How to Skip WHM Initial Setup Wizard When Stuck After Upcp

If you have recently ran upcp and the WHM initial setup wizard is stuck in a URL like the following:

https://yourhostname.com:2087/cpsess*****/scripts/initial_setup_wizard1

And can not get away with it, here is the easy way to do it. Basically each setup wizard has a skip button and the button goes to initial_setup_wizard1_do, so only adding the _do at the of your initial_setup_wizard1 should do the job, like the following:

https://yourhostname.com:2087/cpsess*****/scripts/initial_setup_wizard1_do/

This should take you to the WHM home by letting you save some of the new WHM features and will not ask again for initial setups.

How To Renew & Deploy Let’s Encrypt SSL on Zimbra Server – 2020

Ok, there is a reason to put 2020 on the title. Because the process has changed since past. At this moment, I manage a Zimbra server with multiple domains in it, which won’t deploy the ‘other’ domains if not specified. The process is fairly simple, but I am keeping this as a documentation purpose, so that I don’t miss next time.

To renew the certificate for attached domains using certbot is fairly simple, just do:

# certbot renew

Once done, you you want to use the pre-hook and deploy-hook to do the patching and deploying as following using certbot_zimbra.sh

# certbot_zimbra.sh -p
# certbot_zimbra.sh -r -d 'your_domain'

Updated, certbot_zimbra doesn’t take this. ‘-n’ used to be taken as new and ‘-r’ for replacing, now, ‘-r’ is removed. Instead you can use ‘-e’ to specify new domains. So the command for replacement and deployment would be fairly simple as following:

# certbot_zimbra.sh -p
# certbot_zimbra.sh -d -e 'mail.yourdomain.com'
# certbot_zimbra.sh -d -e 'mailapp.yourdomain.com'


… and so on. At this moment, I couldn’t find a way to advise zimbra certbot to follow a list of domains instead of one. But this is probably possible by cracking the certbot.

Quick Tips: An error occurred. Your account may be over its quota or you attempted to upload a folder – Cpanel

An error occurred. Your account may be over its quota or you attempted to
upload a folder.

The error is very obvious. It means the account is over the quota. But what if it isn’t? This error is generic, cpanel throws this, whenever it fails to upload the file, regardless of what error it returns. There is a possibility that your IDS (Intrusion detection system) is discarding the upload, so double checking the IDS log should help you to conclude that. But what if, that is also not the case?

Ok, that can actually still happen. It happens when the customer uses cloudflare and uses cloudflare to login to the cpanel using cpanel proxy and then use it to upload the file. Cloudflare sees the upload going through web and blocks it. So, just double check the domain he uses to login to the cpanel, and check whether it uses some kind of 3rd party web application firewall loaded application or not like Cloudflare. If it does, that could be the case!

How to setup Postfix relay with authentication in CentOS 7

To configure postfix to relay mail using another MTA, you may do the following steps:

postconf -e 'relayhost = smtp.to.relay.com'
postconf -e 'smtp_sasl_auth_enable = yes'
postconf -e 'smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd'
postconf -e 'smtp_sasl_security_options='

Replace smtp.to.relay.com with the original MTA hostname that you going to use for relaying. Now, create the sasl_passwd file in /etc/postfix with the following inside:

smtp.to.relay.com smtp_username:smtp_password

Now, use postmap to generate postfix hash db:

postmap /etc/postfix/sasl_passwd

You can verify if it’s working with the following:

postmap -q smtp.to.relay.com /etc/postfix/sasl_passwd

This will return the username and password for your smtp relay host.

Now all you need to do is to restart the postfix

service postfix restart

How to Stop Redirecting All Traffic Trough OpenVPN

There are cases, where you might want to use OpenVPN to redirect only a fraction of traffic, but not all. By default, after you connect to OpenVPN, server would push the call 'redirect-gateway' to the client to make the client divert all the traffic through tun network.

This behavior can be override with the following command line argument:

--pull-filter ignore redirect-gateway

You can add it in the openvpn command line as following:

openvpn --pull-filter ignore redirect-gateway --config "your_file.ovpn"

Once this is done, remember that, you have to route the targetted traffic using either the route command or 'ip route' command, otherwise no traffic will route through your openvpn tunnel network.

How to Save OpenVPN Username & Password

If you are using OpenVPN in a Linux platform through command line, it is always handy to be able to save the authentication information in a file and let openvpn use them. There are two ways you can do it.

First Method

First save the password in a file e.g auth.txt with two lines:

username
password

First line is for username and the second line is for password.

If you are using .ovpn files for configuration, open the .ovpn file and simply add the following:

auth-user-pass auth.txt

Now, your authentication would use the authentication given in that file

Second Method

You may add the auth-user-pass in the openvpn command line argument, but you have to make sure, this is passed after the --config. Here is an example

openvpn --config "your_file.ovpn" --auth-user-pass "auth.txt"

That should be enough.

Troubleshoot: -bash: fuser: command not found

If you are trying to use a command, fuser, that is used to identify process using lock file or socket file, and having the following error:

-bash: fuser: command not found

that means, your system doesn’t have the psmisc package installed. Usually, killall, fuser type of commands are under this package. CentOS 7 sometimes, do not install the package by default. To install it, run the following:

yum install psmisc -y

Once done, you should be able to use fuser command.

How To: Use SSH Password in a Script

You can obviously use RSA public/private keypair to access servers without password, although, sometimes, it may be desirable to use ssh password on a command line and run a remote command on another server. This can be done using a tool called ‘sshpass’. You can create a simple bash script using sshpass, that can help you monitor and control multiple servers from a single location.

How to use ssh password in script

First install sshpass:

# yum install sshpass -y

Once done, you can use sshpass command as following:

# sshpass -p "SSH_Password" ssh -o StrictHostKeyChecking=no SSH_Username@remote-ssh-server "yourcommand"

Just replace, the password, username, remote-ssh-server and your command with your desired setup, and viola!

Note: If yum says, the following:

No package sshpass* available.

then you would need to install epel repository to install sshpass. To install epel, run the following:

# yum install epel* -y

Programming: How To Check if an IP is Available or Not in Bash

How To Check if an IP is Available or Not in Bash

A quick trick I use is ‘ping’ command. PING will return 0 on success and 1 or above on failure while using it with -c 1 (Means only one ICMP packet). That makes it useful to use with a if condition shell code as following:

if ping -c 1 -w 5 192.168.2.1 >/dev/null
then
echo "IP Available"
else
echo "IP Not Available"

Programming: How to Check If A File Exists or Not in Bash Script

How to Check If A File Exists or Not in Bash Script

You can use if condition in bash script to do that. If conditions takes ‘-f’ to test if a file exists or not. Syntax would be the following:

$FILE = $1
if [ -f $FILE ]; then
echo "File Exists"
else
echo "File Do Not Exist"
endif

Now, if your script only demands to check if the file do not exist, you can use a unary operator for negate the boolean value as following:

$FILE = $1
if[ ! -f $FILE ]; then
echo "File Do Not Exist"
endif