Let’s Encrypt SSL Certificate di Webserver NGINX (Ubuntu & Debian)

apt-get -y install git
cd /usr/local/
git clone https://github.com/letsencrypt/letsencrypt
git clone https://github.com/certbot/certbot
cd /usr/local/certbot/
./certbot-auto certonly –agree-tos –rsa-key-size 4096 –renew-by-default -m saya@domain.com –webroot -w /var/www/ -d saya.domain.com –renew-by-default

====================

IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/saya.domain.com/fullchain.pem. Your cert
will expire on 2016-10-20. To obtain a new or tweaked version of
this certificate in the future, simply run certbot-auto again. To
non-interactively renew *all* of your certificates, run
“certbot-auto renew”
– If you lose your account credentials, you can recover through
e-mails sent to saya@domain.com.
– Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
– If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le

=====================

Konfigurasi di Webserver NGINX

vi /etc/nginx/sites-available/default

=====================
ssl on;
ssl_certificate /etc/letsencrypt/live/saya.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/saya.domain.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ‘EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
=====================

mkdir /etc/nginx/ssl
cd /etc/nginx/ssl
openssl dhparam -out dhparams.pem 2048
/etc/init.d/nginx restart

Kemudian testing SSL di
https://www.ssllabs.com/ssltest/analyze.html

Error -bash: ./trafr: No such file or directory

root@jupiter:/usr/local/bin# ll
total 12
drwxr-xr-x 2 root root 4096 Jun 1 13:59 ./
drwxr-xr-x 10 root root 4096 Jun 1 12:09 ../
-rw-r–r– 1 root root 2629 Jun 1 13:53 trafr.tgz
root@jupiter:/usr/local/bin# tar xzf trafr.tgz
root@jupiter:/usr/local/bin# ll
total 20
drwxr-xr-x 2 root root 4096 Jun 1 13:59 ./
drwxr-xr-x 10 root root 4096 Jun 1 12:09 ../
-rwxr-xr-x 1 1003 root 4764 Mär 17 2004 trafr*
-rw-r–r– 1 root root 2629 Jun 1 13:53 trafr.tgz
root@jupiter:/usr/local/bin# ./trafr
-bash: ./trafr: No such file or directory

Masalah utama karena program TRAFR itu aplikasi 32 Bit, sedangkan anda menggunakan OS 64 Bit yang tidak mendukung 32bit compatibility libraries

Untuk melihatnya bisa dengan ketik

$file ./trafr
./trafr: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.2.0, stripped

Di ubuntu 14.04 , solusinya
$sudo dpkg –add-architecture i386
$sudo apt-get update
$sudo apt-get install libc6:i386

Setelah itu anda mendapatkan hasil seperti
$sudo ./trafr
usage: trafr [ip_addr]
-s write output to stdout. pipe it into tcpdump for example:
./trafr -s | /usr/sbin/tcpdump -r –
ip_addr use to filter one source router by ip address

Kalau pakai ubuntu versi lama, silakan pakai cara
#apt-get install ia32-libs

Kalau anda menggunakan Centos 6 atau RHEL 6, silakan pakai cara
$sudo yum install glibc.i686

Unable to install Perl Switch.pm module

Jika error seperti website di
https://www.veritas.com/support/en_US/article.000023772

Lakukan instalasi seperti dibawah

If you want to install the Switch.pm Perl module into your system Perl config, there are two methods of installing it:

Install it through the Ubuntu repositories.
Install the .pm through CPAN.
At this time, both will provide the current version of this module(2.16).

Installing Switch.pm using the Ubuntu repositories:

From the command-line, the installation can be completed by running the following command from the terminal (Ctrl-Alt-t):

sudo apt-get install libswitch-perl
Within Synaptic, right-click on the libswitch-perl package, select Mark for installation, then click on the Apply button.
Within the Ubuntu Software Center (USC), search for the phrase libswitch-perl, highlight the package and select install:
Installing Switch.pm using CPAN: If you would prefer to install this via cpan, follow these instructions:

Open a terminal(Ctrl-Alt-t).
Enter the command cpan.
At the prompt cpan[1]>, type install Switch.
Once completed, Type exit.
The Switch.pm Perl module will now be available for you to use in your scripts.

Jika sudah selesai, lakukan instalasi ./installralus

Kemudian lakukan patch dikarenakan ada bug di VRTSralus yang tidak dapat dijalankan di ubuntu 14.04 keatas / debian 7 keatas

lakukan instruksi seperti website dibawah

http://web.archive.org/web/20140417140141/http://blog.redweb.at/2012/08/howto-backupexec-2012-linux-agent-and-kernel-3-0-debian/#comment-209

kemudian jika sudah jalankan servicenya “/etc/init.d/VRTSralus.init start” kemudian cek port nya apakah sudah terbuka atau belum “lsof -i tcp:10000”

 

Icecast-KH Ubuntu

Iseng gue coba install icecast-kh di server ubuntu.
Caranya

Download dulu sourcenya, ambil langsung dari developernya.
# wget https://github.com/karlheyes/icecast-kh/archive/icecast-2.4.0-kh1.tar.gz

Buka sourcenya
# tar -zxvf icecast-2.4.0-kh1.tar.gz

Masuk ke foldernya
# cd icecast-kh-icecast-2.4.0-kh1/

Install perlengkapan buat kompile sourcenya
# sudo apt-get install libxslt1-dev libcurl4-openssl-dev libvorbis-dev

Lakukan kompile sekarang
# ./configure
# make
# make install

Lokasi konfigurasi icecast-kh ada di
/usr/local/etc/icecast.xml

Lokasi log icecast-kh ada di
/usr/local/var/log/icecast/error.log
/usr/local/var/log/icecast/access.log

Kalau konfigurasinya sudah benar, langsung jalankan programnya.
# icecast -b -c /usr/local/etc/icecast.xml

htaccess dan htpasswd untuk otentikasi web

htaccess dan htpasswd untuk otentikasi web (debian squeeze)

# cd /var/www/saya/
# vi .htaccess

AuthType Basic
AuthUserFile /var/www/private.yourdomain.com/htdocs/.htpasswd
AuthName private
require valid-user
satisfy any

# chown -R www-data:www-data /var/www/saya/
# chown www-data:www-data /var/www/saya/.htaccess
# chmod 644 /var/www/saya/.htaccess
# htpasswd -c .htpasswd saya
password:
# cat /var/www/saya/.htaccess

# nano /etc/apache2/sites-available/default

deny from all
Options ExecCGI
AllowOverride AuthConfig
Order deny,allow
satisfy any

# /etc/init.d/apache2 restart