Moon Light Box

Time is Money

Posts match “ Linux ” tag:

Vim - Change Vim Default Comment Color

| Comments

The default VIM comment color(dark blue) is diffacult to read.

So you can add .vimrc file in /YOUR_HOME_PATH/

$ cd
$ vim .vimrc

Add below contents then save and exit.

syntax on
set t_Co=256
hi Comment ctermfg=blue

Enjoy it.

Vim - Highlight Trailing Whitespace

| Comments

During Vim editing, We must have to delete unnecessary trailing whitespace which make code easy to read or merge.

So you can add .vimrc file in /YOUR_HOME_PATH/

$ cd
$ vim .vimrc

Add below contents then save and exit.

hi Whitespace ctermbg=darkred guibg=darkcyan
autocmd BufEnter * if &ft != 'help' | match Whitespace /\s\+$/ | endif
autocmd BufEnter * if &ft == 'help' | match none /\s\+$/ | endif

Enjoy it.

Reference : vim 顯示多餘空白( trailing whitespace )

Linux - Recovery DRBD Split Brain

| Comments

When occorred split brain, you can see below message (Primary/Unknown) or (Secondary/Unknown).

Node A $ cat /proc/drbd

version: 8.4.5 (api:1/proto:86-101)
GIT-hash: 1d360bde0e095d495786eaeb2a1ac76888e4db96 build by mockbuild@, 2014-08-17 22:54:26
 0: cs:StandAlone ro:Primary/Unknown ds:UpToDate/DUnknown   r-----
    ns:0 nr:0 dw:886517 dr:2106580 al:368 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:5770156

Node B $ cat /proc/drbd
version: 8.4.5 (api:1/proto:86-101)
GIT-hash: 1d360bde0e095d495786eaeb2a1ac76888e4db96 build by mockbuild@, 2014-08-17 22:54:26
 0: cs:StandAlone ro:Secondary/Unknown ds:UpToDate/DUnknown   r-----
    ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:16044

Node A (Primary): Assumed your main data in Node A.

First, check your DRBD partition is mounted.

Node A $ sudo drbdadm primary all
Node A $ sudo drbdadm connect all

Synchronizing data.

Node A $ cat /proc/drbd

version: 8.4.5 (api:1/proto:86-101)
GIT-hash: 1d360bde0e095d495786eaeb2a1ac76888e4db96 build by mockbuild@, 2014-08-17 22:54:26
 0: cs:SyncSource ro:Primary/Secondary ds:UpToDate/Inconsistent C r-----
    ns:379080 nr:0 dw:886698 dr:2495004 al:370 bm:0 lo:2 pe:0 ua:2 ap:0 ep:1 wo:f oos:5391140
        [>...................] sync'ed:  6.7% (5264/5632)M
        finish: 0:03:04 speed: 29,160 (29,160) K/sec

Synchronization Result.

Node A $ cat /proc/drbd

version: 8.4.5 (api:1/proto:86-101)
GIT-hash: 1d360bde0e095d495786eaeb2a1ac76888e4db96 build by mockbuild@, 2014-08-17 22:54:26
 0: cs:Connected ro:Primary/Secondary ds:UpToDate/UpToDate C r-----
    ns:233565451 nr:0 dw:233561279 dr:1788854 al:51494 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:0

Node B (Secondary):

First, check your DRBD partition is unmounted.

Node B $ sudo drbdadm disconnect all
Node B $ sudo drbdadm secondary all
Node B $ sudo drbdadm -- --discard-my-data connect all

Synchronizing data.

Node B $ cat /proc/drbd

version: 8.4.5 (api:1/proto:86-101)
GIT-hash: 1d360bde0e095d495786eaeb2a1ac76888e4db96 build by mockbuild@, 2014-08-17 22:54:26
 0: cs:SyncTarget ro:Secondary/Primary ds:Inconsistent/UpToDate C r-----
    ns:0 nr:4400804 dw:4400804 dr:0 al:0 bm:0 lo:0 pe:6 ua:0 ap:0 ep:1 wo:f oos:1369416
        [==============>.....] sync'ed: 76.3% (1336/5632)M
        finish: 0:00:37 speed: 36,028 (34,380) want: 102,400 K/sec

Synchronization Result.

Node B $ cat /proc/drbd

version: 8.4.5 (api:1/proto:86-101)
GIT-hash: 1d360bde0e095d495786eaeb2a1ac76888e4db96 build by mockbuild@, 2014-08-17 22:54:26
 0: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r-----
    ns:0 nr:233565357 dw:233565357 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:0

Reference:https://drbd.linbit.com/users-guide/s-resolve-split-brain.html

Linux - Install OpenJDK1.8 in CentOS 7

| Comments

Step 1.

sudo yum -y install java-1.8.0-openjdk.x86_64 java-1.8.0-openjdk-devel.x86_64

Step 2.

sudo vim /etc/profile.d/java-sdk-env.sh

Add below.

export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk
export CLASSPATH=.:$JAVA_HOME/jre/lib/rt.jar:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
export PATH=$PATH:$JAVA_HOME/bin

Linux - Install MariaDB in CentOS 7

| Comments

Step 1.

# sudo yum install mariadb mariadb-server mariadb-devel

Step 2. Start MariaDB when Boot

# sudo systemctl restart mariadb
# sudo systemctl status mariadb
# sudo systemctl enable mariadb

Step 3. Set Root Password

# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!
 
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] n
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Step 4. Use MariaDB

# mysql -u root -p

Linux - Install Gerrit in CentOS 7

| Comments

Step 1. Set Mysql Gerrit Account

# mysql -u root -p

CREATE USER 'gerrit2'@'localhost' IDENTIFIED BY 'secret';
SET PASSWORD FOR 'gerrit2'@'localhost' = PASSWORD('XXXXXX'); // your password
CREATE DATABASE reviewdb;
GRANT ALL ON reviewdb.* TO 'gerrit2'@'localhost';
FLUSH PRIVILEGES;

exit

Step 2. Add gerrit2 User.

# sudo useradd -m gerrit2

Step 3. Install Gerrit

# su - gerrit2
# wget http://www.gerritcodereview.com/download/gerrit-2.12.war
# java -jar gerrit-2.12.war init -d /home/gerrit2/gerrit

Create '/home/gerrit2/gerrit'  [Y/n]? Y
Location of Git repositories   [git]:ENTER
Database server type           [h2]: mysql
Gerrit Code Review is not shipped with MySQL Connector/J 5.1.21
**  This library is required for your configuration. **
Download and install it now [Y/n]?Y
Server hostname                [localhost]:
Server port                    [(mysql default)]:
Database name                  [reviewdb]:
Database username              [gerrit2]:
gerrit2's password             :
              confirm password :
Type                           [LUCENE/?]: ENTER
Authentication method          [OPENID/?]: http
Get username from custom HTTP header [y/N]? N
SSO logout URL                 :ENTER
Enable signed push support     [y/N]? N
Install Verified label         [y/N]? ENTER
SMTP server hostname           [localhost]: ENTER
SMTP server port               [(default)]: ENTER
SMTP encryption                [NONE/?]: ENTER
SMTP username                  : ENTER
Run as                         [gerrit2]:
Java runtime                   [/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.71-2.b15.el7_2.x86_64/jre]: ENTER
Copy gerrit-2.12.war to /home/gerrit2/gerrit/bin/gerrit.war [Y/n]? y
Listen on address              [*]: ENTER
Listen on port                 [29418]: ENTER
Download and install it now [Y/n]? y
Behind reverse proxy           [y/N]? y
Proxy uses SSL (https://)      [y/N]? N
Subdirectory on proxy server   [/]: ENTER
Listen on address              [*]: ENTER
Listen on port                 [8081]: ENTER
Canonical URL                  [http://localhost/]: http://10.10.10.10/   // change to your IP
Install plugin singleusergroup version v2.12 [y/N]? y
Install plugin commit-message-length-validator version v2.12 [y/N]? y
Install plugin reviewnotes version v2.12 [y/N]? y
Install plugin replication version v2.12 [y/N]? y
Install plugin download-commands version v2.12 [y/N]? y

Step 4. Checked and Modified gerrit.config Configuration

## vim  /home/gerrit2/gerrit/etc/gerrit.config
[gerrit]
        basePath = git
        canonicalWebUrl = http://10.10.10.10/  // change to your IP
[database]
        type = mysql
        hostname = localhost
        database = reviewdb
        username = gerrit2
[index]
        type = LUCENE
[auth]
        type = HTTP
[receive]
        enableSignedPush = false
[sendemail]
        smtpServer = localhost
[container]
        user = gerrit2
        javaHome = /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.71-2.b15.el7_2.x86_64/jre
[sshd]
        listenAddress = *:29418
[httpd]
        listenUrl = proxy-http://*:8081/
[cache]
        directory = cache
        
# java -jar gerrit-2.12.war reindex -d /home/gerrit2/gerrit
# /home/gerrit2/gerrit/bin/gerrit.sh start

Step 5. Install Apache

# sudo yum install httpd httpd-tools openssl mod_ssl
# sudo vim /etc/httpd/conf/httpd.conf
ServerName 10.10.10.10:80  // change to your IP
# sudo vim /etc/httpd/conf.d/options.conf

TraceEnable off

## Disable Signature
ServerSignature Off

## Disable Banner
ServerTokens Prod
# sudo vim /etc/httpd/conf.d/vhosts.conf

# Load my vhosts
IncludeOptional vhosts.d/*.conf
# sudo mkdir /etc/httpd/vhosts.d
# sudo systemctl restart httpd
# sudo systemctl status httpd
# sudo systemctl enable httpd

Step 6. Set Apache Proxy

# sudo vim /etc/httpd/vhosts.d/gerrit.conf

<VirtualHost 10.10.10.10:80> // change to your IP
    ServerName 10.10.10.10   // change to your IP

    ProxyRequests Off
    ProxyVia Off
    ProxyPreserveHost On

    <Proxy *>
            Order deny,allow
            Allow from all
    </Proxy>

    <Location /login/>
            AuthType Basic
            AuthName "Gerrit Code Review"
            Require valid-user
            AuthUserFile '/etc/httpd/gerrit.htpasswd'
    </Location>

    AllowEncodedSlashes On
    ProxyPass / http://10.10.10.10:8081/ nocanon  // change to your IP
</VirtualHost>

Step 7. Create Gerrit Account

# sudo chmod 755 /home/gerrit2
# sudo htpasswd -c /home/gerrit2/gerrit.htpasswd admin  // the first account is gerrit administrator

New password:
Re-type new password:
Adding password for user admin

Reference:

https://www.rosehosting.com/blog/how-to-install-gerrit2-on-a-centos-7-linux-vps/
http://coderanch.net/15
https://gerrit-review.googlesource.com/Documentation/

Linux - Install Samba in CentOS 7

| Comments

Step 1. Install Package.

# sudo yum install -y samba samba-client

Step 2. Create Shared Folder.

# cd /opt
# sudo mkdir /opt/shared_folder
# sudo chmod 2770 -R sharedfolder/
# sudo chown -R root:shared_user shared_folder/
# sudo groupadd shared_user

Step 3. Modify smb.conf.

# sudo vim /etc/samba/smb.conf

[homes]
        comment = Home Directories
        browseable = no
        writable = yes
;       valid users = %S
;       valid users = MYDOMAIN\%S

;[printers]
;       comment = All Printers
;       path = /var/spool/samba
;       browseable = no
;       guest ok = no
;       writable = no
;       printable = yes

[SHARED]
        comment = SHARED FOLDER
        path = /opt/shared_user  // your folder path
        browseable = yes
        writable = yes
        write list = @shared_user  // folder owner group
        read only = no
        directory mask = 0775
;        create mask = 0644

Step 4. Set Firewall Policy.

# sudo firewall-cmd –permanent –zone=public –add-service=samba
# sudo firewall-cmd –reload

Step 5. Auto Start when Boot On.

# sudo systemctl status smb
# sudo systemctl start smb
# sudo systemctl enable smb

Notice

If you want to use AD, please see this topic AD.

Linux - Install NTP in CentOS 7

| Comments

Step 1. Install

# sudo yum -y install ntp

Step 2. Link localtime to Taipei time.

# sudo rm /etc/localtime
# sudo ln -s /usr/share/zoneinfo/Asia/Taipei /etc/localtime

Step 3.

# sudo vim /etc/ntp.conf


# Permit all access over the loopback interface.  This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict tock.stdtime.gov.tw
restrict tick.stdtime.gov.tw
restrict time.stdtime.gov.tw
#restrict 127.0.0.1
#restrict -6 ::1

# Hosts on local network are less restricted.
restrict 10.16.131.0 mask 255.255.255.0 nomodify
#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap


# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server tock.stdtime.gov.tw
server tick.stdtime.gov.tw
server time.stdtime.gov.tw
#server 0.centos.pool.ntp.org
#server 1.centos.pool.ntp.org
#server 2.centos.pool.ntp.org
#server 3.centos.pool.ntp.org
# sudo vim /etc/sysconfig/ntpd

SYNC_HWCLOCK=yes

Step 3. Auto Start when Boot On.

# sudo systemctl start ntpd
# sudo systemctl enable ntpd

Linux - Install phpMyAdmin in CentOS 7

| Comments

Step 1. Install

# sudo yum install epel-release
# sudo yum update -y
# sudo yum install phpmyadmin

Step 2. Modified phpMyAdmin.conf

# sudo vim /etc/httpd/conf.d/phpMyAdmin.conf

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
#       Require ip 127.0.0.1 // comment this line
#       Require ip ::1       // comment this line
       Require all granted   // add this line
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from xxx.xxx.xxx.xxx // modified 127.0.0.1 to your IP
     Allow from ::1
   </IfModule>

Step 3. Restart Apache

# sudo systemctl restart httpd.service

Step 4. Open Your Url.

http://xxx.xxx.xxx.xxx/phpMyAdmin

Linux - Change Gitlab Port

| Comments

# sudo vim /etc/gitlab/gitlab.rb

external_url 'http://10.10.10.10:81'  // Change to your IP
unicorn['port'] = 81
nginx['listen_port'] = 81
ci_nginx['listen_port'] = 81
mattermost_nginx['listen_port'] = 81
pages_nginx['listen_port'] = 81
# sudo gitalb-ctl reconfigure

Browser URL http://10.10.10.10:81

Linux - Change Jenkins Port

| Comments

# sudo vim /etc/sysconfig/jenkins

JENKINS_PORT="8081"  // 8080 is default port
// JENKINS_PORT="81" -> I change port to 81 or 8X... and always cannot access Jenkins web page. Bug????

# sudo systemctl restart jenkins

Linux - Install Apache Maven in CentOS7

| Comments

# cd /opt
# wget http://ftp.mirror.tw/pub/apache/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-bin.zip
# unzip apache-maven-3.3.9-bin.zip
# ln -s apache-maven-3.3.9 maven
# vim /etc/profile.d/maven-env.sh

export MAVEN_HOME=/opt/maven
export PATH=$PATH:$MAVEN_HOME/bin

# source /etc/profile
# vim /opt/maven/conf/settings.xml

Find this tag.
<servers>
...
  <server>
        <id>internal</id>
        <username>YOUR_ACCOUNT</username>
        <password>YOUR_PASSWORD</password>
    </server>
</servers>

Find this tag.
<mirrors>
...
  <mirror>
    <id>nexus</id>
    <url>http://192.168.1.1:8081/repository/maven-public/</url> // 192.168.1.1 is your sonatype maven nexus server IP
    <mirrorOf>*</mirrorOf>
  </mirror>
</mirrors>

Find this tag.
<profiles>
  <profile>
    <id>compiler</id>
    <properties>
      <JAVA_1_8_HOME>/usr/lib/jvm/java-1.8.0-openjdk</JAVA_1_8_HOME>
    </properties>
  </profile>
</profiles>
  
<activeProfiles>
  <activeProfile>compiler</activeProfile>
</activeProfiles>