Nginx Reverse Proxy with Sub Directory Mapping

Setup Note:

My web application has a sub-directory, 192.168.1.8:8088/messages, that I want to expose to the outside world as messages.mysite.com. I’ve gotten half way there but I seem to be stuck. My requirements are as follows

  • Redirect the site from HTTP to HTTPS.
  • As I cannot edit the links the web application generates, I need to be able to accept requests from the client such as messages.mysite.com/messages?id=23023.
  • Do not allow reverse proxy access to the root web application, 192.168.1.8:8088 or to any sub-directory other than 192.168.1.8:8088/messages and its children.

Continue reading “Nginx Reverse Proxy with Sub Directory Mapping” »

Share

Rsync upload local files without replacing remote files

Disclaimer:
This is basically one way sync- use at your own risk and dry run before any production deployment.

Suppose you have a list of files on a remote host, some of which already exist locally. What you want is to transfer only those files that are not found locally. If you blindly run scp with wildcard, it would fetch all remote files (existing as well as non-existing files), and overwrite existing local files. You want to avoid this.

In another similar situation, you may want to upload local files to a remote site, but without replacing any remote files. 

Using rsync:

If the local and remote hosts have rsync installed, using rsync will be the easiest way to copy only new files over, since rsync is designed for incremental/differential backups. Continue reading “Rsync upload local files without replacing remote files” »

Share

Install ZFS on Ubuntu

Installing ZFS Filesystem on Ubuntu

We will be using the command line Terminal application for the installation of the ZFS filesystem. To launch the command line Terminal, use the Ctrl+Alt+T keyboard shortcut. Now to install the ZFS filesystem on Ubuntu, issue the following command in Terminal:

$ sudo apt install zfsutils-linux

When prompted for the password, provide the sudo password.

After running the above command, the system might ask for confirmation that if you want to continue the installation or not. Press y to continue; after that, the package will be installed on your system. To verify ZFS file system installation, issue the following command in Terminal:

$ which zfs

You will see the output similar to the following:

Creating the ZFS storage pool

After the installation is completed, we will now create a storage pool for our drives. Here are the steps to do so:

1. First, find out the names of the drives for the pool. Use the following command in Terminal to do so: Continue reading “Install ZFS on Ubuntu” »

Share

MikroTik Router SNMP Configuration

First, you need to access the console of your MikroTik router. On the prompt screen, enter the administrative login information. Factory default access information:

  • Username: admin
  • Password: (No password)

After a successful login, the console command-line will be displayed. Use the following command to enable the SNMP service on the MikroTik router.
Copy to Clipboard

[admin@MikroTik] > snmp set enabled=yes

Use the following command to list the snmp communities available on the MikroTik router.

[admin@MikroTik] > snmp community print
Flags: * - default
# NAME ADDRESSES SECURITY READ-ACCESS
0 * public ::/0 none yes

As you can see, Mikrotik has a default SNMP community named PUBLIC.

The PUBLIC SNMP comminity has the ID number 0.

Use the following command to rename the PUBLIC snmp community. Continue reading “MikroTik Router SNMP Configuration” »

Share

Add User to Sudoers on CentOS

You can do this in 2 methods- however, IMHO method-2 usually works great for me.

Method-1

Step 1: Verify the Wheel Group is Enabled

Your CentOS 7 installation may or may not have the wheel group enabled. Open the configuration file by entering the command:

visudo

Scroll through the configuration file until you see the following entry:

## Allows people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

If the second line begins with the # sign, it has been disabled and marked as a comment. Just delete the # sign at the beginning of the second line so it looks like the following:

%wheel        ALL=(ALL)       ALL

Then save the file and exit the editor. Continue reading “Add User to Sudoers on CentOS” »

Share

Installing new fonts in Collabora

For the core MS fonts:

sudo apt-get install ttf-mscorefonts-installer

You may be asked to accept the license agreement, i was not asked.

They end up in /usr/share/fonts/truetype/msttcorefonts

Next is to install the clear types such as calibri

This is a bit different but can be done with the vista fonts installer script. Make sure you have the appropriate permissions.

Create a .font folder as the script needs that. Continue reading “Installing new fonts in Collabora” »

Share

Install Collabora Online on Ubuntu 20 for Nextcloud

First, log in to your Ubuntu 20.04 server through SSH as the root user or any other user with sudo privileges:

ssh root@IP_Address -p Port_number

You will need to replace ‘IP_Address‘ and ‘Port_number‘ with your server’s respective IP address and SSH port number. Additionally, replace ‘root’ with the username of the system user with sudo privileges.

You can check whether you have the proper Debian version installed on your server with the following command:

$ lsb_release -a

You should get this output:

No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal

Before starting, you have to make sure that all Ubuntu OS packages installed on the server are up to date. You can do this by running the following commands: Continue reading “Install Collabora Online on Ubuntu 20 for Nextcloud” »

Share

Install Discourse on Ubuntu 20.04

Secure the Server

Turn on automatic security updates.

$ sudo dpkg-reconfigure -plow unattended-upgrades

Setup a firewall with ufw.

$ sudo apt-get install ufw
$ sudo ufw default allow outgoing
$ sudo ufw default deny incoming
$ sudo ufw allow 22 comment 'SSH'
$ sudo ufw allow http comment 'HTTP'
$ sudo ufw allow https comment 'HTTPS'
$ sudo ufw enable

Install fail2ban to secure your server

$ sudo apt install fail2ban

Configure fail2ban to Use ufw

Copy the main configuration to avoid unexpected changes during package updates.

$ sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Edit the configuration file with your favorite text editor

$ sudo nano /etc/fail2ban/jail.local

Change the banaction and banaction_allports settings to ufw in the file /etc/fail2ban/jail.local as follows: Continue reading “Install Discourse on Ubuntu 20.04” »

Share

Set Up a Radius Server on pfSense

Installing the Package

The pfSense 2.X package manager includes both FreeRadius and FreeRadius2 as installation options. For this example, I’m going to be using FreeRadius2 since it has some additional features not found in the previous version.

Only one version of radius can be installed on pfSense at a time. If you previously installed any radius packages, go ahead and remove them first.

The package installation will briefly interrupt traffic passing through the router as the service starts, so be careful when running the installation on a production system.

  • Open the package manager in the system menu of the web interface.
  • Click the plus symbol next to FreeRadius2 to begin the installation.
  • Click ‘Ok’ to confirm the package installation.

You cannot run both FreeRadius and FreeRadius2 on the same pfSense system. Make sure to remove one before installing the other. The setup process will automatically download and install the radius package along with all of its dependencies. The installation normally takes a couple of minutes to complete.

After it’s finished, there will be a new menu item for the package in the services menu. The FreeRadius installation normally takes a couple minutes to complete. Continue reading “Set Up a Radius Server on pfSense” »

Share

Install MariaDB 10.3 on CentOS

Step 1: Add MariaDB Yum Repository

 Create a new repo file /etc/yum.repos.d/mariadb.repo and add the below code changing the base url according to the operating system version and architecture.

# vi /etc/yum.repos.d/mariadb.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.3/centos73-amd64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1

Step 2 – Install MariaDB Server

Let’s use the following command to install MariaDB 10.3 Continue reading “Install MariaDB 10.3 on CentOS” »

Share