Kirim file antar server tanpa password

di server1:
ssh-keygen -t rsa
scp ~/.ssh/id_rsa.pub user@server2:~/.ssh/id_rsa_server1.pub

di server2:
cd ~/.ssh
cat id_rsa_server1.pub >> authorized_keys2
rm id_rsa_server1.pub

Instalasi Zend Optimizer di Ubuntu

Versi: Ubuntu JJ, Apache2.2.11, PHP5.2.6-3ubuntu4.2, ZendOptimizer 3.3.9

Download Zend Optimizer:
http://www.zend.com/en/products/guard/downloads

sudo tar zxf ZemdOptimizer-3.3.9-linux-glibc23-i386.tar.gz
sudo cp /ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /etc/php5/apache2/
sudo sensible-editor /etc/php5/apache2/php.ini

Pada php.ini tambahkan:
zend_extension=/etc/php5/apache2/ZendOptimizer.so

Restart apache: sudo /etc/init.d/apache2 restart

Jalankan phpinfo()

Jika sukses muncul tulisan:
with Zend Optimizer v3.3.9, Copyright (c) 1998-2009, by Zend Technologies

This program makes use of the Zend Scripting Language Engine: Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies     with Zend Optimizer v3.3.9, Copyright (c) 1998-2009, by Zend Technologies

Change Interface Card Names (eth*)

Edit /etc/udev/rules.d/70-persistent-net.rules

Ganti nama eth* sesuai keinginan, misal: eth5



Edit /etc/networking/interface

auto eth5
iface eth5 inet dhcp

Change Interface Card Names (eth*)

Edit /etc/udev/rules.d/70-persistent-net.rules

Ganti nama eth* sesuai keinginan, misal: eth5



Edit /etc/networking/interface

auto eth5
iface eth5 inet dhcp

Checking ethernet card

Problem with NIC?

ifconfig -a

ethtool

dmesg | grep eth

lspci -vvv

lshw

dmidecode -t 10

then...

.... dont ask, get a new NIC.

Set Up Postgresql

sudo apt-get install postgresql

sudo su - postgres
psql -U postgres template1
create user [namaku] createdb createuser;
\q
 

Ubuntu Server, standard installation, my way

sudo apt-get update
sudo apt-get upgrade

pakai update kernel ke versi terakhir

sudo apt-get install mc

set mc menggunakan internal edit:
mc - option - configuration... - use internal edit - ok

sudo nano /boot/grub/menu.lst
pada baris dengan awalan "kernel", di akhir baris tambahkan: vga=795
Ctrl-X - Yes

sudo apt-get purge consolekit
sudo rm -r /var/lib/dbus/
sudo rm -r /var/log/ConsoleKit/
sudo apt-get purge update-motd

copy server scripts ke /usr/local/sbin

sudo apt-get install ethtool
sudo apt-get install iptraf

Tribute to Sarge (Debian GNU/Linux 3.1)

Technical IT only.

I'm planning to disband the last 3 Debian Sarge operational server in a view days. Those servers dated back to 2004, where Sarge was still in testing stage. I still remember having to spend weeks to get SATA works. Compiling customized kernel for each server so that those desktop box (we called server:) can serve dozens of FoxPro clients.

Back to 2004

What the F.... FoxPro..? yeah... previous vendors develop in foxpro, at the beginning using file sharing, then MS SQL server on Windows 2000, testing Oracle, then PostgreSQL under RedHat. All result in unstable environment. The system often lags and even get several memory loss. To make things more complicated, the electricity condition are  scarry. One night of thunder storm might disrupt entire network, killing multiple network cards, switch ports, and in two events damaging the main cisco router.

The first step when I took over, was moving the PostgreSQL to Debian. The plan was simple, install basic Sarge with PostgreSQL and Proftpd, then kill everything else, not only process, but also kernel features. So, I compiled striped down Sarge kernel and add SMP and SATA support (sound easy today, hundreds of workhour back then). SATA was a new harddrive technology back in 2004, already supported by many but not by Linux 2.2, even early 2.4. Simillar case with SMP. I remember the joy using top, press 1, and view the Cpu0 & Cpu1... multiple CPU.... at a cheap Pentium box.

40 clients with high fingerprint FoxPro connection on PostgreSQL, turned out good. Well... not so good actually, due to PostgreSQL crazy vacuum burden that slow things every vacuum night. But that's another story.

Then I set up a dedicated LAN address server with DHCP & BIND using old desktop. After then another single server for everything else: regular nightly backup, backup address server, backup PostgreSQL & Proftpd, apache, samba, KDE, later even squid & guarddog.

Debian rules. It was the best, most stable, costumizable, flexible, and most of all, Debian is The Linux OS.



Back To Current Date

I rarely look after those Debian servers. Well, thats the point using Debian, fire-and-forget.

It was when I read the support end announcement, I realize that I had to replace those servers. The repository of Sarge was gone, APT wont work anymore, it was renamed oldstable now. No more Sarge. Hicks...

Well, I can still access APT using its new repository name, just replace sarge with oldstable at /etc/apt/sources.list:
deb http://kambing.ui.edu/debian oldstable main contrib non-free

Menuju Ubuntu Server 10.04 LTS April 2010

Untuk menggunakan ubuntu sebagai server, perlu memilih release server LTS (long term support). LTS memberikan support pada ubuntu server hingga 5 tahun, dibandingkan dengan non-LTS yang hanya di support untuk 18 bulan.

Support 5 tahun sangat krusial bagi sebuah server Linux.

Versi LTS terakhir adalah 8.04 keluaran April tahun 2008, dan versi LTS berikutnya adalah 10.04 yang rencananya keluar April 2010.

Karena keputusan pindah dari Debian (Etch & Sarge) baru terjadi akhir 2008, maka sebagai bridging distro digunakan server 8.10 Intrepid Ibex, yang support-nya berakhir April 2010. Dengan harapan 10.04 keluar tepat waktu pada April 2010 untuk menggantikan 8.10 yang berakhir masa supportnya.

Hardware server lama menggunakan S5000VSASAS dengan 1 processor Xeon 5335 (kapasitas 2 processor). Rencana upgrade 2009 menjadi 2 processor Xeon, dan 2010 RAM menjadi 16GB. Hal ini mengantisipasi penambahan client & applikasi. Skema ini memperkuat low-cost-solution dari pengembangan infrastruktur teknologi informasi.

Awal 2010 direncanakan pengadaan hardware server utama baru untuk server 10.04 LTS, sedangkan server utama lama akan digunakan untuk aplikasi server diluar database.

BIND9 dan DHCP3 DDNS

Versi: Ubuntu II/JJ, BIND9, DHCP3

Install BIND9 & DHCP
Install Bind9: sudo aptitude install bind9
Install DHCP3: sudo aptitude install dhcp3-server
Jangan lupa:
sudo sensible-editor /etc/default/dhcp3-server
###---> mudy: tentukan interface dimana dhcp server bekerja
INTERFACES="eth0"
###---||

Buat kunci
sudo rndc-confgen -r /dev/urandom -k ns1.localdomain.com -s 10.0.0.3 > rndc.conf
sudo rndc-confgen -r /dev/urandom -k ns2.localdomain.com -s 10.0.0.4 >> rndc.conf

edit rndc.conf:
Hapus options { ... }; dibawah ns2.localdomain.com
Pindahkan key "ns2.localdomain.com" { ... }; kebawah key "ns1.localdomain.com" { ... };
Dibawah options { ... }; tambahkan:
server ns2.localdomain.com { key ns2.localdomain.com; };

buat file rndc.key dari rndc.conf:
hapus bagian options, sisakan bagian key


Konfigurasi named.conf
sudo sensible-editor /etc/bind/named.conf
tambahi:
###---> mudy: named ddns setting
include "/etc/bind/rndc.key";
controls { inet 10.0.0.3 port 953 allow {10.0.0.3; } keys { "ns1.localdomain.com" };
};
###---||

Konfigurasi dhcp.conf
sudo sensible-editor /etc/dhcp3/dhcp.conf
tambahi:

###---> mudy: dhcp ddns setting
ddns-update-style interim;
include "/etc/bind/rndc.key";
zone domain.com. { primary 10.0.0.3; key ns1.localdomain.com; }
zone reverse.in-addr.arpa. { primary 10.0.0.3; key ns1.localdomain.com; }
ddns-domainname "localdomain.com";
###---||

Konfigurasi named.conf.local
sudo sensible-editor /etc/bind/named.conf.local

###---> mudy: logging
logging {
channel bind { file "/var/log/bind/bind.log"; severity dynamic;
print-category yes; print-severity yes; print-time yes;};
channel update { file "/var/log/bind/update.log"; severity debug 3;

print-category yes; print-severity yes; print-time yes;};
channel security { file "/var/log/bind/security.log"; severity info;

print-category yes; print-severity yes; print-time yes;};
category lame-servers {null;}; category edns-disabled {null;};
category default { bind; }; category update { update; }; category security { security; };};
###---||

###---> mudy: definisi zona master localdomain.com
acl "localnetwork" { 10.0.0.0/24; };
zone "localdomain.com" {
type master;
file "/etc/bind/ddns/localdomain.com";
allow-update { key "ns1.localdomain.com"; };
allow-query { localnetwork; };
notify no; };
zone "0.0.10.in-addr.arpa" {
type master;
file "/etc/bind/ddns/10.0.0.reverse";
allow-update { key "ns1.localdomain.com"; };
allow-query { localnetwork; };
notify no; };
###---||

sudo sensible-editor /etc/bind/named.conf.options:
options {
directory "/var/cache/bind";
# beri forwarders ke OpenDNS jika perlu
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
### akhir forwarders
version "Server DNS lokal";
auth-nxdomain no;
listen-on { 10.0.0.3; };
allow-transfer { 10.0.0.4; };
};

Konfigurasi apparmor
sudo sensible-editor /etc/apparmor.d/usr.sbin.named
tambahi:
###---> mudy: bisa tulis dir ddns & log bind
/etc/bind/ddns/** rw,
/etc/bind/ddns/ rw,
/var/log/bind/** w,
/var/log/bind/ w,
###---||

Buat file log
sudo touch /var/log/bind/bind.log
sudo touch /var/log/bind/update.log
sudo touch /var/log/bind/security.log

Buat file ddns map
sudo touch /etc/bind/ddns/localdomain.com
sudo sensible-editor /var/bind/ddns/localdomain.com

;;;---> mudy: definisi localdomain.com
localdomain.com IN SOA ns1.localdomain.com. root.ns1.localdomain.com. (
20090515 ; serial
86400 ; refresh (1 day)
3600 ; retry (1 hour)
432000 ; expire (5 days)
86400 ; minimum (1 day)
)
NS ns1.localdomain.com.
NS ns2.localdomain.com.
ns1 A 10.0.0.3
ns2 A 10.0.0.4
;;;---||

Buat file ddns reverse map
touch /var/bind/ddns/10.0.0.reverse
nano /var/bind/ddns/10.0.0.reverse

;;;---> mudy: definisi reverse localdomain.com
0.0.10.in-addr.arpa IN SOA ns1.localdomain.com. root.ns1.localdomain.com. (
2009051501;
86400;
1800;
604800;
86400;
)
   NS ns1.localdomain.com
   NS ns2.localdomain.com
3 PTR ns1.localdomain.com
4 PTR ns2.localdomain.com
;;;---||

Atur hak akses file dan direktori
sudo mkdir -m 644 /var/log/bind
sudo mkdir -m 644 /etc/bind/ddns
sudo chown -R root:bind /var/log/bind
sudo chown -R root:bind /etc/bind/ddns
sudo chmod -R 644 /etc/bind/ddns
sudo chmod -R 644 /var/log/bind

Restart apparmor, bind9 & dhcp3-server
sudo restart apparmor
sudo restart bind9
sudo restart dhcp3-server

Mengapa tidak perlu membeli IPhone 3G (dengan pembanding HTC Touch HD)

No bullshit reason who you shouldn't get IPhone 3G

1. Apple IPhone 3G menggunakan prosesor ARM 667MHz tetapi di-underclock untuk menghemat batere. HTC Touch HD menggunakan processor 528MHz dual ARM core. Dapat dikatakan kurang lebih sama.
   
2. Apple IPhone 3G menggunakan kamera 2 MP, tidak ada kemampuan merekam video, tanpa auto-focus. HTC Touch HD dengan kamera 5 MP, auto-focus, full video.
3. Apple IPhone 3G menggunakan resolusi layar 480x320 pixel, berukuran 3,5". HTC Touch HD memiliki resolusi 800x480 pixel, berukuran 3,8". Font kecil lebih terbaca pada HTC Touch HD, dan gambar lebih tajam.
4. Apple IPhone 3G tidak memiliki slot memori ekspansi, pemakai harus memilih memori 8GB atau 16GB. HTC Touch HD menggunakan microSD dengan kapasitas memori sampai dengan 32 GB, yang bisa diganti sendiri.
5. Apple IPhone 3G tanpa kemampuan radio FM. HTC Touch HD memiliki kemampuan radio FM, dengan RDS, kemampuan menyimpan daftar stasiun radio.
6. Apple IPhone 3G menggunakan sistem operasi IPhone dengan jumlah aplikasi lebih terbatas dan sumber software hanya dari Apple. Tidak semua file dapat dibuka dan dijalankan di Apple IPhone 3G, baik file multimedia maupun file kerja. HTC Touch HD menggunakan Windows Mobile 6.1 ber-tampilan HTC dengan aplikasi lebih luas dan mudah diperoleh.
7. Harga IPhone 8G paket termurah Rp 9,6 juta, 16GB paket termurah Rp 11,2 juta (gratis data 500MB).

Ditunggu: operator yang membuat paket dengan handset HTC Touch HD.

Pasang debmirror pada Server Ubuntu Intrepid Ibex dari balik Squid

Teknis Komputer

Bagian dari Migrasi ke Ubuntu

Kondisi awal:
Ubuntu Server 8.10, terpasang Apache2, apt bekerja


$export html_proxy=http://[namaserver]:[port]
$sudo apt-get install debmirror
$sudo mkdir /home/repository
$sudo chown -R root:[username] /home/repository
$sudo chmod -R 571 /home/repository
$sudo mkdir /home/mirrorkeyring
$sudo gpg --no-default-keyring --keyring /home/mirrorkeyring/pubring.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg

$sudo sensible-editor /usr/local/sbin/rundebmirror.sh

#!/bin/bash
export GNUPGHOME=/home/mirrorkeyring
debmirror --arch=i386 \
--section=main,restricted,universe \
--dist=intrepid, intrepid-security, intrepid-updates \
--host=id.archive.ubuntu.com \
--root=/ubuntu \
--method=http \
--getcontents --nosource --progress --verbose \
--proxy=http://[proxyserver]:[port]/ \
/home/repository

$sudo ln -s /home/repository /var/www/ubuntu
Pada malam hari:
$sudo rundebmirror/sh
Tinggalkan sampai pagi, kalau perlu pagi hari matikan (supaya tidak mengganggu pengguna internet pada jam kerja), lalu jalankan lagi pada malam hari sampai seluruh repository diperoleh.



Setelah repository di download, atur supaya download repository dilakukan secara rutin setiap hari jam 1 malam.
$sudo crontab -e
15 1 * * * /usr/local/sbin/rundebmirror.sh
[ctrl-z]

$sudo /etc/init.d/cron restart



Setup klien apt
$sudo sensible-editor sources.list
Matikan deb lain dengan memberi # diawal setiap baris deb (kalau perlu deb-src & pool multiverse, bisa dibiarkan aktif).

Pasang repository lokal:
deb http://[namaserver]/ubuntu intrepid main restricted universe
deb http://[namaserver]/ubuntu intrepid-updates main restricted universe
deb http://[namaserver]/ubuntu intrepid-security main restricted universe



Test repository lokal:
$sudo apt-get update
$sudo apt-get dist-upgrade

Kalau konek ke repository lokal berarti sukses.