what I have to remember…

Standard

Install latest wordpress on Ubuntu 18.04

There is nothing special except PHP. WordPress require php7.3 or higher which is not available in default ubuntu repository. So this post will be mostly how to compile latest version of php. But let’s proceed step-by-step.

  • Install all required components:
    apt-get update
    #general applications
    apt-get install vim pwgen nginx mysql-server certbot
    #required for build
    apt-get install build-essential pkg-config libxml2-dev sqlite3 libsystemd libsystemd-dev libcurl4 libcurl4-openssl-dev libpng-dev libonig-dev libzip-dev
  • Install php:
    mkdir -p ~/temp && cd ~/temp
    wget https://www.php.net/distributions/php-7.4.5.tar.gz
    tar -xzf php-7.4.5.tar.gz && cd php-7.4.5
    ./configure --enable-fpm --with-mysqli --with-fpm-systemd --with-zip --enable-soap --with-xmlrpc --enable-mbstring --enable-intl --with-fpm-systemd --with-curl --enable-gd
    make
    make install
    cp php.ini-production /usr/local/php/php.ini
    cp /usr/local/etc/php-fpm.d/www.conf.default /usr/local/etc/php-fpm.d/www.conf
    cp sapi/fpm/php-fpm /usr/local/bin
    cp sapi/fpm/php-fpm.service /etc/systemd/system/php-fpm.service
    systemctl daemon-reload
    systemctl start php-fpm
  • Install wordpress:
    cd /var/www
    wget https://wordpress.org/latest.tar.gz
    tar -xzf latest.tar.gz
  • Configure nginx, fpm and  mysql. Detailed steps you can find in official documentation

 

Useful links:

Standard

systemd ssh SOCKS proxy

There is nothing to say, just example..

cat /etc/systemd/system/ssh-scocks-proxy.service
[Unit]
Description=Socks proxy via SSH
ConditionPathExists=|/usr/bin
After=network.target

[Service]
ExecStart=/usr/bin/ssh -NTC -o ServerAliveInterval=30 -o ExitOnForwardFailure=yes -o StrictHostKeyChecking=no -i -D user@remote-server.com

# Restart every >2 seconds to avoid StartLimitInterval failure
RestartSec=5
Restart=always

[Install]
WantedBy=multi-user.target

(c) https://gist.github.com/drmalex07/c0f9304deea566842490
(c) https://blog.kylemanna.com/linux/ssh-reverse-tunnel-on-linux-with-systemd/

Standard

rsyslog – redirect program logs to separate file

There is nothing complicated – just create new configuration file and restart service:

echo "if $programname == 'program_name' then /var/log/*rogram_name.log
& ~" > /etc/rsyslog.d/program_name.conf

service rsyslog restart

“& ~” – means, do not duplicate infomation in general syslog file

Standard

bind9 log file Ubuntu

to forward log info from syslog to another file for bind9 server in Ubuntu you have to:

  1. add logging section in any name.conf* file: 
    logging {
    channel bind_log {
    file "/var/log/named.log";
    print-time yes;
    print-category yes;
    print-severity yes;
    };
    category default { bind_log;};
    category xfer-in { bind_log;};
    category xfer-out { bind_log;};
    category update { bind_log;};
    category security { bind_log;};
    category queries { bind_log;};
};
  2. update apparmor config by adding to file /etc/apparmor.d/usr.sbin.named 
     /var/log/named.log rw,
  3. apparmor_parser -r /etc/apparmor.d/usr.sbin.named
  4. service bind9 restart
Standard

start TeamViewer via ssh

I’ve had situation when I urgently need access to my desktop. And I had only one program for remote control – teamviewer.
So here described one of the ways to run it when you have only ssh (i.e. command line):

  •  first of all connect to remote machine via ssh.
  • check if daemon is running fine:
    teamviewer --daemon status
  • determine Partner ID (remote machine id):
    teamviewer --info | grep "TeamViewer ID"
  • start it via one of the these methods. In my case worked only one:
    export DISPLAY=":0.0"
    teamviewer
  • obtain password. Here is two possible ways… in command line: teamviewer --passwd [PASSWD]
    this one din’t work for me 🙁 so lets  take screen-shot of  teamviewer window (with password) and via scp download it. for this:
    xwd -name TeamViewer | xwdtopnm | pnmtopng > passwd.png
Standard

start program with GUI via ssh without X-server

There are a lot of methods, few of them are described below:

  1. ssh X-forwarding:
    • Please ensure such parameters are enabled in your ssh server:
      #Specifies whether TCP forwarding is permitted
      AllowTcpForwarding yes
      X11Forwarding yes
      #Specifies the first display number available for sshd’s X11 forwarding:
      X11DisplayOffset 10  
      #sshd should bind the X11 forwarding server to the loopback address or to the wildcard address:
      X11UseLocalhost yes
    • Turn on X-forwarding by executing command: ssh -X user@host
    • If you see any errors whit -X. the remote machine is treated as trusted client.. run: ssh -Y user@host
  2. use -display :0.0 after name of program name. In this case very comfortable to use screen command.
  3. Export global variable: export DISPLAY=”:0.0″