Enabling Compiz Fusion On A Debian Squeeze Desktop (Nvidia GeForce 8200)

This tutorial shows how you can enable Compiz Fusion on a Debian Squeeze desktop (the system must have a 3D-capable graphics card - I'm using an Nvidia GeForce 8200 here). With Compiz Fusion you can use beautiful 3D effects like wobbly windows or a desktop cube on your desktop.
This document comes without warranty of any kind! I do not issue any guarantee that this will work for you!
I have tried this on a desktop computer with an Nvidia GeForce 8200. It should work the same way with all other Nvidia graphics cards.
Open a terminal and become root:
su
While Compiz Fusion is available in the main repository, the Nvidia driver is not - it comes from the non-free repository; that's why we must open /etc/apt/sources.list...
gedit /etc/apt/sources.list
... and append the string contrib non-free to all repositories:
deb http://ftp.de.debian.org/debian/ squeeze main contrib non-freedeb-src http://ftp.de.debian.org/debian/ squeeze main contrib non-freedeb http://security.debian.org/ squeeze/updates main contrib non-freedeb-src http://security.debian.org/ squeeze/updates main contrib non-freedeb http://ftp.de.debian.org/debian/ squeeze-updates main contrib non-freedeb-src http://ftp.de.debian.org/debian/ squeeze-updates main contrib non-free
Update the package database afterwards:
apt-get update
Now install Compiz Fusion and the Nvidia driver as follows:
apt-get install compiz compizconfig-settings-manager compiz-fusion-plugins-main compiz-gnome compiz-gtk fusion-icon compiz-fusion-plugins-extra compiz-fusion-plugins-unsupported nvidia-glx nvidia-xconfig nvidia-kernel-dkms nvidia-settings
Reboot the system afterwards:
reboot
After the system has come up again, become root again...
su
... and check if the Nvidia kernel module got loaded:
lsmod | grep -i nvidia
Output should be as follows:
root@debian:/home/falko# lsmod | grep -i nvidia
nvidia              10670090  0
i2c_core               15819  6 nouveau,drm_kms_helper,drm,i2c_algo_bit,nvidia,i2c_nforce2
root@debian:/home/falko#
The next part is a bit tricky - we need to modify the file /etc/X11/xorg.conf. By default, this file does not exist on Debian Squeeze, so we have to generate it (in case the file already exists on your system, make a backup now so that you can restore your xorg.conf in case anything goes wrong).
To do this, we need to stop the Gnome display manager, which means you will not have a graphical desktop for a few minutes; instead, we have to go to the console:
/etc/init.d/gdm3 stop
This will stop the desktop. Press Alt + F2 to open a console. Log in as root.
Run
X -configure
This will create the file xorg.conf.new in root's home directory (you might see some error messages at the end of the output of the command, but usually you can ignore these). Move that file to /etc/X11/xorg.conf:
mv ~/xorg.conf.new /etc/X11/xorg.conf
Next run
nvidia-xconfig
This will adjust our /etc/X11/xorg.conf so that the right Nvidia driver is used.
Next open /etc/X11/xorg.conf...
vi /etc/X11/xorg.conf
... and make the following changes:
Add the following section (for example before the "Device" section):
[...]Section "Extensions" Option "Composite" "enable"EndSection[...]
In Section "Device", add the following lines:
[...] Option "AllowGLXWithComposite" "true" Option "TripleBuffer" "true" Option "XAANoOffscreenPixmaps" "true" Option "RenderAccel" "true"[...]
In Section "Screen", add the following lines:
[...] Option "AddARGBGLXVisuals" "true" Option "AddARGBVisuals" "true"[...]
My final /etc/X11/xorg.conf looks as follows (please don't copy it as it might not work on your system - it is important that you modify your own xorg.conf!):
# nvidia-xconfig: X configuration file generated by nvidia-xconfig# nvidia-xconfig: version 1.0 (buildd@barber) Sun Jun 13 12:08:56 UTC 2010Section "ServerLayout" Identifier "X.org Configured" Screen 0 "Screen0" 0 0 InputDevice "Mouse0" "CorePointer" InputDevice "Keyboard0" "CoreKeyboard"EndSectionSection "Files" ModulePath "/usr/lib/xorg/modules" FontPath "/usr/share/fonts/X11/misc" FontPath "/usr/share/fonts/X11/cyrillic" FontPath "/usr/share/fonts/X11/100dpi/:unscaled" FontPath "/usr/share/fonts/X11/75dpi/:unscaled" FontPath "/usr/share/fonts/X11/Type1" FontPath "/usr/share/fonts/X11/100dpi" FontPath "/usr/share/fonts/X11/75dpi" FontPath "/var/lib/defoma/x-ttcidfont-conf.d/dirs/TrueType" FontPath "built-ins"EndSectionSection "Module" Load "record" Load "dri2" Load "dbe" Load "extmod" Load "glx"EndSectionSection "InputDevice" Identifier "Keyboard0" Driver "kbd"EndSectionSection "InputDevice" Identifier "Mouse0" Driver "mouse" Option "Protocol" "auto" Option "Device" "/dev/input/mice" Option "ZAxisMapping" "4 5 6 7"EndSectionSection "Monitor" Identifier "Monitor0" VendorName "Monitor Vendor" ModelName "Monitor Model"EndSectionSection "Extensions" Option "Composite" "enable"EndSectionSection "Device" ### Available Driver options are:- ### Values: : integer, : float, : "True"/"False", ### : "String", : " Hz/kHz/MHz" ### [arg]: arg optional #Option "SWcursor" # [] #Option "HWcursor" # [] #Option "NoAccel" # [] #Option "ShadowFB" # [] #Option "VideoKey" # Identifier "Card0" Driver "nvidia" VendorName "nVidia Corporation" BoardName "C77 [GeForce 8100 / nForce 720a]" Option "AllowGLXWithComposite" "true" Option "TripleBuffer" "true" Option "XAANoOffscreenPixmaps" "true" Option "RenderAccel" "true"EndSectionSection "Screen" Identifier "Screen0" Device "Card0" Monitor "Monitor0" Option "AddARGBGLXVisuals" "true" Option "AddARGBVisuals" "true" SubSection "Display" Viewport 0 0 EndSubSection SubSection "Display" Viewport 0 0 Depth 4 EndSubSection SubSection "Display" Viewport 0 0 Depth 8 EndSubSection SubSection "Display" Viewport 0 0 Depth 15 EndSubSection SubSection "Display" Viewport 0 0 Depth 16 EndSubSection SubSection "Display" Viewport 0 0 Depth 24 EndSubSectionEndSection



Now start the desktop again:
/etc/init.d/gdm3 start
If the desktop doesn't start, either delete /etc/X11/xorg.conf (if you had no /etc/X11/xorg.conf in the beginning), or, if there already was an /etc/X11/xorg.conf file, restore the original /etc/X11/xorg.conf from your backup and run /etc/init.d/gdm3 start again - this should bring up your original desktop again, but of course, you cannot use Compiz Fusion then.
If your desktop did start with your new xorg.conf - fine! Let's go on.
Open a terminal again and become root:
su
Next check if your desktop is ready to use 3D effects:
glxinfo | grep direct
Output should be as follows:
root@debian:/home/falko# glxinfo | grep direct
direct rendering: Yes
GL_EXT_Cg_shader, GL_EXT_depth_bounds_test, GL_EXT_direct_state_access,
root@debian:/home/falko#
To start Compiz Fusion, go to Applications > System Tools > Compiz Fusion Icon:
 
This will actually not start Compiz Fusion, but add a Compiz Fusion icon to the upper right taskbar from where you can configure Compiz Fusion and finally start it:

Right-click that icon and make sure your settings are as follows:
Select Window Manager: Compiz

Compiz Options: none selected

Select Window Decorator: GTK Window Decorator

To start Compiz Fusion, select Reload Window Manager:

If you notice that your windows lose their title bar and cannot be moved anymore (like in the following screenshot where the title bar of the terminal window has gone)...

... right-click the Compiz Fusion icon again and select Settings Manager (you can as well go to System > Preferences > CompizConfig Settings Manager):

In the CompizConfig Settings Manager, go to Effects and enable Window Decoration...

... and then go to Window Management and check Move Window and Resize Window:

This should bring back your window decorations, and if everything went well, Compiz Fusion is now working, and you can play with your first 3D effects:

 

 

  Enabling Compiz Fusion On A Debian Squeeze Desktop (Nvidia GeForce 8200) - Page 2

View the original article here

Virtual Users With Postfix, Dovecot, MySQL, RoundCube, iRedAdmin On Debian 6.0 (Squeeze)

This document describes how to install a Postfix and Dovecot mail server that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. If you prefer to install such a mail server step by step, you can refer to the ISPmail tutorials at workaround.org. Also the Big Picture would help you to easily understand the mail server structure. I believe you at least need one day to have a working mail server that way. If you use the iRedMail script, you only need one minute to get the mail server up and running, and you will have more features (compared to the ISPmail tutorials).

What is iRedMail?

iRedMail is a shell script.It lets you quickly deploy a full-featured mail solution in less than 2 minutes.iRedMail supports both OpenLDAP and MySQL as backends for storing virtual domains and users.iRedMail officially provides the iRedAdmin web panel for managing mail servers.Most components used in iRedMail are provided by Linux distributions officially. It means that iRedMail users can get software update support for as long as the the distribution is supported.It supports RedHat, CentOS, Debian, Ubuntu, OpenSuSE, FreeBSD on both i386 and x86_64 architectures.It provides RoundCube 0.5.1 as a webmail program.

Useful links:

It is strongly recommended to use the Debian NetInstall version to install a minimal Debian system, and then deploy the mail service via the iRedMail solution. e.g.:

To install such a system you will need the following:

In this tutorial we use: Hostname: mail.example.com IP address: 192.168.1.10The first virtual domain: example.comiRedMail installs all packages from official apt repositories on Debian 6. On Debian 5, it installs from official apt repositories and the backports repository.

In Debian, the hostname is set in these two files:

/etc/hosts: hostname <=> IP address mapping /etc/hostname: hostname setting

Map this hostname to '127.0.0.1' (warning: list the FQDN hostname as the first item!).

Edit /etc/hosts:

127.0.0.1 localhost127.0.1.1 mail.example.com mail

Edit /etc/hostname:

mail

Let the hostname modification take effect at once:

# /etc/init.d/hostname.sh

Verify the FQDN hostname:

# hostname

mail

#hostname -f

mail.example.com

We need to have bzip2 installed for extracting iRedMail.

# apt-get install bzip2

Switch to the root user, we must execute further commands as the root user without sudo.

$ sudo su -

Download the new version of iredmail and start the installation: # wget http://iredmail.googlecode.com/files/iRedMail-0.7.0-rc2.tar.bz2
# tar jxvf iRedMail-0.7.0-rc2.tar.bz2
# cd iRedMail-0.7.0-rc2
# bash iRedMail.sh

Note:

It will download 3 source tarballs of iRedAdmin, RoundCube and iRedAPD.It will install the package "dialog" first.

Welcome page:

Choose the directory that will be used to store users' mailboxes.

iRedMail supports both OpenLDAP and MySQL as backends to store virtual domains and users. We choose MySQL.

Set the MySQL root password:

Add your first virtual domain, e.g.:

Set a password for the virtual domain admin: postmaster@example.com, you can log into iRedadmin and Awstats with this account.

Set a password for the first normal user www@example.com for the first virtual domain:

Select optional components:

Select the default language for your webmail application:

The configuration is now finished, we can now start the installation:

Configuration completed.****************************************************************************************************** WARNING ************************************************************************************************************* ** Please do remember to *MOVE* configuration file after installation ** completed successfully. ** ** * /root/iRedMail-0.7.0-beta2/config* **************************************************************************< INFO > Continue? [Y|n]

Finish the installation:

************************************************************************** iRedMail-0.7.0-beta3 installation and configuration complete.*************************************************************************< Question > Would you like to use firewall rules shipped within iRedMail now?< Question > File: /etc/default/iptables, with SSHD port: 22. [Y|n]< INFO > Copy firewall sample rules: /etc/default/iptables.insserv: warning: script 'K01iredapd' missing LSB tags and overridesinsserv: warning: script 'iredapd' missing LSB tags and overrides< Question > Restart firewall now (with SSHD port 22)? [y|N]< Question > Would you like to start postfix now? [y|N]** # for i in rsyslog apache2 postfix mysql postfix-policyd dovecot amavis clamav-daemon clamav-freshclam cron iptables; do /etc/init.d/${i} restart; done*********************************************************************

Restart all the related services manually without reboot:

# for i in rsyslog apache2 postfix mysql postfix-policyd dovecot amavis clamav-daemon clamav-freshclam cron iptables; do /etc/init.d/${i} restart; done

Virtual Users With Postfix, Dovecot, MySQL, RoundCube, iRedAdmin On Debian 6 (Squeeze) - Page 2

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Set Up OpenVPN Server With Authentication Against OpenLDAP On Debian 6.0 (Squeeze)

OpenVPN, or Open Virtual Private Network, is a tool for creating networking "tunnels" between and among groups of computers that are not on the same local network. This is useful if you have services on a local network and need to access them remotely but don't want these services to be publicly accessible. By integrating with OpenSSL, OpenVPN can encrypt all VPN traffic to provide a secure connection between machines.
The OpenLDAP backend of iRedmail allows you to integrate all kinds of applications and to realize centralized account management. This tutorial shows you how to integrate OpenVPN into the iredmail ldap backend on Debian 6.0; passwords will be stored in ldap and you can change passwords through webmail.
This tutorial is based on Debian 6.0, so I suggest you set up a minimal Debian 6.0 system with SSH; make sure you install all updates. Install iredmail 0.7.0 and choose openldap as backend, as shown in this tutorial:
Install OpenVPN and ldap support:
apt-get install openvpn openvpn-auth-ldap
Install dnsmasq:
To forward DNS traffic through the VPN you will need to install the dnsmasq package:
apt-get install dnsmasq
The OpenVPN package provides a set of encryption-related tools called "easy-rsa". These scripts are located by default in the /usr/share/doc/openvpn/examples/easy-rsa/ directory. However, in order to function properly, these scripts should be located in the /etc/openvpn directory.
cp -R /usr/share/doc/openvpn/examples/easy-rsa/ /etc/openvpn
Before we can generate the public key infrastructure for OpenVPN we must configure a few variables that the easy-rsa scripts will use to generate the scripts. These variables are set near the end of the /etc/openvpn/easy-rsa/2.0/vars file. Here is an example of the relevant values:
Edit /etc/openvpn/easy-rsa/2.0/vars according to your environment.
[...]export KEY_COUNTRY="CN"export KEY_PROVINCE="BJ"export KEY_CITY="BeiJing"export KEY_ORG="iRedMail"export KEY_EMAIL="www@example.com"
Issue the following commands in sequence to internalize the certificate authority and the public key infrastructure:
cd /etc/openvpn/easy-rsa/2.0/
chmod +rwx *
source ./vars
./clean-all
./pkitool --initca
With the certificate authority generated you can generate the private key for the server. This script will also prompt you for additional information. By default, the Common Name for this key will be "server". You can change these values in cases where it makes sense to use alternate values. To accomplish this, issue the following command:
./pkitool --server server
The "Diffie Hellman Parameters" govern the method of key exchange and authentication used by the OpenVPN server. Issue the following command to generate these parameters:
./build-dh
The keys and certificates for the server need to be relocated to the /etc/openvpn directory so the OpenVPN server process can access them. These files are:
ca.crtca.keydh1024.pemserver.crtserver.keycp keys/{ca.crt,ca.key,server.crt,server.key,dh1024.pem} /etc/openvpn/
These files don't need to leave your server. Maintaining integrity and control over these files is of the utmost importance to the integrity of your server. If you ever need to move or back up these keys, ensure that they're encrypted and secured.
The vmail password was randomly created during the iredmail installation. You can find the password in /etc/postfix/ldap_virtual_mailbox_domains.cf:
cat /etc/postfix/ldap/virtual_mailbox_domains.cf
[...]bind_dn = cn=vmail,dc=example,dc=combind_pw = 4LFqZFiT6yx8oP7R2BctvUSLpYWRdJ #cn=vmail password[...]
Issue the following two commands in sequence to create the /etc/openvpn/auth folder and copy the example files of OpenVPN auth LDAP to the /etc/openvpn/auth directory.
mkdir /etc/openvpn/auth
cp /usr/share/doc/openvpn-auth-ldap/examples/auth-ldap.conf /etc/openvpn/auth
Now edit /etc/openvpn/auth/auth-ldap.conf.
# LDAP server URLURL ldap://127.0.0.1# Bind DN (If your LDAP server doesn't support anonymous binds)BindDN cn=vmail,dc=example,dc=com# Bind Password cn=vmail passwordPassword 4LFqZFiT6yx8oP7R2BctvUSLpYWRdJ# Network timeout (in seconds)Timeout 15# Base DNBaseDN "o=domains,dc=example,dc=com"# User Search FilterSearchFilter "(&(objectClass=mailUser)(accountStatus=active)(enabledService=vpn))"# Require Group MembershipRequireGroup false
We'll now need to configure our server file. There is an example file in the /usr/share/doc/openvpn/examples/sample-config-files directory. Issue the following sequence of commands to retrieve the example configuration files and move them to the required directories:
cd /usr/share/doc/openvpn/examples/sample-config-files
gunzip -d server.conf.gz
cp server.conf /etc/openvpn/
Now edit /etc/openvpn/server.conf: [...];push "redirect-gateway def1 bypass-dhcp"push "redirect-gateway def1"[...];push "dhcp-option DNS 208.67.222.222";push "dhcp-option DNS 208.67.220.220"push "dhcp-option DNS 10.8.0.1"[...]##Add it at the bottom lineplugin /usr/lib/openvpn/openvpn-auth-ldap.so /etc/openvpn/auth/auth-ldap.confclient-cert-not-required
Use phpLDAPadmin or other tools to add LDAP values for existing mail users.
Log into phpLDAPadmin:

Find the existing mail user www@example.com:

Enable the VPN service for the user www@example.com:

Set Up OpenVPN Server With Authentication Against OpenLDAP On Debian 6.0 (Squeeze) - Page 2

View the original article here

Setting Up FTP^H^H^H SFTP In A Hurry For File Uploads Using OpenSSH

Secure file transfer gets too little attention, perhaps because it is too easy. For secure file transfer without the need of special programs or clients, nothing more is needed than to have the OpenSSH server installed and running. It has a built-in SFTP subsystem that is available to any account that can log in. In other words, for basic SFTP access, nothing needs to be done other than have an account accessible via SSH.
Again, for basic SFTP uploads and downloads, nothing in the default OpenSSH installation needs to be changed.  It's already there, ready to be used.
Removing shell access while still allowing SFTP access is a simple as three steps, if OpenSSH server is already installed.
Create a user group, e.g. sftponlyAdd users to that groupAdd a corresponding Match directive to sshd's configuration in /etc/ssh/sshd_config: Subsystem sftp internal-sftp
Match Group sftponly
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
Making a chroot jail of the SFTP users' home directories is also as easy to set up in OpenSSH.
Create a user group, e.g. sftponlyAdd users to that groupAdd a corresponding Match directive to sshd's configuration in /etc/ssh/sshd_config: Subsystem sftp internal-sftp
Match Group sftponly
ChrootDirectory %h
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
It's that easy.
The name "FTP" is often misused to mean file transfer using a special client. However, it is a specific protocol.
Plain FTP is insecure. The entire session, from username and password at the beginning, to data transfer at the end, is done without encryption. All accounts that use it can be considered compromised. It is the protocol itself that is insecure. FTP also requires adding and configuring special server software, whereas most servers usually have SSH, and thus SFTP, up and running.
FTP tunneled over SSL/TLS is FTPS. In contrast, SFTP is a new protocol designed from the ground up for secure file transfer. FTPS requires even more setup than FTP, whereas SFTP is running out of the box wherever there is an OpenSSH server.
Without extra effort, SFTP is already available wherever an OpenSSH server is running. With minimal changes, shell access can be turned off for SFTP users and even chrooted.

View the original article here

Installing Debian Squeeze (6.0) domU On CentOS 5.5 x86_64 dom0

This tutorial shows how to create a Debian Squeeze (6.0) domU on dom0 running CentOS 5.5 x86_64.

When installing Debian 6.0 domU on CentOS 5.5 x86_64 the following problems may arise:

Debian 6.0 uses Grub 2 and Xen 3.1.2 (default version on CentOS 5.5) will not be able to boot newly installed system using pygrub. When following official Debian documentation, the installed system may use wrong architecture and may not have Xen images installed at all.

The following command is used to launch the installation:

xm create -c /etc/xen/xm-debian.cfg install=true \
install-mirror=ftp://ftp.us.debian.org/debian \
install-installer=ftp://ftp.us.debian.org/debian/dists/squeeze/main/installer-amd64/20110106+b1/images

It will look for images in subdirectory netboot/xen. This directory also contains file xm-debian.cfg. Download this file and adjust disk, vif and other sections to suit your needs. This file is already filled with correct values for release (squeeze) and architecture (amd64). The file can also be adjusted to use preferred mirror.

After the system is installed and the domU is shut down, check if Xen kernel images have been installed and install them if necessary. After the images have been installed, copy them to /boot directory on dom0 and modify the Xen config to use custom kernel and ramdisk instead of pygrub.

kpartx -av /dev/data_vg/myvm-root
mount /dev/mapper/myvm-root1 /mnt
chroot /mnt
apt-get install linux-image-2.6.32-5-xen-amd64
exit
cp /mnt/boot/*xen* /boot
kpartx -d /dev/data_vg/myvm-root

Installing the xen kernel will generate the initrd image appropriate for domU.

The example Xen config:

name = "myvm" maxmem = 1024 memory = 1024 vcpus = 1 kernel = "/boot/vmlinuz-2.6.32-5-xen-amd64" root = "/dev/xvda1 ro" ramdisk = "/boot/initrd.img-2.6.32-5-xen-amd64" on_poweroff = "destroy" on_reboot = "restart" on_crash = "restart" disk = [ "phy:/dev/data_vg/myvm-root,xvda,w", "phy:/dev/data_vg/myvm-swap,xvdb,w"]

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

How To Set Up A Feng Office Suite Web Server On Ubuntu Server 10.10

This howto describes how to set up a local intranet web based office suite server (on Ubuntu 10.10 server) based on Feng Office which used to be OpenGoo. Feng Office has a range of groupware type products such as word processing, email, calendar, and presentations.

It doesnt yet have a spreadsheet nor does its calendar integrate with a calendar server. If these are features you would like to see then go to http://www.fengoffice.com/web/community/collaborate.php and tell them so.

Download and install Ubuntu server. Give the server a useful netbios name, e.g. fengserver. Using the space bar select LAMP server.

Write down the password you use for the MySQL root user - you'll need it later.

Create a user with password, e.g. fengadmin from the command line.

Go to the Internet directory:

cd /var/www

Download the latest version of FENG:

sudo wget http://downloads.sourceforge.net/project/opengoo/fengoffice/fengoffice_1.7.4/fengoffice_1.7.4.zip

Install the unzip package:

sudo apt-get install unzip

Unzip Feng:

sudo find . -name "*.zip" -exec unzip {} \;

Install PHP:

sudo apt-get install php5-gd mysql-server apache2 php5 php5-mysql

Give ownership of the unzipped folders to Apache:

sudo chown www-data:www-data /var/www/feng/feng_community/config
sudo chown www-data:www-data /var/www/feng/feng_community/cache
sudo chown www-data:www-data /var/www/feng/feng_community/upload
sudo chown www-data:www-data /var/www/feng/feng_community/tmp

Create the feng database in MySQL:

echo "create database fengdb" | mysql -u root -p

Enter your MySQL root password.

echo "create user 'fenguser'@'localhost' identified by 'fengsqlpassword'" | mysql -u root -p

Again, enter your MySQL root password.

echo "grant all on fengdb.* to 'fenguser'@'localhost'" | mysql -u root -p

Enter your MySQL root password again.

Restart the webserver:

sudo /etc/init.d/apache2 restart

Go to the web site from another machine:

http://fengserver/feng_community/

For the MySQL database/host/username/password enter fengdb/localhost/fenguser/fengsqlpassword. Obviously enter a more secure password in place of each instance of fengsqlpassword here and above.

Create a feng admin username and password.

Go finish, add a new user with details and you're done.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

How To Install Managing News On Ubuntu

Managing News is an RSS/Atom based news tracker with search, republishing and mapping. This tutorial shows how to install Managing News on an Ubuntu server.

Create database:

mysqladmin create [database]

Access MySQL:

mysql -u root -p[password]

Grant manipulation privileges to the database:

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER
ON [database].*
TO '[database_username]'@'localhost' IDENTIFIED BY '[password]';

Flush the grant tables (same as reload):

flush privileges;

Type this command:

wget http://managingnews.com/files/managingnews-1.2.zip

After download has finished, extract the file by typing this command:

unzip managingnews-1.2.zip

After finish extracting the file, move the file to /var/www/ folder by typing:

mv managingnews-1.2/* /var/www/

Go to the /var/www/sites/default/ folder and copy the default.settings.php to settings.php:

cd /var/www/sites/default/
cp default.settings.php settings.php

Then, change write permission of settings.php:

chmod a+w settings.php

In the same folder (/var/www/sites/default/ folder), create a files directory:

mkdir files

Then, change write permission of files directory:

chmod a+w files

Open your browser and type: http://YOURIPADDRESS/install.php

Choose profile: Click on install Managing News.

Set up database: Fill in the name of the database you created, database username and the database password.

Then, click "Save and continue" button.

Go to the /var/www/sites/default/ folder and remove write permission of settings.php:

cd /var/www/sites/default/
chmod a-w settings.php

Then, go back to the previous folder which is /var/www/sites/ folder and remove write permission of default folder:

cd ..
chmod a-w default

Configure site: Fill in Site name and Site e-mail address in "Site Information"section.

Configure site: Fill in Username, E-mail address, Password, Confirm password in "Administration account" section.

Configure site: Select for Default time zone, click Enabled for Clean URLs, and click Check for updates automatically for Update notifications in "Server settings" section.

Then, click "Save and continue" button.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

HowtoForge Has Now Its own Facebook Page

We at HowtoForge are proud to announce that our new Facebook page is now available under http://www.facebook.com/howtoforge. As most of you probably have a Facebook account, we want to use this additional channel to post updates and get feedback from you. Therefore we would like you to "Like" our page, share it with your friends, post comments, etc. :-)

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

How To Install Apache-Solr And Use It With Drupal And ISPConfig (OpenSUSE/Debian)

Solr is the popular, blazing fast open source enterprise search platform from the Apache Lucene project. Its major features include powerful full-text search, hit highlighting, faceted search, dynamic clustering, database integration, and rich document (e.g., Word, PDF) handling. I use this on OpenSUSE and Debian (minor tweaks on Debian, just paths to correct but it's almost the same). Packages from 4 of March 2011.

Install Drupal. And use ISPConfig 2.

Use this .htacess file in the root of your Drupal installation:

 
RewriteEngine on
#RewriteBase /  
RewriteCond %{REQUEST_FILENAME} !-f  
RewriteCond %{REQUEST_FILENAME} !-d  
RewriteRule ^(.*)$ /index.php?q=$1 [L,QSA]  
#RewriteCond %{REQUEST_URI} !=/favicon.ico

Alter the .htacess file in /web/sites/default/files and comment:

#SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
#Options None

Install Drupal. This tutorial doesn't cover full Drupal installation.

Log in as root or sudo as you wish.

Install some dependencies Drupal needs:

pecl install uploadprogress
pecl install json
pecl install apc
pecl install -n solr-beta

Also install Java 1.5 (gives error if 1.6) on your server. (This tutorial doesn't cover Java installation.)

Open your php.ini...

nano -w /etc/php5/apache2/php.ini

... and paste the following extensions uploadprogress, apc and solr so the extensions load with PHP:

; Directory in which the loadable extensions (modules) reside.
extension_dir = /usr/lib64/php5/extensions
extension=uploadprogress.so
extension=apc.so
extension=solr.so

Save your file and restart webserver:

/etc/init.d/apache2 restart

cd /tmp
wget http://mirrors.ukfast.co.uk/sites/ftp.apache.org/lucene/solr/1.4.1/apache-solr-1.4.1.zip
unzip apache-solr-1.4.1.zip
mv apache-solr-1.4.1 apache-solr
cp -r apache-solr /usr/share/apache-solr

Copy configuration from your Drupal installation, in my case /srv/www/web11/web:

cp /srv/www/web11/web/sites/all/modules/apachesolr/solrconfig.xml /usr/share/apache-solr/example/solr/conf/solrconfig.xml
cp /srv/www/web11/web/sites/all/modules/apachesolr/schema.xml /usr/share/apache-solr/example/solr/conf/schema.xml

cd apache-solr/example
java -jar start.jar

In your browser, test it (remember to open in ISPConfig firewall port 8983):

http://yourwebsite.com:8983/solr/admin/

TEST OK!

ctrl+c in your terminal and apache-solr ends... But never mind.

Let's make a start script so it starts solr when system boots:

nano -w /etc/init.d/solr

And paste this script:

#!/bin/sh -e

# Starts, stops, and restarts solr

SOLR_DIR="/usr/share/apache-solr/example"
JAVA_OPTIONS="-Xmx1024m -DSTOP.PORT=8079 -DSTOP.KEY=stopkey -jar start.jar"
LOG_FILE="/var/log/solr.log"
JAVA="/usr/bin/java"

case $1 in
start)
echo "Starting Solr"
cd $SOLR_DIR
$JAVA $JAVA_OPTIONS 2> $LOG_FILE &
;;
stop)
echo "Stopping Solr"
cd $SOLR_DIR
$JAVA $JAVA_OPTIONS --stop
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart}" >&2
exit 1
;;
esac

Make it executable:

chmod a+rx /etc/init.d/solr

Check what is booting:

chkconfig --list

Oh no! solr is not booting. Of course not!

chkconfig --add solr

Then try to stop it:

service solr stop

Oh. It's not working? Let's try to start it:

service solr start

Test on your browser. 

http://yourdomain.com:8983/solr/admin/

It's ALIVE! apache-solr, search on steroids!

Now you can reboot your server, too, and see apache-solr working. :)

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Paravirtualization With Xen 4.0 On Debian Squeeze (AMD64)

 

This tutorial provides step-by-step instructions on how to install Xen 4.0 on a Debian Squeeze (6.0) system (AMD64) and create paravirtualized guests (don't mix this up with fully virtualized guests, i.e. hardware virtualization (HVM)).

Xen lets you create guest operating systems (*nix operating systems like Linux and FreeBSD), so called "virtual machines" or domUs, under a host operating system (dom0). Using Xen you can separate your applications into different virtual machines that are totally independent from each other (e.g. a virtual machine for a mail server, a virtual machine for a high-traffic web site, another virtual machine that serves your customers' web sites, a virtual machine for DNS, etc.), but still use the same hardware. This saves money, and what is even more important, it's more secure. If the virtual machine of your DNS server gets hacked, it has no effect on your other virtual machines. Plus, you can move virtual machines from one Xen server to the next one.

I do not issue any guarantee that this will work for you!

I'm using a Debian Squeeze system (x86_64) with the hostname server1.example.com and the IP address 192.168.0.100 as the host system (dom0). (The setup might differ slightly if you are on an i386 system.) I will use Debian Squeeze for the virtual machines (domU) as well (but also show the changes you need if you want to install an Ubuntu Maverick guest).

This guide will explain how to set up image-based virtual machines and also LVM-based virtual machines.

To install Xen, we simply run

apt-get install xen-hypervisor xen-linux-system xen-utils xenstore-utils xenwatch xen-tools

Afterwards we open /etc/modules and make sure that we have the line loop max_loop=64 in it (this step is needed only if you want to create image-based virtual machines - you can skip it if you want to create LVM-based virtual machines):

vi /etc/modules

Next we open /etc/xen/xend-config.sxp...

vi /etc/xen/xend-config.sxp

... and uncomment/add the line (network-script 'network-bridge antispoof=yes') and comment out all other (network-script ...) lines (antispoof=yes enables the Xen firewall which prevents that a VM can use an IP address that it is not allowed to use, like, for example, your gateway IP). Also make sure that the line (vif-script vif-bridge) is enabled:

[...](network-script 'network-bridge antispoof=yes')[...](vif-script vif-bridge)[...]

Then reboot the system:

reboot

Run

uname -r

and your new Xen kernel should show up:

root@server1:~# uname -r
2.6.32-5-xen-amd64
root@server1:~#

Now run

xm dmesg

If you get output like this...

root@server1:~# xm dmesg
WARNING! Can't find hypervisor information in sysfs!
Error: Unable to connect to xend: No such file or directory. Is xend running?
root@server1:~#

... this means you are just running on a Xen-ready kernel, but not the Xen hypervisor itself (which means you will not be able to boot virtual machines). To change this, change the boot order of your kernels as follows and update the GRUB bootloader:

mv /etc/grub.d/10_linux /etc/grub.d/50_linux
update-grub2

This makes sure that the next time you boot, the Xen hypervisor gets loaded.

Reboot again:

reboot

Afterwards,

xm dmesg

should show you that the hypervisor is running:

root@server1:~# xm dmesg
(XEN) Xen version 4.0.1 (Debian 4.0.1-2) (waldi@debian.org) (gcc version 4.4.5 (Debian 4.4.5-10) ) Wed Jan 12 14:04:06 UTC 2011
(XEN) Bootloader: GRUB 1.98+20100804-14
(XEN) Command line: placeholder
(XEN) Video information:
(XEN)  VGA is text mode 80x25, font 8x16
(XEN)  VBE/DDC methods: V2; EDID transfer time: 1 seconds
(XEN) Disc information:
(XEN)  Found 1 MBR signatures
(XEN)  Found 1 EDD information structures
(XEN) Xen-e820 RAM map:
(XEN)  0000000000000000 - 000000000009f000 (usable)
(XEN)  000000000009f000 - 00000000000a0000 (reserved)
(XEN)  00000000000e0000 - 0000000000100000 (reserved)
(XEN)  0000000000100000 - 00000000affa0000 (usable)
(XEN)  00000000affa0000 - 00000000affae000 (ACPI data)
(XEN)  00000000affae000 - 00000000afff0000 (ACPI NVS)
(XEN)  00000000afff0000 - 00000000b0000000 (reserved)
(XEN)  00000000fec00000 - 00000000fec01000 (reserved)
(XEN)  00000000fee00000 - 00000000fef00000 (reserved)
(XEN)  00000000ff700000 - 0000000100000000 (reserved)
(XEN)  0000000100000000 - 0000000140000000 (usable)
(XEN) ACPI: RSDP 000FA310, 0014 (r0 ACPIAM)
(XEN) ACPI: RSDT AFFA0000, 0044 (r1 052608 RSDT1415 20080526 MSFT       97)
(XEN) ACPI: FACP AFFA0200, 0084 (r1 052608 FACP1415 20080526 MSFT       97)
(XEN) ACPI: DSDT AFFA0450, 960C (r1  1AAAA 1AAAA000        0 INTL 20051117)
(XEN) ACPI: FACS AFFAE000, 0040
(XEN) ACPI: APIC AFFA0390, 0080 (r1 052608 APIC1415 20080526 MSFT       97)
(XEN) ACPI: MCFG AFFA0410, 003C (r1 052608 OEMMCFG  20080526 MSFT       97)
(XEN) ACPI: OEMB AFFAE040, 0073 (r1 052608 OEMB1415 20080526 MSFT       97)
(XEN) ACPI: HPET AFFA9A60, 0038 (r1 052608 OEMHPET0 20080526 MSFT       97)
(XEN) ACPI: INFO AFFAE0C0, 0124 (r1 052608 AMDINFO  20080526 MSFT       97)
(XEN) ACPI: NVHD AFFAE1F0, 0284 (r1 052608  NVHDCP  20080526 MSFT       97)
(XEN) ACPI: SSDT AFFA9AA0, 028A (r1 A M I  POWERNOW        1 AMD         1)
(XEN) System RAM: 3839MB (3931388kB)
(XEN) Domain heap initialised
(XEN) Processor #0 15:11 APIC version 16
(XEN) Processor #1 15:11 APIC version 16
(XEN) IOAPIC[0]: apic_id 2, version 17, address 0xfec00000, GSI 0-23
(XEN) Enabling APIC mode:  Flat.  Using 1 I/O APICs
(XEN) Using scheduler: SMP Credit Scheduler (credit)
(XEN) Detected 2600.088 MHz processor.
(XEN) Initing memory sharing.
(XEN) HVM: ASIDs enabled.
(XEN) HVM: SVM enabled
(XEN) AMD-Vi: IOMMU not found!
(XEN) I/O virtualisation disabled
(XEN) AMD: Disabling C1 Clock Ramping Node #0
(XEN) Total of 2 processors activated.
(XEN) ENABLING IO-APIC IRQs
(XEN)  -> Using new ACK method
(XEN) checking TSC synchronization across 2 CPUs:
(XEN) CPU#0 had -2 usecs TSC skew, fixed it up.
(XEN) CPU#1 had 2 usecs TSC skew, fixed it up.
(XEN) Platform timer is 25.000MHz HPET
(XEN) Allocated console ring of 16 KiB.
(XEN) Brought up 2 CPUs
(XEN) *** LOADING DOMAIN 0 ***
(XEN)  Xen  kernel: 64-bit, lsb, compat32
(XEN)  Dom0 kernel: 64-bit, PAE, lsb, paddr 0x1000000 -> 0x16ba000
(XEN) PHYSICAL MEMORY ARRANGEMENT:
(XEN)  Dom0 alloc.:   0000000138000000->000000013c000000 (921455 pages to be allocated)
(XEN) VIRTUAL MEMORY ARRANGEMENT:
(XEN)  Loaded kernel: ffffffff81000000->ffffffff816ba000
(XEN)  Init. ramdisk: ffffffff816ba000->ffffffff8323b600
(XEN)  Phys-Mach map: ffffffff8323c000->ffffffff83963b78
(XEN)  Start info:    ffffffff83964000->ffffffff839644b4
(XEN)  Page tables:   ffffffff83965000->ffffffff83986000
(XEN)  Boot stack:    ffffffff83986000->ffffffff83987000
(XEN)  TOTAL:         ffffffff80000000->ffffffff83c00000
(XEN)  ENTRY ADDRESS: ffffffff81509200
(XEN) Dom0 has maximum 2 VCPUs
(XEN) Scrubbing Free RAM: .done.
(XEN) Xen trace buffers: disabled
(XEN) Std. Loglevel: Errors and warnings
(XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings)
(XEN) Xen is relinquishing VGA console.
(XEN) *** Serial input -> DOM0 (type 'CTRL-a' three times to switch input to Xen)
(XEN) Freed 176kB init memory.
(XEN) MCE: MSR 417 is not MCA MSR
(XEN) MCE: MSR 417 is not MCA MSR
root@server1:~#

We will use xen-tools to create virtual machines. xen-tools make it very easy to create virtual machines - please read this tutorial to learn more: http://www.howtoforge.com/xen_tools_xen_shell_argo. We've already installed xen-tools in the previous step (chapter 2).

Now we edit /etc/xen-tools/xen-tools.conf. This file contains the default values that are used by the xen-create-image script unless you specify other values on the command line. I changed the following values and left the rest untouched:

vi /etc/xen-tools/xen-tools.conf

[...]dir = /home/xen[...]# lvm = vg0[...]dist = `xt-guess-suite-and-mirror --suite` # Default distribution to install.[...]gateway = 192.168.0.1netmask = 255.255.255.0broadcast = 192.168.0.255[...]passwd = 1[...]kernel = /boot/vmlinuz-`uname -r`initrd = /boot/initrd.img-`uname -r`[...]mirror = `xt-guess-suite-and-mirror --mirror`[...]serial_device = hvc0 #default[...]disk_device = xvda #default[...]

The dir line specifies where the virtual machine images will be stored. Make sure that at the same time, lvm is commented out (these settings are mutually exclusive!).

dist specifies the distribution to be installed in the virtual machines (if you run the command

xt-guess-suite-and-mirror --suite

on the command line, you will see that it translates to squeeze, so in this case Debian Squeeze would be installed unless you specify anything else on the command line).

To find out which distributions you can install in a virtual machine, run:

gunzip /usr/share/doc/xen-tools/README.gz
cat /usr/share/doc/xen-tools/README

The passwd = 1 line makes that you can specify a root password when you create a new guest domain.

The kernel and initrd lines specify the kernel and ramdisk that get installed in a virtual machine. If you want to install Debian Squeeze, please use the settings as shown above (otherwise the Debian Squeeze guest might not boot). If you want to install Ubuntu Maverick, for example, you can use the same settings, or you comment out both lines, in which case the default Ubuntu kernel would be used (yes, Xen 4.0 allows you to use non-Xen kernels in a guest!).

Make sure you specify a gateway, netmask, and broadcast address. If you don't, and you don't specify a gateway and netmask on the command line when using xen-create-image, your guest domains won't have networking even if you specified an IP address!

The mirror line specifies the mirror to use (the command

xt-guess-suite-and-mirror --mirror

translates to a Debian mirror by default. Of course, you can specify another mirror, e.g. as follows:

mirror = http://ftp.de.debian.org/debian/

or

mirror = http://archive.ubuntu.com/ubuntu (for Ubuntu; in this case make sure that you specify an Ubuntu version in the dist line, e.g. dist = maverick)

)

It is very important that you add the line serial_device = hvc0 because otherwise your virtual machines might not boot properly!

disk_device = xvda makes that the virtualized disks are named xvda1, xvda2, etc. This is the correct setting for a Debian Squeeze guest; Ubuntu guests, especially when using a non-Xen kernel, might not boot with this setting, but you can override it with the --scsi switch that you pass to the xen-create-image command - in this case the virtualized disks will be named sda1, sda2, etc.

To summarize, the above settings are perfect for Debian Squeeze guests; if you want to install Ubuntu Maverick instead, you will have to override some of the settings in /etc/xen-tools/xen-tools.conf (--dist, --mirror, --scsi switches; maybe also comment out kernel and initrd) - I'll come to that in a moment.

Before we go on, we must create the directory where the virtual machine images should be stored:

mkdir /home/xen

Now let's create our first guest domain, xen1.example.com, with the IP address 192.168.0.101:

xen-create-image --hostname=xen1.example.com --size=4Gb --swap=256Mb --ip=192.168.0.101 --memory=256Mb --arch=amd64 --role=udev

Options that you specify on the command line override the settings in /etc/xen-tools/xen-tools.conf. Options that are not specified on the command line are taken from /etc/xen-tools/xen-tools.conf. Please make sure that you add --role=udev, or your virtual machine might not boot properly!

(To learn more about the available options, take a look at the xen-create-image man page:

man xen-create-image

)

The xen-create-image command will now create the xen1.example.com virtual machine for us. This can take a few minutes. The output should be similar to this one:

root@server1:~# xen-create-image --hostname=xen1.example.com --size=4Gb --swap=256Mb --ip=192.168.0.101 --memory=256Mb --arch=amd64 --role=udev

General Information
--------------------
Hostname       :  xen1.example.com
Distribution   :  squeeze
Mirror         :  http://ftp.de.debian.org/debian/
Partitions     :  swap            256Mb (swap)
/               4Gb   (ext3)
Image type     :  sparse
Memory size    :  256Mb
Kernel path    :  /boot/vmlinuz-2.6.32-5-xen-amd64
Initrd path    :  /boot/initrd.img-2.6.32-5-xen-amd64

Networking Information
----------------------
IP Address 1   : 192.168.0.101 [MAC: 00:16:3E:E8:61:97]
Netmask        : 255.255.255.0
Broadcast      : 192.168.0.255
Gateway        : 192.168.0.1

Creating partition image: /home/xen/domains/xen1.example.com/swap.img
Done

Creating swap on /home/xen/domains/xen1.example.com/swap.img
Done

Creating partition image: /home/xen/domains/xen1.example.com/disk.img
Done

Creating ext3 filesystem on /home/xen/domains/xen1.example.com/disk.img
Done
Installation method: debootstrap
Done

Running hooks
Done

Role: udev
File: /etc/xen-tools/role.d/udev
Role script completed.

Creating Xen configuration file
Done
Setting up root password
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
All done

Logfile produced at:
/var/log/xen-tools/xen1.example.com.log

Installation Summary
---------------------
Hostname        :  xen1.example.com
Distribution    :  squeeze
IP-Address(es)  :  192.168.0.101
RSA Fingerprint :  81:d1:7a:44:3b:07:41:3a:0f:46:d5:d5:30:bc:26:43
Root Password   :  N/A

root@server1:~#

For an Ubuntu Maverick guest, you should use this command instead:

xen-create-image --hostname=xen1.example.com --size=4Gb --swap=256Mb --ip=192.168.0.101 --memory=256Mb --arch=amd64 --role=udev --scsi --dist maverick --mirror=http://archive.ubuntu.com/ubuntu

(To use the default Ubuntu kernel instead of Debian's Xen kernel in the guest, you can also comment out the kernel and initrd lines in /etc/xen-tools/xen-tools.conf.)

There should now be a xen1.example.com configuration file - /etc/xen/xen1.example.com.cfg. Take a look at it to become familiar with virtual machines configuration files:

cat /etc/xen/xen1.example.com.cfg

## Configuration file for the Xen instance xen1.example.com, created# by xen-tools 4.2 on Fri Mar 25 15:56:51 2011.### Kernel + memory size#kernel = '/boot/vmlinuz-2.6.32-5-xen-amd64'ramdisk = '/boot/initrd.img-2.6.32-5-xen-amd64'vcpus = '1'memory = '256'## Disk device(s).#root = '/dev/xvda2 ro'disk = [ 'file:/home/xen/domains/xen1.example.com/disk.img,xvda2,w', 'file:/home/xen/domains/xen1.example.com/swap.img,xvda1,w', ]## Physical volumes### Hostname#name = 'xen1.example.com'## Networking#vif = [ 'ip=192.168.0.101,mac=00:16:3E:E8:61:97' ]## Behaviour#on_poweroff = 'destroy'on_reboot = 'restart'on_crash = 'restart'

(Please note: if you have a dual-core or quad-core CPU and want the virtual machine to use all CPU cores, please change the vcpus line to vcpus = '2' or vcpus = '4'.)

To start the virtual machine, run

xm create /etc/xen/xen1.example.com.cfg

root@server1:~# xm create /etc/xen/xen1.example.com.cfg
Using config file "/etc/xen/xen1.example.com.cfg".
Started domain xen1.example.com (id=1)
root@server1:~#

Run

xm console xen1.example.com

to log in on that virtual machine (type CTRL+] if you are at the console, or CTRL+5 if you're using PuTTY to go back to dom0), or use an SSH client to connect to it (192.168.0.101).

To get a list of running virtual machines, type

xm list

The output should look like this:

root@server1:~# xm list
Name                                        ID   Mem VCPUs      State   Time(s)
Domain-0                                     0  2811     2     r-----    137.2
xen1.example.com                             1   256     1     -b----      1.7
root@server1:~#

To shut down xen1.example.com, do this:

xm shutdown xen1.example.com

If you want xen1.example.com to start automatically at the next boot of the system, then do this:

mkdir /etc/xen/auto
ln -s /etc/xen/xen1.example.com.cfg /etc/xen/auto

Here are the most important Xen commands:

xm create -c /path/to/config - Start a virtual machine.
xm shutdown - Stop a virtual machine.
xm destroy - Stop a virtual machine immediately without shutting it down. It's as if you switch off the power button.
xm list - List all running systems.
xm console - Log in on a virtual machine.
xm help - List of all commands.

A list of all virtual machines that were created with the xen-create-image command is available under

xen-list-images

root@server1:~# xen-list-images
Name: xen1.example.com
Memory: 256
IP: 192.168.0.101
root@server1:~#

To learn more about what you can do with xen-tools, take a look at this tutorial: http://www.howtoforge.com/xen_tools_xen_shell_argo

Paravirtualization With Xen 4.0 On Debian Squeeze (AMD64) - Page 2

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Extending Perfect Server - Debian Squeeze [ISPConfig 3]

 

The following tutorial will extend the "Perfect Server.... " for ISPConfig 3 with BIND & Courier installed in Debian Squeeze. It explains how to change default ports (ssh, ispconfig, webmin), how to install some useful applications (webmin, roundcube, atop, htop, multitail, tiger etc), how to update awstats periodically (more than once a day) or whenever you want, how to create clients' data backups (periodically) accessible under their folder and finally it explains how to tweak your system for performance (mysqltuner, tuning-primer) or security (custom firewall rules, (D)Dos Deflate, fail2ban modified).

This tutorial works perfect for me, but I can not guarantee that it will work for you.

In specific this tutorial explains how to:

install Webmin and change it's port to 50000change the default port for ISPConfig from 8080 to 50443install Roundcube so as all users can access it over SSL (port 50443 -- as ISPConfig ) under /webmailextend fail2ban (for webmin, roundcube, ssh) and  apply a small patchinstall multitail and use a simple command to see all useful logschange the port 22 for SSH to 50022access phpmyadmin over SSL (port 50443 -- as ISPConfig ) under a different url than the default (e.g. /mydomaindb)install some useful apps/extensions to you server (htop, php-apc, iptraf, logwatch etc)update awstats manually or automatic whenever you wantimpove mysql settings using scripts like mysqltuner or tuning-primer that suggest which settings to tweak in your mysql installationharden you system (simple steps), by blocking specific --insistent-- IPs or networks, or/and by using custom rules to protect your server against simple ddos attacks, in companion with (D)Dos Deflate.create daily backup of clients' web folders and their databases in their folders, so as they will be able to download them

To follow this tutorial you have to read and apply the following:

- The Perfect Server - Debian Squeeze (Debian 6.0) With BIND & Courier [ISPConfig 3]

- If you want to access ISPconfig Panel and webmail through SSL I also assume that you followed the chapter 6.2 Enabling SSL For The ISPConfig Web Interface of The ISPConfig 3 manual or this post (This is only needed if you want to access the control panel AND the webmail interface through ssl on port 8080).

A note here: To NOT have problems after a future update do:

cp /etc/apache2/ssl/ispserver.crt /usr/local/ispconfig/interface/ssl/ispserver.crt
cp /etc/apache2/ssl/ispserver.key  /usr/local/ispconfig/interface/ssl/ispserver.key

and edit /etc/apache2/sites-enabled/000-ispconfig.vhost, removing the lines that you pasted following the manual, and uncommenting the default lines for SSL.

nano /etc/apache2/sites-enabled/000-ispconfig.vhost

The contents must look like:

[...]
# SSL Configuration

  SSLEngine On

  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
[...]

- If you followed the above, then I finally assume that you read the workaround about suExec and ISPConfig 3 in this post.

This how to, is a (major) updated version of  Easy RoundCube (Over SSL) And Webmin With fail2ban For ISPConfig 3 On Debian Squeeze with a lot more additions.

Before you proceed make sure that your server is functional, and you are satisfied with it.  If you follow this tutorial you will make a lot of changes, and this (by it's own) needs a lot of debugging in case of errors!

Please have in mind that if you install webmin you MUST be very careful in using it. You should not use webmin for editing settings of critical parts of ISPConfig (apache, postfix, imap, pop3, dns). Use it only in emergency cases or when you need to do things that DON'T interfere with ISPConfig (e.g. firewall, bootscripts, cron e.t.c)

To install webmin we must first install some dependencies:

apt-get install libapt-pkg-perl libauthen-pam-perl libio-pty-perl apt-show-versions

Download the latest webmin from http://www.webmin.com/download.html:

cd /tmp
wget http://prdownloads.sourceforge.net/webadmin/webmin_1.530_all.deb

and install it:

dpkg -i webmin_1.530_all.deb

Before changing a port to something else than the default, DON'T forget to add the port to your firewall. If you are using the defaults of ISPConfig, go to System -> Firewall and add the port you want (In this manual we will use 50000 for Webmin, 50443 for ISPConfig, 50022 for ssh). Save and DON'T remove old ports (8080, 10000, 22) until you are absolutely sure that the new ports are working.

To change the default port of webmin, edit the file /etc/webmin/miniserv.conf:

nano /etc/webmin/miniserv.conf

and change the Port=10000 and listen=10000 to Port=50000 and listen=50000. Restart webmin:

/etc/init.d/webmin restart

Visit https://www.example.com:50000 to install updates through webmin interface. You will have to accept the security warning, as the certificate of webmin is custom signed.

Before changing a port to something else than the default, DON'T forget to add the port to your firewall. If you are using the defaults of ISPConfig, go to System -> Firewall and add the port you want (In this manual we will use 50000 for Webmin, 50443 for ISPConfig, 50022 for ssh). Save and DON'T remove old ports (8080, 10000, 22) until you are absolutely sure that the new ports are working.

To change the default port of ISPConfig Control Panel (8080), to a different one (e.g. 50443):

nano /etc/apache2/sites-enabled/000-ispconfig.vhost

and make sure that all references to 8080 are changed to 50443. Mine looks like this (ONLY the first lines are showing):

[...]
Listen 50443
NameVirtualHost *:50443

[...]

Restart apache and access the control panel at https://www.example.com:50443:

/etc/init.d/apache2 restart

Extending Perfect Server - Debian Squeeze [ISPConfig 3] - Page 2

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

The Perfect Desktop - OpenSUSE 11.4 (GNOME)

This tutorial shows how you can set up an OpenSUSE 11.4 desktop that is a full-fledged replacement for a Windows desktop, i.e. that has all the software that people need to do the things they do on their Windows desktops. The advantages are clear: you get a secure system without DRM restrictions that works even on old hardware, and the best thing is: all software comes free of charge.

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

To fully replace a Windows desktop, I want the OpenSUSE 11.4 desktop to have the following software installed:

The GIMP - free software replacement for Adobe Photoshop F-Spot - full-featured personal photo management application for the GNOME desktopGoogle Picasa - application for organizing and editing digital photosFirefoxOperaChromium - Google's open-source browser Flash Player 10 FileZilla- multithreaded FTP client Thunderbird - email and news clientEvolution - combines e-mail, calendar, address book, and task list management functionsTransmission BitTorrent ClientEmpathy - multi-platform instant messaging clientSkypeGoogle EarthXchat IRC - IRC client LibreOffice Writer - replacement for Microsoft Word LibreOffice Calc - replacement for Microsoft Excel Adobe ReaderGnuCash - double-entry book-keeping personal finance system, similar to Quicken Scribus - open source desktop publishing (DTP) applicationAmarok - audio player Audacity - free, open source, cross platform digital audio editorBanshee - audio player, can encode/decode various formats and synchronize music with Apple iPods MPlayer - media player (video/audio), supports WMA Rhythmbox Music Player - audio player, similar to Apple's iTunes, with support for iPods gtkPod - software similar to Apple's iTunes, supports iPod, iPod nano, iPod shuffle, iPod photo, and iPod miniXMMS - audio player similar to Winampdvd::rip - full featured DVD copy programSound Juicer CD Extractor - CD ripping tool, supports various audio codecsVLC Media Player - media player (video/audio)Helix PlayerTotem - media player (video/audio)Xine - media player, supports various formats; can play DVDs Brasero - CD/DVD burning programK3B - CD/DVD burning programMultimedia-CodecsBluefish - text editor, suitable for many programming and markup languagesKompozer - WYSIWYG HTML editor, similar to Macromedia Dreamweaver, but not as feature-rich (yet)Quanta Plus - web development environment, including a WYSIWYG editorVirtualBox - lets you run your old Windows desktop as a virtual machine under your Linux desktop, so you don't have to entirely abandon Windows TrueType fontsJavaRead/Write support for NTFS partitions

As you might have noticed, a few applications are redundant, for example there are two CD/DVD burning applications in my list (Brasero, K3B). If you know which one you like best, you obviously don't need to install the other applications, however if you like choice, then of course you can install both. The same goes for music players like Amarok, Banshee, Rhythmbox, XMMS or browsers (Firefox, Opera, Chromium).

I'm using the OpenSUSE 11.4 GNOME Live-CD in this tutorial to set up the system. You can download it from here: http://software.opensuse.org/114/en

I will use the username falko in this tutorial, and I will download all necessary files to falko's desktop which is equivalent to the directory /home/falko/Desktop. If you use another username (which you most probably do ;-)), please replace falko with your own username. So when I use a command like

cd /home/falko/Desktop

you must replace falko.

Download the OpenSUSE 11.4 GNOME Live-CD iso image, burn it onto a CD, and boot your computer from it:

Select openSUSE Live GNOME:

This is how the live desktop looks. Click on the Live Installer icon to start the installation:

The installer starts. Select your language and keyboard layout and click on Next:

Select your time zone:

On the partitioning screen, you can either customize the partitioning, or you accept the default partitioning (which is also available as LVM - select LVM Based if you'd like to use the default partitioning with LVM):

Create a user account for yourself. If you check Use this password for system administrator, your user password will also be the root password:

Before the actual installation begins, the installer displays a summary of your settings. If the settings are ok, click on the Install button:

Confirm that you want to begin the installation - the hard drive will be formatted:

An OpenSUSE 11.4 image with default settings is now being copied to the hard drive:

After the installation, the installer asks you to reboot the system. Click on Reboot Now - this will immediately reboot the computer:

Before the system boots up again, please remove the LiveCD from the CD drive.

The Perfect Desktop - OpenSUSE 11.4 (GNOME) - Page 2

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.