Administrations | Bots!

Setup Percona on Debian 7

November 23, 2017 by Rumi

MySQL multi-master replication is an excellent feature within MySQL. However, there is only one problem; standard multi-master replication seems to never be as stable as something like master-slave replication. It is always in need of attention. That is where Percona comes into play. The Percona team has developed an amazing product dubbed Percona XtraDB cluster. XtraDB features world class multi-master replication powered by Galera. So, what are we waiting for? Let’s get started.

Prerequisites
A Linux distro of your choice. In this guide, we will be using Debian 7. You can use a different distro if you would like. (Note that you may need to adapt this guide to work with the distro of your choice)
Two nodes running the same OS. Basic knowledge of the command line and SSH.

Getting Started

SSH into your virtual machines.

VM 1:
ssh root@xxx.xxx.xxx.xxx
VM 2:
ssh root@yyy.yyy.yyy.yyy

Add Percona’s repositories.
On both nodes, execute the following command:

echo -e "deb http://repo.percona.com/apt wheezy main\ndeb-src http://repo.percona.com/apt wheezy main" >> /etc/apt/sources.list.d/percona.list && apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A

Now we need to update the sources:

apt-get update

Install Percona-XtraDB Cluster

The installation is straightforward:

Install LEMP with phpmyadmin on CentOS 7

November 20, 2017 by Rumi

To add the CentOS 7 EPEL repository, open terminal and use the following command:

yum install epel-release

Since we are using a sudo command, these operations get executed with root privileges. It will ask you for your regular user’s password to verify that you have permission to run commands with root privileges. Now that the Nginx repository is installed on your server, install Nginx using the following yum command:

yum install nginx

Afterwards, your web server is installed. Once it is installed, you can start Nginx on your VPS:

systemctl start nginx

You can do a spot check right away to verify that everything went as planned by visiting your server’s public IP address in your web browser (see the note under the next heading to find out what your public IP address is if you do not have this information already):

stress test your web server with httperf

November 13, 2017 by Rumi

Httperf is a tool for measuring web server performance. It provides a flexible facility for generating various HTTP workloads and for measuring server performance.

NOTE : for accurate results, it’s best to run httperf from a remote machine and not from the localhost

to install httperf in red-hat based distributions (additional repo are needed. For centos you’ll need rpmforge, see here for installation)

yum install httperf

or in debian based

apt-get install httperf

An example of httperf stress test

How to check if your server has been hacked

November 13, 2017 by Rumi

Root compromises

This means someone has full access to the system, here are the tell tale signs in order of most likely to give you a quick feel for what’s going on.

1. Have a look for system files that have changed recently. This is the first thing I would do.

find /etc /var -mtime -2

The “-2” means 2 days, i.e. show me all files modified in the last 2 days.

Now if you haven’t installed any new software on your server for a while then this command will run and produce very little output. For a server I investigated there were references to postfix. clearly someone had installed a mail server probably for sending spam.

2. Run who

who
user1 pts/2 2012-03-28 13:38 (128.114.44.209)

This should give you a list of users on the system, what you’re looking for is users other than yourself especially root.

Migrate hosting sites from one VestaCP to another VestaCP

November 12, 2017 by Rumi

Lately, I was trying to migrate vesta hosted sites from one server to another. This trick might help to those who-

Either tried to update IP (after tried with so many vesta forum links!) and failed or
Have installed on a physical computer and need to move out sites on newer setups!

Make user backup on the old server. In this example we will use admin as the reference.

v-backup-user admin

Copy tarball to the new server and place it in the /home/backup directory

Enable root logins using ssh in Debian 8.0

October 28, 2017 by Rumi

By default you can no longer login using ssh as root with just a password since it is more secure to use a pre-shared key. However, you can you can still enable root logins using password authentication.

To do this you need to edit the ssh config file ‘/etc/ssh/sshd_config/sshd_config’ as root.

# vi /etc/ssh/sshd_config

Then find the entry in the Authentication section of the file that says ‘PermitRootLogin’ and change ‘without-password’ to ‘yes’.

Add Linux machine on LibreNMS

October 28, 2017 by Rumi

Install SNMPD first

SNMPd is not installed by default. You must first install snmpd.

apt-get update
apt-get install snmpd lsb -y

Backup default snmp.conf file on the ‘/etc/snmp/’ directory and copy new one from the librenms directory.

mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.asli
cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

or instead copy-paste below snmpd text

Phpvirtualbox fix on 5.1 using 5.0

October 12, 2017October 12, 2017 by Rumi

I was able to get v5.0-5 working with vbox 5.1 by commenting out the version check line and replacing it with a static value in the endpoints/api.php file:

// $response['data']['responseData']['phpvboxver'] = @constant('PHPVBOX_VER');
 $response['data']['responseData']['phpvboxver'] = "5.1-0";

Src: https://sourceforge.net/p/phpvirtualbox/discussion/general/thread/565b7f31/

Perfect Backup MX using Postfix

October 12, 2017 by Rumi

This is quite simple, and with a very simple setup, and does not require that much, since we do not need to send out e-mails from clients from this server, or use ASMTP. I find that MySQL is not needed here, but could be used. I will use normal flat files, since the number of domains to run a backup for is most likely a rather small number.

This setup can be editet to run all times of different checks, antivirus etc. Normally you would make sure that the setup is exactly the same on both the primary MTA, and the backup. It hardenens the systems, and should reduce spam, and unwanted traffic. Create public DNS entries. Remember to create an MX record with an lower priority than the primary mail server, or else this will not work!

Example:example.com. 43200 IN MX 10 mail.example.com.
example.com. 43200 IN MX 20 backup.example.com.

After this these two records are created with A records pointing to different IPs (different servers).

PHP 7.0 on CentOS/RHEL 6.9 and 7.4 using Yum

October 9, 2017 by Rumi

Before beginning this, it is assumed that you already have installed LAMP on your server.

To install, first you must add the Webtatic EL yum repository information corresponding to your CentOS/RHEL version to yum:

CentOS/RHEL 7.x:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

CentOS/RHEL 6.x:

rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm

Now you can install PHP 7.0’s mod_php SAPI (along with an opcode cache) by doing:

yum install php70w php70w-opcache

You can alternatively install PHP 7.0’s php-fpm SAPI (along with an opcode cache by doing:

yum install php70w-fpm php70w-opcache

See the package list below for additional SAPIs and PHP extensions.