Pasang bacula-web pada Ubuntu 16.04

  1. Muaturun bacula-webcurl -O http://www.bacula-web.org/files/bacula-web.org/downloads/bacula-web-latest.tgz
    sudo mkdir -v /var/www/bacula-web

  2. Salin dan ekstrak ke /var/wwwcp /home/user1/bacula-web-latest.tgz .
    sudo cp /home/user1/bacula-web-latest.tgz .
    tar -xzf bacula-web-latest.tgz -C /var/www/bacula-web
    sudo tar -xzf bacula-web-latest.tgz -C /var/www/bacula-web
    chown -Rv www-data: /var/www/bacula-web
    sudo chown -Rv www-data: /var/www/bacula-web
    sudo chmod -Rv u=rx,g=rx,o=rx /var/www/bacula-web
    cd bacula-web/
    cd application/config/
    sudo cp config.php.sample config.php

  3. Edit setting nama dan path fail sqlite pada /var/www/bacula-web/application/config/config.php$config[0]['label'] = 'Main Backup Server';
    $config[0]['db_type'] = 'sqlite';
    $config[0]['db_name'] = '/var/lib/bacula/bacula.db';

  4. Edit /etc/php/7.0/apache2/php.ini dan set timezone
    date.timezone = Asia/Kuala_Lumpur

  5. Edit /etc/apache2/sites-available/000-default.conf dan tambah berikut sebelum “</VirtualHost>”
    <Directory /var/www/html/bacula-web>
     AllowOverride All
    </Directory>

  6. Ubah permission cache dan sqlitesudo chmod 755 application/view/cache/
    sudo chown www-data /var/lib/bacula/bacula.db
    sudo chown www-data /var/lib/bacula
    sudo service apache2 reload

  7. Siap. Anda sekarang boleh mengakses bacula-web pda IP/bacula-web/
Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Setting SSL (letsencrypt) nginx Citadel

  1. Tukar port HTTPS Citadel ke 2001 dengan arahan

    dpkg-reconfigure citadel-webcit

  2. Pasang SSL truecrypt dengan merujuk kepada artikel https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
  3. Edit /etc/nginx/sites-enabled/citadel seperti berikut:
    server {
    
            server_name domain.com citadel.domain.com;
            listen 443 ssl http2;
            listen [::]:443 ssl http2;
            include snippets/ssl-domain.com.conf;
            include snippets/ssl-params.conf;
    
            error_log /var/log/nginx/citadel-error.log;
            access_log /var/log/nginx/citadel-access.log;
    
            root /usr/share/citadel-webcit;
    # optional:
    #      listen 192.168.1.1:443
    # instead depending on your setup...
            # Main location
            location /webcit/ {
                proxy_pass         https://127.0.0.1:2001/;
                proxy_redirect     off;
    
                proxy_set_header   Host             $host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    
                client_max_body_size       10m;
                client_body_buffer_size    128k;
    
                proxy_connect_timeout      90;
                proxy_send_timeout         90;
                proxy_read_timeout         90;
    
                proxy_buffer_size          4k;
                proxy_buffers              4 32k;
                proxy_busy_buffers_size    64k;
                proxy_temp_file_write_size 64k;
            }
            location /listsub/ {
                proxy_pass         https://127.0.0.1:2001;
                proxy_redirect     off;
    
                proxy_set_header   Host             $host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    
                client_max_body_size       10m;
                client_body_buffer_size    128k;
    
                proxy_connect_timeout      90;
                proxy_send_timeout         90;
                proxy_read_timeout         90;
    
                proxy_buffer_size          4k;
                proxy_buffers              4 32k;
                proxy_busy_buffers_size    64k;
                proxy_temp_file_write_size 64k;
            }
            location /groupdav/ {
                proxy_pass         https://127.0.0.1:2001/;
                proxy_redirect     off;
    
                proxy_set_header   Host             $host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    
                client_max_body_size       10m;
                client_body_buffer_size    128k;
    
                proxy_connect_timeout      90;
                proxy_send_timeout         90;
                proxy_read_timeout         90;
    
                proxy_buffer_size          4k;
                proxy_buffers              4 32k;
                proxy_busy_buffers_size    64k;
                proxy_temp_file_write_size 64k;
            }
            location /freebusy/ {
                proxy_pass         https://127.0.0.1:2001/;
                proxy_redirect     off;
    
                proxy_set_header   Host             $host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    
                client_max_body_size       10m;
                client_body_buffer_size    128k;
    
                proxy_connect_timeout      90;
                proxy_send_timeout         90;
                proxy_read_timeout         90;
    
                proxy_buffer_size          4k;
                proxy_buffers              4 32k;
                proxy_busy_buffers_size    64k;
                proxy_temp_file_write_size 64k;
            }
    }

Sumber:
http://www.citadel.org/doku.php/faq:installation:apacheproxy
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Formula mengira pm.max_children untuk PHP FPM

Dapatkan jumlah RAM dalam MB dan /run/shm dalam MB

$ awk '/MemTotal/ {printf("%.2f\n",$2/1024)}' /proc/meminfo
128756.27

$ df -m
Filesystem                1M-blocks  Used Available Use% Mounted on
/dev/mapper/app1--vg-root    541986 42284    475016   9% /
none                              1     0         1   0% /sys/fs/cgroup
udev                          64368     1     64368   1% /dev
tmpfs                         12876     2     12875   1% /run
none                              5     0         5   0% /run/lock
none                          64379     0     64379   0% /run/shm
none                            100     0       100   0% /run/user
/dev/sda2                       237    45       180  20% /boot
/dev/sda1                       511     4       508   1% /boot/efi
/dev/dm-2                    307196 83294    223903  28% /var/www

Formula:

(((TotalMemoryinMB-TMPFSinMB)*.8)/75)

(((128756.27-64379)*.8)/75) = 686

Sumber: http://ispeakl33t.com/calculate-pm-max_children

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

iSCSI target dengan Ubuntu 14.04

IP target (sumber storan):
192.168.56.212

Logical volume yang hendak digunakan: /dev/vgtarget00/lvtarget00

IP initiator(dari mana akan diakses):
192.168.56.213
192.168.56.214

Pasang iscsitarget pada sumber
sudo apt-get install iscsitarget iscsitarget-dkms

Contoh tetapan pada /etc/default/iscsitarget

ISCSITARGET_ENABLE=true
ISCSITARGET_OPTIONS="--address 192.168.56.212"

Contoh tetapan pada /etc/iet/ietd.conf

Target iqn.2015-01.iscsi:target00
        Lun 0 Path=/dev/vgtarget00/lvtarget00,Type=blockio
	initiator-address 192.168.56.213
	initiator-address 192.168.56.214

Contoh tetapan pada /etc/iet/initiators.allow

ALL ALL

Mulakan semula servis iscsitarget
sudo /etc/init.d/iscsitarget restart

Pasang iscsi-initiator pada server yang akan mengakses storan iscsi (initiator)
sudo apt-get install open-iscsi

Contoh tetapan pada /etc/iscsi/iscsid.conf

iscsid.startup = /usr/sbin/iscsid
node.startup = automatic
node.leading_login = No
node.session.timeo.replacement_timeout = 120
node.conn[0].timeo.login_timeout = 15
node.conn[0].timeo.logout_timeout = 15
node.conn[0].timeo.noop_out_interval = 5
node.conn[0].timeo.noop_out_timeout = 5
node.session.err_timeo.abort_timeout = 15
node.session.err_timeo.lu_reset_timeout = 30
node.session.err_timeo.tgt_reset_timeout = 30
node.session.initial_login_retry_max = 8
node.session.cmds_max = 128
node.session.queue_depth = 32
node.session.xmit_thread_priority = -20
node.session.iscsi.InitialR2T = No
node.session.iscsi.ImmediateData = Yes
node.session.iscsi.FirstBurstLength = 262144
node.session.iscsi.MaxBurstLength = 16776192
node.conn[0].iscsi.MaxRecvDataSegmentLength = 262144
node.conn[0].iscsi.MaxXmitDataSegmentLength = 0
discovery.sendtargets.iscsi.MaxRecvDataSegmentLength = 32768
node.session.nr_sessions = 1
node.session.iscsi.FastAbort = Yes

Mulakan semula servis initiator
sudo /etc/init.d/open-iscsi restart

Akses storan pada target
sudo iscsiadm -m discovery -t sendtargets -p 192.168.56.212
sudo iscsiadm -m node --login

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Setting locale failed

Jika anda set negara sebagai Malaysia semasa pemasangan Ubuntu, setiap kali memasang pakej anda terlihat mesej berikut

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
	LANGUAGE = "en_US:en",
	LC_ALL = (unset),
	LC_TIME = "ms_MY.UTF-8",
	LC_MONETARY = "ms_MY.UTF-8",
	LC_ADDRESS = "ms_MY.UTF-8",
	LC_TELEPHONE = "ms_MY.UTF-8",
	LC_NAME = "ms_MY.UTF-8",
	LC_MEASUREMENT = "ms_MY.UTF-8",
	LC_IDENTIFICATION = "ms_MY.UTF-8",
	LC_NUMERIC = "ms_MY.UTF-8",
	LC_PAPER = "ms_MY.UTF-8",
	LANG = "en_US.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
locale: Cannot set LC_ALL to default loc
le: No such file or directory

Penyelesaiannya:

$ sudo locale-gen ms_MY.UTF-8
Generating locales...
ms_MY.UTF-8... done
Generation complete.

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Kluster Galera MariaDB (Aktif-Aktif)

OS: Ubuntu 14.04
Untuk situasi dimana kita hanya ada 2 server yang boleh digunakan.

2 node mariadb + 1 node garb/arbiter (elak split-brain)

Pastikan /etc/hosts ada entri ketiga-tiga node. Contoh:

127.0.0.1	localhost
127.0.1.1	ubuntu
192.168.56.215	db1
192.168.56.216	db2
192.168.56.217	garb

Pasang mariadb pada kedua-dua node mariadb

sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db
sudo add-apt-repository 'deb http://mariadb.nethub.com.hk//repo/10.0/ubuntu trusty main'
sudo apt-get update
sudo apt-get install mariadb-galera-server galera

Pasang garbd pada node garb

sudo apt-get install galera

Matikan service mariadb pada kedua-dua node

sudo service mysql stop

Contoh setting /etc/mysql/my.cnf. Sesuaikan untuk setiap node. srep_cluster_address="gcomm://db2?pc.wait_prim=no" perlu set terbalik seperti ditunjukkan.

[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock

[mysqld_safe] 
nice = 0 
socket = /var/run/mysqld/mysqld.sock

[mysqld] 
basedir = /var/lib/mysql 
bind-address = 192.168.56.215
binlog_format = ROW 
character_set_server = utf8 
collation_server = utf8_general_ci 
datadir = /var/lib/mysql 
default-storage-engine = InnoDB 
expire_logs_days = 10 
innodb_autoinc_lock_mode = 2 
innodb_buffer_pool_size = 1G 
innodb_log_file_size = 512M 
innodb_doublewrite = 1 
innodb_file_per_table = 1 
innodb_flush_log_at_trx_commit = 2 
innodb_lock_wait_timeout = 60 
innodb_locks_unsafe_for_binlog = 1 
innodb_stats_on_metadata = 0 
key_buffer = 256M 
lc-messages-dir = /usr/share/mysql 
lock_wait_timeout = 300 
max_allowed_packet = 128M 
max_binlog_size = 128M 
max_connections = 64 
myisam-recover = BACKUP 
myisam_sort_buffer_size = 64M 
net_buffer_length = 8K 
open-files-limit = 65535 
pid-file = /var/run/mysqld/mysqld.pid 
port = 3306 
query_cache_limit = 8M 
query_cache_size = 16M 
read_buffer_size = 8M 
read_rnd_buffer_size = 8M 
skip-external-locking 
socket = /var/run/mysqld/mysqld.sock 
sort_buffer_size = 16M 
table_cache = 2M 
table_definition_cache = 65535 
table_open_cache = 65535 
thread_cache_size = 8 
thread_concurrency = 8 
tmpdir = /tmp 
user = mysql
wsrep_provider=/usr/lib/galera/libgalera_smm.so
wsrep_cluster_address="gcomm://db2?pc.wait_prim=no"
wsrep_sst_method=rsync
wsrep_cluster_name="joomla_db_cluster"

[mysqldump] 
max_allowed_packet = 16M 
quick 
quote-names

[mysql]

[isamchk] 
!includedir /etc/mysql/conf.d/ 
key_buffer = 256M 
read_buffer = 16M 
sort_buffer_size = 256M 
write_buffer = 16M

Pada node db1, mulakan cluster mariadb

mysqld --wsrep_cluster_address=gcomm://

Pada nod db1, salin fail debian.cnf ke nod db2

scp /etc/mysql/debian.cnf user1@192.168.56.216:/home/user1/debian.cnf
sudo cp debian.cnf /etc/mysql/

Mulakan mariadb pada node2

sudo service mysql start

Cuba mulakan garbd pada nod garb

sudo garbd -a gcomm://db1:4567,db2:4567?pc.wait_prim=no -g "joomla_db_cluster"

Contoh setting /etc/default/garb pada node garb

GALERA_NODES="db1:4567 db2:4567"
GALERA_GROUP="joomla_db_cluster"
GALERA_OPTIONS="pc.wait_prim=no"
LOG_FILE="/var/log/garbd.log"

Mulakan garbd pada node garb

sudo service garb start

Matikan mariadb pada node db1

sudo service mysql stop

Mulakan semula mariadb pada node db1

sudo service mysql start

Contoh log cluster dengan kesemua node berjalan (semak dalam /var/log/garb.log)

2015-01-28 22:46:37.658  INFO: Quorum results:
	version    = 3,
	component  = PRIMARY,
	conf_id    = 6,
	members    = 3/3 (joined/total),
	act_id     = 0,
	last_appl. = 0,
	protocols  = 0/5/3 (gcs/repl/appl),
	group UUID = 1828d0b2-a6ef-11e4-bf0a-3217c0075751
2015-01-28 22:46:37.658  INFO: Flow-control interval: [9999999, 9999999]
2015-01-28 22:46:37.665  INFO: Member 2.0 (db1) synced with group.
Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

primaryMessage volume Zimbra pada filesystem ZFS

  1. Tambah repo ppa ZFS untuk Ubuntu & pasang

    $ sudo add-apt-repository ppa:zfs-native/stable
    $ sudo apt-get update
    $ sudo apt-get install ubuntu-zfs

  2. Kenal pasti nama device. Dalam situasi ini, yang belum pernah dibuat partition

    $ sudo fdisk -l | grep valid
    Disk /dev/xvdc doesn't contain a valid partition table
    Disk /dev/xvde doesn't contain a valid partition table
    Disk /dev/xvdb doesn't contain a valid partition table
    Disk /dev/mapper/ubuntu--vg-root doesn't contain a valid partition table
    Disk /dev/mapper/ubuntu--vg-swap_1 doesn't contain a valid partition table

    $ sudo zpool create zfsPool1 raidz /dev/xvdb /dev/xvdc /dev/xvde -f
    $ sudo zpool status zfsPool1

      pool: zfsPool1
     state: ONLINE
      scan: none requested
    config:
    
            NAME        STATE     READ WRITE CKSUM
            zfsPool1    ONLINE       0     0     0
              raidz1-0  ONLINE       0     0     0
                xvdb    ONLINE       0     0     0
                xvdc    ONLINE       0     0     0
                xvde    ONLINE       0     0     0
    
    errors: No known data errors

    $ sudo zfs create zfsPool1/zimbraStore
    $ sudo zfs list

    NAME                        USED  AVAIL  REFER  MOUNTPOINT
    zfsPool1                    196K  9.75G  40.0K  /zfsPool1
    zfsPool1/zimbraStore       38.6K  9.75G  38.6K  /zfsPool1/zimbraStore

    $ host -t mx mylab.lab
    mylab.lab mail is handled by 10 mail.mylab.lab.

    $ hostname -f
    mail.mylab.lab

  3. Pastikan installer & installer yang digunakan adalah sesuai

    $ md5sum -c zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz.md5
    zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz: OK

    $ uname -p
    x86_64

    $ lsb_release -r
    Release: 12.04

  4. Ekstrak & install

    $ tar -xvf zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631.tgz
    $ cd zcs-8.0.0_GA_5434.UBUNTU12_64.20120907144631/
    $ sudo apt-get install libgmp3c2 libperl5.14 sysstat sqlite3
    $ sudo ./install.sh

  5. Pindah volum primaryMessage ke /zfsPool1/zimbraStore/

    $ chown zimbra:zimbra /zfsPool1/zimbraStore/

    $ zmvolume -a -n zfsStore -p /zfsPool1/zimbraStore/ -t primaryMessage
    Volume 3 is created

    $ zmvolume -sc -id 3
    Volume 3 is now the current primaryMessage volume.

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)