In this list we will show open source alternatives to ChatGPT.
How to enable remote connections to MySQL server
Enabling remote connections to a MySQL server involves a few steps:
1. Configure MySQL Server
By default, MySQL server is configured to listen to the loopback IP address 127.0.0.1, which means it only accepts connections from the local machine. To allow remote connections, you need to modify the MySQL configuration file (my.cnf or my.ini or 50-server.cnf), typically located in /etc/mysql/ or /usr/local/mysql/etc/ or /etc/mysql/mariadb.conf.d.
Look for the following line in the configuration file:
bind-address = 127.0.0.1
And change it to:
bind-address = 0.0.0.0
This allows the MySQL server to listen on all available network interfaces.
2. Grant remote access to MySQL user
By default, MySQL server creates a user root with full administrative privileges, but it only allows access from the local machine. To enable remote access for this user, you need to grant it permission to connect from a remote IP address.
Log in to the MySQL server as root user and execute the following command:
GRANT ALL ON . TO 'root'@'%' IDENTIFIED BY 'yourpassword';
This grants the user root access to all databases and tables from any IP address (%). Replace ‘yourpassword‘ with a secure password of your choice.
3. Restart MySQL server
After modifying the configuration file and granting remote access to the user, you need to restart the MySQL server to apply the changes.
On Ubuntu or Debian, use the following command:
sudo service mysql restart
On CentOS or Fedora, use:
sudo systemctl restart mysqld
4. Open MySQL port on firewall
If you have a firewall running on the MySQL server, you need to open the port that MySQL server is listening on (usually port 3306) to allow incoming connections.
On Ubuntu or Debian, use the following command to open the port:
sudo ufw allow 3306/tcp
On CentOS or Fedora, use:
sudo firewall-cmd --add-port=3306/tcp --permanent
sudo firewall-cmd --reload
Once you have completed these steps, you should be able to connect to the MySQL server remotely using the root user and the password you set in step 2.
However, note that allowing remote access to the MySQL server can pose a security risk if not properly secured.
Therefore, it is recommended to only allow connections from trusted IP addresses and to use a secure password.
Disable exec, shell_exec, system, popen and Other PHP Functions To Improve Security
PHP has a lot of functions which can be used to crack your server if not used properly. You can set list of functions in php.ini using disable_functions directive. This directive allows you to disable certain functions for security reasons. It takes on a comma-delimited list of function names.
Open a terminal application or login to your server over the ssh session using ssh command. Open php.ini file using a text editor such as vim command or nano command:
sudo nano /etc/php/8.0/fpm/php.ini
Find disable_functions and set new list as follows:
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
We also recommend to disable allow_url_include and allow_url_fopen for security reasons:
allow_url_fopen=Off allow_url_include=Off
Restart PHP with command:
systemctl restart php8.0-fpm
Install Wireguard on Debian 11
First update package list and upgrade your operating system:
sudo apt update && sudo apt upgrade
To install Wireguard use command:
sudo apt install wireguard
Now check if Wireguard installed correct:
sudo modprobe wireguard
If this command dose not show anything, Wireguard installed correct. If You get error like this: modprobe: FATAL: Module wireguard not found in directory /lib/modules/4.19.0-12-686, install this package:
sudo apt install linux-headers-$(uname --kernel-release)
How to check an hard drive health in Linux using smartctl
The smartmontools package is generally available in the default repositories of all the major Linux distributions. It contains two utilities useful to check the status of storage with S.M.A.R.T support (Self Monitoring Analysis and Reporting Technology): smartcl and smartd.
The former is the utility we use directly to check S.M.A.R.T attributes, run tests, or perform other actions; the latter is the daemon which can be used to schedule operations in the background.
Tu install smartmontools use command:
sudo apt install smartmontools
Checking if SMART is enabled
Let’s become familiar with the smartctl utility. The first thing we want to check is if S.M.A.R.T support is active on the device. To perform this operation we can run the smartctl utility with the -i option (short for –info):
sudo smartctl -i /dev/sda
If SMART support is disabled we need to enable it:
sudo smartctl -s on /dev/sda
Getting S.M.A.R.T information with smartctl
To get information about hard drive /dev/sda use command:
sudo smartctl -a /dev/sda
Very important parameters to check are, among the others, “Reallocated_Sector_Ct” and “Current_Pending_Sector”. In both cases if the RAW_VALUE is something other than 0, we should be very careful and start to backup data on the hard drive. The Reallocated_Sector_Ct is the count of sectors on the block device which cannot be used correctly.
When such a sector is found it is remapped to one of the available spare sectors of the storage device, and data contained in it is relocated. The Current_Pending_Sector attribute, instead, is the count of bad sectors that are still waiting to be remapped. If you want to know more about the S.M.A.R.T attributes and their meaning, you can begin to take a look at the Wikipedia S.M.A.R.T page.
Proxmox – cluster not ready – no quorum [SOLVED]
This error occurs when we remove a node from the cluster.
If the cluster has 2 nodes and the two nodes are mentioned to access the quorum.
After removing a node from the cluster only a single node is active. Thus the quorum permission becomes a read-only state.
To resolve the error we change the node from 2 to 1 in the default configuration.
The sample error looks like:
Cluster not ready – no quorum? (500)
First we login to the Proxmox server.
Then we check the state of the cluster using the command
pvecm status
From the result, we find that the Quorum activity is blocked.
Thus we execute the below command to change the votes from 2 to 1.
pvecm expected 1
After executing the command we will be able to delete the VM.
If the VM gets locked during the process, we unlock the VM using the command
qm unlock
Now if you want, you can delete cluster width this commands:
systemctl stop pve-cluster corosync pmxcfs -l rm /etc/corosync/* rm /etc/pve/corosync.conf killall pmxcfs systemctl start pve-cluster
Or you can remove only one node from cluster with this documentation:
https://pve.proxmox.com/wiki/Cluster_Manager#_remove_a_cluster_node
How to install Arch Linux
In this lesson we install Arch Linux on encrypted btrfs volume step by step.
1. Show all volumes on hard drive:
ls /dev/sd*
2. Delete all volumes on drive /dev/sda
fdisk /dev/sda
Next write letter (d) -> number of volume and then write changes (w)
3. Create some partitions with command cfdisk:
– First partition: 256M, type: EFI System
– Second partition: 512M
– Third partition: full size of disk
Write changes, type yes and exit from cfdisk.
4. Now let’s create file system and encrypt on our partitions:
mkfs.vfat -n "EFI System" /dev/sda1
mkfs.ext4 -L boot /dev/sda2
mkfs.ext4 -L root /dev/sda3
We successfully created three partitions – efi, boot and root.
Now we need to encrypt our root partition:
modprobe dm-crypt modprobe dm-mod
cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda3
Type YES in capital letters and password for encrypted partition.
5. Open our encrypted partition:
cryptsetup open /dev/sda3 archlinux
6. Create btrfs partition on our encrypted partition:
mkfs.btrfs -L root /dev/mapper/archlinux
7. Mount
mount -t btrfs /dev/mapper/archlinux /mnt cd /mnt
8. Create subvolumes for btrfs partition
btrfs subvolume create root btrfs subvolume create home btrfs subvolume create snapshots
Go to / and unmount /mnt
cd / umount -R /mnt
8. Mount
mount -t btrfs -o subvol=root /dev/mapper/archlinux /mnt
Create home and snapshots directories:
mkdir /mnt/home mkdir /mnt/snapshots
Mount home and snapshots directories
mount -t btrfs -o subvol=home /dev/mapper/archlinux /mnt/home mount -t btrfs -o subvol=snapshots /dev/mapper/archlinux /mnt/snapshots
Create boot directories:
mkdir /mnt/boot
mkdir /mnt/boot/efi
Show partitions:
lsblk
Mount boot directories:
mount /dev/sda2 /mnt/boot mount /dev/sda1 /mnt/boot/efi
9. Create swap file:
dd if=/dev/zero of=swap bs=1M count=1024 chmod 0600 swap mkswap swap swapon swap
10. Install Arch Linux to /mnt directory:
pacstrap -i /mnt base base-devel efibootmgr grub linux linux-firmware networkmanager vim mc
11. Generate fstab
genfstab -U /mnt > /mnt/etc/fstab
12 Arch chroot to our new system:
arch-chroot /mnt
13. Change root password:
passwd
14. Uncomment locales in /etc/locale.gen file
vim /etc/locale.gen
Generate locale:
locale-gen echo LANG=en_US > /etc/locale.conf
15. Configure grub boot loader
vim /etc/default/grub
In line GRUB_CMDLINE_LINUX=”” write this text:
GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda3:archlinux"
Change file /etc/mkinitcpio.conf: in line HOOKS add encrypt
HOOKS=(... encrypt ...)
mkinitcpio -p linux
Configure grub bootloader:
grub-install --boot-directory=/boot --efi-directory=/boot/efi /dev/sda2 grub-mkconfig -o /boot/grub/grub.cfg grub-mkconfig -o /boot/efi/EFI/arch/grub.cfg
Configuration Cambium from command line
Default Cambium EMP 1000 IP: 169.254.1.1
Default user name: admin and password: admin
1. Open SSH terminal and connect to 169.254.1.1
2. Enable DHCP with command (1 – Static, 2 – DHCP):
config set networkLanIPAddressMode 2
Configure network IP, Mask and Gateway parameters:
config set networkLanIPAddr 10.20.124.10 config set networkLanNetmask 255.255.255.0 config set networkLanGatewayIP 10.20.124.1
3. Save configuration with command:
config save config apply
4. Reboot devise for changes to take effect.
reboot
Now you can open Web-browser and go to http://IP configuration page.
Change VGA resolution in Linux
1.First create modeline with your resolution
cvt 1680 1050
This will create modeline for resolution of 1600×900 which will look something like this:
1680x1050 59.95 Hz (CVT 1.76MA) hsync: 65.29 kHz; pclk: 146.25 MHz
Modeline "1680x1050_60.00" 146.25 1680 1784 1960 2240 1050 1053 1059 1089 -hsync +vsync
2. To add this resolution to monitor settings, type the following command:
xrandr --newmode "1680x1050_60.00" 146.25 1680 1784 1960 2240 1050 1053 1059 1089 -hsync +vsync
3. Next show your monitors list and find name of your monitor (VGA-1)
xrandr --listmonitors
3. And next write this command:
xrandr --addmode VGA-1 "1680x1050_60.00"
4. In Linux Mint, xorg.conf is not present by default and has to be created. This can be created only when x server is not working ie. in console mode otherwise system will give error. Type these highlighted commands one by one in console mode:
Alt+Ctrl+F1 (switch to console mode)
sudo service lightdm stop (For Mint 12 Lisa users)
or
sudo service mdm stop (For Mint 13 Maya users)
sudo X -configure (generates new xorg.conf file)
5. To switch back to graphical mode, type:
sudo start lightdm (Mint 12 Lisa users)
sudo service mdm start (Mint 13 Maya users)
If above commands fail to bring back graphical mode, just restart your computer.
Cockpit – Web GUI for Your Linux Servers
Cockpit gives you a GUI for your server, which can be accessed via a web browser. Cockpit makes it easy to start containers, administer storage, configure networks, inspect logs, and perform system tasks with a mouse.
You can think of Cockpit like a graphical “desktop interface”, but for individual servers.
To install Cockpit on Debian / Ubuntu use command:
sudo apt install cockpit
Default Cockpit web port is 9090, don’t forget to allow access to this port in your firewall.
With Cockpit you can easy get access to server terminal from your Web-browser: