Tag Archive server managment

mm ByYOBIHAT TEAM

Install Kloxo MR7 in centos 7

Hi Tech Guys,

this is a small tutorial that will help your installation of Kloxo MR7 in a Centos 7.3.

Kloxo MR7 is a fork of the deprecated project Kloxo and is a Powerful free Open-Source hosting control panel and more…

If you have some trouble to make it work, DO NOT HESITATE to comment here, feel free to ask.

Requirements:

-Centos 7.3 server with minimal hardware configuration (depends of your needs).

-ROOT permission on server.

-Internet connection to download all needed packages.

-Small IT basic knowledge and a bit of patience…

Let’s Start!

 

First of all update server

yum update

Change hostname at your server if needed

hostnamectl set-hostname kloxomr7.yobicloud.local

Add an entry in your /etc/hosts file (use your own IP Address and Hostname)

vi /etc/hosts

Add the entry

10.0.0.100           kloxomr7          kloxomr7.yobicloud.local

Install some packages required for optimal kloxo MR7 functionality

yum install yum-utils yum-priorities wget vim-minimal subversion curl net-tools zip unzip telnet -y

Move to temp folder, remove old rpm packages if any, now download and install version 7.0.0 (rpm naming as kloxomr7-7.0.0-*.rpm) read WARNING when install rpm package

cd /tmp
rm -f mratwork*
rpm -ivh https://github.com/mustafaramadhan/rpms/raw/master/mratwork/release/neutral/noarch/mratwork-release-0.0.1-1.noarch.rpm --no-check-certificate
cd /
yum update mratwork-* -y
yum install kloxomr7 -y
sh /script/upcp

Once the installation is completed you can login in the web panel using default user and password admin:admin by enter one of the following address

https://10.0.0.100:7777
http://10.0.0.100:7778

(use your own IP address or hostname)

 

—>>> ENJOY!!! <<<—

 

mm ByYOBIHAT TEAM

Install pgAdmin4 v3.2 in server mode on ubuntu 16/18 with HTTPS on apache2

Hi Tech Guys,

this is a small tutorial that will help your installation of pgAdmin 4 v3.2+ in Ubuntu server 16/18 on Apache2 webserver with a secure connection HTTPS, i will use a self-signed certificate, but you can change it with your own.

If you have some trouble to make it work, DO NOT HESITATE to comment here, feel free to ask.

Anyway we realized a small video located on the bottom of this guide.

 

Requirements:

-Ubuntu server 16 or 18 with minimal hardware configuration (depends of your needs).

-ROOT permission on server.

-Internet connection to download all needed packages.

-Small IT basic knowledge and a bit of patience…

Let’s Start!

First of all update server repo list

sudo apt-get update

Change hostname at your server if needed

hostnamectl set-hostname pgadmin.yobicloud.local

Install POSTGRESQL packages if is not already installed

sudo apt-get install postgresql postgresql-contrib

Here is the repo if you need to do it manually “https://download.postgresql.org/pub/repos/

After DB installation change the password of your user postgres for the postgres DB

sudo -u postgres psql postgres
\password postgres

Insert your password twice and quit

\q

Now we are ready to prepare dependency  to install last pgAdmin4 version from official Postgresql repo

sudo apt-get install build-essential libssl-dev libffi-dev libgmp3-dev virtualenv python-pip libpq-dev python-dev

Chose the path where Pgadmin will be installed, i use home, and setup a hidden folder with virtualenv move in and activate it

virtualenv .pgadmin4
cd .pgadmin4
source bin/activate

Now install with pip all pgadmin4 dependency

pip install flask-htmlmin
pip install wheel
pip install cryptography pyopenssl ndg-httpsclient pyasn1

Now we are ready to download and install last pgAdmin4 version from offical repo

wget https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v3.2/pip/pgadmin4-3.2-py2.py3-none-any.whl
pip install pgadmin4-3.2-py2.py3-none-any.whl

If you receive some error try with sudo

sudo pip install pgadmin4-3.2-py2.py3-none-any.whl

Once is installed let’s configure it

sudo nano /home/ubu/.pgadmin/lib/python2.7/site-packages/pgadmin4/config.py

And edit the line DEFAULT_SERVER this text or your specific IP:

DEFAULT_SERVER = '0.0.0.0' or ip address server

Now create a file to specific the destination of software data

LOG_FILE = '/var/log/pgadmin4/pgadmin4.log'
SQLITE_PATH = '/var/lib/pgadmin4/pgadmin4.db'
SESSION_DB_PATH = '/var/lib/pgadmin4/sessions'
STORAGE_DIR = '/var/lib/pgadmin4/storage'
SERVER_MODE =  TRUE 

Now is time to run Pgadmin4 and if show to connect to 0.0.0.0:5050 after user and password setup everything went smooth, you can test it or stop here if SSL is not needed

sudo python /home/ubu/.pgadmin4/lib/python2.7/site-packages/pgadmin4/pgAdmin4.py
Email address: admin@yobicloud.local
Password:Type the Password
Retype password:Retype the Password
pgAdmin 4 - Application Initialisation
======================================

CTRL+C   to shutdown pgadmin

Deactivate virtualenv in the folder

deactivate

Set the proper permission to write in the folders

sudo chown -R www-data:www-data /var/lib/pgadmin4/
sudo chown -R www-data:www-data /var/log/pgadmin4/

Install Apache2 if is not already installed

sudo apt-get install apache2 apache2-utils libexpat1 ssl-cert python curl
sudo apt-get install libapache2-mod-wsgi
sudo systemctl restart apache2

Edit apache2 configuration to redirect all pgAdmin4 connection from port 80 to 443 or whatever you chose by creating conf files

sudo nano pgadmin4.conf
<VirtualHost *:80>
ServerName ubuntu.yobicloud.local[or IP]
Redirect permanent / https://[IP or hostname]/login?next=%2F
</VirtualHost>
<VirtualHost _default_:443>
ServerName pgadmin.yobicloud.local
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/pgadmin4.crt
SSLCertificateKeyFile /etc/apache2/ssl/pgadmin4.key
WSGIDaemonProcess pgadmin processes=1 threads=25
WSGIScriptAlias / /home/ubu/.pgadmin4/lib/python2.7/site-packages/pgadmin4/pgAdmin4.wsgi
<Directory "/home/ubu/.pgadmin4/lib/python2.7/site-packages/pgadmin4/">
WSGIProcessGroup pgadmin
WSGIApplicationGroup %{GLOBAL}
Require all granted
</Directory>
</VirtualHost>

 

Remove apache default conf files and link the pgadmin4.conf you created

cd /etc/apache2/sites-enabled/
sudo rm -r 000-default.conf
sudo ln -s ../sites-available/pgadmin4.conf .

Generate the certificate and fill in all info of the wizard (the path of the certificates is already in the pgadmin.conf apache file)

sudo mkdir /etc/apache2/ssl
sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/apache2/ssl/pgadmin4.key -out /etc/apache2/ssl/pgadmin4.crt

Set SSL mode restart apache2 and enable it at OS boot

sudo a2enmod ssl
sudo systemctl restart apache2
sudo systemctl status apache2
sudo systemctl enable apache2
apachectl configtest

Open your browser and write the ip address or hostname of your pgAdmin4 installed machine

—>>> ENJOY!!! <<<—

mm ByYOBIHAT TEAM

Install pgAdmin4 v3.2 in server mode on Centos 7.3 with HTTPS as WSGI application

Hi Tech Guys,

this is a small tutorial that will help your installation of pgAdmin 4 v3.2 in a Centos 7.3 on Apache webserver as wsgi application with a secure HTTPS connection over your browser, i will use a self-signed certificate, but you can change it with your own.

If you have some trouble to make it work, DO NOT HESITATE to comment here, feel free to ask, anyway we realized a small video located on the bottom of this guide.

 

Requirements:

-Centos 7.3 server with minimal hardware configuration (depends of your needs).

-ROOT permission on server.

-Internet connection to download all needed packages.

-Small IT basic knowledge and a bit of patience…

Let’s Start!

First of all update server

yum update

Change hostname at your server if needed

hostnamectl set-hostname pgadmin.yobicloud.local

Download and install POSTGRESQL packages

yum install https://download.postgresql.org/pub/repos/yum/9.6/redhat/rhel-7-x86_64/pgdg-redhat96-9.6-3.noarch.rpm -y

Install EPEL

yum install epel-release

Now we are ready to install last pgAdmin4 version from repo

yum install pgadmin4

Once the installation finished without any problem, let’s create a file for pgadmin configuration

vi /usr/lib/python2.7/site-packages/pgadmin4-web/config_distro.py

And add this text:

LOG_FILE = '/var/log/pgadmin4/pgadmin4.log'
SQLITE_PATH = '/var/lib/pgadmin4/pgadmin4.db'
SESSION_DB_PATH = '/var/lib/pgadmin4/sessions'
STORAGE_DIR = '/var/lib/pgadmin4/storage'
SERVER_MODE =  TRUE 

Now is time to setup the admin account that will manage your installation, follow the wizard and after the application will start

python /usr/lib/python2.7/site-packages/pgadmin4-web/setup.py
Email address: admin@yobicloud.local
Password:Type the Password
Retype password:Retype the Password
pgAdmin 4 - Application Initialisation
======================================

CTRL+C   to shutdown pgadmin

Set the proper permission to write in the folders

chown -R apache:apache /var/lib/pgadmin4
chown -R apache:apache /var/log/pgadmin4
chcon -R -t httpd_sys_content_rw_t "/var/log/pgadmin4/"
chcon -R -t httpd_sys_content_rw_t "/var/lib/pgadmin4/"

If you have problem to start the application we suggest to deactivate SElinux.

After everything working well let’s go ahead with the certificate creation to use for HTTPS protection

yum install mod_ssl
cd /etc/ssl/certs
mkdir /etc/ssl/private
chmod 700 /etc/ssl/private
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/sslcert.key -out /etc/ssl/certs/sslcert.crt
openssl dhparam -out /etc/ssl/certs/dhgroup.pem 2048
cat /etc/ssl/certs/dhgroup.pem | sudo tee -a /etc/ssl/certs/sslcert.crt

Create and edit the file in the apache path for pgadmin

vi /etc/httpd/conf.d/pgadmin4.conf

Add the text below:

<VirtualHost *:80>
ServerName (your ip or host)
Redirect permanent / https://(your ip or host)/browser/
</VirtualHost>

<VirtualHost *:443>
    ServerName (your ip or host)
        SSLEngine on
        SSLCertificateFile /etc/ssl/certs/sslcert.crt  
SSLCertificateKeyFile /etc/ssl/private/sslcert.key 
 WSGIDaemonProcess pgadmin processes=1 threads=25 
 WSGIScriptAlias / /usr/lib/python2.7/site-packages/pgadmin4-web/pgAdmin4.wsgi 
<Directory "/usr/lib/python2.7/site-packages/pgadmin4-web/"> 
 WSGIProcessGroup pgadmin 
 WSGIApplicationGroup %{GLOBAL} 
 Require all granted 
</Directory> 
</VirtualHost>

Create a file that redirect any connection from port 80 (HTTP) to port 443 (HTTPS)

vi /etc/httpd/conf.d/non-ssl.conf

Add the text below:

<VirtualHost *:80>
ServerName (your ip or host)
Redirect permanent / https://(your ip or host)
</VirtualHost>

Edit the main SSL config file for all HTTPS connection with some hardening tips

vi /etc/httpd/conf.d/ssl.conf

Uncomment:

DocumentRoot "/var/www/html" 
ServerName 192.168.24.20:443

Comment:

# SSLProtocol all -SSLv2 
# SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA

Edit the certificate files path:

SSLCertificateFile /etc/ssl/certs/sslcert.crt
SSLCertificateKeyFile /etc/ssl/private/sslcert.key

Add this text somewhere in the file:

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH 
SSLProtocol All -SSLv2 -SSLv3 
SSLHonorCipherOrder On 
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains" 
Header always set X-Frame-Options DENY 
Header always set X-Content-Type-Options nosniff

The firewall if active need the ports to be open to properly allow you to use the web services.

After everything working well let’s go ahead with the certificate creation to use for HTTPS protection

firewall-cmd --permanent --add-service=https
firewall-cmd --permanent --add-service=http
firewall-cmd --reload

Restart Apache service and enable it to start-up at OS boot

systemctl restart httpd
systemctl enable httpd

Test Apache config and set SElinux exception on it.

apachectl configtest
setsebool -P httpd_can_network_connect 1

 

Open your browser and write the ip address or hostname of your pgAdmin4 installed machine

—>>> ENJOY!!! <<<—