Convert .p12 bundle to server certificate and key files

Seperate Private Key and Certificate file

#Generate certificates bundle file

openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem

#Generate server key file.

openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key

Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

Create a .pfx/.p12 certificate file using OpenSSL

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt

Src: https://www.sslshopper.com/article-most-common-openssl-commands.html

Share

Add a New Disk Larger Than 2TB to An Existing Linux

I am using fdisk and parted utilities to do this configuration.

First list the current partition details using fdisk command as shown.

# fdisk -l
List Linux Partition Table
List Linux Partition Table

For the purpose of this article, I am attaching a hard disk of 20GB capacity, which can be followed for disk larger than 2TB as well. Once you added a disk, verify the partition table using same fdisk command as shown. Continue reading “Add a New Disk Larger Than 2TB to An Existing Linux” »

Share

Install PHP 7.2 on Debian 9

Before you start with the installation of PHP 7.2 on your Debian VPS, make sure that you have full root access to it. Connect to the server via SSH and upgrade all the system software to the latest version available. You can do this by running the following commands in the terminal:

sudo apt-get update 
sudo apt-get upgrade

This will update the package index and will update the software currently installed on the server to the latest version.

Once your system is fully up to date, you can proceed to the next step, which is installing PHP 7.2.

Import the signing key and enable the PPA for PHP 7.2 by using the following commands:

wget -q https://packages.sury.org/php/apt.gpg -O- | sudo apt-key add -
echo "deb https://packages.sury.org/php/ stretch main" | sudo tee /etc/apt/sources.list.d/php.list

Once you are done with this, run the package index update once again using the command below:

sudo apt-get update

In case you get an error like the one below:

Reading package lists... Done
E: The method driver /usr/lib/apt/methods/https could not be found.
N: Is the package apt-transport-https installed?
E: Failed to fetch https://packages.sury.org/php/dists/stretch/InRelease
E: Some index files failed to download. They have been ignored, or old ones used instead.

It means there are some missing packages that you need to install first. Install the required packages by running the following command:

sudo apt-get install ca-certificates apt-transport-https

The run the update command again.

Finally, install PHP 7.2 on your Debian 9 VPS including some of the commonly used extensions using the command below:

sudo apt-get install php7.2 php7.2-cli php7.2-common php7.2-opcache php7.2-curl php7.2-mbstring php7.2-mysql php7.2-zip php7.2-xml

To verify the installation is completed run the following command:

php -v

The output should be very similar to the one below:

# php -v
PHP 7.2.9-1+0~20180901081133.4+stretch~1.gbpdaac35 (cli) (built: Sep 1 2018 08:11:34) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.9-1+0~20180901081133.4+stretch~1.gbpdaac35, Copyright (c) 1999-2018, by Zend Technologies

Change/Customize PHP 7.2 settings on a Debian VPS
Next thing you may want to complete is to customize the PHP 7.2 settings to meet your requirements. You can do so by editing the php.ini file. To find the path to this file, you can use the command below:

php --ini | grep "Loaded Configuration File"

It will return the path to the php.ini file which is currently loaded.

# php --ini | grep "Loaded Configuration File"

Loaded Configuration File: /etc/php/7.2/cli/php.ini

Edit the file using a text editor of your choice. We will use nano in this example.

nano /etc/php/7.2/cli/php.ini

Once you change the settings, save and close the file. If you are using Apache as a web server, you need to restart it for the new configuration to be loaded and for the changes to take effect. If you are using Nginx and PHP-FPM, you should restart the PHP-FPM service.

You can also create a sample info.php and see if the PHP files and executed on the server.

To create the file:

nano /var/www/html/info.php

and paste the following:

<?php phpinfo(); ?>

Save and close the file, then open you favorite web browser and access the file by using your server IP address in the URL followed by the name of the file.

http://IP-ADDRESS/info.php
Share

Install ionCube Loader on a CentOS 7

1. Log in to your CentOS 7 VPS via SSH as user root

# ssh root@IP_Address

and update all installed services

# yum update

2. Run the ‘arch’ command in the terminal to check if your system is 32-bit (i686) or 64-bit (x86_64)

# arch
x86_64

3. In our case the system is 64-bit and we will download the 64-bit version of ionCube Loader

# wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz

4. If your system is 32-bit download the following archive

# wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz

Continue reading “Install ionCube Loader on a CentOS 7” »

Share

Install Zoneminder on Ubuntu 18.04 with shell script

This will install Zoneminder by using a shell script with one basic command (how easy is that!).

You will need a Ubuntu 18.04 install with LAMP (Apache, MySQL and PHP) installed desktop or server. As an alternate you may use Mariadb in lieu of MySQL

Shell script file contents:

#!/bin/sh
clear
read -p "This script installs Zoneminder 1.32.x on Ubuntu 18.04 AMD64 with LAMP (MySQL) installed...
Press Enter to continue or Ctrl + c to quit" nothing
clear
read -p "You must be logged in as root using sudo su ...
Press Enter to continue or Ctrl + c to quit" nothing
clear
read -p "Next we will add the PPA repository, install and configure the system to run Zoneminder. 
Press enter to continue" nothing
apt install -y software-properties-common
clear
add-apt-repository ppa:iconnor/zoneminder-1.32
apt update
clear
awk '$0="date.timezone = "$0' /etc/timezone >> /etc/php/7.2/apache2/php.ini
clear
apt install -y zoneminder
systemctl enable zoneminder
service zoneminder start
adduser www-data video
a2enconf zoneminder
a2enmod rewrite
chown -R www-data:www-data /usr/share/zoneminder/
service apache2 reload
clear
read -p "Install complete.Press enter to continue" nothing
clear

Copy the contents of the script, open a terminal and run: Continue reading “Install Zoneminder on Ubuntu 18.04 with shell script” »

Share

SNMP Client Configuration for Observvium

This can be placed in /etc/snmp/snmpd.conf and will provide the required parameters for Observium. This example use version 2c snmp auth.

Community string: Replace community_string with your unique community string.

# Listen for connections on all interfaces (both IPv4 *and* IPv6)

agentAddress udp:161,udp6:[::1]:161

# Full view access
view all included .1

# system + hrSystem groups only
view systemonly included .1.3.6.1.2.1.1
view systemonly included .1.3.6.1.2.1.25.1

# Default access to full view
rocommunity community_string default -V all

# Default access to basic system info
#rocommunity public default -V systemonly

# System contact and location
syslocation Rack/Room/Building, Street, City, Country [GPSX,Y]
syscontact Contact Person <your@email.address>

# Disk Monitoring
disk / 10000
disk /var 5%
includeAllDisks 10%

# Unacceptable 1-, 5-, and 15-minute load averages
load 12 10 5

# This line allows Observium to detect the host OS if the distro script is installed
extend .1.3.6.1.4.1.2021.7890.1 distro /usr/local/bin/distro

# This lines allows Observium to detect hardware, vendor and serial
extend .1.3.6.1.4.1.2021.7890.2 hardware /bin/cat /sys/devices/virtual/dmi/id/product_name
extend .1.3.6.1.4.1.2021.7890.3 vendor /bin/cat /sys/devices/virtual/dmi/id/sys_vendor
extend .1.3.6.1.4.1.2021.7890.4 serial /bin/cat /sys/devices/virtual/dmi/id/product_serial

# This line allows Observium to collect an accurate uptime
extend uptime /bin/cat /proc/uptime

# This line enables Observium's ifAlias description injection
pass_persist .1.3.6.1.2.1.31.1.1.1.18 /usr/local/bin/ifAlias_persist

Continue reading “SNMP Client Configuration for Observvium” »

Share

Install Proxmox VE 6 on Debian 10 (Buster)

Proxmox Virtual Environment (VE) is an enterprise-grade open-source server virtualization solution based on Debian Linux distribution with a modified Ubuntu LTS kernel. It allows you to deploy and manage both virtual machines and containers.

This setup presumes you have a running Debian 10 Buster Linux server running. If you don’t have one, follow our guide to Install Debian 10 on a dedicated server that will be used as a hypervisor. Please note that you need a 64-bit processor with support for the Intel 64 or AMD64 CPU extensions.

Below are the steps you’ll follow through to install Proxmox VE 6 on Debian 10 (Buster).

Step 1: Update Debian OS

Update apt package index before getting started.

sudo apt -y update
sudo apt -y upgrade
sudo reboot

Step 2: Set system hostname

We need to set the hostname and make sure it is resolvable via /etc/hosts.

sudo hostnamectl set-hostname prox6node01.example.com --static
echo "10.1.1.10 prox6node01.example.com prox6node01" | sudo tee -a /etc/hosts

example.com should be replaced with a valid domain name. Continue reading “Install Proxmox VE 6 on Debian 10 (Buster)” »

Share

Zimbra GUI Customization- Logo, Title, Footer

To change logo (On Zimbra 8.6 and onwards)

zmprov md mail.dscsc.mil.bd zimbraSkinLogoLoginBanner https://yourdomain.com/zimbra/MyLoginBanner.png
zmprov md mail.dscsc.mil.bd zimbraSkinLogoAppBanner https://yourdomain.com/zimbra/MyAppBanner.png

To change logo height:

changed hhe contents of file /opt/zimbra/jetty/webapps/zimbra/skins/_base/base3/skin.properties

...
90 LoginH1 = margin:0 0 30px 30px;
91 LoginAppName = display:none;
92 LoginLabelColor = @TxtC@
93 LoginButton = @ButtonShadowDefault@ border:1px solid @ButtonBorderColor@;
94 LoginBannerImg = @LogoImgDir@/LoginBanner.png?v=@jsVersion@

//95 LoginBanner = @img(, LoginBannerImg, 450px, 36px)@ //old
95 LoginBanner = @img(, LoginBannerImg, 450px, 90px)@ //new

96 LoginFooterColor = color:@darken(AppC,55)@;
97 LoginErrorPanel = background-color:#FF9; padding:5px; @roundCorners(8px)@
...

Apply it-

zmmailboxdctl restart
Share

How to Install and Configure GitLab on Ubuntu 16.04

GitLab is an open source GIT repository manager based on Rails and developed by GitLab Inc. It is a web-based GIT repository manager that allows your team to work on code, track bugs and feature requests and to test and deploy applications. GitLab provides features like a wiki, issue tracking, code reviews, activity feeds and merge management. It is capable of hosting multiple projects.

GitLab is available in four editions:

  • Gitlab CE (Community Edition) – self-hosted, free and support from the Community forum.
  • Gitlab EE (Enterprise Edition) – self-hosted, paid app, comes with additional features.
  • GitLab.com – SaaS, free.
  • GitLab.io – Private GitLab instance managed by GitLab Inc.

In this tutorial, I will show you step-by-step how to install GitLab CE (Community Edition) on your own Ubuntu 16.04 Xenial Xerus server. In this tutorial, I will be using the ‘omnibus’ package provided by GitLab for easy installation.

What we will do:

  • Install Packages
  • Install GitLab
  • Configure GitLab URL
  • Generate SSL Let’s encrypt and DHPARAM Certificate
  • Enable Nginx HTTPS for GitLab
  • Configure UFW Firewall
  • Perform the GitLab Installation
  • Testing

Prerequisites

  • Ubuntu 16.04 Server – 64bit
  • Min RAM 2GB
  • Root Privileges

Step 1 – Install required Ubuntu Packages
The first step is to install the packages needed for the GitLab installation. Please log in to the server as root user and upddate the Ubuntu repository.

ssh root@GitLabServer
apt-get update

Now install the packages including curl for downloading the GitLab repository, ca-certificates, and postfix for the SMTP configuration. Install all packages with the apt command below.

sudo apt install curl openssh-server ca-certificates postfix

During postfix installation, you will be prompted about the configuration, select ‘Internet Site’. and then enter the server domain name that shall be used for sending an email. Continue reading “How to Install and Configure GitLab on Ubuntu 16.04” »

Share

Add a User To Group www-data ( Apache Group )

The procedure is as follows:

  • Open the terminal application.
  • Login to Ubuntu server using ssh.
  • Add a new user named foo to www-data group by running useradd -g www-data foo command.
  • Add an existing user bar to Apache’s www-data group on Ubuntu using usermod -a -G www-data bar command.
  • Verify new modification on Linux by using the id command.

Let us see all commands in details.

How to see a list of www-data members

To see list of all members of a group named www-data, run the following grep command on /etc/group file:

grep ^www-data /etc/group

Sample outputs:

www-data:x:33:

How do I add an existing user named vivek to group Apache group www-data? Continue reading “Add a User To Group www-data ( Apache Group )” »

Share