dah85.com

Just another blog

Using Rsync

- Posted in Quick Tip by with comments

I found myself needing a copy a folder from one server to another, but keeping all of the file attributes intact and not copying files already transferred, or deleting anything.

I came across this command:

rsync --progress -havz /var/www user@remotehost:/var/www

Which shows the progress as it goes, keeps the file attributes and doesn't copy anything that's already there.

Encrypted backups to another server

- Posted in Quick Tip by with comments

I am trying to back up one of my storage servers to another storage server, but I would like to encrypt the backup files for extra protection.

To do this, I will be using duplicity. Duplicity works great for backing up my desktop to my storage VPS so I'd like to use it for my server also.

First, we need to install duplicity and make sure gnupg is installed, as well as python-maramiko otherwise it may error advising it's not available as a backend.

apt install duplicity gnupg python-paramiko

Then we need to generate a key

gpg --gen-key

For the next part, I took the defaults except the keysize is 4096.

Take note of the public key that was generated as we'll use this to encrypt the backup.

This is the command I would use to back up the /var/www folder to the path /home/root/www on the destination.

duplicity --ssh-askpass --encrypt-key=CE69XXXX --sign-key=CE69XXXX /var/www sftp://root@destination.com/www

The --ssh-askpass option is if you don't use SSH keys, otherwise it will complain that it can't connect.

The output will be pretty quiet, not showing any progress, so for the first backup I will use -v8 which is verbosity level 8 (info) which shows each file as it's backing up.

In another post, I'll look at decrypting the backup.

I have a Logitech G15 keyboard which has an LCD screen built into the top of it. Under Ubuntu, getting it to work is a simple matter of running

apt install g15daemon

Under Manjaro, it's a bit different. I can install the g15daemon but it won't start automatically without requring the root password. What we need to do is use a tool called visudo. This is what I did.

sudo visudo

Then go to the bottom of the file, press o to insert and put:

ALL ALL= NOPASSWD: /usr/sbin/g15daemon

Press escape, then :x to save and quit.

Now we enable it as a service in systemctl

sudo systemctl enable g15daemon

And test it by running

sudo systemctl start g15daemon

The LCD on the keyboard now shows me the time and date. To get this to start when I log in, because I'm using Manjaro XFCE I will open "Session and Startup", go to the "Application Autostart" tab and create a new entry with "sudo systemctl start g15daemon" as the command to run, giving it a suitable name.

After a reboot to test it, it's all working!

I originally followed this post on the Manjaro forums with no success, I found my way to be much cleaner.

Backing up a folder with tar

- Posted in Quick Tip by with comments

I was recently looking for the best way to back up a folder to a tar.gz archive and came across this command.

tar -cvpzf backup.tar.gz foldername

Replace backup.tar.gz with the name of the file you want to create, and replace foldername with the name of the folder you are backing up. For example to back up the /var/www/ folder

tar -cvpzf backup.tar.gz /var/www/

Done :)

Setting up Plex on a VPS

- Posted in Quick Tip by with comments

Setting up Plex on a local network is simple, you simply install it and point your browser to the URL and away you go, but when it's hosted on a VPS or outside of the local network things get a bit tricky.

The way around this is by setting up an SSH port forward temporarily to access Plex on a local port to set it up.

On the computer you're setting Plex up from (not the server) this will get us started.

ssh -L 12345:localhost:32400 user@server

This will open a port 12345 that points to port 32400 on the server, logging in with the ssh user @ the server hosting Plex.

Then it's a simple matter of going to http://localhost:12345/web/ and finishing the Plex setup from there.

Getting Steam to work in Manjaro Linux

- Posted in Quick Tip by with comments

This is a quick tip to remind myself (and others) that even though Steam appears to be installed in Manjaro Linux, it won't open.

Running these commands fixes that issue:

find ~/.steam/root/ \( -name "libgcc_s.so*" -o -name "libstdc++.so*" -o -name "libxcb.so*" -o -name "libgpg-error.so*" \) -print -delete

and

find ~/.local/share/Steam/ \( -name "libgcc_s.so*" -o -name "libstdc++.so*" -o -name "libxcb.so*" -o -name "libgpg-error.so*" \) -print -delete

After that, start Steam and it should start updating and work :)

Installing a minimal GUI on a KVM server

- Posted in Quick Tip by with comments

Recently I have found myself needing to install a very basic, light GUI on top of an otherwise blank Ubuntu Server system. This lead me to the following command, which will install the lightweight desktop environment LXDE along with the bare minimum that's needed to run it.

sudo apt install --no-install-recommends lubuntu-core

After that, we'll need a way to actually load the GUI so we need to install xinit. If you don't do this, when you type startx it will warn you to do this anyway.

sudo apt install xinit

Reboot and it will now show you the GUI login screen.

Logging in shows that there is a GUI and nothing else installed except a terminal, a file manager and desktop settings.

Spending more time with HostHatch VPS

- Posted in VPS by with comments

In my last post, I introduced you to the HostHatch VPS deal I found, which is located in my home country of Australia.

Since getting that VPS set up and doing the usual, it's actually proved to be quite useful for a couple of reasons.

Firstly, it's local to me, and the pings are the lowest of any of my VPS services. This low latency makes it perfect for using with Iodine DNS tunnelling, which is something I plan to write about in the future.

The other thing which is particularly useful to me is the fact that I can serve my wife's photography website from it, allowing her clients a much better connectivity than running from a US hosted Woothosting reseller plan.

Even this blog is powered by the VPS too.

Funny enough, this VPS is serving my needs perfectly which I did not really expect.

Reviewing a HostHatch Sydney VPS

- Posted in VPS by with comments

I came across a pretty good deal on an Australian VPS located in Sydney. I live in Australia so I thought this would be a good way to test out a local VPS to see if I can possibly get some better speeds.

256MB RAM
256MB vSwap
2x vCPU
30GB SSD
1TB transfer
1Gbps uplink
1x IPv4
/96 IPv6
OpenVZ/SolusVM
$8/quarter

Not going to set any speed records, that's for sure and it's not going to be useful for storage, but it may possibly be a cheap way to host a few local business websites as an alternative to shared hosting. I would also have the benefit (or burden, however you look at it) of having full control over the system.

As always, I've done some benchmarks.

CPU model:  Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz
Number of cores: 2
CPU frequency:  2400.147 MHz
Total amount of RAM: 256 MB
Total amount of swap:  MB
System uptime:   33 min,       
I/O speed:  300 MB/s
Bzip 25MB: 5.46s
Download 100MB file: 27.3MB/s

Nice IO and CPU speed there, and the speed test isn't bad. Let's wait a bit and try some more.

CPU model:  Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz
Number of cores: 2
CPU frequency:  2400.131 MHz
Total amount of RAM: 256 MB
Total amount of swap:  MB
System uptime:   3 days, 22:48,       
I/O speed:  490 MB/s
Bzip 25MB: 6.19s
Download 100MB file: 1.49MB/s

Nice IO, CPU and horrible network. I have 100mbit VDSL at home, and during peak times it crawls down to a single http stream at around 40 or 50 kilobytes per second. Seems like maybe it's not just my ISP affected by that. Let's try it again later..

CPU model:  Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz
Number of cores: 2
CPU frequency:  2400.131 MHz
Total amount of RAM: 256 MB
Total amount of swap:  MB
System uptime:   8 days, 2:54,       
I/O speed:  522 MB/s
Bzip 25MB: 5.93s
Download 100MB file: 206KB/s

It makes me feel a little bit curious about the fact that a server hosted in a data centre has as good a connectivity as my consumer VDSL connection does.

Aside from the network issues, which are an artefact of the state of Australia's Internet connectivity, this VPS performs very well and has been useful for serving up web pages, which is great since I get a 50ms ping to this VPS from home and on average around 200-300 on overseas ones.

I need to migrate my nextCloud over to another server, which I will review later and maybe even document my experience migrating a nextCloud setup.

-Dave

Setting up LetsEncrypt free SSL

- Posted in Quick Tip by with comments

Today I will be installing and automatically renewing a free SSL certificate with LetsEncrypt.

Here's what I would do for the domain dah85.com

apt-get install nano python-letsencrypt-apache
letsencrypt --apache -d dah85.com
letsencrypt --apache --expand -d dah85.com -d www.dah85.com
letsencrypt renew
crontab -e
1 1 * * 1 /usr/bin/letsencrypt renew >> /var/log/letsencrypt-renewal.log

Done :)

This also sets up SSL in Apache for things like nextCloud if it's not already set up.

EDIT 0: If it complains that letsencrypt does not exist when installing, try installing python-certbot-apache instead. I found this happens in Ubuntu 17.04.

EDIT 1: Someone kindly pointed out that www.dah85.com didn't work, so I added the command "letsencrypt --apache --expand -d dah85.com -d www.dah85.com" after it and that fixed it :) Thanks Chris!

-Dave