Setting up an Openfire chat server on Ubuntu server

Once installed, log into the new Ubuntu server and take the following steps:

~ $ sudo -s
~ # aptitude update
~ # aptitude upgrade
~ # tasksel *Select Lubuntu minimal Install
~ # aptitude install leafpad
~ # aptitude install chromium-browser
~ # aptitude install phpMyAdmin
Reboot



Installing Java:

~ $ sudo -s
~ # aptitude install python-software-properties *may not be needed
~ # add-apt-repository ppa:webupd8team/java
~ # aptitude update
~ # aptitude install oracle-java7-installer
~ # aptitude install oracle-jdk7-installer
~ # java -version



Add database and user to Mysql:


Open the Chromium Web browser and go to: http://(serverip)/phpmyadmin

On the main page, locate Priviledges and scroll down to Add a new User.

Username: Enter a username, I used ‘openfire’

Host: From the drop down menu, select localhost

Password: Enter a password, retype your password

Under the Database for user section of that page, click on the radio button for Create database with same name and grant all priviledges.

Click create user



Install Openfire:


~ $ sudo -s
~ # cd /opt
~ # wget http://www.igniterealtime.org/downloadServlet?filename=openfire/openfire(version).tar.gz
~ # tar zxvf (file name)
~ # ln -s /opt/openfire/bin/openfire /etc/init.d/
~ # chmod +x /etc/init.d/openfire
~ # cd /opt/openfire
~ # update-rc.d openfire defaults
~ # nohup ls >ls.log 2>&1 &
~ # /opt/openfire/bin/openfire start
Open the Chromium Web browser and go to: http://(serverip):9090

Database settings: Standard Database Connection

Database Settings: use the user name and database info you created in phpmyadmin

Profile Settings: Directory Server

Server Type: Active Directory

Host: "your domain controller"

Port: 636

Base DN: DC="server",DC="foo",DC="com"

Administrator DN: CN="domainadmin",OU="Departments",DC="domain",DC="com"

Password: your admin password

Advanced settings: use SSL = YES

Set which users should have administrator rights on the server, and log in. You should be up and running.

Now just configure Pidgin or some other chat client that supports XMPP(jabber) and your ready to chat!

Installing Centreon on Ubuntu server 12.04

I've been working on this one for quite a while now, and I think I've work MOST of the bugs out of the system. This install is NOT for beginner, if you love your server don't try this on it. The best approach is to create a VM in virtual box and try it there before trying it in a production environment.

So here we go...


After installing your base server and Logging in, the first thing we need to do is install some prerequsistes that Centreon will neeed to run correctly:

~ $ sudo -s
~ # aptitude update
~ # aptitude upgrade
~ # tasksel *Select Lubuntu minimal Install
~ # aptitude install leafpad
~ # aptitude install chromium-browser
~ # aptitude install sysutils mailx lsb-release postfix mailutils
~ # aptitude install build-essential
~ # aptitude install apache2 apache2-mpm-prefork
~ # aptitude install php5 php5-mysql php-pear php5-ldap php5-snmp php5-gd php-gettext
~ # aptitude install mysql-server libmysqlclient15-dev
~ # aptitude install rrdtool librrds-perl
~ # aptitude install libconfig-inifiles-perl libcrypt-des-perl libdigest-hmac-perl torrus-common libgd-gd2-perl
~ # aptitude install snmp snmpd libnet-snmp-perl libsnmp-perl
~ # aptitude install libgd2-xpm libgd2-xpm-dev libpng12-dev
~ # aptitude install phpMyAdmin
Edit /etc/snmp/snmptrapd and change the value of TRAPDRUN from no to yes in /etc/default/snmpd
~ # reboot

Now we need to create a user on the server named nagios, place this user in the proper groups it will need access to:

~ # /usr/sbin/useradd -m nagios
~ # passwd nagios
~ # /usr/sbin/groupadd nagcmd
~ # /usr/sbin/usermod -G nagios,nagcmd nagios
~ # /usr/sbin/usermod -G nagios,nagcmd www-data

Now lets install Nagios, along with the plug-in's you will need for Centreon:

~ # cd /usr/local/src/
~ # wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.4.1.tar.gz
~ # tar xvzf nagios-3.4.1.tar.gz
~ # cd nagios-3.4.1/
~ # ./configure --prefix=/usr/local/nagios --with-command-group=nagcmd --enable-nanosleep --enable-event-broker
~ # make all
~ # make install
~ # make install-init
~ # make install-commandmode
~ # make install-config
~ # update-rc.d -f nagios defaults
~ # chmod +x /etc/init.d/nagios
~ # cd /usr/local/src/
~ # wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz
~ # tar xvzf nagios-plugins-1.4.15.tar.gz
~ # cd nagios-plugins-1.4.15/
~ # ./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl=/usr/bin/openssl
~ # make
~ # make install

Install NDO:

~ # aptitude install subversion
~ # cd /usr/local/src/
~ # wget http://prdownloads.sourceforge.net/sourceforge/nagios/ndoutils-1.4b9.tar.gz  
~ # tar xvzf ndoutils-1.4b9.tar.gz  
~ # cd ndoutils-1.4b9
~ # wget http://svn.centreon.com/trunk/ndoutils-patch/ndoutils1.4b9_light.patch
~ # patch -p1 -N < ndoutils1.4b9_light.patch
~ # ./configure --prefix=/usr/local/nagios/ --enable-mysql --disable-pgsql \
   --with-ndo2db-user=nagios --with-ndo2db-group=nagios
~ # make
~ # cp ./src/ndomod-3x.o /usr/local/nagios/bin/ndomod.o
~ # cp ./src/ndomod-3x.o /usr/sbin/ndomod.o
~ # cp ./src/ndo2db-3x /usr/local/nagios/bin/ndo2db
~ # cp ./config/ndo2db.cfg-sample /usr/local/nagios/etc/ndo2db.cfg
~ # cp ./config/ndomod.cfg-sample /usr/local/nagios/etc/ndomod.cfg
~ # chmod 774 /usr/local/nagios/bin/ndo*
~ # chown nagios:nagios /usr/local/nagios/bin/ndo*
~ # cp ./daemon-init /etc/init.d/ndo2db
~ # update-rc.d ndo2db defaults
~ # chmod +x /etc/init.d/ndo2db

Now we are ready to install Centreon itself:

~ # cd /usr/local/src/
~ # wget http://download.centreon.com/centreon/centreon-2.3.8.tar.gz
~ # tar xvzf centreon-2.3.8.tar.gz
~ # cd centreon-2.3.8/
~ # export PATH="$PATH:/usr/local/nagios/bin/"
~ # sudo ./install.sh -i
Scroll to the bottom of the license agreement and accept by clicking "Y ". Answer "Y" for all questions during installation and validate all default paths during installation.

~ # /etc/init.d/apache2 reload

Now load http://YouIP/centreon and follow the wizard to finish the install, on step 6, make sure you have the MySQL database setting correct. Once your finished you should be able to log in with the account you created. Once you are loged in, go to: Configuration→Nagios and check the Boxs "Move Export Files" and Restart Nagios" and then click the [export] button

From the command line run the following commands:

~ # /etc/init.d/nagios start
~ # /etc/init.d/ndo2db start


Your Installation should now start reporting on the basic status of your server. Next time I'll tell you how to start adding other servers in your enviroment to the list of monitered servers.

Adding a linux server to the Domain:

If you have lots of Linux servers, and your company is running on a Windows Active Directory, you might find it binifisial to join your Linux servers to the domain and allow log-ins with you domain administrator accounts. The following tutorial will walk you though the process.

First you have to add the Centrify DirectControl Express repository:

~$sudo -s
~#aptitude install python-software-properties

For Ubuntu server 10.04 LTS

~#add-apt-repository "deb http://archive.canonical.com/ lucid partner"
For Ubuntu server 12.04

~#add-apt-repository "deb http://archive.canonical.com/ precise partner"
~#aptitude update

Now we install Centrifydc:

~#aptitude install centrifydc
~#adjoin -w -u DomainAccount Domain.name
~#adinfo

Now we need to add our domain Admin group to Sudoers

~#nano /etc/sudoers
add: %Domain Admins ALL=(ALL) ALL

Now we need to edit the centrifydc.conf file:

~#nano /etc/centrifydc/centrifydc.conf
Change the following line:

Change the line:

##pam.allow.groups: some:group

to

pam.allow.groups: Domain Admins

If you have a user on your domain that has the same name as the local admin acount on the linux server you need to edit the following:

#pam.ignore.users: some:user

to:

pam.ignore.users: local/domain account

WARNING: If you don't make this change you will lock out the local admin account

Save the file and then:

~#adreload
~#adflush
~#adquery user DomainAccount
Your all done, you should be able to log on the the Linux server with you domain admin accounts.

Awesome!

Setting up synergy with encryption on two Windows computers:

If you don't know what Synergy is I'm not going to spend a lot of time trying to explain it. It's basically a way a way to share your keyboard and mouse between two computers without the need of a KVM Switch. You can read more about it at http://synergy-foss.org/.

The big problem with Synergy is that it sends all of your keystrokes to the remote computer plain text. If your own your own private network this is not a problem, but if your at work or on a public network this can be troublesome. If you didn't know this already intercepting data on a public network is stupid easy.

So that being said, we are going to use the SSH protocol to encrypt your data as it passes over the network. Again if you don't know what SSH is I'm not going to try to explain it here. Reading is your friend: http://en.wikipedia.org/wiki/Secure_Shell.

If your running Linux it is very easy to get this working, but on Windows It is a little more tricky. So lets get started:

A. Install OpenSSH:

• Download Copssh from: https://www.itefix.no/i2/copssh-get. For our purposes the free version will work fine. Once you have it downloaded extract the zip and run the installer on both the computers you want to share the keyboard and mouse on.
• when you get to service tab: Set the service account to synergy, and the password to something you won't forget.
• once the install finish click on start and activate a user, and select synergy, click next.
• created a passphrase, write it down if you can't remember it!
• click activate
• duplicate the steps on the second computer

B. Test SSH connections:

• download a program called Putty. It can be found at: http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe.
• once you have downloaded it then simply double click on it to run, there is nothing to install.
• on the first computer, under host name, inter the IP address of the second computer and click connect
• you will get a security alert, click yes
• log in as: synergy, password:(whatever you made it)
• if you have configured everything correctly then you should get a terminal prompt. If you don't, you missed something.
• repeat this process on the second computer.

c. Install Synergy

• download Synergy on both computers: http://synergy-foss.org/download/
• ON the server(computer with keyboard and mouse installed):
  • install Synergy, at the end of the install select: Server(new setup)
  • click (Configure Server…)
  • Click and drag the monitor in the top right to the square on the grid corresponding to where the second computers monitor is next to the server.
  • double click on it and rename it to the computer name of the client computer and click OK.
  • click Apply and then start
  • your synergy server is now ready to except connections for clients.
• ON the client:
  • before you install synergy we need to do a little script writing
  • click on (start, all programs, Copssh, start a unix Bash Shell)
  • type nano synergy.sh and enter the following line of test:
  • ssh -f -N -L localhost:24800:(IPofServer):24800 synergy@(IPofServer)
  • click Ctrl+X and then Y to save the config file
  • type ./synergy.sh it will ask you if you are sure, click yes, then type the password and it should drop you back to the terminal prompt. IMPORTENT, do not close this windows, it must be running for synergy to work, just minimize it and leave it running.
  • install Synergy, at the end of the install select: Client
  • for the server IP type: localhost, and click apply
  • you should be able to move your mouse from one screen to the other now and use your keyboard to type on either computers screen! Enjoy!

Installing Oracle Java on Ubuntu 12.04

OpenJDK is what Ubuntu uses as default for java web pages, but it leaves much to be desired. If you want to run Oracle Java on your Ubuntu computer simply open a terminal an enter the following commands:

~ $ sudo -s
~ # aptitude install python-software-properties *may not be needed
~ # add-apt-repository ppa:webupd8team/java 
~ # aptitude update 
~ # aptitude install oracle-java7-installer
~ # aptitude install oracle-jdk7-installer
~ # java -version

Installing and configuring a LogAnalyzer on an Ubuntu Server

This is a re-write of an article on Linux Journal that I found when researching the project. I've re-written it in my own words and added some content that was missing in the original article. A link to it can be found at the bottom of the page. 

1) Install Ununtu server with SSH and LAMP options selected

2) Run the following commands:

~ $sudo -s

~ #apt-get update

~ #apt-get upgrade

~ #apt-get install php5-gd

~ #apt-get install rsyslog-mysql rsyslog-relp

You will then be asked for your MySQL root password followed by being asked to create a password for rsyslog to use. This is the password that rsyslog will use in its config files.

3) To turn on accepting remote logs though we still have to uncoment a couple of lines in /etc/rsyslog.conf:

# provides UDP syslog reception

$ModLoad imudp

$UDPServerRun 514

# provides TCP syslog reception

$ModLoad imtcp

$InputTCPServerRun 514

Now, let's apply our changes:

~ #service rsyslog restart

4) Use your favorite editor and create /etc/rsyslog.d/relp.conf and enter the following in it:

$ModLoad imrelp

$InputRELPServerRun 20514

5) Make a working directory that it can store queue files in if needed.

~ # mkdir -p /var/rsyslog/work

Now we need to add the following to /etc/rsyslog.conf

# Buffering stuff:

$WorkDirectory /var/rsyslog/work # default location for work (spool) files

$ActionQueueType LinkedList # use asynchronous processing

$ActionQueueFileName dbq # set file name, also enables disk mode

$ActionResumeRetryCount -1 # infinite retries on insert failure

~ # service rsyslog restart

6) Install LogAnalyzer- As of this writing, the newest version is v3.4.4

~ # wget http://download.adiscon.com/loganalyzer/loganalyzer-3.4.4.tar.gz

~ # tar -xzf loganalyzer-3.4.4.tar.gz

~ # cd loganalyzer-3.4.4

~ # mkdir /var/www/logs

~ # cp -R src/* /var/www/logs/

~ # cp contrib/* /var/www/logs/

~ # cd /var/www/logs/

~ # chmod +x configure.sh secure.sh

~ # ./configure.sh

To enable the authentication part of LogAnalyzer we need to make an empty database for users to be stored in and grant privileges on it.

~ # mysql -p

mysql> create database LogAnalyzerUsers;

mysql> show databases;

mysql> grant all on LogAnalyzerUsers.* to LAUser@'localhost' identified by '(pick a password)';

mysql> quit

7) Now open a web browser and go to http://"serverIP"/logs/. You will be pointed to the installation script which will guide you through the process of setting up LogAnalyzer.

On step 3, make sure to enable user database. Enter the database, username, and password we created above. Enable "Require user to be logged in". On step 7 use the following settings:

Name the source something logical seeing as it is going to be the compiled *logs from all your servers.

Source Type = MYSQL Native

Select View = Syslog Fields

Table type = MonitorWare

Database Host = localhost

Database Name = Syslog (case sensitive)

Database Tablename = SystemEvents (case sensitive)

Database User = rsyslog

Database User = (whatever you made it in step 2)

Enable Row Counting = no

Forwarding log files to Log analyzer:

Linux Servers:

Setting up your other boxes is fairly straight forward. For this example, assume the server you have been setting up is named "myserv". If you don’t want to edit your hosts file then either use the FQDN or the IP in place of myserv. If you are willing to run rsyslog on them then all you have to do is install librelp:

sudo apt-get install rsyslog-relp

Then add the following to your rsysnc configuration file /etc/rsyslog.conf:

$ModLoad omrelp

# forward messages to the remote server "myserv" on

# port 20514

*.* :omrelp:"myserv":20514;RSYSLOG_ForwardFormat

Windows servers:

If you want your Windows 2000 - Server 2008 machines to send logs to your new central log server then check out eventlog-to-syslog. Just download it, unzip it, copy evtsys.exe to C:\Windows\system32\ and execute

C:\Windows\system32>evtsys.exe -i -h ip.address.of.myserv

I tested the x64 version of this in a Windows 7 Enterprize virtual machine and it worked great.

Network Devices:

If you want to point your network devices to this server then just remember that it is listening on port 514 for both TCP and UDP connections.

Article source:

Centralized Logging with a Web Interface