Category: Linux

  • self signed ssl

    To generate self signed SSL certificate, run

    openssl genrsa -out DOMAIN_NAME_HERE.key 2048
    openssl req -new -x509 -key DOMAIN_NAME_HERE.key -out DOMAIN_NAME_HERE.crt -days 3650 -subj /CN=DOMAIN_NAME_HERE

    Or

    openssl req -newkey rsa:2048 -nodes -keyout DOMAIN_NAME_HERE.key -x509 -days 3650 -out DOMAIN_NAME_HERE.crt

    Add Self Signed SSL to Apache Virtual Host

    Let’s say your Apache virtual host entry is

    <VirtualHost *:80>
        ServerName serverok.in
        ServerAlias www.serverok.in
        ServerAdmin [email protected]
        DocumentRoot /home/serverok.in/public_html
        <Directory "/home/serverok.in/public_html">
            Options All
            AllowOverride All
            Require all granted
            Order allow,deny
            allow from all
        </Directory>
    </VirtualHost>

    Create a new VirtualHost entry based on this, say yourdomain-ssl.conf, in this new file

    Find

    <VirtualHost *:80>

    Replace with

    <VirtualHost *:443>

    Find line starting with

    DocumentRoot

    Add Below

    SSLEngine on
    SSLCertificateFile /etc/ssl/yourdomain.crt
    SSLCertificateKeyFile /etc/ssl/yourdomain.key

    Now restart Apache

    systemctl restart apache2

    How to access the website using a Self-signed SSL certificate

    See SSL

  • sublime

    sublime shortcuts

    CTRL + D = select all occurrence of a word.
    CTRL + L = select current line.
    SHIFT + LEFT/RIGHT ARROW = select a word.
    
  • bash

    Bash shortcuts

    CTRL + U = Delete everything
    CTRL + W = Delete a word
    CTRL + A = Go to Line starting
    CTRL + E = Go to Line end 
    CTRL + LEFT/RIGHT ARROW = move cursor by one word
    

    Enable color prompt

    Edit .bashrc, add following

    export PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
    
  • Configure postfix to relay mails using SendGrid

    To use postfix to send email using sendgrid, you first you need to install postfix on your server. Edit main.cf

    vi  /etc/postfix/main.cf
    

    Find

    relayhost =
    

    Delete the line. Go to end of the file and add following

    smtp_sasl_auth_enable = yes
    smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
    smtp_sasl_security_options = noanonymous
    smtp_sasl_tls_security_options = noanonymous
    smtp_tls_security_level = encrypt
    header_size_limit = 4096000
    relayhost = [smtp.sendgrid.net]:587
    

    Create API Key in SendGrid

    Next you need to create an API key in sendgrid. To do this, go to Settings > API Key.

    https://app.sendgrid.com/settings/api_keys

    SendGrid API key

    Click “Create API Key” button.

    Sendgrid create api key

    For this test, i just give the new API key Full Access. On next page you will get API key. Copy it and keep it safe as you won’t be seeing it again.

    sendgrid api key created

    Now you have the SendGrid.com API key, that you can use with postfix.

    Add API Key to postfix

    Edit file

    vi /etc/postfix/sasl_passwd
    

    Add

    [smtp.sendgrid.net]:587 apikey:YOUR_API_KEY_HERE
    

    Here is what i have

    root@honVm:~# cat /etc/postfix/sasl_passwd
    [smtp.sendgrid.net]:587 apikey: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
    root@honVm:~#

    Now run

    postmap /etc/postfix/sasl_passwd
    

    To test email, run

    postsuper -d ALL
    systemctl restart postfix
    > /var/log/mail.log
    echo "Hello" | mail -s "test" [email protected]
    tail -f /var/log/mail.log
    
  • spam

    Incoming & Outgoing spam filer (SAS)

    Link Spam

    Captcha

    https://www.hcaptcha.com

  • fping

    fping can be used to ping multiple IP and get report.

    root@backup:~# fping -s -r 1 158.69.109.222 158.69.109.67 158.69.109.179 158.69.185.224
    158.69.109.222 is alive
    158.69.109.67 is alive
    158.69.109.179 is alive
    158.69.185.224 is alive
    
           4 targets
           4 alive
           0 unreachable
           0 unknown addresses
    
           0 timeouts (waiting for response)
           4 ICMP Echos sent
           4 ICMP Echo Replies received
           0 other ICMP received
    
     0.45 ms (min round trip time)
     0.54 ms (avg round trip time)
     0.62 ms (max round trip time)
            0.076 sec (elapsed real time)
    
    root@backup:~# 
    

    If you just want to show if hosts are up or not

    root@hon-vpn:~# fping 158.69.56.236 192.99.182.223 192.99.182.192 192.99.182.193 192.99.182.238 158.69.101.41 158.69.101.58
    158.69.56.236 is alive
    192.99.182.223 is alive
    192.99.182.192 is alive
    192.99.182.193 is alive
    192.99.182.238 is alive
    158.69.101.41 is alive
    158.69.101.58 is alive
    root@hon-vpn:~# 
    
  • DirectAdmin CustomBuild versions.txt is getting old

    I got following email from DirectAdmin server.

    New Message: CustomBuild versions.txt is getting old on s1.serverok.in

    A new message or response with subject:

    CustomBuild versions.txt is getting old on s1.serverok.in

    has arrived for you to view.
    Follow this link to view it:

    http://s1.serverok.in:2222/CMD_TICKET?action=view&number=000000967&type=ticket

    ================================
    Automated Message Generated by DirectAdmin 1.52.1

    Do Not Reply.

    DirectAdmin is telling you to update your server.

    You need to login to SSH as user root. Then run following commands.

    cd /usr/local/directadmin/custombuild
    ./build update
    ./build all d
    ./build rewrite_confs
    
  • postfix no local interface found

    When starting postfix it failed with following error

    [root@cloud1 etc]# service postfix start
    Redirecting to /bin/systemctl start postfix.service
    Job for postfix.service failed because the control process exited with error code. See "systemctl status postfix.service" and "journalctl -xe" for details.
    [root@cloud1 etc]# service postfix status
    Redirecting to /bin/systemctl status postfix.service
    ● postfix.service - Postfix Mail Transport Agent
       Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
       Active: failed (Result: exit-code) since Mon 2017-12-04 09:13:07 UTC; 4s ago
      Process: 21324 ExecStart=/usr/sbin/postfix start (code=exited, status=1/FAILURE)
      Process: 21322 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
      Process: 21319 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=75)
    
    Dec 04 09:13:05 cloud1.serverok.in systemd[1]: Starting Postfix Mail Transport Agent...
    Dec 04 09:13:05 cloud1.serverok.in aliasesdb[21319]: /usr/sbin/postconf: fatal: parameter inet_interfaces: no local interface found for ::1
    Dec 04 09:13:06 cloud1.serverok.in aliasesdb[21319]: newaliases: fatal: parameter inet_interfaces: no local interface found for ::1
    Dec 04 09:13:06 cloud1.serverok.in postfix[21324]: fatal: parameter inet_interfaces: no local interface found for ::1
    Dec 04 09:13:07 cloud1.serverok.in systemd[1]: postfix.service: control process exited, code=exited status=1
    Dec 04 09:13:07 cloud1.serverok.in systemd[1]: Failed to start Postfix Mail Transport Agent.
    Dec 04 09:13:07 cloud1.serverok.in systemd[1]: Unit postfix.service entered failed state.
    Dec 04 09:13:07 cloud1.serverok.in systemd[1]: postfix.service failed.
    [root@cloud1 etc]#
    

    To fix, edit /etc/postfix/main.cf

    Find

    #inet_interfaces = all
    #inet_interfaces = $myhostname
    #inet_interfaces = $myhostname, localhost
    inet_interfaces = localhost
    

    Replace with

    inet_interfaces = all
    

    See postfix

  • subprocess installed post-installation script returned error

    When installing software on Ubuntu, i get following error.

    It is likely that 4.5.2-armada375 belongs to a chroot's host
    Building only for 4.9.58-armada375
    Building initial module for 4.9.58-armada375
    Error! Bad return status for module build on kernel: 4.9.58-armada375 (armv7l)
    Consult /var/lib/dkms/spl/0.6.5.6/build/make.log for more information.
    dpkg: error processing package spl-dkms (--configure):
     subprocess installed post-installation script returned error exit status 10
    Setting up dh-python (2.20151103ubuntu1) ...
    Processing triggers for libc-bin (2.23-0ubuntu3) ...
    Errors were encountered while processing:
     spl-dkms
    E: Sub-process /usr/bin/dpkg returned an error code (1)
    

    To fix this, run

    rm /var/lib/dpkg/info/PACKAGE_NAME_HERE.*
    dpkg --configure -a
    apt update
    

    Replace PACKAGE_NAME_HERE with actual package that fail. In this cause spl-dkms.

    root@ns539260:/var/lib/dpkg/info# ls -l | grep spl
    -rw-r--r-- 1 root root   11811 Nov 22 07:41 spl-dkms.list
    -rw-r--r-- 1 root root   19548 Apr  7  2016 spl-dkms.md5sums
    -rwxr-xr-x 1 root root     891 Apr  7  2016 spl-dkms.postinst
    -rwxr-xr-x 1 root root     312 Apr  7  2016 spl-dkms.prerm
    root@ns539260:/var/lib/dpkg/info# rm spl-dkms.*
    

    See apt

  • update-alternatives

    Set default editor in Ubuntu

    To change vi editor run

    root@backup:~# update-alternatives --config vi
    There are 2 choices for the alternative vi (providing /usr/bin/vi).
    
      Selection    Path                Priority   Status
    ------------------------------------------------------------
    * 0            /usr/bin/vim.basic   30        auto mode
      1            /usr/bin/vim.basic   30        manual mode
      2            /usr/bin/vim.tiny    10        manual mode
    
    Press  to keep the current choice[*], or type selection number: 
    root@backup:~# 
    

    To display current vi config, run

    root@backup:~# update-alternatives --display vi
    vi - auto mode
      link best version is /usr/bin/vim.basic
      link currently points to /usr/bin/vim.basic
      link vi is /usr/bin/vi
      slave vi.1.gz is /usr/share/man/man1/vi.1.gz
      slave vi.fr.1.gz is /usr/share/man/fr/man1/vi.1.gz
      slave vi.it.1.gz is /usr/share/man/it/man1/vi.1.gz
      slave vi.ja.1.gz is /usr/share/man/ja/man1/vi.1.gz
      slave vi.pl.1.gz is /usr/share/man/pl/man1/vi.1.gz
      slave vi.ru.1.gz is /usr/share/man/ru/man1/vi.1.gz
    /usr/bin/vim.basic - priority 30
      slave vi.1.gz: /usr/share/man/man1/vim.1.gz
      slave vi.fr.1.gz: /usr/share/man/fr/man1/vim.1.gz
      slave vi.it.1.gz: /usr/share/man/it/man1/vim.1.gz
      slave vi.ja.1.gz: /usr/share/man/ja/man1/vim.1.gz
      slave vi.pl.1.gz: /usr/share/man/pl/man1/vim.1.gz
      slave vi.ru.1.gz: /usr/share/man/ru/man1/vim.1.gz
    /usr/bin/vim.tiny - priority 10
      slave vi.1.gz: /usr/share/man/man1/vim.1.gz
      slave vi.fr.1.gz: /usr/share/man/fr/man1/vim.1.gz
      slave vi.it.1.gz: /usr/share/man/it/man1/vim.1.gz
      slave vi.ja.1.gz: /usr/share/man/ja/man1/vim.1.gz
      slave vi.pl.1.gz: /usr/share/man/pl/man1/vim.1.gz
      slave vi.ru.1.gz: /usr/share/man/ru/man1/vim.1.gz
    root@backup:~#