netkoo.ca

How to install a VNC server on the CentOS VPS?

#>su -
#>yum update
#>yum -y groupinstall "KDE (K Desktop Environment)"
#>yum -y install vnc vnc-server firefox
#>mv /root/.vnc/xstartup  /root/.vnc/xstartup.backup

#>vi /root/.vnc/xstartup
#!/bin/sh

startkde &

#>vncserver

install tight vnc viewer.

tightVNC Server: domain.com:1

click Connect, input root password.

Done.

NAS ( Network Attached Storage)

I have 4 computers, 1 pad, 1 netbook plus few iphones, and like many guys, always have one device short.

So, how to share files between these many computers? how to make sure your files are safe?

This post will give you a cheap hardware solution, and I’ll post the software solution next time.

1. Find a cheap set of motherboard/cpu/memory.

Mine is an old core2duo computer with 4GB memory, sitting in dusts for a few years. Today, perhaps costs $150-$250 CAD? The NAS doesn’t need a core2duo cpu, any Pentium level CPU should work too. I just like this 6 SATA2 ports. on the top left corner. I’m sure you can find a BETTER and CHEAPER set of motherboad/cpu/memory in free geeks (http://freegeekvancouver.org/).

2. buy a piece of wood board from Home Depot and cut it to good size to fit my shelf.

3. Mount the motherboard onto the wood board. Make sure you leave some space between the motherboard and wood board, for air flow.

4. Mount the wood board upside down onto the top of my shelf.

5. Plug all 6 hard drives, 2 x IDE, and 4 x SATA2. Looks pretty messy.

6. Bought 2 racks for my 6 hard drives. Now it doesn’t look too messy.

7. Complete view

8. outside view.

9. This is the outside with cover view. I call it “IKEA NAS” because it’s inside an IKEA shelf.

In my current NAS, there are 4 SATA2 hard drives, 2TB each, with RAID5 setting gives total 6TB storage capacity. 2 IDE drives are set to RAID1 (mirror), for storing OS only. This NAS server has been working 24×7 for 1+ years, perhaps only rebooted 1-2 times.

OS is ubuntu 10.4 server version.

For future upgrade, I’ll take out these 2 IDE drives and replease with 2 compact flash drives with IDE adapter, so I’ll be able to free up 2 slots in the RAC, and fill witth 2 additional 2TB SATA2 drives. Then the total capacity will be 10TB, should be able to serve me for another 4 years.

I AM!

If you are managing a little server facing the Internet directly, please check your logs. Perhaps there are many many many tries to hack your user passwords. Like mine……

Here is a little script I created to block the IPs trying to hack my server. So, an user’s IP which tries 15 consecutive times per day, will be blocked, forever! This script only blocks linux password hackers, I have similar script for blocking pop3 and asterisk hacks.

Step 1: create a file to store your firewall config

/sbin/iptables-save > /root/firewall-confs/firewall.conf

Step 2: make sure every time your server boots up will reload this config.

vi /etc/rc.local

/sbin/iptables-restore < /root/firewall-confs/firewall.conf

Step 3: update the crontab to run the script everyday.

50 23 * * * /root/ipfilter.sh >> /root/blockedIPList.txt

Step 4: the script

[root@server ~]# cat ipfilter.sh
#!/bin/sh
DATE=`date | awk '{print $2, $3}'`
echo " "
echo "==========================================="
date
grep "$DATE" /var/log/secure | grep "Failed password for invalid user" | awk '{print $13}'> /root/filter_log.today.beforesort
cat /root/filter_log.today.beforesort | sort > /root/filter_log.today
pre_line=" "
counter=0
while read line
do
if [ "$line" == "$pre_line" ]; then
counter=`expr $counter + 1`
# if 15 consecutive hacks
if [ "$counter" -eq 15 ]; then
#block ip
/sbin/iptables -A INPUT -s $line -j DROP
#unblock ip
#/sbin/iptables -D INPUT -s $line -j DROP
echo "blocked ip: "$line
fi
else
if [ "$counter" -ge 15 ]; then
echo "counter = "$counter
fi
counter=0
fi
pre_line=$line
done < "/root/filter_log.today"
echo "counter = "$counter
service iptables save
service iptables restart
/sbin/iptables-save > /root/firewall-confs/firewall.conf

So far it works for me. Here are some IPs I blocked.

…

===========================================
Sat Jun 25 23:50:03 MDT 2011
counter = 0

===========================================
Sun Jun 26 23:50:02 MDT 2011
blocked ip: 124.42.3.52
counter = 350

===========================================
Mon Jun 27 23:50:01 MDT 2011
blocked ip: 200.76.85.210
counter = 897
blocked ip: 222.241.151.133
counter = 36

===========================================
Tue Jun 28 23:50:01 MDT 2011
blocked ip: 184.82.20.38
counter = 131
blocked ip: 203.31.7.22
counter = 91

===========================================
Wed Jun 29 23:50:03 MDT 2011
blocked ip: 60.191.125.194
counter = 970

===========================================
Thu Jun 30 23:50:05 MDT 2011
counter = 0
….

H340 doesn’t have a VGA port, so you can’t plug your monitor to the mother board to install ubuntu. There are servial solutions to resolve this issue. If you are like me, don’t want to spend $70-$90 to buy a special VGA/PS2 cable, and you don’t know how to build your own cable. Here is a better solution.

6. ping and ssh to this H340. DONE.

Thanks to druhboruch from ubuntuforum, he/she is the real hero.

This is suppose to be an easy task, but somehow not so easy for me.  No…… I’m not that smart….

Assume you installed ubuntu 10.04 already. For Virtual Box to run, you need a desktop, at least I need a desktop. So,

$> sudo apt-get install ubuntu-desktop
( This will take a long long time, so, turn on your TV, and start watching LOST season 6 start from episode 1,2,3……….  After Jack closes his eyes, you should be able to get this red+purple+orangeish color Desktop. )

Bounce your computer a few times, make sure it’s stable. Then login and open a terminal.

$>sudo apt-get install virtualbox-ose
(Virtualbox installed)

Now we need to create some virtual NICs

$>sudo vi /etc/network/interfaces
(put these lines in, don’t worry about the IP address mis-match your network, you won’t use them anyway.. You can try 127.0.0.1/32, if you like.)
auto virbr1
iface virbr1 inet static
        address 192.168.0.99
        netmask 255.255.255.0
        network 192.168.0.0
        broadcast 192.168.0.255
        gateway 192.168.0.1
        bridge_ports eth0
        bridge_fd 9
        bridge_hello 2
        bridge_maxage 12
        bridge_stp off
        hwaddress ether 00:01:2e:2c:d6:ea

$>sudo /etc/init.d/networking restart

Now go back to virtualbox on your Desktop. Create the virtual server as you usually do, then make sure in “Networking”, select “birdge adapter” mode, then choose “virbr1″. After that, put the MAC address of virbr1 into the MAC address bar below. (if you don’t change MAC address, it still works. I just follow this pattern from my previous opensolaris settings.)

Now install guest OS, and setup the IP address/mask and gateway. My IP is like, 192.168.88.111/24. You should be able to ping this IP address from other computers, like 192.168.88.112/24.

Done.

Last time I installed a websphere 7.0 deployment manager on a CentOS. This time I’ll create an application server on a different Host, and federate this new app server to the deployment manager I installed last time.

1. Install a standalone WAS.

- Follow the “Install Websphere7.0 on CentOS (1)” document to download and untar the source.
- vi responsefile.nd.txt, turn on the following options,

-OPT silentInstallLicenseAcceptance=”true”
-OPT allowNonRootSilentInstall=”true”
-OPT disableOSPrereqChecking=”true”
-OPT disableNonBlockingPrereqChecking=”true”
-OPT installType=”installNew”
-OPT profileType=”standAlone”
-OPT feature=”noFeature”
-OPT PROF_enableAdminSecurity=”true”
-OPT PROF_adminUserName=”admin”
-OPT PROF_adminPassword=”password”
-OPT installLocation=”/home/user/IBM/WebSphere/AppServer”
-OPT cimSelected=”true”
-OPT cimRepositoryLocation=”/home/user/IBM/WebSphere/cimrepos”
-OPT PROF_profilePath=”/home/user/IBM/WASprofiles”
-OPT PROF_profileName=”FatWAS70serverProf”
-OPT PROF_isDefault=”true”
-OPT PROF_hostName=”FatWASHost1″
-OPT PROF_nodeName=”FatWASNode1″
-OPT PROF_cellName=”FatWASCell1″
-OPT PROF_serverName=”server1″
-OPT PROF_defaultPorts=”true”

Save it and run this command,
- ./install -options “./responsefile.nd.txt” -silent

Then start server to check if install is successful.

2. Federate!

2.1 Pre-Federate.

- put the following entries into /etc/hosts file on BOTH deployment manager server and this server.
192.168.xx.xx(This server’s IP addr)  FatWASHost1
192.168.xx.xx(Dmgr server’s IP addr)  FatWASDmgr

- Check the time on these two servers. The difference must be smaller than 5 minutes. To make sure the time is set properly, do this on both servers,
- yum install ntp
- ntpdate us.pool.ntp.org

2.2 Federate this node
- cd /home/user/IBM/WASprofiles/bin
- startup the Deployment Manager
-  ./addNode.sh DMGR_IP_ADDR 8879 -conntype SOAP -includeapps -trace -username admin -password password -localusername admin -localpassword password

… …
ADMU0003I: Node FatWASNode1 has been successfully federated.

- logout/login to the dmgr’s web console, then check “Servers -> Server Types -> WebSphere application server”. There should be a server1 in the list. Start it up.

Done.

I need to install a Websphere7.0 onto a CentOS5.3 linux server, with 2 conditions, 1, install with non-root user account. 2, install without a web browser.

Why I’m not the root user? Because I’m not the System Admin. Why there is no web browser? Because the SA doesn’t like me…..

My plan is to install the deployment mgr on to a container first, then use the dmgr console to manage other app servers. To make that work, of course you need the ND version.

- Download that big C?????.tar.gz file from IBM website.
- make a source directory like /home/user/WAS70ND, and move your gz file into there.
- cd /home/user/WAS70ND
- tar -zxvf ?.tar.gz
- cd WAS

Now edit the response file.
- vi responsefile.nd.txt
I have the following options turned on,

-OPT silentInstallLicenseAcceptance=”true”
-OPT allowNonRootSilentInstall=”true”
-OPT disableOSPrereqChecking=”true”
-OPT disableNonBlockingPrereqChecking=”true”
-OPT installType=”installNew”
-OPT profileType=”management”
-OPT feature=”noFeature”
-OPT PROF_enableAdminSecurity=”true”
-OPT PROF_adminUserName=”admin”
-OPT PROF_adminPassword=”password”
-OPT installLocation=”/home/user/IBM/WebSphere/AppServer”
-OPT cimSelected=”true”
-OPT cimRepositoryLocation=”/home/user/IBM/WebSphere/cimrepos”
-OPT PROF_profilePath=”/home/user/IBM/WASprofiles”
-OPT PROF_profileName=”FatWAS70Dmgr”
-OPT PROF_isDefault=”true”
-OPT PROF_serverType=”DEPLOYMENT_MANAGER”
-OPT PROF_hostName=”FatWASDmgr”
-OPT PROF_nodeName=”FatWASDmgrNode”
-OPT PROF_cellName=”FatWASCell”
-OPT PROF_defaultPorts=”true”

Save it and run this command,
- ./install -options “./responsefile.nd.txt” -silent

To check the install process, open another window then check the log
- tail -f /home/user/waslogs/log.txt
… …
(Nov 25, 2009 10:48:49 AM), Process, com.ibm.ws.install.ni.ismp.actions.ISMPLogSuccessMessageAction, msg1, INSTCONFSUCCESS

syntax:
useradd -s /bin/bash -d [folder_name]  -c “[name]” [userid]

sample:
useradd -s /bin/bash -d /home/holden -c "Holden C" holden

Chagne password:
passwd holden

word press doesn’t have Chinese language package by default, and the db char set doesn’t support Chinese, so you need a little extra admin work.

1. download/install Chinese language pack

1.1. download http://svn.automattic.com/wordpress-i18n/zh_CN/wporg/rosetta-zh_CN.mo and change file name to zh_CN.mo

1.2. then download http://svn.automattic.com/wordpress-i18n/zh_CN/wporg/rosetta-zh_CN.po and change file name to zh_CN.po

1.3.  use your FTP client to create a folder named “languages” in your domain. e.g. my folder is here: WEB_HOME/webtech/wp-content/languages/

1.4. upload the zh_CN.po and zh_CN.mo files into this “languages” folder.

2. change your wp-config.php file to allow database to save and read 16 bits chars.

2.1. go to your domain and find the file named “wp-config.php”. e.g. my file is located at WEB_HOME/webtech/wp-config.php

2.2. edit this file and find the line shows, “define(‘DB_CHARSET’, ‘utf8′);”, then change it to “define(‘DB_CHARSET’, ‘utf16′);”.
then find the line shows, ” define (‘WPLANG’, ”);”, and change it to “define (‘WPLANG’, ‘zh_CN’);”

2.3. save and test your word press posting. It should work, like mine.

美人卷珠帘，家里断水电，骂你没有钱，爹娘无颜见。

Taking a course in BCIT, to learn some Drupal stuff. So, setting up a test box at home to play with.

$>sudo apt-get install apache2
$>sudo /etc/init.d/apache2 restart

$>sudo apt-get install php5 libapache2-mod-php5
$>sudo /etc/init.d/apache2 restart
$>sudo vi /var/www/testphp.php
<?php phpinfo(); ?>

$>sudo apt-get install mysql-server
rootpassword: ROOTPASSWORD
$>sudo vi /etc/mysql/my.cnf
bind-address            = 0.0.0.0
$>sudo mysql -u root -p
exit
$>sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin
check both apache2,lighthttp
phpmyadmin: yes
put password
$>sudo vi /etc/php5/apache2/php.ini
extension=msql.so�
memory_limit = 256M
sudo vi /etc/mysql/my.cn
$>wget http://drupal.org/files/projects/drupal-6.13.tar.gz
$>tar -zxvpf drupal-6.13.tar.gz
$>sudo mv drupal-6.13/* drupal-6.13/.htaccess /var/www/

visit http://YOURIP/install.php?profile=default