We have two servers. lets call them mater1 (1.1.1.1) and master2 (2.2.2.2) .
This instruction is tested for mariadb 10.1 on Debian 8.
First set my.cnf on both servers:
on master1:
[mysqld]
server-id=1
bind-address = 0.0.0.0
log_bin=/var/log/mysql/mariadb-bin
expire_logs_days=10
sync_binlog = 1
slave_compressed_protocol = 1
binlog_format = row
#to avoid in PRIMARY / UNIQUE key collisions when we write on both servers
auto-increment-increment=2
auto-increment-offset=1
on master2:
[mysqld]
server-id=2 #server id of each server should be unique
bind-address = 0.0.0.0
log_bin=/var/log/mysql/mariadb-bin
expire_logs_days=10
sync_binlog = 1
slave_compressed_protocol = 1
binlog_format = row
--------------
copy databases form master1 to master2
on master1
mysqldump -uroot -p --opt --routines --triggers --events --single-transaction --master-data=2 -A > alldb.sql
on maste2:
mysql -uroot -p < alldb.sql
--------------
Now setting up the databases
On master1:
MariaDB [(none)]> create user 'replication'@'2.2.2.2' identified by 'MYSECRETPASSWD';
MariaDB [(none)]> grant replication slave on *.* to 'replication'@'2.2.2.2';
MariaDB [(none)]> flush privileges;
On master2:
MariaDB [(none)]> create user 'replication'@'1.1.1.1' identified by 'MYSECRETPASSWD';
MariaDB [(none)]> grant replication slave on *.* to 'replication'@'1.1.1.1';
MariaDB [(none)]> flush privileges;
on Master 1:
MariaDB [(none)]> SELECT @@GLOBAL.gtid_current_pos;
+---------------------------+
| @@GLOBAL.gtid_current_pos |
+---------------------------+
| 0-1-26067388 |
+---------------------------+
on Master 2:
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> stop slave;
MariaDB [(none)]> reset slave;
MariaDB [(none)]> set global gtid_slave_pos = "0-1-26067388";
MariaDB [(none)]> change master to master_host='1.1.1.1', master_user='replication', master_password='MYSECRETPASSWD', master_use_gtid=slave_pos;
MariaDB [(none)]> start slave;
MariaDB [(none)]> SELECT @@GLOBAL.gtid_current_pos;
+---------------------------+
| @@GLOBAL.gtid_current_pos |
+---------------------------+
| 0-2-26067398 |
+---------------------------+
on Master 1:
MariaDB [(none)]> stop slave;
MariaDB [(none)]> reset slave;
MariaDB [(none)]> set global gtid_slave_pos = "0-2-26067398";
MariaDB [(none)]> change master to master_host='2.2.2.2', master_user='replication', master_password='MYSECRETPASSWD', master_use_gtid=slave_pos;
MariaDB [(none)]> start slave;
Check whether slaves are set properly:
MariaDB [(none)]> show slave status\G;
you should see both:
Slave_IO_Running: Yes
Slave_SQL_Running: Yes
---------
Test replication by creating a new database on master1:
MariaDB [(none)]> create database replication_test;
On Master2, check whether replication_test in created:
MariaDB [(none)]> show databases;
+--------------------+
| Database
|
+--------------------+
| information_schema |
| mysql
|
| performance_schema |
| replication_test
|
+--------------------+
To be absolutely sure, try the same tests the othe way round.
That's it. enjyo Master/Master replication.
Curtesy of the book MariaDB High Performance-Packt Publishing (2014) by Pierre Mavro
Saturday, 20 May 2017
Monday, 1 May 2017
Increase session timeout of PhpMyAmin
Changing php.ini will change the session duration for all the websites running on the server. To change it just for PhpMyAdmin, open
config.inc.php and add:$sessionDuration = 60*60*24*7; // 60*60*24*7 = one week
ini_set('session.gc_maxlifetime', $sessionDuration);
$cfg['LoginCookieValidity'] = $sessionDuration;How to fix 'perl: warning: Please check that your locale settings:' in Debian
Use:
export LANGUAGE=en_US.UTF-8
export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8
export LC_TYPE=en_US.UTF-8
It works for Debian.
Thursday, 13 April 2017
Reset debian root password through KVM
Boot into grub, select single user but do not press enter.
Press e to bring you into edit mode.
Scroll down to the kernel line, it starts with “linux /boot/vmlinuz-2.6…….”
Scroll to the end of that line and press space key once and type
Press e to bring you into edit mode.
Scroll down to the kernel line, it starts with “linux /boot/vmlinuz-2.6…….”
Scroll to the end of that line and press space key once and type
init=/bin/bash
Press Crtl x to boot
Then type
mount -rw -o remount /
Now you can right to disk and change password or whatever else you want
----------------------
referece:
https://derwynd.com/2011/04/14/debian-squeeze-change-root-password/
Wednesday, 12 April 2017
Deploy django on Debian with gunicorn using upstart
In my experience gunicorn is more stable and uses less memory than uwsgi to handle the same number of requests. It is also much simpler to configure and deploy.
The only issue with it is that finding good straightforward tutorial on its deployment hasn't been easy for me. The problem araise not by gunicorn but the rather convulted method of supervisor which adds more complexity to the process.
Fortunately there is the much simpler way to keep gunicorn running: upstart
First you need to install pip and virtaulenv:
Install gunicorn while you'r on your virtualenv:
create a gunicorn.sh in /path/to/project, like this:
gunicorn will do that for you
Make sure that upstart is installed:
apt-get install upstart
Now create an upstart job in /etc/init to run gunicorn.sh
Now you can start gunicorn like any service :
That's it!
Restart nginx and enjoy gunicorn.
The only issue with it is that finding good straightforward tutorial on its deployment hasn't been easy for me. The problem araise not by gunicorn but the rather convulted method of supervisor which adds more complexity to the process.
Fortunately there is the much simpler way to keep gunicorn running: upstart
First you need to install pip and virtaulenv:
apt-get install python-pip
pip install virtualenv
Switch to a non-root user and create a virtualenv
su myuser
virtualenv ~/.myenv
virtualenv ~/.myenv
activate the virtaualenv
source ~/.myenv/bin/activate
(.myenv)# pip install gunicorn
create a gunicorn.sh in /path/to/project, like this:
Note: DO NOT create /tmp/gunicorn.sock#!/bin/bash
NAME="myproject" # Name of the application
DJANGODIR=/path/to/project # Django project directory
SOCKFILE=/tmp/gunicorn.sock # we will communicte using this unix socket
USER=john # the user to run as
GROUP=www-data # the group to run
NUM_WORKERS=9 # twice the number of cpu cores
DJANGO_SETTINGS_MODULE=sai.settings # which settings file should Django use
DJANGO_WSGI_MODULE=sai.wsgi # WSGI module name
echo "Starting $NAME as `whoami`"
# Activate the virtual environment
cd $DJANGODIR
source /home/user/.virtualenv/bin/activate
export DJANGO_SETTINGS_MODULE=$DJANGO_SETTINGS_MODULE
export PYTHONPATH=$DJANGODIR:$PYTHONPATH
# Create the run directory if it doesn't exist
RUNDIR=$(dirname $SOCKFILE)
test -d $RUNDIR || mkdir -p $RUNDIR
# Start your Django Unicorn
# Programs meant to be run under supervisor should not daemonize themselves (do not use --daemon)
exec /home/john/.virtualenv/bin/gunicorn ${DJANGO_WSGI_MODULE}:application \
--name $NAME \
--workers $NUM_WORKERS \
--user=$USER --group=$GROUP \
--bind=unix:$SOCKFILE \
--log-level=debug \
--log-file=-
gunicorn will do that for you
Make sure that upstart is installed:
apt-get install upstart
Now create an upstart job in /etc/init to run gunicorn.sh
nano /etc/init/gunicorn.conf
And put in it:
description "Gunicorn application server handling myproject"
start on runlevel [2345]
stop on runlevel [!2345]
respawn
setuid john
setgid www-data
chdir /path/to/project
exec bash gunicorn.sh
Now you can start gunicorn like any service :
service gunicorn restart
The only remaining step is to pass request to gunicorn in nginx, by a file like this:
Note 2: If you just started upstart, you may need to reboot to be able to service gunicorn restart.upstream myproject {proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host;
server unix:///tmp/gunicorn.sock; # the socket will be created automatically
}
server {
#...other stuff
location / {if (!-f $request_filename) {
proxy_pass http://myproject;
break;
}
}
}
That's it!
Restart nginx and enjoy gunicorn.
Tuesday, 28 March 2017
Take screeshot gallery of a video
#apt-get install ffmpeg
#apt-get install imagemagick
#!/bin/bash
# This script will create a screenshot gallery of a given video very fast
filename=$1
videolable=$1
#ffmpeg -i $filename -r 0.0033 -vf scale=-1:120 -vcodec png capture-2d.png
ffmpeg -ss 00:00:10 -i $filename -frames 1 -vf "select=not(mod(n\,1000)),scale=320:240,tile=2x3" ff.png
res=`ffmpeg -i $filename 2>&1 | grep -oP 'Stream .*, \K[0-9]+x[0-9]+'`
size=`du -h $filename | awk '{print $1}'`
duration=`ffmpeg -i $filename 2>&1 | grep Duration | cut -d ' ' -f 4 | sed s/,//`
#montage -border 10x10 -pointsize 14 -background black -fill white -gravity NorthWest -title "\n$filename ( $res )\nSize:$size Duration:$duration " out.png screenshotgallery.png
width=`convert ff.png -ping -format "%w" info:`
height=120
fontsize=20
text="$videolable\nResolution($res)\nSize:($size)\nDuration:$duration\n"
convert -background white -fill black \
-size ${width}x${height} -pointsize 24 label:${text} label.gif
convert -append ff.png label.gif out.jpg
rm ff.png
echo "Done!"
#apt-get install imagemagick
#!/bin/bash
# This script will create a screenshot gallery of a given video very fast
filename=$1
videolable=$1
#ffmpeg -i $filename -r 0.0033 -vf scale=-1:120 -vcodec png capture-2d.png
ffmpeg -ss 00:00:10 -i $filename -frames 1 -vf "select=not(mod(n\,1000)),scale=320:240,tile=2x3" ff.png
res=`ffmpeg -i $filename 2>&1 | grep -oP 'Stream .*, \K[0-9]+x[0-9]+'`
size=`du -h $filename | awk '{print $1}'`
duration=`ffmpeg -i $filename 2>&1 | grep Duration | cut -d ' ' -f 4 | sed s/,//`
#montage -border 10x10 -pointsize 14 -background black -fill white -gravity NorthWest -title "\n$filename ( $res )\nSize:$size Duration:$duration " out.png screenshotgallery.png
width=`convert ff.png -ping -format "%w" info:`
height=120
fontsize=20
text="$videolable\nResolution($res)\nSize:($size)\nDuration:$duration\n"
convert -background white -fill black \
-size ${width}x${height} -pointsize 24 label:${text} label.gif
convert -append ff.png label.gif out.jpg
rm ff.png
echo "Done!"
How to install ffmpeg on Debian 8
is now available for Jessy as a backport: https://packages.debian.org/jessie-backports/ffmpeg
Add something like this to /etc/apt/sources.list (with your preferred mirror):
deb http://ftp.uk.debian.org/debian jessie-backports main
Then
apt-get update
apt-get install ffmpeg
Source: https://superuser.com/a/1082860
Friday, 20 January 2017
Install ffmpeg in debian 8 jessie
Installing ffmpeg from source have been a pain in the ass for me that wasted 5 hours of my time with no success.
On the other hand ffmpeg is not in debian jessie repo. But thankfully there is still a simple solution:
On the other hand ffmpeg is not in debian jessie repo. But thankfully there is still a simple solution:
It is now available for Jessy as a backport: https://packages.debian.org/jessie-backports/ffmpeg
Add something like this to
/etc/apt/sources.list (with your preferred mirror):deb http://ftp.debian.org/debian jessie-backports main
Then
apt-get update
apt-get install ffmpeg
Which installs `ffmpeg version 3.2.2-1~bpo8+1`
Thanks this good fella, DanWednesday, 18 January 2017
Install torrent seedbox on debian vps
Thanks tutorial by Mikhail Danial - http://youtu.be/ahIdUr3yW64 (with slight modifications)
apt-get update
apt-get install -y apache2 nano
adduser --disabled-password --system --home /var/lib/deluge --gecos "SamRo Deluge server" --group deluge
touch /var/log/deluged.log
touch /var/log/deluge-web.log
chown deluge:deluge /var/log/deluge*
apt-get update
apt-get install -y deluged
apt-get install -y deluge-webui
nano /etc/default/deluge-daemon
-----------------------------------------------------------------------
# Configuration for /etc/init.d/deluge-daemon
# The init.d script will only run if this variable non-empty.
DELUGED_USER="deluge"
# Should we run at startup?
RUN_AT_STARTUP="YES"
-----------------------------------------------------------------------
nano /etc/init.d/deluge-daemon
-----------------------------------------------------------------------
#!/bin/sh
### BEGIN INIT INFO
# Provides: deluge-daemon
# Required-Start: $local_fs $remote_fs
# Required-Stop: $local_fs $remote_fs
# Should-Start: $network
# Should-Stop: $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Daemonized version of deluge and webui.
# Description: Starts the deluge daemon with the user specified in
# /etc/default/deluge-daemon.
### END INIT INFO
# Author: Adolfo R. Brandes
# Updated by: Jean-Philippe "Orax" Roemer
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DESC="Deluge Daemon"
NAME1="deluged"
NAME2="deluge"
DAEMON1=/usr/bin/deluged
DAEMON1_ARGS="-d" # Consult `man deluged` for more options
DAEMON2=/usr/bin/deluge-web
DAEMON2_ARGS="" # Consult `man deluge-web` for more options
PIDFILE1=/var/run/$NAME1.pid
PIDFILE2=/var/run/$NAME2.pid
UMASK=022 # Change this to 0 if running deluged as its own user
PKGNAME=deluge-daemon
SCRIPTNAME=/etc/init.d/$PKGNAME
# Exit if the package is not installed
[ -x "$DAEMON1" -a -x "$DAEMON2" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$PKGNAME ] && . /etc/default/$PKGNAME
# Load the VERBOSE setting and other rcS variables
[ -f /etc/default/rcS ] && . /etc/default/rcS
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
. /lib/lsb/init-functions
if [ -z "$RUN_AT_STARTUP" -o "$RUN_AT_STARTUP" != "YES" ]
then
log_warning_msg "Not starting $PKGNAME, edit /etc/default/$PKGNAME to start it."
exit 0
fi
if [ -z "$DELUGED_USER" ]
then
log_warning_msg "Not starting $PKGNAME, DELUGED_USER not set in /etc/default/$PKGNAME."
exit 0
fi
#
# Function to verify if a pid is alive
#
is_alive()
{
pid=`cat $1` > /dev/null 2>&1
kill -0 $pid > /dev/null 2>&1
return $?
}
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
is_alive $PIDFILE1
RETVAL1="$?"
if [ $RETVAL1 != 0 ]; then
rm -f $PIDFILE1
start-stop-daemon --start --background --quiet --pidfile $PIDFILE1 --make-pidfile \
--exec $DAEMON1 --chuid $DELUGED_USER --user $DELUGED_USER --umask $UMASK -- $DAEMON1_ARGS
RETVAL1="$?"
else
is_alive $PIDFILE2
RETVAL2="$?"
[ "$RETVAL2" = "0" -a "$RETVAL1" = "0" ] && return 1
fi
is_alive $PIDFILE2
RETVAL2="$?"
if [ $RETVAL2 != 0 ]; then
sleep 2
rm -f $PIDFILE2
start-stop-daemon --start --background --quiet --pidfile $PIDFILE2 --make-pidfile \
--exec $DAEMON2 --chuid $DELUGED_USER --user $DELUGED_USER --umask $UMASK -- $DAEMON2_ARGS
RETVAL2="$?"
fi
[ "$RETVAL1" = "0" -a "$RETVAL2" = "0" ] || return 2
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --user $DELUGED_USER --pidfile $PIDFILE2
RETVAL2="$?"
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --user $DELUGED_USER --pidfile $PIDFILE1
RETVAL1="$?"
[ "$RETVAL1" = "2" -o "$RETVAL2" = "2" ] && return 2
rm -f $PIDFILE1 $PIDFILE2
[ "$RETVAL1" = "0" -a "$RETVAL2" = "0" ] && return 0 || return 1
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME1"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME1"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" "$NAME1"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
:
-----------------------------------------------------------------------
chmod a+x /etc/init.d/deluge-daemon
update-rc.d deluge-daemon defaults
reboot -h now
------------------------
After new login:
mkdir /var/www/torrent
In browser vitis:
yourserverip::8112
Enter the server password 'deluge' and reset it.
Go to `Preferences` and set `/var/www/torrent` as the download path.
Good to Go!
This tutorial works on Debian 7 and 8. But in Debian 8 apache2 configs need to be a bit tweaked to show the files in /torrent folder.
You need to add these lines :
Options +Indexes IndexOptions FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=*
and change the DocumentRoot from /var/www/html to /var/www
In order to be able to have proper directory listing
Source:
https://youtu.be/ahIdUr3yW64
Wednesday, 27 January 2016
How to Secure Specific URL in Apache
This article will help you secure specific url in Apache. For example our site has an url likehttp://tecadmin.net/admin/” and we need that only the authorized users or ips can access/admin/ section.
Setup IP Based Restriction on Specific URL
Step 1: Edit apache configuration file and add below entry in websites virtual host.
<Location /admin> Order deny,allow Deny from all Allow from 192.168.10.111 Allow from 111.222.333.444 </Location>
Step 2: Save Apache configuration file and restart apache service.
# service httpd restart
Step 3: Try to access your site from any other ip. Also check from given ip in configuration file.
Setup User Authentication on Specific URL
Step 1: Edit apache configuration file and add below entry in website virtual host.
<Location /admin> AuthUserFile /var/www/htpasswd/.htpasswd AuthName "Password Protected Area" AuthType Basic Require valid-user </Location>
Step 2: Create htpasswd file using below command.
#htpasswd -cm /var/www/htpasswd/.htpasswd myuser New password: Re-type new password: Adding password for user myuser
Step 3:
Restart apache and access your site url. It will prompt for login details.
Restart apache and access your site url. It will prompt for login details.
# service httpd restart
Thanks for using this article, I hope this article fulfill your needs. Click here to read more details about apache location directive.
Subscribe to:
Comments (Atom)