HOWTO : NTop on Ubuntu 9.04 Server

Install NTop to monitor all the traffic of your machines in your network.

Step 1 :

sudo apt-get install ntop rrdtool

Step 2 :

Set the admin password.

sudo ntop -A

Step 3 :

sudo ntop -d -L

You can add to the /etc/rc.local to make it execute when boot up automatically.

Step 4 :

Access ntop at http://ip_address_ntop:3000

Enjoy!

HOWTO : WebDAV on Ubuntu 9.04 Server

WebDAV is a file manager that running on web server. You can access it like on your desktop. Easy and enjoyable.

Install Ubuntu 9.04 server as usual and select LAMP and OpenSSH when asked for choice. You can also install vsFTPd if you want to but it is optional.

Step 1 :

sudo a2enmod dav_fs
sudo a2enmod dav
sudo a2enmod dav_lock

sudo /etc/init.d/apache2 restart

Step 2 :

To create a virtual host for the WebDAV.

sudo mkdir -p /var/www/webdav
chown www-data /var/www/webdav

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/webdav

sudo nano /etc/apache2/sites-available/webdav

Make the a portion of the file as the following :


....
DocumentRoot /var/www/webdav
<Directory /var/www/webdav/>
   Options Indexes FollowSymLinks MultiViews
   AllowOverride None
   Order allow,deny
   allow from all
</Directory>
<Location />
   DAV On
   AuthType Basic
   AuthName "webdav"
   AuthUserFile /var/www/.passwd.dav
   Require valid-user
   DavMinTimeout 600
   <LimitExcept GET PUT HEAD OPTIONS POST>
      Require valid-user
   </LimitExcept>
</Location>
....

Step 3 :

sudo htpasswd -c /var/www/.passwd.dav samiux

chown root:www-data /var/www/.passwd.dav
chmod 640 /var/www/.passwd.dav

suod chmod -R 0777 /var/www/webdav
sudo chown www-data:www-data /var/www/webdav

sudo /etc/init.d/apache2 restart

Step 4 :

To test if WebDAV owrks or not.

sudo apt-get install cadaver

sudo cadaver http://localhost/

If you got “dav:/” prompt, enter “quit” to quit. Otherwises, fix the problem.

Step 5 (Windows only) :

Download NetDrive at http://www.netdrive.net/ and set it accordingly. The port should be 80.

Now you can access your WebDAV server from Windows.

Step 6 (Ubuntu only) :

Go to “Place” > “Connect to Server“. Select “WebDAV (HTTP)“. Enter the IP of your WebDAV server and then press “Connect“. Submit the username and password. An icon will be displayed on your desktop. Double click it and go.

Now you can access your WebDAV server from Ubuntu.

That’s all!

UPDATED ON JUNE 30, 2009
If you open the OpenOffice files on the WebDAV by clicking, you can only open it in read only mode. However, there is method to overcome this problem. You open OpenOffice Write (for example), click the “Open file” and at the “Name of file” enter the following :

vnd.sun.star.webdav://192.168.0.100/openoffice_readonly_on_webdav.odt

Now you can edit and save it on WebDAV.

UPDATED ON JULY 3, 2009

For better performance (such as the speed that pasting files on the WebDAV), please fine tune your server as the following :

Performance tuning

UPDATED ON AUGUST 9, 2009

Make sure you have disabled the default site at Apache.

sudo a2dissite default

When you upload files by FTP, make sure you change the ownership of the files.

sudo chown -R www-data:www-data /var/www/webdav

HOWTO : Cacti on Ubuntu 9.04 server

*** THIS HOWTO IS INVALID AND PENDING FOR UPDATE ***

Cacti is a graphical network traffic analysis system based on Apache, PHP, MySQL, SNMP and RRDTool. It can monitor the machines in your network.

To install Cacti on Ubuntu 9.04 is very easy and straight forward.

Step 1 :

Install Ubuntu 9.04 server as Cacti server. Select LAMP and OpenSSH during the installation. For example, the IP of the Cacti server is 192.168.10.200.

Step 2 :

sudo apt-get install cacti

Step 3 :

At the client side (any machine or server in your network that to be monitored), it should be Ubuntu server or debian server. For other distributions, please use the related command to install snmpd accordingly.

sudo apt-get install snmpd

Step 4 :

sudo nano /etc/snmp/snmpd.conf

Add the following lines to the related sections :

com2sec notConfigUser 192.168.10.200 public
access notConfigGroup "" any noauth exact all none none

Save it and exit. Then restart the snmpd.

sudo /etc/init.d/snmpd restart

Step 5 :

At the browser, enter the address as the following :

http://192.168.10.200/cacti

User name and password are “admin“.

Accept the default settings.

Add the machine(s) that you want to monitor on the screen.

Step 6 :

Wait for the graphical charts to generate.

Enjoy!

HOWTO : Install Proxmox VE 1.3 on debian 5.01 (Lenny) AMD64

Since disk image of Proxmox VE 1.3 cannot install to my RAID 5EE or 6 hard drive space that larger than 2TB. I have a 3.6TB RAID 5EE hard storage. Therefore, I install it by packages on debian Lenny AMD64.

Installation of debian

Download the netinstall disk image of debian 5.01 (Lenny) AMD64 (should be AMD64, others are not suitable) and install to the server as is. Make sure you choose the entire disk with LVM. At the end of installation, you will be asked to select which services or servers to be installed. You just select "Base Standard" only.

Installation of Proxmox VE

Step 1 :

Log in the debian server as root and edit the following file.

nano /etc/apt/sources.list

Add the following line at the end of the file.

deb http://download.proxmox.com/debian lenny pve

Get and install the repository key.

wget -O- "http://download.proxmox.com/debian/key.asc" | apt-key add -

Update the repository and system.

apt-get update
apt-get upgrade

Step 2 :

Install Proxmox VE kernel.

apt-get install pve-kernel

Then, edit the following file when need.

nano /boot/grub/grub.cfg

Or

Delete the debian official kernel and image. Then issue the following command.

update-grub

Reboot debian server and make sure you select the PVE kernel when boot at the Grub Menu.

Step 3 :

Log in debian server as root and issue the following commands.

apt-get install proxmox-ve ntp postfix pve-manager

Connect to Proxmox VE web interface.

https://your_debian_server_ip

e.g. https://192.168.1.10

Step 4 :

Configure the vmbr0 interface at "System", "Network".

Configure bridge vmbr0

IP Address : 192.168.1.10 # your debian server's IP
Subnet Mask : 255.255.255.0
Gateway : 192.168.1.1 # your router or gateway's IP

Reboot your debian server.

Enjoy!

HOWTO : IPython for Python programming on Ubuntu

The current IPython is for Python 2.5 at this writing.

Install IPython as your Python programming environment.

sudo apt-get update
sudo apt-get install python-setuptools

sudo easy_install IPython

Once IPython is installed, you can run it as the following :

ipython

Type quit() to quit.

HOWTO : Security enhanced your Ubuntu 9.04 LAMP server with AppArmor

Step 1 :

Check if AppArmor is enabled or not. And make sure MySQL profile is enabled too.

sudo apparmor_status

Step 2 :

Create a profile of Apache2.

sudo aa-genprof apache2

sudo nano /etc/apparmor.d/usr.sbin.apache2

Add the following lines within ^DEFAULT_URI bracket.

/usr/sbin/suexec2 rix,
/usr/share/apache2/** r,
/var/log/apache2/** rwl,
/var/xoops/** r,
/var/www/xoops/** r,

Step 3 :

Put the profile in complain mode.

sudo aa-complain /etc/apparmor.d/usr.sbin.apache2
sudo /etc/init.d/apache2 restart

Step 4 :

After running the XOOPS for a while, we can update the profiles.

sudo aa-logprof

When the prompt ask for your selection, choose “A (Add)” to add a rule to the profiles. Save the file at the end of the process.

You can repeat this step when necessary.

Step 5 :

After running the XOOPS for a longer time and found no error, you can make the profile in enforce mode. Before doing so, make sure you have conducted the Step 4 once more.

sudo aa-enforce /etc/apparmor.d/usr.sbin.apache2
sudo /etc/init.d/apache2 restart

Step 6 (Optional) :

If you encounter any error, you can disable the profile.

sudo ln -s /etc/apparmor.d/usr.sbin.apache2 /etc/apparmor.d/disable/
sudo apparmor_parser -R < /etc/apparmor.d/usr.sbin.apache2
sudo rm /etc/aparmor.d/disable/usr.sbin.apache2

Reference :
(1) Ubuntu Documentation (AppArmor)
(2) Introduction to AppArmor
(3) Share your profiles
(4) AppArmor support threads

HOWTO : Make your Apache to use SSL

Step 1 :

sudo a2enmod ssl

Copy the default-ssl to the name as your current XOOPS domain, e.g. samiux.com.

sudo cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/samiux.com-ssl

sudo nano /etc/apache2/sites-available/samiux.com-ssl

Do not change anything inside but except the following :

DocumentRoot /var/www/xoops
ServerName http://www.samiux.com # add this line under DocumentRoot
<Directory /var/www/xoops>

Step 2 :

sudo nano /etc/apache2/sites-available/samiux.com

Make sure you enabled rewrite module as at previous HOWTO. Add the following inside the mod_rewrite.c bracket.

RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R]

Step 3 :

Open your browser and go to your site and login as admin. Enable SSL and add the SSL URL as https://www.samiux.com at the Preferance.

sudo nano /var/www/xoops/mainfile.php

Change your domain name and path as https://www.samiux.com

Step 4 :

sudo a2ensite samiux.com-ssl

sudo /etc/init.d/apache2 restart