Clay

I am Clay who is the main writer for this website. I own a small web hosting company in Malaysia and i'm available to be hired as individual contractor on elance or odesk. You can find me on twitter.

Installing avconv from source in Ubuntu

This is pretty interesting as avconv is a pretty sensitive fellow. If you do this wrongly, your avconv is pretty much not workable no matter how you are going to spin this. Hence, i do myself a favour and write this up instead. Now, before i began, let me explain what version of Ubuntu i am using. I am on Ubuntu 12.04.5 LTS and if i do the following from repo

sudo apt-get install ffmpeg libav-tools

I will be getting myself avcon version 8.x.x since i am on a older version of Ubuntu. Hence, the installed of avcon from source.

Removing older avconv or ffmpeg

Before we do anything at all, we need to remove the older version of avcon.

apt-get remove --purge libav-tools

and this will remove the built in avconv that you might have installed

Installing prerequisite files

Now, fire the below command to install everything you may need for your avconv compilation 

apt-get install build-essential
apt-get install yasm
apt-get install libfdk-aac-dev
apt-get install libx264-dev

Once you have done that, we are good to go!

Installing avconv from source

I am going to install avconv version 11 from libav.org. 

wget https://libav.org/releases/libav-11.6.tar.gz  --no-check-certificate
tar zxvf libav-11.6.tar.gz
cd libav-11.6/
./configure --enable-libvo-aacenc --enable-gpl --enable-nonfree --enable-version3 --enable-libx264 --enable-static --disable-shared
make && make install

After you have finished compilation (which takes some time), you are pretty much installed with the newer version of avconv! Not that tough right?

Setup OpenVPN on Proxmox LXC

Following the previous tutorial of setting up LXC, now i would like to setup my OpenVPN into Proxmox LXC container!

Adding Dev/Tun into LXC

On the host machine, we need to enable Tun for OpenvVPN on our LXC machine, go to the path /var/lib/lxc/xxx/config or /etc/pve/lxc/xxx.conf and add the following to the last line,

lxc.cgroup.devices.allow = c 10:200 rwm
lxc.hook.autodev = sh -c "modprobe tun; cd ${LXC_ROOTFS_MOUNT}/dev; mkdir net; mknod net/tun c 10 200; chmod 0666 net/tun"

and that's all we need to do. restart the lxc container.

Adding tun file into LXC container

Now login to your LXC container and fire the following command,

cd /dev
mkdir net
mknod net/tun c 10 200
chmod 0666 net/tun

this will create the net/tun directory and file, restart the machine and we are good to go!

Install OpenVPN on Proxmox LXC

Installing OpenVPN can never be easier in just 5 minutes which i wrote previously. But i will just summarise here, all you need to do is to fire the following into your LXC using NoVNC or SSH,

wget git.io/vpn --no-check-certificate -O ~/openvpn-install.sh; bash openvpn-install.sh

Follow all the instruction and we are good to go! And remember to port forward port 1194 and 53!

-A PREROUTING -i vmbr1 -p tcp -m tcp --dport 53 -j DNAT --to-destination 192.168.100.2:53
-A PREROUTING -i vmbr1 -p udp -m udp --dport 1194 -j DNAT --to-destination 192.168.100.2:1194
-A PREROUTING -i vmbr1 -p tcp -m tcp --dport 1194 -j DNAT --to-destination 192.168.100.2:1194

List of Proxmox important configuration files directory

Ok, this is it, there are many times when i need to find the path to certain configuration regardless of Proxmox or LXC or KVM or OpenVZ configuration file and i always need to 'remember' where it is and if you do this daily in and out, you might have an idea, if not, this is just another digging the web task! How about recording all these down for me instead? Hence, here are all the important path for anyone who needs it when dealing with Proxmox!

=== OpenVZ Section ===

config: /etc/vz/conf/xxx.conf
data: /var/lib/vz/root/xxx
template: /var/lib/vz/template/cache
snapshot: /var/lib/vz/dump
OpenVZ config: /etc/vz/vz.conf

=== KVM Section ===

config: /etc/pve/qemu-server/xxx.conf
data: /var/lib/vz/images/xxx
template: /var/lib/vz/template/iso
snapshot: /var/lib/vz/dump


=== LXC Section ===

config: /var/lib/lxc/xxx/config
data: /var/lib/vz/images/xxx
template: /var/lib/vz/template/cache
snapshot: /var/lib/vz/dump

=== Cluster Section ===
config: /etc/pve/cluster.conf
nodes vm config: /etc/pve/nodes/xxx/xxx/qemu-server/xxx.conf
=== Files ===

 corosync.conf  => corosync/cman cluster configuration file (previous to PVE 4.x this file was called cluster.conf)
 storage.cfg   => PVE storage configuration
 user.cfg      => PVE access control configuration (users/groups/...)
 domains.cfg   => PVE Authentication domains 
 authkey.pub   => public key used by ticket system

 priv/shadow.cfg  => shadow password file
 priv/authkey.key => private key used by ticket system

 nodes/${NAME}/pve-ssl.pem                 => public ssl key for web server
 nodes/${NAME}/priv/pve-ssl.key            => private ssl key
 nodes/${NAME}/qemu-server/${VMID}.conf    => VM configuration data for KVM VMs
 nodes/${NAME}/openvz/${VMID}.conf         => VM configuratin data for OpenVZ containers

=== Symbolic links ===

 local => nodes/${LOCALNAME}
 qemu-server => nodes/${LOCALNAME}/qemu-server/
 openvz => nodes/${LOCALNAME}/openvz/

=== Special status files for debugging (JSON) ===

 .version    => file versions (to detect file modifications)
 .members    => Info about cluster members
 .vmlist     => List of all VMs
 .clusterlog => Cluster log (last 50 entries)
 .rrd        => RRD data (most recent entries)


=== Enable/Disable debugging ====

 # enable verbose syslog messages
 echo "1" >/etc/pve/.debug 

 # disable verbose syslog messages
 echo "0" >/etc/pve/.debug

more info. You are welcome.

Setup LXC and Nat on Proxmox

The latest Proxmox 4.0 no longer support OpenVZ and we are met with LXC, Linux Container, which is kinda the next thing. But how do we setup a NAT on a LXC? Is it different from the original OpenVZ. Well, its kinda the same. But i will cut the bullshit here and goes straight to the objective. Here, we will try to create a LXC container in Proxmox and allow the same public ip to connect to the LXC container, in and out.

Installing LXC Container on Proxmox

First let's setup a container, let's create a Ubuntu container by selecting the template.

Screen Shot 2016-03-13 at 4.11.51 AM

Once we selected, let's setup the network area, take note that i have the internet bridge of vmbr1 (which will need to be change later). Do take note that /24 meaning your submask is 255.255.255.0 and the Gateway should really be what you have set on your vmbr1 (which is also your bridge network to all your NAT container). In this case, mine is 192.168.100.1
Screen Shot 2016-03-13 at 4.12.33 AM

I am giving my LXC container the local ip of 192.168.100.6, just ignore the /24 for now. And setup the DNS

Screen Shot 2016-03-13 at 4.16.01 AM

And we are all done, now starts the machine and we are ready to go!

Setup NAT on Proxmox

Now this is the important part, we have 2 things to do, the first setup a new network on /etc/network/interface as show below,

auto vmbr2
#private sub network
iface vmbr2 inet static
        address  192.168.100.1
        netmask  255.255.255.0
        bridge_ports none
        bridge_stp off
        bridge_fd 0

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward
        post-up   iptables -t nat -A POSTROUTING -s '192.168.100.0/24' -o vmbr1 -j MASQUERADE
        post-down iptables -t nat -D POSTROUTING -s '192.168.100.0/24' -o vmbr1 -j MASQUERADE

Do take note that i have added the above so that my container will have internet for all ip within the range of 192.168.100.0/24 (1-255). Now restart the network

/etc/init.d/networking restart

after restarting update the LXC container to use vmbr2.
Screen Shot 2016-03-13 at 4.20.57 AM
Now access your LXC container via NoVNC (Chrome or Firefox) and you should be able to connect to the internet!
Screen Shot 2016-03-13 at 4.23.04 AM

Allow outside connect to LXC

Although you have internet, you will notice that you are not allow to connect to your LXC machine, this is because you did not allow outside to connect to your LXC container. In order to do that, you will need to add stuff into your iptables, add these to your host machine,

#port forward port 2222 to our LXC machine port 22 so we could ssh
iptables -A PREROUTING -i vmbr1 -p tcp -m tcp --dport 2222 -j DNAT --to-destination 192.168.100.6:22
#we did the below just now on network interface config
iptables -A POSTROUTING -s 192.168.100.0/24 -o vmbr1 -j MASQUERADE
#this allows outside to connect to your LXC machines
iptables -A POSTROUTING -s 192.168.100.0/24 -o vmbr1 -j SNAT --to-source 45.125.192.250

What we did on the vmbr2 just now is shown above, if you do not want to add that on the interface section, just do it here. Once you've done that, you should be able to ssh into your LXC container as well! All good!

Docker MariaDB + MySQL + PHP FPM + Nginx Reverse Proxy + Nginx WordPress + PhpMyAdmin Setup

Ok, im migrating this website to another server using docker. This is how i setup my multi site with Docker Nginx and MariaDB or MySQL if you wonder. Here is what i did,

Install MariaDB / MySQL

Look for MariaDB on the offical Docker hub, we are going to install the one below,

docker run --restart=always --name mariadb -v /root/mysql:/var/lib/mysql -v /root/mysql/conf.d:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=PassWord10 -d mariadb:latest

So all our data record are located at /root/mysql with the root password as shown above using the 'latest' tag for the latest mariadb.

Install PhpMyAdmin

Now i need to manage my MySQL externally so im going to install PhpMyAdmin using the official Docker hub image i create an image with the name phpmyadmin.

docker run --restart=always --name phpmyadmin -d --link mariadb:db -p 8080:8080 phpmyadmin/phpmyadmin

The creates a phpmyadmin that links to my mariadb container using port 8080. Hence, if you are going to visit phpmyadmin, just head over to localhost:8080

Install Nginx Reverse Proxy

As for reverse proxy im using one of the open image

docker run -d -p 80:80 -p 443:443 --restart=always --name proxy -v /root/nginx/htpasswd:/etc/nginx/htpasswd -v /root/nginx/ssl:/etc/nginx/certs  -v /var/run/docker.sock:/tmp/docker.sock:ro  jwilder/nginx-proxy

This creates a few folder on my host machine so i could manage my virtual host and open up both port 80 and 443 for SSL enabled website.

Now to generate SSL into /root/nginx/ssl i use the following

openssl req -x509 -newkey rsa:2048 -keyout default.key -out default.crt-days 9999

and our virtual host should be able to support SSL on port 443

Install PHP+FPM

So i need PHP+FPM, hence, i added the container below using the image from the offical php but with my own DockerFile but you can use mine as shown below,


docker run -it --restart=always --name phpfpm --link mariadb:mysqlip -v /root/www:/home claylua/phpfpm

well, i keep the default name of phpfpm and i keep the dockerfile in my github.

Install Nginx

Now i need to install WordPress but before that i will need a web server and im using Nginx in this case, using the official nginx image, i run a subdomain of hungred.com

docker run 
-e VIRTUAL_HOST=test.hungred.com,www.test.hungred.com
--restart=always 
--name test.hungred.com 
--link mariadb:mysqlip 
--link phpfpm:phpfpm 
-v /root/nginx/conf.d/test.hungred.com:/etc/nginx/conf.d 
-v /root/nginx/ssl/test.hungred.com:/etc/nginx/ssl
-v /root/nginx/conf/test.hungred.com/nginx.conf:/etc/nginx/nginx.conf:ro 
-v /root/www/test.hungred.com:/home/test.hungred.com:ro 
-d -p 10295:80 nginx

Take note that the port should be different and can be anything with the path to the host at your own discrete. For each path, i am trying to create a custom installation for the web server folder and nginx configuration. Hence, for each nginx configuration on your host, do add the following nginx.conf into the path you have specific above.

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

After this we will need to do a proxy for all php files to the phpfpm container we just created previously. head over to /root/nginx/sites-available/test.hungred.com and create a new file call default and paste the following code

server {
    listen       80;
    listen 443 ssl;
    server_name  test.hungred.com;

    root   /home/test.hungred.com/;

    location / {
        index  index.html index.htm index.php;
        try_files $uri /index.php$is_args$args;
    }

    location ~ \.php$ {
            include fastcgi_params;
            fastcgi_pass  phpfpm:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
    }
}

And since our php files is located at /var/www/test.hungred.com/ we will just place everything there for all our php request.

Test it!

Now once you are done with the above, start all your container, restart your server, and whatever you do, make sure that everything still works perfectly for you!

*** UPDATE ***

In case you are wondering where i host my website, i am currently hosting with Digital Ocean, using their 512MB node, highly recommended and very stable so far as compare to other provider i have been with. You can choose Vulr as well, which provides you higher memory and disk space with many other options to help yous ave cost.