Coretane Mr. Jaman

Senin, 24 Februari 2025

Cara Resize Vm Proxmox

Lewat web Proxmox masuk ke Vm yg mau di resize misal di tambah 500 GB
kalo lewat cli qm resize 201 scsi0 +500G
qm list
masuk Ke Vm nya lalu install dulu parted yg baru
yum install parted
Ikuti partisi berikut

[root@localhost ~]# parted /dev/sda
GNU Parted 3.1
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print
Model: QEMU QEMU HARDDISK (scsi)
Disk /dev/sda: 215GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  1075MB  1074MB  primary  xfs          boot
 2      1075MB  34.4GB  33.3GB  primary               lvm

(parted) resizepart 2 100%
(parted) print
Model: QEMU QEMU HARDDISK (scsi)
Disk /dev/sda: 215GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos
Disk Flags:

Number  Start   End     Size    Type     File system  Flags
 1      1049kB  1075MB  1074MB  primary  xfs          boot
 2      1075MB  215GB   214GB   primary               lvm

(parted) quit

[root@localhost ~]#

Show current disk at VM

[root@localhost ~]# df -h
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/centos-root   30G  1.1G   29G   4% /
devtmpfs                 3.9G     0  3.9G   0% /dev
tmpfs                    3.9G     0  3.9G   0% /dev/shm
tmpfs                    3.9G  8.5M  3.9G   1% /run
tmpfs                    3.9G     0  3.9G   0% /sys/fs/cgroup
/dev/sda1               1014M  142M  873M  14% /boot
tmpfs                    783M     0  783M   0% /run/user/1000
[root@localhost ~]#

show current Phisycal Volume

[root@localhost ~]# pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               centos
  PV Size               <31.00 GiB / not usable 3.00 MiB
  Allocatable           yes (but full)
  PE Size               4.00 MiB
  Total PE              7935
  Free PE               0
  Allocated PE          7935
  PV UUID               dWzC8B-TkO9-hiHN-Oodx-c2d-nzQ-zrJfGN

[root@localhost ~]#

Resize Phisycal Volume

[root@localhost ~]# pvresize /dev/sda2
  Physical volume "/dev/sda2" changed
  1 physical volume(s) resized / 0 physical volume(s) not resized
[root@localhost ~]# 
[root@localhost ~]# pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda2
  VG Name               centos
  PV Size               <199.00 GiB / not usable 2.00 MiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              50943
  Free PE               43008
  Allocated PE          7935
  PV UUID               dWzC8B-TkO9-hiHN-Oodx-c2d-nzQ-zrJfGN

[root@localhost ~]#

Resize Logical Volume

[root@localhost ~]# lvresize --extents +100%FREE --resizefs /dev/centos/root
  Size of logical volume centos/root changed from <30.00 GiB (7679 extents) to <198.00 GiB (50687 extents).
  Logical volume centos/root successfully resized.
meta-data=/dev/mapper/centos-root isize=512    agcount=5, agsize=1965568 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=0 spinodes=0
data     =                       bsize=4096   blocks=7863296, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0 ftype=1
log      =internal               bsize=4096   blocks=3839, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
data blocks changed from 7863296 to 51903488
[root@localhost ~]#

Test

show current disk

[root@localhost ~]# df -Th
Filesystem              Type      Size  Used Avail Use% Mounted on
/dev/mapper/centos-root xfs       198G  1.1G  197G   1% /
devtmpfs                devtmpfs  3.9G     0  3.9G   0% /dev
tmpfs                   tmpfs     3.9G     0  3.9G   0% /dev/shm
tmpfs                   tmpfs     3.9G  8.5M  3.9G   1% /run
tmpfs                   tmpfs     3.9G     0  3.9G   0% /sys/fs/cgroup
/dev/sda1               xfs      1014M  142M  873M  14% /boot
tmpfs                   tmpfs     783M     0  783M   0% /run/user/1000
[root@localhost ~]# sumber : https://hendro-wibiksono.web.id/2020/04/10/cara-resize-vm-proxmox/

Jumat, 14 Februari 2025

Melihat charset pada pada database, table dan column di MySQL

SELECT SCHEMA_NAME, DEFAULT_CHARACTER_SET_NAME, DEFAULT_COLLATION_NAME
FROM information_schema.SCHEMATA;

SELECT TABLE_NAME
FROM information_schema.TABLES
WHERE TABLE_SCHEMA = 'sms';

SELECT TABLE_NAME, ENGINE, TABLE_COLLATION, TABLE_ROWS, DATA_LENGTH, INDEX_LENGTH
FROM information_schema.TABLES
WHERE TABLE_SCHEMA = 'sms';

SELECT COLUMN_NAME, CHARACTER_SET_NAME, COLLATION_NAME
FROM information_schema.COLUMNS
WHERE TABLE_SCHEMA = 'sms' AND TABLE_NAME = 'outbox';

Senin, 23 September 2024

Menambah Ukuran Partisi LVM di Ubuntu Server

Menambah Ukuran Partisi LVM di Ubuntu Server. Ketika saya melakukan instalasi Ubuntu Server dengan mode guided partitioning with LVM, ternyata ukuran partisi sistemnya nya hanya sekitar seperempat dari total kapasitas hardisk yang tersedia. Nah, di artikel ini saya akan sharing bagaimana cara menambah ukuran partisi di sistem, yang dalam kasus ini saya akan menggunakan seluruh sisa kapasitas yang belum terpakai.

Jika kalian tidak mengubah pengaturan default saat instalasi, nama logical group dan logical volumenya harusnya sama dengan screenshot diatas.

Untuk meresize partisi LVM di Ubuntu Server jalankan perintah

sudo lvextend -l +100%FREE /dev/ubuntu-vg/ubuntu-lv

resize2fs /dev/ubuntu-vg/ubuntu-lv

Sekarang cek lagi partisi sistem di Ubuntu kalian, harusnya sudah bertambah.

Oke itu saja artikel kali ini.

sumber : https://www.linuxsec.org/2020/08/menambah-ukuran-partisi-lvm-di-ubuntu.html

Senin, 05 Agustus 2024

Remove Server Name From Apache Response Header (Apache/xxx ) Ubuntu

1. Open Apache Config File

Open terminal and run the following command to open Apache main configuration file.

CentOS/Fedora:

$ sudo vi /etc/httpd/conf/httpd.conf

Ubuntu/Debian:

$ sudo vi /etc/apache2/apache2.conf

Bonus Read : How to Enable GZIP Compression in Apache

2. Turn Off Server Signature

Add/modify the following lines to hide server information in Apache.

ServerSignature Off
ServerTokens Prod

ServerSignature – appears at the bottom of server generated pages such as error pages, directory listings, etc. It takes On/Off/EMail values, where EMail shows a “mailto:” reference to Site Admin’s email.

ServerTokens – ServerTokens decides what Apache will send back in response headers. It takes the following values

ServerTokens Full (or not specified)
Response to clients: Server: Apache/2.4.2 (Unix) PHP/4.2.2 MyMod/1.2

ServerTokens Prod[uctOnly]
Response to clients: Server: Apache

ServerTokens Major
Response to clients: Server: Apache/2

ServerTokens Minor
Response to clients: Server: Apache/2.4

ServerTokens Min[imal]
Response to clients: Server: Apache/2.4.2

ServerTokens OS
Response to clients: Server: Apache/2.4.2 (Unix)

Bonus Read : How to Install mod_evasive in Apache

If you want to disable server signature in WordPress or turn off server signature in CPanel, then you will have to remove Apache server using .htaccess file, since you may not have access to Apache’s main configuration file.

Open CPanel, locate .htaccess file and edit it. Add the following 2 lines to .htaccess file

ServerSignature Off
ServerTokens Prod

Bonus Read : How to Move Apache Web Root to New Location

3. Restart Apache Server

Restart Apache Server to apply changes

$ sudo systemctl restart apache2 #SystemD
$ sudo service apache2 restart #SysVInit

Disable TLS 1.0 and 1.1 in Apache

Check Enabled SSL/TLS Versions

Online Tools

You can quickly check the versions of SSL/TLS your website supports by visiting CDN77’s TLS Checker and entering the domain name you’d like to check. As can be seen below, https://example.com currently disables SSL versions 2 and 3, but enables all versions of TLS (including the deprecated TLS 1.1 and 1.0):

Nmap

You can also check for the SSL/TLS versions and ciphers supported by a website with the open-source nmap command-line tool:

nmap --script ssl-enum-ciphers -p <PORT> <DOMAIN NAME>

The default port for SSL/TLS is 443

. The command below will generate a report for example.com:

$ nmap --script ssl-enum-ciphers -p 443 example.com

Starting Nmap 7.80 ( https://nmap.org ) at 2020-08-25 13:10 EDT

Nmap scan report for example.com (93.184.216.34)

Host is up (0.031s latency).

Other addresses for example.com (not scanned): 2606:2800:220:1:248:1893:25c8:1946

PORT STATE SERVICE

443/tcp open https

| ssl-enum-ciphers:

| TLSv1.0:

| ciphers:

| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A

| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A

| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A

| TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A

| compressors:

| NULL

| cipher preference: server

| TLSv1.1:

| ciphers:

| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A

| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A

| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A

| TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A

| compressors:

| NULL

| cipher preference: server

| TLSv1.2:

| ciphers:

| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A

| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A

| TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A

| TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A

| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A

| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A

| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A

| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A

| TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A

| TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A

| TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A

| TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A

| TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A

| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A

| TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 2048) - A

| TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A

| compressors:

| NULL

| cipher preference: server

|_ least strength: A

Nmap done: 1 IP address (1 host up) scanned in 3.88 seconds

Server Configuration

Apache

To disable TLS 1.0 and 1.1 in Apache, you will need to edit the configuration file containing the SSLProtocol

directive for your website. This file may be located in different places depending on your platform, version, or other installation details. Some possible locations are:

/usr/local/apache2/conf/extra/httpd-ssl.conf
(default Apache installation)
/etc/apache2/mods-enabled/ssl.conf
(Ubuntu/Debian)
/private/etc/apache2/extra/httpd-ssl.conf
(macOS)

When you have located the correct configuration file, look for a line beginning with SSLProtocol

. This example, from a default macOS Apache installation, disables SSLv3 with the operator but enables TLS 1.0 and 1.1:

SSLProtocol all -SSLv3

You can disable all obsolete versions of SSL/TLS supported by Apache by specifying them as follows:

SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1

The configuration above enables TLS 1.2, as well as TLS 1.3 if it is available in your environment.

Apache and Virtual Hosts

Apache can run more than one web site on a single server. These virtual hosts may be based on IP number, port, or domain name, and may include settings that override the base configuraton for Apache. For this reason, you should check the settings for each virtual host in your configuration files, especially if your changes to the base SSL/TLS configuration do not seem to be working.

For versions of Apache prior to 2.4.42 (built/linked against OpenSSL before 1.1.1), it was not possible to specify different SSL/TLS protocols for name-based virtual hosts sharing the same base IP number and port – the SSLProtocol

of the first virtual host was applied to all others. Beginning with Apache 2.4.42/OpenSSL 1.1.1, the SSLProtocol of each name-based virtual host is honored when the Server Name Indication (SNI) is provided by the client during the SSL/TLS handshake.

Once you have made your configuration changes, reload Apache to put them into effect. For more information on the SSLProtocol directive, please refer to Apache’s documentation.

sumber : https://www.ssl.com/guide/disable-tls-1-0-and-1-1-apache-nginx/

Selasa, 09 Juli 2024

Membaca HDD eksternal dengan format NTFS di linux ubuntu server

biasanya terjadi pada linux ubuntu server under 22.04 ketika membaca HDD ekternal dengan format NTFS (Windows)

$sudo apt-get install exfat-fuse exfat-utils

sumber : https://askubuntu.com/questions/100278/how-do-i-install-and-mount-an-exfat-partition

Senin, 08 Juli 2024

How to Disable Unattended Upgrades on Ubuntu 22.04

Steps to Disable Unattended Upgrades on Ubuntu

Follow these steps carefully to disable automatic updates on your Ubuntu system. This will give you full control over when and how updates are installed, which is crucial for managing dependencies and system stability, especially when you need to ensure that updates do not disrupt existing software configurations.

Disable the Unattended-Upgrades Service: The first step is to stop the unattended-upgrades service from running automatically.
```
$ sudo systemctl disable --now unattended-upgrades
```
This command stops the ‘unattended-upgrades’ service if it is currently running and prevents it from starting during the system boot. Disabling this service ensures that no upgrades are applied without your intervention.
Edit the 20auto-upgrades File: To take control over the automatic installation of updates, modify the apt configuration file.
```
$ sudo nano /etc/apt/apt.conf.d/20auto-upgrades
```
You need to insert or update the following lines:
```
APT::Periodic::Update-Package-Lists "1"; 
// "1" enables, "0" disables automatic checking for new packages 
```
```
APT::Periodic::Unattended-Upgrade "0"; 
// Setting to "0" disables automatic installations
```
This configuration ensures the package lists are still updated regularly if set to 1 (useful for manual upgrades), but prevents any updates from being installed automatically by setting Unattended-Upgrade to 0. To completely disable automatic checking for updates, change APT::Periodic::Update-Package-Lists to 0. This stops your system from even checking for new updates automatically, thereby requiring you to manually check and update your packages to maintain system security and performance.
Disabled unattended upgrades in 20auto-upgrades File
Adjust the 50unattended-upgrades File (Optional): For finer control or to disable certain types of updates, modify the 50unattended-upgrades file.
```
$ sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
```
You can comment out lines corresponding to the types of updates you do not want automatically installed, such as:
```
// "${distro_id}:${distro_codename}-updates";
```
By commenting out these lines, you prevent automatic updates from these repositories, though manual updates are still possible.
Verify Changes: Ensure that automatic updates are disabled.
```
$ systemctl status unattended-upgrades
```
This command checks the status of the unattended-upgrades service. It should report “inactive (disabled)” if the service is properly disabled.
```
$ cat /etc/apt/apt.conf.d/20auto-upgrades
```
This will display the current configuration of the 20auto-upgrades file to verify that unattended upgrades are disabled.

Verify that unattended upgrades had been disabled

Understanding Update Management Files in Ubuntu

It’s important to understand the roles and differences between the 10periodic, 20auto-upgrades, and 50unattended-upgrades configuration files in Ubuntu. These files dictate how automatic updates should be handled by the system, but each serves a distinct purpose:

10periodic

This file is used to configure how frequently the package lists are updated and how often the script checks for upgrades. The settings in this file are more about scheduling the timing of update checks and the cleanup operations:

APT::Periodic::Update-Package-Lists: This option schedules the update of the package lists (how often the system checks for new packages).
APT::Periodic::Download-Upgradeable-Packages: Schedules how often to download upgradable packages.
APT::Periodic::AutocleanInterval: Defines how often the package cache is cleaned.

20auto-upgrades

This file specifically controls the automatic installation of updates. It is more focused than 10periodic and directly influences whether updates are applied automatically:

APT::Periodic::Update-Package-Lists: Similar to 10periodic, it controls the frequency of checking for updates.
APT::Periodic::Unattended-Upgrade: This crucial setting determines whether updates are installed automatically without user intervention.

50unattended-upgrades

Unlike the previous files, 50unattended-upgrades provides granular control over which types of updates are applied automatically. It allows specifying security updates or other updates from specific repositories to be included or excluded from automatic upgrades. Configuration here is primarily about inclusion and exclusion rules for updates, specifying from which origins updates should be automatically installed.

Understanding these files and their configurations helps in effectively managing system updates according to your needs, providing a balance between automation and manual control. This knowledge is crucial for customizing the update behavior of your Ubuntu system to fit your requirements.

Conclusion

By following the steps outlined above, you will have successfully disabled unattended upgrades on your Ubuntu system. This change allows you to manually control when updates are applied, preventing unexpected changes and potential software conflicts. Regularly check for updates to maintain system security and stability, and apply them at your discretion.

sumber : https://linuxconfig.org/disable-automatic-updates-on-ubuntu-22-04-jammy-jellyfish-linux