centos

Cara Mengatasi VMWARE Internal Error

Last Updated on 31 May 2018 By tommy Leave a Comment

Setelah listrik padam, server vmware ngambek ga mau jalan. Bila dijalankan muncul pesan error “Error opening virtual machine internal error” seperti gambar diatas.
Saya menggunakan CentOS 7.5.1804.

## kernel 
$ rpm -qa kernel\* | sort
kernel-3.10.0-514.26.2.el7.x86_64
kernel-3.10.0-693.11.1.el7.x86_64
kernel-devel-3.10.0-514.26.2.el7.x86_64
kernel-devel-3.10.0-693.11.1.el7.x86_64
kernel-headers-3.10.0-693.11.1.el7.x86_64
kernel-tools-3.10.0-693.11.1.el7.x86_64
kernel-tools-libs-3.10.0-693.11.1.el7.x86_64
 
$ uname -a
Linux serper 3.10.0-693.11.1.el7.x86_64 #1 SMP Mon Dec 4 23:52:40 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

Solusinya bisa dilihat dibawah ini

Cek status service vmware (systemctl status vmware.service)

$ systemctl status vmware.service
● vmware.service - SYSV: This service starts and stops VMware services
   Loaded: loaded (/etc/rc.d/init.d/vmware; bad; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2018-05-31 10:48:03 WIB; 10min ago
     Docs: man:systemd-sysv-generator(8)
  Process: 9984 ExecStart=/etc/rc.d/init.d/vmware start (code=exited, status=1/FAILURE)
   CGroup: /system.slice/vmware.service
           ├─1369 /usr/lib/vmware/bin/vmware-vmblock-fuse -o subtype=vmware-vmblock,default_permissions,allow_other /var/run/vmblock-fuse
           ├─1413 /usr/bin/vmnet-bridge -s 6 -d /var/run/vmnet-bridge-0.pid -n 0 -ienp4s0
           ├─1417 /usr/bin/vmnet-bridge -s 6 -d /var/run/vmnet-bridge-2.pid -n 2 -ienp2s0
           ├─1430 /usr/bin/vmnet-netifup -s 6 -d /var/run/vmnet-netifup-vmnet1.pid /dev/vmnet1 vmnet1
           ├─1436 /usr/bin/vmnet-dhcpd -s 6 -cf /etc/vmware/vmnet1/dhcpd/dhcpd.conf -lf /etc/vmware/vmnet1/dhcpd/dhcpd.leases -pf /var/run/vmnet-dhcpd-vmnet1.pid vmnet1...
           └─1476 /usr/sbin/vmware-authdlauncher
 
May 31 10:48:02 serper vmware[9984]: Virtual machine monitor[  OK  ]
May 31 10:48:02 serper vmware[9984]: Virtual machine communication interface[  OK  ]
May 31 10:48:02 serper vmware[9984]: VM communication interface socket family[  OK  ]
May 31 10:48:02 serper vmware[9984]: Blocking file system[  OK  ]
May 31 10:48:03 serper vmware[9984]: Virtual ethernet[FAILED]
May 31 10:48:03 serper vmware[9984]: VMware Authentication Daemon[  OK  ]
May 31 10:48:03 serper systemd[1]: vmware.service: control process exited, code=exited status=1
May 31 10:48:03 serper systemd[1]: Failed to start SYSV: This service starts and stops VMware services.
May 31 10:48:03 serper systemd[1]: Unit vmware.service entered failed state.
May 31 10:48:03 serper systemd[1]: vmware.service failed.

Disitu error “Virtual ethernet[FAILED]”, cek lagi pake vmware-networks --start

$ vmware-networks --start
Started Bridge networking on vmnet0
Started Bridge networking on vmnet2
Enabled hostonly virtual adapter on vmnet1
Started DHCP service on vmnet1
Subnet on vmnet8 is no longer available for usage, please run the network editor to reconfigure different subnet
Failed to start some/all services

si vmnet8 ini ternyata yang menjadi masalah. Mari kita selesaikan

Jalankan vmware, buka menu Edit -> Virtual Network Editor. Pilih network yang bermasalah, disini vmnet8

pilih vmnet8 lalu kosongkan Subnet IP:. Atau bisa juga dihapus, kalo emang ga digunakan.

Jalankan kembali vmware-networks

$ vmware-networks --start
Started Bridge networking on vmnet0
Started Bridge networking on vmnet2
Enabled hostonly virtual adapter on vmnet1
Started DHCP service on vmnet1
Started NAT service on vmnet8
Enabled hostonly virtual adapter on vmnet8
Started DHCP service on vmnet8
Started all configured services on all networks

Jalankan service vmware

systemctl start vmware.service

Cek statusnya

$ systemctl status vmware.service
● vmware.service - SYSV: This service starts and stops VMware services
   Loaded: loaded (/etc/rc.d/init.d/vmware; bad; vendor preset: disabled)
   Active: active (running) since Thu 2018-05-31 11:13:19 WIB; 21s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 12498 ExecStop=/etc/rc.d/init.d/vmware stop (code=exited, status=0/SUCCESS)
  Process: 12629 ExecStart=/etc/rc.d/init.d/vmware start (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/vmware.service
           ├─12727 /usr/lib/vmware/bin/vmware-vmblock-fuse -o subtype=vmware-vmblock,default_permissions,allow_other /var/run/vmblock-fuse
           ├─12772 /usr/bin/vmnet-bridge -s 6 -d /var/run/vmnet-bridge-0.pid -n 0 -ienp4s0
           ├─12776 /usr/bin/vmnet-bridge -s 6 -d /var/run/vmnet-bridge-2.pid -n 2 -ienp2s0
           ├─12782 /usr/bin/vmnet-netifup -s 6 -d /var/run/vmnet-netifup-vmnet1.pid /dev/vmnet1 vmnet1
           ├─12788 /usr/bin/vmnet-dhcpd -s 6 -cf /etc/vmware/vmnet1/dhcpd/dhcpd.conf -lf /etc/vmware/vmnet1/dhcpd/dhcpd.leases -pf /var/run/vmnet-dhcpd-vmnet1.pid vmnet...
           ├─12791 /usr/bin/vmnet-natd -s 6 -m /etc/vmware/vmnet8/nat.mac -c /etc/vmware/vmnet8/nat/nat.conf
           ├─12793 /usr/bin/vmnet-netifup -s 6 -d /var/run/vmnet-netifup-vmnet8.pid /dev/vmnet8 vmnet8
           ├─12799 /usr/bin/vmnet-dhcpd -s 6 -cf /etc/vmware/vmnet8/dhcpd/dhcpd.conf -lf /etc/vmware/vmnet8/dhcpd/dhcpd.leases -pf /var/run/vmnet-dhcpd-vmnet8.pid vmnet...
           └─12831 /usr/sbin/vmware-authdlauncher
 
May 31 11:13:19 serper vmnet-dhcpd[12795]: All rights reserved.
May 31 11:13:19 serper vmnet-dhcpd[12795]: 
May 31 11:13:19 serper vmnet-dhcpd[12795]: Please contribute if you find this software useful.
May 31 11:13:19 serper vmnet-dhcpd[12795]: For info, please visit http://www.isc.org/dhcp-contrib.html
May 31 11:13:19 serper vmnet-dhcpd[12795]: 
May 31 11:13:19 serper vmnet-dhcpd[12795]: Configured subnet: 172.16.147.0
May 31 11:13:19 serper vmware[12629]: Virtual ethernet[  OK  ]
May 31 11:13:19 serper vmware[12629]: VMware Authentication Daemon[  OK  ]
May 31 11:13:19 serper vmware[12629]: Shared Memory Available[  OK  ]
May 31 11:13:19 serper systemd[1]: Started SYSV: This service starts and stops VMware services.

Sukses.

Sebelum menjalankan guest vmware, restart terlebih dahulu node (host) nya. Kalo ngga error yang sama tetap muncul.

Tutorial Lengkap Install Mail Server Postfix Dovecot MariaDB di CentOS 7

Last Updated on 25 October 2017 By tommy 4 Comments

Membangun mail server perlu dimengerti oleh seorang system administrator, banyak pengetahuan baru yang bisa di dapat dari sini, seperti trouble shooting masalah email, anti spam, blacklist, whitelist email, dll.
Tutorial Lengkap Install Mail Server Postfix Dovecot MariaDB di CentOS 7 ini masih sampai sebatas menginstall dan mengkonfigurasi, karena ini juga sudah lumayan panjang untuk sebuah tutorial ;). Alasan saya menggunakan Postfix dan Dovecot adalah karena saya lebih familiar dengan kedua software itu dibandingkan dengan exim ataupun mail server lainnya.

Setting Hostname

Ganti hostname server anda menjadi mail.[NAMADOMAIN].com

hostnamectl --static set-hostname mail.jaranguda.com

Hapus Mail Server Lain

Hapus exim dan sendmail

yum remove exim* sendmail*

Install MariaDB

Install MariaDB dengan perintah

yum install mariadb-server mariadb

Jalankan service mariadb

service mariadb start

Setting password root dan hapus database yang tidak perlu

jalankan perintah

mysql_secure_installation

Disini anda belum memiliki password root mariadb, jadi tidak usah di input.

Enter current password for root (enter for none):
Set root password? [Y/n] Y
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] Y
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y

buat database dan user untuk mail.

create database email;
GRANT ALL PRIVILEGES ON email.* TO "dbmail"@"localhost" IDENTIFIED BY "sFRjKXVkUef3VHxTXiLT";

Buat tabel di database

CREATE TABLE domains (domain varchar(50) NOT NULL, PRIMARY KEY (domain) );
CREATE TABLE forwardings (source varchar(80) NOT NULL, destination TEXT NOT NULL, PRIMARY KEY (source) );
CREATE TABLE users (email varchar(80) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (email) );
CREATE TABLE transport ( domain varchar(128) NOT NULL default '', transport varchar(128) NOT NULL default '', UNIQUE KEY domain (domain) );

Generate SSL Self Signed

Untuk sementara kita akan menggunakan self signed SSL, nantinya bisa diganti dengan SSL berbayar atau Lets Encrypt

mkdir /etc/postfix/ssl;
cd /etc/postfix/ssl;
openssl req -x509 -nodes -newkey rsa:2048 -keyout mail.xxx.com.key -out mail.xxx.com.crt -nodes -days 3650

output perintah diatas

$ openssl req -x509 -nodes -newkey rsa:2048 -keyout mail.xxx.com.key -out mail.indounix.com.crt -nodes -days 3650
Generating a 2048 bit RSA private key
.............................................................................................+++
..................................................................+++
writing new private key to 'mail.xxx.com.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:ID
State or Province Name (full name) []:Jakarta
Locality Name (eg, city) [Default City]:Jakarta
Organization Name (eg, company) [Default Company Ltd]:SSL
Organizational Unit Name (eg, section) []:SSL
Common Name (eg, your name or your server's hostname) []:mail.xxx.com
Email Address []:[email protected]
[[email protected]] /etc/postfix/ssl 
$ ls
mail.xxx.com.crt  mail.xxx.com.key

Install dan Konfigurasi Postfix

Install postfix

yum -y --enablerepo=centosplus install postfix

Database Mail

Buat 4 file dibawah ini
/etc/postfix/mysql-virtual_domains.cf

user = dbmail
password = sFRjKXVkUef3VHxTXiLT
dbname = email
query = SELECT domain AS virtual FROM domains WHERE domain='%s'
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_email2email.cf

user = dbmail
password = sFRjKXVkUef3VHxTXiLT
dbname = email
query = SELECT email FROM users WHERE email='%s'
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_forwardings.cf

user = dbmail
password = sFRjKXVkUef3VHxTXiLT
dbname = email
query = SELECT destination FROM forwardings WHERE source='%s'
hosts = 127.0.0.1

/etc/postfix/mysql-virtual_mailboxes.cf

user = dbmail
password = sFRjKXVkUef3VHxTXiLT
dbname = email
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM users WHERE email='%s'
hosts = 127.0.0.1

Konfigurasi Postfix

buka file /etc/postfix/master.cf lihat bagian

submission inet n	-	n	-	-	smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no

hilangkan tanda pagar # didepannya.

Edit file /etc/postfix/main.cf

#myhostname = host.domain.tld
#mydomain = domain.tld
#myorigin = $myhostname
#inet_interfaces = all

ubah menjadi

myhostname = mail.indounix.com
mydomain = indounix.com
myorigin = $myhostname
inet_interfaces = all

tambahkan dibagian paling bawah

smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/ssl/mail.indounix.com.crt
smtpd_tls_key_file = /etc/postfix/ssl/mail.indounix.com.key
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
 
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
 
#SASL
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
 
#Limit
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

Restart Postfix

systemctl restart  postfix.service

Install dan Konfigurasi Dovecot

yum install dovecot dovecot-mysql

Buat folder penyimpanan email di /home/vmail

groupadd -g 5000 vmail
useradd -g vmail -u 5000 vmail -d /home/vmail -m
chown -R vmail.vmail /home/vmail

Edit file /etc/dovecot/conf.d/10-mail.conf, ubah

#separator = 
#mail_location =

menjadi

separator = .
mail_location = maildir:/home/vmail/%d/%n/Maildir

Edit file /etc/dovecot/conf.d/10-auth.conf, ubah

auth_mechanisms = plain
!include auth-system.conf.ext
#!include auth-sql.conf.ext

menjadi

auth_mechanisms = plain login
#!include auth-system.conf.ext
!include auth-sql.conf.ext

Edit file /etc/dovecot/conf.d/10-master.conf, ubah

#unix_listener /var/spool/postfix/private/auth {
#  mode = 0666
#}

menjadi

unix_listener /var/spool/postfix/private/auth {
  mode = 0660
  user = postfix
  group = postfix
}

Edit file /etc/dovecot/conf.d/10-ssl.conf, ubah

ssl = required
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem

menjadi

ssl = yes
ssl_cert = </etc/postfix/ssl/mail.indounix.com.crt
ssl_key = </etc/postfix/ssl/mail.indounix.com.key

Edit file /etc/dovecot/conf.d/15-mailboxes.conf, ubah

  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Trash {
    special_use = \Trash
  }

menjadi

  mailbox Drafts {
    auto = subscribe
    special_use = \Drafts
  }
  mailbox Junk {
    auto = subscribe
    special_use = \Junk
  }
  mailbox Trash {
    auto = subscribe
    special_use = \Trash
  }

Buat file /etc/dovecot/dovecot-sql.conf.ext

// 5000 disini sesuaikan waktu membuat user vmail
user_query = SELECT ('5000') as 'uid',('5000') as 'gid'
driver = mysql
connect = host=127.0.0.1 dbname=email user=email password=sFRjKXVkUef3VHxTXiLT
default_pass_scheme = SHA256-CRYPT
password_query = SELECT email as user, password FROM users WHERE email='%u';

Buka file /etc/dovecot/conf.d/10-master.conf, ubah

service lmtp {
  unix_listener lmtp {
    #mode = 0666
  }
 
  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port =
  #}
}

menjadi

service lmtp {
 
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    mode = 0600
    group = postfix
    user = postfix
  }
 
}

jalankan dovecot

service dovecot restart

Agar perubahan di dovecot bisa dikenali oleh postfix, jalankan

postconf virtual_transport=lmtp:unix:private/dovecot-lmtp

lalu restart postfix

service postfix restart

Cek Port

Cek port yang terbuka di server netstat -tunlp

$ netstat -tunlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      15928/mysqld        
tcp        0      0 127.0.0.1:587           0.0.0.0:*               LISTEN      16376/master        
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      16376/master        
tcp        0      0 0.0.0.0:38400           0.0.0.0:*               LISTEN      4649/sshd           
tcp6       0      0 ::1:587                 :::*                    LISTEN      16376/master        
tcp6       0      0 ::1:25                  :::*                    LISTEN      16376/master        
tcp6       0      0 :::38400                :::*                    LISTEN      4649/sshd           
udp        0      0 127.0.0.1:323           0.0.0.0:*                           3201/chronyd        
udp6       0      0 ::1:323                 :::*                                3201/chronyd

port 587 dan 25 adalah port SMTP

Bisa juga dicek menggunakan telnet

yum install telnet -y

Coba konek ke port 25 dan 587

$ telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.xxx.com ESMTP Postfix
quit
Connection closed by foreign host.
 
$ telnet localhost 587
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 mail.xxx.com ESMTP Postfix
quit
221 2.0.0 Bye
Connection closed by foreign host.

Tes Kirim Email

yum install mailx -y

contoh kita akan mengirim email ke gmail

$ mailx emailanda@gmail.com
Subject: Mail Server CentOS 7
ini isi email dari : Mail Server CentOS 7

Cek log dengan journal -f

Mar 3 13:16:18 mail postfix/smtpd[17210]: connect from localhost[127.0.0.1]
Mar 3 13:16:18 mail sendmail[17209]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
Mar 3 13:16:18 mail postfix/smtpd[17210]: C62506DA: client=localhost[127.0.0.1]
Mar 3 13:16:18 mail postfix/cleanup[17213]: C62506DA: message-id=<[email protected]>
Mar 3 13:16:18 mail postfix/qmgr[17155]: C62506DA: from=, size=713, nrcpt=1 (queue active)
Mar 3 13:16:18 mail sendmail[17209]: v236GIaY017209: [email protected], ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30270, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as C62506DA)
Mar 3 13:16:18 mail postfix/smtpd[17210]: disconnect from localhost[127.0.0.1]
Mar 3 13:16:20 mail postfix/smtp[17214]: C62506DA: to=, relay=gmail-smtp-in.l.google.com[74.125.68.27]:25, delay=2, delays=0.06/0.02/0.47/1.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1488521780 a3si9599213pgd.21 – gsmtp)
Mar 3 13:16:20 mail postfix/qmgr[17155]: C62506DA: removed

di Gmail

Tambah Domain

Untuk menambah domain baru login ke MySQL lalu eksekusi perintah

INSERT INTO domains (domain) VALUES ('jaranguda.com');

anda bisa menambah domain sebauak-banyaknya/unlimited. Ganti jaranguda.com dengan nama domain/subdomain anda

Buat Akun Email

Untuk menambah akun email baru login ke MySQL lalu eksekusi perintah

INSERT INTO users (email, password) VALUES ('[email protected]', ENCRYPT('PASSWORD'));

ganti [email protected] dengan email pilihan anda, dan PASSWORD dengan password anda. Anda bebas membuat password sepanjang mungkin > 50 karakter.
Bila anda ingin menambahkan email untuk domain yang belum ada di sistem, anda harus menambahkan domain terlebih dahulu.

Pembuatan akun email disini juga unlimited, jadi tidak perlu khawatir kehabisan akun email ;0

Membuat Live USB CentOS 7

Last Updated on 13 October 2015 By tommy Leave a Comment

Agar CentOS 7 bisa dijadikan Live CD/Live USB download yang CentOS-7-xxx-LiveCD-xxx.iso, saat ini versi terbaru CentOS 7 LiveCD adalah CentOS-7-x86_64-LiveCD-1503.iso, download ISO tersebut.

Untuk membuat Live USB, kita akan menggunakan UNetbootin.

Kebanyakan distro sudah memiliki unetbootin di repository-nya, jadi tinggal disesuaikan cara installnya dengan paket manager masing-masing.
Fedora

dnf install unetbootin -y

Ubuntu/Debian

apt-get install unetbootin -y

untuk pengguna Windows langsung download dari situs UNetbootin.

Buka unetbootin

klik DiskImage pilih ISO yang tadi di download

klik OK untuk memulai instalasi.

Tunggu beberapa saat sampai proses instalasi selesai

Proses pembuatan LiveUSB telah selesai, klik Exit

Tampilan CentOS 7 setelah selesai di Install

Install DNSCrypt 1.4 di CentOS 7

Last Updated on 20 January 2015 By tommy Leave a Comment

Sebelum memulai instalasi, kita harus menginstall library-library yang dibutuhkan

yum install gcc make automake gcc-c++ glibc-devel libtool automake libtool-ltdl-devel

Install libsodium

cd /tmp
wget --no-check-certificate https://download.libsodium.org/libsodium/releases/libsodium-0.6.1.tar.gz
tar zxvf libsodium-0.6.1.tar.gz
cd libsodium-0.6.1
./configure
make && make check
su -c "make install"

setelah selesai menginstall libsodium jalankan

echo /usr/local/lib > /etc/ld.so.conf.d/usr_local_lib.conf

lalu jalankan

ldconfig

kalau tidak dijalankan nanti muncul error

configure: error: cannot run C compiled programs.
If you meant to cross compile, use `--host'.
See `config.log' for more details
configure: error: ./configure failed for src/libevent-modified

sewaktu menginstall dnscrypt.

Install DNSCrypt

wget --no-check-certificate http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.4.0.tar.gz
tar zxvf dnscrypt-proxy-1.4.0.tar.gz
cd dnscrypt-proxy-1.4.0
./autogen.sh
./configure
make
su -c "make install"

sampai tahap disini, proses instalasi telah selesai.

Konfigurasi DNSCrypt

Agar komputer anda menggunakan DNSCrypt, hapus isi file /etc/resolv.conf ganti dengan

nameserver 127.0.0.1

jalankan service DNSCrypt (dnscrypt-proxy)

dnscrypt-proxy -R opendns -d

untuk mengetahui dnsproxy berjalan atau tidak hilangkan -d dibelakang perintah diatas. Test apakah koneksi sudah melewati DNSCrypt atau tidak

dig yahoo.net
### output perintah diatas
......
;; ANSWER SECTION:
yahoo.net.		172781	IN	NS	ns4.yahoo.com.
yahoo.net.		172781	IN	NS	ns3.yahoo.com.
yahoo.net.		172781	IN	NS	ns1.yahoo.com.
yahoo.net.		172781	IN	NS	ns2.yahoo.com.
yahoo.net.		172781	IN	NS	ns5.yahoo.com.
;; Query time: 152 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 12 05:17:31 EDT 2014
;; MSG SIZE  rcvd: 137

bagian SERVER: 127.0.0.1#53(127.0.0.1) menandakan query ke yahoo.net melewati DNSCrypt yang tadinya kita install.

Instalasi dan Konfigurasi Unbound DNS Server CentOS 7

Last Updated on 15 March 2022 By tommy Leave a Comment

Tujuan menggunakan Unbound DNS server dibanding menggunakan Bind9 karena Unbound irit memory dan mudah dikonfigurasi. Unbound cocok digunakan di server dengan memory minim. Unbound bisa digunakan sebagai Recursive DNS Server ataupun Authoritative DNS Server. Disini kita akan menggunakan unbound sebagai Recursive DNS Servers untuk jaringan LAN.

Install Unbound di CentOS 5

yum install unbound

fle konfigurasi unbound berada di /etc/unbound. Backup file unbound.conf

mv /etc/unbound/unbound.conf /etc/unbound/unbound.conf.ori

buat file unbound.conf yang baru

```
server:
```
```
directory: "/etc/unbound"
```
```
root-hints: "/etc/unbound/root.server"
```
```
interface: 127.0.0.1
```
```
interface: 192.168.1.10
```
```
access-control: 127.0.0.0/8 allow_snoop
```

access-control: 192.168.1.0/24 allow_snoop

```
verbosity: 0
```
```
hide-identity: yes
```
```
hide-version: yes
```
```
prefetch: yes
```
```
do-ip4: yes
```
```
do-ip6: no
```
```
do-udp: yes
```
```
do-tcp: no
```
```
num-threads: 3
```
```
so-rcvbuf: 10m
```
```
so-sndbuf: 10m
```
```
cache-min-ttl: 3600
```
```
private-address: 10.0.0.0/8
```
```
private-address: 172.16.0.0/12
```
```
private-address: 192.168.1.0/24
```
```
private-address: 127.0.0.1/8
```

Diasumsikan jaringan anda menggunakan IP 192.168.1.1-192.168.1.255 (192.168.1.0/24) kita menggunakan CIDR untuk memudahkan menambahkan range IP di konfigurasi Unbound. 127.0.0.1, 192.168.1.0/24 adalah range IP yang diijinkan untuk menggunakan Unbound sebagai DNS server, diluar itu direject. lihat baris 5-6 diatas. interface: 192.168.1.10 diatas perlu diganti sesuaikan dengan IP dimana Unbound di install, bisa dicek dengan perintah ifconfig

Copy root.server dari Internic

wget http://www.internic.net/domain/named.root -O /etc/unbound/root.server

Semua sudah selesai. Restart/Jalankan unbound

service unbound restart

Testing

Sebelum menggunakan Unbound sebagai DNS di LAN, coba testing melakukan query DNS ke beberapa domain. Perintah yang di eksekusi ada di baris 1.
facebook.com

dig facebook.com @localhost
### output
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> facebook.com @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5488
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;facebook.com.			IN	A
 
;; ANSWER SECTION:
facebook.com.		3600	IN	A	173.252.110.27
 
;; AUTHORITY SECTION:
facebook.com.		172800	IN	NS	a.ns.facebook.com.
facebook.com.		172800	IN	NS	b.ns.facebook.com.
 
;; ADDITIONAL SECTION:
a.ns.facebook.com.	172800	IN	A	69.171.239.12
b.ns.facebook.com.	172800	IN	A	69.171.255.12
 
;; Query time: 569 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 05 03:35:10 EDT 2014
;; MSG SIZE  rcvd: 124

.com

dig kpu.go.id @localhost
### output
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> kpu.go.id @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3366
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;kpu.go.id.			IN	A
 
;; ANSWER SECTION:
kpu.go.id.		3600	IN	A	103.21.228.212
 
;; Query time: 815 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Aug 05 03:36:22 EDT 2014
;; MSG SIZE  rcvd: 54

sekarang anda sudah bisa menggunakan IP Unbound sebagai DNS server di LAN.

Upgrade ownCloud 6.x ke ownCloud 7.x

Last Updated on 24 July 2014 By tommy Leave a Comment

ownCloud 7 baru saja dirilis, banyak fitur baru yang ditambahkan. Untuk mengupgrade ownCloud 6.x ke ownCloud 7.x ikuti langkah-langkah dibawah ini :

1. Backup semua data yang ada di folder ownCloud 6.x.
Saya menggunakan CentOS 7, folder ownCloud 6.x diletakkan di /var/www/html/owncloud. Backup semua folder owncloud ke temporary folder misalkan /tmp/owncloud

cp /var/www/html/owncloud -r /tmp/

Proses backup ini sangat penting untuk menghindari hal-hal terburuk. Selanjutnya matikan service webserver

service httpd stop

2. Download ownCloud 7

wget https://download.owncloud.org/community/owncloud-7.0.0.tar.bz2

overwrite/timpa folder ownCloud 6.x anda dengan ownCloud 7.

tar jxvf owncloud-7.0.0.tar.bz2 -C /var/www/html

3. Restore config file
Copy file config.php (config/config.php) dari backup ke folder owncloud yang baru di timpa

cp /tmp/owncloud/config/config.php /var/www/html/owncloud/config/

4. Restore data-data user
Semua data owncloud disimpan di folder data, maka folder ini akan kita pindahkan dari temporary folder (yang sebelumnya sudah dibuat) ke folder ownCloud 7

 cp -r /tmp/owncloud/data/* /var/www/html/owncloud/data/

bandingkan antara folder lama (temporary) dengan folder owncloud 7 (folder baru) apakah ada perbedaan atau tidak, bila ada perbedaan dapat dipastikan ada data yang tidak tercopy

diff /tmp/owncloud/data/ /var/www/html/owncloud/data/
#### bila hasilnya seperti dibawah ini berarti kedua folder sesuai
Common subdirectories: /tmp/owncloud/data/jaranguda and /var/www/html/owncloud/data/jaranguda

jalankan web server

service httpd restart

buka link owncloud di browser, contoh http://192.168.1.41/owncloud/
muncul notifikasi yang meminta anda untuk melakukan update

klik start update. Tunggu beberapa saat hingga muncul pemberitahuan upgrade berhasil

Anda akan diredirect ke halaman ownCloud anda.