Instructions to create a VirtualBox-VM on a Windows box and convert it into a Google-VM

prerequisites:

http://isoredirect.centos.org/centos/8/isos/x86_64/ (i choose centos-8) https://www.virtualbox.org/wiki/Downloads (may not be necessary) https://cloud.google.com/sdk/docs/downloads-interactive  - GoogleCloudSDKInstaller.exe http://gnuwin32.sourceforge.net/packages/gtar.htm http://gnuwin32.sourceforge.net/packages/gzip.htm

1) create a virtualbox-vm install to be transferred to google-vm

creation: - EXACT gigabyte, like 10, 20  qcow(?) (copy on right)

    settings: - System, Motherboard, disable floppy (not sure if this is necessary) - System, Processor, Enable PAE/NX (may be already enabled) - Storage, “Empty”, click the little CD icon (right) and select your ISO file attach ISO file to the virtual cd drive - Audio, disable audio (not sure if this is necessary ?) - network: ADVANCED — paravirtualized network (virtio-net)

2) start VirtualBox-vm (i had to verify my CD(optical) boot disk)
    during install: - Under “Software Selection” i choose “minimal functionality” - Under Device Destination, i had to CLICK TWICE my ATA-VBOX-HARDDISK - under NETWORK, click “CONFIGURE” button, “General” tab, and select “Connect automatically with priority” - also under NETWORK, i like to make sure the network is working, there is an ON_OFF slider and you should be issued an IP number which you can verify - Centos-8 requires you to set the root password (dont forget it!) - Click “Begin Installation” button

2) stop virtualbox-vm Power off the machine, do not select “reboot”

3) settings, Storage, remove ISO from virtual cd

4) boot up your new virtualbox-vm

(optional) dnf —assumeyes install vsftpd; systemctl enable vsftpd; systemctl start vsftpd ; systemctl stop firewalld ; ## or three below: firewall-cmd —zone=public —permanent —add-port=21/tcp ; firewall-cmd —zone=public —permanent —add-service=ftp ; firewall-cmd —reload ;

5a) new /etc/default/grub file:

### W-O-R-K-I-N-G GRUB
### to compile:
### grub2-mkconfig —output=/boot/grub2/grub.cfg ;
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR=”$(sed ‘s, release .*$,,g’ /etc/system-release)”
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT=“console”
##GRUB_CMDLINE_LINUX=“crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.lvm.lv=cl/swap rhgb quiet”
GRUB_CMDLINE_LINUX=“console=ttyS0,38400n8d crashkernel=auto resume=/dev/mapper/cl-swap rd.lvm.lv=cl/root rd.lvm.lv=cl/swap”
GRUB_DISABLE_RECOVERY=“true”
GRUB_ENABLE_BLSCFG=true

5b) chmod 644 /etc/default/grub;#### (just in case)

6) new new initramfs.bsh: (thank you Rich Halloway!)
echo ‘# Ensure Google Compute Engine drivers are built into initramfs’ >> /etc/dracut.conf.d/GCE.conf
echo -e “nadd_drivers+=” virtio_scsi virtio_blk virtio_net”“ >> /etc/dracut.conf.d/GCE.conf
echo ‘# Ensure AWS drivers are built into initramfs’ >> /etc/dracut.conf.d/AWS.conf
echo -e “nadd_drivers+=” xen-blkfront xen-netfront”“ >> /etc/dracut.conf.d/AWS.conf
echo ‘# Ensure AWS ENA drivers are built into initramfs’ >> /etc/dracut.conf.d/AWS-ENA.conf
echo -e “nadd_drivers+=” xen-blkfront xen-netfront nvme nvme-fabrics nvme-fc nvme-rdma nvme-fcloop nvme-loop nvmet-fc nvmet-rdma nvmet ena”“ >> /etc/dracut.conf.d/AWS-ENA.conf
kversion=$( rpm -q kernel | sed ‘s/kernel-//’ )
dracut -v -f “/boot/initramfs-${kversion}.img” “$kversion”

7) stop virtualbox-vm

8) use VirtualBox to convert vdi/qcow to a RAW file: cd  “Program Files“OracleVirtualBox VboxManage.exe   clonemedium      disk   “D:virtualboxcentos-8centos-8.vdi”   “D:virtualboxcentos-8disk.raw”  -format  RAW

9) turn RAW file to a TAR (tape-archive) file: (notice file names in quotes, thank you Ric Alloway) - cd to location of RAW file - “C:Program Files (x86)GnuWin32bintar” —verbose —create —sparse —file=“disk.tar” “disk.raw”

10) turn TAR file to a gzip file: “C:Program Files (x86)GnuWin32bingzip.exe” —verbose —stdout “disk.tar” > “disk.tar.gz”

11) upload your new disk.tar.gz file here: https://console.cloud.google.com/storage/browser/

12) https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-a/instances/ – cloud shell: gcloud compute images create centos-project —project=marks-project —source-uri=https://storage.googleapis.com/centos-project/disk.tar.gz —storage-location=us

13) create a new vm from this newly created image.

14) i was unable to log in using the webbrowser SSH command, but was able to no problems using PuTTy

OLD STUFF BELOW ============

https://www.youtube.com/watch?v=YlcR6ZLebTM

1) create a VirtualBox-vm install to be transferred to google-vm – !! MINIMAL install l!

2) stop VirtualBox

3a) C:
3b) cd “Program Files“OracleVirtualBox
3c) VboxManage.exe clonemedium disk “D:virtualboxcentos-8-smallcentos-8-small.vdi” “D:virtualboxcentos-8-smalldisk.raw” -format RAW
3d) ignore “already exists” message…. maybe this is left over from before?

4) create NEW virtualbox install at least twice the size of the original

5) dnf -y install vsftpd; systemctl start vsftpd; systemctl stop firewalld; ## https://linuxhint.com/configure_ftp_server_centos8/

6) using filezilla, ftp the disk.raw created into step three into the NEW Virtualbox

7) tar —verbose —format=oldgnu -cSzf disk.tar.gz disk.raw ; ## notice NO dot-slash prefix on the disk.raw file!

8) sftp disk.tar.gz back to desktop

9) upload disk.tar.gz to: https://console.cloud.google.com/storage/browser/centos-8-test;tab=objects?forceOnBucketsSortingFiltering=false&project=cockroachdb-147617&prefix=&forceOnObjectsSortingFiltering=false

10) gcloud compute images create centos-8-from-virtualbox-raw —project=cockroachdb-147617 —source-uri=https://storage.googleapis.com/centos-8-test/disk.tar.gz —storage-location=us ;

gcloud beta compute —project=cockroachdb-147617 instances create instance-1 —zone=us-central1-a —machine-type=e2-medium —subnet=default —network-tier=PREMIUM —maintenance-policy=MIGRATE —service-account=81362834256-compute@developer.gserviceaccount.com —scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/trace.append —image=centos-8-from-virtualbox-raw —image-project=cockroachdb-147617 —boot-disk-size=16GB —boot-disk-type=pd-standard —boot-disk-device-name=instance-1 —reservation-affinity=any

OLD: VboxManage clonehd -format RAW ~/VirtualBox VMs/gce-demo/gce-demo.qcow ~/disk.raw
VboxManage clonemedium -format RAW ~/VirtualBox VMs/gce-demo/gce-demo.qcow ~/disk.raw

https://cloud.google.com/compute/docs/import/import-existing-image#virtualbox

cd into this directory:
C:
cd Program FilesOracleVirtualBox
VBoxManage.exe clonemedium disk “D:virtualboxcentos-8centos-8-a.vdi” “D:virtualboxcentos-8disk.raw” -format RAW
VBoxManage.exe clonemedium disk “D:virtualboxcentos-8centos-8-a.vdi” “D:virtualboxcentos-8disk.qcow” -format qcow
### qcow2 did NOT work….

#########7zip – create tar gzip file ( may need to create tar first than gzip [gz] file, or name format (dot)tar(dot)gz )
tar —verbose —format=oldgnu -cSzf gce-demo.tar.gz disk.raw ;

## create bucket here: https://console.cloud.google.com/storage/browser/ ## copy the gzip file to the google cloud gsutil cp centos-8.RAW.tar.gz gs://virtualbox-gce-demo-bucket-name/cent0s-8.RAW.tar.gz gsutil cp centos-8-a.RAW.gz gs://centos-8-test/centos-8.RAW.gz ## OR JUST CLICK-DRAG….. ## create an image gcloud compute images create gce-demo —source=uri gs://virtualbox-gce-demo/cent0s-8.RAW.tar.gz

gcloud compute instances create gce-demo —image gce-demo —machine-type=standard-1 —zone us-central1-b

## change format variable to format ‘fixed’ (NOT PART OF THE PROCESS) VBoxManage.exe clonemedium disk “D:virtualboxcentos-8centos-8.vdi” “D:virtualboxcentos-8centos-8-a.vdi” -variant Fixed ## change format variable to format ‘fixed’ (NOT PART OF THE PROCESS)

go to https://whatismyipaddress.com and get IP number example: 123.123.123.123

SELECT User, Host FROM mysql.user WHERE 1 AND Host != ‘localhost’ ;
## optionally REMOVE:
DROP USER ‘MarkEdwards’@‘321.321.321.321’ ;

CREATE USER ‘MarkEdwards’@‘123.123.123.123’ IDENTIFIED BY ‘MarksPassword’;

GRANT ALL ON `comptonPractice`.* TO ‘MarkEdwards’@‘123.123.123.123’ IDENTIFIED BY ‘MarksPassword’ WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0;

GRANT ALL PRIVILEGES ON `comptonPractice`.* TO ‘MarkEdwards’@‘123.123.123.123’;

/etc/csf/csf.allow:

tcp|in|d=3306|s=123.123.123.123
123.123.123.123 ## CenturyLink Phoenix — 2021-01-30
d= – destination
s= – source ;-)

systemctl restart csf.service ; ## important???
systemctl restart iptables ; ## important ???
iptables —flush ; ## VERY IMPORTANT!!!!!!

Google Auth

---

https://console.cloud.google.com/apis/credentials/

Yahoo Auth

important to get the CALLBACK correct:

https://dev-2a5ae3w8.auth0.com/login/callback

Micro$oft

never got it to work… https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/~/Credentials/appId/9f0d54bc-7080-4533-8abd-41a5fa2c29de/objectId/5944588b-4488-4223-8db6-bc7582c73ba4/isMSAApp~/false/defaultBlade/Overview/appSignInAudience/AzureADMyOrg/servicePrincipalCreated~/true

—dry-run — flag to experiment

ON REMOTE BOX:

dnf —assumeyes install rsync ;
sudo cat /etc/ssh/sshd_config | grep PasswordAuthentication ; ## look for ‘yes’

ON LOCAL BOX:

su comptonpeslonline.com ;

cat /home/comptonpeslonline.com/.ssh/known_hosts ; ## delete any previous keys so the first login will prompt for it.

ssh comptonpeslonline.com@35.192.35.140 ; ## verify login works, prompts for password

ssh-keygen ; ## creates /home/comptonpeslonline.com/.ssh/id_rsa.pub !

ssh-copy-id -i /home/comptonpeslonline.com/.ssh/id_rsa.pub comptonpeslonline.com@104.218.50.87 ; ## prompts for password

##ssh-copy on LOCAL: does nothing (??)
##ssh-copy on REMOTE: adds line to /home/comptonpeslonline.com/.ssh/authorized_keys

ssh comptonpeslonline.com@35.192.35.140 ; ## verify login works, stops prompting for password

## 2020-09-01 (is —owner really required??) sshpass -p “XXXXXXXXXXXXx” \ runuser —user comptonpeslonline.com — /usr/bin/rsync \ —dry-run —verbose —archive \ —owner=comptonpeslonline.com \ /home/comptonpeslonline.com/ \ comptonpeslonline.com@edwardsmarkf.info:/home/comptonpeslonline.com/ \ ;

rsync —verbose —archive /home/comptonpeslonline.com/public_html/ \ comptonpeslonline.com@104.218.50.87:/home/comptonpeslonline.com/public_html/

sshpass and rsync ======= — 2020-01-22
sync data between different servers (or possibly the same one)

sshpass -p  “zXXXX”   \ rsync —verbose —archive     \ mark@comptonpeslonline.info:/home/mark/rsyncTest  \ /home/mark/  ;  ## NEW to OLD!

sshpass -p “XXX”  \   rsync —verbose —archive \   /home/mark/rsyncTest    \   mark@comptonpeslonline.info:/home/mark/  ;   #   OLD  to NEW!

## remote usage, notice StrictHostKeyChecking was required in some instances.
sshpass -p ‘XXX’ \ rsync —dry-run —verbose —archive \ —rsh=“ssh -o StrictHostKeyChecking=no” \ /home/comptonpeslonline.com \ comptonpeslonline.com@edwardsmarkf.info:/home/comptonpeslonline.com ; ## this machine to a “remote” machine! (notice ‘dry-run’ — remove it!)

## https://www.digitalocean.com/community/tutorials/how-to-use-rsync-to-sync-local-and-remote-directories-on-a-vps
cd ~ ; ssh-keygen -t rsa ; ### create a new keyset at the root directory ssh-copy-id —dry-run comptonpeslonline.com@edwardsmarkf.info ; ### copy key to appropriate place
==========================================

for insecure uses, generate a “special” password here: https://myaccount.google.com/u/2/apppasswords?rapt=AEjHLxxxxxx

“special” password is used for mailx (mail.rc) and SMTPMailer.php and insecure nodeMailer

mailx

mailx – uses /etc/mail.rc uses password generated in the step above.

EXAMPLE:
echo `date` | /usr/bin/mailx -A gmailSMTP-noreply -s “test subject TEST” mark@edwardsmark.com ;

/etc/mail.rc:

account gmailSMTP-noreply {
        set smtp-use-starttls
        set ssl-verify=ignore
        set smtp-auth=login
        set smtp=smtp://smtp.gmail.com:587
        set smtp-auth-user=noreply@comptonpeslonline.com
        set smtp-auth-password=gXXXXv
        set ssl-verify=ignore
        set nss-config-dir=/home/comptonpeslonline.com/gmailCerts/
}

php

SMTPMailer.php:

define  (‘DEFAULT_EMAIL’   , ‘noreply@comptonpeslonline.com’                                       );
define  (‘PORT25TEST’     , ‘check-auth-edwardsmarkf=gmail.com@verifier.port25.com’       );

define  (‘DEFAULT_SMTP_HOST’    , ‘smtp.gmail.com’   );      // 2016-12-05
define  (‘DEFAULT_SMTP_LOGIN’   , ‘noreply@comptonpeslonline.com’  );      // 2016-12-05
define  (‘DEFAULT_SMTP_PASSWD’  , ‘gXXXXXXXv’   );

nodeMailer Insecure

const nodemailer        = require('nodemailer')         ;
const   authEmailAddy   =       'info@comptonpeslonline.com'    ;
const   authPassword    =       'zmcafzfppvquyqjj'              ;
const transporter = nodemailer.createTransport(
        {       service : 'gmail'
        ,       auth    :
                {       user    : authEmailAddy
                ,       pass    : authPassword
                }
        }
);
const mailOptions =
        {       from    :       authEmailAddy
        ,       to      :       'mark@edwardsmark.com'
        //,     cc      :       teacherNameAndEmail
        ,       bcc     :       'mark@edwardsmark.com'
        ,       subject :       'test subject from testSecureMailer.js'
        ,       text    :       'test text body from testSecureMailer.js'
        ,       html    :       '<h3>test html body from testSecureMailer.js</h3>'
        };
transporter.sendMail(mailOptions, (err, res) => {
        if (err) {
                console.log('Failed mailing to ' + ': ' + JSON.stringify(res));
                return console.log(err);
        } else {
                console.log('Successful mailing to ' + userObject.userEmail + ': ' + JSON.stringify(res));
        }
});

nodeMailer with Oauth

node uses an “auth0” approach:

step one:

log out of all accounts (or do all this in firefox)

step two:

https://console.cloud.google.com/apis/credentials/oauthclient/

step three:

enter https://developers.google.com/oauthplayground/

step four:

approve

step five:

create and copy the Refresh token: https://nodemailer.com/smtp/oauth2/

const nodemailer        = require(‘nodemailer’)         ;

const   authEmailAddy   =       ‘noreply@comptonpeslonline.com’                                                 ;
const   clientId        =       ‘6884XXXXXXh6n.apps.googleusercontent.com’      ;
const   clientSecret    =       ‘SXXXXXXS’                                                      ;
const   refreshToken    =       ’1//0XXXXCq4’               ;
const auth =
        {       type            : ‘oauth2’
        ,       user            : authEmailAddy
        ,       clientId
        ,       clientSecret
        ,       refreshToken
        };
const transporter = nodemailer.createTransport(
        {       service : ‘gmail’
        ,       auth
        }
);

node example: /home/comptonpeslonline.com/public_html/comptonPractice/homeworkAssignment/ticklerMailer/ticklerMailer.js

written from:
https://tanaikech.github.io/2018/01/08/send-mails-from-gmail-using-nodemailer/
https://medium.com/@nickroach_50526/sending-emails-with-node-js-using-smtp-gmail-and-oauth2-316fe9c790a1
https://dev.to/documatic/send-email-in-nodejs-with-nodemailer-using-gmail-account-2gd1
https://stackoverflow.com/questions/24098461/nodemailer-gmail-what-exactly-is-a-refresh-token-and-how-do-i-get-one
https://stackoverflow.com/questions/72128433/authenticating-google-gmail-api-using-access-and-refresh-token

2023-09-14 ================================================
to bypass creating an account in /etc/mail.rc :
1) add new password in /etc/postfix/sasl/sasl_passwd
2) postmap -v /etc/postfix/sasl/sasl_passwd ;
3) systemctl reload postfix ; systemctl restart postfix ; systemctl status postfix ;