How to move all cPanel accounts to new server via command line

This is a short how-to tutorial to migrate or transfer all cPanel accounts from my old 1.5TB server to another new SSD server through command line.

Backup all cPanel accounts

i am assuming, you know what you want, so we have to first backup all the cPanel accounts in our old system using the following command

ls /var/cpanel/users | while read a; do
/scripts/pkgacct $a
done

remember to screen first before doing the above, as this might take a while if there is a lot of accounts in your machine.

Transfer all cPanel accounts

now, we need to transfer all the cPanel accounts from our old server to the new ones. Notice the pkgacct script generate all the cpmove file on /home directory, use the command below,

bash-4.1# rsync -av --progress /home/*.tar.gz [email protected]:/home

where 192.168.0.2 is your new server. Now, all the files are transferring to our new server!

Restore all cPanel accounts

Finally, in our new server, fire the following command,

ls /home/ | awk -F'[-.]' '{print $2}' | while read a; do
/scripts/killacct --user=$a
/scripts/restorepkg $a
done

similarly, remmeber to screen first before doing the above.

Change new server ip address

You might want to change the ip address of your new server to the old ones. Do the following,

To change the server's main IP address, perform the following steps:
Open the /etc/sysconfig/network-scripts/ifcfg-eth0 file with a text editor.
Edit the IPADDR and GATEWAY lines to use the IP address and gateway of your old server.
Open the /etc/ips file with a text editor.
Add your old server's primary IP address, net mask, and gateway to the file.
Note:
Remove the new server’s primary IP address from this file if it is present.
Restart the network service with the following commands:
For CentOS, CloudLinux™, and Red Hat® Enterprise Linux (RHEL) 6 and earlier, and Amazon Linux, run the service network restart command.
Note:
Amazon Linux always runs in a NAT configuration. 
 
For CentOS, CloudLinux, and RHEL 7 and later, run the systemctl restart network command.
Run the /scripts/mainipcheck command to add the IP address to the /var/cpanel/mainip file.
Run the /scripts/fixetchosts command to add the IP address and hostname of your server to the /etc/hosts file.

and you should be good to go. Test it out and enjoy your new environment!

Share

Using Command line to start, stop or reboot remote server with iDrac racadm

I've always like to set my Dell iDrac network management ip to a private one as compared to a public ones. However, when a dell server is causing a problem, i might not be able to access the server web interface since its an internal ip and the server might not be able to connect directly via ssh. In this case, how do i reboot the server without calling help from the datacenter? Apparently, there is a tool call racadm which can be used to assist such incident.

If you have access to the other network servers where you can still ping the dell iDrac private ip, you can fire the following commands to ensure that your server will reboot itself.

racadm -u ADMIN -p ADMIN -r 192.168.0.123 serveraction hardreset

In the above, case, i am connect to the idrac 192.168.0.123 and login with the ADMIN and password ADMIN to do a 'serveraction' with a hardreset. You can specifies the action. The options for the string are:

  • powerdown – Powers down the server module.
  • powerup – Powers up the server module.
  • powercycle – Issues a power-cycle to the server module.
  • hardreset – Issues a hard reset to the server module.

But do remember to install OpenManage or racadm on your server or else you are on your own! For more options available using racadm visit their doc page.

Share

Easy Setup OpenVPN in 5 minutes with Debian or Centos or Ubuntu

Ok, i bet some times you will want to setup OpenVPN real quick in less than 5 minutes but have to go through with a lot of instruction and it might not work! Especially if you are on a VPS! Now let me explain how i did it in 5 minutes thanks to Nyr. If you are installing this on an OpenVZ machine, please update your host file as instructed at the bottom of this article, if you are not, just continue reading by firing up a VPS machine or a physical machine and fire the following instruction.


wget git.io/vpn --no-check-certificate -O ~/openvpn-install.sh; bash openvpn-install.sh

regardless of Debian, Centos or Ubuntu, this will work fine! Now, the script will ask you a few questions and starts installing

Welcome to this quick OpenVPN "road warrior" installer

I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them

First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 192.168.100.99

What port do you want for OpenVPN?
Port: 1194

Do you want OpenVPN to be available at port 53 too?
This can be useful to connect under restrictive networks
Listen at port 53 [y/n]: y

Do you want to enable internal networking for the VPN?
This can allow VPN clients to communicate between them
Allow internal networking [y/n]: y

What DNS do you want to use with the VPN?
   1) Current system resolvers
   2) OpenDNS
   3) Level 3
   4) NTT
   5) Hurricane Electric
   6) Yandex
DNS [1-6]: 2

Finally, tell me your name for the client cert
Please, use one word only, no special characters
Client name: example

I am installing OpenVPN in a OpenVZ machine. Therefore, i am throwing in the private ip of the machine instead of the public ones. Once the script finish installing and setup, it will ask you the following questions,

If your server is NATed (LowEndSpirit), I need to know the external IP
If that's not the case, just ignore this and leave the next field blank
External IP: 23.132.16.23

Finished!

Your client config is available at ~/cluster.ovpn
If you want to add more clients, you simply need to run this script another time!

And you will get a user ovpn file to install it into your computer! Now, if you would like to add more user, do the following

bash ~/openvpn-install.sh

and you will see the following screen.

Looks like OpenVPN is already installed
What do you want to do?

1) Add a cert for a new user
2) Revoke existing user cert
3) Remove OpenVPN
4) Exit

Select an option [1-4]:

This is specially easy for anyone to just setup your OpenVPN machine in less than 5 minutes and furthermore, you can easily config more users using the same old script. Pretty neat stuff if you asked me!

Installing OpenVPN in OpenVZ

Now, there are a few more things to do if you are in an OpenVZ, on the host machine, you might want to add the following criteria so that iptables is available and internet is forwarding to your client.

at the bottom of /etc/vz/vz.conf you will see the following configuration

## Defaults for containers
VE_ROOT=/var/lib/vz/root/$VEID
VE_PRIVATE=/var/lib/vz/private/$VEID

## Filesystem layout for new CTs: either simfs (default) or ploop
#VE_LAYOUT=ploop

## Load vzwdog module
VZWDOG="no"

## IPv4 iptables kernel modules to be enabled in CTs by default
IPTABLES="ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length"
## IPv4 iptables kernel modules to be loaded by init.d/vz script
IPTABLES_MODULES="$IPTABLES"

## Enable IPv6
IPV6="yes"

## IPv6 ip6tables kernel modules
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"

change it to the following

## Defaults for containers
VE_ROOT=/var/lib/vz/root/$VEID
VE_PRIVATE=/var/lib/vz/private/$VEID

## Filesystem layout for new CTs: either simfs (default) or ploop
#VE_LAYOUT=ploop

## Load vzwdog module
VZWDOG="no"

## IPv4 iptables kernel modules to be enabled in CTs by default
#IPTABLES="ipt_REDIRECT ipt_LOG ipt_state ipt_recent xt_connlimit ipt_owner iptable_nat ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length"
## IPv4 iptables kernel modules to be loaded by init.d/vz script
#IPTABLES_MODULES="$IPTABLES"

## Enable IPv6
#IPV6="yes"

## IPv6 ip6tables kernel modules
#IP6TABLES="ip6t_REDIRECT ip6t_REJECT ip6t_tos ip6t_limit ip6t_multiport ip6t_TCPMSS ip6t_tcpmss ip6t_ttl ip6t_length ip6t_LOG ip6t_state ip6t_recent xt_connlimit ip6t_owner ip6table_nat ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"

## IPv4 iptables kernel modules to be enabled in CTs by default
IPTABLES="ipt_REDIRECT ipt_owner ipt_recent iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc ipt_state iptable_nat"
## IPv4 iptables kernel modules to be loaded by init.d/vz script
IPTABLES_MODULES="$IPTABLES"

## Enable IPv6
IPV6="yes"

## IPv6 ip6tables kernel modules
IP6TABLES="ip6_tables ip6table_filter ip6table_mangle ip6t_REJECT"
SKIP_SYSCTL_SETUP=yes

and make sure ip forward is enable by going to /etc/sysctl.conf and update the following to '1'

# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
net.ipv4.conf.default.forwarding=1
net.ipv4.conf.all.forwarding=1

and make sure Tun/TAP is enable for your VPS

# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state

If you are not seeing the above, do the following on your host machine,

vzctl set 101 --devnodes net/tun:rw --save
vzctl set 101 --devices c:10:200:rw --save 
vzctl stop 101 
vzctl set 101 --capability net_admin:on --save
vzctl start 101 
vzctl exec 101 mkdir -p /dev/net
vzctl exec 101 chmod 600 /dev/net/tun

Once you've done the above, then starts installing OpenVPN with the scripts by Nyr.

**UPDATE**
And remember to port forward port 1194 and 53!

-A PREROUTING -i vmbr1 -p tcp -m tcp --dport 53 -j DNAT --to-destination 192.168.100.2:53
-A PREROUTING -i vmbr1 -p udp -m udp --dport 1194 -j DNAT --to-destination 192.168.100.2:1194
-A PREROUTING -i vmbr1 -p tcp -m tcp --dport 1194 -j DNAT --to-destination 192.168.100.2:1194
Share

Easy Install nagios vshell on Centos

If you have setup your nagios on your server and you want to install vshell so that it looks better, just follow the guide here!

Download vShell

First thing you need to do is to download vshell

wget http://assets.nagios.com/downloads/exchange/nagiosvshell/vshell.tar.gz

you can do it anywhere as long as gets download

Install vShell

Now you need to install vshell

tar -zxvf vshell.tar.gz
cd vshell

Before you start installing, check your configuration

vi install.php

make sure that the path is correct

// ***********MODIFY THE DIRECTORY LOCATIONS BELOW TO MATCH YOUR NAGIOS INSTALL*********************

//target directory where vshell's web files will be stored  
define('TARGETDIR',"/usr/local/vshell");
//target directory where your current apache configuration directory is located
define('APACHECONF',"/etc/httpd/conf.d");
//default for ubuntu/debian installs 
//define('APACHECONF',"/etc/apache2/conf.d"); 

since i'm on centos and installed with apache, mine is by default correct! So all i did was installing this way

./install.php

And done! you can access your vshell similar to nagios by typing http://localhost/vshell

Screen Shot 2015-03-30 at 7.06.43 PM

Important vShell path

There are a few things you need to know since everything above are quiet abstract.

/etc/httpd/conf.d/vshell.conf  #apache vshell setup
/etc/vshell.conf #vshell configuration

Now make sure that the vshell.conf file has the same as your nagios htpasswd.users or else you might not be able to login to vshell!

Troubleshooting

Once you done above, you might face a few problem like

Unable to login to vshell

Open up /etc/httpd/conf.d/vshell.conf and /etc/httpd/conf.d/nagios.conf
change your vshell.conf AuthUserFile to nagios.conf one
from

AuthUserFile /user/local/nagios/passwd

to

AuthUserFile /etc/nagios/passwd

above might vary but keep that in mind.

Unable to open '/usr/local/nagios/var/objects.cache' file!

Once you login you see the above error and you might want to open up the file /etc/vshell.conf and /etc/nagios/nagios.cfg and change vshell.conf from

; Full filesystem path to the Nagios object cache file
OBJECTSFILE = "/usr/local/nagios/var/objects.cache"

to

; Full filesystem path to the Nagios object cache file
OBJECTSFILE = "/var/log/nagios/objects.cache"

where the correct value should be the same as nagios one

Unable to open '/usr/local/nagios/var/status.dat' file!

Once you login you see the above error and you might want to open up the file /etc/vshell.conf and /etc/nagios/nagios.cfg and change vshell.conf from

; Full filesystem path to the Nagios status file
STATUSFILE = "/usr/local/nagios/var/status.dat"

to

; Full filesystem path to the Nagios status file
STATUSFILE = "/var/log/nagios/status.dat"

where the correct value should be the same as nagios one

Unable to open '/usr/local/nagios/etc/cgi.cfg' file!

Once you login you see the above error and you might want to open up the file /etc/vshell.conf and /etc/nagios/nagios.cfg and change vshell.conf from

; Full filesystem path to the Nagios CGI permissions configuration file
CGICFG = "/usr/local/nagios/etc/cgi.cfg"

to

; Full filesystem path to the Nagios CGI permissions configuration file
CGICFG = "/etc/nagios/cgi.cfg"

where the correct value should be the same as nagios one

Share

Easy Install Nagios in Centos 6 via yum

Ok, i used to write the longer version when i was still using Centos 5, recently i went back to the article and found out that there is actually a shorter way to setup EVERYTHING. So here i am writing a shorter version to setup nagios on centos 6.

Setup Nagios Server

This is the server that will have vshell and nagios web interface. All you have to do is to install epel-release for your centos

yum install -y epel-release

and starts install nagios via yum

yum install -y nagios nagios-devel nagios-plugins* gd gd-devel httpd php gcc glibc glibc-common openssl

Now we need to make sure nagiosadmin is our username and password is set

htpasswd -c /etc/nagios/passwd nagiosadmin

which you can setup all the configuration at /etc/nagios/cgi.cfg and if you would like to change the configuration on apache, it is located at /etc/httpd/conf.d/nagios.conf

Once you have installed nagios, remember to startup nagios and apache whenever you restart!

service httpd restart
chkconfig httpd on

service nagios restart
chkconfig nagios on

and you can access it via http://localhost/nagios with username and password you have just setup above!!! Pretty easy ya!

Screen Shot 2015-03-30 at 6.38.04 PM

Now you might want to install nrpe on each server you wish to monitor next,

Installing nrpe with nagios-plugins on each server

Now, you really want to just have all these in yum when you have like 20 servers? It will be a nightmare if you just build all these by source (which i did last time instead of writing a scripts, yeah i'm dumb, i know). All you need to do via yum is

yum install nrpe nagios-plugins-all

And configure nrpe via

vi /etc/nagios/nrpe.cfg

adding your nagios ip into it so that your nagios server is allowed to penetrate each 'slave' you have lol.

allowed_hosts=127.0.0.1, 192.168.1.110

Now all you need to do is to setup all the services you wish to let your man to do on your 'slaves'.

command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200 

and these can be setup at the same path as /etc/nagios/nrpe.cfg and you should be able to add more 'action' to it if you want.

and remember to setup nrpe to run on startup

service nrpe start
chkconfig nrpe on
Share