Install Nextcloud in Ubuntu

Nextcloud – cloud platform for storing files, a branch of the project OwnCloud.

On the test, I will install the latest version of Nextcloud in Ubuntu Server 16.04 LTS (at the time of this writing was 12).
First of all, we will install the necessary components:

sudo apt-get update
sudo apt-get install apache2 mysql-server php libapache2-mod-php php-json php-mcrypt php-mysql php-bz2 php-curl php-gd php-imagick php-intl php-mbstring php-xml php-zip php-memcache

Activate the necessary apache2 modules:

sudo a2enmod rewrite
sudo a2enmod headers
sudo a2enmod env
sudo a2enmod dir
sudo a2enmod mime
sudo a2enmod setenvif
sudo a2enmod ssl

And restart it to apply the changes:

sudo service apache2 restart

Download Nextcloud:

cd ~
wget --no-check-certificate https://download.nextcloud.com/server/releases/latest.tar.bz2

You can verify the checksums MD5 or SHA256 to make sure that the archive is not damaged:

wget --no-check-certificate https://download.nextcloud.com/server/releases/latest.tar.bz2.md5
wget --no-check-certificate https://download.nextcloud.com/server/releases/latest.tar.bz2.sha256
md5sum -c latest.tar.bz2.md5 < latest.tar.bz2
sha256sum -c latest.tar.bz2.sha256 < latest.tar.bz2

Unzip the archive into the web server directory, set permissions and delete it:

sudo tar -C /var/www -xvjf ~/latest.tar.bz2
sudo chown -R www-data:www-data /var/www/nextcloud/
rm ~/latest.tar.bz2
rm ~/latest.tar.bz2.md5
rm ~/latest.tar.bz2.sha256

Create a web configuration file (in the nano editor, press Ctrl+X to exit, y/n to save or cancel changes):

sudo nano /etc/apache2/sites-available/nextcloud.conf

And add to it:

Alias /nextcloud "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
  Options +FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>

 SetEnv HOME /var/www/nextcloud
 SetEnv HTTP_HOME /var/www/nextcloud
</Directory>

We activate the configuration as follows:

sudo a2ensite nextcloud

or so:

sudo ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf

Restart apache2:

sudo service apache2 restart

Create mysql user and database:

mysqladmin -u root -p create nextcloud
mysql -u root -p -e "GRANT ALL PRIVILEGES ON nextcloud.* TO nextcloud@localhost IDENTIFIED BY 'PASSWORD';"
mysql -u root -p -e "flush privileges;"

Open in browser http://HOST/nextcloud/ specify the data and click “Finish installation”.
Standard directory for storing user files /var/www/nextcloud/data.

In the PHP configuration /etc/php5/apache2/php.ini specify date.timezone, other parameters are already specified in the file /var/www/nextcloud/.htaccess
Also, for secure transmission of data, I recommend that you configure SSL.
In the settings nextcloud, in the “Administration” menu you can see additional recommendations for customization.

Nextcloud installation completed.

See my articles:
Installing Certbot in Ubuntu
Solution “Internal Server Error” when opening Nextcloud

Firmware Update for ASUS RT-G32 Router

On an example I will use ASUS RT-G32 Rev.C1 router with firmware version 2.0.2.6.

First of all, let’s see if there is a firmware on the official website https://www.asus.com/support/product-search/?keyword=rt-g32
In my case, the new version was 2.0.3.4.
Download the archive with the new firmware and unpack it.

Open the web-interface of the router by typing in the browser address http://192.168.0.1 and enter login – admin, password – admin, and look at the version of the firmware that is installed, usually it is written at the very top, for example “Firmware version: 2.0.2.6”.

Next you need to open the menu “Administration“, select a tab “Firmware Upgrade“, press “Browse” and select previously downloaded and unpacked from the archive firmware file, click “Send” and wait for the update process to complete.

The configuration of the router remains unchanged.
If there is a failure during the upgrade, the router can be restored using a utility that can be downloaded from the official site by clicking the link above.

Configuring printing in Firefox

To configure printing in Mozilla Firefox, open the settings menu on the right, select “Print “, in the preview window that appears, click the “ Options” button, in the next window that appears, put the tick “Compress to page width, and in the “Fields and headers and footers” tab, specify the required fields, in my case it was reduced to 1, because the checks were printed on a narrow tape of the thermal printer and standard Only a couple of characters fit in one line.

The second option is to type and open in the address bar:

about:config

Click “I take the risk!”
In the field “Search” type:

print_printer

Right-click on the desired printer and select “Reset.”

If this does not help, check the print settings in the printer properties, in the operating system control panel, and try printing in other browsers.

Configuring UPnP in MikroTik

UPnP (Universal Plug and Play) – universal automatic configuration of network devices, automatically opens ports for p2p applications, games, etc.

In the Winbox settings you can find the “IP” – “UPnP“.

To enable it, check Enabled.

Now you need to specify interfaces, click “Interfaces” and “Add New“.
We’ll add an external WAN port, usually ether1-gateway.
Add an internal port or bridge, such as a bridge.
This completes the configuration.

I’ll give an example of how this will look through the console:

ip upnp set enabled=yes
ip upnp interfaces add interface=ether1-gateway type=external
ip upnp interfaces add interface=bridge type=internal

How to record and watch the demo in Counter-Strike Global Offensive

To record a demo in CS:GO, you need to open the console with the ~ key during the game, it is near the Esc key.
If the console does not open, then it probably is disabled in the settings, open the game settings and select “Yes” where “Enable Developer Console (~)”.

Then, in the console window that opens, type the command (where NAME is any name of the demo):

record NAME

To stop demo recording in the console, type:

stop

The demo file will be saved to the directory with CS:GO, for example C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo\NAME.dem, other demos should be placed in the same directory.

To view demos, you need to open the player, for this, in the console, type:

demoui

Or:

demoui2

Or press the key combination Shift + F2.
Next, in the opened player, click “Load …” and select the demo.

During viewing, you can switch between players left/right keys, CTRL – opens the map, Spacebar will switch the camera to free flight mode.

What is DHCP and how does it work?

DHCP – Dynamic Host Configuration Protocol in a TCP / IP network.

I will describe the possible types of DHCP messages:
DHCPDISCOVER — customer request for addresses.
DHCPOFFER — the server’s offer to get the address.
DHCPREQUEST — a client request for an address (suggested by the server in DHCPOFFER).
DHCPACK — server confirmation of the issuance of the address.
DHCPDECLINE — the client’s refusal to receive the proposed address (for example, when the network is already using someone the proposed IP).
DHCPNAK — failure of the server to issue the requested address.
DHCPRELEASE — notification of the client about the release of the address.
DHCPINFORM — customer request for additional parameters.

I will describe the process of successfully obtaining a DHCP client IP address from a DHCP server:
1) DHCP client from IP address 0.0.0.0 through UDP port 67 sends to network IP address 255.255.255.255 broadcast message DHCPDISCOVER “I want to get IP address”.
2) A DHCP server or several DHCP servers, if there are several of them, receive this message and reply to the client from their IP via UDP port 68 with the message DHCPOFFER “I propose an IP address”. The message is sent to the broadcast address 255.255.255.255 or the gateway address if the client is on another network.
3) The DHCP client receives this message or several messages and responds from the IP address 0.0.0.0 to only one DHCP server with the DHCPREQUEST message “Yes, I want this IP address”.
4) The DHCP server sends a DHCPACK message “I assign you this IP address” in response.
Since the IP address has a lease time after which it is released and the DHCP server can issue it for example to another client, the DHCP clients usually request the renewal with a DHCPREQUEST message and receive a DHCPACK response.

I will describe the composition of the DHCP message:
op (type of message, for example DHCPDISCOVER, size 1 byte)
htype (type of hardware address, size 1 byte)
hlen (length of hardware address, for example 6 for MAC address, size 1 byte)
hops (the number of relay agents between the server and the client, the clients set the value to 0, the size of 1 byte)
xid (Transaction ID, generated by the client at the beginning, size 4 bytes)
secs (the elapsed time in seconds from the time of requesting the receipt of the address can be 0, the size of 2 bytes)
flags (field for flags, size 2 bytes)
ciaddr (The IP address of the client, for example, if it requests a lease extension, the size is 4 bytes)
yiaddr (IP address offered by the server to the client, size 4 bytes)
siaddr (Server IP address, size 4 bytes)
giaddr (IP address of the relay agent, size 4 bytes)
chaddr (hardware client address (MAC), size 16 bytes)
sname (server name, 64 bytes)
file (the name of the boot file, can be used to boot the operating system over the network, 128 bytes)
options (additional options)

Allow insecure connections to POP3 / IMAP iRedMail

In order to be able to connect to POP3 / IMAP without STARTTLS, you need to open the Dovecot configuration file:

sudo nano /etc/dovecot/dovecot.conf

Edit the two parameters listed below:

disable_plaintext_auth=no
ssl=yes

To return the parameters of the secure connection to POP3S / IMAPS back:

disable_plaintext_auth=yes
ssl=required

After the changes in the Dovecot configuration, you need to restart it:

sudo /etc/init.d/dovecot restart

See also:
How to enable SMTP without SSL on port 25 in iRedMail / Postfix

Ubuntu IP Masquerading (NAT)

For example, I will configure IPv4 masquerading (NAT) on Ubuntu Server.
First you need to enable packet forwarding in /etc/sysctl.conf so that traffic can walk between different network interfaces.
Let’s check the current status:

sysctl net.ipv4.conf.all.forwarding
cat /proc/sys/net/ipv4/ip_forward

If it is 0, then enable it with the following command:

sysctl -w net.ipv4.conf.all.forwarding=1

To keep this after the system restart, open the file /etc/sysctl.conf for example in the nano editor (Ctrl + X to exit, y / n to save or discard changes):

nano /etc/sysctl.conf

And add the line:

net.ipv4.conf.all.forwarding=1

If necessary, you can clear existing NAT rules:

iptables -t nat --flush

Now it remains to add a rule to iptables, for example:

iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -j SNAT --to-source 172.16.16.94

Where, 192.168.99.0/24 internal network, and 172.16.16.94 the address through which you need to go to the Internet, similarly prescribed other internal networks.
Let me remind the mask for private networks:

10.0.0.0/8
172.16.0.0/12
192.168.0.0/16

If the IP address on the external network interface changes (dynamic), then instead of SNAT we specify MASQUERADE:

iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -j MASQUERADE

Do not forget to save the added iptables rules.
For example, you can open the network interface configuration file (its contents are loaded at system startup):

nano /etc/network/interfaces

And at the end add iptables rules, for example I will indicate the masquerading of this network at once to several IP addresses, and also with the indication of the network interface:

post-up /sbin/iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -o eth3 -j SNAT --to-source 172.16.90.1-172.16.90.5 --persistent

Or add to the file:

nano /etc/rc.local
/sbin/iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -o eth3 -j SNAT --to-source 172.16.90.1-172.16.90.5 --persistent

I recommend to specify the outgoing network interface, if you do not specify it, then local traffic will return to the network under NAT IP.
If there are several outgoing interfaces, let’s say the load is balanced through BGP, etc., then we indicate with two rules:

/sbin/iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -o eth3 -j SNAT --to-source 172.16.90.1-172.16.90.5 --persistent
/sbin/iptables -t nat -A POSTROUTING -s 192.168.99.0/24 -o eth4 -j SNAT --to-source 172.16.90.1-172.16.90.5 --persistent

See also my articles:
Difference between MASQUERADE and SNAT
Configuring IPTables
How to fix the error “nf_conntrack: table full, dropping package”
Using Linux ISG

Kingston SSD Firmware Update

On the test, I will update the SSD firmware of the Kingston SV300S37A 120Gb drive.

1) Download the official utility Kingston SSD Manager with firmware upgrade
https://www.kingston.com/en/support/technical/downloads/90683

2) Run the downloaded utility and if there is a firmware newer, the “Update to firmware …” button will be displayed, and click it to start the update process, which will last a few seconds.

Done, watch the video as I did: