intl
apt-get install php5-sqlite php5-mysql curl libcurl3 php5-curl
#apt-get install smbclient # supported but not mandatory, not interested
# enable required apache2 modules
a2enmod rewrite
a2enmod headers
# get and deploy owncloud
cd /var/www
wget http://download.owncloud.org/community/owncloud-5.0.11.tar.bz2
tar -xvf owncloud-5.0.11.tar.bz2 --strip-components=1 owncloud/
rm -f owncloud-5.0.11.tar.bz2
chown -R www-data:www-data /var/www
# install apache2
sudo apt-get install libapache2-mod-proxy-html
# enable required apache mods
sudo a2enmod proxy
sudo a2enmod proxy_http
# create a new site definition eg.
cat << EOF | sudo bash -c 'cat >> /etc/apache2/sites-available/example.com'
<VirtualHost *:80>
# domain for v-host resolving
ServerName example.com
ServerAlias example.com
# no normal proxy function, only reverse proxying
ProxyRequests Off
# TODO find out what this is good for, it's certainly not required
#<Proxy *>
# AddDefaultCharset Off
# Order deny,allow
# Allow from all
#</Proxy>
# might be interesting too
#SSLProxyEngine on
# defined forwarding targed
ProxyPass / http://192.168.0.2/
ProxyPassReverse / http://192.168.0.2/
</VirtualHost>
EOF
# enable the new site (the file name you chose for the revers proxy config)
sudo a2ensite example.com
# reload apache
sudo service apache2 reload
I fixed my debain squeeze with lvm2 fulldisk encryption. When booting it always froze when doing fsck. What I did was basically booting the squeeze installation-image into recovery mode and run fsck there. If I had knows how easy this can be solved, I would have saved my self a lot of troubles.