Author: Donatelur

linux perisian

RDP CentOS 6

yum install xrdp tigervnc-server

Tetapan selinux

chcon -t bin_t /usr/sbin/xrdp chcon -t bin_t /usr/sbin/xrdp-sesman

Tetapan iptables

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3389 -j ACCEPT

Tags iptables, mstsc, rdp, selunix

zimbra

Pasang SSL Wildcard Geotrust pada Zimbra 8

Post author By Donatelur
Post date September 30, 2015
No Comments on Pasang SSL Wildcard Geotrust pada Zimbra 8

Simpan private key sebagai /opt/zimbra/ssl/zimbra/commercial.key
Simpan server certificate ke fail /tmp/server.crt
Simpan intermediate certificate sebagai /tmp/ca_intermediate.crt

Dapatkan kandungan “Root 2 – GeoTrust Global CA” (pem file) dan simpan sebagai /tmp/global2.crt dari https://www.geotrust.com/resources/root-certificates/#

cat /tmp/ca_intermediate.crt /tmp/global2.crt /tmp/ca.crt > /tmp/ca_chain.crt

Sahkan sijil SSL dengan

/opt/zimbra/bin/zmcertmgr verifycrt comm /opt/zimbra/ssl/zimbra/commercial/commercial.key /tmp/commercial.crt /tmp/ca_chain.crt

Pasang sijil SSL

/opt/zimbra/bin/zmcertmgr deploycrt comm /tmp/commercial.crt /tmp/ca_chain.crt

Mulakan semula zimbra

su - zimbra zmcontrol restart

Tags commercial, geotrust, ssl, zimbra8

linux virtualbox

Pasang VirtualBox 5.0 Guest Additions pada CentOS 6

Post author By Donatelur
Post date September 29, 2015
No Comments on Pasang VirtualBox 5.0 Guest Additions pada CentOS 6

yum install gcc kernel-devel kernel-headers yum update kernel*

Selepas “Insert guest addition CD image…”

mount /dev/cdrom /mnt cd /mnt ./VBoxLinuxAdditions.run

Tags centos, guest additions

internet linux pemasangan

SSL Owncloud 8.0 pada Debian 7

Post author By Donatelur
Post date September 23, 2015
No Comments on SSL Owncloud 8.0 pada Debian 7

Buatkan CSR dengan openssl dari PC anda.

openssl genrsa -des3 -out owncloud_domain_com.key 2048 openssl req -new -key owncloud_domain_com.key -out owncloud_domain_com.csr

Setelah memuatnaik CSR dan dapat zip file dari COMODO, unzip, kemudian buatkan chain certificate.

cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt >> bundle.crt

Uji self-sign ssl terlebih dahulu.

a2enmod ssl a2ensite default-ssl service apache2 restart

Jika OK, teruskan:

Muatnaik bundle.crt ke /etc/apache2/ssl.crt/

Muatnaik owncloud_domain_com.key ke /etc/ssl/private/

Muatnaik owncloud_domain_com.crt ke /etc/ssl/certs/

Contoh yang diubah pada /etc/sites-enabled/default-ssl

SSLCertificateFile /etc/ssl/certs/owncloud_domain_com.crt SSLCertificateKeyFile /etc/ssl/private/owncloud_domain_com.key SSLCertificateChainFile /etc/apache2/ssl.crt/bundle.crt

Tambah juga tetapan berikut untuk melumpuhkan POODLE

SSLProtocol All -SSLv2 -SSLv3

Mulakan semula apache2

service apache2 restart

Tags comodo, debian, owncloud, positivessl, ssl

email linux

Status servis pada Zimbra Multiserver

Post author By Donatelur
Post date August 12, 2015
No Comments on Status servis pada Zimbra Multiserver

OS: CentOS 6
ZCS: v8.6

Lakukan pada semua server zimbra

Buang tanda pound ‘#’ dalam /etc/rsyslog.conf pada

$ModLoad imudp
$UDPServerRun 514

Configure rsyslog untuk zimbra

/opt/zimbra/libexec/zmsyslogsetup

Mulakan semula servis zimbra

service zimbra restart

Mulakan semula service rsyslog

/etc/init.d/rsyslog restart

Tags red, status, zimbra

Pelbagai

Zimbra 8.6 multiserver

Note pemasangan 1 SMTP & 1 mailbox

dns

set mailbox sebagai mx record

mta

pasang zimbra-ldap
pasang semula / kemaskini & tambah pakej zimbra-mta

mailbox

install zimbra-store and other recommended packages
during setup, cofigure ldap master first
then configure mta and nginx (proxy)

set semula password admin jika perlu sebagai user zimbra

zmprov sp admin@domain.com password

Menyelaraskan folder akaun emel zimbra

Post author By Donatelur
Post date June 24, 2015
No Comments on Menyelaraskan folder akaun emel zimbra

Untuk menyelaraskan folder akaun emel zimbra dari satu ZCS ke ZCS yang lain untuk tujuan migrasi:

Dapatkan senarai akaun yang hendak diselaraskan

su - zimbra zmaccts | grep "@domain" | cut -d " " -f 1 > /tmp/accounts.txt

Contoh kod skrip imapsync

[code lang=’bash’]#!/bin/bash
while IFS= read file
do
imapsync –noauthmd5 –syncinternaldates –buffersize 65535000 –subscribe \
–host1 202.x.x.x –user1 $file –authuser1 admin@domain –password1 password1 –nofastio1 –authmech1 plain \
–host2 10.x.x.x –ssl2 –user2 $file –authuser2 admin@domain –password2 password2 –nofastio2 –authmech2 plain 2> zimbrasyncerror.txt
done < "accounts.txt"[/code] pada baris ke-6, kita menggunakan option --ssl2 kerana server destinasi hanya terdapat port 993 (IMAP4 ssl)

Tags imapsync, zimbra

virtualbox

Pasang VirtualBox Guest Additions pada CentOS 7

Post author By Donatelur
Post date June 22, 2015
No Comments on Pasang VirtualBox Guest Additions pada CentOS 7

Pasang pakej-pakej yang diperlukan

yum install kernel-devel-`uname -r` gcc yum install epel-release yum install dkms --enablerepo epel

Pasang guest additions

mount /dev/cdrom /mnt cd /mnt ./VBoxLinuxAdditions.run

Tags guest additions, para

linux pengkalan data

Apabila semua nod kluster Galera MariaDB shutdown

Post author By Donatelur
Post date April 8, 2015
No Comments on Apabila semua nod kluster Galera MariaDB shutdown

Tambah atau benarkan “enable_autorecovery=0” pada /etc/cmon.cnf pada nod ClusterControl.

Mulakan semula cmon

admin@cc:~$ sudo service cmon restart

Perhatikan perbezaan nombor “Recovered position” selepas tanda kolon.

admin@db2:~$ sudo mysqld_safe --wsrep-recover 150408 09:38:59 mysqld_safe Logging to '/var/log/mysql.log'. 150408 09:38:59 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 150408 09:38:59 mysqld_safe WSREP: Running position recovery with --log_error='/var/lib/mysql/wsrep_recovery.x2Epct' --pid-file='/var/lib/mysql/db2-recover.pid' 150408 09:39:25 mysqld_safe WSREP: Recovered position 00000000-0000-0000-0000-000000000000:-1 150408 09:39:34 mysqld_safe mysqld from pid file /var/lib/mysql/mysqld.pid ended

admin@db1:~$ sudo mysqld_safe --wsrep-recover 150408 09:40:22 mysqld_safe Logging to '/var/log/mysql.log'. 150408 09:40:22 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 150408 09:40:22 mysqld_safe WSREP: Running position recovery with --log_error='/var/lib/mysql/wsrep_recovery.ISjnrN' --pid-file='/var/lib/mysql/db1-recover.pid' 150408 09:40:32 mysqld_safe WSREP: Recovered position 1f6e96d3-dd06-11e4-a086-1a4287304197:92216

Berdasarkan situasi diatas, data db1 lebih terkini, jadi kita bootstrap db1.

admin@db1:~$ sudo mysqld --wsrep_cluster_address=gcomm://

admin@db1:~$ sudo tailf /var/log/mysql.log

Tunggu sampai ada mesej berikut di dalam /var/log/mysql.log

[Note] mysqld: ready for connections.

admin@db2:~$ sudo service mysql start

Tunggu sampai ada mesej berikut di dalam /var/log/mysql.log

[Note] /usr/sbin/mysqld: ready for connections.

Buang tetapan “enable_autorecovery=0” pada /etc/cmon.cnf pada nod ClusterControl.

Mulakan semula cmon

Siap.

Tags 10.0, 2 node, galera, shutdown

linux

Tetapan untuk log haproxy

Post author By Donatelur
Post date April 7, 2015
No Comments on Tetapan untuk log haproxy

/etc/haproxy/haproxy.cfg

[code lang=’plain’]global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice[/code]

/etc/rsyslog.conf

$ModLoad imuxsock # provides support for local system logging $ModLoad imklog # provides kernel logging support $ModLoad imudp $UDPServerRun 514 $UDPServerAddress 127.0.0.1 $KLogPermitNonKernelFacility on $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat $RepeatedMsgReduction on $FileOwner syslog $FileGroup adm $FileCreateMode 0640 $DirCreateMode 0755 $Umask 0022 $PrivDropToUser syslog $PrivDropToGroup syslog $WorkDirectory /var/spool/rsyslog $IncludeConfig /etc/rsyslog.d/*.conf

/etc/rsyslog.d/haproxy.conf

if ($programname == 'haproxy') then -/var/log/haproxy.log

Tags enable, haproxy, rsyslog