Qmail SMTP Relay

If you have a Qmail server and you want to allow a specific IP to send emails (relay) through Qmail all you have to do is to add in /etc/tcprules.d/tcp.smtp :

IP:allow,RELAYCLIENT=””,RBLSMTPD=””,NOP0FCHECK=”0″,DKSIGN=”/var/qmail/control/domainkeys/domain.com/dkim1″

Where IP is the IP of your remote email server. You can even specify something like : aaa.bbb.ccc.:allow,RELAYCLIENT=””

After this you have to run :

tcprules /etc/tcprules.d/tcp.smtp.cdb /etc/tcprules.d/tcp.smtp.tmp < /etc/tcprules.d/tcp.smtp

Nginx + php 5.2.17 + php-fpm

Download the needed packages and store them in /usr/src:

http://us.php.net/distributions/php-5.2.17.tar.gz
http://php-fpm.org/downloads/php-5.2.17-fpm-0.5.14.diff.gz
http://nginx.org/download/nginx-1.1.0.tar.gz

Then run :

tar -xvzf php-5.2.17.tar.gz
gzip -cd php-5.2.17-fpm-0.5.14.diff.gz | sudo patch -d php-5.2.17 -p1
cd php-5.2.17
./configure --enable-fastcgi --enable-fpm --with-mcrypt --with-zlib --enable-mbstring --enable-pdo --with-curl --disable-debug --with-pic --disable-rpath --enable-inline-optimization --with-bz2 --enable-xml --with-zlib --enable-sockets --enable-sysvsem --enable-sysvshm --enable-pcntl --enable-mbregex --with-mhash --with-xsl --enable-zip --with-pcre-regex --with-gd --without-pdo-sqlite --with-pdo-mysql --without-sqlite --with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib --with-mysql --enable-bcmath --enable-calendar --enable-exif --enable-ftp --with-gettext --with-imap --with-mysqli --with-openssl --with-kerberos --with-imap-ssl --enable-dbase --with-gmp --enable-shmop --enable-wddx

make all install

Note that you can add —prefix to install the binaries in a different location than the default one.

After compilation is done :

strip /usr/local/bin/php-cgi
cp sapi/cgi/fpm/php-fpm /etc/init.d/
chmod +x /etc/init.d/php-fpm

cp /usr/src/php-5.2.17/php.ini-recommended /usr/local/lib/php.ini
mkdir /etc/php/
ln -s /usr/local/lib/php.ini /etc/php/php.ini
ln -s /usr/local/etc/php-fpm.conf /etc/php/php-fpm.conf

Make sure you edit /etc/php/php-fpm.conf and set the proper user/group (and permissions if its the case).

Then compile Nginx:

tar zxvf nginx-1.1.0.tar.gz
./configure --sbin-path=/usr/local/sbin --with-http_ssl_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module
make && sudo make install

The same you can modify the –prefix here.

Plesk 10 nginx reverse proxy configuration in front of Apache

Plesk 10 nginx reverse proxy configuration

On older Plesk version (

websrvmng –set-http-port –port=8080

Starting with Plesk 10 this is not so easy since you have to edit a php file called /usr/local/psa/admin/conf/templates/default/domain/domainVirtualHost.php. In my case instead of :

domain->physicalHosting->ipAddress->address ?>:server->webserver->httpsPort : $VAR->server->webserver->httpPort ?>>
ServerName "domain->asciiName ?>:server->webserver->httpsPort : $VAR->server->webserver->httpPort ?>"

I’ve set :

 

<VirtualHost <?php echo $OPT[‘ipAddress’]->escapedAddress ?>:<?php echo $OPT[‘ssl’] ? 8043 : 8080 ?>>
ServerName “<?php echo $VAR->domain->asciiName ?>:<?php echo $OPT[‘ssl’] ? 8043 : 8080 ?>”


Where 8043 will be the new https port and 8080 will be the http port.

After this change I had to run :

/usr/local/psa/admin/bin/httpdmng –reconfigure-all

Note that this is only for Plesk 10.x. On 9.x we used to have

/usr/local/psa/admin/sbin/websrvmng –reconfigure-all

After this make sure that the Apache server has set in its configuration files (/etc/httpd/conf/httpd.conf) Listen 8080 instead of Listen 80. Same thing for the /etc/httpd/conf.d/ssl.conf file, Listen 8043 instead of Listen 443.

Then you need to install nginx (yum install nginx) and download this zip file that these guys provided http://www.grafxsoftware.com/download/nginx/nginx_setup.zip. Furthermore you can check their http://www.grafxsoftware.com/faq.php/HOW-TO-configure-PLESK-with-NGinx-proxy-reverse/1/1/.

Once downloaded run:

sh generate_nginx_conf.sh

Verify with “nginx -t” that there isn’t any error and finally restart the involved services :

service httpd restart
service nginx restart

Make sure that 8043 and 8080 accept connections. (Note that its not necessary to change the https port).

Centos 6.0 XenServer templates

To add templates for CentOS 6.0 you can use the RHEL 6.0 templates:

For CentOS 32 bit run:

xe vm-clone uuid=xe template-list name-label=Red Hat Enterprise Linux 6 (32-bit) --minimal new-name-label=”CentOS 6.0 (32-bit)”

For CentOS 64 bit run:

xe vm-clone uuid=xe template-list name-label=Red Hat Enterprise Linux 6 (64-bit) --minimal new-name-label=”CentOS 6.0 (64-bit)”

Delete template XenServer

Sometimes XenServer doesn’t allow you to delete templates from the XenCenter GUI or even the CLI. Here is how to delete templates from the CLI in three steps:

Run:

xe template-list name-label=CentOS 5.6 (32-bit)
And remember the uuid:
uuid ( RO) : 0ce71430-d7ef-00f8-07d9-4166953c4f19

Then:

xe template-param-set other-config:default_template=false uuid=0ce71430-d7ef-00f8-07d9-4166953c4f19

Then :

xe template-param-set is-a-template=false uuid=0ce71430-d7ef-00f8-07d9-4166953c4f19

And then:

xe vm-destroy uuid=0ce71430-d7ef-00f8-07d9-4166953c4f19

Authentication Token Manipulation Error

You may get an error, such as Authentication Token Manipulation Error, while trying to change passwords for a user. For example:

#passwd user
Authentication Token Manipulation Error
#

This error is being produced because you are using shadowed password files and the shadow doesn’t have entry for this user. i.e, passwd file has an entry for this user, but shadow file doesn’t.

In order to resolve this, you can either add the entry manually or recreate the shadow file. You can use pwconv to recreate the shadow file. See the manpage for more details on this.

How to clear SWAP

It happens for swap to be used from time to time :

root@servcorp:~# free -m
total used free shared buffers cached
Mem: 4011 759 3252 0 4 53
-/+ buffers/cache: 702 3309
Swap: 8191 15 8176

To clear the swap run :

root@servcorp:~# swapoff -a && swapon -a

And free shows :

root@servcorp:~# free -m
total used free shared buffers cached
Mem: 4011 746 3265 0 4 55
-/+ buffers/cache: 686 3325
Swap: 8191 0 8191