Configure a simple chat server using ejabberd ( on Debian)

Hi,

To create  a chat server without ldap and mysql for small organization follow the steps below ( same procedure will be for CentOS but you have to install ejabberd using yum)

(Prerequisites : A DNS must be configured for server otherwise you will have to use IP instead of doamin name for configuration)

Install the ejabberd package on server

# apt-get install ejabberd

 

Check the service is running or not to register a admin user

 

Create admin user by typing below command

#ejabberdctl register admin localhost passwordforadminuser

 

edit /etc/ejabberd/ejabberd.yml file for admin user access and domain for which we are creating service

 

edit default  entry like given below

 

add host like given below

 

Register admin user as admin for domain

 

go to the browser and open the admin panel

https://<your ip or domain >:5280/admin

and login as user admin@localhost

 

Console will be like given below. click on Virtual Hosts

 

Select domain (in my case its  geekonline.in)  by clicking it.

 

Click on users to create / edit users

 

Add users like given below

 

Configure pidgin as below

 

Mount Google Drive on Linux (Debian) Server

For mounting Google Drive on your server. you will require two things.

  1. A project created and configured with OAuth client id and scecret on Google
  2. google-drive-ocamlfuse installed and configured

Create Project

1. go  to  https://console.developers.google.com/apis/dashboard

and create new project

Click on create credentials

Select OAuth Client ID

Click on configure Consent Screen

Provide email address and product name

To Create Client ID select others and provide Name and click on create

It will give you OAuth Client ID and Secret. Please note it down and keep safe.

Installation of google-drive-ocamlfuse On debian 9

  1. First install the required packages

apt-get install libcurl4-gnutls-dev libfuse-dev libgmp-dev libsqlite3-dev camlp4-extra debianutils libcurl4-gnutls-dev perl  m4 pkg-config zlib1g-dev

2. adduser <user> fuse ( adding user to group fuse usrmod also works)

3.  Set the Permissions

#sudo chown root.fuse /dev/fuse
#sudo chmod 660 /dev/fuse

4. Install Google Drive Ocamlfuse

# su <user>
# opam init
# opam update
# opam install depext
# eval `opam config env`
# opam depext google-drive-ocamlfuse
# opam install google-drive-ocamlfuse
# . /home/*user*/.opam/opam-init/init.sh > /dev/null 2> /dev/null || true

#/home/user/.opam/system/bin/google-drive-ocamlfuse -headless -label googledrive -id <OAuth Client ID> -secret <OAuth Client Secret>

It will give you one url ask you to visit that url and get the code from the webpage and provide it

Open that url in browser and copy paste  the verification code to termianl

create mount point

# mkdir /mnt/Google-drive

#  /home/user/.opam/system/bin/google-drive-ocamlfuse -label googledrive /mnt/Google-drive/

Above command will enable that mount only for the user and not others not even root

To enable mount point for user root

edit file /etc/fuse.conf and uncomment below line

#user_allow_other

Then run below command

sudo -u user /home/user/.opam/system/bin/google-drive-ocamlfuse -o allow_root -label googledrive /Google-drive/ > /var/log/gdrive_mount.log 2>&1 &

Add below line (/etc/rc.local)

sudo -u  user /home/user/.opam/system/bin/google-drive-ocamlfuse -o allow_root -label googledrive /Google-drive/  2>$1  &

Thus only user and root will be able to use mounted drive.

How to install flash player plugin in mozilla firefox

Step 1
go to http://get.adobe.com/flashplayer/
select .tar.gz for other linux
and then click on download to download it

Step 2
open the terminal and go to the Downloads folder
extract the source by command
tar -zxvf install_flash_player_some-version_linux_i386.tar.gz
a file libflashplayer.so will be extracted from source
copy that file to the mozilla plugins folder by following command
sudo cp libflashplayer.so /usr/lib/mozilla/plugins

done.

 

ssmtp program to send emails

This is the program who sends email. it takes 8,192B of disk space after installation
its quit simple to use.

for that we have to edit /etc/ssmtp/ssmtp.conf like below
——————————————————————————-/etc/ssmtp/ssmtp.conf——————–
FromLineOverride=YES
root=your_username@your_domain
mailhub=smtp.your_domain.com:587
#$hostname=sysadmins —-> this line doesn’t affect after commenting
rewriteDomain=your_domain
AuthUser=your_username
AuthPass=your_password
FromLineOverride=YES
UseSTARTTLS=YES

—————————————————————————————————————————–

The normal command to send email via command line is
ssmtp recepient_name@gmail.com
To: recipient_name@gmail.com
From: username@gmail.com
Subject: Sent from a terminal!
Ctrl+D
——————————————————————————————————————————

script to send message using text file
—————————————————————————————————————————–
function welcome_mail
{
echo enter user name
read username
echo enter full name
read FULL_NAME

USER=$username
FULL_NAME=$FULLNAME
cat > /tmp/welcome-reciepent << welcome1
To: $USER@your_domain
From: System Administrator
Subject: Welcome! Please read the instructions

Hi $FULL_NAME,
Welcome , Please go through the instructions given below
welcome1

cat /file_path/instructions >> /tmp/welcome-reciepent

echo “Sending Welcome-mail”
ssmtp $USER@neuralit.com < /tmp/welcome-reciepent
echo “OK”
}

welcome_mail
———————————————————————————————————————————–
and the /file_path/instruction is a simple file in which instructions are written.
like this.

this is instruction1
this is instruction2
this is instruction3
this is instruction4
(Please don’t revert back. This is a system generated email)

merits: 1) simple to use and can be used to mail newly joined user.
2) the mail can be sent by using any mail account as the sender will not be shown (it will show the name we choose.)
3) user cant reply back as there is no emailid in sender

demerits : 1) we can not attach the file.(searching the solution)
2) we will have to install the software for it

OpenVpn client on ubuntu

step 1: (installation)
(it might be possible that some packages are not needed but i installed these packages )

sudo apt-get install libglib2.0-dev libgtk2.0-dev libglade2-dev libgnome-keyring-dev gedit gksu subversion build-essential autogen automake autoconf intltool
sudo apt-get install openvpn
sudo apt-get install network-manager-openvpn
sudo apt-get install gopenvpn (this may not be needed)

step 2: (Downloading Certificates and Key Files)

Download all the certificate files from pfsense->vpn->openvpn->
clientexport to /etc/openvpn
make all these file readable and executable for all by
sudo chmod +rx * in /etc/openvpn

at this stage you can start the vpn but in text mode
the command is
openvpn –config /etc/openvpn/pfsense-udp-1194-config.ovpn

Step 3 : (creating openvpn connection in graphical mode)

/etc/init.d/network-manager start
click on network manager icon (it will appear on beside the sound icon on the taskbar on the top
right side)

vpn connections -> configure vpn -> import -> pfsense-udp-1194.ovpn
(browse this file.)
now this will create a vpn connection.
you have to modify this connection up to some extenct

step 4 : (modification/configuration):

go to vpn tab

gateway : it will take automatically don’t make change

Type : password with Certificate (TLS) (default dont change)
username :
password :
User Certificate (browse this file)
CA Certificate (browse this file)
Private Key

click on advace button
go to TLS Authentication tab
check mark on use additional TLS authentication

Key File
Key Direction 1

Save The configuration

now again click on the network manager icon on right top
select vpn connections -> pfsense-udp-1194-config

 

(Basically the .ovpn file is important as its the main configuration file. In my case my openvpn server is on pfsense so I downloaded file from there. Your case may be different so only getting the .ovpn file will be the different procedure for you if you are not using pfsense.)

Nagios ( over ssh )

Configuring Nagios ( My Os is Ubuntu )

Before configuring nagios server configure the server as mail server/relay server

A. INSTALLATION

1) Download Source in /usr/local/src/

wget http://liquidtelecom.dl.sourceforge.net/project/nagios/nagios-4.x/nagios-4.2.3/nagios-4.2.3.tar.gz

wget --no-check-certificate https://nagios-plugins.org/download/nagios-plugins-2.1.4.tar.gz

tar -zxvf nagios-plugins-2.1.4.tar.gz

2) Add user and group

useradd nagios

groupadd nagcmd

usermod -a -G nagcmd nagios

usermod -a -G nagios,nagcmd www-data
 (* for centos this will be usermod -a -G nagios,nagcmd apache)

3) Configurating and compiling source code nagios core:

tar -zxvf nagios-4.2.3.tar.gz

tar -zxvf nagios-plugins-2.1.4.tar.gz

cd nagios-4.2.3

install packages

apt-get install snmp

apt-get install snmpd

apt-get install mrtg

(*for centos

net-snmp-5.3.2.2-22.el5_10.1

net-snmp-libs-5.3.2.2-22.el5_10.1)

./configure --with-command-group=nagcmd --with-mail=/usr/bin/sendmail –with-httpd-conf=/etc/apache2/sites-available/

(* for centos this will be ./configure --with-command-group=nagcmd )

make all

make install

make install-init

make install-config

make install-commandmode

make install-webconf

cp -R contrib/eventhandlers/ /usr/local/nagios/libexec/

chown -R nagios:nagios /usr/local/nagios/libexec/eventhandlers

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

4) configuring Apache

sudo a2ensite nagios

sudo a2enmod rewrite cgi ( enable mod rewrite in httpd for centos)

service apache2 reload / restart

(* for centos it will be /etc/init.d/httpd restart /reload)

/etc/init.d/nagios start

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

5) Configurating and compiling source code nagios plugins

cd ../nagios-plugins-2.1.4/

./configure --with-nagios-user=nagios --with-nagios-group=nagios

make

make install

sudo update-rc.d nagios defaults

(* for centos it will be

chkconfig --add nagios

chkconfig --level 35 nagios on )

B. CONFIGURATION

On Client

apt-get install libmysqlclient*-dev ( for check_mysql plugin its required )

mysql51-mysql-libs.x86_64 ( for centos)

useradd nagios

groupadd nagcmd

usermod -a -G nagcmd nagios

cd /usr/local/src

wget --no-check-certificate https://nagios-plugins.org/download/nagios-plugins-2.1.4.tar.gz

tar -zxvf nagios-plugins-2.1.4.tar.gz

cd nagios-plugins-2.1.4

./configure --with-nagios-user=nagios --with-nagios-group=nagios

make

make install

On Server

su nagios

ssh-keygen

copy the content of the file id_rsa.pub to the file /home/nagios/.ssh/authorized_keys

cd /usr/local/nagios/etc/objects

(write your own commands for remote servers which we are going to monitor via ssh agent. )

vi remote-commands.cfg ( for example see my remote-commands.cfg at the end of the document.)

cd /usr/local/nagios/etc

vi nagios.cfg and add the below line

cfg_file=/usr/local/nagios/etc/objects/remote-eommands.cfg

cd /usr/local/nagios/etc/objects

vi hostgroups.cfg ( create your hostgroups. In localhost.cfg you can find how hostgrup is written. Sample files are at the end of the document )

cd /usr/local/nagios/etc

vi nagios.cfg and add the below line

cfg_file=/usr/local/nagios/etc/objects/hostgroups.cfg

mkdir /usr/local/nagios/etc/objects/{Linux-Workstations,Windows-Workstations,Laptops,DRBL-Workstations,Local-Servers,Remote-Servers)

cd /usr/local/nagios/etc

vi nagios.cfg and add the below lines

cfg_dir=/usr/local/nagios/etc/objects/Local-Servers

cfg_dir=/usr/local/nagios/etc/objects/Linux-Workstations

cfg_dir=/usr/local/nagios/etc/objects/Windows-Workstations

cfg_dir=/usr/local/nagios/etc/objects/Laptops

cfg_dir=/usr/local/nagios/etc/objects/Remote-Servers

copy the localhost.cfg to /usr/local/nagios/etc/objects/Linux-Workstations/<system-to-monitor-ip>.cfg ( for example I have 192.168.100.199 ip so i copied file as 192.168.100.199.cfg)

vim 192.168.100.199.cfg
 remove all hostgroup entries and make the changes accordingly




For remote system monitoring write the file /usr/local/nagios/etc/objects/remote-commands.cfg like below

define command{
 command_name check_remote_disk
 # command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_disk -w $ARG1$ -c $ARG2$ -e'
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_disk -w $ARG2$ -c $ARG3$ -A -I "/run/*" -I "/sys/*" -I "/dev/shm" -I "/dev" -I "/lib/*" -I "/var/lock" -I "/Thecus/*"'
 }

define command{
 command_name check_remote_load
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_load -w $ARG2$ -c $ARG3$'
 }

define command{
 command_name check_remote_swap
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_swap -w $ARG2$ -c $ARG3$'
 }

define command{
 command_name check_remote_users
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_users -w $ARG2$ -c $ARG3$'
 }

define command{
 command_name check_remote_procs
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_procs -w $ARG2$ -c $ARG3$'
 }

define command{
 command_name check_remote_ssh
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_ssh -H $HOSTADDRESS$ $ARG1$'
 }

#define command{
 # command_name check_remote_mysql
 # command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_mysql -H $HOSTADDRESS$ $ARG1$'
 #}

define command{
 command_name check_remote_pgsql
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_pgsql -H $HOSTADDRESS$ -l $ARG2$ -p $ARG3$'
 }

define command{
 command_name check_remote_http
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_http -H $HOSTADDRESS$'
 }

define command{
 command_name check_remote_ldap
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_ldap -H $HOSTADDRESS$ $ARG1'
 }

define command{
 command_name show_remote_users
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/show_users'
 }

define command{
 command_name check_remote_mysql
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_mysql -u $ARG2$ -p $ARG3$'
 }

define command{
 command_name check_remote_asterisk
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_asterisk'
 }

define command{
 command_name check_remote_ping
 command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $HOSTADDRESS$ -C '/usr/local/nagios/libexec/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5'
 }

define command{ command_name show_logged_users command_line /usr/local/nagios/libexec/check_by_ssh -p $ARG1$ -l nagios -t 30 -o StrictHostKeyChecking=no -H $ARG2$ -C '/usr/local/nagios/libexec/logged_users' }

For host write files like given (sample configuration geekonline.cfg )

define host{
 use                     remote-linux-server            ; Name of host template to use
 ; This host definition will inherit all variables that are defined
 ; in (or inherited by) the linux-server host template definition.
 host_name               GEEKHOST
 alias                   GeekHost
 address                 23.250.32.8
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             PING
 check_command            check_remote_ping!22!100.0,20%!500.0,60%
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             Partitions
 check_command            check_remote_disk!22!20%!10%!/
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             Current Users
 check_command            check_remote_users!22!20!50
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             Total Processes
 check_command            check_remote_procs!22!250!400!RSZDT
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             Current Load
 check_command            check_remote_load!22!5.0,4.0,3.0!10.0,6.0,4.0
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             Swap Usage
 check_command            check_remote_swap!22!20!10
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             SSH
 check_command            check_ssh
 notifications_enabled        0
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             Logged in Users
 check_command                   show_remote_users!22!
 notifications_enabled           0
 }

define service{
 use                             local-service         ; Name of service template to use
 host_name                       GEEKHOST
 service_description             MYSQL
 check_command                   check_remote_mysql!22!root!<rootPassword>
 notifications_enabled           0
 }p

/etc/init.d/nagios/restart




http://<ip>/nagios