New FTP user for unRAID

  1. Install ProFTPd by SirG
  2. Create folder where the FTP user should have FULL access to
  3. Go to USERS tab
  4. Click ADD USER
  5. Create username
  6. Create password
  7. In the DESCRIPTION field enterftpuser [PATH WITH LEADING SLASH] 
    So for example:
ftpuser /mnt/usr/myfolder
  8. Click ADD
  9. Go to SETTINGS tab
  10. Click ProFTPd
  11. At “Enable ProFTPd:” select YES (*)
  12. Click APPLY
  13. Service should be running. If not, start service
  14. DONE

(*) In case you already have the service running, click RESTART to activate the new user.

The server can now be accessed by SFTP and port 22.

Change W10 password

One day, a friendly wolf said:

so all you need is a usb stick with a windows 10 installer, boot to that, click “Repair my pc” after it asks you for the language -> open the troubleshooter -> open the command line interface

then switch to the C drive
then cd Windows\System32\
rename osk.exe osk.old|
rename cmd.exe osk.exe
close and boot windows normally
click the On-Screen-Keyboard which now opens cmd.exe
net user “username” *
type new password

make sure undo your rename of the cmd.exe and osk.exe things after you’re done

unRAID Docker image corrupted solution

Warning: This method worked for me and I used this source for it. Proceed at your own risk. Also I need to note that I do not use Cache in any form.

The problem:
You have rebooted your unRAID server and your docker service is refusing to start. What you may see is the following:

and

Apr 2 02:25:30 Tower emhttpd: shcmd (264): /etc/rc.d/rc.docker start
Apr 2 02:25:30 Tower root: starting dockerd ...
Apr 2 02:25:36 Tower kernel: BTRFS error (device loop2): parent transid verify failed on 23757324288 wanted 2572174 found 2572201
Apr 2 02:25:36 Tower kernel: BTRFS error (device loop2): parent transid verify failed on 23757324288 wanted 2572174 found 2572201
Apr 2 02:25:46 Tower kernel: BTRFS error (device loop2): parent transid verify failed on 23729225728 wanted 2572162 found 2572190
Apr 2 02:25:46 Tower kernel: BTRFS error (device loop2): parent transid verify failed on 23729225728 wanted 2572162 found 2572190
Apr 2 02:25:46 Tower kernel: BTRFS: error (device loop2) in __btrfs_free_extent:6805: errno=-5 IO failure
Apr 2 02:25:46 Tower kernel: BTRFS info (device loop2): forced readonly
Apr 2 02:25:46 Tower kernel: BTRFS: error (device loop2) in btrfs_run_delayed_refs:2935: errno=-5 IO failure
Apr 2 02:25:46 Tower kernel: BTRFS warning (device loop2): btrfs_uuid_scan_kthread failed -30
Apr 2 02:25:51 Tower emhttpd: shcmd (266): umount /var/lib/docker
Apr 2 02:25:51 Tower root: umount: /var/lib/docker: target is busy.

This of course, made me extremely nervous. Luckily this only meant that my docker file got corrupted. It happened most likely while I was moving it while the docker service was still active. Yeah, it happens.

Solution:
It’s fairly simple, but it takes a little bit of time.

  1. Go to Settings -> Docker -> Enable Docker, and set to No, then click the Apply button (this disables Docker support)
  2. Go to the location of your docker image and rename the file to docker.img.bak – The file may be in 
    /mnt/user/system/docker

    I’m asking you to make a backup, because in all cases, safety first. “Why didn’t you have a backup in the first place?”, I hear you say. Yeah yeah, we all make mistakes every so often! D:

  3. Go to Settings -> Docker -> Enable Docker, and set to Yes and this creates a fresh and empty Docker image. The docker service should now be started. You can see this as this on the docker settings page:

    and on the dashboard you should now see an empty docker field.

  4. Now go to the Apps Tab, Previous Apps Section. Then check off all of your previous applications and hit “Install”

I recommend to do it one by one so you can double-check the settings and clean up the unused templates after you’re done. If you want to make a copy of the templates, FTP into your server and go to

/boot/config/plugins/dockerMan

After you have restored your docker apps, you’re done. Check all the things and make a backup 😉

 

 

How to GIT

UPDATE

git pull

make new local branch:

git checkout -b [name]

CHANGES
make changes, then add all:

git add .

commit:

git commit -m "comment"

push changes and create new branch:

git push

TO GET THE LATEST VERSION

git checkout master
git pull
git checkout [USER]
git rebase master

Step 1. Fetch and check out the branch for this merge request

git fetch origin
git checkout -b [USER] origin/[USER]

Step 2. Review the changes locally

Step 3. Merge the branch and fix any conflicts that come up

git fetch origin
git checkout origin/master
git merge --no-ff [USER]

Step 4. Push the result of the merge to GitLab

git push origin master

(In this case [USER] is foxsan. And you are not him.)

How to set up a domain and e-mail with Virtualmin

Virtualmin is a rock solid control panel for your VPS, it’s simple as that. It’s sometimes not so simple to set it up correctly due to its many options.

I’ve tried my best to make a decent manual that explains how to set up a domain and email in a quick and dirty way. I’m not talking about security and stuff yet. It’s just about setting things up.

I am also assuming your freshly (re)built VPS has a root password set and that you are now ssh-ing into it. If not, do it now.

  1. First thing you need to do is find the name of your network interface 
    ifconfig

    It’s probably venet0 (that’s venetzero)

  2. apt-get update
  3. apt-get install wget nano curl ca-certificates -y
  4. cd ~
  5. wget http://software.virtualmin.com/gpl/scripts/install.sh
  6. sudo /bin/sh install.sh
  7. READ THE TEXT BEFORE PRESSING Y
  8. Press Y and enter to continue. It will now do the thing. Patience, young one. Phase 1, 2 and 3 should all install without a hitch.  [ OK! ]
  9. While you are waiting, go set up the DNS at your registrar. 
    @ 1000 MX 10 mail.domainname.tld

* 1000 A 0 VPS_IP_ADDRESS

@ 1000 A 0 VPS_IP_ADDRESS

ftp 1000 A 0 VPS_IP_ADDRESS

localhost 1000 A 0 127.0.0.1

mail 1000 A 0 VPS_IP_ADDRESS

pop 1000 A 0 VPS_IP_ADDRESS

www 1000 A 0 VPS_IP_ADDRESS

    Don’t worry about the SPF, domainkey, the acme-challenge and the dmarc yet.

  10. If you get “Device “link” does not exist.”, type in the name of the network interface you found at step 1

All should be ready now and you should see a few success messages. If not, go fix.

Time for a little maintenance.
  1. apt-get update
  2. apt-get upgrade -y
  3. apt-get dist-upgrade -y
  4. apt-get autoremove
  5. apt-get autoclean
  6. RESTART THE VPS
To the control panel mobile!

https://HOSTNAME:10000

  1. Log in with your root password
  2. You will now have to go through the post-installation wizard, press Next
  3. Set everything up to according to your wishes. For me, that’s:
    Preload Virtualmin libraries? yes
    Run email domain lookup server? yes
    next
    Run ClamAV server scanner? yes
    next
    Run SpamAssassin server filter? yes
    next
    Run MariaDB/MySQL database server? yes
    Run PostgreSQL database server? no
    next
    Set a MySQL password. Make it strong!
    MariaDB/MySQL configuration size: 
    next
    Primary nameserver : YOUR_HOSTNAME and tick the checkbox “Skip check for resolvability”
    next
    Password storage mode: Only store hashed passwords
    next
    Virtualmin post-installation configuration is now complete!
    next
Are we done yet? D: No.
  1. Click “Re-check and refresh configuration”If you get

    Virtualmin is configured to setup DNS zones, but this system is not setup to use itself as a DNS server. Either add 127.0.0.1 to the list of DNS servers, or turn off the BIND feature on the module config page.

    Click list of DNS servers and add 127.0.0.1 in the DNS Servers field and press Save. Next, click Apply Configuration. Then, click the Virtualmin on top, click System Settings and then Re-check Configuration.

  2. No errors? Click Return To Virtual Servers List

Your Virtualmin installation is now ready to had domain names etc added.

Set up your first virtual server
  1. Click Add New Virtual Server, Owned By: <new user>
  2. Enter the following data:
    Domain name: YOUR_DOMAINNAME.TLD
    Description: Optional, but make a short desc.
    Administration Password: STRONG_PASSWORD!Under Enabled Features tick the options you would like to have. I basically tick everything except for “Setup IP-based virtual FTP” since I don’t need it.
  3. Click Create Server
  4. If all went well, click Return To Virtual Server Details where you can check things again
Time to install a SSL certificate for your domain
  1. Is your domain available already under simple http://? If you have moved your domain and changed your DNS, ping your domain as well to see if everything is set correctly and has been propagated completely. Your frontpage of your domain should say “Apache2 Debian Default Page”
  2. Time to make some DNS additions! Click Server Configuration and then click DNS Records.
  3. Move the following data over to your DNS settings at your registrar:
    SPF, _acme-challenge.mail and _acme-challengeSo, here’s an example:For SPF:

    DOMAINNAME 1000 TXT 0 v=spf1 a mx a:DOMAINNAME.TLD ip4:IPADDRESS1 ip4:IPADDRESS2 ?all

    For the acme challenges:

    _acme-challenge.mail 1000 TXT 0 RANDOMSTRING_OFCHARACTERS

_acme-challenge 1000 TXT 0 RANDOMSTRING_OFCHARACTERS
  4. When everything is set up, go to the Virtualmin tab, click Server Configuration and then click SSL Certificate
  5. Click Let’s Encrypt
  6. Did you set up your DNS according to the pre-filled list you see in the field named “Domains associated with this server”? Then you’re good to go and click Request Certificate. If not, manually enter the domain and subdomains.At this point, the request either succeeds or fails. In the latter case, click SSL Certificate again, then Let’s Encrypt and correct the wrong entry.TIP: If you have errors and try to get a certificate too many times, you get an error about that as well. If you get the following message, go play outside for a little bit or proceed with setting up email as described in the next part. 
    Error requesting challenges: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
  7. dfdsfsf
Setting up e-mail
  1. Click the Virtualmin tab, then Edit Users
  2. Click + Add a user to this server
  3. Enter a mailbox name, like “info”
  4. Enter a password
  5. Click the Create button

Now this has been set up, you can poke your DNS settings again! Woo!

  1. Click the Virtualmin tab, then Email Settings, then DomainKeys Identified Mail
  2. Click Install Now and wait
  3. At the bottom of the page, it should read
    installation completed successfully
  4. Click Return To DKIM Form
  5. Set the DKIM up as follows:Signing of outgoing mail enabled? yes
    Selector for DKIM record name: 2018
    Reject incoming email with invalid DKIM signature? yes
    Size of new DKIM key: 2048Press Save when done
  6. All should be well, so click Return To DKIM Form
  7. Click Return To Virtual Servers List
  8. Click the Virtualmin tab, then Server Configuration, then DNS Options
  9. Set this form up as follows:SPF record enabled? yes
    Allowed sender hostnames: DOMAINNAME.TLD
    DMARC record enabled? yesPress Save when done
  11. Click the Virtualmin tab, then Server Configuration, then DNS Records
  12. Copy the _dmarc entry over to your DNS settings at your registrar
  13. Click the Virtualmin tab, then Email Settings, then DomainKeys Identified Mail
  14. Set “Signing of outgoing mail enabled?” to yes
  15. Click the Save button
  16. Click Return to DKIM form
  17. Copy part of the content of the field “DNS records for additional domains” over to your DNSExample:
    2018._domainkey IN TXT ( “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/I4PwduFS/q”
    “U4y6pDFNFYf868Z2p+BNw+QRMphZ6YnVt1MWeVtNIXnYvhUtf6jhAX2BZ5gl8R2ILyL9NCkFe8W5cAVR”
    “/cZkZl6OIc7fdTiLePYNCS3HcVcTiE0Szb3zwDRAZE2XyAqFvNQJuVe/H5tJxlOAu1vhqv3FuZM1viv9”
    “VfiPQ77oQ9eOmQMZH59+QL/Vw4fnUnui4QhqRaH+iLb1bQdcJqIu1y3M+bgSCmrSu7v40V1G+wmUY13J”
    “fg41SIvYbuEe+CGjwMjVW0KFC15x3m5ChwM3q68b5gBv0L+JeMG27+DDQ5CSUIZSAJU0XifyeAfTIfRe”
    “5L+Bec7hQIDAQAB” )This will end in a train wreck, so remove the first part, namely:2018._domainkey IN TXT ( …. )

    Now, clean up the rest in Notepad++:

    “v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8/I4PwduFS/q” “U4y6pDFNFYf868Z2p+BNw+QRMphZ6YnVt1MWeVtNIXnYvhUtf6jhAX2BZ5gl8R2ILyL9NCkFe8W5cAVR” “/cZkZl6OIc7fdTiLePYNCS3HcVcTiE0Szb3zwDRAZE2XyAqFvNQJuVe/H5tJxlOAu1vhqv3FuZM1viv9” “VfiPQ77oQ9eOmQMZH59+QL/Vw4fnUnui4QhqRaH+iLb1bQdcJqIu1y3M+bgSCmrSu7v40V1G+wmUY13J” “fg41SIvYbuEe+CGjwMjVW0KFC15x3m5ChwM3q68b5gBv0L+JeMG27+DDQ5CSUIZSAJU0XifyeAfTIfRe” “5L+Bec7hQIDAQAB”

  18. Really, clean up the text before entering it into your DNS.

VALIDATE and install FAIL2BAN

(sorry, i can’t remember how to proceed this installation since the last edit was two years ago.)

Good luck.

Upgrading the firmware of the Zyxel VMG8324-B10A

WARNING. As explained on the “About” page that this is a blog based on my notes, whether they fail or not. So proceed at your own risk.

My Zyxel router currently has firmware version 1.00(AAKL.14)C0 and since Zyxel is a good boye, they keep their devices up to date. Like all manufacturers should do IMO.

  1. Aquire all the firmware files that are available by going to ftp://ftp.zyxel.com/VMG8324-B10A/
  2. Remove the files that are older than your current firmware, in my case v.14
  3. BACK UP YOUR CURRENT FIRWARE AND SETTINGS
  4. Apply ALL updates one by one. Do not skip versions.

Good luck.

IMAPSYNC for Debian 8 installation

  1. apt-get update
  2. apt-get upgrade
  3. apt-install git libjson-webtoken-perl libauthen-ntlm-perl libcgi-pm-perl libcrypt-openssl-rsa-perl libdata-uniqid-perl libfile-copy-recursive-perl libio-socket-inet6-perl libio-socket-ssl-perl libio-tee-perl libhtml-parser-perl libjson-webtoken-perl libmail-imapclient-perl libparse-recdescent-perl libmodule-scandeps-perl libreadonly-perl libregexp-common-perl libsys-meminfo-perl libterm-readkey-perl libtest-mockobject-perl libtest-pod-perl libunicode-string-perl liburi-perl libwww-perl libtest-nowarnings-perl libtest-deep-perl libtest-warn-perl make cpanminus
  4. cd /home
  5. git clone https://github.com/imapsync/imapsync.git
  6. cd imapsync
  7. chmod +x imapsync
  8. Test it by typing 
    ./imapsync
  9. You may need to install some extras by entering 
    cpanm File::Tail
  10. cp imapsync /usr/bin/

Done!

Item 10 is to make sure you can use this command anywhere on the server. Have fun!