Thursday, October 24, 2013

Apache in Ampps cannot start after upgrade to Mavericks

After upgrade to Mavericks, Ampps doesn't ask for your password any more and you simply can not start Apache. MySql is fine. If you try start apache in terminal: bash /Applications/AMPPS/apache/bin/apachectl start you will get: (13)Permission denied: make_sock: could not bind to address [::]:80 (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down The trick is to use sudo bash sudo /Applications/AMPPS/apache/bin/apachectl start will get your Apache started, but you need use bash /Applications/AMPPS/apache/bin/apachectl stop to stop it. Then you can use automator to make this command as an application. Have fun!

Wednesday, October 23, 2013

Amazon AWS: EC2 FTP server using S3 as the backend - CodeProject

Amazon AWS: EC2 FTP server using S3 as the backend - CodeProject


Introduction

After reading this article, you will be able to setup an FTP server on an EC2 instance, that uploads/downloads content directly to/from S3.

Background 

In an effort to reduce operational overhead, I was looking for a solution to leverage Amazon Web Services to create an FTP server that would use S3 as the backend for storage.  The current hosting facility 'bundles' services, of which bandwidth utilization is the highest price.  Since there is no charge for inbound data transfer into S3 it makes sense to go this route.  However, after spending several days looking for a detailed solution on how correctly set this configuration up, I went on my own and worked it out.  Below are the steps I took: 

Step 1: Setting up the EC2 instance

Configure the EC2 security group

 Before you launch your EC2 instances, I recommend creating a new security group.  Use the following settings: 
TCP Port(s) Range IP Range Comment 
20-21 0.0.0.0/0 FTP ports 
15393 - 15592 0.0.0.0/0 Passive port range 
22   SSH port (we'll remove this later) 
1234546    Port you'll change ssh connection to  
80   0.0.0.0/0  If you are running  a web server   
NOTE: I like to setup a non-default SSH port (in this case 123456) to use once the system is setup.  Since the server will be open to the world, changing the ssh port will help to lock down the system and prevent some intrusion attacks. After finishing the setup, we'll remove port 22 from the security group. 
Add in any other monitoring ICMP or UDP ports as well. 

Launch an EC2 instance 

Launch an Ubuntu 12.04 LTS instance, using the newly created security group from above. 

Step 2: Mounting S3 onto the instance  

We'll need some 3rd party tools to correctly mount an S3 bucket to the server.  I've compiled this information from a number of sites as well as my own trial and error.  I must give credit to
and 
Without these sites, I would have never been able to get this working! 

Update the apt repositories 

Connect to your newly launched EC2 instance, change to the root user, and run the following commands:
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb http://us.archive.ubuntu.com/ubuntu/ lucid universe' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb-src http://us.archive.ubuntu.com/ubuntu/ lucid universe' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates universe' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates universe' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb http://us.archive.ubuntu.com/ubuntu/ lucid multiverse' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb-src http://us.archive.ubuntu.com/ubuntu/ lucid multiverse' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates multiverse' >> /etc/apt/sources.list
root@ip-xxx-xxx-xxx-xxx:~# echo 'deb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates multiverse' >> /etc/apt/sources.list 

 Update apt

root@ip-xxx-xxx-xxx-xxx:~# sudo apt-get update 

Install required dependencies 

root@ip-xxx-xxx-xxx-xxx:~#  sudo apt-get -y install build-essential 
        libfuse-dev fuse-utils libcurl4-openssl-dev libxml2-dev mime-support make

Get and install s3fs 

root@ip-xxx-xxx-xxx-xxx:~# mkdir /software
root@ip-xxx-xxx-xxx-xxx:~# cd /software
root@ip-xxx-xxx-xxx-xxx:~# wget http://s3fs.googlecode.com/files/s3fs-1.61.tar.gz
root@ip-xxx-xxx-xxx-xxx:~# tar xvzf s3fs-1.61.tar.gz
root@ip-xxx-xxx-xxx-xxx:~# cd s3fs-1.61
root@ip-xxx-xxx-xxx-xxx:~# ./configure --prefix=/usr
root@ip-xxx-xxx-xxx-xxx:~# make
root@ip-xxx-xxx-xxx-xxx:~# make install
root@ip-xxx-xxx-xxx-xxx:~# touch /etc/passwd-s3fs && chmod 640 /etc/passwd-s3fs && echo 'AccessKey:SecretKey' > /etc/passwd-s3fs
Note:  Replace AccessKey:SecretKey with your Amazon AWS keys accordingly. 

Create the mount location, and mount the S3 bucket 

root@ip-xxx-xxx-xxx-xxx:~# mkdir -p /mnt/ftp
root@ip-xxx-xxx-xxx-xxx:~# /usr/bin/s3fs -o allow_other -o 
     default_acl="public-read" -o use_rrs=1  /str/ftp 
  • Note 1: The bucket must exist before mounting.
  • Note 2: the default_acl settings will set everything to public read.  For acl options please see the s3fs man pages.
  • Note 3: use_rss will set everything that is uploaded to reduced_redundancy (which will save you some money!)
  • Note 4: You might need to chmod directories and stuff (mine have been set already and I don't remember what I did!)
Step 3: Setting up vsftpd
Now we'll need to install and configure vsftpd (credit for this goes to Chris Hough for his response onhttp://askubuntu.com/questions/239239/ubuntu-12-04-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot).

Update repository listing and apt

root@ip-xxx-xxx-xxx-xxx:~# add-apt-repository ppa:thefrontiergroup/vsftpd
root@ip-xxx-xxx-xxx-xxx:~# apt-get update 

Install vsftpd

root@ip-xxx-xxx-xxx-xxx:~# apt-get -y install vsftpd 
Configure vsftpd.conf 
root@ip-xxx-xxx-xxx-xxx:~# cp vsftpd.conf vsftpd.conf.ORIGINAL (just to make a backup incase you need it.)
root@ip-xxx-xxx-xxx-xxx:~# vim vsftpd.conf
Use the following settings: 
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
dirmessage_enable=YES
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd
sa_cert_file=/etc/ssl/private/vsftpd.pem 
And add the following to the end of the file:
# Passive support
pasv_enable=yes
pasv_min_port=15393 # The start port range configured in the security group
pasv_max_port=15592 # The end port range configured int he security group
pasv_address=xxx.xxx.xxx.xxx # the public IP address of the FTP serv 
If you want to keep users jailed to their home directory (recommended) then add in the following as well:
# Keep non-chroot listed users jailed
allow_writeable_chroot=YES 

restart vsftpd

root@ip-xxx-xxx-xxx-xxx:~# service vsftpd restart 

Create local users to access FTP

Now that everything is setup, we need to create some users who will have access to use the FTP server. These users will be created on the local EC2 instance, but will have their home directory set to the mounted S3 bucket (or directories below the bucket). It is recommended to create sub-directories below the mounted S3 bucket, and use those as the home directory, so they will not have access to other users directories.

Create local users 

root@ip-xxx-xxx-xxx-xxx:~# useradd -d /str/ftp/ -s /sbin/nologin 
root@ip-xxx-xxx-xxx-xxx:~# passwd 
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully 

Update /etc/shells  

root@ip-xxx-xxx-xxx-xxx:~# echo '/sbin/nologin' >> /etc/shells 
Congratulations!  You can now connect to this server via FTP using any of the user/passwords created in step #4!

Change the SSH port   

To provide a bit of added security, we'll change the SSH port and remove it from the security group.

Update the sshd_config file 

root@ip-xxx-xxx-xxx-xxx:~# vim /etc/ssh/sshd_config
  1. Change the port to the non-default port you configured in the security group.
  2. If required, change PasswordAuthentication to yes.
  3. Restart ssh 
  4. root@ip-xxx-xxx-xxx-xxx:~# service ssh restart 
  5. Remove the rule for port 22 access from the security group.

Thursday, October 17, 2013

Install Apache 2.4, PHP 5.4 & APC on Amazon Linux EC2 - Coding Steps

Install Apache 2.4, PHP 5.4 & APC on Amazon Linux EC2 - Coding Steps

The following guide is a step by step tutorial on installing and configuring Apache 2.4, and PHP 5.4 (with APC) on an Amazon EC2 instance running Amazon Linux AMI. The procedure has been tested on Amazon Linux AMI, but should also apply in general to Fedora/Red Hat/CentOS distributions. Also, should you be interested in manually installing PHP APC straight from the PHP PECL library, please check this guide. A guide on installing the complete LAMP stack with MySQL is provided here.

1. Install Linux updates, set time zones, followed by GCC and Make

sudo yum -y update
sudo ln -sf /usr/share/zoneinfo/America/Indianapolis \
     /etc/localtime
sudo yum install -y gcc make gcc-c++

2. Install Apache 2.4 httpd, PHP 5.4 and PHP extensions

sudo yum install -y httpd24 php54
sudo yum install -y php54-devel php54-mysql php54-pdo php54-mbstring
sudo yum install -y php-pear 
sudo pear install Log
sudo yum install -y pcre-devel
sudo service httpd start

3. Install PHP APC module

sudo yum install -y php54-pecl-apc

4. Auto Start Apache in EC2 Amazon Linux

sudo /sbin/chkconfig --levels 235 httpd on
sudo service httpd restart

If this tutorial was helpful to you, then please do not forget to leave a comment, or two. :)


Install Apache, PHP, APC, & MySQL on Amazon EC2 with Amazon Linux AMI

    The following guide is a step by step guide on installing and configuring Apache, PHP (with APC) & MySQL (LAMP Stack) on an Amazon EC2 instance running Amazon Linux AMI. The procedure has been tested on Amazon Linux AMI, but should also apply in general to Fedora/Red Hat/CentOS distributions. Also, should you be interested in manually installing PHP APC straight from the PHP PECL library, please check this guide.

    1. Install Linux updates, set time zones, followed by GCC and Make

    sudo yum -y update
    sudo ln -sf /usr/share/zoneinfo/America/Indianapolis \
          /etc/localtime
    sudo yum install -y gcc make

    2. Install PHP and PHP extensions

    sudo yum install -y php
    sudo yum install -y php-devel php-mysql php-pdo
    sudo yum install -y php-pear php-mbstring
    sudo pear install Log
    sudo yum install -y pcre-devel

    3. Install Apache httpd

    sudo yum -y install httpd
    sudo service httpd start

    4. Install MySQL

    sudo yum -y install mysql-server mysql
    sudo service mysqld start
     ps:read the output from MySQL, do the secure install and set password

    5. Install PHP APC module

    sudo yum -y install httpd-devel
    sudo pecl install apc-beta
    echo "extension=apc.so" | sudo tee /etc/php.d/apc.ini
    Or Simply:
    sudo yum install -y php-pecl-apc

    6. MySQL Configuration

    sudo vi /etc/my.cnf
    [mysqld]
    ...
    skip-external-locking
    long_query_time=1
    slow_query_log
    slow_query_log_file=/var/log/log-slow-queries.log
    log-bin=mysql-bin
    server-id= 1
    ...
    [mysqld_safe]
    ...
    myisam_recover_options
    ...
    [mysqld]
    ...
    key_buffer_size = 128M
    max_allowed_packet = 3M
    table_open_cache = 64
    read_buffer_size = 2M
    read_rnd_buffer_size = 8M
    myisam_sort_buffer_size = 16M
    thread_cache_size = 8
    query_cache_size= 32M
    thread_concurrency = 8
    innodb_buffer_pool_size = 128M
    innodb_log_file_size = 32M
    innodb_additional_mem_pool_size = 8M
    innodb_log_buffer_size = 4M
    ...
    Log Slow Queries:
    sudo touch /var/log/log-slow-queries.log
    sudo chown mysql.mysql /var/log/log-slow-queries.log
    sudo /sbin/chkconfig --levels 235 mysqld on
    sudo service mysqld start

    7. PHP Configuration Changes in php.ini

    sudo nano /etc/php.ini
    expose_php = Off
    memory_limit = 128M
    date.timezone = America/Indianapolis
    Note: Location of error file
    /var/log/httpd/error.log

    8. Auto Start Apache in EC2 Amazon Linux

    sudo /sbin/chkconfig --levels 235 httpd on
    sudo service httpd start
    If this tutorial was helpful to you, then please do not forget to leave a comment, or two. :)

    How to install PHPMyAdmin on Linux EC2 instance?


    Do the following:
    1. Navigate to the apache folder
      cd /var/www/html
      
    2. Ensure ownership of the folder (assuming signed in with ec2-user)
      sudo chown ec2-user .
      
    3. Download phpMyAdmin
      wget http://www.sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.3/phpMyAdmin-4.0.3-all-languages.tar.bz2
      
    4. Unzip
      tar -jxf phpMyAdmin-4.0.3-all-languages.tar.bz2 -C /var/www/html
      
    5. Rename the folder
      mv phpMyAdmin-4.0.3-all-languages phpmyadmin
      
    6. Remove the zip file
      rm -rf phpMyAdmin-4.0.3-all-languages.tar.bz2
      
    That's the basics. You can find more info in the link provided above.

    You can find the latest version of phpMyAdmin here:http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/
    ps: to login phpMyAdmin, use your MySQL root username and password