Change Fortinet admin users password

NOTE this procedure isn't how to recover a lost administrator super-user account. 
This is how to change a additional admin account when you still know the super user account password.

Changing the password for forgotten admin user account in the GUI is fairly straight forward.  Click on the users, select change password, enter in old password, then enter in new one.

But what if don't remember or lost the password to the account.  You need the old password to reset it in the GUI 

To reset it without knowing the old password, you'll need to login to the CLI

SSH to the Firewall and logon as a user with admin rights

config system admin
edit admin
set password NEWPASSWORD
end
exit

Rocketchat backup and restore UBUNTU 18.04 SNAPS

This was taken from https://rocket.chat/docs/installation/manual-installation/ubuntu/snaps/

UBUNTU 18.04 using SNAPS

BACKUP ROCKET CHAT

1. Stop your rocketchat-server:

sudo service snap.rocketchat-server.rocketchat-server stop

2. Issue this backup command:

sudo snap run rocketchat-server.backupdb

3. If all goes well, you will see some output similar to:

[+] A backup of your data can be found at /var/snap/rocketchat-server/common/backups/rocketchat_backup_.tgz

4. Start your rocketchat-server:

sudo service snap.rocketchat-server.rocketchat-server start

UBUNTU 18.04 using SNAPS

RESTORE ROCKET CHAT

1. Stop your rocketchat-server:

sudo service snap.rocketchat-server.rocketchat-server stop

Please note: while the rocketchat-server service should be stopped, the rocketchat-mongo service should be kept running!

sudo service snap.rocketchat-server.rocketchat-mongo status | grep Active
   Active: active (running) (...)

2. Copy your backup file to the snap’s common folder:

sudo cp rocketchat_backup.tgz /var/snap/rocketchat-server/common/

3. Issue this restore command:

sudo snap run rocketchat-server.restoredb /var/snap/rocketchat-server/common/rocketchat_backup.tgz

4. If you are replacing an existing database, you will be warned:

*** ATTENTION ***
* Your current database WILL BE DROPPED prior to the restore!
* Would you like to make a backup of the current database before proceeding?
* (y/n/Q)>

• Press y and Enter to make a backup of the database in its current state.
• Press n and Enter to continue without a backup of the database in its current state.
• Press any key and/or Enter to quit the restore process without making any changes.

5. If you choose to proceed and all goes well, you will see some output similar to:

[*] Extracting backup file...
[*] Restoring data...
[*] Preparing database...
[+] Restore completed! Please restart the snap.rocketchat services to verify.

If something goes wrong, you will instead be presented with a path to the relevant log file to help remedy errors. In this case, the database may not be usable until a restore is successfully performed.

6. Start your rocketchat-server:

sudo service snap.rocketchat-server.rocketchat-server start

Setting up Rocketchat on a UBUNTU 18.04 server

Rocketchat 0.70.4 on UBUNTU 18.04 Server

Installing Ubuntu server is pretty straight forward.  I did it on virtual hardware.  Its what I call a "next next next" install.  I used all the default settings that Ubuntu had asked me.  I had no issues on hardware recognition.  There are plenty of sites that can assist if you run into anything.  This is a summary of steps that I did from https://rocket.chat/docs/installation/manual-installation/ubuntu/
Just tons of info.  These steps worked with my server implementation, so they might help you!

NETWORK CONNECTIONS

By default the system will ask you about network, and have DHCP set to enabled.  This is fine for most users.  If you want to hardcode your IP, you can do it now by selecting IPv4 and entering in the information specific to your server.

If you are using DHCP, you'll notice that the DHCP address (if NIC is discovered and assigned properly) is already showing.  Note this IP if you need to logon to the server when done.

If you are configuring your server and want to hardcode the IP, Ubuntu does it differently and isn't really the same as any other entry method I've ever encountered.  Subnet is handed differently:

In my example, I want to set the ip to 10.1.80.182

When you put in the subnet, it wants to calculate the subnet for you, so instead of a common "255.255.255.0" subnet, you put in the subnet class instead for the ip.

Instead of 255.255.255.0, you would put in 10.1.80.0/24 (or the subnet class that you need if its not the common one)

SYSTEM CREDENTIALS

Enter in some user specific information.  This is the information that you will use to identify and connect to your server.

ADDITIONAL PACKAGES

System is going to ask you to install some other applications, including rocket chat.

For this document, I didn't select it, but instead installed it via SNAP.  It should work, I haven't tested it yet at the time of writing this document.

One thing that I do recall, if you select this option, it took like a minute or so (for my installs anyway) for the rocketchat service to become available.  So you should be able to make it work, just be patient when testing for the rocketchat login screen for the services to start (sudo service snap.rocketchat-server.rocketchat-server status)

Once completed, reboot your server and you should see the login in screen if all is successful!

INSTALLING ROCKET CHAT SERVER APPLICATION

Login to your server using the administrator account you configured above

I would make a suggestion that you do the remaining steps via a terminal application vs straight on the console, simply for situations where you might be copy/pasting the information.  Might save you typing if your console doesn't support paste functions

Installation is really straight forward.  Assuming you have network setup, internet is working, and the repo site is up, this command should install it:

sudo snap install rocketchat-server

System will start the snap download from the stable release repository

Takes a a minute or two, depends on network speeds and machine speeds

Once its completed you'll see something like:

rocketchat-server 0.70.4 from 'rocketchat' installed

Now use a browser http to your server.  After installation, it might take 30-60 seconds for the processes to startup, so if the server doesn't resolve right away, be patient before you panic.

http://IPofYourServer:3000

You should see the default RocketChat screen asking for your basic admin info

That is pretty much it for a default rocket chat installation.   You can put in your admin information and you are ready to go!

At this point it might be advisable to get the recent updates for the server with the following 

sudo apt-get update
then
sudo apt-get dist-upgrade

This step can take a while depending on network speed and volume of updates required.

Look at some of the other documentation here to secure your server with SSL connections

Setting up HTTPS access for RocketChat

Here's how you can configure HTTPS access for RocketChat.  

Want some HTTPS access for RocketChat?  Here's a really easy way.  This is a summary of steps that I did from https://rocket.chat/docs/installation/manual-installation/ubuntu/
Just tons of info.  These steps worked with my server implementation, so they might help you!

This was tested in UBUNTU 18.04 server using RocketChat 0.70.4

This document is how to use NGINX SSL reverse proxy

You'll need to have a server that the name can be resolved like "rocketchat.company.com"

You'll need to be able request a certificate from a cert authority

Login to Ubunut CLI then install NGINX with the following command:

sudo apt-get install nginx

Request a key via OPENSSL

This is a bit of a chore from the CLI, so I used this page (hope it works still)

https://www.digicert.com/easy-csr/openssl.htm

to help me generate the SSL certificate request syntax (highlighted in blue) which I paste into my CLI

EXAMPLE key for server called "rocketchat"

openssl req -new -newkey rsa:2048 -nodes -out rocketchat.csr -keyout rocketchat.key -subj "/C=US/ST=California/L=Oakland/O=Company/CN=rocketchat"

The system will generate two files.  One is your private .key, the other one is the .CSR or "request" key that you would submit to your certificate authority.

Once you get your public key back, perform these functions:

The private key that is generated, put it into

/etc/nginx/certificate.key

make it harder to change by assigning permission 400

chmod 400 /etc/nginx/certificate.key

Now copy your certificate provided to you by your authority to

/etc/nginx/certificate.crt

Now edit the file

/etc/nginx/sites-enabled/default

Delete everything in there and paste in the following below.

Change "server_name servername.domainname.com;" to the host name of your server.  

Example using my configs would be: "server_name rocketchat.company.com;"

# Upstreams
upstream backend {
    server 127.0.0.1:3000;
}
# HTTPS Server
server {
    listen 443;
    server_name servername.domainname.com;
    error_log /var/log/nginx/rocketchat.access.log;
    ssl on;
    ssl_certificate /etc/nginx/certificate.crt;
    ssl_certificate_key /etc/nginx/certificate.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
    location / {
        proxy_pass http://backend/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forward-Proto http;
        proxy_set_header X-Nginx-Proxy true;
        proxy_redirect off;
    }
}

Save your changes

Now startup NGINX:

sudo service nginx restart

If it works, the prompt should come back with no errors. 
If it does show errors or if you are curious, type in the following to get status information

systemctl status nginx.service

You should now be able to connect via HTTPS

https://ServerName

Reset Rocketchat lost Admin Password

Resetting RocketChat admin password

This method was test on a rocketchat on Ubuntu

Login into Ubunut CLI

Connect to MongoDB using this command:

sudo rocketchat-server.mongo

Select Rocket.Chat Database:

use parties

This command resets the username "administrator" to "12345".  If your system uses a different name, just change that name in the command below.

db.getCollection('users').update({username:"administrator"}, { $set: {"services" : { "password" : {"bcrypt" : "$2a$10$n9CM8OgInDlwpvjLKLPML.eizXIzLlRtgCh3GRLafOdR9ldAUh/KG" } } } })

You SHOULD be able to login to your server using the password 12345

2003-2007 Ford 6.0 liter Diesel Oil Cooler replacement procedure and EGR Cooler partial delete

I've done these.  Its not that hard a job.  But it is a very TIME consuming job and you have to be organized and have patience, else you could damage your truck and expose yourself to it not working.

This link has these videos summarized into a step by step that is helpful.

https://www.docdroid.net/nRu93NO/ford-60-oilcooler-replacment.pdf.html

The steps come from the videos below, which both detail the process of the oil cooler replacement.  A wealth of information in both videos.  If you are tackling this process yourself, they are a must watch and study!

YOUTUBE

srmastertech.  https://www.youtube.com/watch?v=fHyEo3wZ9uA

Diesel Tech Ron.  https://www.youtube.com/watch?v=y8Ba7A08VNo

The recommendation I can make is to always use OEM Ford Parts whenever possible.

Especially the oil cooler and the important gasket kits that come with this part.

DO NOT CHEAP ON NON MOTORCRAFT PARTS.

You don't need specialized tools to do this.  Metric sockets and hand tools will work just fine.

This wouldn't be a job I would tackle if you are not mechanically inclined or have never done mechanical work before.  At very least you'll want to have a good close friend who is to give help.

A recommendation by many who do this job is to also perform whats known as a "partial delete" of your EGR system in these trucks (you should investigate emission regulations in your area).  The 6.0 EGR is notoriously prone to failures and doing this while you have this large component removed from the engine can save a lot of headaches down the road.  The only thing that is special about this is you will need to have some ports of it blocked off using a TIG welder.

The partial keeps everything looking factory, and keeps expensive exhaust components properly mounted.

Asterisk with AirTEL SIP FreePBX

Configuration example for AIRTEL INDIA SIP trunks with ASTERISK (FreePBX)

Working in FreePBX 14.0.4.1

You must have these configured to work with this service

DNS entry for 
ims.airtel.in = 10.232.139.146.  

You must be able to ping/route traffic to  "ims.airtel.in" successfully from your PBX.

Outbound CallerID must contain valid AIRTEL DID or calls WILL FAIL

outbound call (in FreePBX configs) 

"John Smith" <+919512349876>

FreePBX Configuration

1. CREATE a SIP TRUNK

     Trunkname = airtel-sip

2. Verify "disable trunk" = no

3. Click on SIP SETTINGS

     Trunkname = airtel-sip

PEER DETAILS: This is from my PBX settings (change username & password for your trunk.  

Airtel will give you USERNAME, SECRET and FROMDOMAIN
(The FROMDOMAIN is NOT the same as ims.airtel.in in my configuration experience.  I had to ask for FROMDOMAIN from airtel support)

username=++91XXXXXXXXXX@ims.airtel.in

secret=YourPASSWORD

fromdomain=10.X.X.X

type=friend

qualify=3600

port=5060

nat=force_rport,comedia

maxexpiry=600

insecure=invite,port

host=ims.airtel.in

dtmfmode=rfc2833

defaultexpiry=120

canreinvite=no

allow=all

context=from-trunk     

disallow=all     

allow=ulaw,alaw

4. Click on INCOMING tab

Register string = 

+91XXXXXX:YOUR_PASSWORD:+91XXXXXX@ims.airtel.in@ims.airtel.in/+91XXXXXX

5. click on SUBMIT and APPLY CHANGES

in the CLI should see something like this if you check

freepbx*CLI> sip show peers

Name/username       Host         Dyn Forcerport Comedia    ACL Port     Status      

airtel-sip/918016251 10.X.X.X          Yes             Yes                      5060    OK (11 ms)

Now its configured you should be able to make calls