Archive for the ‘Linux’ Category

Kaltura CE install on CentOS 5.4

Thursday, January 14th, 2010

I wanted to share this info on how to install the KalturaCE media server on CentOS. I saw that a lot of people were having issues getting it to work. Follow along, it is pretty easy to do. This should be a cut and paste article. I did this install in Xen with 32bit. I have not tried this in a 64bit environment yet. It should work the same, except the part where you have to get some php rpms below.

Ensure that your system is currently up to date.

I like always do my installing from /home/install/ Feel free to choose any directory you want to store your software in.

mkdir -p /home/install/rpms/
cd /home/install/rpms/

We need to install the EPEL and rem repos.

wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-5.rpm
rpm -Uvh *.rpm

Now we need to install some needed software, we also enable the remi repo.

yum install memcached httpd mysql mysql-server gmp libedit t1lib sqlite2 libXpm libXmu libXaw --enablerepo=remi

We need to grab the older php-5.2.10 rpms from remi with wget. These are the i386 rpms. The path for x86_64 is going to be different. This path might work if you are wanting 64bit.

http://rpms.famillecollet.com/enterprise/5/olds/x86_64/

wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-5.2.10-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-cli-5.2.10-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-common-5.2.10-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-gd-5.2.10-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-mysql-5.2.10-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-pdo-5.2.10-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-pecl-memcache-3.0.4-1.el5.remi.i386.rpm
wget http://rpms.famillecollet.com/enterprise/5/olds/i386/php-pecl-memcached-0.2.0-1.el5.remi.i386.rpm

Now we need to install the rpms we just grabbed. Don’t install the php-pecl-memcache* ones yet. These will be done at a later step.

rpm -ivh php-5.2.10-1.el5.remi.i386.rpm php-cli-5.2.10-1.el5.remi.i386.rpm php-common-5.2.10-1.el5.remi.i386.rpm php-gd-5.2.10-1.el5.remi.i386.rpm php-mysql-5.2.10-1.el5.remi.i386.rpm php-pdo-5.2.10-1.el5.remi.i386.rpm

We need to install some more pre-reqs for memcache stuff.

yum install php-pear libmemcached --enablerepo=remi

Now we get to install the last 2 rpms for php-pecl-memcache

rpm -ivh php-pecl-memcache*

Need to double check that short_open_tag is enabled for PHP. This is done in the /etc/php.ini

short_open_tag = On

Edit /etc/httpd/con/httpd.conf

Find AllowOverride for the directory /var/www/html/
Change it from
AllowOverride None
to
AllowOverride All

Now lets start up the services.

service memcached start
service mysqld start
service httpd start

Now comes the MySQL stuff. We need to setup the database we want to use for kaltura. You can change the following two lines to match what you want to use. I use kaltura as the database and the name, and katura123 as the password. Again, these can be set to whatever you want to use. These will need to be known when you go into the kalturaCE installer.

echo "create database kaltura;" | mysql

It is recommended that you create a user for the kaltura database. Below is a simple create, please adjust to your liking.

echo "grant all privileges on kaltura.* to kaltura@"localhost" identified by 'kaltura123';"  | mysql

Now we need to get the current kalturaCE code. The URL below will more than likely change, so make sure to goto the kaltura download site and copy the most current download URL.

 wget http://www.kaltura.org/sites/default/files/releases/kalturaCE_v1.5_linux386.tgz

Now we need to uncompress it and put it in the /var/www/html/ folder. The -C tells tar to uncompress into that folder.

tar -zxvf kalturaCE_v1.5_linux386.tgz -C /var/www/html/

Now open a browser and point it to

http://IP_OF_YOUR_SERVER/kalturaCE/install/

Where IP_OF_YOUR_SERVER is the actual IP address of your kalturaCE server.

Click begin installation

Should be all green check boxes.

Click on Continue

Database connections.
You will need to have the database, database user, and password. You should know this from a previous step.

Click Save and Continue.

Set the server url, if it is not already done so.

Set the Administrator Account with the info it asks for as well as email…

You should be done.

You can then goto

http://IP_OF_YOUR_SERVER/kalturaCE

You can get to the management interface using,

http://IP_OF_YOUR_SERVER/kalturaCE/index.php/kmc

Start adding your own media. :)

If there is enough interest in this, I can put up a Xen image on XenForge.org. I would also be willing to create a distribution that would install everything, again if enough interest is shown.

****update to libmemcached issue*****
If you get this
error: Failed dependencies:
libmemcached.so.2()(64bit) is needed by php-pecl-memcached-0.2.0-1.el5.remi.x86_64
libmemcached.so.2(libmemcached_2)(64bit) is needed by php-pecl-memcached-0.2.0-1.el5.remi.x86_64

or this
error: Failed dependencies:
libmemcached.so.2 is needed by php-pecl-memcached-0.2.0-1.el5.remi.i386
libmemcached.so.2(libmemcached_2) is needed by php-pecl-memcached-0.2.0-1.el5.remi.i386

For those of you having issues finding the libmemcached rpm, I think I found them. Damn remi removing rpms!! Try this link to a mirror of his rpms.
32-bit
wget http://cobbler.int-evry.fr/cblr/repo_mirror/el5-i386-remi/libmemcached-0.31-1.el5.remi.i386.rpm
file location http://cobbler.int-evry.fr/cblr/repo_mirror/el5-i386-remi/

64-bit
wget http://cobbler.int-evry.fr/cblr/repo_mirror/el5-x86_64-remi/libmemcached-0.31-1.el5.remi.x86_64.rpm
file location http://cobbler.int-evry.fr/cblr/repo_mirror/el5-x86_64-remi/

Hopefully this helps!!
Thank you,
Engineer Tim

Tags: , , , , , ,
Posted in Linux, streaming, xen, xenforge | 11 Comments »

asterisk bfd (brute force detection) rules for sip and iax

Tuesday, July 21st, 2009

Thank you to a couple users who pointed out that my bfd rules were a little less than perfect. They worked great for me on a older version of bfd, but I believe a update to the bfd application caused them to stop working. Either way, new rules have been created.

This one is for SIP wrong passwords. Save this as asterisksip

# failed logins from a single address before ban
# uncomment to override conf.bfd trig value
TRIG="5"

# file must exist for rule to be active
REQ="/usr/sbin/asterisk"

if [ -f "$REQ" ]
then
LP="/var/log/asterisk/full"
TLOG_TF="asterisk.sip"
TMP="/usr/local/bfd/tmp"

## ASTERISK: SIP wrong password
ARG_VAL=`$TLOG_PATH $LP $TLOG_TF | grep -i "wrong password" | grep chan_sip | awk '{NF=NF-3} {print $NF}'| tr -d '\'\' `
fi

This rule is for wrong or non existent extension. Save this as asterisksip2

# failed logins from a single address before ban
# uncomment to override conf.bfd trig value
TRIG="5"

# file must exist for rule to be active
REQ="/usr/sbin/asterisk"

if [ -f "$REQ" ]
then
LP="/var/log/asterisk/full"
TLOG_TF="asterisk.sip2"
TMP="/usr/local/bfd/tmp"

## ASTERISK: SIP no extension
ARG_VAL=`$TLOG_PATH $LP $TLOG_TF | grep -i "No matching peer found" | grep chan_sip | awk '{NF=NF-5} {print $NF}'| tr -d '\'\' `
fi

This rule is for IAX. Save this as asteriskiax.

# failed logins from a single address before ban
# uncomment to override conf.bfd trig value

TRIG="5"
# file must exist for rule to be active
REQ="/usr/sbin/asterisk"


if [ -f "$REQ" ]
then
LP="/var/log/asterisk/full"
TLOG_TF="asterisk.iax"
TMP="/usr/local/bfd/tmp"

## ASTERISK: IAX2 auth failed

ARG_VAL=`$TLOG_PATH $LP $TLOG_TF | grep -i "failed MD5 authentication" | grep chan_iax2 | awk '{NF=NF-8} {print $NF}'`
fi

Special thanks goes to Ioan Indreias and Gonzalo Gonzalez.
If it looks like the code is missing, try to highlight it all and copy/paste it into a text document. Hopefully this will show the entire rule without issue.
Make sure these rules are stored in /usr/local/bfd/rules/ Then rerun bfd with bfd -q and see if the new rules are in place by checking for the files in /usr/local/bfd/tmp/ .

Thank you,
Engineer Tim

Posted in Linux, apf / bfd, iptables | 2 Comments »

XenForge.org is online, come and get them!!

Wednesday, July 8th, 2009

I had so many requests for my trixbox Xen image that I decided to create a new site. XenForge.org is this site. My hope is that people will be able to share their own Xen images with other users as well as use the ones that I create. This site is also not just limited to Xen based images but all images that can be portable and use some form of virtualization technology will be welcome. The only criteria is that no copyright violations or sharing of copyrighted material happens. This means OpenSource and derivatives only.

Currently XenForge offers the following.
Xen Image downloads via Bittorrent links.
The ability to add your own torrent file to the site for others to download.
Forums to discuss the Xen images and config options.

We hope to be able to offer the means to post torrent files directly to our torrent server from a user. This is something that is currently being looked at. Right now users can submit a image for approval and we will be happy to generate the torrent and seed it directly. This is a manual process right now.

Feel free to join us on XenForge if you have the need for some Xen images.

Thank you,
Engineer Tim

Posted in Linux, trixbox, xen, xenforge | No Comments »

trixbox 2.8 Xen fix/install

Tuesday, June 30th, 2009

For this to work, you need to have the install media for CentOS, I use the CentOS 5.3 i386 DVD. You should also have a read the trixbox-xen.pdf on this site.

CentOS specific stuff we need to do.

mount -oloop CentOS-5.3-i386-bin-DVD.iso /var/www/html/centos

make sure this is browsable in a web browser. You will need to be able to serve the installer these files.

We need to copy off the vmliuz and initrd.img from the images/xen folder for our use during the install. I like to serve all of my xen specific stuff from a nfs mount so that I can access these files from different xen servers without issues. How you do it is up to you. These files MUST be accessible by the computer that is going to boot the Xen DomU for trixbox28. For ease of following this doc, I will user /srv/xen/trixbox28 as my directory for these files.

mkdir /srv/xen/trixbox28
cd /var/www/html/centos/images/xen
cp initrd.img vmlinuz /srv/xen/trixbox28/

Trixbox Specific Repo Setup.

mkdir /var/www/html/trixbox

We have to create a trixbox folder to serve the rpms from for the installer.

mkdir /mnt/iso
mount -oloop trixbox-2.8.0.iso /mnt/iso

We need to mount the trixbox-2.8.0 iso so we can get the rpms and the comps.xml file off.

cd /mnt/iso/trixbox
cp *.rpm /var/www/html/trixbox/

Now we need to grab the comps.xml file for making the trixbox repo on our web server.

cd /mnt/iso/repodata
cp comps.xml /var/www/html/trixbox/
cd /var/www/html/trixbox/

We need to add a couple of rpms to our new trixbox repo for xen. This will ensure the xen kernel and dahdi kmod files will work right out of the box. Make sure you are in /var/www/html/trixbox when doing the wget. Please also make sure to use your closest mirror by going to http://www.centos.org/modules/tinycontent/index.php?id=30

wget http://mirror.nic.uoregon.edu/centos/5.3/updates/i386/RPMS/kernel-xen-2.6.18-128.1.10.el5.i686.rpm

We also need the kmod-dahdi from the trixbox repo.

wget http://yum.trixbox.org/trixbox/2.8/test/kmod-dahdi-linux-xen-2.2.0-4_trixbox.2.6.18_128.1.10.el5.i686.rpm

Now lets create our repo for our installer.

createrepo -g ./comps.xml ./

if the createrepo is not found, install it with yum and try again.

yum -y createrepo

Now we create our install file. I call mine trixbox28.install, the contents are listed below. Yours may differ. Of particular note is the kernel, ramdisk, and ks=http://192.168.1.216/trixbox.ks lines. The file trixbox.ks is our kickstart file, which we will have to make changes to from my original one in my xen guide.

kernel = “/srv/xen/trixbox28/vmlinuz”
ramdisk = “/srv/xen/trixbox28/initrd.img”
extra = “text ks=http://192.168.1.216/trixbox.ks”
name = “trixbox”
memory = “512″
disk = [ 'tap:aio:/srv/xen/trixbox.img,xvda,w', ]
vif = [ 'bridge=xenbr0', ]
vcpus=1
on_reboot = ‘destroy’
on_crash = ‘destroy’

Save this file in /etc/xen/

Now we need to edit the trixbox.ks file or ks.cfg from my trixbox-xen guide. We need to change the first line for the url to now point to our centos install media.
url –url http://192.168.1.216/centos
please make sure to use the ip address for your web server that is serving the centos install media.

We also need to add one additional repo (trixbox) to the trixbox.ks file. This is done with the repo line. Add this just before the %packages statement in the trixbox.ks file. Be sure to change the IP address and path to reflect the trixbox repo we created from above. We also need to add the kmod-dahdi-linux-xen so it gets installed and not install the kmod-dahdi-linux package.

#Add the repo information
repo –name=trixbox –baseurl=http://192.168.1.216/trixbox/
%packages
@Core
@Trixboxcore
kernel
kernel-xen
#add kmod-dahdi-linux-xen
kmod-dahdi-linux-xen
#remove the one for the other kernel so they don’t conflict possibly
-kmod-dahdi-linux
postfix
-sendmail

Now save your trixbox.ks or ks.cfg file with these changes.

Now start the install process for trixbox28.

xm create -c trixbox28.install

Your installer should start and ask you for your local as well as a password for root.

You may, more than likely, see a few error messages fly by when the installer starts going. These are ok to ignore.

Once the install has finished it will shutdown and you will need to start it with your actual trixbox28 xen config. Mine is listed below, again yours might differ.

name = “trixbox28″
memory = “512″
disk = [ 'tap:aio:/srv/xen/trixbox.img,xvda,w', ]
vif = [ 'bridge=xenbr0', ]
bootloader=”/usr/bin/pygrub”
vcpus=1
on_reboot = ‘restart’
on_crash = ‘restart’

You should see no errors with dhadi,
Starting dahdi: Loading DAHDI hardware modules:
wct4xxp: [ OK ]
wcte12xp: [ OK ]
wct1xxp: [ OK ]
wcte11xp: [ OK ]
wctdm24xxp: [ OK ]
opvxa1200: [ OK ]
wcfxo: [ OK ]
wctdm: [ OK ]
wcb4xxp: [ OK ]
wctc4xxp: [ OK ]
xpp_usb: [ OK ]

No hardware timing source found in /proc/dahdi, loading dahdi_dummy
Running dahdi_cfg: [ OK ]

Firstboot scripts will run and you should be good to go.
Let me know any issues, questions or concerns either by email by posting a comment.

Posted in Linux, trixbox | 14 Comments »

Jungledisk S3 backup

Friday, June 19th, 2009

Installing Jungledisk and getting it to work can be a royal pain. Here are the steps I used to get it to work on CentOS 4 and 5.

I first installed Junglediskworkgroup on my Mac. This allowed me to use the junglediskworkgroup-settings.xml file for my Linux setup.
You can use the Windows version as well to get the needed *-settings.xml file for use in the Linux environment.
Ensure that you copy this file to your Linux server for use. I will not cover how this is done in this post.

I like to make build-”project” folders for stuff I am working on. This keeps things clean and I have a master build directory for everything I work on.

mkdir build-jungledisk
cd build-jungledisk

Now you need to grab the .tar.gz file for jungledisk.
Grab it from here
I used wget and copied the url of the file I needed by right clicking and choosing “copy link”

wget http://downloads.jungledisk.com/jungledisk/junglediskworkgroup64-261a.tar.gz

Be sure to user your own url from the site as this url may or may not work.

Uncompress junglediskworkgroup64-261a.tar.gz .

tar -zxvf junglediskworkgroup64-261a.tar.gz

You should now have a junglediskworkgroup folder with the jungledisk command line application.

cd junglediskworkgroup

Now copy the junglediskworkgroup-settings.xml into this folder.

cp /path/to/junglediskworkgroup-settings.xml build-jungledisk/junglediskworkgroup/

Now you need to install dkms dkms-fuse and fuse from dag.wieers.com
dkms
dkms-fuse
fuse

Again, I used wget to get the rpm files. I put them in build-jungledisk and then installed them with.

rpm -ivh *.rpm

Once the rpms are installed you need to

modprobe fuse

and verify it is installed with

lsmod | grep fuse

Before I could start jungledisk, I had to edit the cacheDirectory path in the junglediskworkgroup-settings.xml. I created a new path in /opt/

mkdir -p /opt/jungledisk/cache/

Then I edited the junglediskworkgroup-settings.xml and replaced the cacheDirectory with this, which reflected the new path.

<cacheDirectory>/opt/jungledisk/cache/</cacheDirectory>

If things are right, you can now start jungledisk

cd junglediskworkgroup
./jungledisk /media/jungledisk -o config=/path/to/junglediskworkgroup-settings.xml

Make sure to use the proper and full path to junglediskworkgroup-settings.xml

You should now see the new mount on the system with

df -h
jungledisk#jungledisk    382G     0  382G   0% /media/jungledisk

If you have issues check /var/log/junglediskwg.log

Thank you,
Engineer Tim

Posted in Linux, gizmos | No Comments »

trixbox Xen Install Guide

Tuesday, February 3rd, 2009

I have put together a install guide for use with trixbox 2.6.2.1 and Xen. This guide will walk you through installing trixbox in a Xen DomU. I hope people find it useful.

Thank you,
Engineer Tim



Download trixbox-xen

Tags: , ,
Posted in Linux, trixbox | 24 Comments »

BFD (Brute Force) rule for Asterisk

Saturday, December 20th, 2008

I whipped up a BFD rule to try and defend against sip attacks.  This watches for failed logins in the /var/log/asterisk/full log and then blocks them.  I set the TRIG level low so you might need to change this to something you are more comfortable with.  

 

Drop this file in /usr/local/bfd/rules/

Name the file asterisk

 

 

# failed logins from a single address before ban
# uncomment to override conf.bfd trig value
TRIG="5"

# file must exist for rule to be active
REQ="/usr/sbin/asterisk"

if [ -f "$REQ" ]; then
LP="/var/log/asterisk/full"
TLOG_TF="asterisk"
TMP="/usr/local/bfd/tmp"

## ASTERISK
ARG_VAL=`$TLOG_PATH $LP $TLOG_TF |grep "Wrong password" /var/log/asterisk/full | awk '{NF=NF-3} { print $NF}'| tr -d '\'\' `
fi

Tags: ,
Posted in Linux, trixbox | 5 Comments »

Rebuild Zaptel Script

Saturday, December 20th, 2008

So you want to recompile zaptel on trixbox.  I have put together a script that might help.  I have used this on a few custom installs and it seems to work.  However, don’t kill me if it screws something up.  You will need to start zaptel and amportal once the script finishes.  I don’t do this for you since I like to watch for errors on startup.
rebuild-zaptel.sh.txt

Tags: ,
Posted in Linux, trixbox | No Comments »