CREATE DATABASE XXX;
CREATE USER 'XXX'@'%' IDENTIFIED BY 'YYY';
GRANT ALL PRIVILEGES ON XXX.* TO 'XXX'@'%';
CREATE DATABASE XXX;
CREATE USER 'XXX'@'%' IDENTIFIED BY 'YYY';
GRANT ALL PRIVILEGES ON XXX.* TO 'XXX'@'%';
Install percona
cd /tmp wget http://www.percona.com/redir/downloads/percona-toolkit/LATEST/deb/percona-toolkit_2.2.12_all.deb \ && dpkg -i percona-toolkit_2.2.12_all.deb \ && rm percona-toolkit_2.2.12_all.deb
If you miss dependencies, try’apt-get -f install’
If the deb file isn’t found, get the newest version at http://www.percona.com/redir/downloads/percona-toolkit/LATEST/deb
Main scripts
/var/percona-replicate.sh
nohup pt-slave-restart --verbose --sleep=1 --min-sleep=0 --max-sleep=30 --database=YOURDBNAMEHERE --host=localhost --user=root --password=YOURPASSHERE --port=3307 --socket=/var/run/mysqld/mysqld3307.sock >> /var/percona_replicate.out 2>&1
/var/percona-sync.sh
nohup pt-table-sync --execute --databases YOURDBNAMEHERE h=REMOTEHOST,u=REMOTEUSER,p=REMOTEPASS h=localhost,u=root,p=YOURPASSHERE,P=3307,S=/var/run/mysqld/mysqld3307.sock >> /var/percona-sync.out 2>&1
Install helper scripts
#/usr/bin/isprocessrunning echo -e "\ #!/bin/bash\n\ \n\ # Argument expects the full command, so process name including parameters\n\ procnamefull=\$1\n\ \n\ # Get base process name from command\n\ procname=\$(echo \$procnamefull | awk '{print \$1}')\n\ \n\ # First fetch by full command, from there fetch by process name\n\ # Exclude the grep command itself, and the bin commands as well\n\ ps aux | grep \"\$procnamefull\" | grep -v \"grep \$procnamefull\" | grep -v \"/bin/bash /usr/bin/.* \$procnamefull\" | awk '{print \$11}' | grep ^\$procname > /dev/null 2>&1\n\ \n\ if [ \$? -eq 0 ]; then\n\ exit 0\n\ else\n\ exit 1\n\ fi\ " \ > /usr/bin/isprocessrunning chmod u+x /usr/bin/isprocessrunning #/usr/bin/startprocessifnotrunning echo -e "\ #!/bin/bash\n\ \n\ \$(isprocessrunning \"\$1\")\n\ res=\$?\n\ \n\ if [ \$res -eq 0 ]; then\n\ echo \"Process is running\"\n\ exit 1\n\ else\n\ if [ \$res -gt 1 ]; then\n\ echo \"fail\"\n\ exit 2\n\ fi\n\ echo \"Process not running\"\n\ sh -c \"\$2\"\n\ exit 1\n\ fi\ " \ > /usr/bin/startprocessifnotrunning chmod u+x /usr/bin/startprocessifnotrunning
Cron
# Make sure percona-replicate is on. This program keeps the replication slave running after errors */5 * * * * /usr/bin/startprocessifnotrunning "sh /var/percona-replicate.sh" "sh /var/percona-replicate.sh" & # Run full re-sync every week 0 1 * * 0 /usr/bin/startprocessifnotrunning "sh /var/percona-sync.sh" "sh /var/percona-sync.sh" &
At the time of writing 3.8.0 was the newest version for Mono that I could find. If a newer version of Mono has come out by now, you can probably find it here.
Make might take 30-60 minutes, make-install should be fast
apt-get update
apt-get install -y --force-yes gcc libtool bison pkg-config libglib2.0-dev gettext make bzip2 g++ build-essential
mkdir -p /var/mono-install
cd /var/mono-install
wget http://origin-download.mono-project.com/sources/mono/mono-3.8.0.tar.bz2
tar xvjf mono-3.*.tar.bz2
cd mono-3.*
./configure --prefix=/opt/mono3
make
make install
rm /usr/bin/mono
rm /usr/bin/gmcs
rm /usr/bin/mcs
rm /usr/bin/smcs
rm /usr/bin/dmcs
ln -s /opt/mono3/bin/mono /usr/bin/mono
ln -s /opt/mono3/bin/gmcs /usr/bin/gmcs
ln -s /opt/mono3/bin/mcs /usr/bin/mcs
ln -s /opt/mono3/bin/smcs /usr/bin/smcs
ln -s /opt/mono3/bin/dmcs /usr/bin/dmcs
rm -R /var/mono-install
KEYSERVERNAME=mykeyserver apt-get update apt-get -y --force-yes install openvpn udev cd /usr/share/doc/openvpn/examples/easy-rsa/2.0 vim vars *change export KEY_SIZE=1024 to export KEY_SIZE=2048* chmod u+x vars chmod u+x clean-all chmod u+x build-ca source ./vars ./clean-all ./build-dh ./pkitool --initca ./pkitool --server $KEYSERVERNAME cp keys/ca.crt /etc/openvpn cp keys/ca.key /etc/openvpn cp keys/dh2048.pem /etc/openvpn cp keys/$KEYSERVERNAME.crt /etc/openvpn cp keys/$KEYSERVERNAME.key /etc/openvpn gunzip -d /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn vim /etc/openvpn/server.conf *update the filenames for crt and key* *change dh dh1024.pem to dh dh2048.pem* /etc/init.d/openvpn restart *for every client you want to add, create a key/cert* source ./vars KEY_CN=client1 ./pkitool client1
KEYSERVERNAME=mykeyserver apt-get update apt-get -y --force-yes install openvpn udev easy-rsa mkdir -p /etc/openvpn/easy-rsa/2.0 cp -r /usr/share/easy-rsa /etc/openvpn/easy-rsa/2.0 cd /etc/openvpn/easy-rsa/2.0 mv easy-rsa/* /etc/openvpn/easy-rsa/2.0 rmdir easy-rsa chmod u+x vars chmod u+x clean-all chmod u+x build-ca ./vars ./clean-all source ./vars ./clean-all ./build-ca ./build-key-server $KEYSERVERNAME ./build-dh ./build-key client cp /etc/openvpn/easy-rsa/2.0/keys/ca.crt /etc/openvpn cp /etc/openvpn/easy-rsa/2.0/keys/ca.key /etc/openvpn cp /etc/openvpn/easy-rsa/2.0/keys/dh2048.pem /etc/openvpn cp /etc/openvpn/easy-rsa/2.0/keys/$KEYSERVERNAME.crt /etc/openvpn cp /etc/openvpn/easy-rsa/2.0/keys/$KEYSERVERNAME.key /etc/openvpn gunzip -d /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn vim /etc/openvpn/server.conf *update the filenames for crt and key* /etc/init.d/openvpn restart mkdir -p ~/vpnclient cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/vpnclient/client.ovpn cp /etc/openvpn/easy-rsa/2.0/keys/client.key ~/vpnclient cp /etc/openvpn/easy-rsa/2.0/keys/client.crt ~/vpnclient
Different directory for when easy-rsa comes bundled. Doesn’t try to install it seperately. Also sets 2048bit pem because the default seems to be 1024
KEYSERVERNAME=mykeyserver apt-get update apt-get -y --force-yes install openvpn udev cd /usr/share/doc/openvpn/examples/easy-rsa/2.0 vim vars *change export KEY_SIZE=1024 to export KEY_SIZE=2048* chmod u+x vars chmod u+x clean-all chmod u+x build-ca ./vars ./clean-all source ./vars ./clean-all ./build-ca ./build-key-server $KEYSERVERNAME ./build-dh ./build-key client cp keys/ca.crt /etc/openvpn cp keys/ca.key /etc/openvpn cp keys/dh2048.pem /etc/openvpn cp keys/$KEYSERVERNAME.crt /etc/openvpn cp keys/$KEYSERVERNAME.key /etc/openvpn gunzip -d /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf /etc/openvpn vim /etc/openvpn/server.conf *update the filenames for crt and key* *change dh dh1024.pem to dh dh2048.pem* /etc/init.d/openvpn restart mkdir -p ~/vpnclient cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf ~/vpnclient/client.ovpn cp keys/ca.crt ~/vpnclient cp keys/client.crt ~/vpnclient cp keys/client.key ~/vpnclient
If you want to use the internet through the VPN, make the following adjustments:
vim /etc/openvpn/server.conf *uncomment push "redirect-gateway def1 bypass-dhcp"* *add push "dhcp-option DNS 8.8.8.8"* vim /etc/sysctl.conf *uncomment net.ipv4.ip_forward=1* sysctl -p *run this, and also run it on server boot* iptables -t nat -A POSTROUTING -j SNAT -s 10.8.0.0/16 --to-source PUBLIC_SERVER_IP_HERE
Make sure you’re installing the latest vmware version, because even slightly older versions probably don’t support 3.13.0 kernels.
apt-get install build-essential linux-headers-$(uname -r) open-vm-dkms ln -s /usr/src/linux-headers-$(uname -r)/include/generated/uapi/linux/version.h /usr/src/linux-headers-$(uname -r)/include/linux/version.h vmware-modconfig --console --install-all
You may have to cd into vmware-modconfig‘s containing directory before executing that last command, but I don’t remember where it is.
Start VMWare Services
/etc/init.d/vmware start
Start VMWare Workstation
/usr/bin/vmware
Start VMWare player
/usr/bin/vmplayer
vim /etc/ssh/sshd_config
PermitRootLogin yes
service ssh restart
Below information is taken from Stack Overflow
echo "deb http://ftp.us.debian.org/debian jessie main contrib non-free" >> /etc/apt/sources.list apt-get update apt-get install -y --force-yes vsftpd
If the post-setup script fails, delete it so it doesn’t keep bothering you
cd /var/lib/dpkg/info && rm vsftpd.postinst
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf service vsftpd restart
https://packages.debian.org/jessie/init-system-helpers https://packages.debian.org/jessie/vsftpd
#anonymous_enable=YES local_enable=YES write_enable=YES chroot_local_user=YES
apt-get install -y --force-yes apache2 php5-fpm libapache2-mod-fcgid php5-cgi sed -i "s/listen =.*/listen = 127.0.0.1:9000/" /etc/php5/fpm/pool.d/www.conf a2dismod mpm_prefork a2enmod mpm_event echo -e "<Directory /var/www>\n\ AddHandler fcgid-script .php\n\ FCGIWrapper /usr/lib/cgi-bin/php5 .php\n\ Options +ExecCGI\n\ </Directory>\n\ \n\ # If you have Aliases provide php support for them (Here we provide php support for scripts in /usr/share's subdirectories)\n\ Alias /aptitude /usr/share/doc/aptitude/html/en\n\ Alias /apt /usr/share/doc/apt-doc\n\ \n\ <Directory /usr/share>\n\ AddHandler fcgid-script .php\n\ FCGIWrapper /usr/lib/cgi-bin/php5 .php\n\ Options ExecCGI FollowSymlinks Indexes\n\ </Directory>"\n\ > /etc/apache2/conf-available/eventphp.conf a2enconf eventphp service apache2 restart
Make sure libapache2-mod-php5 is NOT installed
echo "<?php phpinfo();" >> /var/www/html/info.php
Show MPM module currently used:
apachectl -V | grep -i mpm
View the available mods
ls /etc/apache2/mods-available/mpm*
Edit the event MPM config:
vim /etc/apache2/mods-available/mpm_event.conf
Configuring phpmyadmin
vim vim /etc/apache2/conf-enabled/phpmyadmin.conf
change Options FollowSymLinks to Options +FollowSymLinks +ExecCGI
/etc/init.d/mysql stop mysqld --skip-grant-tables & mysql -u root FLUSH PRIVILEGES; UPDATE mysql.user SET Password=PASSWORD('newpwd') WHERE User='root'; FLUSH PRIVILEGES; exit /etc/init.d/mysql stop /etc/init.d/mysql start
The following commands will install the required software, and then find the best server to synchronize with.
apt-get install -y --force-yes ntp ntpdate /etc/init.d/ntp stop ntpdate -u 0.europe.pool.ntp.org ntpdate -u 0.europe.pool.ntp.org ntpdate -u 0.europe.pool.ntp.org /etc/init.d/ntp start ntpq -p
Example output:
[email protected]:~# ntpdate -u 0.europe.pool.ntp.org 14 May 11:11:13 ntpdate[37185]: step time server 87.117.247.137 offset 200343.474928 sec [email protected]:~# ntpdate -u 0.europe.pool.ntp.org 14 May 11:11:23 ntpdate[37238]: adjust time server 5.9.40.108 offset 0.002920 sec [email protected]:~# ntpdate -u 0.europe.pool.ntp.org 14 May 11:11:36 ntpdate[37239]: adjust time server 5.9.40.108 offset -0.001120 sec [email protected]:~# /etc/init.d/ntp start [ ok ] Starting NTP server: ntpd. [email protected]:~# ntpq -p remote refid st t when poll reach delay offset jitter ============================================================================== ntp.luna.nl 213.136.0.252 2 u 1 64 1 9.807 -3.671 0.391 textnews.news.c 94.228.220.14 3 u - 64 1 10.671 4.814 0.439 max.coevoet.nl 164.47.15.177 3 u 1 64 1 11.161 -2.069 0.000 livestatus.org 193.67.79.202 2 u - 64 1 10.258 -2.359 0.000