postgresql – pointing postgresql data to new location

Database grow over time, it out growing the space on their partition located.
in redhat 6.7, the default partition for “/” its 50GB and the rest going to “/home” partition.
when you default install postgresql-9.5 it would located in “/opt” which include in “/” partition.
for database production 50GB it’s so small. so i want change the data folder to “/home” which have TB space.

#status postgres
$ /etc/init.d/postgresql-9.5 status
pg_ctl: server is running (PID: 6309)
/opt/PostgreSQL/9.5/bin/postgres "-D" "/opt/PostgreSQL/9.5/data"

# stop postgres
$ service postgresql-9.5 stop
$ /etc/init.d/postgresql-9.5 status
pg_ctl: no server running

# change variable
$ nano /opt/PostgreSQL/9.5/pg_env.sh

export PGDATA=/opt/PostgreSQL/9.5/data
change to
export PGDATA=/home/pg_data

# create dir
$ mkdir -p /home/pg_data

# doing rsync
$ rsync -azP /opt/PostgreSQL/9.5/data/ /home/pg_data/

# just make sure
$ mv /opt/PostgreSQL/9.5/data /opt/PostgreSQL/9.5/data_bak

# backup service script
$ mkdir -p ~/backup/ && mv /etc/rc.d/init.d/postgresql-9.5 ~/backup/

# download postgresql-9.5 file
$ wget https://raw.githubusercontent.com/g3n1k/exsys/master/postgresql-9.5

# move postgresql-9.5 to /etc/rc.d/init.d/
$ mv postgresql-9.5 /etc/rc.d/init.d/

# start postgresql
$ service postgresql-9.5 start

# status postgresql
$ service postgresql-9.5 status
pg_ctl: server is running (PID: 13282)
/opt/PostgreSQL/9.5/bin/postgres "-D" "/home/pg_data"

Redhat: Restrict an SSH user session to a specific directory by setting chrooted jail

# create group
groupadd sftpusers

#Setup sftp-server Subsystem in sshd_config
nano /etc/ssh/sshd_config

# comment sftp, add commet to sftp
#Subsystem      sftp    /usr/libexec/openssh/sftp-server

# add new value Subsystem sftp
Subsystem       sftp    internal-sftp

# add this three line to /etc/ssh/sshd_config
    Match Group sftpusers
        ChrootDirectory /home/jails/home
        X11Forwarding no
        AllowTcpForwarding no

# restart sshd
service sshd restart

# enforce SELinux 
setenforce 0

# ser variable
D=/home/jails

# to emulate the / directory to a bare minimum and home folder
mkdir -p $D/{dev,etc,lib,usr,bin,home}
mkdir -p $D/usr/bin
chown root.root $D

# You also need the /dev/null file:
mknod -m 666 $D/dev/null c 1 3

# we need to fill up the etc directory with a few minimum files:
cd $D/etc
cp /etc/ld.so.cache .
cp /etc/ld.so.conf .
cp /etc/nsswitch.conf .
cp /etc/hosts .

# figure out what commands you want accessible by your limited users. 
# In this example users to be able to get into bash and use the ls command
# So you must copy the binaries to the jail.
$ cd $D/usr/bin
$ cp /usr/bin/ls .
$ cp /usr/bin/bash .

# check binary
ldd /bin/ls
         linux-gate.so.1 =>    (0xb7f2b000)
         librt.so.1 => /lib/librt.so.1 (0xb7f1d000)
         libacl.so.1 => /lib/libacl.so.1 (0xb7f16000)
         libc.so.6 => /lib/libc.so.6 (0xb7dcf000)
         libpthread.so.0 => /lib/libpthread.so.0 (0xb7db7000)
         /lib/ld-linux.so.2 (0xb7f2c000)
         libattr.so.1 => /lib/libattr.so.1 (0xb7db2000)

# Then you have to manually copy each file to the lib directory in your jail. That is a pain. Especially if there is a lot of shared libraries for a binary you want. I came across a useful script called l2chroot which automatically finds the libraries and copies them to your chroot jail.
cd /sbin
wget -O l2chroot http://www.cyberciti.biz/files/lighttpd/l2chroot.txt
chmod +x l2chroot

#Edit the l2chroot file and change BASE=”/webroot” to BASE=”/home/jails”. This tells l2chroot where your jail is located so it copies everything to the right place. Now go ahead and run the command on the binaries you want.

# find ls binary
which ls

# copy linked ls 
l2chroot /bin/ls

# find bash binary
which bash

# copy linked bash
l2chroot /bin/bash

# create user denly, to group sftpusers, in home folder /home/jails/denly
adduser -d /home/jails/home/denly -G sftpusers denly
passwd denly

# test login with ssh or putty
#     true if you can login with restricted access

# test login with winscp or filezilla client
#    true if you can login and upload file

ssh-chroot-jail-and-sftp

http://www.cyberciti.biz/faq/debian-ubuntu-restricting-ssh-user-session-to-a-directory-chrooted-jail/

http://allanfeid.com/content/creating-chroot-jail-ssh-access

set sftp in redhat

# create user ftprhel
useradd ftprhel
passwd ftprhel

# create new group
groupadd sftpusers

# modify an existing user and make him an sftp user only and put him in the chroot sftp jail, do the following
usermod -g sftpusers -d /incoming -s /sbin/nologin ftprhel

#Setup sftp-server Subsystem in sshd_config
nano /etc/ssh/sshd_config

# comment sftp, add commet to sftp
#Subsystem      sftp    /usr/libexec/openssh/sftp-server

# add new value Subsystem sftp
Subsystem       sftp    internal-sftp

# show what sftp value
grep sftp /etc/ssh/sshd_config

# Specify Chroot Directory for a Group
# add this three line to /etc/ssh/sshd_config
    Match Group sftpusers
        ChrootDirectory /sftp/%u
        ForceCommand internal-sftp

# Create sftp Home Directory
mkdir -p /sftp/ftprhel/incoming

# give appropriate permission
chown ftprhel:sftpusers /sftp/ftprhel/incoming

#restart sshd
service sshd restart

# test with sftp client, filezilla or winscp, or linux sftp
#if you have error
#Error listing directory ‘incoming’
#Permission denied.
#Error code: 3
#Error message from server: Permission denied
#Request code: 11

# enforce SELinux 
setenforce 0

source http://www.thegeekstuff.com/2012/03/chroot-sftp-setup/

vagrant – website development server

why using vagrant ?

mengapa menggunakan vagrant, jika bisa mengeset server virtual dengan virtualbox ?!

adalah pertanyaan pertama yang muncul saat berkenalan dengan vagrant.

pengalaman saya sebagai IT developer bertemu dengan environment berbeda, misal project A menggunakan nginx sebagai http server, Project B menggunakan Apache, atau mungkin project C harus menggunakan IIS dan database SQL Server, belum lagi dengan saat bertemu dengan software yg tergantung dengan depedensi versi tertentu,

ini bisa di atasi dengan membuat banyak virtual server, debian server dengan apache dan mysql, debian apache dengan nginx dan postgresql, centos server dengan apache mysql, centos nginx plus mongodb, kemudian ubuntu server dengan  … dan berbagai kombinasi server lain nya,

bagaimana dengan saat implementasi di server production, saat anda harus mengingat config apa saja yang anda lakukan pada server sehingga aplikasi dapat running dengan sempurna … dan anda harus menghabiskan satu harian hanya untuk mendebug …

pengalaman pribadi, memisahkan folder source code dengan project, kadang membuat ‘berantakan’ file-file anggaplah ada 20 project dan pada folder www ada 10 project, folder lain ada 5 project, berantakan sekali

itu beberapa daily problem yang  dihadapi oleh developer … contoh How to build 100 web servers in a day

vagrant memberikan solusi

dengan menggunakan vagrant anda dapat mengirimkan pada tim development, bukan hanya source code, tetapi juga configurasi server nya seperti letak folder www, extension (ex rewrite pada apache) yg harus di load. dengan cepat seorang anggota baru dapat merunning aplikasi tanpa harus memikirkan / melakukan configurasi ulang, karena configurasi sudah dilakukan otomatis.

vagrant menggunakan sebuah master image yang dapat digunakan oleh banyak host, sehingga dari sisi bandwith dan hardisk lebih nyaman,

dengan pemisahan setiap project menggunakan ‘server’ nya sendiri, ke kacauan file bisa dikurangi, dan setiap server tidak akan tumpang tindih karena sudah ada software sejenis yang terinstall di virtual.

cara otomasi dengan vagrant

vagrant dan virtualbox telah terinstall

contoh sederhana otomasi yang akan dilakukan adalah

– installasi server nginx

– memindahkan path folder source code ke share folder vagrant


# create folder for our project
$ mkdir proj1 && cd proj1
# set vagrant with minimal config
$ vagrant init hashicorp/precise32 --minimal
# edit vagrant config add the necessary value
$ nano Vagrantfile

# input the script for Vagrantfile

Vagrant.configure(2) do |config|
config.vm.box = "hashicorp/precise32"
config.vm.hostname = "proj1-dev"
config.vm.provision "shell", path:"proj1.sh"
config.vm.network "forwarded_port", guest: 80, host:8080, id:"nginx"
end

# create auto setup shell script

$ nano proj1.sh

# input the script for proj1.sh

apt-get -y update
apt-get -y install nginx
rm -rf /usr/share/nginx/www/
ln -s /vagrant/www /usr/share/nginx/www
service nginx start

# make dir www and create new index.html

mkdir www && nano www/index.html

# put this line to your index.html

<b>your nginx</b>

# now running vagrant

vagrant up
# if you not see the 'your welcome page', reload the provision
vagrant provision

check in your browser

01 nginx run

Error Install ORA-00028 Database Configuration Assistant

ORA-00028: your session has been killed

OS: RedHat Enterprise Server 5

penulis mengalami error ini pada Database Configuration Assistant di proggress 40%

untuk mengatasi hal ini tekan ignore pada alert windows, sampai selesai

SOLVED

System -> Administration -> Security Level and Firewall
matikan semua firewall / turn-off

jika sudah lakukan eksekusi Database Configuration Assistant

$ cd ~/app/oracle/product/11.1.0/db_1/bin
 $ ./dbca

lakukan delete database yang tidak berhasil kita eksekusi sebelum nya

setelah itu lakukan pembuatan database lagi