Sie sind auf Seite 1von 18

Quick Linux Administration

######################################################################
Q1.Setup IP Configuration on server1
######################################################################

IP Configuration
Hostname: server1.example.com
IP address: 192.168.122.10
Netmask: 255.255.255.0
Gateway: 192.168.122.1
Name Server: 192.168.122.1

######################################################################

Getting example configuration from netplan manual page


man netplan

Listing ip and interface information using ip


ip a s

Editing yaml file to make required changes


vim /etc/netplan/00-installer-config.yaml
network:
ethernets:
ens3:
dhcp4: no
addresses: [192.168.122.10/24]
gateway4: 192.168.122.1
nameservers:
addresses: [192.168.122.1]
version: 2

Applying netplan configuration


netplan apply

Checking for configuration successful

ip a | grep ens3

Changing hostname as per requirement


hostnamectl set-hostname system1.example.com
hostnamectl

######################################################################
Q2. Install LAMP(Apache,MySQL & PHP) server
#####################################################################

Install tasksel installer

apt install tasksel -y


Install LAMP using taskel

tasksel install lamp-server

Test LAMP Installation

vim /var/www/html/phpinfo.php
<?php
phpinfo();
?>
cat /var/www/html/phpinfo.php

http://192.168.122.10/phpinfo.php

Perform MySQL Secure Installation

mysql_secure_installation

Configure Firewall for Apache Access

ufw allow in "Apache Full"

Install PHP modules


apt-cache search ^php- | grep module

apt install php-memcache

Configure Apache ServerName


vim /etc/apache2/apache2.conf

ServerName 192.168.122.10

Check Apache Configuration

apache2ctl configtest

Restart and enable Apache

systemctl is-enabled apache2.service

systemctl enable --now apache2

systemctl restart apache2

systemctl is-active apache2.service

systemctl status apache2

tail -f /var/log/apache2/access.log
tail -f /var/log/apache2/error.log
journalctl -p err _SYSTEMD_UNIT=apache2.service
######################################################################
Q3. Install phpMyAdmin on server
#####################################################################

Install required Packages

apt install phpmyadmin php-mbstring php-gettext

Enable php extension


phpenmod mbstring

Restart apache2
systemctl restart apache2

http://192.168.122.10/phpmyadmin
phpmyadmin
XXXXXXX
######################################################################
Q4. Install and configure ntp on server
#####################################################################

Install required software


apt install ntp

Configure Firewall
ufw allow from any to any port 123 proto udp

Verify ntp is synced


ntpq -p

######################################################################
Q5. Install and configure nfs server on server
###############################################################
Install required Packages
apt install nfs-kernel-server -y

Check for nfs version support


cat /proc/fs/nfsd/versions

Disable nfsv3 support


vim /etc/default/nfs-kernel-server
RPCNFSDCOUNT="8 --no-nfs-version 3"

systemctl restart nfs-kernel-server.service

cat /proc/fs/nfsd/versions

Enable and Restart nfs service

systemctl enable --now nfs-kernel-server.service

Create required Directories to share


mkdir /homes

Update exports file


vim /etc/exports

/home *.example.com(rw,sync,no_subtree_check)
/homes 192.168.122.0/24(rw,sync,no_root_squash,no_subtree_check)
/mnt/datastore/datacenter
192.168.122.0/24(rw,sync,no_root_squash,no_subtree_check)

exportfs -rv

Configure Firewall
ufw enable

ufw allow from 192.168.122.0/24 to any port nfs

ufw status

Mount share on client


mkdir /mnt/homes

vim /etc/fstab

192.168.122.10:/homes /mnt/homes nfs rw,soft 0 0

mount -a

df -hT

######################################################################
Q6. Install and configure JAVA 8 on server
############################################################
Install required Packages
apt update

apt install openjdk-8-jdk openjdk-8-jre -y

Check Java version


java -version

Setup Java profile


vim /etc/environment

JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
JRE_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre

java -version

######################################################################
Q7. Install and configure Apache Maven on server
###########################################################
Download Apache Maven source
cd /opt/
wget https://downloads.apache.org/maven/maven-3/3.3.9/binaries/apache-maven-3.3.9-
bin.tar.gz

Extract archive
tar xvf apache-maven-3.3.9-bin.tar.gz

Rename Apache Maven directory


mv apache-maven-3.3.9 apache-maven
Configure Apache Maven
cd /etc/profile.d/

vim maven.sh
# Apache Maven Environment Variables
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
export MAVEN_HOME=/opt/apache-maven
export PATH=${MAVEN_HOME}/bin:${PATH}

Set Necessary permissions


chmod +x maven.sh
source maven.sh
mvn --version
mvn --help

######################################################################
Q8. Install and configure git on server
############################################################
Install required packages
apt update

apt install git -y

Check git version


git --version

Setup git
git config --global user.name "Andrey Jozef"

git config --global user.email "ajozef@gmail.com"

cat ~/.gitconfig
[user]

name = Andrey Jozef

email = ajozef@gmail.com

######################################################################
Q9. Install and configure jenkins on server
############################################################

Add apt repository key


wget -qO - https://pkg.jenkins.io/debian-stable/jenkins.io.key | apt-key add -

Add Jenkins repository


echo "deb http://pkg.jenkins-ci.org/debian-stable binary/" >
/etc/apt/sources.list.d/jenkins.list

Update software list


apt update

Install required software


apt install jenkins -y

Start and enable jenkins


systemctl enable --now jenkins

Check the status of jenkins service


systemctl status jenkins

Configure firewall for jenkins


ufw status

ufw enable

ufw allow ssh

ufw allow 8080

ufw status
Setup jenkins
http://192.168.10.111:8080

cat /var/lib/jenkins/secrets/initialAdminPassword

admin

Proceed with configuration

###################################################

#############################################################
Q10. Install docker on server
#############################################################
Update software list
apt update

Installed required software


apt install docker.io -y

Start and enable docker service


systemctl enable --now docker

Check the docker version


docker --version
###################################################

Q11. Install Apache ANT on server


###########################################################
Update software list
apt update

Installed required software


apt install ant -y

Check the Apache ANT version


ant -version
###################################################

Q12. Install and configure postfix on server


###########################################################
Update hosts file
vim /etc/hosts
192.168.122.10 mail.example.com mail

Update software list


apt update
Installed required software
apt install mailutils -y
use type as Internet Site and example.com as domain

Configure postfix
vim /etc/postfix/main.cf
inet_interfaces = loopback-only

myhostname=mail.example.com

OR

postconf -e 'inet_interfaces = loopback-only’

postconf -e 'myhostname=mail.example.com’

postconf -p | egrep '^inet_interfaces|^myhostname'

Enable and restart postfix server


systemctl enable --now postfix
systemctl status postfix

Test postfix is working


echo "Hey dude what’s Up? " | mail -s "Knock Knock" student@example.com

su -l student

mail

###################################################

Q13. Install nagios 4.4.6 on server


###########################################################
Update software List
apt update

Install required Packages


apt install -y autoconf bc gawk dc build-essential gcc libc6 make wget unzip
apache2 php libapache2-mod-php7.2 libgd-dev libmcrypt-dev make libssl-dev snmp
libnet-snmp-perl gettext -y

Download Nagios 4.4.5


wget -c https://github.com/NagiosEnterprises/nagioscore/archive/nagios-
4.4.5.tar.gz -P /root/

Extract download source


tar xvzf nagios-4.4.5.tar.gz

cd nagioscore-nagios-4.4.5/
Compile and install Nagios
./configure --with-httpd-conf=/etc/apache2/sites-enabled

make all

Create necessary users and add them to required groups.


make install-groups-users

usermod -a -G nagios www-data

id nagios

Install Nagios binaries


make install

Install service daemon script


make install-daemoninit

Install the command mode.


make install-commandmode

Install sample config files


make install-config

Install the Apache configuration for Nagios 


make install-webconf

Activate the mod_rewrite and mode_cgi modules


a2enmod rewrite cgi

Restart appache to activate new configuration


systemctl restart apache2

Create nagiosadmin user


htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
XXXXXXX

Setup firewall
ufw enable

ufw allow ssh


ufw allow Apache

ufw reload

ufw status

Download nagios plugins


wget --no-check-certificate -O nagios-plugins.tar.gz https://github.com/nagios-plugins/nagios-plugins/archive/release-
2.2.1.tar.gz

Extract archive

tar zvxf nagios-plugins.tar.gz

Compile and install plugins


cd nagios-plugins-release-2.2.1

./tools/setup

./configure

make && make install

Update nagios.cfg for necessary parameters


cd /usr/local/nagios/etc
vim nagios.cfg
cfg_dir=/usr/local/nagios/etc/servers

Create directory to hold configuration


mkdir -p /usr/local/nagios/etc/servers

Update contacts.cfg
vim /usr/local/nagios/etc/objects/contacts.cfg

Update commands.cfg
vim /usr/local/nagios/etc/objects/commands.cfg

define command{

command_name check_nrpe

command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$

Check nagios configuration for errors


/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Restart nagios and apache services

systemctl restart apache2.service

systemctl restart nagios.service


Open firefox and open nagios webportal

http://192.168.122.10/nagios/

Add a host to monitor using nagios


ssh student@192.168.122.11

Update sofware list


apt update

Install required nagios plugins


apt install nagios-nrpe-server nagios-plugins

Update nrpe.cfg
cd /etc/nagios/

vim nrpe.cfg
server_address=192.168.10.11
allowed_hosts=127.0.0.1,::1,192.168.122.10

Update nrpe_local.cfg
command[check_root]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /

command[check_ping]=/usr/lib/nagios/plugins/check_ping -H 192.168.122.11 -w
100.0,20% -c 500.0,60% -p 5

command[check_ssh]=/usr/lib/nagios/plugins/check_ssh -4 192.168.122.11

command[check_http]=/usr/lib/nagios/plugins/check_http -I 192.168.122.11

command[check_apt]=/usr/lib/nagios/plugins/check_apt

Restart and enable nrpe service at boot


systemctl enable --now nagios-nrpe-server

systemctl restart nagios-nrpe-server

Check from nagios server manual plugins check works

/usr/lib/nagios/plugins/check_nrpe -H 192.168.122.11
/usr/lib/nagios/plugins/check_nrpe -H 192.168.122.11 -c check_ping

Add host configuration on Nagios server


vim /usr/local/nagios/etc/servers/client1.cfg
define host {
use linux-server

host_name client01

alias Ubuntu Host

address 192.168.122.11

register 1

define service {

host_name client01

service_description PING

check_command check_nrpe!check_ping

max_check_attempts 2

check_interval 2

retry_interval 2

check_period 24x7

check_freshness 1

contact_groups admins

notification_interval 2

notification_period 24x7

notifications_enabled 1

register 1

define service {

host_name client01

service_description Check Users

check_command check_nrpe!check_users

max_check_attempts 2

check_interval 2

retry_interval 2

check_period 24x7

check_freshness 1

contact_groups admins

notification_interval 2
notification_period 24x7

notifications_enabled 1

register 1

define service {

host_name client01

service_description Check SSH

check_command check_nrpe!check_ssh

max_check_attempts 2

check_interval 2

retry_interval 2

check_period 24x7

check_freshness 1

contact_groups admins

notification_interval 2

notification_period 24x7

notifications_enabled 1

register 1

define service {

host_name client01

service_description Check Root / Disk

check_command check_nrpe!check_root

max_check_attempts 2

check_interval 2

retry_interval 2

check_period 24x7

check_freshness 1

contact_groups admins

notification_interval 2

notification_period 24x7

notifications_enabled 1
register 1

define service {

host_name client01

service_description Check APT Update

check_command check_nrpe!check_apt

max_check_attempts 2

check_interval 2

retry_interval 2

check_period 24x7

check_freshness 1

contact_groups admins

notification_interval 2

notification_period 24x7

notifications_enabled 1

register 1

define service {

host_name client01

service_description Check HTTP

check_command check_nrpe!check_http
max_check_attempts 2

check_interval 2

retry_interval 2

check_period 24x7

check_freshness 1

contact_groups admins

notification_interval 2

notification_period 24x7

notifications_enabled 1

register 1

}
Check Nagios config might have typos
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Restart nagios server

systemctl restart nagios

###################################################

Q14. Install and Configure wordpress on server


###########################################################

Update software list


apt update

Install tasksel installer software


apt install tasksel -y

Install LAMP Server


tasksel install lamp-server

Check installed apache version


apache2 -v

Check MySQL version


mysql -V

Check installed php version


php -v

Create a simple php page to test LAMP installation

bash -c "echo -e '<?php\nphpinfo();\n?>' > /var/www/html/phpinfo.php"


cat /var/www/html/phpinfo.php

Update apache2.conf
cd /etc/apache2
ls -l
vim apache2.conf
ServerName 192.168.122.50

Configure MySQL secure server


mysql_secure_installation

Login to MySQL
mysql -u root -p

Create wordpress DATABASE


CREATE DATABASE wordpress;

Check if DATABASE creation went successful


SHOW DATABASES;

Create wordpress Admin User


CREATE USER `wp_admin`@`localhost` IDENTIFIED BY 'Y0u3p@s3';

Grant wp_admin user necessary permissions.


GRANT ALL ON wordpress.* TO `wp_admin`@`localhost`;

Reload Privileges
FLUSH PRIVILEGES;

EXIT from MySQL Shell


EXIT

Test wp_admin user


mysql -u wp_admin -p

Install additional php Packages

apt install php7.2 php7.2-cli php7.2-mysql php7.2-json php7.2-opcache php7.2-mbstring php7.2-


xml php7.2-gd php7.2-curl -y

Download Wordpress source


wget -c https://wordpress.org/latest.tar.gz -P /root

Extract MySQL source


tar xvf /root/latest.tar.gz

Move wordpress to /var/www Directory.


mv -v /root/wordpress /var/www/wordpress

Assign webserver necessary permissions.


chown -Rv www-data:www-data /var/www/wordpress
find /var/www/wordpress/ -type d -exec chmod -v 750 {} \;
find /var/www/wordpress/ -type f -exec chmod -v 640 {} \;

Configure Wordpress
cd /var/www/wordpress
mv wp-config-sample.php wp-config.php
vim wp-config.php
define( 'DB_NAME', 'wordpress' );

/** MySQL database username */


define( 'DB_USER', 'wp_admin' );
/** MySQL database password */
define( 'DB_PASSWORD', 'Y0u3p@s3' );
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8');

/** The Database Collate type. Don't change this if in doubt. */


define('DB_COLLATE', '');

Create VirtualHost for wordpress


cd /etc/apache2/sites-available/

ls -l

egrep -v "#|$^" 000-default.conf > wordpress.conf

vim wordpress.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/wordpress
ServerAlias server5.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
DirectoryIndex index.html index.php
DocumentRoot /var/www/wordpress
<Directory /var/www/worpress>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>

Test apache configuration for typos


apachectl configtest

Enable wordpress VirtualHost


a2ensite wordpress.conf

Disable Default VirtualHost


a2dissite 000-default.conf
Enable rewrite
a2enmod rewrite

Restart apache2
systemctl restart apache2

Install wordpress
Open Firefox
http://192.168.122.50

Proceed with Installation