Wednesday 7 April 2021

Linux CentOS 7 PHP mail() function SMTP Settings

Had some changes in email setup and security levels. Since setting up OAuth2.0 is a little tricky decided to set up a separate Gmail account for sending mail from this server. 

Took my an hour to figure out how this was set up on this machine so this time decided to write it down here.

The PHP script uses "mail($email_address,$subject,$body, $header)", on our system this meant that means it uses the Linux mail binary. The SMTP settings for this are located here: /etc/mail/authinfo/casmtp-auth

I changed the one line in this file with this syntax:

AuthInfo: "U:root" "I:email@address.com" "P:password"

That was not all, next was:

makemap -r hash smtp-auth.db < smtp-auth

Then:

systemctl restart sendmail

Thursday 1 April 2021

Fixing MacOS Time Machine Restore

Had a Macbook Pro 2014 model acting up and finally no longer booting. Booting the Mac in recovery mode but could not even run any first aid on the SSD. Took out the SSD and put it in an external thunderbolt enclosure, same problem.

Ordered a new SSD and installed it in the machine. Tried to recover the machine using Time Machine backups that were kept on a local Qnap NAS. Whatever I tried I could net see any backups. I could see the server and was asked for username/password to access the backups. When pressing ok I simply returned to the first screen, no error nothing, but also no backups.

After many hours of messing around and trying stuff with the server and with other Macs I noticed something. Two Macs, both 10.15 Catalina created a directory (sparsebundle) on the Qnap with: "<machinename>.backupbundle". I had a Mac Mini with MacOS 11 Big Sur and in all the testing had this starting to make backups to the same Qnap. Here I noticed that this created a directory called  "<machinename>.sparsebundle". I noticed that the file-setup and directory structure inside both directories looked the same.

Then I did a new test by connecting the Macbook Pro in Recovery Mode to the Qnap again, and since now in the meantime the Mac Mini was creating a backup there (with the .sparsebundle name) This suddenly showed up as an option to recover from. 

After spending so much time debugging this problem I accessed the Qnap via SSH and simply renamed MacBookPro.backupbundle to MacBookPro.sparsebundle and now this was also available as a restore point! 


TL;DR: If you can't see any Time Machine backups on a NAS try renaming the directory from X.backupbundle to X.sparsebundle. But use with caution and make sure to have a backup of your backup first!!

Tuesday 3 December 2019

Getting OpenVPN OVPN File from CentOS7 Server

We already have OpenVPN running on our CentOS 7 server. To set up a new client on a remote QNAP I wanted to get a better way of getting the client config files from the server

yum -y install https://as-repository.openvpn.net/as-repo-centos7.rpm
yum -y install openvpn-as 

Set a new password for openvpn user:
passwd openvpn

Access the web interface using to download a client file (I downloaded the Linux file):
https://a.b.c.d:943/

Use https://a.b.c.d:943/admin for administration


In the QNAP I loaded the OpenVPN by adding the profile and typing in the username password


Wednesday 17 April 2013

Backing up QNAP Server with CentOS Rsnapshot Server

To do a full backup of our QNAP server I built a CentOS 6.3 machine with plenty of SATA storage. This CentOS server has Rsnapshot installed so that it will not only backup the QNAP, but will also provide incremental backups for accidentally erased or overwritten files on the QNAP.

Webmin
The CentOS server has Webmin installed for easy configuration. Access to webmin is trough port 10000.

QNAP shares work around
For backup up the QNAP the internal Rsync server is enabled and a username and password is set. To prevent the necessity of having to add all shares of the QNAP manually, and updating them for each new future share, we added a special share. This trick is simple, create a new share and manually add the path. This path should simply be "/", this way this share will hold all shares on the QNAP, including the Time Machine shares and others.

Rsnapshot Configuration
Next up was configuring the rsnapshot.conf on the CentOS machine. Contents of config file: (used cat /etc/rsnapshot.conf | grep -v -e ^# to get this output btw)
(ALL SPACES MUST BE TABS!!)
config_version    1.2
snapshot_root    /backups/
cmd_cp        /bin/cp
cmd_rm        /bin/rm
cmd_rsync    /usr/bin/rsync
cmd_ssh    /usr/bin/ssh
cmd_logger    /usr/bin/logger
cmd_du        /usr/bin/du
interval    hourly    6
interval    daily    7
interval    weekly    4
verbose        2
loglevel    3
logfile    /var/log/rsnapshot
lockfile    /var/run/rsnapshot.pid
backup    /        europe/        +rsync_long_args=--exclude=proc/ --exclude=sys/ --exclude=dev/ --exclude=.dbus/ --exclude=media/ --exclude=mnt/

backup    rsync://rsnapshot@192.168.0.2/all/    jupiter/    +rsync_long_args=--password-file=/etc/rsnapshot.password --exclude=.timemachine/ --exclude=Jupiter/


Anacron scheduling
To schedule all backups automatically the following was added to the /etc/crontab file:
0 8,12,16,20 * * * root /usr/bin/rsnapshot hourly
50 23 * * * root /usr/bin/rsnapshot daily
30 23 1,8,15,22 * * root /usr/bin/rsnapshot weekly
10 23 1 * * root /usr/bin/rsnapshot monthly



Friday 9 December 2011

Linux Server Rebuild

Building a new Ubuntu 10.04 LTS server. The old Ubuntu server needed a replacement of both hardware and software.

Hardware Setup:
A new 19" C2D DFI-ACP machine is used with four SATA drives:
- 250 GB System
- 500 GB Network Share
- 500 GB Backups
- 1 TB Zoneminder Events

Installation:
Ubuntu was installed from a CD without LVM on /dev/sda (250GB) Options chose where:
- Web Server
- File Server
- MySQL
- PostGreSQL

First network settings:
auto eth0
iface eth0 inet static
address 192.168.0.5
netmask 255.255.255.0
gateway 192.168.0.3


sudo ifdown -a
sudo ifup -a

The rest is mainly taken from this guide on www.zoneminder.com
http://www.zoneminder.com/wiki/index.php/Ubuntu_Server_11.04_64-bit_with_ZoneMinder_1.25.0_Preview,_FFmpeg,_libjpeg-turbo,_Webmin,_Cambozola

Update system software
sudo apt-get update
sudo apt-get upgrade

Set Zoneminder Shared Memory
sudo nano /etc/sysctl.conf

#Add in the following lines at the bottom of the file followed by an empty line:
kernel.shmall = 167772160
kernel.shmmax = 167772160

sudo reboot

sudo su

Optimize GCC compiler
export CFLAGS="-march=native -O2 -pipe" && \
export CXXFLAGS="${CFLAGS}" && \
export CPPFLAGS="${CFLAGS}"


Install prerequisites from repositories
aptitude install acpid build-essential linux-headers-`uname -r` automake perl libauthen-pam-perl \
apache2 libpam-runtime libio-pty-perl libmysqlclient-dev php5 php5-cli libapache2-mod-php5 php5-mysql \
libarchive-zip-perl libdate-manip-perl libdevice-serialport-perl libjpeg62 libmime-perl libstdc++6 libwww-perl \
zlib1g zip unzip patch ntp openssl libpcre3-dev libssl-dev libjpeg-progs libcurl4-gnutls-dev munin munin-node libmime-lite-perl \
netpbm libbz2-dev subversion yasm libnet-ssleay-perl libauthen-pam-perl libio-pty-perl apt-show-versions git-core mysql-server mysql-client

Install libjpeg-turbo (AMD64)
wget http://downloads.sourceforge.net/project/libjpeg-turbo/1.1.1/libjpeg-turbo_1.1.1_amd64.deb?use_mirror=voxel

mv libjpeg-turbo_1.1.1_amd64.deb?use_mirror=voxel libjpeg-turbo_1.1.1_amd64.deb && \
dpkg -i libjpeg-turbo_1.1.1_amd64.deb

ln -s /opt/libjpeg-turbo/lib/libjpeg.a /usr/lib/libjpeg.a && \
ln -s /opt/libjpeg-turbo/include/jconfig.h /usr/include/jconfig.h && \
ln -s /opt/libjpeg-turbo/include/jerror.h /usr/include/jerror.h && \
ln -s /opt/libjpeg-turbo/include/jmorecfg.h /usr/include/jmorecfg.h && \
ln -s /opt/libjpeg-turbo/include/jpeglib.h /usr/include/jpeglib.h


Configure Lib Paths
echo "/opt/libjpeg-turbo/lib" > /etc/ld.so.conf.d/libjpeg-turbo.conf && \
echo "/usr/local/lib" > /etc/ld.so.conf.d/ffmpeg.conf && \
echo "LD_LIBRARY_PATH=/usr/local/lib:/opt/libjpeg-turbo/lib:$LD_LIBRARY_PATH" >> /etc/bash.bashrc && \
echo "export LD_LIBRARY_PATH" >> /etc/bash.bashrc

ldconfig

Install Perl Modules
perl -MCPAN -e shell

install CPAN

exit

perl -MCPAN -e shell

install YAML PHP::Serialization Module::Load X10::ActiveHome

exit

LC_ALL=C perl -MCPAN -e shell

install Sys::Mmap

install DBI

install DBD::mysql

exit

Install FFmpeg
# !!!!!! Use the following line for FFMpeg from GIT skipping the 0.8.5 release instructions, otherwise, use the 0.8.5 release instructions
cd /usr/src && git clone git://git.videolan.org/ffmpeg.git

cd /usr/src/ffmpeg/ && ./configure --enable-gpl --enable-shared --enable-pthreads

#FFMPEG 0.8.5 release#
cd /usr/src && wget http://ffmpeg.org/releases/ffmpeg-0.8.5.tar.gz

tar -xzvf ffmpeg-0.8.5.tar.gz

mv ffmpeg-0.8.5 ffmpeg

#Continue from here regardless of method of getting FFMPEG#
cd /usr/src/ffmpeg/ && ./configure --enable-gpl --enable-shared --enable-pthreads --enable-libx264 --enable-libfaac --enable-nonfree --enable-x11grab --enable-version3

make

make install

make install-libs

cd /lib && ln -s /usr/local/lib/libswscale.so.0 && \
ln -s /usr/local/lib/libavformat.so.52 && \
ln -s /usr/local/lib/libavcodec.so.52 && \
ln -s /usr/local/lib/libavutil.so.50 && \
ln -s /usr/local/lib/libavdevice.so.52

ldconfig

Install Zoneminder
cd /usr/src

wget http://www.zoneminder.com/downloads/ZoneMinder-1.25.0.tar.gz

tar -xzvf ZoneMinder-1.25.0.tar.gz
mv ZoneMinder-1.25.0 zm

cd /usr/src/zm && \
./configure --with-webdir=/var/www/zm --with-cgidir=/usr/lib/cgi-bin \
ZM_DB_HOST=localhost ZM_DB_NAME=zm ZM_DB_USER=zmuser \
ZM_DB_PASS=zmpass ZM_SSL_LIB=openssl --enable-debug=no \
--with-webgroup=www-data --with-webuser=www-data --enable-mmap=yes CPPFLAGS="-D__STDC_CONSTANT_MACROS ${CPPFLAGS}"

autoconf

aclocal

automake

make

mysql -u root -p < db/zm_create.sql
#Password that is requested is Mysql root password that was entered during install, not your ubuntu password.

mysql -u root -p

grant select,insert,update,delete on zm.* to 'zmuser'@localhost identified by 'zmpass';

quit

mysqladmin -p reload

make install

Create Zoneminder startup script
nano -w /etc/init.d/zm

#Paste everything BETWEEN the lines below:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/bin/sh
# description: Control ZoneMinder as a Service
# chkconfig: 2345 99 99

# Source function library.
#. /etc/rc.d/init.d/functions

prog=ZoneMinder
ZM_PATH_BIN="/usr/local/bin"
command="$ZM_PATH_BIN/zmpkg.pl"

start() {
        echo -n "Starting $prog: "
        $command start
        RETVAL=$?
        [ $RETVAL = 0 ] && echo success
        [ $RETVAL != 0 ] && echo failure
        return $RETVAL
}
stop() {
        echo -n "Stopping $prog: "
        $command stop
        RETVAL=$?
        [ $RETVAL = 0 ] && echo success
        [ $RETVAL != 0 ] && echo failure
}
status() {
        result=`$command status`
        if [ "$result" = "running" ]; then
                echo "ZoneMinder is running"
                RETVAL=0
        else
                echo "ZoneMinder is stopped"
                RETVAL=1
        fi
}

case "$1" in
'start')
        start
        ;;
'stop')
        stop
        ;;
'restart')
        stop
        start
        ;;
'status')
        status
        ;;
*)
        echo "Usage: $0 { start | stop | restart | status }"
        RETVAL=1
        ;;
esac
exit $RETVAL

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

chmod 755 /etc/init.d/zm

Edit Zoneminder Script
#Because Ubuntu clears /tmp for some kind of reason at reboot,
#the /tmp/zm directory will also be deleted after a reboot. Creation in script/zmdc.in.pl
#will resolve this.

nano /usr/local/bin/zmdc.pl

#Add following lines (marked with a '+'-sign between the lines given (do not include '+').

foreach my $arg ( @ARGV )
        }
}

+# Create the directory first if it doesn't exist
+mkdir(ZM_PATH_SOCKS);
+

socket( CLIENT, PF_UNIX, SOCK_STREAM, 0 ) or Fatal( "Can't open socket: $!" );

my $saddr = sockaddr_un( SOCK_FILE );

#To be sure, add rights to the /tmp/zm directory

chown www-data:www-data -R /tmp/zm

Setup additional hard drives
mkfs.ext4 for all drives

/dev/sda1 as /
/dev/sdb1 as /var/www/zm/event/
/dev/sdc1 as /network
/dev/sdd1 as /backups

For the ZoneMinder share I set the noatime attribute to reduce write cycles.

sudo chown www-data:www-data events/

Setup PCI capture card
I used a Kodicom 4400R and an Ad-Link RTV24 card, with the following settings the machine booted in 18 seconds!
sudo nano /etc/modprobe.d/bttv.conf
alias char-major-81 bttv
options i2c-algo-bit bit_test=1
options bttv gbuffers=16 card=133,132,133,133,134,134,134,134 tuner=4,4,4,4,4,4,4,4

sudo adduser www-data video

Edit Apache:
change /var/www to /var/www/zm in /etc/apache2/sites-available/default

Well, that's the first part. The machine is now basically running. I can configure the rest of the ZoneMinder setup and I can see video now. Next up is transferring the data to this new machine, setup Samba, MySQL, backups and Apache.

Saturday 2 July 2011

Updated NFS backup script

We had a problem that when the NFS where all the backups on our network go is offline, a huge TAR is made in the root of the Linux file server. Not good!

After some searching and playing with SH (beware! different from BASH) scripts, I came up with this solution:

#!/bin/sh

/usr/bin/MountSaturnBackup
sleep 2

DT=`stat -f -L -c %T /mnt/backup`
if [ "$DT" = "nfs" ]; then
 tar cpf /mnt/backup/FullBackup.tar --same-owner --exclude=/network/backups/Jupiter --exclude=/var/cache/zoneminder/events/* --exclude=/proc/* --exclude=/media/* --exclude=/d$
fi


The correct thing to do would be to add an else statement and have the script send me an email. I'll look at that later....

Monday 17 August 2009

DaviCAL installation

Fed up with waiting for Snow Leopard I decided to set up a calender server on our Linux server. After some searching I found out that Davical would be the best solution, especially since we use thunderbird and would like to use lightning as a calerdar client.

I installed DaviCAL on our Ubuntu 7.10 server, this was not very easy! All in all I can't even rember how I exactly did it. My plan is do to the same on a second server and document this step by step.

Most important thing for me is that is all works! There are some disadvantages, but none to big.

Some things to watch out for:

  • In the permissions file of PostgreSQL (pg_hba.conf), make sure to post the access control rule at the top of the configuration document!
  • The username in the caldav access URL is casesensitive!
  • Use this as URL: http:////caldav.php//home/

Since DaviCAL uses PostgreSQL instead of MySQL a extra backup routine is important for me. Our MySQL database is backup, so I added an extra backup script:

#################################################################################################
# PostgresSQL Backup:
mv /network/backups/Database_Backup/Daily6_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily7_PostgreSQL_DaviCAL.sql
mv /network/backups/Database_Backup/Daily5_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily6_PostgreSQL_DaviCAL.sql
mv /network/backups/Database_Backup/Daily4_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily5_PostgreSQL_DaviCAL.sql
mv /network/backups/Database_Backup/Daily3_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily4_PostgreSQL_DaviCAL.sql
mv /network/backups/Database_Backup/Daily2_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily3_PostgreSQL_DaviCAL.sql
mv /network/backups/Database_Backup/Daily1_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily2_PostgreSQL_DaviCAL.sql
mv /network/backups/Database_Backup/Daily_PostgreSQL_DaviCAL.sql /network/backups/Database_Backup/Daily1_PostgreSQL_DaviCAL.sql

su postgres -c 'pg_dump davical' > /network/backups/Database_Backup/Daily_PostgreSQL_DaviCAL.sql
#################################################################################################