Let’s Encrypt service with Pound server

In order to install Certbot on your server, follow the next steps: (make sure you have “git” installed on your system)

$sudo apt-get install git (if not previously installed)
$cd /opt
$sudo git clone https://github.com/certbot/certbot

Running the above commands will download the Certbot latest release from their git repo in the /opt folder. Then we need to stop any service that might be using port 80 on our server, since the installation type we will be performing on this tutorial is the “standalone” type described on the Cerbot documentation, there are other ways to install the certificates, it is up to your preference.
Since this tutorial is about Pound, we are assuming the daemon is already installed so we need to stop it:

$sudo service pound stop

once the service is stopped, run:

$cd /opt/certbot
$sudo ./letsencrypt-auto --text --email YOUR@EMAIL -d YOUR_DOMAIN --agree-tos --standalone certonly

by default, running the command above will generate the necessary key files (*.pem) in the following folder:

/etc/letsencrypt/live/YOUR_DOMAIN/

now, we need to create a private key file that Pound can understand, to do so run the following:

$sudo cat /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem > /etc/ssl/YOUR_DOMAIN.pem

doing so, will concatenate the privkey.pem file and the fullchain.pem file generated by Cerbot into a single file that will be stored into your ssl certificates folder, this is very important! Continue reading “Let’s Encrypt service with Pound server” »

Share

Webmin installation on Centos

Installing the RPM

If you are using the RPM version of Webmin, first download the file from the downloads page, or run the command :

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.870-1.noarch.rpm

then install optional dependencies with :

yum -y install perl perl-Net-SSLeay openssl perl-IO-Tty perl-Encode-Detect

and then run the command :

rpm -U webmin-1.870-1.noarch.rpm

Continue reading “Webmin installation on Centos” »

Share

CentOS 5 Repository fix using vault.centos.org

It’s a bit silly process, googled hours but found not solid way to update my old 32bit centos 5 linux box. So came up with a solution of my own. It might work for you, but no guarantee!

Step-1
Remove all .repo inside /etc/yum.conf.d/ directory

Step-2
Create a new repo file inside /etc/yum.conf.d/ 

nano /etc/yum.conf.d/CentOS-Vault.repo 

Update with the following section: Continue reading “CentOS 5 Repository fix using vault.centos.org” »

Share

BIND ACL to restrict zone trasfer with IP address

You need to define ACL in /etc/named.conf or /etc/bind/named.conf.local file. Let us say IP 1.2.3.4 and 1.2.3.5 are allowed to transfer your zones.

# vi named.conf or vi /etc/bind/named.conf.local

Here is sample entry for domain domain.org.bd (ns1 configuration):

acl trusted-servers {
1.2.3.4; //ns1
1.2.3.5; //ns2
};

zone "domain.org.bd" {
 type master;
 file "/var/lib/bind/domain.org.bd.hosts";
 also-notify {
1.2.3.5; 
 };
 notify yes;
 allow-transfer { trusted-servers; };
 };

Continue reading “BIND ACL to restrict zone trasfer with IP address” »

Share

LEMP on Centos 6

In this guide, we’ll walk you through installing all of these components (except for Linux, which is already installed as your OS when you create the server).

Install the Extra Packages for Enterprise Linux Repository (or EPEL for short):sudo yum install epel-release
Run a yum update to sync your packages with the new EPEL repository:

sudo yum update

Install MySQL:

sudo yum install mysql-server

Activate MySQL:

sudo service mysqld start

Configure your MySQL installation:

sudo /usr/bin/mysql_secure_installation

Make it so that MySQL will start automatically on server reboot: Continue reading “LEMP on Centos 6” »

Share

Install Apache Tomcat 8.5 on CentOS 7.3

Prerequisites

Server with CentOS 7 – 64bit
2 GB or more RAM (Recommended)
Root Privileges on the server

Step 1 – Install Java (JRE and JDK)

In this step, we will install the Java JRE and JDK from the CentOS repository. We will install Java 1.8.11 on the server with the yum command.

Run this command to install Java JRE and JDK from CentOS repository with yum:

yum -y install java-1.8.0-openjdk.x86_64 java-1.8.0-openjdk-devel.x86_64

It will take some time, wait until the installation finished.

Then you should check the Java version with the command below:

java -version

You should see results similar to the ones below:

openjdk version "1.8.0_111"
OpenJDK Runtime Environment (build 1.8.0_111-b15)
OpenJDK 64-Bit Server VM (build 25.111-b15, mixed mode)

Step 2 – Configure the Java Home Environment Continue reading “Install Apache Tomcat 8.5 on CentOS 7.3” »

Share

Load Balancing using Ldirectord on Linux (Apache) web server

For this setup, we need four nodes (two Apache nodes and two load balancer nodes) and five IP addresses: one for each node and one virtual IP address that will be shared by the load balancer nodes and used for incoming HTTP requests.

I will use the following setup here:

Apache node 1: webserver1.tm.local (webserver1) – IP address: 192.168.0.103; Apache document root: /var/www
Apache node 2: webserver2.tm.local (webserver2) – IP address: 192.168.0.104; Apache document root: /var/www
Load Balancer node 1: loadb1.tm.local (loadb1) – IP address: 192.168.0.101
Load Balancer node 2: loadb2.tm.local (loadb2) – IP address: 192.168.0.102
Virtual IP Address: 192.168.0.105 (used for incoming requests)

In this tutorial I will use Ubuntu 8.04 LTS for all four nodes, just install basic Ubuntu 8.04 LTS on all four nodes. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you! I also recommend you to have a DNS server in place. Continue reading “Load Balancing using Ldirectord on Linux (Apache) web server” »

Share

Setup Percona on Debian 7

MySQL multi-master replication is an excellent feature within MySQL. However, there is only one problem; standard multi-master replication seems to never be as stable as something like master-slave replication. It is always in need of attention. That is where Percona comes into play. The Percona team has developed an amazing product dubbed Percona XtraDB cluster. XtraDB features world class multi-master replication powered by Galera. So, what are we waiting for? Let’s get started.

Prerequisites
A Linux distro of your choice. In this guide, we will be using Debian 7. You can use a different distro if you would like. (Note that you may need to adapt this guide to work with the distro of your choice)
Two nodes running the same OS. Basic knowledge of the command line and SSH.

Getting Started

SSH into your virtual machines.

VM 1:
ssh root@xxx.xxx.xxx.xxx
VM 2:
ssh root@yyy.yyy.yyy.yyy

Add Percona’s repositories.
On both nodes, execute the following command:

echo -e "deb http://repo.percona.com/apt wheezy main\ndeb-src http://repo.percona.com/apt wheezy main" >> /etc/apt/sources.list.d/percona.list && apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A

Now we need to update the sources:

apt-get update

Install Percona-XtraDB Cluster

The installation is straightforward: Continue reading “Setup Percona on Debian 7” »

Share

Install LEMP with phpmyadmin on CentOS 7

To add the CentOS 7 EPEL repository, open terminal and use the following command:

yum install epel-release

Since we are using a sudo command, these operations get executed with root privileges. It will ask you for your regular user’s password to verify that you have permission to run commands with root privileges. Now that the Nginx repository is installed on your server, install Nginx using the following yum command:

yum install nginx

Afterwards, your web server is installed. Once it is installed, you can start Nginx on your VPS:

systemctl start nginx

You can do a spot check right away to verify that everything went as planned by visiting your server’s public IP address in your web browser (see the note under the next heading to find out what your public IP address is if you do not have this information already): Continue reading “Install LEMP with phpmyadmin on CentOS 7” »

Share

stress test your web server with httperf

Httperf is a tool for measuring web server performance. It provides a flexible facility for generating various HTTP workloads and for measuring server performance.

NOTE : for accurate results, it’s best to run httperf from a remote machine and not from the localhost

to install httperf in red-hat based distributions (additional repo are needed. For centos you’ll need rpmforge, see here for installation)

yum install httperf

or in debian based

apt-get install httperf

An example of httperf stress test Continue reading “stress test your web server with httperf” »

Share