Sunday, July 10, 2016

Install iRedmail on Debian 8

1. Install iRedmail follow official guide onhttp://www.iredmail.org/docs/index.html#install-iredmail

2. Reinstall Clamav
apt-get remove clamav clamav-daemon
apt-get install clamav clamav-daemon
/etc/init.d/clamav-daemon restart
/etc/init.d/clamav-freshclam restart


 3. Register TLS cert on startssl.com

4. When STARTSSL.COM send email to webmaster@youmaildomain.com to verify domain, maybe it is listed in greylist and is denied by postfix, so you should add ip and account of starssl into whitelist (you can check using tail -f /var/log/mail.log for detect ip and email account of startssl)

cd /opt/iredapd/tools/
python wblist_admin.py --list --whitelist
python wblist_admin.py --add --whitelist 4.14.40.143 no-reply@startcomca.com
python wblist_admin.py --add --whitelist 4.14.40.142 no-reply@startcomca.com


5. When register TLS cert successfully, you will receive a zip (assum it is gbsofts.net.zip) file contains cert and other info, download it and put into /root/cert/
mkdir /root/cert
cd /root/cert
openssl req -newkey rsa:2048 -keyout gbsofts.net.key -out gbsofts.net.csr
openssl rsa -in gbsofts.net.key -out gbsofts.net.decrypt.key
wget --no-check-certificate https://www.startssl.com/certs/ca-bundle.pem -O startssl-ca-bundle.crt
unzip gbsofts.net.zip
unzip NginxServer.zip

cat 1_gbsofts.net_bundle.crt gbsofts.net.decrypt.key > gbsofts.net.pem

nano /etc/nginx/conf.d/00-default.conf
ssl_certificate /root/cert/1_gbsofts.net_bundle.crt;
ssl_certificate_key /root/cert/gbsofts.net.decrypt.key;
nano /etc/postfix/main.cf
smtpd_tls_key_file = /root/cert/gbsofts.net.decrypt.key
smtpd_tls_cert_file = /root/cert/1_gbsofts.net_bundle.crt
smtpd_tls_CAfile = /root/cert/startssl-ca-bundle.crt

nano /etc/dovecot/dovecot.conf
ssl_cert = </root/cert/1_gbsofts.net_bundle.crt
ssl_key = </root/cert/gbsofts.net.decrypt.key
service postfix restart
service dovecot restart
service nginx restart

6. Add TXT record to domain to set SPF
v=spf1 ip4:a.b.c.d ~all

for other domain, add TXT
v=spf1 include:otherdomain.com ip4:a.b.c.d ~all

Monday, July 4, 2016

Authen SSH using key


ssh-keygen -t rsa

ssh username@remoteserver mkdir -p .ssh

cat .ssh/id_rsa.pub | ssh username@remoteserver 'cat >> .ssh/authorized_keys' 

Sunday, July 3, 2016

Build Postgres from source

Install libs for compile source postgres

apt-get install build-essential libreadline-dev zlib1g-dev llvm-7 clang-7

if use Debian 11 or Ubuntu 22.04, change llvm and clang to current version

apt-get install build-essential libreadline-dev zlib1g-dev llvm clang libicu-dev pkg-config
 

Extract postgres source to postgres-source-dir (change lllvm-7 to current version llvm path)

mkdir -p /home/userpath/postgres/pgsql
cd postgres-source-dir

./configure --with-llvm LLVM_CONFIG="/usr/lib/llvm-7/bin/llvm-config" --prefix=/home/userpath/postgres/pgsql

make

make install

if you want to install postgres-contrib extension, you can compile it

cd contrib
make
make install



cd \

mkdir postgres

cd postgres

mkdir database

mkdir pgsql

pgsql/bin/initdb --locale en_US.UTF-8 -D database


Now you can setup everything with new portable postgres include 2 folder: pgsql and database

Run portable postgres 9.5.3 on Debian 8 64bit

I built portable postgres 9.5.3 from source for Debian 8 64bit. You can download it and free to use wihout install any dependencies.

Get file from https://drive.google.com/open?id=0B30EeVPAcvhvZmNFbXFidFVYRTA

tar xvf postgresql_9.5.3_portable_debian8_64.tar.gz

cd postgres

sh start_postgres.sh

To stop postgres

sh stop_postgres.sh

To use other command of Postgres:

source config_postgres

then all commands of postgres should be work properly

Update link for Postgres 9.6.2: https://drive.google.com/open?id=0B30EeVPAcvhvRHotSDdxYTA2LTA