Category: Linux

  • swapon

    To see the swap usage

    boby@sok-01:~$ swapon --summary
Filename				Type		Size	Used	Priority
/dev/sda2                              	partition	9765884	2504704	-2
boby@sok-01:~$

    See swap

  • Install LAMP Server on Ubuntu/Debian

    To install LAMP (Apache, MySQL, PHP) on Ubuntu/Debian web server, run

    apt-get install lamp-server^

    This use meta package install LAMP. If you want to remove, don’t remove the meta package as it will remove many other required packages. You need to remove packages one by one.

    Related Posts

    Apache

    MySQL

  • NVIDIA

    How to install NVIDIA CUDA on Debian 10

  • Enable Admin Tools in EasyEngine

    Enable Admin Tools in EasyEngine

    EasyEngine come admin tools. This include phpMyAdmin, phpinfo, OpCache GUI, nginx status.

    EasyEngine Admin Tools

    To enable admin tool, run

    ee admin-tools enable example.com

    Admin tools are password protected, to get login details, run

    ee auth list global

    You can login to admin tools at

    http://example.com/ee-admin/

    Accessing phpMyAdmin

    The pma link in EasyEngine Admin tools take you to phpMyAdmin login page. To login, you need to use MySQL login details for your web site. This you can get by checking your web site configuration file.

    You will be able to find your web site files in document root of your web site at

    /opt/easyengine/sites/YOUR-DOMAIN/app/htdocs

    See EasyEngine

  • EasyEngine Connect to MySQL Database

    To Find MySQL root password on EasyEngine, run

    cd /opt/easyengine/services && docker-compose exec global-db bash -c 'echo $MYSQL_ROOT_PASSWORD'

    Or

    cat /opt/easyengine/services/docker-compose.yml | grep MYSQL_ROOT_PASSWORD | awk -F'=' '{print $2}'
cat /opt/easyengine/services/docker-compose.yml | grep MYSQL_ROOT_PASSWORD | cut -d'=' -f2

    To connect to MySQL console, run

    cd /opt/easyengine/services && docker-compose exec global-db bash -c 'mysql -uroot -p${MYSQL_ROOT_PASSWORD}'

    See EasyEngine

  • Find IP with Most Access from Apache Log

    Find IP with Most Access from Apache Log

    To find IP with most access from Apache or other web server log file, run

    cat APACHE_ACCESS_LOG_FILE | awk -F' ' '{print $1}' | sort | uniq -c | sort -n

    If you want to see IP that made most POST request

    cat APACHE_ACCESS_LOG_FILE | grep POST | awk -F' ' '{print $1}' | sort | uniq -c | sort -n

    See Hacked log

  • Install PHP 7 on CentOS VestaCP

    To install PHP 7. you need to first enable epel and remi repo.

    yum install -y epel-release
rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-7.rpm

    Remove existing PHP

    yum -y remove php

    Install PHP 7.3

    yum --enablerepo=remi-php73 install php73-php php73-php-mbstring php73-php-mysqlnd php73-php-gd php73-php-fpm php73-php-intl php73-php-cli php73-php-xml php73-php-opcache php73-php-pdo php73-php-gmp php73-php-process php73-php-pecl-imagick php73-php-devel

    start php-fpm

    service php-fpm stop
service php73-php-fpm start

    Set php 7.3 as default PHP for cli

    rm /usr/bin/php
ln -s /usr/bin/php73 /usr/bin/php

    Restart apache

    service httpd restart

  • Configure Nginx Reverse Proxy behind Cloudflare

    On reverse proxy server, lets install some basic utilities.

    apt install -y wget
wget https://raw.githubusercontent.com/serverok/server-setup/master/debian/1-basic-tools.sh
bash 1-basic-tools.sh

    Install nginx

    apt install nginx -y

    Now create a config file

    vi /etc/nginx/sites-enabled/proxy.conf

    Add following to the file and save

    server {
    server_name  YOUR-DOMAIN.COM www.YOUR-DOMAIN.COM;
    listen *:80;
    client_max_body_size 100M;
    proxy_read_timeout 600s;
    proxy_buffers 16 4k;
    proxy_buffer_size 2k;
    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://BACKEND-SERVER-IP:80;
    }
}

server {

    server_name  YOUR-DOMAIN.COM www.YOUR-DOMAIN.COM;

    set_real_ip_from 103.21.244.0/22;
    set_real_ip_from 103.22.200.0/22;
    set_real_ip_from 103.31.4.0/22;
    set_real_ip_from 104.16.0.0/12;
    set_real_ip_from 108.162.192.0/18;
    set_real_ip_from 131.0.72.0/22;
    set_real_ip_from 141.101.64.0/18;
    set_real_ip_from 162.158.0.0/15;
    set_real_ip_from 172.64.0.0/13;
    set_real_ip_from 173.245.48.0/20;
    set_real_ip_from 188.114.96.0/20;
    set_real_ip_from 190.93.240.0/20;
    set_real_ip_from 197.234.240.0/22;
    set_real_ip_from 198.41.128.0/17;
    set_real_ip_from 2400:cb00::/32;
    set_real_ip_from 2606:4700::/32;
    set_real_ip_from 2803:f800::/32;
    set_real_ip_from 2405:b500::/32;
    set_real_ip_from 2405:8100::/32;
    set_real_ip_from 2c0f:f248::/32;
    set_real_ip_from 2a06:98c0::/29;

    # use any of the following two
    real_ip_header CF-Connecting-IP;
    #real_ip_header X-Forwarded-For;


    listen 443 ssl http2;
    ssl on;
    ssl_certificate /etc/nginx/ssl/YOUR-DOMAIN.COM.crt;
    ssl_certificate_key /etc/nginx/ssl/YOUR-DOMAIN.COM.key;

    client_max_body_size 100M;
    proxy_read_timeout 600s;
    proxy_buffers 16 4k;
    proxy_buffer_size 2k;
    location / {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass https://BACKEND-SERVER-IP:443;
    }
}

    In above replce following

    YOUR-DOMAIN.COM = replace with your actual domain name
BACKEND-SERVER-IP = replace with IP of the web server where your web site is running.

    Next create a self signed SSL certificate for the web site

    mkdir /etc/nginx/ssl
cd /etc/nginx/ssl
openssl genrsa -out YOUR-DOMAIN.COM.key 2048
openssl req -new -x509 -key YOUR-DOMAIN.COM.key -out YOUR-DOMAIN.COM.crt -days 3650 -subj /CN="YOUR-DOMAIN.COM www.YOUR-DOMAIN.COM"

    Restart nginx

    nginx -s reload

    At this stage, you can login to cloudflare, point IP of the web site to reverse proxy server IP address.

    Show real IP address

    When running a site behind reverse proxy, by default, web server shows IP of the revese proxy server instead of real visitor IP. To fix this, you need to configure remoteip module.

    On Cpanel server, edit file

    vi /etc/apache2/conf.modules.d/370_mod_remoteip.conf

    Find 

    RemoteIPTrustedProxy 127.0.0.1

    Add your proxy server IP after.

    Example

    root@lh34134 [~]# cat /etc/apache2/conf.modules.d/370_mod_remoteip.conf
# Enable mod_remoteip
LoadModule remoteip_module modules/mod_remoteip.so

RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 127.0.0.1 94.242.55.132 104.238.213.205 185.193.126.66 207.246.98.251

root@lh34134 [~]#

  • VestaCP Update

    To update VestaCP server, run

    v-list-sys-vesta-updates
v-update-sys-vesta-all

    Example

    [root@backendz ~]# v-list-sys-vesta-updates
PKG          VER    REL  ARCH    UPDT  DATE
---          ---    ---  ----    ----  ----
vesta        0.9.8  26   x86_64  yes   2019-09-30
vesta-php    0.9.8  26   x86_64  yes   2019-09-30
vesta-nginx  0.9.8  26   x86_64  yes   2019-09-30
[root@backendz ~]# v-update-sys-vesta-all
[root@backendz ~]#

  • How to create Logical Volume

    To create a LVM, run

    lvcreate -L 3T -n backup vg1

    This command will create a logical volume with 3 TB size with name backup inside volume group vg1.

    To format it as xfs file system, run

    mkfs.xfs /dev/vg1/backup

    To mount it, add the following line in /etc/fstab file.

    /dev/vg1/backup /backup  xfs defaults 0 0

    Create LVM using all available disk space

    Create a LVM using all available disk space in Volume Group vg1

    root@ok:~# lvcreate --extents 100%FREE vg1 -n data1
  Logical volume "data1" created.
root@ok:~# lvs
  LV    VG  Attr       LSize  Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  data1 vg1 -wi-a----- 58.10t                                                    
root@ok:~# 

    lvcreate --size 100G --type thin-pool --thinpool LV_NAME_HERE VG_NAME_HERE

    example

    [root@server ~]# lvcreate --size 100G --type thin-pool --thinpool thin_pool vg-storage
  Thin pool volume with chunk size 64.00 KiB can address at most 15.81 TiB of data.
  Logical volume "thin_pool" created.
[root@server ~]#

    To remove the volume created, run

    [root@server ~]# lvremove vg-storage/thin_pool
Do you really want to remove active logical volume vg-storage/thin_pool? [y/n]: y
  Logical volume "thin_pool" successfully removed
[root@server ~]#

    See lvm

  • rpmdb DB_RUNRECOVERY: Fatal error, run database recovery

    When running yum update on a CentOS server, i get following error.

    [root@ip-172-30-0-39 ~]# yum update
error: rpmdb: BDB0113 Thread/process 12797/46913889995840 failed: BDB1507 Thread died in Berkeley DB library
error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery
error: cannot open Packages index using db5 -  (-30973)
error: cannot open Packages database in /var/lib/rpm
CRITICAL:yum.main:

Error: rpmdb open failed
[root@ip-172-30-0-39 ~]#

    To fix it, run

    rm -f /var/lib/rpm/__db.00*

  • EasyEngine Renew SSL

    To renew SSL for site hosted in EasyEngine, run

    ee site ssl-renew --all

    You can set a cronjob to run every month to auto renew the SSL certificates.