HOWTO : Regenerate SSL certificate and Reset MySQL root password on Ubuntu 9.04

When your SSL certificate is expired or need to regenerate for some reason, you can issue the following command under Ubuntu 9.04.

sudo make-ssl-cert generate -default-snakeoil --force-overwrite

When you forgot the root password of MySQL, you can reset it by issue the following command under Ubuntu 9.04.

sudo dpkg-reconfigure mysql-server-5.0

Advertisements

My Perfect Home Network 2009 (Version 4.0)

my_home_network_v4.0

The following is the setting of “My Perfect Home Network 2009 (Version 4.0)”. Virtualization technology can reduce the number of servers you owned. It saves room, electricity and money as well as manpower to manage. Therefore, it has one more term – Green Computing.

Configuration of KVM Server
2 x Intel Xeon E5420 Quad-Core CPU
16GB ECC DDR2 RAM
6 x 1TB Hard drive on hardware RAID 5EE

KVM Server
Virtualization Server (that runs the following 5 servers)
Proxmox on Debian 5.01 Lenny

Server #0
Running Untangle inside.

Server #1
Almost perfect and secure Ubuntu 9.04 LAMP Server

Server #2
WebDAV on Ubuntu 9.04 Server

Server #3
Sockso (Music Server) on Ubuntu 9.04 Server

Server #4
ntop on Ubuntu 9.04 Server

Server #5
Torrentflux-b4rt with Cherokee on Ubuntu 9.04 Server

**********

Router to router
Connecting wired router to wireless router

**********

Evolution of my network 2007-2009

2007 – a very simple network with a wired and a wireless router

2008

2009 (Version 3.4)

2009 (Version 4.0) *This writing* – It is finally simplified into one server with the help of modern computing technology!

HOWTO : Add or rename network interface on Debian 5.0

When you insert a new network interface to a already setup server, it will not recognized your new added network interface correctly. However, we can edit it manually.

Step 1 :

sudo nano /etc/udev/rules.d/70-persistent-net.rules

Edit the MAC address and/or name of the interface when necessary.

Step 2 :

sudo nano /etc/network/interfaces

Add a new entry for the new interface accordingly.

auto eth2
iface eth2 inet dhcp

*dhcp if IP is assigned automatically by DHCP

Step 3 :

sudo ifconfig ethX up

sudo /etc/init.d/networking restart

*where ethX will be eth0, eth1, eth2 ….

HOWTO : Godaddy.com’s Relay Mail Server with Postfix on Ubuntu Server

Your Internet Services Provider (ISP) may block SMTP port (Port 25) if you are not using a business plan (like in Hong Kong). However, you can still send email with reverse lookup of your domain name when your domain registrar is Godaddy.com.

Step 1 :

Create and enable your free email account at Godaddy.com when you have a domain name there. Set the password accordingly. Your username of the account may be look like this : yourname@yourdomain.

Incoming Mail Server Type : POP3
Incoming Mail Server : pop.secureserver.net
Incoming Mail Server Port : 110

Outgoing Mail Server : smtpout.secureserver.net
Outgoing Mail Server Port : 25, 80, 587 or 3535

Step 2 :

Create a file namely “sasl_passwd“.

sudo nano /etc/postfix/sasl/sasl_passwd

Add the following line.

smtpout.secureserver.net username:password

Step 2a :

Save and quit. Issue the following commands.

chown root:root /etc/postfix/sasl/sasl_passwd
chmod 600 /etc/postfix/sasl/sasl_passwd
postmap /etc/postfix/sasl/sasl_passwd

Step 3 :

Go to your mail server (Postfix).

sudo nano /etc/postfix/main.cf

Edit or/and add the following lines.

relayhost = [smtpout.secureserver.net]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
smtp_sasl_security_options = noanonymous
mynetworks = 192.168.0.0/24, 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128

*If your network is 192.168.0.0/24, otherwise; change it accordingly.

Step 4 :

Restart the Postfix to make it work.

sudo /etc/init.d/postfix restart

Step 5 :

Now, you can send email with reverse lookup via Godaddy.com’s relay mail server. Your email will not be blocked or redirected to “Junk Mail” folder by Gmail, Yahoo Mail or others.

Be keep in mind that you have 250 quota every day. Or, you are required to purchase more quota.

Point to your email server on other servers that will send email.

HOWTO : Performance tuning for PostgreSQL on Ubuntu/Debian

Step 1 :

Edit postgresql.conf.

sudo nano /etc/postgresql/8.3/main/postgresql.conf

Step 2 :

The performance tuning setting is as the following :

(1) shared_buffers

Recommended : 0.25 * Available Memory

(2) work_mem

Recommended : Available Memory / max_connections
(If your queries tend to be more complicated, then divide that by 2. If you typically run very close to max_connections connections, then consider dividing by 2 again. If that gives you a number that isn’t at least 16MB, buy more memory.)

(3) maintenance_work_mem

Recommended : Available Memory / 8

(4) wal_buffers

Recommended : 8MB

(5) checkpoint_segments

Recommended : 16 to 128

(6) effective_cache_size

Recommended : Available Memory * 0.75

(7) cpu_tuple_cost

Recommended : 0.0030

(8) cpu_index_tuple_cost

Recommended : 0.0010

(9) cpu_operator_cost

Recommended : 0.0005

(10) fsync

Recommended : off

Warning : If “fsync” is set to “off”, you may encounter data loss when the power failure unless you have a battery backup unit at your hardware RAID card.

(11) max_connection

Recommended : 140% (100 clients average means 140 max connections)

(12) checkpoint_timeout

Recommended : 1h

Step 3 :

Restart PostgreSQL server.

sudo /etc/init.d/postgresql-8.3 restart

Step 4 :

If it produces error message and cannot restart, change the setting for “kernel.shmmax” on sysctl.conf as suggested.

Edit the sysctl.conf as suggested.

sudo nano /etc/sysctl.conf

Reference #1 :

The following is the my setting of a 8GB RAM server which is running PostgreSQL.

/etc/postgresql/8.3/main/postgresql.conf

max_connections = 140
shared_buffers = 2GB
temp_buffers = 8MB
work_mem = 16MB
maintenance_work_mem = 1GB
wal_buffers = 8MB
checkpoint_segments = 128
effective_cache_size = 6GB
cpu_tuple_cost = 0.0030
cpu_index_tuple_cost = 0.0010
cpu_operator_cost = 0.0005
fsync = off
checkpoint_timeout = 1h

Reference #2 :

The following is my setting of sysctl.conf on the same server.

/etc/sysctl.conf

kernel.sem = 250 32000 100 128
kernel.shmall = 2097152
kernel.shmmax = 2209914880
kernel.shmmni = 4096
fs.file-max = 262140
vm.vfs_cache_pressure = 50
vm.min_free_kbytes = 65536

net.core.rmem_default = 33554432
net.core.rmem_max = 33554432
net.core.wmem_default = 33554432
net.core.wmem_max = 33554432
net.ipv4.tcp_rmem = 10240 87380 33554432
net.ipv4.tcp_wmem = 10240 87380 33554432
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_sack = 1
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_mem = 786432 1048576 26777216
net.ipv4.ip_local_port_range = 1024 65535
net.ipv4.tcp_max_tw_buckets = 360000

Step 5 :

Add the following parameters to the kernel tag of Grub.

reservation,nodiratime,noatime

Step 6 :

sudo mount -a

If no error message produced, issue the following command to make it work.

sudo mount -o remount /

My Dream Home Network 2009

my_home_network_v3.4

The following is the setting of “My Dream Home Network 2009”. Virtualization technology can reduce the number of servers you owned. It saves room, electricity and money as well as manpower to manage. Therefore, it has one more term – Green Computing.

Configuration of Server #A
Intel Q9550 Quad-Core CPU
8GB DDR2 RAM
2 x 160GB Hard drive on hardware RAID 1

Server #A
It is running Untangle as a router and Unified Threat Management System (UTM)

***********

Configuration of Server #0
2 x Intel Xeon E5420 Quad-Core CPU
16GB ECC DDR2 RAM
6 x 1TB Hard drive on hardware RAID 5EE

Server #0
Virtualization Server (that runs the following 4 servers)
Proxmox on Debian 5.01 Lenny

Server #1
Almost perfect and secure Ubuntu 9.04 LAMP Server

Server #2
WebDAV on Ubuntu 9.04 Server

Server #3
Sockso (Music Server) on Ubuntu 9.04 Server

Server #4
ntop on Ubuntu 9.04 Server

P.S. There will be one more server for bittorrent (coming soon).

**********

Router to router
Connecting wired router to wireless router

HOWTO : Sockso 1.1.8 (Music Server) on Ubuntu 9.04 Server

Sockso is a cross platform music server and requires no installation. She runs on a standalone personal computer or on a server. For running on personal computer with GUI, please refer to her official site.

The client computer requires no mp3 player to play the music but needs a Flash player.

The advantage of Sockso is that you can listen to your mp3 files at anytime and anywhere under the condition that fast internet connection is available. The disadvantage is that you should have at least IEEE 802.11g (54M) Wifi connection for smooth operation.

Sockso requires Sun Java only and it is requires no Apache or other web server to run.

Step 1 :

Sockso requires Sun Java to work. You should install the following packages.

sudo apt-get install sun-java6-bin sun-java6-fonts sun-java6-jre unzip

Step 2 :

Download the latest version of Sockso. The current version is 1.1.8 at the time of this writing.

wget http://sockso.googlecode.com/files/sockso-1.1.8.zip

unzip sockso-1.1.8.zip

sudo mkdir /usr/share/sockso

sudo cp -R /home/samiux/sockso-1.1.8/* /usr/share/sockso/*

sudo mkdir /var/sockso
sudo chmod -R 0755 /var/sockso

Step 3 :

Run the Sockso at command prompt.

sudo sh /usr/share/sockso/linux.sh --nogui --datadir /var/sockso

If you have some mp3 at /home/samiux/music and /home/mary/mp3, just runs the following command to make the music collection.

#SockSo#>coladd /home/samiux/music
#SockSo#>coladd /home/mary/mp3

If you want to list all collections, use the following command.
collist

If you want to delete one of the collections, use the following command.
coldel

Add a user to the Sockso.

#SockSo#>useradd samiux <your_password_here> samiux@gmail.com

To exit the #SockSo#;gt; command prompt.
exit

Step 4 :

Copy the init.d script to /etc/init.d/

sudo cp /usr/share/sockso/scripts/init.d/sockso /etc/init.d/sockso.pl

Create a sockso script file.

sudo nano /etc/init.d/sockso

-------- CUT HERE ---------
#!/bin/bash

perl /etc/init.d/sockso.pl $1

exit 0
-------- CUT HERE ---------

Edit the sockso.pl as the following.

sudo nano /etc/init.d/sockso.pl

use constant SOCKSO_DIR => "/usr/share/sockso/";

system( 'sh linux.sh --nogui --datadir /var/sockso > /dev/null 2>&1 &' );

Step 5 :

Now, you can start the sockso with the following command.

sudo chmod +x /etc/init.d/sockso
sudo chmod +x /etc/init.d/sockso.pl

sudo /etc/init.d/sockso start

You can also stop the sockso with the following command.

sudo /etc/init.d/sockso stop

Listen to the music with your browser.

http://192.168.0.100:4444

Step 6 :

Run the script automatically after reboot.

sudo update-rc.d sockso defaults

Remarks : Make sure you have stopped the Sockso before reboot or shutdown; otherwise, the mp3 databases would be corrupted. If so, you should delete everything inside /var/sockso and redo the Step 3.

Remarks : Don’t broadcast copyrighted musics or songs. Or, you may be in lawsuit.

That’s all. See you!