Jorge Saldívar

Tag: Ubuntu

  • Things that will never die…

    PHP, Ubuntu Desktop, and WordPress… and I’m perfectly happy with that.

    Fight me.

  • Edging Ubuntu 24.04 on a Thumb Drive

    Trying out running Ubuntu on my mid-2015 MacBook Pro. Except for some quirks (and some lag, due to…well, the os being mounted from a thumb drive), it’s remarkably enjoyable.

  • Uninstall Chrome on Linux

    Uninstall Chrome on Linux

    1. Open a terminal window.
      • On GNOME, Unity, and Cinnamon environments, press Ctrl + Alt + t.
      • On KDE environments, go to Application Menu System Konsole.
    2. Enter the uninstall command:
      • Debian-based systems: Enter sudo dpkg -r google-chrome-stable.
      • Other systems: Enter sudo rpm -e google-chrome-stable.
    3. When prompted, enter your computer’s password.

    Sauce

  • UFW Cheatsheet

    UFW Cheatsheet

    Here’s a comprehensive sudo ufw (Uncomplicated Firewall) cheatsheet for managing firewall rules on an Ubuntu server:

    Basic UFW Commands

    • Enable UFW:
      sudo ufw enable
    • Disable UFW:
      sudo ufw disable
    • Check UFW Status:
      sudo ufw status
    • Use sudo ufw status verbose for detailed output.
    • Reset UFW (removes all rules and disables UFW):
      sudo ufw reset

    Allowing Connections

    • Allow a Specific Port:
      sudo ufw allow <port>
    • Example: sudo ufw allow 22 (allows SSH)
    • Allow a Port with a Specific Protocol:
      sudo ufw allow <port>/<protocol>
    • Example: sudo ufw allow 80/tcp (allows HTTP)
    • Allow a Range of Ports:
      sudo ufw allow <start port>:<end port>/protocol
    • Example: sudo ufw allow 1000:2000/tcp
    • Allow Connections from a Specific IP:
      sudo ufw allow from <IP>
    • Example: sudo ufw allow from 192.168.1.100
    • Allow Connections from an IP to a Specific Port:
      sudo ufw allow from <IP> to any port <port>
    • Example: sudo ufw allow from 192.168.1.100 to any port 22
    • Allow Subnet:
      sudo ufw allow from <subnet>
    • Example: sudo ufw allow from 192.168.1.0/24

    Denying Connections

    • Deny a Specific Port:
      sudo ufw deny <port>
    • Example: sudo ufw deny 23 (denies Telnet)
    • Deny a Port with a Specific Protocol:
      sudo ufw deny <port>/<protocol>
    • Example: sudo ufw deny 80/tcp
    • Deny Connections from a Specific IP:
      sudo ufw deny from <IP>
    • Example: sudo ufw deny from 192.168.1.100

    Deleting Rules

    • Delete a Rule by Rule Number:
      sudo ufw status numbered
    • Then use sudo ufw delete <rule number>
    • Delete an Allow Rule:
      sudo ufw delete allow <port>
    • Example: sudo ufw delete allow 22
    • Delete a Deny Rule:
      sudo ufw delete deny <port>
    • Example: sudo ufw delete deny 23

    Advanced UFW Usage

    • Enable UFW Logging:
      sudo ufw logging on
    • off to disable logging.
    • Set Default Policies (Deny Incoming and Allow Outgoing):
      sudo ufw default deny incoming
      sudo ufw default allow outgoing
    • Set Default Policies (Allow Incoming and Deny Outgoing):
      sudo ufw default allow incoming
      sudo ufw default deny outgoing
    • Limit Connections (Rate Limiting):
      sudo ufw limit <port>
    • Example: sudo ufw limit ssh (limits SSH connections to prevent brute force attacks)
    • Allow Specific Service by Name:
      sudo ufw allow <service>
    • Example: sudo ufw allow OpenSSH
    • App Profiles (View Available Profiles):
      sudo ufw app list
    • Allow Application Profile:
      sudo ufw allow <app profile>
    • Example: sudo ufw allow 'Apache Full'

    Checking UFW Status and Rules

    • Check UFW Status:
      sudo ufw status
    • Check UFW Status in Verbose Mode:
      sudo ufw status verbose
    • Check UFW Status with Rule Numbers:
      sudo ufw status numbered

    Other Useful Commands

    • Reload UFW to Apply Changes:
      sudo ufw reload
    • Show Detailed Report:
      sudo ufw show raw
    • This displays the raw iptables rules used by UFW.

    This cheatsheet covers common UFW commands and options, providing a solid reference for managing firewall settings on Ubuntu.

  • Relay Email via Amazon SES

    Relay Email via Amazon SES

    Issue

    I’d like to relay all my Ubuntu 22.04 email through Amazon SES.

    FYI

    Use at your own risk. Like seriously, do some research prior to implementing any of this into your own environment. Consider factors like costs, scalability, etc.

    Solution

    To relay all your email through Amazon SES (Simple Email Service) on an Ubuntu 22.04 server, you will need to:

    1. Set up an Amazon SES account and verify your email/domain.
    2. Install and configure Postfix to relay email through SES.
    3. Ensure proper authentication and security configurations.

    Here are the detailed steps:

    1. Set up Amazon SES

    Sign up for AWS and SES

    1. Sign in to AWS: If you don’t already have an AWS account, create one at AWS Sign-Up.
    2. Navigate to SES: Go to the SES dashboard in the AWS Management Console.

    Verify Email/Domain

    1. Verify an Email Address:
      • Go to the SES console.
      • In the left pane, click “Email Addresses”.
      • Click “Verify a New Email Address”.
      • Enter your email address and click “Verify This Email Address”.
      • Check your email and follow the verification link.
    2. Verify a Domain (recommended for sending from multiple addresses):
      • Go to the SES console.
      • In the left pane, click “Domains”.
      • Click “Verify a New Domain”.
      • Enter your domain name.
      • Follow the instructions to add a DNS record to your domain’s DNS settings.

    Obtain SMTP Credentials

    1. Create SMTP Credentials:
      • Go to the SES console.
      • In the left pane, click “SMTP Settings”.
      • Click “Create My SMTP Credentials”.
      • Follow the prompts to create a new IAM user with SES permissions.
      • Download or copy the SMTP credentials (SMTP username and password).

    2. Install and Configure Postfix

    Install Postfix

    Open a terminal on your Ubuntu server and install Postfix:

    sudo apt update
sudo apt install postfix

    During installation, choose “Internet Site” and set the system mail name to your domain name (e.g., example.com).

    Configure Postfix

    Edit the Postfix configuration file:

    sudo nano /etc/postfix/main.cf

    Add or modify the following lines to configure Postfix to use Amazon SES as a relay host:

    relayhost = [email-smtp.us-east-1.amazonaws.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = encrypt
smtp_tls_note_starttls_offer = yes

    Replace email-smtp.us-east-1.amazonaws.com with the correct SES SMTP endpoint for your region. You can find the list of SMTP endpoints in the Amazon SES documentation.

    Create the SASL Password File

    Create and edit the SASL password file:

    sudo nano /etc/postfix/sasl_passwd

    Add the following line, replacing the SMTP endpoint, username, and password with your SES SMTP details:

    [email-smtp.us-east-1.amazonaws.com]:587 YOUR_SES_SMTP_USERNAME:YOUR_SES_SMTP_PASSWORD

    Secure the file permissions:

    sudo chmod 600 /etc/postfix/sasl_passwd
sudo postmap /etc/postfix/sasl_passwd

    Restart Postfix

    Restart the Postfix service to apply the changes:

    sudo systemctl restart postfix

    3. Ensure Proper Authentication and Security

    SPF and DKIM

    1. SPF: Add an SPF record to your DNS to authorize Amazon SES to send emails on behalf of your domain. Example SPF record:
       v=spf1 include:amazonses.com ~all
    1. DKIM: Enable DKIM in the SES console for your domain to sign your emails. Follow the instructions in the SES console to add the necessary DNS records.

    Testing

    Send a test email to ensure everything is configured correctly:

    echo "Test email body" | mail -s "Test email subject" your-email@example.com

    Check the recipient’s inbox and the /var/log/mail.log file on your server for any errors.

    Summary

    1. Sign up for Amazon SES and verify your email or domain.
    2. Install and configure Postfix to relay through SES.
    3. Ensure SPF and DKIM are properly set up.

    This setup ensures your emails are securely relayed through Amazon SES, leveraging its robust infrastructure.

    Disclaimer

    The information provided in this blog post is for educational and informational purposes only. The steps and instructions are based on personal experience and research, and are intended to help users configure email relaying through Amazon SES on Ubuntu 22.04.

    No Warranty: The author and publisher make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the information, products, services, or related graphics contained in this blog post for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

    Limitation of Liability: In no event will the author or publisher be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this blog post.

    External Links: Through this blog post, you are able to link to other websites which are not under the control of the author. We have no control over the nature, content, and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.

    By using the information in this blog post, you agree to the terms of this disclaimer. If you do not agree to these terms, please do not use the information provided.

  • Ubuntu Multipass: How to modify an instance

    While instance properties can be determined at launch, some of them can be updated after the instance has been created. Specifically, an instance’s memory, disk space, and the number of its CPUs are exposed via daemon settings: local..(cpus|disk|memory).

    Documentation
  • Crontab

    Crontab

    Issue:

    How to setup cron jobs in Ubuntu (and Linux)?

    Solution:

    Setting up cron jobs on a Linux system like Ubuntu is a straightforward process. Cron jobs are scheduled tasks that your system runs at specified times or intervals. Here’s how you can set them up:

    Accessing the Cron Table:

    1. Open the Terminal: Launch your terminal application.
    2. Edit Cron Jobs for Your User: To edit the cron jobs for your current user, use the following command: crontab -e This command opens your user’s cron file in the default text editor. If it’s your first time using crontab, it may ask you to select an editor (like nano, vi, etc.).
    3. Add a New Cron Job: In the text editor, you can add a new cron job in the following format: * * * * * command-to-execute This is broken down as:
      • Minute (0 - 59)
      • Hour (0 - 23)
      • Day of the month (1 - 31)
      • Month (1 - 12)
      • Day of the week (0 - 6) (Sunday = 0)
      For example, to run a script every day at 5 AM, you would write: 0 5 * * * /path/to/script.sh Make sure your script (script.sh in this example) is executable. You can make it executable with chmod +x /path/to/script.sh.
    4. Save and Exit: After adding your cron job, save and exit the editor. This will install the new cron job.
    5. Verify Your Cron Jobs: To ensure your cron job is listed, use: crontab -l

    Special Syntax:

    Instead of the asterisks, you can use special strings for common intervals:

    • @reboot: Run once, at startup.
    • @yearly or @annually: Run once a year, “0 0 1 1 *”.
    • @monthly: Run once a month, “0 0 1 * *”.
    • @weekly: Run once a week, “0 0 * * 0”.
    • @daily: Run once a day, “0 0 * * *”.
    • @hourly: Run once an hour, “0 * * * *”.

    Common Examples:

    • Backup Every Day at Midnight:
      0 0 * * * /path/to/backup/script.sh
    • Run a PHP Script Every Hour:
      0 * * * * /usr/bin/php /path/to/your/script.php

    Tips:

    • Environment Variables: Cron jobs run in a minimal environment, so you might need to define environment variables that your task requires.
    • Output Handling: By default, cron sends the output of the job to the user’s mail (local mail, not internet email). You can redirect the output to a file or to /dev/null if you don’t need it.
    • Logging: To log the output of a cron job, redirect the output to a file:
      * * * * * command-to-execute >> /path/to/logfile 2>&1
    • Script Permissions: Ensure that any scripts you’re calling are executable and have the appropriate permissions.

    Cron jobs are particularly useful for automating routine tasks like backups, system updates, or periodic cleanup of temporary files.

  • PDF to HTML

    PDF to HTML

    WSL, Ubuntu 20.05, command line, for “PDF to HTML.” Step by step.

    Here are the short instructions to convert a PDF to HTML using WSL with Ubuntu 20.04:

    1. Install WSL with Ubuntu 20.04.
    2. Launch the Ubuntu terminal.
    3. Update Ubuntu: sudo apt update && sudo apt upgrade -y.
    4. Install Poppler: sudo apt install -y poppler-utils.
    5. Convert PDF to HTML using:
      pdftohtml -s <input_file>.pdf <output_file>.html
    6. Access the converted HTML file in the same directory.

    That’s it!