ServerOk, Author at ServerOK

Protecting files with noclobber

Posted on August 12, 2020 by ServerOk

To protect files on Linux by accidently overwritten by > operator, you can use

set -o noclobber

1	set -o noclobber

Now if you try to overwrite a file with >, you will get error

root@ok:~# echo "Hello" > 1.txt
-bash: 1.txt: cannot overwrite existing file
root@ok:~#

root@ok:~# echo "Hello" > 1.txt

-bash: 1.txt: cannot overwrite existing file

root@ok:~#

If you really need to overwrite, use >! operator.

echo "Hello" >! FILE_NAME

1	echo "Hello" >! FILE_NAME

Example

root@ok:~# echo "Hello" > 1.txt
-bash: 1.txt: cannot overwrite existing file
root@ok:~# echo "Hello" >! 1.txt
root@ok:~#

root@ok:~# echo "Hello" > 1.txt

-bash: 1.txt: cannot overwrite existing file

root@ok:~# echo "Hello" >! 1.txt

root@ok:~#

Instead of running the command “set -o noclobber” everytime, you can add it […]

Extract Audio from Video using ffmpeg

Posted on August 12, 2020 by ServerOk

To extract Audio from Video using ffmpeg, run

ffmpeg -i VIDEO_FILE.mp4 audio.mp3

1	ffmpeg -i VIDEO_FILE.mp4 audio.mp3

[…]

Email Alert When User Login Using SSH

Posted on August 11, 2020 by ServerOk

On web servers, you may need to get email alert when someone login to your server using SSH. To do this edit file

vi ~/.bashrc

1	vi ~/.bashrc

Add

echo "ALERT - Bash shell access by user \"`whoami`\" to server $HOSTNAME  on  `date` "  | mail -s  "Alert:  Shell access detected from user \"`whoami`\" from IP_Address: `who | cut -d"(" -f2 | cut -d")" -f1`" you@your-domain.com

1	echo "ALERT - Bash shell access by user \"`whoami`\" to server $HOSTNAME on `date` " \| mail -s "Alert: Shell access detected from user \"`whoami`\" from IP_Address: `who \| cut -d"(" -f2 \| cut -d")" -f1`" you@your-domain.com

In above, replace [email protected] with your actual email address. You need a mail server installed on your server for this to work. If you want to log to a […]

Uninstall ImunifyAV on Plesk Server

Posted on August 11, 2020 by ServerOk

ImunifyAV is a free antivirus for Linux Server. On a Plesk server, i installed paid version of ImunifyAV. Now plesk shows both paid and free versions.

[root@vmi429764 ~]# plesk bin extension --list
advisor - Advisor
composer - PHP Composer
configurations-troubleshooter - Webserver Configurations Troubleshooter
domain-connect - Domain Connect
git - Git
grafana - Grafana
heavy-metal-skin - Skins and Color Schemes
imunify360 - Imunify360
letsencrypt - Let's Encrypt
litespeed - LiteSpeed Extension
monitoring - Advanced Monitoring
plesk-cagefs - CageFS
plesk-lvemanager - LVE Manager
repair-kit - Repair Kit
revisium-antivirus - ImunifyAV
social-login - Social Login
sslit - SSL It!
wp-toolkit - WordPress Toolkit
xovi - SEO Toolkit
[root@vmi429764 ~]#

[root@vmi429764 ~]# plesk bin extension --list

advisor - Advisor

composer - PHP Composer

configurations-troubleshooter - Webserver Configurations Troubleshooter

domain-connect - Domain Connect

git - Git

grafana - Grafana

heavy-metal-skin - Skins and Color Schemes

imunify360 - Imunify360

letsencrypt - Let's Encrypt

litespeed - LiteSpeed Extension

monitoring - Advanced Monitoring

plesk-cagefs - CageFS

plesk-lvemanager - LVE Manager

repair-kit - Repair Kit

revisium-antivirus - ImunifyAV

social-login - Social Login

sslit - SSL It!

wp-toolkit - WordPress Toolkit

xovi - SEO Toolkit

[root@vmi429764 ~]#

To remove free version of ImunifyAV, run

plesk bin extension --uninstall  revisium-antivirus

1	plesk bin extension --uninstall revisium-antivirus

See Plesk Server […]

LetsEncrypt SSL On Nginx Password Protected site

Posted on August 11, 2020 by ServerOk

When you develop a web site, you will need it password protected so others won’t see or you don’t want google to index the web pages while you are working on it. To password protect a web site in nginx, see Nginx Password Protect a website If you password protect a web site and try […]

Plesk mail not working 10024: Connection refused

Posted on August 11, 2020 by ServerOk

On a Plesk mail server, when sending/reciving email, it fail with following error in /var/log/maillog

Aug 11 19:49:28 vmi274961 postfix/smtp[29276]: E413C3320265: to=<serverok@cust-domain.com>, relay=none, delay=0.47, delays=0.47/0/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)

1	Aug 11 19:49:28 vmi274961 postfix/smtp[29276]: E413C3320265: to=<serverok@cust-domain.com>, relay=none, delay=0.47, delays=0.47/0/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)

To fix, reinstall email-security extension.

plesk bin extension --uninstall  email-security

1	plesk bin extension --uninstall email-security

Verify mail works. If all good, you can reinstall the Plesk mail security extension from Plesk admin

root@vmi274961:~# plesk bin extension --list
advisor - Advisor
baqend - Speed Kit
composer - PHP Composer
configurations-troubleshooter - Webserver Configurations Troubleshooter
dgri - Imunify QuickPatch
digitalocean-spaces-backup - DigitalOcean Spaces Backup
diskspace-usage-viewer - Diskspace Usage Viewer
dnssec - Plesk DNSSEC
domain-connect - Domain Connect
email-security - Plesk Email Security
firewall - Firewall
git - Git
google-drive-backup - Google Drive Backup
grafana - Grafana
heavy-metal-skin - Skins and Color Schemes
kernelcare-plesk - KernelCare
letsencrypt - Let's Encrypt
monitoring - Advanced Monitoring
new-relic - New Relic - Application Performance Monitoring
pagespeed-insights - Google PageSpeed Insights
panel-migrator - Plesk Migrator
plesk-mobile - Plesk Mobile Center
repair-kit - Repair Kit
revisium-antivirus - ImunifyAV
site-import - Site Import
social-login - Social Login
sslit - SSL It!
symantec - DigiCert SSL
traffic-monitor - Domain Traffic Monitor
watchdog - Watchdog
wp-toolkit - WordPress Toolkit
xovi - SEO Toolkit
root@vmi274961:~# plesk bin extension --uninstall  email-security
The extension was successfully removed.
root@vmi274961:~#

root@vmi274961:~# plesk bin extension --list

advisor - Advisor

baqend - Speed Kit

composer - PHP Composer

configurations-troubleshooter - Webserver Configurations Troubleshooter

dgri - Imunify QuickPatch

digitalocean-spaces-backup - DigitalOcean Spaces Backup

diskspace-usage-viewer - Diskspace Usage Viewer

dnssec - Plesk DNSSEC

domain-connect - Domain Connect

email-security - Plesk Email Security

firewall - Firewall

git - Git

google-drive-backup - Google Drive Backup

grafana - Grafana

heavy-metal-skin - Skins and Color Schemes

kernelcare-plesk - KernelCare

letsencrypt - Let's Encrypt

monitoring - Advanced Monitoring

new-relic - New Relic - Application Performance Monitoring

pagespeed-insights - Google PageSpeed Insights

panel-migrator - Plesk Migrator

plesk-mobile - Plesk Mobile Center

repair-kit - Repair Kit

revisium-antivirus - ImunifyAV

site-import - Site Import

social-login - Social Login

sslit - SSL It!

symantec - DigiCert SSL

traffic-monitor - Domain Traffic Monitor

watchdog - Watchdog

wp-toolkit - WordPress Toolkit

xovi - SEO Toolkit

root@vmi274961:~# plesk bin extension --uninstall email-security

The extension was successfully removed.

root@vmi274961:~#

If its mail configuration issue, you can run

plesk repair mail

1	plesk repair mail

See Plesk […]

yum [Errno 5] [Errno 2] No such file or directory

Posted on August 8, 2020 by ServerOk

When running yum update on CentOS 7 server, i get following error

[root@server2 yum.repos.d]# yum update curl
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package curl.x86_64 0:7.29.0-54.el7 will be updated
---> Package curl.x86_64 0:7.29.0-57.el7_8.1 will be an update
--> Processing Dependency: libcurl = 7.29.0-57.el7_8.1 for package: curl-7.29.0-57.el7_8.1.x86_64
--> Running transaction check
---> Package libcurl.x86_64 0:7.29.0-54.el7 will be updated
--> Processing Dependency: libcurl = 7.29.0-54.el7 for package: libcurl-devel-7.29.0-54.el7.x86_64
---> Package libcurl.x86_64 0:7.29.0-57.el7_8.1 will be an update
--> Running transaction check
---> Package libcurl-devel.x86_64 0:7.29.0-54.el7 will be updated
---> Package libcurl-devel.x86_64 0:7.29.0-57.el7_8.1 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

============================================================================================================================================================================================================
 Package                                            Arch                                        Version                                                  Repository                                    Size
============================================================================================================================================================================================================
Updating:
 curl                                               x86_64                                      7.29.0-57.el7_8.1                                        updates                                      271 k
Updating for dependencies:
 libcurl                                            x86_64                                      7.29.0-57.el7_8.1                                        updates                                      223 k
 libcurl-devel                                      x86_64                                      7.29.0-57.el7_8.1                                        updates                                      303 k

Transaction Summary
============================================================================================================================================================================================================
Upgrade  1 Package (+2 Dependent packages)

Total download size: 796 k
Is this ok [y/d/N]: y
Downloading packages:
No Presto metadata available for updates


Error downloading packages:
  libcurl-7.29.0-57.el7_8.1.x86_64: [Errno 5] [Errno 2] No such file or directory
  libcurl-devel-7.29.0-57.el7_8.1.x86_64: [Errno 5] [Errno 2] No such file or directory
  curl-7.29.0-57.el7_8.1.x86_64: [Errno 5] [Errno 2] No such file or directory

[root@server2 yum.repos.d]#

[root@server2 yum.repos.d]# yum update curl

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

Resolving Dependencies

--> Running transaction check

---> Package curl.x86_64 0:7.29.0-54.el7 will be updated

---> Package curl.x86_64 0:7.29.0-57.el7_8.1 will be an update

--> Processing Dependency: libcurl = 7.29.0-57.el7_8.1 for package: curl-7.29.0-57.el7_8.1.x86_64

--> Running transaction check

---> Package libcurl.x86_64 0:7.29.0-54.el7 will be updated

--> Processing Dependency: libcurl = 7.29.0-54.el7 for package: libcurl-devel-7.29.0-54.el7.x86_64

---> Package libcurl.x86_64 0:7.29.0-57.el7_8.1 will be an update

--> Running transaction check

---> Package libcurl-devel.x86_64 0:7.29.0-54.el7 will be updated

---> Package libcurl-devel.x86_64 0:7.29.0-57.el7_8.1 will be an update

--> Finished Dependency Resolution

Dependencies Resolved

============================================================================================================================================================================================================

Package Arch Version Repository Size

Updating:

curl x86_64 7.29.0-57.el7_8.1 updates 271 k

Updating for dependencies:

libcurl x86_64 7.29.0-57.el7_8.1 updates 223 k

libcurl-devel x86_64 7.29.0-57.el7_8.1 updates 303 k

Transaction Summary

Upgrade 1 Package (+2 Dependent packages)

Total download size: 796 k

Is this ok [y/d/N]: y

Downloading packages:

No Presto metadata available for updates

Error downloading packages:

libcurl-7.29.0-57.el7_8.1.x86_64: [Errno 5] [Errno 2] No such file or directory

libcurl-devel-7.29.0-57.el7_8.1.x86_64: [Errno 5] [Errno 2] No such file or directory

curl-7.29.0-57.el7_8.1.x86_64: [Errno 5] [Errno 2] No such file or directory

[root@server2 yum.repos.d]#

Someone had tried to install differnt version of python on this server. That caused this problem. When i run urlgrabber-ext-down, i get error saying python missing.

[root@server2 ~]# /usr/libexec/urlgrabber-ext-down
-bash: /usr/libexec/urlgrabber-ext-down: /usr/bin/python: bad interpreter: No such file or directory
[root@server2 ~]#

[root@server2 ~]# /usr/libexec/urlgrabber-ext-down

-bash: /usr/libexec/urlgrabber-ext-down: /usr/bin/python: bad interpreter: No such file or directory

[root@server2 ~]#

Problem fixed by creating symlink

ln -s /usr/bin/python2.7 /usr/bin/python

1	ln -s /usr/bin/python2.7 /usr/bin/python

See yum […]

bitbucket

Posted on August 6, 2020 by ServerOk

Enable SSL on BitBucket Server […]

Enable SSL on BitBucket Server

Posted on August 6, 2020 (August 6, 2020) by ServerOk

BitBucket Server alloow you to host git repositories. By default bitbucket server have url in following format

http://YOUR_IP_ADDR:7990/login

1	http://YOUR_IP_ADDR:7990/login

To install SSL, first point a domain to the server IP. Install nginx

apt install nginx

1	apt install nginx

Now install LetsEncrypt

wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh
bash ./letsencrypt.sh

1 2	wget https://raw.githubusercontent.com/serverok/server-setup/master/install/letsencrypt.sh bash ./letsencrypt.sh

Get SSL in standalone mode. We use standalone mode because nginx will proxy all request to bitbucket server, so […]

KVM VNC Allow Remote Access

Posted on August 5, 2020 by ServerOk

By default VNC Console on a KVM virtual Machine only listens to localhost. So you need to do SSH tunnel to access VNC console. To make VNC available on all interfaces on Host machine, you need to edit file

vi  /etc/libvirt/qemu.conf

1	vi /etc/libvirt/qemu.conf

You need to uncomment the line vnc_listen = “0.0.0.0”.

# VNC is configured to listen on 127.0.0.1 by default.
# To make it listen on all public interfaces, uncomment
# this next option.
#
# NB, strong recommendation to enable TLS + x509 certificate
# verification when allowing public access
#
vnc_listen = "0.0.0.0"

# VNC is configured to listen on 127.0.0.1 by default.

# To make it listen on all public interfaces, uncomment

# this next option.

# NB, strong recommendation to enable TLS + x509 certificate

# verification when allowing public access

vnc_listen = "0.0.0.0"

Once this is done, you […]