Setting Up UFW to Only Allow HTTP and HTTPS from CloudFlare

If you have a public-facing Ubuntu web server and are using Cloudflare to protect your websites, configuring UFW to only allow connections from CloudFlare will protect your server against malicious requests that bypass DNS entries and go directly to your servers IP address. This decreases your attack surface and forces all traffic through the CloudFlare CDN. Please note: these directions assume that you do NOT already have UFW rules in place that allow inbound traffic to ports 80 or 443 and that you DO already have necessary admin rules in UFW such as 22/SSH. Download the two Cloudflare IP address … Continue reading Setting Up UFW to Only Allow HTTP and HTTPS from CloudFlare

Performance Tuning EXT4 in Ubuntu for an HDD

iozone_baselineDisk I/O performance is one of the most common performance bottlenecks, particularly on midrange and/or slightly older hardware running traditional platter-based hard disk drives. Ubuntu 12.04 and up is generally very good for getting maximum performance out of this type of hardware out of the box but there are a couple of tricks and tweaks which can yield substantial performance gains if implemented. EXT4 Tuning The first step is to make a couple of adjustments to any EXT4 partitions. To begin with, run the following command on each partition (XY replaced by partition identifier such as /dev/sda1): sudo tune2fs -o … Continue reading Performance Tuning EXT4 in Ubuntu for an HDD

Getting Synapse working on Mint 17 MATE (and probably other Ubuntu 14.04 distros as well)

Synapse is my absolute favorite keyboard launcher but for some reason, it is not included in Ubuntu 14.04 and I have not found any decent directions on how to get it working. I have since switched from Ubuntu to Mint 17 MATE and devised a way to get it functional. I’m not sure how much if any of these directions apply to Cinnamon or Ubuntu itself but I’m sure that it will at least point you in the right direction. Install the Synapse PPA: sudo add-apt-repository ppa:synapse-core/ppa && sudo apt-get -y update Install Synapse and Zeitgeist. For some reason the … Continue reading Getting Synapse working on Mint 17 MATE (and probably other Ubuntu 14.04 distros as well)

Tasque + Dropbox = centralized task management for Linux and Windows

Wunderlist has always been the go-to application for cross-platform synchronized task management. Unfortunately, it’s a heavy system and version 2 withdrew support for Linux, apparently never to return. Tasque is a great fantastic simple task manager which runs well on both Linux and Windows but it lacks any sort of synchronization capabilities. Technically it is supposed to support Remember The Milk as a backend but it does not work well on Linux and doesn’t seem to work at all on Windows. Fortunately, the local storage option for Tasque is simply an SQLite database and a config file which are stored … Continue reading Tasque + Dropbox = centralized task management for Linux and Windows

Quote

Shrew Soft VPN on Ubuntu

The Shrew Soft vpn client is far and away the best IPSEC vpn client available and it is fantastic for creating mobile vpn connections to firewalls like pfSense. Unfortunately, the version in the 12.04 repository is years out of date and uses qt3 which has also been superseded at this point by qt4. To get a modern, fully functional version of the client working on Ubuntu 12.04 (also tested on 13.04), follow these steps:

  1. Download the client from https://www.shrew.net/download/ike
  2. Open a terminal window and enter the folllowing to install dependancies:
    sudo apt-get install cmake libqt4-core libqt4-dev libqt4-gui libedit-dev libssl-dev checkinstall flex bison
  3. Then enter the following to decompress it:
    cd ~/Downloads && tar zxvf ike-2.2.1-release.tgz  && cd ike
  4. Enter the following to prep the installation:
    cmake -DCMAKE_INSTALL_PREFIX=/usr -DQTGUI=YES -DETCDIR=/etc -DNATT=YES
  5. And enter the following to compile, create a .deb and install:
    sudo checkinstall -y
  6. Now download this archive and extract it: ike_additions.tar
  7. Install the iked daemon with these commands:
    cd ~/Downloads && sudo cp iked /etc/init.d && sudo chmod +x /etc/init.d/iked && sudo update-rc.d iked defaults
  8. Copy iked.conf from it’s included sample file
    sudo cp /etc/iked.conf.sample /etc/iked.conf
  9. Start the iked service
    sudo service iked start
  10. Finally, copy the .desktop file included in the iked_additions.tar.gz archive and copy it to /usr/share/applications for a menu item.
    sudo cp Shrew\ Soft\ VPN.desktop /usr/share/applications/

MySQL Backup Cron Script

Do you have a MySQL server that needs a basic backup mechanism with compression and retention? Try this script on for size and see if it fits your needs. Create the backup script: nano backup_sql.sh Add the following in to the script: #!/bin/bash # Variables, adjust as necessary date=$(date +%Y-%m-%d) dest=”/var/backup” ret=”5″ # retention in number of days pass=”password” # mysql root password # Workin’ section find $dest -type f -mtime +$ret -exec rm {} ; mysqldump -uroot -p$pass –all-databases |gzip -9 > $dest/backup_db_$date.sql.gz exit 0 Adjust any of the variables for your own environment, particularly the $pass variable Make … Continue reading MySQL Backup Cron Script

PS3 Media Server Headless on Ubuntu 10.04 Server

I decided to get the PS3 Media Server running on my Ubuntu 10.04 server and found the documentation available online to be fragmented and contradictory in some cases, so once I got my system up and running, I figured I would document what I did for others. All of the extra repositories that I added support most if not all modern versions of Ubuntu so I am pretty sure that this process will work for anything up to 11.11. For this setup, I wanted to use repositories as much as possible rather than compiling so that everything can stay up … Continue reading PS3 Media Server Headless on Ubuntu 10.04 Server

Create and deploy workstation images

Want to create and deploy drive images over your network but don’t feel like getting jacked for proprietary software? Not surprisingly, there is an easy way to do it with open source software, but it is slightly more involved.  This how-to is written with the following assumptions that should be checked before starting: The workstation and the server are on the same network. Both are using a Windows operating system such as 2000, XP, 2003,Vista or 7 Neither device has any firewall or security impeding communications between the two. The server has enough drive space to hold the image.  If … Continue reading Create and deploy workstation images

Nvidia GEForce 8500GT on Ubuntu 9.04

A quick how-to on getting 3d graphics working in Ubuntu with an Nvidia 8500GT.  This process has been tested on both x86 and x64 distros and has also been tested with an Nvidia 8400GS.  I have also successfully used a similar process on Fedora 11 x64, but the step-by-step was slightly different. It appears that all Nvidia 8000 and 9000 series graphics cards use the same set of drivers, so I would hazard a guess that this process would work on any of these, but I don’t have the cash to find out. Make sure that all updates are installed … Continue reading Nvidia GEForce 8500GT on Ubuntu 9.04