Archive for the 'Server' Category

Use Adhearsion to check Asterisk

If you have a business depending on asterisk you need to be sure that everything is running. You could use Nagios or Monit to check if asterisk is running, but is it also working? What about your AGI Server? Is it doing what it’s supposed to do?

The best way to find out if this works would be to call and see if the call is accepted and if you get something back from your AGI server and you can do this with automatically with Adhearsion!

What you will need is a wav file containing a DTMF sequence. You can create one with Adobe Audition for example (aka Cooledit before Adobe took over). The Trial version is enough to create the DTMF. Use a 300ms pause at least the other settings didn’t really work for me. Also don’t forget to set your Asterisk server to dtmfmod=inband.

I created a new adhearsion project and used the Simon game as start of and modified it to look like this:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
methods_for :dialplan do
  def check_call
    CheckCall.new(self).start
  end
end
 
class CheckCall
 
  def initialize(call)
    @call = call
    @number='12345'
  end
 
  def start
    collect_attempt
    verify_attempt
  end
 
  def collect_attempt
    @attempt = @call.input @number.length,
      :timeout => 10.seconds    
  end
 
  def verify_attempt
    if attempt_correct? 
		# do something here
    else
		# do something else
    end
  end
 
  def attempt_correct?
    @attempt == @number
  end
 
end

What this does is check if the called server sent the DTMF sequence 12345 and if not it would do something.

You cold for example use growl and/or prowl for notification or use some SMS service for notification like lcx.at (I know, shameless self promotion).

Also don’t forget to activate drb in your adhersion project, do this in startup.rb

config.enable_asterisk
config.asterisk.enable_ami :host => "localhost", :username => "amiuser", :password => "amipassowrd", :events => true
 
config.enable_drb :host => "0.0.0.0", :deny => "0.0.0.0", :allow => ["127.0.0.1", "213.123.118.123"]

Ok now all we need is the script that triggers the call. This could look like this:

require 'drb'
@adhearsion = DRbObject.new_with_uri "druby://localhost:9050"
result = @adhearsion.originate({ :channel   => "SIP/....", 
                                 :context   => "checkcall", 
                                 :exten 	=> '4000',
                                 :priority  => 1,
                                 :callerid  => "43123456789",
                                 :async => 'true',                                     
                                 :variable  => "call_launcher=true|sleep_time=3600" })

So, this is it. I know this isn’t really a copy & paste howto, some things are missing but I don’t want to repeat things that can be read in the adhearsion documentation.
Oh, what I forgot to mention, I use a separate server which runs Asterisk to do the checks, the checks are NOT done form the same server I am checking, but I think this should be obvious.
If you need a VPS with this Setup, or need someone to verify your VoIP Servers, feel free to contact me!

The oldest hard-disk

Seems like I have one of the oldest, if not the oldest, hard disk in the world in one of my servers :)
Didn’t know they had SATA 136 years ago. old_harddisk

[HowTo] Installing Ruby Enterprise Edition and Passenger on Debian Etch

Install some stuff we will need

apt-get install build-essential apache2 ruby1.8 zlib1g-dev libssl-dev mysql-server mysql-common libmysqlclient15-dev libmysqlclient15off apache2-prefork-dev

Create a link for ruby else the installer won’t work

ln -s /usr/bin/ruby1.8 /usr/bin/ruby

get Ruby Enterprise edition (http://www.rubyenterpriseedition.com/download.html)

tar xzvf ruby-enterprise-X.X.X.tar.gz
./ruby-enterprise-X.X.X/installer

Delete the Ruby link and create new links

rm /usr/bin/ruby
ln -s /opt/ruby-enterprise-1.8.6-20081215/bin/rake /usr/bin/rake
ln -s /opt/ruby-enterprise-1.8.6-20081215/bin/gem /usr/bin/gem 
ln -s /opt/ruby-enterprise-1.8.6-20081215/bin/rails /usr/bin/rails
ln -s /opt/ruby-enterprise-1.8.6-20081215/bin/ruby /usr/bin/ruby

Install Passenger

/opt/ruby-enterprise-1.8.6-20081215/bin/passenger-install-apache2-module

if you have this error

cd /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/gems/1.8/gems/passenger-2.0.6
/opt/ruby-enterprise-1.8.6-20081215/bin/ruby -S rake clean apache2
/opt/ruby-enterprise-1.8.6-20081215/bin/ruby: No such file or directory -- rake (LoadError)

then it looks like the Rake GEM was not installed, just install it now. and don’t forget to create the symlink in /usr/bin !

/opt/ruby-enterprise-1.8.6-20081215/bin/gem install rake

Add this to /etc/apache2/apache2.conf

LoadModule passenger_module /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/gems/1.8/gems/passenger-2.0.6/ext/apache2/mod_passenger.so
PassengerRoot /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/gems/1.8/gems/passenger-2.0.6
PassengerRuby /opt/ruby-enterprise-1.8.6-20081215/bin/ruby

That’s it ! Now you can configure your vhosts.

<VirtualHost 192.168.0.1:80>
  ServerName foo.com
  DocumentRoot /var/rails/
 
  RailsBaseURI /project1
  RailsBaseURI /project2
  RailsBaseURI /project3
 
  Alias /docs "/opt/ruby-enterprise-1.8.6-20081215/lib/ruby/gems/1.8/gems/passenger-2.0.6/doc/Users guide.html"
</VirtualHost>

An finaly, the capistrano config in deploy.rb

set :application, "project1"
set :repository,  "https://svn.foo.com/project1"
set :user, 'root'
set :use_sudo, false
# If you aren't deploying to /u/apps/#{application} on the target
# servers (which is the default), you can specify the actual location
# via the :deploy_to variable:
set :deploy_to, "/var/rails/#{application}"
 
after "deploy:update_code", "deploy:chown"
 
role :app, "foo.com"
role :web, "foo.com"
role :db,  "foo.com", :primary => true
 
namespace :deploy do
  desc "Change owner"
  task :chown, :roles => :app do
    run "chown www-data:www-data -R #{latest_release}"
  end
  desc "Restart Application"
  task :restart, :roles => :app do
    run "touch #{current_path}/tmp/restart.txt"
  end
end

in case you have this error:

script/console production
Loading production environment (Rails 2.1.0)
/opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/completion.rb:10:in `require': no such file to load -- readline (LoadError)
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/completion.rb:10
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/init.rb:252:in `require'
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/init.rb:252:in `load_modules'
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/init.rb:250:in `each'
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/init.rb:250:in `load_modules'
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb/init.rb:21:in `setup'
        from /opt/ruby-enterprise-1.8.6-20081215/lib/ruby/1.8/irb.rb:54:in `start'
        from /usr/bin/irb:13

Then some things where missing during install. Let’s install that and compile readling.

cd /root/ruby-enterprise-1.8.6-20081215/source/ext/readline
 
ruby extconf.rb
checking for tgetnum() in -lncurses... no
checking for tgetnum() in -ltermcap... no
checking for tgetnum() in -lcurses... no
checking for readline/readline.h... no
 
apt-get install libncurses5-dev libreadline5-dev

Check once again if everything is installed

ruby extconf.rb
.
.
creating Makefile

and now compile

make
make install

Push mail for iPhone with Cyrus and z-push

Some days ago I came across z-push a very interesting open source project. I decided to give it a try and see how it works with my iPhone.
I really didn’t expect to be up and running in only 5 minutes! So I won’t write anything here about the installation, just read the manual and everything should be clear.
But there are two things I have to mention if you are using Cyrus.

  • Synced mails will be marked as read! The solution for this is in this post in the z-push forum
  • Sync might not work due to encoding problems (iPhone will say that there is no connection to the server). The solution for this is in this post in the z-push forum.

After solving these two issues everything worked perfect! The only problem that remains, and this is nothing z-push can solve, is the battery usage of the iPhone. Be warned! Your battery will be empty after 2 days in some cases even after 1 day. This really sucks, I have to admit, this is where BlackBerry will get a point.

How libnss-mysql stole my evening

After installing a new VPS I thought I would go with Debian Lenny, although it’s not “stable” yet. The installation was quick and easy, no problems here. Then a control panel was needed, here of course I went with DTC the great GPL control panel from gplhost. After everything was up an running I noticed postfix was crashing.
warning: process /usr/lib/postfix/bounce pid 23776 killed by signal 6
warning: /usr/lib/postfix/bounce: bad command startup -- throttling
warning: process /usr/lib/postfix/smtpd pid 4848 killed by signal 6
warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

As usual, when you have no idea what it is, start searching. Funny enough, the first search result on google was a topic on gplhost froums, where I actually answered! Unfortunately my answer was related to a different question of that thread, but I still think it’s a bit funny. So as dsadmin was writing, it seems to be a mysql connection problem. The workaround described there (removing the mysql stuff from nsswitch.conf) does help, but it’s just a workaround and not a solution. It seems like libnss-mysql is broken in Debian Lenny and probably in Ubuntu also. A recompile didn’t help.

So, here comes Damien (also from gplhost) with the idea to install libnss-mysql-bg instead of libnss-mysql. After some modifications to the dtc control file (without them debian removes dtc because of dependency to libnss-mysql) I could remove libnss-mysql and install libnss-mysql-bg instead. Now all I had to do is run the DTC installer one more time so it can make all necessary modification to the libnss-mysql-bg config files (yes, DTC works with both!) and my problems where all solved.

You get what you pay for

Some time ago I got an hosting account at a cheap company (I won’t mention any names). All was good and fine until the trouble started.

1. No detailed access logs

There is no way to see who logged in when over ftp. The only thing that is logged is the access over the web interface. This is not enough! I just found out that several index.html and index.php files where modified between april and may. They all where “infected” with some extra javascript code. Funny enough, somewhen during this time there was a modification to the FTP server of that provider. All passwords where modified and you had to change the password over the webinterface for all accounts. Strange isn’t it. There was no official statement about anything getting hacked. 

2. Useless webstats

One of my sites hosted there had in a day about 200Gig traffic. Although they promise you about 5000 Gig traffic per month, all my sites where locked down due to bandwidth exceeding. Support told me this:

All ***** accounts are allowed to use 167 GB of transfer per day. If you site goes over this limit it will be taken offline until the next day. 

 I tried to find anything about this on their website and find no trace about this limitation. Anyway, the reason for the huge traffic amount was of course someone with bad intentions. It is weird since there is no real website on that account. It was used for exchanging larger files (legal content, no piracy) and nothing that would really be of interest to someone. I couldn’t find out what was downloaded and from where to cause such huge traffic, the support was of no help and ALL MY SITES WHERE OFFLINE for one day. Really all of them! Not just the one causing the traffic. 

There where some other minor issues why I don’t like this provider, but they I can’t remember now and anyway, like I mentioned, they where minor issues. The two big issues I mentioned above is the reason why I will cancel my account. 

 

oh yes … one of the minor issues is they don’t support sFTP or FTP with SSL, just plain unencrypted FTP. Not very nice.

DoS attack

Since yesterday I am facing a DoS attack on one of my IP’s
The server is being hit by UDP packets on port 80. I could solve some of the issues created by this high load and server are running, but the attack is still going on as I write this with 20Mbit and creating traffic of about 9 GB/hour.

dos_1.png
dos_2.png

HowTo: Install splunk>_ on Debian

* Download the RPM from http://www.splunk.com
* create a deb package with alien
* install the deb package (dpkg -i .. )
* cd /opt/splunk/bin
* ./splunk start

If you get errors like this: error while loading shared libraries: libstdc++.so.6: cannot open shared object file: No such file or directory

Then install libstdc++6

* apt-get install libstdc++6

It’s that simple :)

Technorati Tags: , ,

HowTo install openfire (former wildfire) on Debian

Note: This has been done on a Debian Sarge installation but it should work on Etch also, I will report if it does once I have done it, sometime this week.
I found this post on howtoforge and it helped me alot.

First you need Java JRE, lucky me I had a deb package on my server from some other tests so I didn’t need to create a new JRE deb package.
Follow this howto to create a debian package so you can install JRE the debian way. Once you installed the JRE you can continue with openfire.

Download openfire from http://www.igniterealtime.org/downloads/index.jsp
download the tgz file, the rpm installation with alien didn’t work for me on a AMD64, will probably work for i386.
unpack it move it to /opt

tar -xzvf openfire_3_0_0.tar.gz
mv openfire /opt

You don’t need to install any mysql java connector as mentioned on howtoforge, openfire now comes with everything you need.
Create a new database and create the tables with the provided file.
for example: mysql -u -p < /opt/openfire/resources/database/openfire_mysql.sql

Make sure openfire.xml is writeable:
# chmod 777 /opt/openfire/conf/openfire.xml

Now setup openfire over the webinterface: http://localhost:9090 or http://127.0.0.1:9090
or use whatever server it is running on instead of localhost.

Note: if you have something like this in your /etc/hosts file

127.0.0.1 foobar localhost localhost.localdomain

it won't work since it will try to connect with dbuser@foobar instead of dbuser@localhost which won't work!
change you /etc/hosts so that localhost is first!

Technorati Tags: , , , ,

[HowTo] Installing eAccelerator on Debian etch

This works for php4 and php5, apache1.3 and 2!

first get php5-dev (or php4-dev, depending on what you use)
apt-get install php5-dev

get eaccelerator from here and unpack it.
cd eaccelerator-0.9.5
phpize
./configure
make
make install

create the eaccelerator cache directories
mkdir /tmp/eaccelerator
chmod 0777 /tmp/eaccelerator

and add this to your php.ini (in my case: /etc/php5/apache2/php.ini )

extension=eaccelerator.so
eaccelerator.shm_size=64
eaccelerator.cache_dir=/tmp/eaccelerator
eaccelerator.enable=1
eaccelerator.optimizer=1
eaccelerator.check_mtime=1
eaccelerator.debug=0
eaccelerator.filter=
eaccelerator.shm_max=0
eaccelerator.shm_ttl=0
eaccelerator.shm_prune_period=0
eaccelerator.shm_only=0
eaccelerator.compress=1
eaccelerator.compress_level=9
eaccelerator.allowed_admin_path=/path/to/control.php

adjust the memory to whatever you like.
Copy the control.php to whatever path you like (must be some htdocs accessible path) and set the path in eaccelerator.allowed_admin_path= …
edit the file and user/password.
now restart apache and you are done! go to the link where control.php is and check if you can login and if it works.

Technorati Tags: , ,

Next Page »