Installasi Ubuntu Server

Jumat, 06 Juli 2012

Menampilkan Log Server Berwarna

apt-get install ccze

Buat Script sederhana untuk menampilkan berbagai log

* Log Akses Nginx

# touch log_akses_nginx.sh

# nano log_akses_nginx.sh

isikan
tail -f ls /var/log/nginx/nginx.access.log | ccze
# chmod +x log_akses_nginx.sh

Mengakses nya dgn perintah
# sudo ./log_akses_nginx.sh

* Log Error nginx

tail -f ls /var/log/nginx/nginx_error.log | ccze

Nginx sebagai reverse proxy

Sumber Data
http://www.geektantra.com/2011/06/using-nginx-as-a-load-balancer/

                                  ----------------
      IP.Ext 192.168.30.110:80 .->|Apache2 (BES1)| IP.192.168.70.2:8080
      IP.Ext xxx.xxx.xxx:80    |  ---------------- GW.192.168.70.1
         ------------------    |                   NM.255.255.255.0
Internet |Front-end server|>---.  ----------------
------>> |  Running NGinx |>----->|Apache2 (BES2)| IP.192.168.70.3:8080
         |     (FES)      |>---.  ---------------- GW.192.168.70.1
         ------------------    |                   NM.255.255.255.0

          192.168.70.1         |  ----------------
                               '->|Apache2 (BES3)| IP.192.168.70.4:8080
                                  ---------------- GW.192.168.70.1

FES-Nginx (192.168.70.1)                           NM.255.255.255.0
apt-get install nginx

nano /etc/nginx/proxy.conf

Setting

      proxy_redirect          off;
      proxy_set_header        Host            $host;
      proxy_set_header        X-Real-IP       $remote_addr;
      proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      client_max_body_size    10m;
      client_body_buffer_size 128k;
      proxy_connect_timeout   90;
      proxy_send_timeout      90;
      proxy_read_timeout      90;
      proxy_buffers           32 4k;

Edit the file

nano /etc/nginx/sites-enabled/default
Isi Kode:

upstream lb_units {
  server 192.168.70.2:8080 weight=10 max_fails=3 fail_timeout=30s; # BES1
  server 192.168.70.3:8080 weight=10 max_fails=3 fail_timeout=30s; # BES2
  server 192.168.70.4:8080 weight=10 max_fails=3 fail_timeout=30s; # BES3
  }
server {
  # Listen on the external interface
  listen 192.168.30.110:80;
  server_name  my.domain-name.com; # nama server disesuaikan
  access_log  /var/log/nginx/nginx.access.log;
  error_log  /var/log/nginx/nginx_error.log debug;
  location / {
      proxy_pass http://lb_units; 
      # Load balance the URL location "/" to the upstream lb_units

      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      }
   error_page   500 502 503 504  /50x.html;
   location = /50x.html { root   /var/www/nginx-default; }
}

Reload NGinx
/etc/init.d/nginx reload

Install BES1, BES2, dan BES3 sesuai keperluan web server anda
Jangan lupa untuk merubah port http dari 80 ke 8080

Seting Apache di BES

Jangan Lupa untuk merubah port http
nano /etc/apache2/ports.conf
Tambahkan
NameVirtualHost *:8080
Listen 8080 atau
listen 192.168.70.2:8080
ip disesuaian dengan Webserver Apache yang terhung ke Nginx

Restart Apache
/etc/init.d/apache2 restart

Modul yang perlu di Install di Apache adalah
apt-get install libapache2-mod-rpaf

Edit Virtual host server
nano /etc/apache2/sites-available/default
Tambahkan
<IfModule mod_rpaf.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 192.168.70.1 # IP Nginx
RPAFheader X-Forwarded-For # ditambahkan di belum bisa jalan
</IfModule>

Untuk Ubuntu 12.04
<IfModule mod_rpaf-2.0.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 192.168.70.1 # IP Nginx
RPAFheader X-Forwarded-For # ditambahkan di belum bisa jalan
</IfModule>

Ubah Seting dibawah ini
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride all # default none
Order allow,deny
allow from all
</Directory>

Kamis, 05 Juli 2012

Install Firewall, Routing dan NAT (Shorewall)

Install Network

# nano /etc/network/interfaces

isikan konfigurasi network yang ada dibawah ini, sesuaikan ip dan gateway
# The loopback network interface
     auto lo
     iface lo inet loopback
# The primary network interface (outside)
     auto eth0
     iface eth0 inet static
     address 192.168.254.104
     netmask 255.255.255.0
     gateway 192.168.254.254

simpan, dan restart network
# /etc/init.d/networking restart

Setelah Selesai.. Restart System
# reboot

Install Lamp (Linux, Apache2, MySQL, PHP)

Untuk keperluan Manajemen Server dengan Web GUI dari browser Client
#tasksel
Pilih OpenSSH (untuk putty ssh), LAMP Server

Setting DNS Server

# nano /etc/hosts
Isikan ip localhost dan IP Jaringan Server Proxy

127.0.0.1 localhost.localdomain localhost
127.0.0.1 Perbend.localdomain gw

# echo gw.srv.local > /etc/hostname
# update-rc.d -f apparmor remove

Install DNS

# apt-get install bind9
# nano /etc/bind/named.conf.options
Isikan dengan
forwarders {
     # Replace the address below with a known DNS server
         8.8.4.4;
         8.8.8.8;
     };
# touch /etc/resolv.conf
# nano /etc/resolv.conf
simpan, dan restart network
# /etc/init.d/networking restart

Install Firewall, Routing dan NAT (Shorewall)

# apt-get install shorewall

Config
# nano /etc/shorewall/shorewall.conf
tambahkan
STARTUP_ENABLED=Yes
IP_FORWARDING=On

# nano /etc/default/shorewall
agar shorewall dijalankan saat restart
startup=1

Copy default configuration files from the docs:
# cp /usr/share/doc/shorewall/examples/two-interfaces/* /etc/shorewall/

Setting Interfaces

ubahlah interface sesuai dgn keadaan jaringan anda
# nano /etc/shorewall/interfaces

# nano /etc/shorewall/zones

Jika ingin dilakukan NAT (Router)

# nano /etc/shorewall/masq
Tambahkan
eth0 eth1 atau ubah default sesuai dengan keperluan

Tentukan Policy
# nano /etc/shorewall/policy

Install Sekali Jalan

INSTALLASI WEB SERVER UBUNTU

Setelah proses installasi selesai, Terlebih dahulu install SSH agar server bisa di remote dengan putty untuk install lanjutan
apt-get install ssh openssh-server

Lakukan seting network sesuai keperluan anda.
nano /etc/network/interfaces

Restart network
/etc/init.d/networking restart

Sesuaikan seting host anda
nano /etc/hosts
        127.0.0.1 localhost.localdomain local
        192.168.75.3 socket.server.net socket1
echo socket.server.net > /etc/hostname
/etc/init.d/hostname restart
hostname
hostname -f

Edit /etc/apt/sources.list And Update Your Linux Installation
nano /etc/apt/sources.list

Tambahkan
deb http://de.archive.ubuntu.com/ubuntu/ precise main restricted
deb-src http://de.archive.ubuntu.com/ubuntu/ precise main restricted
deb http://de.archive.ubuntu.com/ubuntu/ precise-updates main restricted
deb-src http://de.archive.ubuntu.com/ubuntu/ precise-updates main restricted
deb http://de.archive.ubuntu.com/ubuntu/ precise universe
deb-src http://de.archive.ubuntu.com/ubuntu/ precise universe
deb http://de.archive.ubuntu.com/ubuntu/ precise-updates universe
deb-src http://de.archive.ubuntu.com/ubuntu/ precise-updates universe
deb http://de.archive.ubuntu.com/ubuntu/ precise multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ precise multiverse
deb http://de.archive.ubuntu.com/ubuntu/ precise-updates multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ precise-updates multiverse
deb http://de.archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse
deb-src http://de.archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu precise-security main restricted
deb-src http://security.ubuntu.com/ubuntu precise-security main restricted
deb http://security.ubuntu.com/ubuntu precise-security universe
deb-src http://security.ubuntu.com/ubuntu precise-security universe
deb http://security.ubuntu.com/ubuntu precise-security multiverse
deb-src http://security.ubuntu.com/ubuntu precise-security multiverse

Disable AppArmor
/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

Synchronize the System Clock
apt-get install ntp ntpdate

Lakukan update, upgrade dan reboot system
apt-get update
apt-get upgrade
reboot

Install Anti Virus ClamAV
apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

/etc/init.d/spamassassin stop
update-rc.d -f spamassassin remove

Installasi Webserver
apt-get install apache2 php5 libapache2-mod-php5 php5-cgi php5-xmlrpc php5-xsl php5-memcache php5-xcache php-pear

Database MySql
apt-get install mysql-server php5-mysql libapache2-mod-auth-mysql
apt-get install phpmyadminnano /etc/apache2/apache2.conf
isikan
    Include /etc/phpmyadmin/apache.conf

sudo a2enmod userdir

Restart apache2
/etc/init.d/apache2 restart

Installing php5-mssql in Ubuntu

apt-get install php5-mssql atau aptitude install php5-sybase freetds-common
aptitude install php5-odbc
pear install --nodeps MDB2_Driver_mssql
nano /etc/freetds/freetds.conf
Isikan dgn
    [SQLServer2005]
    host = 192.168.75.1
    port = 1433
    tds version = 7.0

service apache2 restart

Contoh Koneksi MSSQL
---------------------------------

<?php

    $server = 'SQLServer2005';
    $username = 'sa';
    $password = '12345';
    $database = 'SIKDA_2012';
    $connection = mssql_connect($server, $username, $password);

    if($connection)
        { echo "Berhasil melakukan koneksi ke server mssql<br />"; }
    else
        { die("Gagal melakukan koneksi"); }

    if(mssql_select_db($database, $connection))
        { echo "Berhasil membuka database $database <br />"; }
    else
        { die('Gagal membuka database'); }

    $query_result = mssql_query('SELECT @@VERSION');
    $row = mssql_fetch_array($query_result);

    if($row != FALSE) { echo "Version is {$row[0]}<br />"; }
    mssql_free_result($query_result);
    mssql_close($connection);

INSTALLASI YANG DIPERLUKAN UNTUK SEBUAH SERVER
Setelah semua fitur diatas di Install yang Harus anda install selanjutnya adalah
1. Firewall Shorewall
2. Webalizer
3. NTOP
4. MyPHPAdmin
5. Webmin

Install EHCP, Membuat Cpanel/Server Hosting

cd tmp
wget www.ehcp.net/ehcp_latest.tgz
tar -zxvf ehcp_latest.tgz
cd ehcp
./install.sh

Install FTP server

apt-get install vsftpd
ubah /etc/vsftpd.conf sesuai keperluan

Konfigurasi FTP untuk User

Jika Anda ingin membolehkan user yang ada di linux server untuk login melalui ftp dan user-user tadi bisa mengupload berkas ke server, buat konfigurasi seperti berikut.
Berkas yang harus Anda sunting adalah /etc/vsftpd.conf
local_enable=YES
write_enable=YES
Setelah itu restart service vsftpd

Installasi Network dan ssh

1. Install Jaringan

Untuk Melakukan Installasi Jaringan terlebih dahulu Network anda bisa terkoneksi ke LAN yang sudah dibuat, Seting Netwrok Jaringan Ada adalah

nano /etc/network/interfaces

Kemudian Ubah Config yang sesuai dengan keperluan anda

Contoh Seperti dibawah ini;

# The loopback network interface

auto lo

iface lo inet loopback

# The primary network interface (outside) untuk koneksi internet

auto eth0

iface eth0 inet static

address 192.168.254.104

netmask 255.255.255.0

gateway 192.168.254.254

# Jaringan LAN anda

auto eth1

iface eth1 inet static

address 192.168.75.5

netmask 255.255.255.0

network 192.168.75.0

Catatan;

Jika network anda tdk aktif lakukan pengaktifan dgn perintah

ifconfig eth1 up

Simpan dan lakukan Restart Network anda

/etc/init.d/networking restart

Ubuntu yang anda Install Perlu di Update dan di Upgrade, atau Disesuaikan dengan Versi terbaru Ubuntu di Web Site

Perintah yang digunakan adalah;

apt-get update = Untuk Update Ubuntu

apt-get Upgrade = Untuk Upgrade Ubuntu

do-release-upgrade = Upgrade ke versi baru

Jangan lupa anda Install SSH, agar bisa di remote dari client

apt-get install ssh