Generally, all mailservers consist of three main components: MTA, MDA and MUA.  Each components plays a specific role in the process of moving and managing email messages and is important for ensuring proper email delivery.  Hence, setting up a Mail server is a difficult process involving the proper configuration of these components. The best way is to install and configure each individual component one by one, ensuring each one works and gradually building up your mail server.

In this article, I'm providing the guidelines on how we can configure a Mail Server on an Ubuntu 16.04 server with Postix (MTA) and Dovecot (MDA) using an external database (MySQL) for managing virtual users. First of all let's start with the pre-requisites for building our Mail server.

Pre-requisites

• MySQL installed Server
• A Fully qualified hostname
• Domain resolving to your server

After full-filling our pre-requisites, we can start  building our Mail server one by one.

Installing Packages

First, of all we need to update our APT repository packages and start with installing the required postfix and dovecot packages.

root@ubuntu:~# apt-get install postfix postfix-mysql dovecot-core dovecot-imapd dovecot-lmtpd dovecot-mysql

During the Postfix installation, set-up windows will pop-up for the initial configuration. We need to choose the "internet site" and set a FQDN as our system mail name during the installation phase. This proceeds with the installation of the required packages as below.

Postfix is now set up with a default configuration. If you need to make
changes, edit
/etc/postfix/main.cf (and others) as needed. To view Postfix configuration
values, see postconf(1).

After modifying main.cf, be sure to run '/etc/init.d/postfix reload'.

Running newaliases
Setting up postfix-mysql (3.1.0-3) ...
Processing triggers for libc-bin (2.23-0ubuntu3) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (229-4ubuntu4) ...
Processing triggers for ufw (0.35-0ubuntu2) ...
Processing triggers for dovecot-core (1:2.2.22-1ubuntu2) ..

Create a Database for managing the mail users

Next step is to create a database for managing the email users and domains on our mail server. As I said before, we're managing the email users with this MySQL database. We can install MySQL if it's not installed by running this command apt-get install mysql-server-5.7.

We are going to create a database named "lnmailserver" with three tables as below:

• Virtual domains : For managing domains
• Virtual users : For managing email users
• Virtual Alias : For setting up Aliases

Let's create our databases with all these tables.

• Creating a database named lnmailserver.

mysql> CREATE DATABASE lnmailserver;
Query OK, 1 row affected (0.00 sec)

• Creating a DB user lnmailuser and granting access to this database with a password.

mysql> GRANT SELECT ON lnmailserver.* TO 'lnmailuser'@'127.0.0.1' IDENTIFIED BY 'lnmail123';
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)

• Switching to the database lnmailserver and creating our three tables namely virtual_domains, virtual_users and virtual_aliases with a specification and table format.

mysql> USE lnmailserver;
Database changed
mysql> CREATE TABLE `virtual_domains` (
-> `id` INT NOT NULL AUTO_INCREMENT,
-> `name` VARCHAR(50) NOT NULL,
-> PRIMARY KEY (`id`)
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.01 sec)

mysql> CREATE TABLE `virtual_users` (
-> `id` INT NOT NULL AUTO_INCREMENT,
-> `domain_id` INT NOT NULL,
-> `password` VARCHAR(106) NOT NULL,
-> `email` VARCHAR(120) NOT NULL,
-> PRIMARY KEY (`id`),
-> UNIQUE KEY `email` (`email`),
-> FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.03 sec)

mysql> CREATE TABLE `virtual_aliases` (
-> `id` INT NOT NULL AUTO_INCREMENT,
-> `domain_id` INT NOT NULL,
-> `source` varchar(100) NOT NULL,
-> `destination` varchar(100) NOT NULL,
-> PRIMARY KEY (`id`),
-> FOREIGN KEY (domain_id) REFERENCES virtual_domains(id) ON DELETE CASCADE
-> ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Query OK, 0 rows affected (0.02 sec)

• Adding the domains, users and aliases to each of these tables according to our requirements.

mysql> INSERT INTO `lnmailserver`.`virtual_domains`
-> (`id` ,`name`)
-> VALUES
-> ('1', 'linoxidemail.com'),
-> ('2', 'ubuntu.linoxidemail.com');
Query OK, 2 rows affected (0.00 sec)
Records: 2 Duplicates: 0 Warnings: 0

mysql> INSERT INTO `lnmailserver`.`virtual_users`
-> (`id`, `domain_id`, `password` , `email`)
-> VALUES
-> ('1', '1', ENCRYPT('blogger123', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'blogger1@linoxidemail.com'),
-> ('2', '1', ENCRYPT('blogger321', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'blogger2@linoxidemail.com');
Query OK, 2 rows affected, 2 warnings (0.01 sec)
Records: 2 Duplicates: 0 Warnings: 2

mysql> INSERT INTO `lnmailserver`.`virtual_aliases`
-> (`id`, `domain_id`, `source`, `destination`)
-> VALUES
-> ('1', '1', 'info@linoxidemail.com', 'blogger1@linoxidemail.com');
Query OK, 1 row affected (0.00 sec)

• Verifying each  table contents

mysql> select * from virtual_domains;
+----+-------------------------+
| id | name |
+----+-------------------------+
| 1 | linoxidemail.com |
| 2 | ubuntu.linoxidemail.com |
+----+-------------------------+
2 rows in set (0.00 sec)

mysql> select * from virtual_users;
+----+-----------+------------------------------------------------------------------------------------------------------------+---------------------------+
| id | domain_id | password | email |
+----+-----------+------------------------------------------------------------------------------------------------------------+---------------------------+
| 1 | 1 | $6$da4aa6fc680940d4$jt1plE8Lvo4hcjdP3N0pNxSC/o1ZsN4mpJ4WCcwk2mSqyY7/2l4ayyI7GcipeTf0uwzk5HnWbjddvv/jGomh41 | blogger1@linoxidemail.com |
| 2 | 1 | $6$36d2dc2e68ab56f6$L2b/D44yuT7qXsw22kTFPfxTbEbUuRDhr0RDoBnRc/q/LGcRF3NsLQCyapXdYKyA2zkSE9MJIXL7nHAbbCmlO. | blogger2@linoxidemail.com |
+----+-----------+------------------------------------------------------------------------------------------------------------+---------------------------+
2 rows in set (0.00 sec)

mysql> select * from virtual_aliases;
+----+-----------+-----------------------+---------------------------+
| id | domain_id | source | destination |
+----+-----------+-----------------------+---------------------------+
| 1 | 1 | info@linoxidemail.com | blogger1@linoxidemail.com |
+----+-----------+-----------------------+---------------------------+
1 row in set (0.00 sec)

mysql > exit

Configuring Postfix

Our next step is to modify the Postfix configuration according to our configuration plan of how we need to accept SMTP connections. Before making any changes to the configuration, it is always advised to take a backup for the file.

root@ubuntu:~# cp -rp /etc/postfix/main.cf /etc/postfix/main.cf-bkp

Now we can open up the file and make the following changes.

• Modify the following entries to enable TLS support for the users to connect, specify the SSL certificate which is used to secure the connection.

This section is modified from:

#smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
#smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
#smtpd_use_tls=yes
#smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

To :

smtpd_tls_cert_file=/etc/ssl/certs/dovecot.pem
smtpd_tls_key_file=/etc/ssl/private/dovecot.key
smtpd_use_tls = yes
smtpd_tls_auth_only = yes

I'm using free Dovecot SSL certificates which is specified here. We can generate dovecot self signed SSL certificates with the below command. If you've a valid SSL certificate for your hostname, you can specify those instead.

openssl req -new -x509 -days 1000 -nodes -out "/etc/ssl/certs/dovecot.pem" -keyout "/etc/ssl/private/dovecot.pem"

• We need to add these TLS parameters to the Postfix configuration which makes Postfix to use Dovecot for authentication and to initialize connections.

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination

• We need to comment the "mydestination" default entries and update it to use "localhost" alone.

mydestination = localhost

• Confirm the myhostname part, whether it's set properly as our FQDN hostname.

root@ubuntu:~# grep myhostname /etc/postfix/main.cf
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
myhostname = ubuntu.linoxidemail.com

• Modifying this parameter enables Postfix to use Dovecot's LMTP instead of its own LDA to save emails to the local mailboxes, thereby enabling  local mail delivery for all the domains listed in the MySQL database.
  

  virtual_transport = lmtp:unix:private/dovecot-lmtp

• Last, but not least we need to tell Postfix that we're using external database to manage the domains, users and aliases. We need to add the configuration path to fetch these details from the database tables.

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

Now we need to create these files mentioned above one by one. Please see my file details below:

/etc/postfix/mysql-virtual-mailbox-domains.cf

root@ubuntu:~# cat /etc/postfix/mysql-virtual-mailbox-domains.cf
user = lnmailuser
password = lnmail123
hosts = 127.0.0.1
dbname = lnmailserver
query = SELECT 1 FROM virtual_domains WHERE name='%s'
root@ubuntu:~#

/etc/postfix/mysql-virtual-mailbox-maps.cf

root@ubuntu:~# cat /etc/postfix/mysql-virtual-mailbox-maps.cf
user = lnmailuser
password = lnmail123
hosts = 127.0.0.1
dbname = lnmailserver
query = SELECT 1 FROM virtual_users WHERE email='%s'
root@ubuntu:~#

/etc/postfix/mysql-virtual-alias-maps.cf

root@ubuntu:~# cat /etc/postfix/mysql-virtual-alias-maps.cf
user = lnmailuser
password = lnmail123
hosts = 127.0.0.1
dbname = lnmailserver
query = SELECT destination FROM virtual_aliases WHERE source='%s'

These files describes how Postfix connects with the external database. We need to restart Postfix after making these changes.

root@ubuntu:~# service postfix restart

We need to run these following commands to confirm the connectivity and check whether Postfix is able to fetch the required information from the database.

• To check whether Postfix finds your domain from the database, we can run this. This should return '1' if the attempt is successful.

root@ubuntu:/etc/ssl/certs# postmap -q linoxidemail.com mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
1

• To check whether Postfix finds your required email address from the database, we can run this. This also should return '1' if it goes successful.

root@ubuntu:/etc/ssl/certs# postmap -q blogger1@linoxidemail.com mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
1

• To check whether Posfix finds your email forwarder from the database, we can run this. This should return your email forwarder set if the attempt is successful.

root@ubuntu:/etc/ssl/certs# postmap -q info@linoxidemail.com mysql:/etc/postfix/mysql-virtual-alias-maps.cf
blogger1@linoxidemail.com

Please Note : You can connect securely with your email clients using Postfix on port 587, you can open the port by uncommenting the following part in the Postfix master confguration : /etc/postfix/master.cf. 

You need to restart Postfix after making any changes to the configuration. By using telnet command, you can confirm whether the port is open.

Configuring Dovecot

Our next step is to configure our MDA to allow POP3 or IMAP protocols and other configuration settings to connect to external database and Postfix. We are mainly modifying the following files.

/etc/dovecot/dovecot.conf
/etc/dovecot/conf.d/10-mail.conf
/etc/dovecot/conf.d/10-auth.conf
/etc/dovecot/conf.d/auth-sql.conf.ext
/etc/dovecot/dovecot-sql.conf.ext
/etc/dovecot/conf.d/10-master.conf
/etc/dovecot/conf.d/10-ssl.conf

It's always advised to take backup for these files before making any configuration changes.  We can modify each file one by one.

Modifying the dovecot main configuration file : /etc/dovecot/dovecot.conf

• The following setting is uncommented by default.  But we need to ensure that it is uncommented.

!include conf.d/*.conf

• We can enable all required protocols in this directive. If you need to enable POP3, we can append pop3 to this line and also make sure to install the required dovecot packages "dovecot-pop3d" to enable that.

!include_try /usr/share/dovecot/protocols.d/*.protocol
protocols = imap lmtp

Modifying the Dovecot Mail configuration file : /etc/dovecot/conf.d/10-mail.conf

• We need to find the following  parameter "mail_location" in the configuration and update with our mail storage path. I've my mail folders located inside "/var/mail/vhosts/" folder. Hence, I modified the file path as below:

mail_location = maildir:/var/mail/vhosts/%d/%n

• We need to set the "mail_privileged_group" parameter to "mail".

mail_privileged_group = mail

Once this is done, we need to make we've set proper ownership and permissions for our mail folders. Create the mail folders for each domains which we've registered in the MySQL table inside this folder "/var/mail/vhosts" and set proper ownerships/permissions.

root@ubuntu:~# ls -ld /var/mail
drwxrwsr-x 2 root mail 4096 Apr 21 16:56 /var/mail
root@ubuntu:~# mkdir -p /var/mail/vhosts/linoxidemail.com

Created a separate user/group named "vmail" with an id 5000 and changed the mail folders ownerships to that.
root@ubuntu:~# groupadd -g 5000 vmail
root@ubuntu:~# useradd -g vmail -u 5000 vmail -d /var/mail
root@ubuntu:~# chown -R vmail:vmail /var/mail

Modifying the Dovecot authentication file : /etc/dovecot/conf.d/10-auth.conf

• Disable plain text authentication to ensure security by modifying the below parameter to "yes".

disable_plaintext_auth = yes

• Modify the "auth_mechanisms" parameter as below:

auth_mechanisms = plain login

•  We need to comment the mentioned line and enable the MySQL authentication by uncommenting the auth-sql.conf.ext line as below:

#!include auth-system.conf.ext
!include auth-sql.conf.ext

Modifying the authentication SQL file : /etc/dovecot/conf.d/auth-sql.conf.ext

Make sure your MySQL authentication file looks like this.

 Modifying the Dovecot + MySQL configuration file : /etc/dovecot/dovecot-sql.conf.ext

• We need to uncomment the "driver" parameter and set to MySQL as below:

driver = mysql

• Modify and set the connection parameters as per our database name and user.

connect = host=127.0.0.1 dbname=lnmailserver user=lnmailuser password=lnmail123

• Modify the default_pass_scheme to SHA-512 and password_query line as below:

default_pass_scheme = SHA512-CRYPT
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u';

Please note : Set permissions on the /etc/dovecot directory so the vmail user can use it.

chown -R vmail:dovecot /etc/dovecot
chmod -R o-rwx /etc/dovecot

Modifying Dovecot Master configuration file : /etc/dovecot/conf.d/10-master.conf

We are modifying four sections in this configuration file. IMAP section, local mail transfer section, authentication section and last authenticating worker process section. Please see the screenshots of each section below to view the modifications:

Modifying the SSL configuration :  /etc/dovecot/conf.d/10-ssl.conf

We're modifying this section to enable SSL for the incoming/outgoing connections. This configuration settings are optional. But I'd recommend these for more security.

• Change the SSL parameter to required

ssl = required

• Specify the SSL cert and key file location for our configuration. You can view the screenshot for more details.

You need to restart Dovecot after all these modification.

That's all :) We've completed with our Mail server setup. Hurray!  You can access your email account using your username and password on any of your preferred email client. I could successfully access my email account using these settings below:

I hope you enjoyed reading this article. I would recommend your valuable suggestions and comments on this.
Have a Nice day!

The post How to Setup Postfix Mail Server on Ubuntu 16.04 (Dovecot - MySQL) appeared first on LinOxide.

FFMPEG is a major multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play various audio and video files in different formats.  FFMPEG is a very fast video and audio converter that can also grab from a live audio/video source. It can also convert between arbitrary sample rates and re-size video on the fly with a high quality polyphase filter. It is supported by various library files like libavcodec, libavutil, libavformat, libavfilter, libavdevice, libswscale and libswresample.

libavcodec - an audio/video codec library
libavutil - utility library to aid portable multimedia programming
libavformat - library which provides framework for multiplexing and multiplexing video/audio and subtitle streams
libavfilter -  library which enhances a generic audio/video filtering
libavdevice -  library which  provides a framework grabbing from and rendering to many common multimedia input/output devices framework
libswscale - library enhancing highly optimized image scaling and colorspace and pixel format conversion operations
libswresample - library promoting audio resampling, rematrixing and sample format conversion operations

In short, it is a free software available with libraries and programs to handle multimedia data. It can also be used as a commandline tool in PHP and other programming languages for transcoding multimedia files.

Installation Steps for FFMPEG

We need to install a suitable repofile which includes this FFMPEG package which is the most important step of this installation.

I've tried various repos like RPMforge, EPEL and Webtatic repos in CentOS 7, but these repos lacked FFMPEG packages. Hence, I tried a new repo which is called Nux Dextop. Let's walk through the installation steps.

1. Enable Nux Dextop repo on CentOS 7

It is a third-party RPM repository that contains many popular multimedia related packages for CentOS releases. This repo work only if EPEL repo is enabled in the server. So you need to first make sure that you've enabled EPEL repo.

This is how we install EPEL repo on a CentOS 7 server.

#Install EPEL repo
yum -y install epel-release

After enabling epel repo, go ahead and install Nux Dextop repository.

root@server1 [~]# rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
root@server1 [~]# rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
Retrieving http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
Preparing... ################################# [100%]
Updating / installing...
1:nux-dextop-release-0-1.el7.nux ################################# [100%]
root@server1 [~]#

***IMPORTANT ***

Nux Dextop repository is an architecture independent RPM, so you can install the same RPM on both 32-bit and 64-bit.

We can now verify that the Nux Dextop repository is installed successfully.

2. Install FFMPEG and FFMPEG devel packages

By installing these packages, all the libraries will be installed in parallel.

root@server1 [~]# yum -y install ffmpeg ffmpeg-devel
===============================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================
Installing:
ffmpeg x86_64 2.6.5-1.el7.nux nux-dextop 1.5 M
ffmpeg-devel x86_64 2.6.5-1.el7.nux nux-dextop 286 k
Installing for dependencies:
SDL x86_64 1.2.15-14.el7 base 204 k
alsa-lib x86_64 1.0.28-2.el7 base 391 k
ffmpeg-libs x86_64 2.6.5-1.el7.nux nux-dextop 5.0 M
flac-libs x86_64 1.3.0-5.el7_1 base 169 k
fribidi x86_64 0.19.4-6.el7 base 63 k
gsm x86_64 1.0.13-11.el7 base 30 k
lame-libs x86_64 3.99.5-2.el7 nux-dextop 339 k
libXi x86_64 1.7.4-2.el7 base 40 k
libXtst x86_64 1.2.2-2.1.el7 base 20 k
libXv x86_64 1.0.10-2.el7 base 18 k
libass x86_64 0.13.1-1.el7 epel 90 k
libasyncns x86_64 0.8-7.el7 base 26 k
libavdevice x86_64 2.6.5-1.el7.nux nux-dextop 71 k
libcdio x86_64 0.92-1.el7 base 235 k
libcdio-paranoia x86_64 10.2+0.90-11.el7 base 70 k
libdc1394 x86_64 2.2.2-3.el7 epel 121 k
libogg x86_64 2:1.3.0-7.el7 base 24 k
libraw1394 x86_64 2.1.0-2.el7 base 63 k
libsndfile x86_64 1.0.25-10.el7 base 149 k
libtheora x86_64 1:1.1.1-8.el7 base 136 k
libusbx x86_64 1.0.15-4.el7 base 50 k
libv4l x86_64 0.9.5-4.el7 base 194 k
libva x86_64 1.2.1-3.el7 epel 68 k
libvdpau x86_64 1.1-2.el7 base 32 k
libvorbis x86_64 1:1.3.3-8.el7 base 204 k
mesa-filesystem x86_64 10.6.5-3.20150824.el7 base 23 k
openal-soft x86_64 1.16.0-2.el7 epel 282 k
openjpeg-libs x86_64 1.5.1-10.el7 base 85 k
opus x86_64 1.0.2-6.el7 base 630 k
orc x86_64 0.4.22-5.el7 base 165 k
pulseaudio-libs x86_64 6.0-7.el7 base 576 k
schroedinger x86_64 1.0.11-4.el7 epel 291 k
soxr x86_64 0.1.2-1.el7 epel 77 k
speex x86_64 1.2-0.19.rc1.el7 base 98 k
x264-libs x86_64 0.142-11.20141221git6a301b6.el7.nux nux-dextop 570 k
x265-libs x86_64 1.6-1.el7.nux nux-dextop 476 k
xvidcore x86_64 1.3.2-5.el7.nux nux-dextop 258 k

Transaction Summary
===============================================================================================================================================
Install 2 Packages (+37 Dependent packages)

 

3. Check and confirm FFMPEG version

You can use this command for checking the version of ffmpeg installed and to confirm the configuration set-up.

root@server1 [~]# ffmpeg
ffmpeg version 2.6.5 Copyright (c) 2000-2015 the FFmpeg developers
built with gcc 4.8.3 (GCC) 20140911 (Red Hat 4.8.3-9)
configuration: --prefix=/usr --bindir=/usr/bin --datadir=/usr/share/ffmpeg --incdir=/usr/include/ffmpeg --libdir=/usr/lib64 --mandir=/usr/share/man --arch=x86_64 --optflags='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' --enable-bzlib --disable-crystalhd --enable-gnutls --enable-ladspa --enable-libass --enable-libcdio --enable-libdc1394 --disable-indev=jack --enable-libfreetype --enable-libgsm --enable-libmp3lame --enable-openal --enable-libopenjpeg --enable-libopus --enable-libpulse --enable-libschroedinger --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libv4l2 --enable-libvpx --enable-libx264 --enable-libx265 --enable-libxvid --enable-x11grab --enable-avfilter --enable-avresample --enable-postproc --enable-pthreads --disable-static --enable-shared --enable-gpl --disable-debug --disable-stripping --shlibdir=/usr/lib64 --enable-runtime-cpudetect
libavutil 54. 20.100 / 54. 20.100
libavcodec 56. 26.100 / 56. 26.100
libavformat 56. 25.101 / 56. 25.101
libavdevice 56. 4.100 / 56. 4.100
libavfilter 5. 11.102 / 5. 11.102
libavresample 2. 1. 0 / 2. 1. 0
libswscale 3. 1.101 / 3. 1.101
libswresample 1. 1.100 / 1. 1.100
libpostproc 53. 3.100 / 53. 3.100
Hyper fast Audio and Video encoder
usage: ffmpeg [options] [[infile options] -i infile]... {[outfile options] outfile}...

Use -h to get full help or, even better, run 'man ffmpeg'

Now we have completed with the installation of ffmpeg. You see how simple to install it when we move on the right track.

I will give you an example for converting a mp3 file to oog format using this module on CLI.

Download an mp3 file and execute the ffmpeg command to convert the mp3 file to ogg format.

root@server1 [/usr/local/src]# wget https://ia802508.us.archive.org/5/items/testmp3testfile/mpthreetest.mp3
--2016-02-09 09:01:43-- https://ia802508.us.archive.org/5/items/testmp3testfile/mpthreetest.mp3
Resolving ia802508.us.archive.org (ia802508.us.archive.org)... 207.241.228.198
Connecting to ia802508.us.archive.org (ia802508.us.archive.org)|207.241.228.198|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 198658 (194K)
Saving to: ‘mpthreetest.mp3’

100%[=====================================================================================================>] 1,98,658 999KB/s in 0.2s

2016-02-09 09:01:44 (999 KB/s) - ‘mpthreetest.mp3’ saved [198658/198658]

root@server1 [/usr/local/src]# ffmpeg -i mpthreetest.mp3 -c:a libvorbis -q:a 4 mpthreetest.ogg
ffmpeg version 2.6.5 Copyright (c) 2000-2015 the FFmpeg developers
built with gcc 4.8.3 (GCC) 20140911 (Red Hat 4.8.3-9)
configuration: --prefix=/usr --bindir=/usr/bin --datadir=/usr/share/ffmpeg --incdir=/usr/include/ffmpeg --libdir=/usr/lib64 --mandir=/usr/share/man --arch=x86_64 --optflags='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic' --enable-bzlib --disable-crystalhd --enable-gnutls --enable-ladspa --enable-libass --enable-libcdio --enable-libdc1394 --disable-indev=jack --enable-libfreetype --enable-libgsm --enable-libmp3lame --enable-openal --enable-libopenjpeg --enable-libopus --enable-libpulse --enable-libschroedinger --enable-libsoxr --enable-libspeex --enable-libtheora --enable-libvorbis --enable-libv4l2 --enable-libvpx --enable-libx264 --enable-libx265 --enable-libxvid --enable-x11grab --enable-avfilter --enable-avresample --enable-postproc --enable-pthreads --disable-static --enable-shared --enable-gpl --disable-debug --disable-stripping --shlibdir=/usr/lib64 --enable-runtime-cpudetect
libavutil 54. 20.100 / 54. 20.100
libavcodec 56. 26.100 / 56. 26.100
libavformat 56. 25.101 / 56. 25.101
libavdevice 56. 4.100 / 56. 4.100
libavfilter 5. 11.102 / 5. 11.102
libavresample 2. 1. 0 / 2. 1. 0
libswscale 3. 1.101 / 3. 1.101
libswresample 1. 1.100 / 1. 1.100
libpostproc 53. 3.100 / 53. 3.100
[mp3 @ 0x16e2e40] Estimating duration from bitrate, this may be inaccurate
Input #0, mp3, from 'mpthreetest.mp3':
Metadata:
title : Test of MP3 File
artist : Me
album : Me
date : 2006
comment : test
track : 1
genre : Other
Duration: 00:00:12.42, start: 0.000000, bitrate: 128 kb/s
Stream #0:0: Audio: mp3, 44100 Hz, mono, s16p, 128 kb/s
Output #0, ogg, to 'mpthreetest.ogg':
Metadata:
title : Test of MP3 File
artist : Me
album : Me
date : 2006
comment : test
track : 1
genre : Other
encoder : Lavf56.25.101
Stream #0:0: Audio: vorbis (libvorbis), 44100 Hz, mono, fltp
Metadata:
encoder : Lavc56.26.100 libvorbis
title : Test of MP3 File
artist : Me
album : Me
date : 2006
DESCRIPTION : test
TRACKNUMBER : 1
genre : Other
Stream mapping:
Stream #0:0 -> #0:0 (mp3 (native) -> vorbis (libvorbis))
Press [q] to stop, [?] for help
size= 105kB time=00:00:12.40 bitrate= 69.1kbits/s
video:0kB audio:100kB subtitle:0kB other streams:0kB global headers:3kB muxing overhead: 4.706274%

Now our MP3 test file is converted to Vorbis (ogg) audio compression format which is much better compared to mp3.

Similarly, we can encode, decode and convert any video, images or audio file formats using this commandline tool. We can even make use this module in PHP by proper coding. You can get more information on using this tool by referring to the manual page which you can get by running the command "man ffmpeg".

root@server1 [~]# man ffmpeg

I hope you enjoyed reading this documentation on FFMPEG. I would recommend your valuable suggestions and comments on this!

Have a Nice Day :)

The post How to Install FFMPEG on CentOS 7 appeared first on LinOxide.

ICINGA2 is an open source monitoring system which checks the availability of your network resources, services, notifies users of outages and generates performance data for reporting. It is an advanced form of Nagios and it has a better web interface compared to it. It is developed with a much user-friendly web interface with more options and it is more responsive and customizable. Above all, the communication between the monitoring server and the client nodes has become more secure in this version.

In this article, I'll explain how to set up an Icinga2 server with Web 2 interface on Ubuntu 16.04 server. Let's walk through the step by step instructions on how to build our monitoring system.

Adding Repositories

Firs of all, we need to add our Icinga2 repositories to our server. We need to enable the add-repository feature and then add its repositories to our repository packages and update the packages.

root@ubuntu:~# apt install software-properties-common

root@ubuntu:~# add-apt-repository ppa:formorer/icinga

root@ubuntu:~#apt-get update

Installing Icinga2

Now we can install from the added repository.

root@ubuntu:~# apt-get install icinga2

Once the installation is complete. Make sure the service is up and running fine.

root@ubuntu:~# systemctl enable icinga2.service
Synchronizing state of icinga2.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable icinga2
root@ubuntu:~# systemctl start icinga2.service

● icinga2.service - Icinga host/service/network monitoring system
Loaded: loaded (/lib/systemd/system/icinga2.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2016-06-26 07:18:44 UTC; 4h 2min ago
Process: 29178 ExecStartPre=/usr/lib/icinga2/prepare-dirs /usr/lib/icinga2/icinga2 (code=exited, status=0/SUCCESS)
Main PID: 29262 (icinga2)
Tasks: 16 (limit: 512)
CGroup: /system.slice/icinga2.service
└─29262 /usr/lib/x86_64-linux-gnu/icinga2/sbin/icinga2 --no-stack-rlimit daemon -e

Enabling the Feature list

By default, Icinga2 enables the following features. But we can confirm the enabled settings by running this command as below:

root@ubuntu:~# icinga2 feature list
Disabled features: api command compatlog debuglog gelf graphite icingastatus livestatus opentsdb perfdata statusdata syslog
Enabled features: checker mainlog notification

The following features are enabled by default:

Checker : This feature enables the execution of checks.

Mainlog: This feature enables the logging.

Notification : This feature enables notification mechanism.

Install Icinga2 plugin

Icinga2 will collect the service information based on the monitoring plugins. Here we're installing nagios plugins for this function.

root@ubuntu:~# apt-get install nagios-plugins

Installing Data Output (IDO) Module

I'm using MySQL as the external database. Hence, we need to install the MySQL IDO module which is used for Icinga2 web interface. It is used for exporting all configuration and status information into its database. We need to install MySQL on our server, if it's not installed before.

root@ubuntu:~# apt-get install mysql-server-5.7

root@ubuntu:~# apt-get install icinga2-ido-mysql
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
mysql-server
The following NEW packages will be installed:
icinga2-ido-mysql
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/113 kB of archives.
After this operation, 686 kB of additional disk space will be used.
Preconfiguring packages ...
Determining localhost credentials from /etc/mysql/debian.cnf: succeeded.
Selecting previously unselected package icinga2-ido-mysql.
(Reading database ... 27776 files and directories currently installed.)
Preparing to unpack .../icinga2-ido-mysql_2.4.1-2ubuntu1_amd64.deb ...
Unpacking icinga2-ido-mysql (2.4.1-2ubuntu1) ...
Setting up icinga2-ido-mysql (2.4.1-2ubuntu1) ...
Determining localhost credentials from /etc/mysql/debian.cnf: succeeded.
dbconfig-common: writing config to /etc/dbconfig-common/icinga2-ido-mysql.conf
dbconfig-common: flushing administrative password

Once the IDO module is installed. We need to setup our MySQL DB to accept the values using this module. I created a database named "Icinga2" with the username "Icinga2" and password "Icinga123"

root@ubuntu:~# mysql -u root -p
mysql> Create database icinga2;
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icinga2.*TO 'icinga2'@'localhost' IDENTIFIED BY 'icinga123';
mysql> flush privileges;

root@ubuntu:~# icinga2 feature enable ido-mysql
warning/cli: Feature 'ido-mysql' already enabled.

After enabling this module and creating our database we need to restart our Icinga2 service. Please make sure the IDO MySQL configuration file is properly set with correct DB credentials.

root@ubuntu:~# cat /etc/icinga2/features-enabled/ido-mysql.conf
/**
* The db_ido_mysql library implements IDO functionality
* for MySQL.
*/

library "db_ido_mysql"

object IdoMysqlConnection "ido-mysql" {
user = "icinga2",
password = "icinga123",
host = "localhost",
database = "icinga2"
}

Installing Icinga Web2 Plugin

In Ubuntu 16.05, PHP 7.0 is the default version, there are a lot more compactablity issues for Icinga2 with PHP 7.0. Hence, prior to this installation, we need to install PHP 5.6 version. For installing PHP 5.6 on my server. I need to enable a "ondrej/php" repository. Please see the steps below:

root@ubuntu:/usr#add-apt-repository ppa:ondrej/php
root@ubuntu:/usr#apt-get install php5.6
root@ubuntu:/usr# php -v
PHP 5.6.22-4+deb.sury.org~xenial+1 (cli)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

I'm going to use MySQL database to save all instincts of my Icinga2 Web interface. For that, create a database and grant all privileges for the user on that DB as below:

root@ubuntu:/usr/share/icingaweb2# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 18
Server version: 5.7.11-0ubuntu6 (Ubuntu)

Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>
mysql> create database icingawebdb;

mysql> GRANT SUPER ON *.* TO 'icingaweb'@'localhost' IDENTIFIED BY 'icinga123';
Query OK, 0 rows affected, 1 warning (0.00 sec)

mysql> GRANT SELECT, INSERT, UPDATE, DELETE, DROP, CREATE VIEW, INDEX, EXECUTE ON icingawebdb.*TO 'icingaweb'@'localhost' IDENTIFIED BY 'icinga123';

After creating the database, we can install the Web interface plugin and configure it one by one.  Apache2 and other web packages  along with PHP modules gets installed along with this plugin.

root@ubuntu:~# apt-get install icingaweb2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
apache2 apache2-bin apache2-data apache2-utils fontconfig-config fonts-dejavu fonts-dejavu-core fonts-dejavu-extra icingaweb2-module-doc
icingaweb2-module-monitoring libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libfontconfig1 libfreetype6 libgd3 libjbig0
libjpeg-turbo8 libjpeg8 liblua5.1-0 libtiff5 libvpx3 libxpm4 libzend-framework-php php php-common php-dompdf php-font-lib php-gd

Once this is installed, we can call this URL  in browser to "http://IP//icingaweb2/setup".

Configuring Icinga Web2 plugin

Our next step is to configure web interface. Please navigate through the screenshots to get more clarity on that.

Step 1 : Creating the token.

The initial setup page come up with a message to authenticate our Icingaweb user and create a token to proceed with the configuration.

To run this wizard a user needs to authenticate using a token which is usually provided to him by an administrator who'd followed the instructions below.

In any case, make sure that all of the following applies to your environment:

A system group called "icingaweb2" exists
The user "www-data" is a member of the system group "icingaweb2"

addgroup --system icingaweb2; usermod -a -G icingaweb2 www-data;

If you've got the IcingaCLI installed you can do the following:
icingacli setup config directory --group icingaweb2; icingacli setup token create;

In case the IcingaCLI is missing you can create the token manually:
su www-data -c "mkdir -m 2770 /etc/icingaweb2; chgrp icingaweb2 /etc/icingaweb2; head -c 12 /dev/urandom | base64 | tee /etc/icingaweb2/setup.token; chmod 0660 /etc/icingaweb2/setup.token;";

Please see the Icinga Web 2 documentation for an extensive description on how to access and use this wizard.

We can just follow these instructions and provide the token key generated to the "Setup Token" column. This is how I did it.

root@ubuntu:/usr/local/src# addgroup --system icingaweb2
addgroup: The group `icingaweb2' already exists as a system group. Exiting.
root@ubuntu:/usr/local/src# usermod -a -G icingaweb2 www-data

root@ubuntu:/usr/local/src# icingacli setup config directory --group icingaweb2;
Successfully created configuration directory /etc/icingaweb2
root@ubuntu:/usr/local/src# icingacli setup token create;
The newly generated setup token is: 1951e1eb11110e65

By providing the token, it will proceed to the next step.

Step 2 : Selecting the Modules.

After providing the token, it'll move to the next section for selecting the modules. We can choose the preferred modules to proceed to the next step.

Step 3 : Verifying the PHP settings.

To proceed further, we need to install the missing PHP modules and set proper timezone. You can install the required modules using the commands below:

#apt-get install php5.6-gd php5.6-json  php5.6-dba php5.6-intl php5.6-ldap php5.6-pdo-mysql php5.6-imagick php5.6-dom

Furthermore, you can set a proper time zone in the PHP configuration file.

After meeting the required settings, you can proceed with the next stage.

Step 5 : Authenticating Methods

We need to choose the preferred authentication means to proceed with the installation. As I discussed before, I preferred to choose database type for this.

Step 6 :  Fill out the database details which is used for authentication.

We need to enter the database details which we created for the web interface here. We can either create this prior to the setup or during this step from CLI. We need to make sure to provide this user, sufficient privileges over this database.

Step 7 : Creating Icinga Web administration users to manage the interface.

After authenticating our database resources successfully, we need to create the Administrative account for managing the Icinga2 Web interface. Please provide the preferred username and password to manage the interface.

Step 8 : Choosing the Application configuration options.

Next is to set the application configuration according to our needs. And proceed to the next stage.

Step 9 : Reviewing all chosen settings.

These stage will brief you with all the settings which you've done until now. We can confirm the settings and proceed further.

Step 10 : Configuring Monitoring Module.

Now we've completed with the authentication part and it follows with the configuration of the monitoring module.

As we discussed before, Icinga IDO module exports all status information and configuration parts to the Icinga main database. Hence, we need to select this module and configure it properly to update the database with the information.

Here we need to provide the main database information to proceed. Fill out the database details here. Make sure to set proper privileges for the database user for any modifications.

This choose the transport medium for monitoring instance.

We don't need to make any modification in this step. Just proceed with clicking 'Next".

Step 11 : Reviewing the Monitoring module configuration options

This stage will brief you with all the monitoring module configuration part which you've selected. You can just confirm the settings and proceed further to complete the setup.

Final Step : Login to the Web interface.

Now we can continue to login to the Icinga Web 2 interface with the login credentials created during the setup.

Our master node is added by default to this system. We can see the service notifications for our master Icinga server over here. Or you can just browse this URL http://IP/icingaweb2/ to access the web interface.

We can add any number of nodes to this system for monitoring. In my next article, I will provide you guidelines on how to add host nodes to our Icinga2 master server. I hope you enjoyed reading this article. I would recommend your valuable comments and suggestions on this.

The post How to Install Icinga2 on Ubuntu 16.04 appeared first on LinOxide.

In my previous article, I've explained how to install and configure an Icinga2 with Icinga Web2 interface. Now it's time to introduce some hosts to our monitoring system.  Unlike Nagios, we can add the hosts automatically to the Icinga2 systems. The configuration is quite simple and easy compared to other monitoring systems.

As stated before,  the communication between the monitoring server and the client nodes are more secure comparing other versions. All communications are secured by TLS connections with certificates which is setup by Icinga2 servers on initialization.

Let's start with the procedures on how to add a hosts to our monitoring system. You can take a look at the work flow.

Configuring Icinga2 Master Node

We've already setup our Icinga2 master node, now we need to make the following initialization to allow our host nodes and connect to them securely. We need to run this command " icinga2 node wizard" to run the setup wizard.

root@ubuntu:~# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.

The setup wizard will ask you whether this is a satellite or master setup. Since we run this on the master server we can type 'n'. By typing 'n', it installs the master setup and start generating the certificates for secured TLS communication.

Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: n
Starting the Master setup routine...
Please specifiy the common name (CN) [ubuntu.icinga-master.com]:
Checking for existing certificates for common name 'ubuntu.icinga-master.com'...
Certificates not yet generated. Running 'api setup' now.
information/cli: Generating new CA.
information/base: Writing private key to '/var/lib/icinga2/ca/ca.key'.
information/base: Writing X509 certificate to '/var/lib/icinga2/ca/ca.crt'.
information/cli: Generating new CSR in '/etc/icinga2/pki/ubuntu.icinga-master.com.csr'.
information/base: Writing private key to '/etc/icinga2/pki/ubuntu.icinga-master.com.key'.
information/base: Writing certificate signing request to '/etc/icinga2/pki/ubuntu.icinga-master.com.csr'.
information/cli: Signing CSR with CA and writing certificate to '/etc/icinga2/pki/ubuntu.icinga-master.com.crt'.
information/cli: Copying CA certificate to '/etc/icinga2/pki/ca.crt'.
Generating master configuration for Icinga 2.
information/cli: Adding new ApiUser 'root' in '/etc/icinga2/conf.d/api-users.conf'.
information/cli: Enabling the 'api' feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.

We don't need to change the ports, so leave it as it is.

Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []:
information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

After running this setup wizard, you need to restart the Icinga2 service.

root@ubuntu:~# systemctl restart icinga2

Installing and Configuring Icinga2-Client

We need to install Icinga2 on the host node as the initial step. For that, we need to add the Icinga2 repository to the host node and update the APT repository packages.

root@ubuntu:~# apt install software-properties-common
root@ubuntu:~# add-apt-repository ppa:formorer/icinga
This PPA provides Icinga 1, Icinga 2 and Icinga web Packages for Ubuntu. They are directly derived from the Debian Packages that I maintain within Debian.
More info: https://launchpad.net/~formorer/+archive/ubuntu/icinga
Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keyring `/tmp/tmpcrlq876s/secring.gpg' created
gpg: keyring `/tmp/tmpcrlq876s/pubring.gpg' created
gpg: requesting key 36862847 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmpcrlq876s/trustdb.gpg: trustdb created
gpg: key 36862847: public key "Launchpad PPA for Alexander Wirt" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
OK
root@ubuntu:~#apt-get update
root@ubuntu:~# apt-get install icinga2
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
icinga2-bin icinga2-common icinga2-doc libboost-program-options1.58.0 libboost-regex1.58.0 libboost-system1.58.0 libboost-thread1.58.0
libicinga2 libyajl2 monitoring-plugins-basic monitoring-plugins-common
Suggested packages:
icinga2-studio vim-icinga2 icinga | icinga | nagios3
The following NEW packages will be installed:

Creating config file /etc/nagios-plugins/config/dhcp.cfg with new version

Creating config file /etc/nagios-plugins/config/disk.cfg with new version

Creating config file /etc/nagios-plugins/config/dummy.cfg with new version

Creating config file /etc/nagios-plugins/config/ftp.cfg with new version

Creating config file /etc/nagios-plugins/config/http.cfg with new version

Creating config file /etc/nagios-plugins/config/load.cfg with new version

Creating config file /etc/nagios-plugins/config/mail.cfg with new version

Creating config file /etc/nagios-plugins/config/news.cfg with new version

Creating config file /etc/nagios-plugins/config/ntp.cfg with new version

Creating config file /etc/nagios-plugins/config/ping.cfg with new version

Creating config file /etc/nagios-plugins/config/procs.cfg with new version

Creating config file /etc/nagios-plugins/config/real.cfg with new version

Creating config file /etc/nagios-plugins/config/ssh.cfg with new version

Creating config file /etc/nagios-plugins/config/tcp_udp.cfg with new version

Creating config file /etc/nagios-plugins/config/telnet.cfg with new version

Creating config file /etc/nagios-plugins/config/users.cfg with new version
Setcap for check_icmp and check_dhcp worked!
Processing triggers for libc-bin (2.23-0ubuntu3) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (229-4ubuntu4) ...

Now we need to run the set-up Wizard on our host node and install the Satellite setup.

root@ubuntu:~# icinga2 node wizard
Welcome to the Icinga 2 Setup Wizard!

We'll guide you through all required configuration details.

Since, this is our Satelite setup, we need to type 'Y' to proceed with our Satellite setup.

Please specify if this is a satellite setup ('n' installs a master setup) [Y/n]: yes

This will proceeds with the Satellite node setup and installs the required certificates for TLS communication.

Starting the Node setup routine...
Please specifiy the common name (CN) [host1.icinga2server.com]:
Please specify the master endpoint(s) this node should connect to:
Master Common Name (CN from your master setup): ubuntu.icinga-master.com
Do you want to establish a connection to the master from this node? [Y/n]: y
Please fill out the master connection information:
Master endpoint host (Your master's IP address or FQDN): 139.162.55.62
Master endpoint port [5665]:
Add more master endpoints? [y/N]:
Please specify the master connection for CSR auto-signing (defaults to master endpoint host):
Host [139.162.55.62]:
Port [5665]:
information/base: Writing private key to '/etc/icinga2/pki/host1.icinga2server.com.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/host1.icinga2server.com.crt'.
information/cli: Fetching public certificate from master (139.162.55.62, 5665):

Certificate information:

Subject: CN = ubuntu.icinga-master.com
Issuer: CN = Icinga CA
Valid From: Jun 26 06:49:50 2016 GMT
Valid Until: Jun 23 06:49:50 2031 GMT
Fingerprint: 13 8A 73 C5 36 E7 1D DA FE 9D E1 E6 1E 32 ED E2 3C 6B 48 E8

Is this information correct? [y/N]: yes

We need to provide the host information and Master server information to complete the Node setup. After providing the details, it will enter CSR auto signing. After this, Icinga 2  saves some configuration on the host node and  setup a secure connection with it.

After saving these certificates, it needs to be validated by the master to prove that you’re actually in command of both servers and approve of this secure communication. For that, I run this "icinga2 pki ticket --cn 'host1.icinga2server.com"  on my master server and provided the code generated  in the Node setup to proceed further.

Please specify the request ticket generated on your Icinga 2 master.
(Hint: # icinga2 pki ticket --cn 'host1.icinga2server.com'): 836289c1bcd427879b06703dfb35aa122bf89dc2
information/cli: Requesting certificate with ticket '836289c1bcd427879b06703dfb35aa122bf89dc2'.

warning/cli: Backup file '/etc/icinga2/pki/host1.icinga2server.com.crt.orig' already exists. Skipping backup.
information/cli: Writing signed certificate to file '/etc/icinga2/pki/host1.icinga2server.com.crt'.
information/cli: Writing CA certificate to file '/etc/icinga2/pki/ca.crt'.

After signing the certificates, it askes for the API/bind port. We can skip this sections as before and proceed with the reset of the configurations.

Please specify the API bind host/port (optional):
Bind Host []:
Bind Port []:
Accept config from master? [y/N]: y
Accept commands from master? [y/N]: y
information/cli: Disabling the Notification feature.
Disabling feature notification. Make sure to restart Icinga 2 for these changes to take effect.
information/cli: Enabling the Api listener feature.
Enabling feature api. Make sure to restart Icinga 2 for these changes to take effect.

information/cli: Created backup file '/etc/icinga2/features-available/api.conf.orig'.
information/cli: Generating local zones.conf.
information/cli: Dumping config items to file '/etc/icinga2/zones.conf'.
information/cli: Created backup file '/etc/icinga2/zones.conf.orig'.
information/cli: Updating constants.conf.
information/cli: Created backup file '/etc/icinga2/constants.conf.orig'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
information/cli: Updating constants file '/etc/icinga2/constants.conf'.
Done.

Now restart your Icinga 2 daemon to finish the installation!

Once the Node setup is complete, we need to restart the Icinga2 daemon on the Host side.

Updating the configurations from client to master

Now we can go back to our Master server and confirm with the host addition. We can run this command to list the host nodes and services added to the server.

root@ubuntu:~# icinga2 node list
Node 'host1.icinga2server.com' (last seen: Sun Jun 26 07:03:40 2016)
* Host 'host1.icinga2server.com'
* Service 'apt'
* Service 'disk'
* Service 'disk /'
* Service 'http'
* Service 'icinga'
* Service 'load'
* Service 'ping4'
* Service 'ping6'
* Service 'procs'
* Service 'ssh'
* Service 'swap'
* Service 'users'
root@ubuntu:~#

Now we need to update Icinga2 master configuration to update these modification and to add the host nodes to the monitoring checks.

root@ubuntu:~#icinga2 node update-config
root@ubuntu:~# systemctl restart icinga2

Finally we can restart the services to save these changes and view our host node in the Icinga Web2 interface. We can login to the Icinga Web interface at http://139.162.55.62/icingaweb2/ with our admin credentials and confirm the host status.

Managing Services in Icinga2

As you can see from my above screenshot, http service is showing critical in my client server. I've not installed Apache on my client server, hence I don't actually need the HTTP service to be monitored in our client server. Let's see how I'm going to remove that service from the monitoring services.

When a client server is added to the Master, it creates a folder for that client server inside the repository.d folder on the Master server in the Icinga2 configuration path with its hostname as below:

root@ubuntu:/etc/icinga2/repository.d/hosts# ls -l
total 8
drwxr-x--- 2 nagios nagios 4096 Jun 26 07:04 host1.icinga2server.com
-rw-r--r-- 1 root root 100 Jun 26 07:04 host1.icinga2server.com.conf
root@ubuntu:/etc/icinga2/repository.d/hosts#

We need to get inside the client folder "host1.icinga2server.com" and view the service files which are added to the hosts on initialization.

root@ubuntu:/etc/icinga2/repository.d/hosts/host1.icinga2server.com# ls -l
total 48
-rw-r--r-- 1 root root 152 Jun 26 07:04 apt.conf
-rw-r--r-- 1 root root 155 Jun 26 07:04 disk %2F.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 disk.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 http.conf
-rw-r--r-- 1 root root 155 Jun 26 07:04 icinga.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 load.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 ping4.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 ping6.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 procs.conf
-rw-r--r-- 1 root root 152 Jun 26 07:04 ssh.conf
-rw-r--r-- 1 root root 153 Jun 26 07:04 swap.conf
-rw-r--r-- 1 root root 154 Jun 26 07:04 users.conf

We can see all the service configuration files for that particular host residing inside this folder. Now we need to remove those service check file which we need to disable from the monitoring.

For example : In our case, we need to disable http service, hence, I'm moving http.conf from this folder. Either you can remove it or just move these files.

root@ubuntu:/etc/icinga2/repository.d/hosts/host1.icinga2server.com# mv http.conf http.conf-disabled

After making any changes we need to reload the Icinga2 service on the server.

root@ubuntu:/etc/icinga2# service icinga2 reload

We can confirm it from the web interface, whether that services are removed.

But this service monitoring can be re-enabled on updating the node configuration on the Master server. if that service is still listed for that client as below:

root@ubuntu:~# icinga2 node list
Node 'host1.icinga2server.com' (last seen: Wed Jun 29 12:31:20 2016)
* Host 'host1.icinga2server.com'
* Service 'Icinga Web 2'
* Service 'apt'
* Service 'disk'
* Service 'disk /'
* Service 'http'
* Service 'icinga'
* Service 'load'
* Service 'ping4'
* Service 'ping6'
* Service 'procs'
* Service 'ssh'
* Service 'swap'
* Service 'users'

Therefore, we need to remove this from the node list. Let's see how we can do that.

1. Login to the Client server and move to the folder called "/etc/icinga2/conf.d", there we can see the hosts.conf file.

root@host1:/etc/icinga2/conf.d# ls -l
total 48
-rw-r--r-- 1 root root 35 May 19 12:56 app.conf
-rw-r--r-- 1 root root 114 May 17 11:03 apt.conf
-rw-r--r-- 1 root root 1300 May 19 12:56 commands.conf
-rw-r--r-- 1 root root 542 May 19 12:56 downtimes.conf
-rw-r--r-- 1 root root 638 May 19 12:56 groups.conf
-rw-r--r-- 1 root root 1501 May 19 12:56 hosts.conf
-rw-r--r-- 1 root root 674 May 19 12:56 notifications.conf
-rw-r--r-- 1 root root 801 May 19 12:56 satellite.conf
-rw-r--r-- 1 root root 2131 Jun 29 06:37 services.conf
-rw-r--r-- 1 root root 1654 May 19 12:56 templates.conf
-rw-r--r-- 1 root root 906 May 19 12:56 timeperiods.conf
-rw-r--r-- 1 root root 308 May 19 12:56 users.conf

Now we need to edit the hosts.conf file and comment the http service check part from there.

Restart the Icinga2 service on Client server to update these changes.

2. Move back to your Master server, reload the Icinga2 service and update the node configuration.

root@ubuntu:/etc/icinga2# service icinga2 reload

root@ubuntu:/etc/icinga2# icinga2 node update-config

Now we can confirm the removal of http service from Master configuration.

root@ubuntu:~# icinga2 node list
Node 'host1.icinga2server.com' (last seen: Wed Jun 29 12:46:51 2016)
* Host 'host1.icinga2server.com'
* Service 'Icinga Web 2'
* Service 'apt'
* Service 'disk'
* Service 'disk /'
* Service 'icinga'
* Service 'load'
* Service 'ping4'
* Service 'ping6'
* Service 'procs'
* Service 'ssh'
* Service 'swap'
* Service 'users'

Likewise, we can add or remove any services in Icinga2. I believe this article is informative and helpful. I would recommend your valuable suggestions and comments on this. Happy Reading :)

The post How to Add Host and Manage Services in Icinga2 appeared first on LinOxide.

GO is a general purpose system programming language which means that you can build wide variety of application using it. It is purely an open source language developed by Google. It has cross platform, which supports all major operating systems.

Go source code is compared to a binary executable or library, this results in a very high performance when running Go application. Compilation speed for the Go applications are really fast. In a nutshell, Go is an elegant language with a clean and concise specifications that are readable and comprehensive. One of the major strengths of Golang is its concurrency, which means multiple process of the Go applications can run at same time.

In this article, I'll explain how to install Go language on our latest Linux distributions of Ubuntu and CentOS.

Install Go language on Ubuntu (16.04)

Go language and its tool kits are available in  our base repositories in all the major operating systems. We can install Go language in Ubuntu by just running this command.

root@ubuntu:~# apt-get install golang

root@ubuntu:~# go version
go version go1.6.1 linux/amd64

Now, we need to place the Go codes inside a work directory where, we can build the Go tools and install its binaries. I created a directory for Go codes in /home folder.

root@ubuntu:~# mkdir /home/go

Create a file "/etc/profile.d/goenv.sh" for setting up Go environment variable server-wide as below:

root@ubuntu:~# cat /etc/profile.d/goenv.sh
export GOROOT=/usr/lib/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin

root@ubuntu:~# source /etc/profile.d/goenv.sh

Install Go language on CentOS 7

As I explained before, it is quite easy to install Go Language in Redhat Based distributions too. It is available in their base repository packages. We can install it by just running this command below:

[root@localhost ~]# yum install golang

it will install all required packages for this language.

You can confirm with the Go version installed.

[root@localhost ~]# go version
go version go1.4.2 linux/amd64

We can manage the Go source codes using the "Go" tool. There are many commands which can be used with Go tool. Here are the list of them.

We can get more information regarding each command usage by executing "go command help" like go build help or go install help.

You can create a work folder in this installation too, which will help you to build and install its binaries. Furthermore, create the environment variables server-wide..

[root@Centos7 ~]# mkdir ~go

[root@Centos7 ~]# source /etc/profile.d/goenv.sh

[root@Centos7 ~]# cat /etc/profile.d/goenv.sh
export GOROOT=/usr/lib/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin

Install latest version 1.6 from Source

If you notice, in the above installations, you can see that the versions of Go language packages installed is different in two distributions. This means that it's not mandatory to have the latest versions available on our base repository packages. So whenever we need to install the latest package, we can download it direct from the source and install. Let's see how to do that.

Depending on our server architecture, we can download the required package and extract to install.

[root@server1 src]# wget https://storage.googleapis.com/golang/go1.6.2.linux-amd64.tar.gz

2016-07-01 07:50:26 (93.6 MB/s) - ‘go1.6.2.linux-amd64.tar.gz’ saved [84840658/84840658]

[root@server1src]# tar -xzvf go1.6.2.linux-amd64.tar.gz -C /usr/local/

I've downloaded the package for a 64 bit architecture. You can create a work folder set environment variables server-wide as before.

root@server1~]# mkdir ~go

[root@Centos7 ~]# cat /etc/profile.d/goenv.sh
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin

[root@s ~]# source /etc/profile.d/goenv.sh

[root@server1 bin]# go version
go version go1.6.2 linux/amd64

The only difference in creating environment variable is that, here the Go libraries reside inside our /usr/local folder comparing the above cases.

A Simple program in Go

Now we can test our installation by creating a test program. Our first sample program will print the  “hello world” message.  Create a file to print "helloworld.go".

Now we need to run this program using go command.

 [root@Centos7 ~]# go run helloworld.go
hello world

At times, we’ll need to build our programs into binaries. We can use build command for that.

[root@Centos7 ~]# go build helloworld.go
[root@Centos7 ~]# ls
helloworld helloworld.go

We can then execute the built binary directly like this.

[root@Centos7 ~]# ./helloworld
hello world

If this works, means you've built your Go successfully :)

You can get more examples of this program to start learning. I hope you enjoyed reading this article. I would recommend your valuable suggestions and comments on this.Have a Good day!

The post How to Install Go on Ubuntu Linux and CentOS appeared first on LinOxide.

Git is an open source, distributed, version control system designed to handle every type of projects from small to big with speed and efficiency. It is easy to learn and has a low memory consumption with lightning speed performance. It surpasses several other SCM tools like Subversion, CVS, Perforce and ClearCase with features like cheap local branching, convenient staging areas, and multiple workflows.

Moreover, Git 2.9.0 has a variety of features and bug fixes in comparison with rest of the versions, some of the advanced features of Git 2.9 making it prominent from rest is as below:

• Faster and more flexible submodules : It brings support for cloning and updating submodules in parallel.
• Beautiful diff usages : It adds a new experimental heuristics for diff handling.
• Testing commits with Git interactive rebase

Advantages of GIT over others SCM tools

• Branching and Merging
• Small and Fast
• Distributed
• Data Assurance
• Staging Area
• Free and opensource

In this article, I'll demonstrate how to install the latest Git version  on an Ubuntu 16.04 server. Let's start with the installation steps.

Installing Git

On an Ubuntu server, we can install Git packages from their repositories by just running this command.

root@ubuntu:~# apt-get update
root@ubuntu:~# apt-get install git

But it's not mandatory that we get the latest Git release packages by installing this way. In such case, we prefer to install Git by downloading from their source packages. We can download our Git release packages here.

I'll explain the steps on how I installed the latest Git 2.9.0 version on my system.

Download the Git files

Step 1 : Download the Git 2.9 package from the above download link

root@ubuntu:~# wget https://github.com/git/git/archive/v2.9.0.zip
root@ubuntu:~# unzip v2.9.0.zip

Install the unzip module if it's not present in the server by just running this command "apt install unzip".

Configure and Build

Step 2 : Move to the extracted Git folder and start configuring. First, we need to make the configure and build the Git package. Inorder to make the configuration part to work, we need to install autoconf in our server.

root@ubuntu:~/git-2.9.0# apt-get install autoconf

root@ubuntu:~/git-2.9.0# make configure
GEN configure
root@ubuntu:~/git-2.9.0# ./configure --prefix=/usr/local

After installing autoconf, we can create the configure file for Git and start configuring using the above command.

But during the configuration time, if you come across a similar error, please install the following package.

Error:

configure: error: in `/root/git-2.9.0':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details

 Fix : 

root@ubuntu:~/git-2.9.0# apt-get install gcc

You can install gcc package to enable the C compiler on your server and complete the configuration part smoothly like this.

root@ubuntu:~/git-2.9.0# ./configure --prefix=/usr/local
checking for BSD sysctl... no
checking for POSIX Threads with ''... no
checking for POSIX Threads with '-mt'... no
checking for POSIX Threads with '-pthread'... yes
configure: creating ./config.status
config.status: creating config.mak.autogen
config.status: executing config.mak.autogen commands

Our next step is to build the Git packages. We can still building the package by running this make command.

root@ubuntu:~/git-2.9.0# make prefix=/usr/local

PS : At times, you may come across some errors while running this, due to some missing packages.

Errors :

root@ubuntu:~/git-2.9.0# make prefix=/usr/local
CC credential-store.o
In file included from credential-store.c:1:0:
cache.h:40:18: fatal error: zlib.h: No such file or directory
compilation terminated.
Makefile:1935: recipe for target 'credential-store.o' failed
make: *** [credential-store.o] Error 1

/bin/sh: 1: msgfmt: not found
Makefile:2094: recipe for target 'po/build/locale/pt_PT/LC_MESSAGES/git.mo' failed
make: *** [po/build/locale/pt_PT/LC_MESSAGES/git.mo] Error 127

In order to rectify these errors, you can install the following packages which is needed by the Git.

apt-get install zlib1g-dev
apt-get install tcl-dev
apt-get install libssl-dev
apt-get install gettext

After fixing these errors, you can re-run these make commands to complete the build process.

root@ubuntu:~/git-2.9.0# make prefix=/usr/local
root@ubuntu:~/git-2.9.0# make prefix=/usr/local install

Now we can confirm our Git installation. You can set the environment variable to fetch the Git libraries from /usr/local by running ldconfig.

root@ubuntu:~# git version
git version 2.9.0

Git Setup

Git comes with a tool called git config which allows you to get and set configuration variables that control all aspects of how Git works. These variables can be stored in three different places:

/etc/gitconfig file : This file contains values for every user on the system and all their repositories.

git config --system : This option will reads and writes from this file specifically.

~/.gitconfig or ~/.config/git/config file : This file is specific to each user.

git config --global : This option will reads and writes from this file specifically.

.git/config : config file in the Git directory of whatever repository you’re currently using. This file is specific to that single repository.

git config --local : This option will reads and writes from this file specifically.

Creating your Identity

First thing, which you need to do after the Git Installation is marking your identity. You need to set your username and email address. This is important why because Git commit uses this information and it's immutably attached into the commits which you're creating.

root@ubuntu:~# git config --global user.name "Saheetha Shameer"
root@ubuntu:~# git config --global user.email linoxide1@gmail.com

Checking your Git settings

You can check your current Git settings by using the command git config --list. This will list all Git settings.

root@ubuntu:~# git config --list
user.name=Saheetha Shameer
user.email=saheetha1@gmail.com

You can also check the status by typing a specific key value like this

root@ubuntu:~# git config user.name
Saheetha Shameer

Git Commands

You can get more about Git commands by running the git help command. Here are some of the common Git commands and their uses.

You can get the Git Manual page by running this command git help config.

 Creating and Managing a Git Repository

First of all, let's see how you can create a Git repository. You can run this command to create your git repository on the existing folder. I created a folder called gitdemo and initiated the command git init to create my repository.

root@ubuntu:~# mkdir gitdemo
root@ubuntu:~# cd gitdemo/
root@ubuntu:~/gitdemo#
root@ubuntu:~/gitdemo# git init
Initialized empty Git repository in /root/gitdemo/.git/

After execution of this command you can see it creates a folder called .git. This is where git stores everything including change sets, branches etc. Let's see the structure of this folder.

At any time you can delete this folder to destroy your repository. In short, this means git uses a local file base setup where you can take manual backup of this folder to preserve or commit to any remote repository or even sent these backup file to your friends, to give them direct access to your repository with git installed in their system.

At this moment, we don't have anything to put under version control, so let's create a file and check the git status.

root@ubuntu:~/gitdemo# touch testrepo.txt
root@ubuntu:~/gitdemo# git status
On branch master

Initial commit

Untracked files:
(use "git add <file>..." to include in what will be committed)

testrepo.txt

nothing added to commit but untracked files present (use "git add" to track)

Even though the file testrepo.txt exists, it isn't yet tracked by Git.  Git status tells us that our file is being untracked. We need to fix this by the command git add <filename>.

root@ubuntu:~/gitdemo# git add testrepo.txt
root@ubuntu:~/gitdemo# git status
On branch master

Initial commit

Changes to be committed:
(use "git rm --cached <file>..." to unstage)

new file: testrepo.txt

Now our git status shows as our test file is ready to commit. This is called Staging. We've staged to this file to commit.

Before committing the repo, we need to initiate git add command to update all changes. For example, if we modify anything in our test file, that won't add the changes on commit until we run this git add command again. Git status will help you identify the modifications.

root@ubuntu:~/gitdemo# git status
On branch master

Initial commit

Changes to be committed:
(use "git rm --cached <file>..." to unstage)

new file: testrepo.txt

Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)

modified: testrepo.txt

Hence, we need to run the git add command to stage these changes.

root@ubuntu:~/gitdemo# git add testrepo.txt
root@ubuntu:~/gitdemo# git status
On branch master

Initial commit

Changes to be committed:
(use "git rm --cached <file>..." to unstage)

new file: testrepo.txt

Once we stage our changes, we are ready to commit them to our repository. You can use git commit command for that. By running this command "git commit testrepo.txt", it will display a vim window, where you need to type "Initial commit" on the top of the screen and save to exit.

root@ubuntu:~/gitdemo# git commit testrepo.txt
[master (root-commit) 2b3f303] Initial commit
1 file changed, 2 insertions(+)
create mode 100644 testrepo.txt

PS : you can even use git commit -m "changes" instead

If we run the git status again, we can see that there are no more pending changes which means they're all committed to our repository.

root@ubuntu:~/gitdemo# git status
On branch master
nothing to commit, working directory clean

We can get the details of our commit history by running git log, which will provide with their details like authors, time, date , commit notes etc.

root@ubuntu:~/gitdemo# git log
commit 2b3f30387f3b7417acbbc5287132df7441aa0881
Author: Saheetha Shameer <linoxide1@gmail.com>
Date: Thu Jul 14 08:02:52 2016 +0000

Initial commit

You can get even more information about the git log by referring its manual with the command man git log.  I hope this article is informative and useful for you. Thank you for reading this. Have a Nice Day!

The post Install and Configure Git on Ubuntu 16.04 appeared first on LinOxide.

Visual Studio Code is a lightweight, free and open source software. It provides developers with new choice of tooling, one which combines with simplicity and the streamline experiences with the code editor with more features. It is a powerful source code editor which runs on your desktop environment, available for OS like for Windows, OS X and Linux.

It comes with built-in support for JavaScript, TypeScript and Node.js and has a rich ecosystem of extensions for other languages  like C++, C#, Python, Jade, PHP, XML, Batch, F#, DockerFile, Coffee Script, Java, HandleBars, R, Objective-C, PowerShell, Luna, Visual Basic, .Net, Asp.Net, C#, JSON, HTML, CSS, Less, Sass and many more to come.

Features of Visual Studio Code 1.3

These are some of the exciting features of VSC v1.3 which makes it popular among rest of the them.

• Tabs: This helps in an easy navigation and organizing your work bench.
• Extensions : New in-product extensions to quickly view, manage and install extensions.
• Workbench:  With enhanced Drag and Drop features and  Preview Editors.
• Editor: Global Search and Replace options, Problems panel to view errors and warnings and Indent guides.
• Languages :Better Emmet support and Atom JavaScript grammar extension.
• Debugging : Better debugging options.

In this article, I'll explain  how to install the latest Visual Studio Code v1.3 on Ubuntu 16.04 Desktop.

Please note : Visual Studio Code is supported only in 64 bit Linux architecture. So make sure, your system is 64 bit.

Installation Steps

First of all, we need to download the latest available source package from there website. We can get the latest available version here.  I created a folder for VS code and downloaded the package there.

root@ubuntu:~# mkdir /tmp/VSC
root@ubuntu:~# cd /tmp/VSC

Downloading the package.

root@ubuntu:/tmp/VSC# wget https://az764295.vo.msecnd.net/stable/e6b4afa53e9c0f54edef1673de9001e9f0f547ae/VSCode-linux-x64-stable.zip
--2016-07-19 08:48:36-- https://az764295.vo.msecnd.net/stable/e6b4afa53e9c0f54edef1673de9001e9f0f547ae/VSCode-linux-x64-stable.zip
Resolving az764295.vo.msecnd.net (az764295.vo.msecnd.net)... 2606:2800:11f:17a5:191a:18d5:537:22f9, 72.21.81.200
Connecting to az764295.vo.msecnd.net (az764295.vo.msecnd.net)|2606:2800:11f:17a5:191a:18d5:537:22f9|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 48262769 (46M) [application/zip]
Saving to: ‘VSCode-linux-x64-stable.zip’

VSCode-linux-x64-stable.zip 100%[==================================================================>] 46.03M 121MB/s in 0.4s

2016-07-19 08:48:36 (121 MB/s) - ‘VSCode-linux-x64-stable.zip’ saved [48262769/48262769]

Now extract the package to /opt folder and make the binary executable. You can install unzip package if it's not installed using apt install unzip.

root@ubuntu:/tmp/VSC# unzip VSCode-linux-x64-stable.zip -d /opt/
root@ubuntu:/tmp/VSC# chmod +x /opt/VSCode-linux-x64/code

Please note, your system should support all GUI packages to make this running. Please make sure to install these packages to enable all required libraries if it's not present.

apt-get install lib32z1 lib32ncurses5 dpkg-dev
apt-get install libgtk2.0-0
apt install libnotify-dev
apt install libnss3

Running Visual Studio Code

Now you can move to the extracted folder from the Desktop and run the "Code" binary from there.

This will launch our VS code editor window.

Hurray! we've installed our VStudio Code. Thank you for reading this article. I would recommend your valuable comments and suggestions on this. Have a Good day!

The post How to Install Visual Studio Code 1.3 on Ubuntu 16.04 appeared first on LinOxide.

Grafana is an open source feature rich metrics dashboard. It is very useful for visualizing large-scale measurement data. It provides a powerful and elegant way to create, share, and explore data and dashboards from your disparate metric databases.

It supports a wide variety of graphing options for ultimate flexibility. Furthermore, it supports many different storage backends for your Data Source. Each Data Source has a specific Query Editor that is customized for the features and capabilities that the particular Data Source exposes. The following datasources are officially supported by Grafana: Graphite, InfluxDB, OpenTSDB, Prometheus, Elasticsearch and Cloudwatch

The query language and capabilities of each Data Source are obviously very different. You can combine data from multiple Data Sources onto a single Dashboard, but each Panel is tied to a specific Data Source that belongs to a particular Organization. It supports authenticated login and a basic role based access control implementation. It is deployed as a single software installation which is written in Go and Javascript.

In this article, I'll explain on how to install Grafana on a docker container in Ubuntu 16.04 and configure docker monitoring using this software.

Pre-requisites

• Docker installed server

Installing Grafana

We can build our Grafana in a docker container. There is an official docker image available for building Grafana. Please run this command to build a Grafana container.

root@ubuntu:~# docker run -i -p 3000:3000 grafana/grafana

Unable to find image 'grafana/grafana:latest' locally
latest: Pulling from grafana/grafana
5c90d4a2d1a8: Pull complete
b1a9a0b6158e: Pull complete
acb23b0d58de: Pull complete
Digest: sha256:34ca2f9c7986cb2d115eea373083f7150a2b9b753210546d14477e2276074ae1
Status: Downloaded newer image for grafana/grafana:latest
t=2016-07-27T15:20:19+0000 lvl=info msg="Starting Grafana" logger=main version=3.1.0 commit=v3.1.0 compiled=2016-07-12T06:42:28+0000
t=2016-07-27T15:20:19+0000 lvl=info msg="Config loaded from" logger=settings file=/usr/share/grafana/conf/defaults.ini
t=2016-07-27T15:20:19+0000 lvl=info msg="Config loaded from" logger=settings file=/etc/grafana/grafana.ini
t=2016-07-27T15:20:19+0000 lvl=info msg="Config overriden from command line" logger=settings arg="default.paths.data=/var/lib/grafana"
t=2016-07-27T15:20:19+0000 lvl=info msg="Config overriden from command line" logger=settings arg="default.paths.logs=/var/log/grafana"
t=2016-07-27T15:20:19+0000 lvl=info msg="Config overriden from command line" logger=settings arg="default.paths.plugins=/var/lib/grafana/plugins"
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Home" logger=settings path=/usr/share/grafana
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Data" logger=settings path=/var/lib/grafana
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Logs" logger=settings path=/var/log/grafana
t=2016-07-27T15:20:19+0000 lvl=info msg="Path Plugins" logger=settings path=/var/lib/grafana/plugins
t=2016-07-27T15:20:19+0000 lvl=info msg="Initializing DB" logger=sqlstore dbtype=sqlite3

t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="create playlist table v2"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="create playlist item table v2"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="drop preferences table v2"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="drop preferences table v3"
t=2016-07-27T15:20:20+0000 lvl=info msg="Executing migration" logger=migrator id="create preferences table v3"
t=2016-07-27T15:20:20+0000 lvl=info msg="Created default admin user: [admin]"
t=2016-07-27T15:20:20+0000 lvl=info msg="Starting plugin search" logger=plugins
t=2016-07-27T15:20:20+0000 lvl=info msg="Server Listening" logger=server address=0.0.0.0:3000 protocol=http subUrl=

We can confirm the working of the Grafana container by running this command "docker ps -a" or by accessing it by URL http://Docker IP:3000

All Grafana configuration settings are defined using environment variables, this is much useful when using container technology. The Grafana configuration file is located at /etc/grafana/grafana.ini.

Understanding the Configuration

The Grafana has number of configuration options that can be specified in its configuration file as .ini file or  can be specified using environment variables as mentioned before.

Config file locations

Normal config file locations.

• Default configuration from : $WORKING_DIR/conf/defaults.ini
• Custom configuration from  : $WORKING_DIR/conf/custom.ini

PS :  When you install Grafana using the deb or rpm packages or docker images, then your configuration file is located at /etc/grafana/grafana.ini

Understanding the config variables

Let's see some of the variables in the configuration file below:

instance_name : It's the name of the grafana server instance. It default value is fetched from ${HOSTNAME}, which will be replaced with environment variable HOSTNAME, if that is empty or does not exist Grafana will try to use system calls to get the machine name.

[paths]

data : It's the path where Grafana stores the sqlite3 database (when used), file based sessions (when used), and other data.

logs : It's where Grafana stores the logs.

Both these paths are usually specified via command line in the init.d scripts or the systemd service file.

[server]

http_addr : The IP address to bind the application. If it's left empty it will bind to all interfaces.

http_port : The port to which the application is bind to, defaults is 3000. You can redirect your 80 port to 3000 using the below command.

$iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000

root_url : This is the URL used to access Grafana from a web browser.

cert_file : Path to the certificate file (if protocol is set to https).

cert_key : Path to the certificate key file (if protocol is set to https).

[database]

Grafana uses a database to store its users and dashboards and other informations. By default it is configured to use sqlite3 which is an embedded database included in the main Grafana binary.

type
You can choose mysql, postgres or sqlite3 as per our requirement.

path
It's applicable only for sqlite3 database. The file path where the database will be stored.

host
It's applicable only to MySQL or Postgres. it includes IP or hostname and port. For example, for MySQL running on the same host as Grafana: host = 127.0.0.1:3306

name
The name of the Grafana database. Leave it set to grafana or some other name.

user
The database user (not applicable for sqlite3).

password
The database user's password (not applicable for sqlite3).

ssl_mode
For Postgres, use either disable, require or verify-full. For MySQL, use either true, false, or skip-verify.

ca_cert_path
(MySQL only) The path to the CA certificate to use. On many linux systems, certs can be found in /etc/ssl/certs.

client_key_path
(MySQL only) The path to the client key. Only if server requires client authentication.

client_cert_path
(MySQL only) The path to the client cert. Only if server requires client authentication.

server_cert_name
(MySQL only) The common name field of the certificate used by the mysql server. Not necessary if ssl_mode is set to skip-verify.

[security]
admin_user : It is the name of the default Grafana admin user. The default name set is admin.

admin_password : It is the password of the default Grafana admin. It is set on first-run. The default password is admin.

login_remember_days : The number of days the keep me logged in / remember me cookie lasts.

secret_key : It is used for signing keep me logged in / remember me cookies.

Essentials components for setting up Monitoring

We use the below components  to create our Docker Monitoring system.

cAdvisor : It is otherwise called Container Advisor. It provides its users an understanding of the resource usage and performance characteristics. It collects, aggregates, processes and exports information about the running containers. You can go through this documentation for more information about this.

InfluxDB : It is a time series, metrics, and analytic database. We use this datasource for setting up our monitoring. cAdvisor  displays only real time information and doesn’t store the metrics. Influx Db helps to store the monitoring information which cAdvisor provides in order to display a time range other than real time.

Grafana Dashboard : It allows us to combine all the pieces of information together visually. This powerful Dashboard allows us to run queries against the data store InfluxDB and chart them accordingly in beautiful layout.

Installation of Docker Monitoring

We need to install each of these components one by one in our docker system.

Installing InfluxDB

We can use this command to pull InfluxDB image and setuup a influxDB container.

root@ubuntu:~# docker run -d -p 8083:8083 -p 8086:8086 --expose 8090 --expose 8099 -e PRE_CREATE_DB=cadvisor --name influxsrv tutum/influxdb:0.8.8
Unable to find image 'tutum/influxdb:0.8.8' locally
0.8.8: Pulling from tutum/influxdb
a3ed95caeb02: Already exists
23efb549476f: Already exists
aa2f8df21433: Already exists
ef072d3c9b41: Already exists
c9f371853f28: Already exists
a248b0871c3c: Already exists
749db6d368d0: Already exists
7d7c7d923e63: Pull complete
e47cc7808961: Pull complete
1743b6eeb23f: Pull complete
Digest: sha256:8494b31289b4dbc1d5b444e344ab1dda3e18b07f80517c3f9aae7d18133c0c42
Status: Downloaded newer image for tutum/influxdb:0.8.8
d3b6f7789e0d1d01fa4e0aacdb636c221421107d1df96808ecbe8e241ceb1823

• -p 8083:8083 : user interface, log in with username-admin, pass-admin
• -p 8086:8086 : interaction with other application
• --name influxsrv : container have name influxsrv, use to cAdvisor link it.

You can test your InfluxDB installation by calling this URL >>http://45.79.148.234:8083 and login with user/password as "root".

We can create our required databases from this tab.

Installing cAdvisor

Our next step is to  install cAdvisor container and link it to the InfluxDB container. You can use this command to create it.

root@ubuntu:~# docker run --volume=/:/rootfs:ro --volume=/var/run:/var/run:rw --volume=/sys:/sys:ro --volume=/var/lib/docker/:/var/lib/docker:ro --publish=8080:8080 --detach=true --link influxsrv:influxsrv --name=cadvisor google/cadvisor:latest -storage_driver_db=cadvisor -storage_driver_host=influxsrv:8086
Unable to find image 'google/cadvisor:latest' locally
latest: Pulling from google/cadvisor
09d0220f4043: Pull complete
151807d34af9: Pull complete
14cd28dce332: Pull complete
Digest: sha256:8364c7ab7f56a087b757a304f9376c3527c8c60c848f82b66dd728980222bd2f
Status: Downloaded newer image for google/cadvisor:latest
3bfdf7fdc83872485acb06666a686719983a1172ac49895cd2a260deb1cdde29
root@ubuntu:~#

• --publish=8080:8080 : user interface
• --link=influxsrv:influxsrv: link to container influxsrv
• -storage_driver=influxdb: set the storage driver as InfluxDB
• Specify what InfluxDB instance to push data to:
• -storage_driver_host=influxsrv:8086: The ip:port of the database. Default is ‘localhost:8086’
• -storage_driver_db=cadvisor: database name. Uses db ‘cadvisor’ by default

You can test our cAdvisor installation by calling this URL >>http://45.79.148.234:8080. This will provide you the statistics of your Docker host and containers.

Installing the Grafana Dashboard

Finally, we need to install the Grafana Dashboard and link to the InfluxDB. You can run this command to setup that.

root@ubuntu:~# docker run -d -p 3000:3000 -e INFLUXDB_HOST=localhost -e INFLUXDB_PORT=8086 -e INFLUXDB_NAME=cadvisor -e INFLUXDB_USER=root -e INFLUXDB_PASS=root --link influxsrv:influxsrv --name grafana grafana/grafana
f3b7598529202b110e4e6b998dca6b6e60e8608d75dcfe0d2b09ae408f43684a

Now we can login to Grafana and configure the Data Sources. Navigate to http://45.79.148.234:3000 or just http://45.79.148.234:

Username - admin
Password - admin

Once we've installed Grafana, we can connect the InfluxDB. Login on the Dashboard and click on the Grafana icon(Fireball) in the upper left hand corner of the panel. Click on Data Sources to configure.

Now you can add our new Graph to our default Datasource InfluxDB.

We can edit and modify our query by adjusting our graph at Metric tab.

You can get more information on docker monitoring here. Thank you for reading this. I would suggest your valuable comments and suggestions on this. Hope you'd a wonderful day!

The post How to Monitor Docker Containers using Grafana on Ubuntu appeared first on LinOxide.

As  system administrators, we have situations where we need to download large files such as backup files, database backups, emails, log files etc securely between our servers. Usually we use SFTP, SSH or SCP for this purposes. But these processes slow down comparatively, when it comes to a remote backup download.

In this article, I'm explaining a convenient way for downloading large files using HTTP with a help of a Nginx Docker container in an Ubuntu 16.04 server.

Pre-requisites

• Docker installed Ubuntu 16.04 server
• Require a FQDN hostname
• SSL certificate for your hostname

Creating SSL certificate for the hostname

First of all, let us obtain our SSL certificate for our hostname. I'm using Let's Encrypt to obtain my free SSL certificate. We can install Let's Encrypt using the GitHub repository.

Install Git and bc

Two of these packages needs to be installed prior to the Let's Encrypt installation. Bc is an “arbitrary precision language calculator. It is used for the auto-renewal script in the Let's Encrypt software. You can install these packages with this commands below:

root@www:~# apt-get update

root@www:~# apt-get -y install git bc

Once it is done, we can easily download let's encrypt by cloning the repository from GitHub.

Cloning Let's Encrypt Repository

We can use this command to clone the Let’s Encrypt repository to /opt folder.

root@www:~# git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
Cloning into '/opt/letsencrypt'...
remote: Counting objects: 39435, done.
remote: Total 39435 (delta 0), reused 0 (delta 0), pack-reused 39435
Receiving objects: 100% (39435/39435), 10.63 MiB | 20.39 MiB/s, done.
Resolving deltas: 100% (28067/28067), done.
Checking connectivity... done.

By cloning, we'll have a copy of the let's encrypt repository in the /opt/letsencrypt directory.

Issuing SSL certificate

Let's Encrypt provides a numerous ways to obtain SSL certificates, through various plugins. We're using the Webroot plugin to initialize our certificate process. It is called as an authenticator plugin. It works by placing a special file in the /.well-known directory within your document root, which can be opened through your web server by the Let's Encrypt service for validation.  Let's see how we can use the Webroot plugin to obtain an SSL certificate.

If you've not installed a web server, you can install Nginx in your docker host with the command apt-get install nginx.

Now add the following section to your SSL server block in your default vhost configuration /etc/nginx/sites-available/default to allow access to the .well-known directory for validation.

location ~ /.well-known {
allow all;
}

This folder will be created under the domain document root during the SSL certificate issuing by Let's Encrypt. Now save the file and reload Nginx configuration.

Now we can use Webroot plugin to request our SSL certificate with these commands. You can specify our domain names with these command with the -d option. For using a single certificate for multiple domains, we can include all of them at once using the -d options as below:

root@www:~# cd /opt/letsencrypt
root@www:/opt/letsencrypt# ./letsencrypt-auto certonly -a webroot --webroot-path=/var/www/html -d nodenixbox.com -d www.nodenixbox.com

We need to move to the letsencrypt repo folder at /opt and run this command from there. This command proceeds with the installation of the required Python packages and prompt to enter the email address which will be used for urgent notices and lost key recovery.

Enter your valid email address and proceed to the next screen to agree the terms and conditions for this software.

After agreeing to these Subscriber Agreement, the installation will complete successfully and will provide you with the Certificate details.

You can see the certificate details and expiration date for our domain cert from this.

Your certificate and chain have been saved at

/etc/letsencrypt/live/nodenixbox.com/fullchain.pem.

Your cert will
expire on 2016-11-05.

You can edit your default Nginx configuration to include these certificate details for enabling SSL and reload the configuration to update these changes.

server {
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;

server_name nodenixbox.com www.nodenixbox.com;
root /var/www/html/;
ssl_certificate /etc/letsencrypt/live/nodenixbox.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nodenixbox.com/privkey.pem;

You can verify your SSL installation at the URL >>https://www.sslshopper.com/ssl-checker.html

Defining Path for Downloads

We need to add the following entries to our Nginx Vhost configuration under the SSL server block to serve our files when a request is made on /downloads/ url.

location /downloads/ {
alias /files/;
}

Creating Nginx Docker Container

Let's create our Nginx docker container with the secured  Nginx configuration from our docker host along with the let's encrypt installation and certificates. First of all, create a docker-compose.yml file. This file tells docker how to run a specific container.

files : This folder contains the files which needs to be downloaded
conf : This folder contains  our saved secured Nginx configuration
/etc/letsencrypt & /opt/letsencrypt contains our certificate details and letsencrypt scripts.
/var/www/ : contains our domain document roots.

PS : We can exclude the volumes which don't prefer to copy over as per our convenience.

Furthermore, it exposes the ports 80 and 443 of docker container to the host's port 8081 and 8080 respectively.

The above file tells docker to run a container using the nginx:latest image, mount the directories files and conf from the host machine, and expose ports as mentioned.

Now we can run this command to compose our docker container.

root@www:~# docker-compose up
Recreating root_nginx_1
Attaching to root_nginx_1

This will create a docker container as we've composed and make it running. We can view our docker container status below:

root@www:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a710ab1cdaa9 nginx:latest "nginx -g 'daemon off" About an hour ago Up About an hour 0.0.0.0:8081->80/tcp, 0.0.0.0:8080->443/tcp root_nginx_1

We can verify the Nginx secure installation for your docker container by calling this URL >>https://nodenix.com:8080 or in SSL checker.

Downloading files securely

As we've composed, the files which we need to downloads reside inside the folder /files in our docker container.

root@www:~# docker exec -i -t a710ab1cdaa9 /bin/bash

root@a710ab1cdaa9:/files# ls -l
total 8
-rw-r--r-- 1 root root 172 Aug 8 07:39 log.tar.gz
-rw-r--r-- 1 root root 110 Aug 8 07:32 mails.tar.gz

Now we can easily download this securely using our Nginx docker from this URL >>> https://nodenixbox.com:8080/downloads/mails.tar.gz

That's it :). Correspondingly, we can download any large files from servers as per your requirement more easily and securely. I hope this article is informative and helpful for you. I would recommend your valuable comments and suggestions on this. Have a Nice Day!

The post Securely Download Files using Https from Nginx Docker Containers appeared first on LinOxide.

WordPress is an opensource software, which you can use to create your beautiful website, blog, or app. Hundreds of community volunteers has built this core software. And there are thousands of plugins and themes available for this to transform your website into the one in your imagination.

In this article, I'm explaining on how to install WordPress on a Docker container with LEMP stack and run this securely with SSL on my Ubuntu 16.04 server. You can use Docker Compose to easily run WordPress in an isolated environment built with Docker containers.

Pre-requisites

• Docker installed Ubuntu 16.04 server
• Require a FQDN hostname
• SSL certificate for your hostname
• LEMP stack

You can refer my previous article to know how I installed SSL for my hostname using Let's Encrypt software.

Creating WordPress Dockerfile

We need to create our Dockerfile to automate our installation as per our requirements. This docker file comprises  a docker image which will automatically install the wordpress, LEMP stack and other required packages for our application. Apart from that we need to copy some of the volumes from our docker host to enhance the domain security with SSL and a pre-defined vhost configuration for our hostname.

 

huahaiy/lemp-wordpress : This image will automate our wordpress installation with LEMP stack.
/srv:/srv : Configure SSH agents are per our image
conf : This folder contains our saved secured Nginx configuration
/etc/letsencrypt & /opt/letsencrypt contains our certificate details and letsencrypt scripts.
/var/lib/mysql : Determines the database location for our installation.

PS : We can exclude the volumes which we don't prefer to copy over as per our convenience.

Moreover, it exposes the ports 80 and 443 of docker container to the host's port 8081 and 8080 respectively.

Creating our WordPress Container

The above docker file tells docker to run a container using the  huahaiy/lemp-wordpress image, mount the specified volumes from the docker host and expose ports  to run the application. We can run this command to compose our docker container.

root@www:~# docker-compose up
Pulling lemp (huahaiy/lemp-wordpress:latest)...
latest: Pulling from huahaiy/lemp-wordpress
012a7829fd3f: Pull complete
41158247dd50: Pull complete
916b974d99af: Pull complete
a3ed95caeb02: Pull complete
1527345bbd21: Pull complete
1eb53890aa28: Pull complete
464ea636b922: Pull complete
8ba7392dc2a5: Pull complete
4cf87d5c765a: Pull complete
a9174a1a303a: Pull complete
d5c8e4f50350: Pull complete
Digest: sha256:8a92f263ca2095ddd4c8fe07c8d8306af2a16728f1e598897a8d62844f24352a
Status: Downloaded newer image for huahaiy/lemp-wordpress:latest
Creating root_lemp_1
Attaching to root_lemp_1
lemp_1 | % Total % Received % Xferd Average Speed Time Time Time Current
lemp_1 | Dload Upload Total Spent Left Speed
100 7591k 100 7591k 0 0 5441k 0 0:00:01 0:00:01 --:--:-- 5441k
lemp_1 | wordpress/
lemp_1 | wordpress/wp-settings.php
lemp_1 | wordpress/wp-cron.php
lemp_1 | wordpress/wp-comments-post.php
lemp_1 | wordpress/wp-activate.php
lemp_1 | wordpress/wp-admin/
lemp_1 | wordpress/wp-admin/link-parse-opml.php
lemp_1 | wordpress/wp-admin/js/

On running this docker compose file, it will pull the specified docker image from our docker hub and download all the required packages for our installation. This image will install WordPress on LEMP stack.  The LEMP stack is a group of software that is used to serve our web applications. It includes Nginx with PHP and MySQL.

Installation stages

Initially, as we stated before, it downloads all required packages as specified in our docker image. Then it starts with the installation of LEMP stack and extract the downloaded WordPress files to the default domain document root at "/usr/share/nginx/www/".

During the installation phase, it set the MySQL root password and creates a  database namely "wordpress" with the same user and sets its password as shown for WordPress installation.

Finally, it updates our WordPress configuration file with these details to enhance the WordPress installation from the browser on the container.

Once the installation is complete, we can verify our container status as below.

root@www:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
73e10f1c0b94 huahaiy/lemp-wordpress "/docker-entrypoint.s" 21 hours ago Up 9 minutes 3306/tcp, 0.0.0.0:8081->80/tcp, 0.0.0.0:8080->443/tcp root_lemp_1

Confirm the Installations

Now we can login to our container and confirm the software installations.

root@73e10f1c0b94:/# nginx -v
nginx version: nginx/1.4.6 (Ubuntu)
root@226485fa2d44:/# service nginx status
* nginx is running
root@73e10f1c0b94:/# php -v
PHP 5.5.9-1ubuntu4.13 (cli) (built: Sep 29 2015 15:24:49)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies
root@73e10f1c0b94:/# mysql -V
mysql Ver 14.14 Distrib 5.5.44, for debian-linux-gnu (x86_64) using readline 6.3

We need to enable Nginx to run PHP scripts by default. Let's take a look on the Vhost configuration for my domain to enable my SSL and PHP.

server {
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;

server_name nodenixbox.com www.nodenixbox.com;
root /usr/share/nginx/www;
ssl_certificate /etc/letsencrypt/live/nodenixbox.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nodenixbox.com/privkey.pem;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}

WordPress installation

Our docker compose file have just created a docker container with wordpress installation files downloaded on our domain document root and setup the required platform to run our installations. Now we need to complete our installation via web interface securely. You can access your WordPress blog at https://Docker hostname:8080/. This will redirect to our WordPress installation folder.

Select your language and click "continue" to proceed further.

We can provide the required details here as shown in the snapshot and proceed with "Install WordPress" option . This will complete our installation  and we can login to our WordPress Admin Panel with the credentials,

Hurray!! Our WordPress docker container is ready to go. I hope this article is really helpful for you. Thank you for reading this :) I would recommend your valuable comments and suggestions on this. Have a Good day!

The post Install WordPress on Docker LEMP Stack with Letsencrypt SSL appeared first on LinOxide.

Rocket.Chat is a Web Chat Server, developed in JavaScript. It is an open source messaging APP built with Meteor fullstack framework. It is a great solution for communities and companies who need to host their own private chat service or for developers who're planning to build and evolve their own chat platforms. There are several features for this Chat APP. Some of the major features includes video conferencing, file sharing, voice messages, helpdesk chat, link preview, fully-featured API, extendablility, native applications, mobile applications and lot more.

In this article, I'm providing you with the step by step instructions on how to install our Rocket.Chat on a Docker container.

 Step 1 - Installing Git

We can install Git packages from their repositories by just running this command. Git packages are used to clone the project repository.

root@ubuntu:~# apt-get update
root@www:~# apt-get install -y git
Reading package lists... Done
Building dependency tree
Reading state information... Done
git is already the newest version (1:2.7.4-0ubuntu1).
0 upgraded, 0 newly installed, 0 to remove and 105 not upgraded.
root@www:~# git clone https://github.com/RocketChat/Rocket.Chat.git
Cloning into 'Rocket.Chat'...
remote: Counting objects: 55385, done.
remote: Compressing objects: 100% (177/177), done.
remote: Total 55385 (delta 69), reused 0 (delta 0), pack-reused 55207
Receiving objects: 100% (55385/55385), 37.48 MiB | 10.80 MiB/s, done.
Resolving deltas: 100% (38031/38031), done.
Checking connectivity... done.

Step 2 - Installing Docker

Docker simplifies this installation process. Docker is an open-source project that automates the deployment of applications inside software containers. You can either install docker by apt-get install docker-engine command or you can use this below command to get the latest Docker package.

curl -sSL https://get.docker.com/ | sh

Step 3  - Installing Docker-Compose

Compose is a docker tool for defining and running multi-container applications with Docker. Using this tool, you define a multi-container application in a single file, and run that file using a single compose command to spin your application up and running. You can install the docker compose either using apt-get install docker-compose or using this below command to download the latest docker compose version:

curl -L https://github.com/docker/compose/releases/download/1.8.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose

You can get the latest docker compose releases and download those instead.

Step 4 - Cloning Rocket.chat

Before installing, we need to clone our Rocket.chat repository using git to a folder named Rocker.Chat.

root@www:~# git clone https://github.com/RocketChat/Rocket.Chat.git
Cloning into 'Rocket.Chat'...
remote: Counting objects: 55385, done.
remote: Compressing objects: 100% (177/177), done.
remote: Total 55385 (delta 69), reused 0 (delta 0), pack-reused 55207
Receiving objects: 100% (55385/55385), 37.48 MiB | 10.80 MiB/s, done.
Resolving deltas: 100% (38031/38031), done.
Checking connectivity... done.

Step 5 - Installing Rocket.chat

Now move to the Rocker.Chat folder  and run our docker-compose file.

root@www:~# cd Rocket.Chat
root@www:~/Rocket.Chat# docker-compose up

root@www:~/Rocket.Chat# docker-compose up
Pulling mongo (mongo:latest)...
latest: Pulling from library/mongo
5c68a10e9f3f: Pull complete
0110f95fa9c8: Pull complete
0cba4a42bc41: Pull complete
a6eafd7fba3f: Pull complete
703d9d7e0e21: Pull complete
6c18d5bc22c9: Pull complete
fd3fcba178e3: Pull complete
c8b9b5488049: Pull complete
41f37d58ab4c: Pull complete
Digest: sha256:beff97308c36f7af664a1d04eb6ed09be1d14c17427065b2ec4b0de90967bb3f
Status: Downloaded newer image for mongo:latest
Creating rocketchat_mongo_1
Pulling hubot (rocketchat/hubot-rocketchat:v0.1.4)...
v0.1.4: Pulling from rocketchat/hubot-rocketchat

ddf65d6bb23c: Pull complete
Digest: sha256:e4c7dccc4ec00f24dd7e25febc9cf0b653df085ea42eb605fcd8409736d52559
Status: Downloaded newer image for rocketchat/hubot-rocketchat:v0.1.4
Creating rocketchat_hubot_1
Attaching to rocketchat_mongo_1, rocketchat_rocketchat_1, rocketchat_hubot_1

Running this composer file, will start downloading all the required images as specified in the docker compose file and create all three instances required for our Rocket.Chat as highlighted.

root@www:~/Rocket.Chat# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
db701321e7a2 rocketchat/hubot-rocketchat:v0.1.4 "/bin/sh -c 'node -e " 4 hours ago Up 4 hours 0.0.0.0:3001->8080/tcp rocketchat_hubot_1
f1f2c9476121 rocketchat/rocket.chat:latest "node main.js" 4 hours ago Up 4 hours 0.0.0.0:3000->3000/tcp rocketchat_rocketchat_1
082f45829ae5 mongo "/entrypoint.sh mongo" 4 hours ago Up 4 hours 27017/tcp rocketchat_mongo_1

We can view the Rocket.Chat version and configuration information during the installation phase.

That's all!! We've completed with the Rocket.Chat installation. You can access you chat application using the URL >>http://DockerIP:3000

You can register your new email account and start creating our own private group chats.

Step 6 - Managing the users and Groups

Probably, the first user registered and logged in, will be the admin user and all other user logins will be secondary ones.

You can create your own Channels/groups and set the privacy as needed. You can use the '+' icon near the Channels section to add any number of groups.

Click on the Members list options present on the right hand side to add required users to your new channel. In addition, you can use the individual user tabs below to set the user privileges.

Refer this document for more details on managing this. I hope this article is useful for you. I would recommend your valuable comments and suggestions on this. Happy Chatting!!

The post How to Install Rocket Chat on Ubuntu 16.04 with Docker appeared first on LinOxide.

Today majority of Internet users are exposed to cyber attacks, not because they aren't using any best security measures, but because they are using weak passwords to secure their accounts. Passwords are your last resort of defense against online threats. Even though, we can hardly control data breaches, it is still important to maintain strong passwords that can prevent our accounts from brute-force attacks.

It's advisable to create long, complex and different passwords for our various online accounts. Your password should be atleast 16 characters long, with a combination of numbers, symbols, upper and lowercase alphabets. But it's really hard to remember such complex passwords ourselves.

Luckily, to make this whole process easy, we've password manager tools available for our various OS distributions supporting our Desktops, phones etc. This can significantly reduce the password memorizing problem and ease the usage of strong complex passwords.

In this article, I'll provide you a list of Password Manager tools available for Linux and it uses.

Understanding a Password Manager

A password manager tool is a bit of software application that helps you to store and organize passwords. Password managers usually store their passwords in encrypted form. They'll need the user to create a master password which is a very strong one, which grants the user access to their entire password database. There are two types of Password Manager tools, offline and online password managers. Offline PM tools stores the password information on their personal systems, whereas in online PM tools, the passwords are stored in their cloud providers. In a nutshell, password manager is to securely store large password information. The features which makes a password manager perfect is as below:

• Cross-Platform Application
• Works with zero-knowledge model
• Two-factor authentication methods

Here are some of the best password manager tools in Linux.

1) LastPass Password Manager

This is one of the best online password manager tools available and one among the top-rated ones. It comes with an extension, mobile app, and even desktop app support for all the browsers and operating systems. They use cloud based password storage means with encrypts user personal information and passwords with AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to ensure complete security in the cloud.

Download the latest Lastpass Software and extensions for Linux.

Command line Installation instructions.

Download this software from the above link

Right-click and save lplinux.tar.bz2 to your computer.
Once downloaded, run:

tar xjvf lplinux.tar.bz2
cd lplinux && ./install_lastpass.sh

as your normal user. The script will invoke sudo as needed.

Unlimited storage for passwords & notes, multi-factor authentication & OTP,  automatic backup & sync for your first device, automated filling of logins & forms, desktop application passwords are some of its major features.

2) Keeper Password Manager

Keeper is one of the powerful and secure online password manager tool. It uses Amazon AWS to host and operate the encrypted Cloud Security Vault providing customers with unlimited secure backups. This also uses 256-bit AES encryption and PBKDF2 to encrypt the user information and passwords to ensure the best security. It also comes with an extension, mobile app, and even desktop app support for all the browsers and operating systems. It supports two-factor authentication, fingerprint login and Keeper DNA which uses personal devices like your smartwatch to confirm your identity.

Download the latest Keeper Password Manager Software for Linux.

3) KeePass Password Manager

KeePass is a free, open source, light-weight and easy-to-use password manager.  It helps you to manage your passwords in a secure way by putting all your passwords in one database, and can be managed by one master key or a key file. All you've to do is to remember that one single master password or the key file to unlock the whole database. It encrypts your passwords and login information using the most secure encryption algorithms called AES 256-bit encryption by default, or optional, Twofish 256-bit encryption.

Download your latest KeePass software for Linux.

4) SpiderOak Encryptr Password Manager

Encryptr is an open source, zero-knowledge, cloud-based password manager. It encrypts your passwords using Crypton JavaScript framework. All Crypton-based applications are built solely on the client, in which only the server is used as a medium to access the database which stores the data. It uses end-to-end encryption and provides high-level APIs for managing user accounts, data storage and information sharing. It's supported in Windows, OS X, Linux and Android. This is a light-weight application which comes with some basic features to encrypt passwords, credit card numbers and general any text/keys.

Download the latest Encryptr software for Linux.

5) EnPass Password Manager

Enpass is an easy to use password-management application. It allows us to store all kinds of important credentials like credit cards, bank accounts, passwords, login information, ID card details etc. All these data can be encrypted by a master password and stored in your own device or you can even use any third party cloud based services like dropbox, owncloud or google drives for storing these information. It uses SQL cipher open-source 256 bit AES encryption to enhance high level of security. It also comes with an extension, mobile app, and even desktop app support for all the browsers and operating systems.

Download the latest Enpass Software for Linux.

6) RoboForm Password Manager

RoboForm is a free, open-source and easy-to-use password manager software. It comes with several options like form filler, password sync, password generator etc apart from password management. This helps you to manage your passwords in a secure way by putting all your passwords in one database, and can be managed by one master key. It encrypts our login passwords and other information using military grade AES encryption for high level security. It's  available for popular OS distributions and also for browsers like Internet Explorer, Chrome, and Firefox as well as mobile platforms.

Download the Roboform Password Manager App for Linux.

I would recommend you to start using the Password Manager tools to secure your online accounts. I hope this article is useful to find the best Password Manager tools for you. Please post your valuable comments and suggestions on this. Have a Good Day!

The post 6 Best Password Manager Tools for Linux appeared first on LinOxide.

VULS is a security vulnerability scanner for Linux. It downloads the NVD (National Vulnerability Database) and inserts into a sqlite database. Vuls has built in CVE dictionary for this sqlite file. The servers are connected using key based authorization, hence we need to generate ssh keys and confirm the authorization between servers and scan target.

Since, vuls is an insider scanner. Logic behind the vuls system is searching for unattended upgrades and thereby reporting unsecure packages on a system.

Main features

• Scan for any vulnerabilities in Linux Server
• Scan middleware, programming language libraries and framework for vulnerability
• Support software registered in CPE
• User is required to only setup one machine that is connected to other target servers via SSH
• Auto generation of configuration file template
• Email and Slack notification is possible (supports Japanese language)
• Scan result is viewable on necessary software, TUI Viewer terminal.

In this article, I'll provide step by step instructions on how to install Vuls scanner on an Ubuntu 16.04 server. Let's walk through the installation stages.

1) Pre-requisites

Vuls requires the following packages to be installed for its proper functioning.

• sqlite3
• git
• gcc
• go v1.6 or above

To install Sqlite3, use these commands below:

root@ubuntu:~#apt-get update.
root@ubuntu:~#apt-get install sqlite3 libsqlite3-dev.

To install git and gcc, you can use this command below:

root@ubuntu:~#apt-get install git gcc

Follow these steps to install Go in the server.

Depending on our server architecture, we can download the required package and extract to install.

[root@ubuntu src]# wget https://storage.googleapis.com/golang/go1.6.2.linux-amd64.tar.gz

2016-07-01 07:50:26 (93.6 MB/s) - ‘go1.6.2.linux-amd64.tar.gz’ saved [84840658/84840658]

[root@ubuntusrc]# tar -xzvf go1.6.2.linux-amd64.tar.gz -C /usr/local/

I've downloaded the package for a 64 bit architecture.

root@ubuntu~]# mkdir /root/go

Add these lines into /etc/profile.d/goenv.sh

[root@ubuntu ~]# cat /etc/profile.d/goenv.sh
export GOROOT=/usr/local/go
export GOPATH=$HOME/go
export PATH=$PATH:$GOROOT/bin:$GOPATH/bin

Set the OS environment variable to current shell

[root@ubuntu ~]# source /etc/profile.d/goenv.sh

[root@ubuntu bin]# go version
go version go1.6.2 linux/amd64

2) Enable SSH key authentication between servers

You can create the SSH key pairs and add them to the vuls server to enhance the SSH connectivity b/w servers. I'm just creating an SSH key pair for my local server and adding the public key to the authorized_keys to enable local scan.

root@ubuntu:~# ssh-keygen -t rsa
root@ubuntu:~# cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
root@ubuntu:~# chmod 600 ~/.ssh/authorized_keys

3) Deploy go-cve-dictionary

Now, we can move to our go work directory and deploy our go-cve-dictionary.  As mentioned before vuls watch out for any new vulnerabilities in NVD.

root@ubuntu:/usr/src# cd /root/go
root@ubuntu:~/go# go get github.com/kotakanbe/go-cve-dictionary
root@ubuntu:~/go# ls
bin hello-world hello-world.go pkg src

root@ubuntu:~/go#mkdir /var/log/vuls
root@ubuntu:~/go#chmod 700 /var/log/vuls

Firstly, go-cve-dictionary fetches vulnerability data from NVD and inserts into sqlite3.

root@ubuntu:~/go#for i in {2002..2016}; do go-cve-dictionary fetchnvd -years $i; done
0 / 1 [------------------------------------------------------------------------------------------------------------------------------] 0.00%[Sep 21 07:44:13] INFO Fetching... https://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-2002.xml.gz
[Sep 21 07:44:15] INFO Fetched 6721 CVEs
[Sep 21 07:44:15] INFO Opening DB. datafile: /root/go/cve.sqlite3
[Sep 21 07:44:15] INFO Migrating DB
[Sep 21 07:44:15] INFO Inserting CVEs...
6721 / 6721 [====================================================================================================================] 100.00% 13s
[Sep 21 07:44:29] INFO Refreshed 6721 Nvds.

Now we successfully collected vulnerability data, then started as server mode again.

root@ubuntu:~/go# go-cve-dictionary server
[Sep 22 05:47:48] INFO Opening DB. datafile: /root/go/cve.sqlite3
[Sep 22 05:47:48] INFO Migrating DB
[Sep 22 05:47:48] INFO Starting HTTP Server...
[Sep 22 05:47:48] INFO Listening on 127.0.0.1:1323

root@ubuntu:~/go# ls -alh cve.sqlite3
-rw-r--r-- 1 root root 561M Sep 21 07:53 cve.sqlite3

4) Deploy vuls

Run this go command to deploy vuls.

root@ubuntu:/# go get github.com/future-architect/vuls

5) Creating vuls configuration

We can create the vuls configuration file in TOML format  to scan the target servers. I've just modified the vuls configuration file to scan my local server.

root@ubuntu:vuls# cat config.toml
[servers]

[servers.45-33-77-70]
host = "45.33.77.70"
port = "22"
user = "root"
keyPath = "/root/.ssh/id_rsa"

You can add as many servers as you need in the configuration file with these details and run a config test to validate.

root@ubuntu:/# vuls configtest
[Sep 21 03:01:56] INFO [localhost] Validating Config...
[Sep 21 03:01:56] INFO [localhost] Detecting Server/Contianer OS...
[Sep 21 03:01:56] INFO [localhost] Detecting OS of servers...
[Sep 21 03:01:57] INFO [localhost] (1/1) Detected: 45-33-77-70: ubuntu 16.04
[Sep 21 03:01:57] INFO [localhost] Detecting OS of containers...
[Sep 21 03:01:57] INFO [localhost] Checking sudo configuration...
[Sep 21 03:01:57] INFO [45-33-77-70] sudo ... OK
[Sep 21 03:01:57] INFO [localhost] SSH-able servers are below...
45-33-77-70

6) Setting up target servers for vuls

You can run this command "vuls prepare" to set up all the target servers specified in the vuls configuration file.

root@ubuntu:/# vuls prepare
INFO[0000] Start Preparing (config: /config.toml)
[Sep 21 03:02:46] INFO [localhost] Detecting OS...
[Sep 21 03:02:46] INFO [localhost] Detecting OS of servers...
[Sep 21 03:02:46] INFO [localhost] (1/1) Detected: 45-33-77-70: ubuntu 16.04
[Sep 21 03:02:46] INFO [localhost] Detecting OS of containers...
[Sep 21 03:02:46] INFO [localhost] Checking sudo configuration...
[Sep 21 03:02:46] INFO [45-33-77-70] sudo ... OK
[Sep 21 03:02:46] INFO [localhost] Installing...
[Sep 21 03:02:46] INFO [45-33-77-70] apt-get update...

7) Start scanning

We can scan our servers using the command "vuls scan".

root@ubuntu:~/go/vuls# vuls scan -report-json -cve-dictionary-dbpath=/root/go/cve.sqlite3
INFO[0000] Start scanning
INFO[0000] config: /root/go/vuls/config.toml
INFO[0000] cve-dictionary: /root/go/cve.sqlite3

We can even get a terminal based user interface to view our scan report. You can run this command "vuls tui" to access it.

That's all! You can refer this link for more options with Vuls scan command usage. I hope you enjoyed reading this article on vulnerability scanner. Please post your valuable comments and suggestions on this. You could also create a json reports of vuls output using VulsRepo. Have a good day :-)

The post How to Setup Vuls Vulnerability Scanner in Linux appeared first on LinOxide.

PostgreSQL is a powerful and open source object-relational database management system developed by the PostgreSQL Global Development Group.  It gives primary focus on extensibility and standards-compliance. This stores data securely, and  allow users to  retrieve data at the request of other software applications.

It is supported  on all major operating systems, including Linux, UNIX (AIX, BSD, HP-UX, SGI IRIX, Mac OS X, Solaris, Tru64) and Windows.

In this article, I'll  explain on how to install Postgresql 9.6 on an Ubuntu 16.04 server.

How to Install PostgreSQL

Default Ubuntu repositories may not contain our desired PostgreSQL version, hence, we need to create custom repo file to download/install the required version. You can create an apt source file "/etc/apt/sources.list.d/postgresql.list" with the following contents.

root@ubuntu:~# cat /etc/apt/sources.list.d/postgresql.list
deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main

Now we can install our desired PostgreSQL version by executing the following commands below:

root@ubuntu:~# wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
OK
root@ubuntu:~# apt-get update
Hit:1 http://mirrors.linode.com/ubuntu xenial InRelease
Hit:2 http://mirrors.linode.com/ubuntu xenial-updates InRelease
Hit:3 http://mirrors.linode.com/ubuntu xenial-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu xenial-security InRelease
Get:5 http://apt.postgresql.org/pub/repos/apt xenial-pgdg InRelease [36.6 kB]
Get:6 http://apt.postgresql.org/pub/repos/apt xenial-pgdg/main amd64 Packages [55.6 kB]
Get:7 http://apt.postgresql.org/pub/repos/apt xenial-pgdg/main i386 Packages [55.5 kB]
Fetched 148 kB in 0s (256 kB/s)
Reading package lists... Done
root@ubuntu:~# apt-get install postgresql-9.6 postgresql-contrib

You can confirm the PostgreSQL installation by logging to the postgres user.

root@ubuntu:~# su - postgres
postgres@ubuntu:~$ psql
psql (9.6.0)
Type "help" for help.

Managing / Modifying the User Roles in PostgreSQL

PostgreSQL manages database access permissions using the concept of "roles". It can be either a database user, or a group of database users, depending on how the role is set up. They're some way similar to Linux user accounts. Any role can act as a user, group or both.

By default, a postgres role will be setup on installation which act similar to a Linux username with shell access. This role has the admin privilege and can manage all transactions. Let's see how we can create new roles from the psql command line.  I've created a new role called  testadmin using this command. You can determine the set of existing roles from pg_roles system catalog.

root@ubuntu:~# sudo -u postgres psql
psql (9.6.0)
Type "help" for help.

postgres=# create role testadmin;

CREATE ROLE
postgres=# SELECT rolname FROM pg_roles;
rolname
-------------------
pg_signal_backend
postgres
testadmin
(4 rows)

Similarly, you can delete a user role using the command "DROP ROLE name;". We can also use the commands "createuser username or dropuser username" for this purpose. Check out the commands below:

root@ubuntu:~# su - postgres
postgres@ubuntu:~$ createuser --interactive
Enter name of role to add: saheadmin
Shall the new role be a superuser? (y/n) y

By using --interactive option,  we can make this process  interactive. You can see several option for this command with help option.

postgres@ubuntu:~$ createuser --help
createuser creates a new PostgreSQL role.

Usage:
createuser [OPTION]... [ROLENAME]

Options:
-c, --connection-limit=N connection limit for role (default: no limit)
-d, --createdb role can create new databases
-D, --no-createdb role cannot create databases (default)
-e, --echo show the commands being sent to the server
-E, --encrypted encrypt stored password
-g, --role=ROLE new role will be a member of this role
-i, --inherit role inherits privileges of roles it is a
member of (default)
-I, --no-inherit role does not inherit privileges
-l, --login role can login (default)
-L, --no-login role cannot login
-N, --unencrypted do not encrypt stored password
-P, --pwprompt assign a password to new role
-r, --createrole role can create new roles
-R, --no-createrole role cannot create roles (default)
-s, --superuser role will be superuser
-S, --no-superuser role will not be superuser (default)
-V, --version output version information, then exit
--interactive prompt for missing role name and attributes rather
than using defaults
--replication role can initiate replication
--no-replication role cannot initiate replication
-?, --help show this help, then exit

Connection options:
-h, --host=HOSTNAME database server host or socket directory
-p, --port=PORT database server port
-U, --username=USERNAME user name to connect as (not the one to create)
-w, --no-password never prompt for password
-W, --password force password prompt

Report bugs to <pgsql-bugs@postgresql.org>.
postgres@ubuntu:~$

We can reset the password for a role using this command from psql prompt.

root@ubuntu:~# sudo -u postgres psql
psql (9.6.0)
Type "help" for help.

postgres=# ALTER USER testadmin PASSWORD 'password';
ALTER ROLE

How to set Role Attributes

A database role can have a number of attributes that define its privileges and interact with the client authentication system. Let me explain some of the important and useful attributes which can be used during role creation.

•  Login privilege
•  Superuser
•  Database creation
•  Password
•  Role creation

We can see how we can assign this attributes to a role during creation.

Login privilege: A role with the LOGIN attribute can be considered the same thing as a "database user". You can use the command below for passing this attribute.

CREATE ROLE name LOGIN;

Superuser : You can make a role with super privileges using this command.

CREATE ROLE name SUPERUSER;

Database creation : A role can be created with  permission to create databases using the below command (except for superusers, since those bypass all permission checks.

CREATE ROLE name CREATEDB;

Password : You can  specify a password upon role creation by using this command.

CREATE ROLE name PASSWORD 'password string';

Database Management

We can create a database in PostgreSQL using the command createdb  dbname from the login prompt or using the command CREATE DATABASE name from psql prompt as below:

From login shell :

postgres@ubuntu:~$ createdb sahedb

From psql prompt:

postgres=# CREATE DATABASE testdb;
CREATE DATABASE

At times, you can also use this command to create a database for a particular user in one command.  The role will  become the owner of the new database, so he can configure and manage it himself.

From SQL prompt:

CREATE DATABASE dbname OWNER rolename;

From Shell:

createdb -O rolename dbname

Similarly, you can destroy a database by simply executing this command below:

From SQL prompt:

DROP DATABASE name;

From login Shell:

dropdb dbname

Managing Tables

Now let's see how we can create tables for a particular database. We can create a table named employees in the database "testdb" which we created before and insert some values to the tables.

Connecting to our desired DB :

root@ubuntu:~# su - postgres
postgres@ubuntu:~$ psql testdb
psql (9.6.0)
Type "help" for help.

Creating a table name employees with the three fileds for employee id, first name and last name.

testdb=# CREATE TABLE employees (employee_id int, first_name varchar, last_name varchar);
CREATE TABLE

Inserting following details to the table and listing out the table content.

testdb=# INSERT INTO employees VALUES (1, 'Joe', 'Sam');
INSERT 0 1
testdb=# SELECT * FROM employees;
employee_id | first_name | last_name
-------------+------------+-----------
1 | Joe | Sam

Similarly, we can delete a table using this command below:

DROP TABLE tablename;

Most of the SQL commands are similar to MySQL. You can get more options about table creation here.

How to Install PHPpgadmin

PHPpgAdmin provides a  web interface for accessing and managing PostgreSQL databases in a very easy way. We can easily create databases, tables in database, users, stored procedures etc. It also provides options for backup and restore.

Phppgadmin, is similar to PHPMyAdmin. You can install this interface by just running the command :apt-get install phppgadmin

Accessing PHPpgAdmin

After installing this tool, we need to edit the PHPpgAdmin configuration file to allow remote access. By default it locally allow access. Let's see how we grant access over remote public IPs.

You can edit the phppgAdmin configuration file : /etc/phppgadmin/config.inc.php. Edit the following line

$conf['extra_login_security'] = true;

Modify this value to "false".

After these changes, make sure to restart both PostgreSQL and Apache 2 services.

root@ubuntu:/etc/phppgadmin# service postgresql restart
root@ubuntu:/etc/phppgadmin# systemctl restart apache2

Now, you will be able to access PHPpgAdmin using the URL >> http://IP/phppgadmin/

You can view all the databases which we created from the command line from here and even manage them efficiently from the web interface using more user-friendly options.

Conclusion

Finally, we've completed with our PostgresSQL 9.6 installation on Ubuntu 16.04.x Server and discussed some of the key elements. In addition, we've installed an excellent PostgreSQL graphical management and administration tool. Yet, there are a lot more about this to learn. You can go through the official documentation on PostgreSQL for more details. I hope you this article is informative and useful for you. Please post your valuable comments and suggestions on this.

The post How to Setup Postgresql 9.6 and access PHPpgAdmin on Ubuntu 16.04 appeared first on LinOxide.

SAMBA is an open source implementation of the SMB file sharing protocol that provides file and print services to SMB / CIFS clients. It helps in successfully networking your Ubuntu system with Windows clients, thereby providing and integrating with services common to Windows environments. These services assist the sharing of data and information about the computers and […]

The post How to Setup Active Directory Domain Controller on Ubuntu using Samba appeared first on LinOxide.

OwnCloud is an open source file sync & share software for everyone operating the free OwnCloud Server edition, to large enterprises and service providers operating the OwnCloud Enterprise Subscription. It provides a safe, secure, and compliant file synchronization and sharing solution. We can share one or more files and folders on your computer, and synchronize them with […]

The post How to Setup OwnCloud 9 on Debian 8 Using Nginx with Https appeared first on LinOxide.

GitLab is a web-based Git repository manager similar to Github. It's an open source git repository management tool powered by Ruby and Rails. It provides a .deb package which contains GitLab Community Edition and all its dependencies including Ruby, PostgreSQL, Redis, Nginx, Unicorn and other gems already compiled. It offers three different versions. One is […]

The post How to Install GitLab with Ngnix (SSL) on Ubuntu 16.04 appeared first on LinOxide.

MariaDB is an open-source MySQL project with more improved features. It is highly compatible with MySQL and it can be considered as a drop-in replacement for MySQL.  All client libraries, client-server protocols, SQL dialect, MySQL replication, Master-slave configuration etc are quite similar to MySQL. In this article, I'll explain some of the basic SQL commands in […]

The post How to Create User, Database with SQL in MariaDB on Ubuntu 16.04 appeared first on LinOxide.

Sonarqube is an open source platform for continuous inspection of code quality. It is written in Java language and it offers support per languages. It supports various languages like Perl, PHP, Ruby etc. It provides reports on various Code quality analysis (like duplicate coding errors, the percentage of unit testing which got failed and succeeded), […]

The post How to Install SonarQube with Nginx on Ubuntu 16.04 appeared first on LinOxide.

GitLab is an absolute solution for storing all your Git repositories. Taking backup is an important activity even when a few people ignore it because taking backups repeatedly are too tiresome and adds to their frustration as a developer. So, automating the whole process of taking the backup of your GitLab repositories is a good idea. […]

The post How to Setup GitLab Server Backup appeared first on LinOxide.