Install LibreNMS on Ubuntu with HTTPS

The goal of this guide is to install LibreNMS on an Ubuntu Server with a self signed certificate.  Most of the steps are copied out of the LibreNMS Documentation found here.

Install required packages

sudo apt install apache2 composer fping git graphviz imagemagick libapache2-mod-php7.0 mariadb-client mariadb-server mtr-tiny nmap php7.0-cli php7.0-curl php7.0-gd php7.0-json php7.0-mcrypt php7.0-mysql php7.0-snmp php7.0-xml php7.0-zip python-memcache python-mysqldb rrdtool snmp snmpd whois

Create LibreNMS user

sudo useradd librenms -d /opt/librenms -M -r
sudo usermod -a -G librenms www-data

Install LibreNMS

cd /opt
sudo git clone https://github.com/librenms/librenms.git librenms

Configure MySQL

sudo systemctl restart mysql
sudo mysql -uroot -p

Run the following MySQL commands to create the LibreNMS user. Change password to your own password.

CREATE DATABASE librenms CHARACTER SET utf8 COLLATE utf8_unicode_ci;
CREATE USER 'librenms'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON librenms.* TO 'librenms'@'localhost';
FLUSH PRIVILEGES;
exit

Edit following file

sudo vi /etc/mysql/mariadb.conf.d/50-server.cnf

Add the following inside the [mysqld] section

innodb_file_per_table=1
sql-mode=""
lower_case_table_names=0

Restart MySQL

sudo systemctl restart mysql

Configure PHP

Edit the two files and set the time zone, date.timezone.  Example “America/New_York”

sudo vi /etc/php/7.0/apache2/php.ini
sudo vi /etc/php/7.0/cli/php.ini

Then run these commands

sudo a2enmod php7.0
sudo a2dismod mpm_event
sudo a2enmod mpm_prefork
sudo phpenmod mcrypt

Generate Self signed certificate

Enable ssl in apache

sudo a2enmod ssl

Generate Cert

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/localhost.key -out /etc/ssl/certs/localhost.crt

Configure Apache

Edit the following config file

sudo vi /etc/apache2/sites-available/librenms.conf

Add the following

<VirtualHost *:443>
 DocumentRoot /opt/librenms/html/
 ServerName librenms.example.com
 SSLEngine on
 SSLCertificateFile /etc/ssl/certs/localhost.crt
 SSLCertificateKeyFile /etc/ssl/private/localhost.key
 CustomLog /opt/librenms/logs/access_log combined
 ErrorLog /opt/librenms/logs/error_log
 AllowEncodedSlashes NoDecode
 <Directory "/opt/librenms/html/">
 Require all granted
 AllowOverride All
 Options FollowSymLinks MultiViews
 </Directory>
</VirtualHost>

Run the following commands

sudo a2ensite librenms.conf
sudo a2enmod rewrite
sudo systemctl restart apache2

Configure snmpd

sudo cp /opt/librenms/snmpd.conf.example /etc/snmp/snmpd.conf

Set the SNMP community string in the following file

sudo vi /etc/snmp/snmpd.conf

Then run these commands

sudo curl -o /usr/bin/distro https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro
sudo chmod +x /usr/bin/distro
sudo systemctl restart snmpd

Setup Crontab

sudo cp /opt/librenms/librenms.nonroot.cron /etc/cron.d/librenms

Copy logrotate config

sudo cp /opt/librenms/misc/librenms.logrotate /etc/logrotate.d/librenms

Set permissions

mkdir -p /opt/librenms/rrd /opt/librenms/logs
sudo chown -R librenms:librenms /opt/librenms
sudo setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs
sudo setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs

Web Installer

Restart apache

sudo systemctl restart apache2

Finish the install by going to

https://your-server/install.php

Change “your-server” to your server’s ip address, or hostname.  Since we created a self signed certificate, you’ll need to accept the https error.

Validate

Back on the command line run the php validation script

sudo /opt/librenms/validate.php

Finally log into your new LibreNMS instance by going to

https://your-server

Change “your-server” to your server’s IP address or hostname.

Optimizations for LibreNMS

Optimizations for fping.  Add to the LibreNMS config in “/opt/librenms/config.php”

$config['fping_options']['retries'] = 5;
$config['fping_options']['timeout'] = 1000;
$config['fping_options']['count'] = 4;
$config['fping_options']['millisec'] = 1000;

 

Use sysname instead of ip.  Add to the LibreNMS config in “/opt/librenms/config.php”

$config['force_ip_to_sysname'] = true;

 

Add device name to alert message.  Add to the alert templates template to show device name in alert.

%sysName\r\n

Freeradius unauthorize clients in a group

First you’ll need a group that all your disabled clients are going to.

Next add the following lines to the user file “/etc/raddb/users”.  Change SQL-Group to Group if your groups are not in a SQL database.

DEFAULT SQL-Group == "disabled", Auth-Type := Reject
 Reply-Message = "Your account has been disabled."

Save, exit and test.

This should keep all clients in the disabled group from authorizing.

How to replace Grub with default Windows Bootloader

Note that running this procedure could render any Linux partitions inaccessible.

Boot up into recovery, launch the Command Prompt and run the following command

BootRe.exe /fixmbr

The command should remove Grub and replace it with the Windows bootloader, so when you reboot it should go straight to Windows.

Issues installing or repairing Windows 10

Error : Windows could no prepare the computer to boot into the next phase of the installation
Notes : This happens right after you finish partitioning and installation never gets past 0%
Fix : Disconnect all drives except the drive you want to install Windows 10.  This includes laptops.

Issue : Can’t reach login screen
Notes : Can happen after an update, auto repair should fix it
Fix : Start up the computer normal and when it starts to load windows force shutdown the computer.  Repeat the process 2 times, on the third start up it will Automatically try to fix the issue.

Other Issues

Windows 10 seems to be a little weird when you have two installs on two different drives and your trying to repair one.  I have had issues when trying to repair one, or boot into safe mode.  Removing all other other drives seems to resolve most of the issues.

Issues with multiple drives with an install of Windows 10

  • Reset Drive resets the wrong drive
  • Boot into safemode doesn’t work

 

 

Moving emails to new host with imapsync

More info about imapsync here

Install imapsync

CentOS 7, Works on cPanel servers too

yum install epel-release && yum install imapsync

Once installed check and make sure it works.

imapsync --version

If it gives you the version number you should be good to go.

Move email account

imapsync --host1 mail.emaildomain.com --user1 username@emaildomain.com --password1  "password1" --host2 mail.exampledomain.com --user2 username@movetodomain.com --password2  "password2"

Example :

imapsync --host1 mail.myemail.com --user1 bob@myemail.com --password1  "password1" --host2 mail.incredigeek.com --user2 bob@incredigeek.com --password2  "password2"

Moving Multiple accounts

Best way to move multiple accounts is to use a script and and a list that contains all the usernames and passwords to the accounts you want to move.

example scripts can be found on the imapsync website here is a script example and here is the example file.txt

Example script.

#!/bin/sh
#
# $Id: sync_loop_unix.sh,v 1.6 2015/11/04 18:23:04 gilles Exp gilles $

# Example for imapsync massive migration on Unix systems.
# See also http://imapsync.lamiral.info/FAQ.d/FAQ.Massive.txt
#
# Data is supposed to be in file.txt in the following format:
# host001_1;user001_1;password001_1;host001_2;user001_2;password001_2;
# ...
# Separator is character semi-colon ";" it can be changed by any character changing IFS=';' 
# in the while loop below.
# # Each line contains 6 columns, columns are parameter values for 
# --host1 --user1 --password1 --host2 --user2 --password2
# and a trailing empty fake column to avaid CR LF part going 
# in the 6th parameter password2. Don't forget the last semicolon.
#
# You can add extra options after the variable "$@" 
# Use character backslash \ at the end of each suplementary line, except for the last one.
# You can also pass extra options via the parameters of this script since
# they will be in "$@"

# The credentials filename "file.txt" used for the loop can be renamed 
# by changing "file.txt" below.


echo Looping on account credentials found in file.txt
echo

{ while IFS=';' read  h1 u1 p1 h2 u2 p2 fake
    do 
        { echo "$h1" | egrep "^#" ; } > /dev/null && continue # this skip commented lines in file.txt
        echo "==== Starting imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
        imapsync --host1 "$h1" --user1 "$u1" --password1 "$p1" \
                 --host2 "$h2" --user2 "$u2" --password2 "$p2" \
                 "$@"  
        echo "==== Ended imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
        echo
    done 
} < file.txt

Example list of accounts to

mail.maildomain.com;user1@incredigeek.com;password1;mail.incredigeek.com;user2@incredigeek.com;password2;

 

How to use,

You can run these command from a Linux computer

Download script

wget www.incredigeek.com/home/downloads/imapsync/imapsync_loop.sh

Make the script executable

chmod +x imapsync_loop.sh

Create a text file named “imapsync_list.txt”

This file will contain the mail server to transfer from, username, and password, and then the mail server to transfer to, username and password.  Add one line per account.

Example:

mail.servertotransferfrom.com;Username1;Password1;mail.servertomoveto.com;Username2;Password2;
mail.servertotransferfrom.com;testuser;123456;mail.servertomoveto.com;bob;123456;

Execute the script to start moving mail

./imapsync_loop.sh

Troubleshooting

In the username you may need to use the username@domainname.tld, so if the username is bob, and the mail domain is incredigeek.com, use bob@incredigeek.com for the username in the imapsync_list.txt.

Ubuntu 16.04 Login Screen Issues

This post is not meant to be a how to, but rather a compilation commands that could be helpful in trying to fix issues with the login screen after an upgrade.

These commands should be executed from a prompt, you can get to one using the ctrl+alt+f1 (you can replace f1 with any of the function keys from 1-7), or you can boot up from recovery, or you could mount the drive and chroot into it.

Reinstall Desktop and Login Manager

sudo apt-get install --reinstall lightdm ubuntu-desktop

If your using using Gnome Shell

sudo apt-get install --reinstall gdm3 gnome-shell

Reconfigure lightdm, set it as the default login manager

sudo dpkg-reconfigure lightdm

Replace GDM with LightDM

sudo apt-get remove gdm3 
sudo apt-get install lightdm

Installing GDM (Gnome Login Manager)

sudo apt-get install gdm3

Remove Intel video and Plymouth

sudo apt-get remove xserver-xorg-video-intel plymouth

Reboot, get to a prompt and reinstall login manager, replace lightdm with whatever one your using

sudo apt-get install --reinstall lightdm

Reinstall Intel video and Plymouth

sudo apt-get install xserver-xorg-video-intel plymouth

Install Ubuntu Gnome Desktop

This seems to solve some of the issues with GDM3 not starting up.

sudo apt-get install ubuntu-gnome-desktop

 

Install Slackcat on Raspberry Pi (Raspbian)

Slackcat allows you to send Slack messages from the Linux command line.

Update pi

sudo apt-get update

Install Ruby and other components

sudo apt-get install ruby1.9.1 ruby ruby-dev rubygems

Install Slackcat

sudo gem install slackcat

Use Slackcat.  You will need to generate an API Key from Slacks website.

echo "Hello World" | slackcat -k API-KEY -p --channels=#CHANNEL_NAME

Examples :
Send to Channel

echo "Hello World" | slackcat -k xoxp-94827839414-94819543146-441447827184-h7dt2hg2h8ggs7d24ce638edrw9q8def -p --channels=#General

Send Direct Message

echo "Hello World" | slackcat -k xoxp-94827839414-94819543146-441447827184-h7dt2hg2h8ggs7d24ce638edrw9q8def -p --users=#General

 

How to view hidden EFI partition on Mac drive

Open a terminal and run the following command to list your hard drives

diskutil list

It should return something similar to the following

bobs-MacBook:~ bob$ diskutil list
/dev/disk0 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *1000.1 GB  disk0
   1:                        EFI EFI                     209.7 MB   disk0s1
   2:                  Apple_HFS Macintosh HD            999.1 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3

/dev/disk2 (external, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *8.0 GB     disk2
   1:                        EFI EFI                     209.7 MB   disk2s1
   2:                  Apple_HFS Install macOS Sierra    7.0 GB     disk2s2

bobs-MacBook:~ bob$

From above we see that the EFI partition on the main drive is disk0s1.

Make a directory for it to mount to

sudo mkdir /Volumes/TMPEFI

Mount it.

sudo mount -t msdos /dev/disk0s1 /Volumes/TMPEFI

It should now show up in finder for you to browse.

To unmount it simple eject it in Finder, or use one of the following commands

umount /Volumes/TMPEFI
diskutil unmount /Volumes/TMPEFI

How to Create a Bootable macOS USB drive for Hackintosh with Clover

Whats needed

  1. Bootable macOS USB drive (Guide here)
  2. Clover (Download here, or on source forge)
  3. Computer running macOS to run clover from

Plug the drive into your Mac, or current Hackintosh and launch the Clover installation package you downloaded from above.  Click Continue

macos-clover-install-1

And continue again.macos-clover-install-2

Select “Change Install Location”macos-clover-install-3

Select your macOS Sierra Drive.  NOT YOUR main OS drivemacos-clover-install-4

Hit Continue, it’ll take you back to the screen before, now select Customize on the left and select the following options.macos-clover-install-5 macos-clover-install-6

Now Install.macos-clover-install-7 macos-clover-install-8

You should now be able to boot the USB on a PC.  You will need to change the settings on the PC to boot using EFI, and make sure your hardware is compatible.