MY Experiences

Friday, August 29, 2008

Enable HTTPS in Debian

install this package:

apt-get install libapache-mod-ssl

Enable ssl mode in Apache:

a2enmod ssl

add port 443 in /etc/apache2/ports.conf:

Listen 443

Make certificate (after run this command you must answer some questions):

make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

add these lines to
/etc/apache2/sites-available/YOURSERVER.COM.conf:

>VirtualHost *:443>

. . .
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
. . .

>/VirtualHost>

restart Apache2.

To redirect HTTP to HTTPS add these lines to
/etc/apache2/sites-available/YOURSERVER.COM.conf under 443 options:

RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 2

and restart Apache2 again!

ftp user in a jail

Edit vsftpd configuration file - /etc/vsftpd/vsftpd.conf and

make sure following line exists (and uncommented):

chroot_local_user=YES

Save and close the file. Restart vsftpd.

Tuesday, August 19, 2008

Windows Vista - Clear cache for dead offline files

Add the FormatDatabase (DBWD) registry entry to the following registry subkey:

(First add Parameters under Csc, if doesn't exist)

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Csc\Parameters

Then, set the FormatDatabase registry entry to 1.

The restart your computer.

Monday, August 18, 2008

Bacula automatic startup

Create a bacula file in /etc/init.d/ :

#!/bin/sh

case "$1" in
'start')
/etc/bacula/bacula start
;;
'stop')
/etc/bacula/bacula stop
;;
*)
echo "Usage: $0 { start | stop }"
;;
esac
exit 0

add these links as follows:

ln -s /etc/init.d/bacula /etc/rc2.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc3.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc4.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc5.d/S90bacula
ln -s /etc/init.d/bacula /etc/rc0.d/K90bacula
ln -s /etc/init.d/bacula /etc/rc1.d/K90bacula
ln -s /etc/init.d/bacula /etc/rc6.d/K90bacula

or simply run:

update-rc.d bacula defaults 90

Friday, August 15, 2008

Heartbeat - DRBD - MYSQL - APACHE - TYPO3

With two ubuntu (8.04) machine: ubuntu-five and ubuntu-six.
On both boxes exists two pure partitions: /dev/sdb and /dev/sdc
Install these packages on both:

apt-get install heartbeat-2 drbd8-utils stonith mysql-server apache2
apt-get install typo3-base typo3-env
apt-get install php5 php5-cgi php5-mysql typo3-site-installer

Here is my /etc/drbd.conf:

resource testing { # name of resources for mysql database

protocol C;

on ubuntu-five { # first server hostname
device /dev/drbd0; # Name of DRBD device
disk /dev/sdb1; # Partition to use, which was created using fdisk
address 10.66.66.22:7788; # IP addres and port number used by drbd
meta-disk internal; # where to store metadata meta-data
}

on ubuntu-six { # second server hostname
device /dev/drbd0;
disk /dev/sdb1;
address 10.66.66.26:7788;
meta-disk internal;
}

disk {
on-io-error detach;
}

net {
max-buffers 2048;
ko-count 4;
}

syncer {
rate 10M;
al-extents 257;
}

startup {
wfc-timeout 0;
degr-wfc-timeout 120; # 2 minutos.
}
}

resource typo3 { # name of resources apache2 and typo3

protocol C;

on ubuntu-five { # first server hostname
device /dev/drbd1; # Name of DRBD device
disk /dev/sdc1; # Partition to use, which was created using fdisk
address 10.66.66.22:7789; # IP addres and port number used by drbd
meta-disk internal; # where to store metadata meta-data
}

on ubuntu-six { # second server hostname
device /dev/drbd1;
disk /dev/sdc1;
address 10.66.66.26:7789;
meta-disk internal;
}

disk {
on-io-error detach;
}

net {
max-buffers 2048;
ko-count 4;
}

syncer {
rate 10M;
al-extents 257;
}

startup {
wfc-timeout 0;
degr-wfc-timeout 120; # 2 minutos.
}
}

Here is my /etc/ha.d/ha.cf:

logfile /var/log/ha-log
keepalive 2
deadtime 30
udpport 695
bcast eth0
auto_failback off
stonith_host ubuntu-five meatware ubuntu-six
stonith_host ubuntu-six meatware ubuntu-five
node ubuntu-six ubuntu-five

and the /etc/ha.d/haresources:

ubuntu-five IPaddr::10.66.66.74/24/eth0\
drbddisk::testing Filesystem::/dev/drbd0::/var/lib/mysql::ext3\
drbddisk::typo3 Filesystem::/dev/drbd1::/data::ext3 mysql apache2

First make new Partitions on sdb and sdc on both boxes:
fdsik /dev/sdb
> n
> p
> 1
> enter
> enter
> w

fdsik /dev/sdc
> n
> p
> 1
> enter
> enter
> w

make drbd with these commands on both boxes:

drbdadm create-md testing
#mkfs.ext3 /dev/drbd0

drbdadm create-md typo3
(#mkfs.ext3 /dev/drbd1)

On ubuntu-five run:
drbdadm -- --overwrite-data-of-peer primary all
drbdadm connect all

On ubuntu-six run:
drbdadm -- --overwrite-data-of-peer secondary all
drbdadm connect all

Wait until new DRBD drive to syncing.

Move the mysql data files and test mounting on ubuntu-five:

/etc/init.d/mysql stop

mv /var/lib/mysql /var/lib/mysql.org
mkdir /var/lib/mysql
mount /dev/drbd0 /var/lib/mysql
mv /var/lib/mysql.org/* /var/lib/mysql/
chown -R mysql:mysql /var/lib/mysql

/etc/init.d/mysql start

On ubuntu-six do:

/etc/init.d/mysql stop

mv /var/lib/mysql /var/lib/mysql.org

Shutdown ubuntu-six and restart ubuntu-five.
Now start ubutnu-six after the ubuntu-five completely came up.

End :)

Thursday, August 14, 2008

Cloning typo3 Site

Copy the apache folder (/var/www/... or /var/srv/... to destination).

Make links for typo3 folders.

Backup database in source:

mysqldump -u {user} -p {databasename} > typo3_db.sql

Copy the file typo3_db.sql to destination.

Build new database in destination:

mysql -u root -p

mysql> grant all privileges on {datenbankname}.* \
      to {username}@localhost identified by '{passwort}';

mysql> quit ;

mysql -u {username} -p

mysql> create database {databasename};

mysql> quit ;

mysql -u {username} -p {databaseame} < typo3_db.sql

Monday, August 11, 2008

Ubuntu - Change eth0 to eth1

Edit this file:

vim /etc/udev/rules.d/70-persistent-net.rules

# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:bf:c8:1b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"

# PCI device 0x1022:0x2000 (pcnet32)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:0c:29:bf:c8:1b", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1"

delete eth0 line, and change eth1 line to eth0:

Tuesday, August 5, 2008

MySQL Clustering - Master / Slave

We will need two Ubuntu Servers.

for example:

hostname: IP
--------------------------------------
ubuntu-one: 10.66.66.36
ubuntu-two: 10.66.66.29

To begin with we'll install and configure MySQL for normal use on each of the boxes.

sudo apt-get install mysql-server --yes

Set a strong MySQL root password and wait for the packages to download and install, then edit /etc/mysql/my.cnf to make MySQL listen on all IP addresses.

bind-address = 0.0.0.0

Now restart MySQL and fire up the MySQL command-line client to check all is good.

sudo /etc/init.d/mysql restart

mysql -u root -p
Enter password: [enter the MySQL root password you chose earlier]
mysql>

If you got the mysql> prompt then MySQL is running. Try connecting to the other node across the network to see if the firewall is opened and MySQL is listening on the network interface.

From ubuntu-one run:

mysql -h ubuntu-two -u root -p

Enter password: [enter the MySQL root password you chose earlier]
ERROR 1130 (00000): Host 'db-01' is not allowed to connect to this MySQL server

If you got the above error then everything is working fine - MySQL connected and refused to authorise the client.

The first thing we want to do is setup a simple master-slave
replication to see that it's possible to replicate data from one
database host to the other. This requires a binary log so tell MySQL on
ubuntu-one to keep one.

Edit /etc/mysql/my.cnf and set the following values under the replication section:

server-id               = 1
log_bin                 = /var/log/mysql/mysql-bin.log
expire_logs_days        = 10
max_binlog_size         = 100M
binlog_do_db            = my_application <=== Database to replicate
binlog_ignore_db        = mysql <=== Database to ignore
binlog_ignore_db        = test <=== Database to ignore  On ubuntu-one grant\
                                   replication slave rights to ubuntu-two.

Change some_password to a real, strong password.
Afterwards, make sure you restart MySQL.

mysql -u root -p

Enter password: [enter the MySQL root password you chose earlier]
mysql> grant replication slave on *.* to 'replication'@'ubuntu-two' identified by 'some_password';

sudo /etc/init.d/mysql restart

Jump on to ubuntu-two and set it up to replicate data from ubuntu-one by editing /etc/mysql/my.cnf, again replacing the hostname, username and password with the values for ubuntu-one.

server-id                 = 2
master-host               = ubuntu-one
master-user               = replication
master-password           = some_password
master-port               = 3306

One way replication should now be setup. Restart MySQL and check the
status of the slave on ubuntu-two. If the Slave_IO_State is "Waiting for
master to send event" then you've been successful.

# Run this on ubuntu-two only

sudo /etc/init.d/mysql restart
mysql -u root -p
Enter password: [enter the MySQL root password you chose earlier]
mysql> show slave status ;
*************************** 1. row ***************************
          Slave_IO_State: Waiting for master to send event
             Master_Host: 193.219.108.241
             Master_User: replication
             Master_Port: 3306
           Connect_Retry: 60
         Master_Log_File: mysql-bin.000005
     Read_Master_Log_Pos: 98
          Relay_Log_File: mysqld-relay-bin.000004
           Relay_Log_Pos: 235
   Relay_Master_Log_File: mysql-bin.000005
        Slave_IO_Running: Yes
       Slave_SQL_Running: Yes
         Replicate_Do_DB:
     Replicate_Ignore_DB:
      Replicate_Do_Table:
  Replicate_Ignore_Table:
 Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
              Last_Errno: 0
              Last_Error:
            Skip_Counter: 0
     Exec_Master_Log_Pos: 98
         Relay_Log_Space: 235
         Until_Condition: None
          Until_Log_File:
           Until_Log_Pos: 0
      Master_SSL_Allowed: No
      Master_SSL_CA_File:
      Master_SSL_CA_Path:
         Master_SSL_Cert:
       Master_SSL_Cipher:
          Master_SSL_Key:
   Seconds_Behind_Master: 0

Monday, July 21, 2008

Change IP in SUSE

Change the content of this file:

/etc/sysconfig/network/ifcfg-(yourdevicename)

Example:

BOOTPROTO='static'
BROADCAST=''
IPADDR='192.168.1.65'
MTU=''
NAME='Intel PRO/1000 T Server Adapter'
NETMASK='255.255.255.0'
NETWORK=''
REMOTE_IPADDR=''
STARTMODE='auto'
UNIQUE='JNkJ.yxXKhRPGaBB'
USERCONTROL='no'
_nm_name='bus-pci-0000:00:09.0'
PREFIXLEN=''

See this file for more descriptions:

/etc/sysconfig/network/ifcfg.template

Friday, July 18, 2008

Connect Outlook to Exchange over the Internet

Click Start, and then click Control Panel.

If you are viewing Control Panel in the default Category view, switch to Classic view, and then double-click Mail.
If you are viewing Control Panel in Classic view, double-click Mail.

Click on Show Profiles.

If you already have a profile:
1. Highlight the profile you wish to use and click Properties.
2. Click on E-mail Accounts.
3. Make sure that the E-mail tab is selected, click New.
4. Choose Microsoft Exchange, POP3, IMAP, or HTTP and click Next.
If you do not have a profile:
1. You will be prompted to create a profile, name it anything you would like.
Click Manually configure server settings or additiona server types.
In the Microsoft Exchange Server box, type the local name of the Exchange server:
be01.hosting01.fpweb.net
In the User Name box, type the full email address of the user. Do not click Check Name.
In the Exchange Server settings page, click More Settings.

You may get an error message that the name could not be found. Ignore the error and continue.
Click Cancel in the next window.

On the Connection tab, under Exchange over the Internet, select Connect to my Exchange mailbox using HTTP, and then click Exchange Proxy Settings. The Exchange Proxy Settings dialog box appears.
Under Use this URL to connect to my proxy server for Exchange, type the following URL:
webmail.hosting01.fpweb.net
Select Connect using SSL only.
Select On fast networks, connect using HTTP first, then connect using TCP/IP. Make sure On slow networks, connect using HTTP first, then connect using TCP/IP is selected.
Under Proxy authentication settings, select Basic Authentication.
Click OK, and then click OK again. Click Next, and then click Finish.

Open Outlook and type your full email address when prompted. You can now work with your Outlook mailbox.

Friday, July 11, 2008

VmWare Server not starting after boot on my Ubuntu

I actually found out that this failure was actually due to an older installation of vmware-player. Even though I removed it at the time, vmware-player left /etc/init.d/vmware-player to start on boot up :s.... and as a result, messed everything up.

To sort this out, you need to remove vmware-player service simply run:

sudo update-rc.d -f vmware-player remove

Don't forget to remove /etc/vmware/not_configured, if it is still there, before you reboot.

Friday, July 4, 2008

Find UUID in Ubuntu

Just simple! run this:

blkid

ls /dev/disk/by-uuid

Thursday, June 26, 2008

Check Public IP from Command Line

run this command:

wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//'

that's all!