Extremely Serious

Category: Tool (Page 1 of 4)

Vagrant Basic Commands

Command Description
destroy Stops and deletes all traces of the vagrant machine
halt Stops the vagrant machine
init Initializes a new Vagrant environment by creating a Vagrantfile.
Vagrant boxes can be found from the following link:
Discover Vagrant Boxes - Vagrant Cloud (vagrantup.com)
provision Provisions the vagrant machine
reload Restarts vagrant machine, loads new Vagrantfile configuration
resume Resume a suspended vagrant machine
ssh Connects to machine via SSH
ssh-config Outputs OpenSSH valid configuration to connect to the machine
status Outputs status of the vagrant machine
suspend Suspends the machine
up Starts and provisions the vagrant environment
validate Validates the Vagrantfile
version Prints current and latest Vagrant version

Using dos2unix

Sometimes we wrote a script intended for linux but we are using windows. However, when we deploy the script to linux it doesn't work.

For example you've created the file helloworld.sh in windows with the following content:

#!/bin/sh
echo "Hello World"

Transport helloworld.sh to linux and make it executable (i.e. using the command chmod 755 helloworld.sh). Execute it using the following command:

./helloworld.sh

Expect to see something similar to the following error:

-bash: ./helloworld.sh: /bin/sh^M: bad interpreter: No such file or directory

To remedy this, run dos2unix command with helloworld.sh as follows:

dos2unix helloworld.sh

Expect an output similar to the following:

dos2unix: converting file helloworld.sh to Unix format...

After this, execute the helloworld.sh again and expect no error.

Requesting for Certificate with certbot-auto

Requesting for certificate

certbot-auto certonly -m <EMAIL_NAME> --webroot -w <WEBROOT_PATH> -d <DOMAIN_NAMES>

Example

certbot-auto certonly -m admin@example.com --webroot -w /usr/share/nginx/www -d www.example.com

Expanding your certificates

certbot-auto certonly --webroot --agree-tos -w <WEBROOT_PATH> --expand -d <DOMAIN_NAMES>

Example

certbot-auto certonly --webroot --agree-tos -w /usr/share/nginx/blog --expand -d blog.example.com

Display information about certificates you have from Certbot

certbot-auto certificates

Installing Jenkins in Ubuntu

Requirement

  • Java 8 +

Installing Jenkins

  1. Install the jenkins key:
    wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
  2. Register the jenkins source:
    sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
  3. Add the universe repository:
    sudo add-apt-repository universe
  4. Update the repository:
    sudo apt-get update
  5. Install jenkins:
    sudo apt-get install jenkins -y

Preparing Jenkins

  1. Access jenkins:
    http://localhost:8080/
  2. Use the password found from the following file for Administrator Password:
    sudo less /var/lib/jenkins/secrets/initialAdminPassword
  3. In Getting Started page select:
    Install suggested plugins
  4. Create the first admin user.
  5. Provide the Jenkins URL in the Instance Configuration.
  6. Click the Start using Jenkins button.

Monitoring Artifactory Service with Nagios

Requirement

  • check_jmx plugin

Enable JMX on Artifactory

  1. Update the /var/opt/jfrog/artifactory/etc/default file to add the following:
    export JAVA_OPTIONS="$JAVA_OPTIONS -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=5000 -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"

    If you wanted to connect remotely (e.g. jconsole) add the following argument:

    -Djava.rmi.server.hostname=<IP_ADDRESS>
  2. Restart the artifactory service:
    sudo systemctl restart artifactory.service

Testing with check_jmx plugin

/usr/local/nagios/libexec/check_jmx/nagios/plugin/check_jmx -U service:jmx:rmi:///jndi/rmi://localhost:5000/jmxrmi -O "org.jfrog.artifactory:instance=Artifactory, type=Storage,prop=Binary Storage" -A Size

Expect to see something similar to the following output:

JMX OK Size=377653571

Related Post
Downloading the Nagios check_jmx Plugin in Ubuntu

Compiling Nagios Plugin 2.3.3 to Ubuntu 20.04

Installing the Nagios Plugins

  1. Refresh the repository:
    sudo apt-get update
  2. Install the dependencies:
    sudo apt-get install -y autoconf gcc libc6 libmcrypt-dev make libssl-dev wget bc gawk dc build-essential snmp libnet-snmp-perl gettext
  3. Change the directory to your home directory:
    cd ~
  4. Download the nagios plugins source codes:
    wget --no-check-certificate -O nagios-plugins.tar.gz https://github.com/nagios-plugins/nagios-plugins/archive/release-2.3.3.tar.gz
  5. Extract the downloaded source codes:
    tar zxf nagios-plugins.tar.gz
  6. Change to the directory of the newly extracted source codes:
    cd nagios-plugins-release-2.3.3
  7. Setup and configure:
    sudo ./tools/setup
    sudo ./configure
  8. Compile the source codes:
    sudo make
  9. Install the plugins to /usr/local/nagios/libexec directory:
    sudo make install

Configuring NRPE 4 Daemon and Plugin to Ubuntu 20.04

Installing NRPE

    1. Refresh the repository:
      sudo apt-get update
    2. Install the dependencies:
      sudo apt-get install autoconf automake gcc libc6 libmcrypt-dev make libssl-dev wget openssl -y
    3. Change the directory to your home directory:
      cd ~
    4. Download the nrpe 4 source codes:
      wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.3/nrpe-4.0.3.tar.gz
    5. Extract the downloaded source codes:
      tar xvf nrpe-4.0.3.tar.gz
    6. Change to the directory of the newly extracted source codes:
      cd nrpe-4.0.3
    7. Run the configure script that enables the command arguments for clients and uses ssl library:
      sudo ./configure --enable-command-args --with-ssl-lib=/usr/lib/x86_64-linux-gnu/
    8. Compile the source codes:
      sudo make all
    9. Install the nagios user and group:
      sudo make install-groups-users
    10. Install both NRPE daemon and check_nrpe plugin:
      sudo make install
    11. Install the nrpe config file (i.e. /usr/local/nagios/etc/nrpe.cfg):
      sudo make install-config
    12. Install the init script:
      sudo make install-init
    13. Enable the nrpe daemon:
      sudo systemctl enable nrpe.service
    14. Update allowed_hosts field in the /usr/local/nagios/etc/nrpe.cfg file: to include your nagios server address (e.g. your nagios server address is 10.0.0.174 the allowed hosts is as follows):
      allowed_hosts=127.0.0.1,::1,10.0.0.174
    15. Update the dont_blame_nrpe field: to 1 on the same configuration file to allow your clients to specify arguments:
      dont_blame_nrpe=1
    16. Start the nrpe daemon:
      sudo systemctl start nrpe.service

      The NRPE service is listening with the port 5666 by default.

Testing The NRPE Plugin

/usr/local/nagios/libexec/check_nrpe -H localhost

Expect to see the version of NRPE daemon

Related Post
Compiling NRPE 4 Plugin to Tinkerboard
Compiling Nagios Plugin 2.3.3 to Ubuntu 20.04

Compiling NRPE 4 Plugin to Tinkerboard

Installing NRPE

  1. Refresh the repository:
    sudo apt-get update
  2. Install the dependencies:
    sudo apt-get install libssl-dev -y
  3. Change the directory to your home directory:
    cd ~
  4. Download the nrpe 4 source codes:
    wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.3/nrpe-4.0.3.tar.gz
  5. Extract the downloaded source codes:
    tar xvf nrpe-4.0.3.tar.gz
  6. Change to the directory of the newly extracted source codes:
    cd nrpe-4.0.3
  7. Run the configure script:
    ./configure
  8. Compile the check_nrpe plugin only:
    sudo make check_nrpe
  9. Install the newly compiled plugin:
    sudo make install-plugin
  10. Update the file /usr/local/nagios/etc/objects/commands.cfg to add the following entry:
    define command {
    	command_name    check_nrpe
    	command_line    /usr/local/nagios/libexec/check_nrpe -H $HOSTADDRESS$ -t 30 -c $ARG1$ $ARG2$
    }

Testing The Plugin

Using the command check_nrpe we can check the load on the host 10.0.0.202 (i.e. NRPE daemon must be configured and listening on port 5666) using the following command:

/usr/local/nagios/libexec/check_nrpe -H 10.0.0.202 -c check_load

Expect to see the output of the check_load plugin executed on the host 10.0.0.202

Configuring Nagios 4 to Tinkerboard

Installing Nagios

  1. Update the system:
    sudo apt-get update && sudo apt-get upgrade
  2. Install the dependencies:
    sudo apt-get install autoconf gcc libc6 make wget unzip apache2 php libapache2-mod-php libgd-dev libsasl2-modules mailutils -y
  3. Change the directory to your home directory:
    cd ~
  4. Download the nagios 4 source codes:
    wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.6.tar.gz
  5. Extract the downloaded source codes:
    tar xzf nagios-4.4.6.tar.gz
  6. Change to the directory of the newly extracted source codes:
    cd nagios-4.4.6
  7. Run the configure script with integration to apache2:
    ./configure --with-httpd-conf=/etc/apache2/sites-enabled
  8. Compile the source:
    sudo make all
  9. Install the nagios user and group:
    sudo make install-groups-users
  10. Make nagios user a member of the www-data group:
    sudo usermod -aG nagios www-data
  11. Install nagios.
    sudo make install
  12. Install the init script:
    sudo make install-init
  13. Initialize the init script:
    sudo make install-daemoninit
  14. Install and configures permissions on the directory for holding the external command:
    sudo make install-commandmode
  15. Install the sample config files on the /usr/local/nagios/etc directory:
    sudo make install-config
  16. Install the nagios config file to apache2:
    sudo make install-webconf
  17. Update the SUID of the ping command:
    sudo chmod 4755 /bin/ping

Installing the Nagios Plugins

  1. Run the following command:
    sudo apt install nagios-plugins
  2. Update the $USER1$ property in the /usr/local/nagios/etc/resource.cfg file to have /usr/lib/nagios/plugins like as follows:
    $USER1$=/usr/lib/nagios/plugins

Configuring Apache2 Web Server

  1. Enable the rewrite module:
    sudo a2enmod rewrite
  2. Enable the CGI module:
    sudo a2enmod cgi
  3. Create nagiosadmin as a nagios web user:
    sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

    Assign a strong password

  4. Restart the apache2 service:
    sudo systemctl restart apache2

Related Post
Configuring NRPE 4 Daemon and Plugin to Ubuntu 20.04
Compiling NRPE 4 Plugin to Tinkerboard

MailScanner with Postfix

Prerequisite

Resolving MailScanner Dependencies

  1. Run the following cpan commands one at a time (i.e. to see if they are successfully installed):
    sudo cpan -i Filesys::Df
    sudo cpan -i IO::Stringy
    sudo cpan -i DBI
    sudo cpan -i Net::CID
    sudo cpan -i Sys::SigAction
    sudo cpan -i MIME::Parser
    sudo cpan -i Archive::Zip
    sudo cpan -i OLE::Storage_Lite
    sudo cpan -i DBD::SQLite
  2. Install the following packages:
    sudo apt-get install unrar
    sudo apt-get install sqlite

Installing Clamav Antivirus

Run the following command:

sudo apt-get install clamav clamav-daemon

Integrating Clamav to MailScanner

  1. Update the /etc/MailScanner/MailScanner.conf to have the fields Virus Scanner and Clamd Socket to become as follows:
    Virus Scanner = clamd
    Clamd Socket = /var/run/clamav/clamd.ctl
  2. Restart the mailscanner service with the following command:
    sudo service mailscanner restart
  3. Update the file /etc/apparmor.d/usr.sbin.clamd to have the following entries:
      /var/spool/MailScanner/** rw,
      /var/spool/MailScanner/incoming/** rw,
  4. Restart the apparmor service with the following command:
    sudo systemctl restart apparmor.service

Installing and Updating Spamassassin

Run the following commands:

sudo apt-get install spamassassin
sudo sa-update
sudo service spamassassin start

Integrating MailScanner to Postfix

  1. Open the file /etc/postfix/main.cf for editing and add the following line and save:
    header_checks = regexp:/etc/postfix/header_checks
  2. Create the file /etc/postfix/header_checks with the following:
    /^Received:/ HOLD
  3. Open the file /etc/MailScanner/MailScanner.conf for editing and update with the following if necessary:
    Run As User = postfix
    Run As Group = postfix
    Incoming Queue Dir = /var/spool/postfix/hold
    Outgoing Queue Dir = /var/spool/postfix/incoming
    MTA = postfix
  4. Open the file /etc/MailScanner/defaults for editing and update with the following if necessary:
    run_mailscanner=1
  5. Update the group of /var/spool/MailScanner to mtagroup and allow the it write permission as follows:
    sudo chown :mtagroup /var/spool/MailScanner
    sudo chmod 775 MailScanner
  6. Prepare spamassassin's directory using the following commands:
    sudo mkdir /var/spool/MailScanner/spamassassin
    sudo chown postfix /var/spool/MailScanner/spamassassin
  7. Update the permission of the MailScanner's incoming and quarantine folders with the following commands:
    sudo chown postfix.mtagroup /var/spool/MailScanner/incoming
    sudo chmod 770 /var/spool/MailScanner/incoming
    sudo chown postfix.mtagroup /var/spool/MailScanner/quarantine
  8. Restart the mailscanner service with the following command:
    sudo service mailscanner restart

Related Post
Configuring Email Server with Postfix and Dovecot:

« Older posts