EasyEngine: WordPress made easy

So, newbies out there, for those that have a root server access or VPS, and you want to create a blog. There is a tool called EasyEngine that could help you (automate) setup Nginx (not Apache), PHP (or PHP7/HHVM), MariaDB/MySQL database, Postfix mail transfer agent, WordPress, WP Super Cache (or W3 Total Cache, Nginx Cache, WP Redis) on Ubuntu or Debian operating system.

There's a lot more it can offer:

• WP-CLI: Command line interface for WordPress
• Redis: in-memory database
• Adminer: single php file database (not just MySQL) manager (formerly called PhpMinAdmin)
• PhpRedisAdmin: Redis web manager 
• phpMemcachedAdmin
• FastCGI cleanup script
• OPcache: precompile php into in-memory bytecode
• Webgrind: XDebug frontend
• Anemometer: MySql slow query analyser
• RoundCube: webmail software
• Amavis: mail virus scanner
• SpamAssassin: mail spam filter
• ClamAV: antivirus

How to install EasyEngine?

wget -qO ee rt.cx/ee && sudo bash ee

What's we must use this? it saves time (automated install, automatic update), best practice (Nginx instead of Apache, HHVM/PHP7 instead of PHP5, caching), configuration backup (using Git)

For more information you can visit their website https://easyengine.io/

But wait kiz, you hate PHP right? why you endorse this?
at least this IS far better than poor performance/neglected/insecure/lousy crap configuration/choice that I always see in the past.

Moving PostgreSQL Database to RAM

If you are software developer, sometimes you need to test your program faster. Normally the bottleneck of your program are in the database (writing to disk). You can increase the performance of your development/testing, by moving the database to the RAM if you have enough free RAM (>3GB). In this article, I will guide you to move your PostgreSQL database to RAM. First of all, you'll need to stop and disable the PostgreSQL, so the port won't conflict:

sudo systemctl stop postgresql
sudo systemctl disable postgresql

As we already know, /tmp folder on Linux mostly use tmpfs, that is a RAM file system. So if we create the database on the /tmp directory, it's on the RAM. What you'll need to do is create a script containing something like this:

#!/usr/bin/env bash
sudo killall postgres
# init directories
src=/tmp/data
sudo rm -rf $src
mkdir -p $src
sudo chown postgres:postgres $src
sudo su - postgres <<EOF
initdb --locale en_CA.UTF-8 -E UTF8 -D '/tmp/data'
sed -i -- 's/max_connections = 100/max_connections = 1024/' /tmp/data/postgresql.conf
sed -i -- 's/#logging_collector = off/logging_collector = on/' /tmp/data/postgresql.conf
sed -i -- "s/#log_directory = 'pg_log'/log_directory = '\/tmp'/" /tmp/data/postgresql.conf
sed -i -- "s/#log_file_mode = 0600/log_file_mode = 0644/" /tmp/data/postgresql.conf
sed -i -- "s/#log_min_duration_statement = -1/log_min_duration_statement = 0/" /tmp/data/postgresql.conf
sed -i -- "s/#log_error_verbosity = default/log_error_verbosity = verbose/" /tmp/data/postgresql.conf
sed -i -- "s/#log_statement = 'none'/log_statement = 'all'/" /tmp/data/postgresql.conf
# sed -i -- "s///" /tmp/data/postgresql.conf
postgres -D /tmp/data &
echo sleep 2 seconds..
sleep 2
createuser xxx
createdb xxx
psql -c 'GRANT ALL PRIVILEGES ON DATABASE xxx TO xxx;'
echo you can restore database now..
EOF

This script will erase all your database and create a new empty database on the RAM, that you can restore into later. This script will also create a log file that shows all queries that could help on the softwade development process. Lastly, to measure your PostgreSQL's data directory size in MB you can type this command:

$ sudo du -s -B 1M /tmp/data/
336     /tmp/data/

That's it, as a measurement, to restore a 137 MB database (about 300k records) in my PC normally it took about 17 seconds, when the database moved to RAM, it only took 5 seconds, so yes, it's a huge improvement.

How to share WiFi over LAN on Linux

Sometimes we need to share our wireless connection to LAN or vice-versa, the simplest way to do that is using NAT (and dnsmasq - a DHCP server and DNS proxy). First thing you need to do is check your server/sharer's network interfaces, for example:

$ ifconfig -a
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.0.1  netmask 255.0.0.0  broadcast 10.255.255.255
        inet6 fe80::d63d:7e3f:fe3f:497a  prefixlen 64  scopeid 0x20<link>
        ether d4:3d:7e:9f:49:7a  txqueuelen 1000  (Ethernet)
        RX packets 2149  bytes 214913 (209.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 256  bytes 20714 (20.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 9344  bytes 840957 (821.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9344  bytes 840957 (821.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.100  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe30::e33e:27ff:fe3d:9533  prefixlen 64  scopeid 0x20<link>
        ether e8:de:27:7d:95:3f  txqueuelen 1000  (Ethernet)
        RX packets 877461  bytes 1171868706 (1.0 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 790957  bytes 82979794 (79.1 MiB)

        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

That command will show you all network interface that available on your PC. The most important thing is to understand which interface that used to connect to the internet, and which one that connect locally. In this example, the wlp2s0 is the one that used to connect to the internet, and enp1s0 is the one that used to connect locally (10.0.0.1). The next part is enable your NAT using these commands:

sudo iptables -t nat -A POSTROUTING -o wlp2s0 -j MASQUERADE
sudo iptables -A FORWARD -i enp1s0 -j ACCEPT
sudo iptables -n -L
sudo su - -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

The last part is configure your dnsmasq, just give some address on your /etc/dnsmasq.conf, for example:

port=53
dhcp-range=10.0.0.2,10.0.0.10,24h

And then restart your dnsmasq using this command:

sudo systemctl enable dnsmasq

sudo systemctl restart dnsmasq

On the client (the other computer that need to connect to the internet through previous computer), just enable the DHCP client, for example, on archlinux, use this command:

sudo systemctl enable dhcpcd@enp2s0
sudo systemctl start dhcpcd@enp2s0

where the enp2s0 is your network interface that will be used. If it's not already set, configure your DNS and default gateway using this command:

sudo route add default gw 10.0.0.1 dev enp2s0
echo nameserver 10.0.0.1 > /etc/resolv.conf

where the 10.0.0.1 is the gateway server's IP. That's all you'll need to share your wifi connection on Linux.

When there are trouble, please make sure:

1. is the server connected to the internet? (traceroute or ping 8.8.8.8 or internet gateway), check the cable, access point or your router
2. is the server could resolve correctly? (dig google.com), check /etc/resolv.conf if it's configured correctly
3. is the client get correct IP? (ifconfig), check the dhcpcd and dnsmasq's DHCP configuration
4. is the client could connect to the server? (ping 10.0.0.1), check your cable. is the interface enabled
5. is the client could connect to the internet? (traceroute or ping 8.8.8.8), check the iptables (NAT command)
6. is the client could resolve correctly? (dig google.com), check the dnsmasq configuration

That's all for now.

My ArchLinux's ~/.bashrc

Usually after installing new PC with ArchLinux or Manjaro, I always replace ~/.bashrc with my own version, something like this (just some part of it, I use this on servers):

[ -z "$PS1" ] && return
HISTCONTROL=ignoreboth
shopt -s histappend
HISTSIZE=1000
HISTFILESIZE=2000
shopt -s checkwinsize

PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;33m\]\t\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]$ '
alias pullpush='git pull && git push origin master'
alias pacInstall='yaourt --needed --noconfirm -S --force'
alias pacManualInstall='yaourt --needed -S'
alias pacFileInstall='sudo pacman -U'
alias pacReinstall='sudo pacman -S'
alias pacDownloadOnly='yaourt --needed --noconfirm -Syuw'
alias pacUpdate='yaourt --needed --noconfirm -Syu'alias pacUpdateAur='yaourt --needed --noconfirm -Syu --aur'
alias pacPurge='yaourt -R'
alias pacPurgeSingle='sudo pacman -Rdd'
alias pacList='pacman -Q'
alias pacListFiles='pacman -Ql'
alias pacShow='pacman -Si'
alias pacMirrors='sudo pacman-mirrors -d /etc/pacman.d/mirrors/ -o /etc/pacman.d/mirrorlist -m rank -g'
alias pacMirrorsUpgrade='sudo pacman-mirrors -g && sudo pacman -Syyuu'
alias pacBelongs='pacman -Qo'
alias pacUnlock='sudo rm /var/lib/pacman/db.lck'
alias scp='rsync -avzP'
alias mv_rsync='rsync -avl --remove-source-files --progress'
alias cp_rsync='rsync -arvl –progress'
alias ls='ls --color=auto'
alias dir='dir --color=auto'
alias vdir='vdir --color=auto'
alias grep='grep --color=auto'
alias fgrep='fgrep --color=auto'
alias egrep='egrep --color=auto'
alias ll='ls -alF'
alias la='ls -A'
alias l='ls -CF'
if [ -f ~/.bash_aliases ]; then
    . ~/.bash_aliases
fi
export TERM=xterm-256color
export EDITOR=/usr/bin/vim
export PAGER=/usr/bin/most

But of course, make sure that your /etc/pacman.conf already has these lines:

[core]
Include = /etc/pacman.d/mirrorlist

[extra]
Include = /etc/pacman.d/mirrorlist

[community]
Include = /etc/pacman.d/mirrorlist

[multilib]
Include = /etc/pacman.d/mirrorlist

[archlinuxfr]
SigLevel = Never
Server = http://repo.archlinux.fr/$arch

and you'll need to restart bash, update the repository then install certain dependencies:

sudo pacman -Syu
sudo pacman -Sy yaourt 
pacInstall most vim rsync git

That's it, now your bash has been supercharged :3

Monitorix: System Resource Monitoring for Linux

Monitorix is a daemon that enables you to monitor your Linux server/system resources. It has built-in web server, and developed using Perl. To install the daemon on ArchLinux, use this command:

yaourt --needed --noconfirm -S --force monitorix
sudo systemctl enable monitorix
sudo systemctl start monitorix

The configuration file can be found on /etc/monitorix/monitorix.conf, for example you can enable the built-in webserver and change the port, change the network interface's to be monitored or enable and disable sensors, just find the key and change it, for example:

<httpd_builtin>
  enabled = y
  host = 127.0.0.1
  port = 8081
  user = nobody
  group = nobody
  log_file = /var/log/monitorix-httpd
  hosts_deny =
  hosts_allow =
  <auth>
    enabled = y
    msg = Monitorix: Restricted access
    htpasswd = /var/lib/monitorix/htpasswd
  </auth>
</httpd_builtin>

<graph_enable>
  system  = y
  proc    = y
  fs  = y
  net  = y
  user  = y
  netstat = y
</graph_enable>

<net>
  list = enp2s0, wlp3s0
  <desc>
  enp2s0 = Gigabit LAN, 0, 10000000000
  wlp3s0 = Wireless LAN, 0, 100000000
  </desc>
  gateway = enp2s0
</net>


After changing the configuration file, you  may want to create a password so no other user can see the web, for example to create a new user named test with password youMayNotKnow:

sudo htpasswd -bcd /var/lib/monitorix/htpasswd test youMayNotKnow

after that, don't forget to restart the service:

sudo systemctl restart monitorix

Then you can see the result by visiting http://127.0.0.1:8081/monitorix.

Docker: The Software Container

Docker is operating system-level virtualization, software container that enables sysadmin or software developer to deploy an isolated distributed Linux application almost anywhere without any hypervisor (but both can be combined). Docker is more resource friendly (efficient) than any hardware virtualization solutions, faster startup-shutdown time, and lower hardware requirement (it works as long as you have Linux kernel that support LXC). Docker can run on Mac OS X and Windows via boot2docker (or with Vagrant or any virtualization software). To install it on ArchLinux, type:

# install stable version
$ yaourt --needed --noconfirm -S --force docker

# or latest git version
$ yaourt --needed --noconfirm -S --force docker-git

# start and enable the service
$ sudo systemctl enable docker
$ sudo systemctl start docker

# allow your user to access docker, refresh session
$ sudo gpasswd -a `whoami` docker
$ newgrp docker

# show information
$ docker info
Containers: 0
Images: 0
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Backing Filesystem: extfs
 Dirs: 0
Execution Driver: native-0.2
Kernel Version: 3.18.7-1-ARCH
Operating System: ArchLinux
CPUs: 4
Total Memory: 15.49 GiB
Name: zzz
ID: 5SDJ:LPNU:UAR4:ULRJ:REZF:4V3W:6ES6:KJTW:DETH:765Y:XP4I:IZZZ

WARNING: No swap limit support

The docker service will create a network bridge interface (mostly docker0). You can use your own base image or download pre-built one. Make sure you have a lot disk space on your /var/lib/docker directory since docker store the images there. To create an ArchLinux base image, use any of these repositories, for example:

$ docker pull l3iggs/archlinux
$ docker pull kampka/archlinux

$ docker pull codekoala/arch

$ docker pull logankoester/archlinux 
Pulling repository logankoester/archlinux
88d601db3077: Download complete 
511136ea3c5a: Download complete 
9b0516337e5a: Download complete 
dce0559daa1b: Download complete 
ff4d9d90bf08: Download complete 
7207641fe7f8: Download complete 
Status: Downloaded newer image for logankoester/archlinux:latest

To list all docker images, type docker images, find the image's REPOSITORY or IMAGE ID, then you can run any command on that docker using docker run for example:

$ docker run 88d601db3077 ls -al
...

$ docker run -t -i logankoester/archlinux /bin/bash
exit

$ docker run logankoester/archlinux pacman -Rdd --noconfirm dirmngr

Packages (1): dirmngr-1.1.1-2

Total Removed Size:   0.49 MiB

:: Do you want to remove these packages? [Y/n] 

removing dirmngr...

$ docker run logankoester/archlinux pacman -Syu --noconfirm
:: Synchronizing package databases...
downloading core.db...
downloading extra.db...
downloading community.db...
:: Starting full system upgrade...
:: Replace dirmngr with core/gnupg? [Y/n] 
:: Replace lzo2 with core/lzo? [Y/n] 
resolving dependencies...
looking for inter-conflicts...

Packages (77): archlinux-keyring-20150212-1  bash-4.3.033-1  ca-certificates-20140923-9  ca-certificates-cacert-20140824-2  ca-certificates-mozilla-3.17.4-1  ca-certificates-utils-20140923-9  coreutils-8.23-1  cracklib-2.9.1-1  curl-7.40.0-1  db-5.3.28-2  dbus-1.8.16-2  device-mapper-2.02.116-1  dhcpcd-6.7.1-1  dirmngr-1.1.1-2 [removal]  e2fsprogs-1.42.12-1  expat-2.1.0-4  file-5.22-1  filesystem-2015.02-1  gcc-libs-4.9.2-3  gettext-0.19.4-1  glib2-2.42.1-1  glibc-2.21-2  gmp-6.0.0-2  gnupg-2.1.2-1  gnutls-3.3.12-1  gpgme-1.5.3-1  grep-2.21-1  hwids-20150129-1  inetutils-1.9.2-2  iproute2-3.18.0-1  kbd-2.0.2-1  kmod-19-1  krb5-1.13.1-1  less-471-1  libarchive-3.1.2-8  libassuan-2.1.3-1  libcap-2.24-2  libdbus-1.8.16-2  libffi-3.2.1-1  libgcrypt-1.6.2-1  libgpg-error-1.18-1  libidn-1.29-1  libksba-1.3.2-1  libldap-2.4.40-2  libsystemd-218-2  libtasn1-4.2-1  libtirpc-0.2.5-1  libunistring-0.9.4-1  libutil-linux-2.25.2-1  linux-api-headers-3.18.5-1  logrotate-3.8.8-2  lz4-127-1  lzo-2.09-1  lzo2-2.08-1 [removal]  mpfr-3.1.2.p11-1  ncurses-5.9-7  netctl-1.10-1  nettle-2.7.1-1  npth-1.1-1  openresolv-3.6.1-1  openssl-1.0.2-1  p11-kit-0.22.1-3  pacman-4.2.1-1  pacman-mirrorlist-20150205-1  pcre-8.36-2  perl-5.20.2-1  pinentry-0.9.0-1  procps-ng-3.3.10-1  shadow-4.2.1-2  systemd-218-2  systemd-sysvcompat-218-2  tar-1.28-1  texinfo-5.2-3  tzdata-2015a-1  usbutils-008-1  util-linux-2.25.2-1  xz-5.2.0-1

Total Download Size:    62.40 MiB
Total Installed Size:   264.78 MiB
Net Upgrade Size:       26.52 MiB


:: Proceed with installation? [Y/n] 

:: Retrieving packages ...
...

The previous changes of each run is not saved until you call docker commit, find out the last run ID first before committing:

$ docker ps -l 
CONTAINER ID        IMAGE                           COMMAND                CREATED             STATUS                     PORTS               NAMES
6d67ee44e7f5        logankoester/archlinux:latest   "pacman -Syu --nocon   11 minutes ago      Exited (0) 2 minutes ago                       stoic_meitner 

# docker commit ID your_username/your_repository
$ docker commit 6d67ee44e7f5 kokizzu/archlinux
5ab1562ea89959c54b8da4462abf086c91434524ae741769dab869b8263d7c1b

To check more information about current dock, use docker inspect followed by image ID:

$ docker images 
REPOSITORY               TAG                 IMAGE ID            CREATED             VIRTUAL SIZE
kokizzu/archlinux        latest              5ab1562ea899        28 seconds ago      640.6 MB
logankoester/archlinux   latest              88d601db3077        24 hours ago        282.9 MB
...

# docker inspect ID
$ docker inspect 5ab1562ea899


After you verify that your image is working, you can share it to others (create a repository first on your dashboard), for example:

# docker push ID your_username/your_repository

You can find more information on the cheatsheet and the documentation, and if you're tempted to install sshd read this first.

How to prevent your Linux hangs when out of memory (OOM)

Sometimes when a software overusing our RAM, the Linux User Interface starts to lag and hangs (even when oom_kill_allocating_task enabled, and even when we're already using swapfile. This tutorial will let your ArchLinux automatically kill software with highest memory usage using a program named earlyoom. To install it, just type:

yaourt --needed --noconfirm -S --force earlyoom-git
sudo cp /usr/bin/earlyoom /usr/local/bin/
sudo systemctl enable earlyoom
sudo systemctl start earlyoom

Now try to compile and run this program:

echo '
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int main(int argc, char** argv) {
    int max = -1;
    int mb = 0;
    char* buffer;
    if(argc > 1) max = atoi(argv[1]);
    while((buffer=malloc(1024*1024)) != NULL && mb != max) {
        memset(buffer,0,1024*1024);
        printf("Allocated %d MB\n", ++mb);
    }
    return 0;
}
' > munch.c && gcc -O2 -o munch munch.c 
./munch

It would give an output something like this:

Allocated 1 MB
Allocated 2 MB
Allocated 3 MB
...
Allocated 4367 MB
Allocated 4368 MB
Allocated 4369 MB

Killed

The program with highest memory usage now killed automatically and your system would be always responsive. To see the realtime log of service type journalctl -f -u earlyoom it would show something like this:

-- Logs begin at Mon 2014-11-03 10:54:39 WIB. --
Feb 20 13:25:25 s497 earlyoom[20041]: earlyoom v0.3-15-g528196e
Feb 20 13:25:25 s497 earlyoom[20041]: total:  7800 MiB
Feb 20 13:25:25 s497 earlyoom[20041]: min:     780 MiB
Feb 20 13:25:25 s497 earlyoom[20041]: avail:  4963 MiB
Feb 20 13:33:10 s497 earlyoom[20041]: Out of memory! avail: 519 MiB < min: 780 MiB
Feb 20 13:33:10 s497 earlyoom[20041]: Killing process 24984 (munch)

press Ctrl+C to close that command. 

How to reinstall all Linux package

Sometimes when you have a bad electricity in your company/place where you live, your computer may lose some files when blackout happened. Sometimes icons are missing or some program just stopped working. To solve this issue you may reinstall your Linux distribution or alternatively you can just reinstall whole package. In ArchLinux you can type this command to reinstall all native package:

pacman -Qnq | sudo pacman -S - 

In Ubuntu, you can type this command to find for corrupted and missing files on installed package:

sudo apt-get install --reinstall $(sudo dpkg -S $(sudo debsums -c 2>&1 | cut -d " " -f 4 | sort -u) | cut -d : -f 1 | sort -u)

Or if you want to reinstall whole package, you can follow the commands on this link. Your Linux installation now should work correctly.

How to Remotely Run Command on Windows PC from Linux

So, sometimes the server uses Windows instead of Linux or BSD, and we need to execute certain command on the server, because the web interface not suffice, for example, exporting 1.2GB of data from MySQL using PHPMyAdmin? timeout! :3
We could use a tool called winexe, to install it, type:

yaourt -S winexe

Then just execute:

winexe -U USERNAME //IPADDRESS cmd.exe

Voila~ :3

How to install Couchbase on ArchLinux

Couchbase is NoSQL database with the best performance AFAIK. To install Couchbase, we need git and repo tool, that could be installed using this command:

sudo pacman -S git libtool gcc libevent make gperftools sqlite erlangautomake autoconf make curl dmidecode
curl https://storage.googleapis.com/git-repo-downloads/repo > ~/bin/repo
chmod +x ~/bin/repo

Change first line from python to python2.7, then initialize and start fetch the Couchbase repository:

mkdir couchbase
cd couchbase
repo init -u git://github.com/couchbase/manifest.git -m released/3.0.1.xml
repo snyc

To prevent failure when building python-based programs, symlink your python to the older one:

sudo ln -sf python2.7 /usr/bin/python

Install older version of v8 (3.21.17 or less), using this command:

yaourt -S v8-3.15
V8PKG=v8-3.19.18.4-1-x86_64.pkg.tar.xz
wget http://seblu.net/a/arm/packages/v/v8/$V8PKG
sudo pacman -U $V8PKG

Then compile the Couchbase:

make

Note if this step failed clean the couchbase first using make clean, then compile the v8 on the v8 folder in the couchbase directory. If you're using latest version of GCC, remove all werror string from build/standalone.gypi and build/toolchain.gpyi file:

make dependencies
export PYTHON=python2
  find build/ test/ tools/ src/ -type f \
    -exec sed -e 's_^#!/usr/bin/env python$_&2_' \
              -e 's_^\(#!/usr/bin/python2\).[45]$_\1_' \
              -e 's_^#!/usr/bin/python$_&2_' \
              -e "s_'python'_'python2'_" -i {} \;
  sed -i 's/python /python2 /' Makefile
sed -i 's/-Werror//' build/standalone.gypi build/common.gypi
make x64.release library=shared console=readline

Alternatively use this modified PKGBUILD file:

wget http://goo.gl/miEmFt -O PKGBUILD
makepkg
sudo pacman -U v8-3.21-3.21.17-1-x86_64.pkg.tar.xz

Don't forget to increase the default number of files:

echo '
*               soft    nofile          65536
*               hard    nofile          65536
' | sudo tee -a /etc/security/limits.conf

And last, start the server:

./install/bin/couchbase-server

Then just visit the web interface to setup the cluster http://localhost:8091/

That's it, that's how you install Couchbase on ArchLinux from source.

How to Prevent ISP's DNS Poisoning

The case was, my fourth ISP redirect every DNS request to their own DNS servers, and the poison certain domain names (for example: Manga sites) to their own server (114.127.223.16). How to prevent this? first of all you'll need to install dnscrypt, this program could encrypt DNS requests, so it's become harder to poison.

pacman -Sy dnscrpyt-proxy

then you'll need to start the service:

sudo systemctl enable dnscrypt-proxy
sudo systemctl start dnscrypt-proxy

then, change your /etc/resolv.conf to localhost:

nameserver 127.0.0.1

voila, now your DNS resolving not poisoned anymore :3 yayy~

How to change resolution that doesn't exists on display settings on Linux

Sometimes we need to change the resolution of our monitor, but the resolution doesn't show up on the xfce4-display-settings, what should we do? First you'll need a terminal or command prompt, then type cvt or gtf command with your desired resolution, for example:

cvt 1920 1080 

it would show something like this:

# 1920x1080 59.96 Hz (CVT 2.07M9) hsync: 67.16 kHz; pclk: 173.00 MHz Modeline "1920x1080_60.00" 173.00 1920 2048 2248 2576 1080 1083 1088 1120 -hsync +vsync

now, you should add it using xrandr command:

xrandr --newmode "1920x1080"  173.00  1920 2048 2248 2576  1080 1083 1088 1120 -hsync +vsync

now, assign it the desired display port from the graphics card, first let see our graphic card available ports, type xrandr again without parameter, it would show something like this:

Screen 0: minimum 8 x 8, current 1600 x 1200, maximum 32767 x 32767
VGA1 connected primary 1600x1200+0+0 (normal left inverted right x axis y axis) 0mm x 0mm
   1024x768      70.07 +  85.00    75.08    60.00 
   1600x1200     60.00* 
   1280x1024     85.02    75.02 
   1440x900      59.89
   1280x960      85.00
   1280x800      59.81
   1152x864      75.00 
   1024x768      86.96 
   832x624       74.55
   800x600       85.06    72.19    75.00    60.32    56.25 
   640x480       85.01    75.00    72.81    66.67    60.00
   720x400       87.85    70.08
HDMI1 disconnected (normal left inverted right x axis y axis)
VIRTUAL1 disconnected (normal left inverted right x axis y axis)
  1920x1080 (0x2ee) 173.000MHz
    h: width  1920 start 2048 end 2248 total 2576 skew 0 clock  67.16KHz
    v: height 1080 start 1083 end 1088 total 1120 clock  59.96Hz

Now we know that we have 3 ports: VGA1, HDMI1 and VIRTUAL1, of course the current monitor was plugged into VGA1 because it shows "connected", now we could assign using this command:

xrandr --addmode VGA1 1920x1080 

and set the display resolution using this command:

xrandr --output VGA1 --mode 1920x1080

Voila, now your resolution changed!

Note: if you're using VGA Video Splitter, make sure that the monitor plugged into the first port, so it would send correct EDID.

SLock simplest screen locker ever!

SLock is the simplest screen locker ever, it works without hassle or configuration. If you havent isntall any of screensaver (gnome-screensaver, xscreensaver), you could use it as the default screensaver. B-b-b-but how to unlock the screen? there's no password box to type '____' ?

You just need to type your password (screen would change color as you type first letter) and press enter to unlock the screen.

What if I have inputted wrong password? just press backspace or enter to restart inputting the password.

How to lock the screen? just type slock on terminal or run-dialog.

Well.. that's all for now~

Where to put fonts on Linux

To install fonts on Linux (especially Arch Linux), you must copy the fonts on the ~/.local/share/fonts folder (for old distribution, use ~/.fonts directory). To view fonts, install gnome-font-viewer, that program could also be used to install fonts locally. I have selected some fonts that good for programming imho. Contact me (if you can ^^ myahahah!) if the server is down or expired, or just google for these fonts:

BPmono.ttf	BPmonoBold.ttf	BPmonoItalics.ttf	DejaVuSans-Bold.ttf	DejaVuSans-BoldOblique.ttf
DejaVuSans-ExtraLight.ttf	DejaVuSans-Oblique.ttf	DejaVuSans.ttf	DejaVuSansCondensed-Bold.ttf	DejaVuSansCondensed-BoldOblique.ttf
DejaVuSansCondensed-Oblique.ttf	DejaVuSansCondensed.ttf	DejaVuSansMono-Bold.ttf	DejaVuSansMono-BoldOblique.ttf	DejaVuSansMono-Oblique.ttf
DejaVuSansMono.ttf	DejaVuSerif-Bold.ttf	DejaVuSerif-BoldItalic.ttf	DejaVuSerif-Italic.ttf	DejaVuSerif.ttf
DejaVuSerifCondensed-Bold.ttf	DejaVuSerifCondensed-BoldItalic.ttf	DejaVuSerifCondensed-Italic.ttf	DejaVuSerifCondensed.ttf	DroidSansMono.ttf
Envy Code B 10pt.ttf	Envy Code R Bold.ttf	Envy Code R Italic.ttf	Envy Code R VS Italic-as-bold.ttf	Envy Code R VS.ttf
Envy Code R.ttf	FantasqueSansMono-Bold.ttf	FantasqueSansMono-BoldItalic.ttf	FantasqueSansMono-RegItalic.ttf	FantasqueSansMono-Regular.ttf
FiraMono-Bold.ttf	FiraMono-Medium.ttf	FiraMono-Regular.ttf	FiraSans-Bold.ttf	FiraSans-BoldItalic.ttf
FiraSans-Book.ttf	FiraSans-BookItalic.ttf	FiraSans-Eight.ttf	FiraSans-EightItalic.ttf	FiraSans-ExtraBold.ttf
FiraSans-ExtraBoldItalic.ttf	FiraSans-ExtraLight.ttf	FiraSans-ExtraLightItalic.ttf	FiraSans-Four.ttf	FiraSans-FourItalic.ttf
FiraSans-Hair.ttf	FiraSans-HairItalic.ttf	FiraSans-Heavy.ttf	FiraSans-HeavyItalic.ttf	FiraSans-Italic.ttf
FiraSans-Light.ttf	FiraSans-LightItalic.ttf	FiraSans-Medium.ttf	FiraSans-MediumItalic.ttf	FiraSans-Regular.ttf
FiraSans-SemiBold.ttf	FiraSans-SemiBoldItalic.ttf	FiraSans-Thin.ttf	FiraSans-ThinItalic.ttf	FiraSans-Two.ttf
FiraSans-TwoItalic.ttf	FiraSans-Ultra.ttf	FiraSans-UltraItalic.ttf	FiraSans-UltraLight.ttf	FiraSans-UltraLightItalic.ttf
LiberationMono-Bold.ttf	LiberationMono-BoldItalic.ttf	LiberationMono-Italic.ttf	LiberationMono-Regular.ttf	LiberationSans-Bold.ttf
LiberationSans-BoldItalic.ttf	LiberationSans-Italic.ttf	LiberationSans-Regular.ttf	LiberationSerif-Bold.ttf	LiberationSerif-BoldItalic.ttf
LiberationSerif-Italic.ttf	LiberationSerif-Regular.ttf	MesloLGLDZ-Bold.ttf	MesloLGLDZ-BoldItalic.ttf	MesloLGLDZ-Italic.ttf
MesloLGLDZ-Regular.ttf	MesloLGMDZ-Bold.ttf	MesloLGMDZ-BoldItalic.ttf	MesloLGMDZ-Italic.ttf	MesloLGMDZ-Regular.ttf
MesloLGSDZ-Bold.ttf	MesloLGSDZ-BoldItalic.ttf	MesloLGSDZ-Italic.ttf	MesloLGSDZ-Regular.ttf	Monaco.ttf
PTM55F.ttf	PTM75F.ttf	VeraMono-Bold-Italic.ttf	VeraMono-Bold.ttf	VeraMono-Italic.ttf
VeraMono.ttf	drucifer_0.ttf	drucifer_i.ttf	edlo.ttf	mplus-1c-black.ttf
mplus-1c-bold.ttf	mplus-1c-heavy.ttf	mplus-1c-light.ttf	mplus-1c-medium.ttf	mplus-1c-regular.ttf
mplus-1c-thin.ttf	mplus-1m-bold.ttf	mplus-1m-light.ttf	mplus-1m-medium.ttf	mplus-1m-regular.ttf
mplus-1m-thin.ttf	mplus-1mn-bold.ttf	mplus-1mn-light.ttf	mplus-1mn-medium.ttf	mplus-1mn-regular.ttf
mplus-1mn-thin.ttf	mplus-1p-black.ttf	mplus-1p-bold.ttf	mplus-1p-heavy.ttf	mplus-1p-light.ttf
mplus-1p-medium.ttf	mplus-1p-regular.ttf	mplus-1p-thin.ttf	mplus-2c-black.ttf	mplus-2c-bold.ttf
mplus-2c-heavy.ttf	mplus-2c-light.ttf	mplus-2c-medium.ttf	mplus-2c-regular.ttf	mplus-2c-thin.ttf
mplus-2m-bold.ttf	mplus-2m-light.ttf	mplus-2m-medium.ttf	mplus-2m-regular.ttf	mplus-2m-thin.ttf
mplus-2p-black.ttf	mplus-2p-bold.ttf	mplus-2p-heavy.ttf	mplus-2p-light.ttf	mplus-2p-medium.ttf
mplus-2p-regular.ttf	mplus-2p-thin.ttf

How to Install VirtualBox 4.3.14 on ArchLinux

VirtualBox is one of many virtualization software that could be run on Linux, one with slowest cpu performance according to this article. Installing VirtualBox is quite simple, but to make it run you must also install certain package. To install VirtualBox, type:

yaourt --needed --noconfirm -S --force virtualbox virtualbox-host-modules linux-headers

To make it able to run, you must create the kernel module first, the easiest way is using dkms:

sudo dkms autoinstall

or

sudo dkms vboxhost/4.3.14

then enable it using:

sudo modprobe vboxdrv

Now you can start and run VirtualBox images without error.
if you want to auto-recompile when installing new kernel, use this command:

sudo systemctl enable dkms

Which program that uses the bandwidth the most?

So, my boarding house internet connection has been down for 4 days now, and I decided to find alternate internet connection. On Indonesia it's really hard to find mobile internet provider that has unlimited bandwidth without FUP. I decided to use one with limited quota (8GB/month) T__T seriously.. 8GB it's my daily usage, not monthly. So I buy a router with modem support (TP-Link Wireless N Router TL-MR3420) a modem (Huawei E173) and GSM card for internet (Three). Long story short, I want to know which program that uses so much bandwidth since the beginning, so I install nethogs). That program should be used as root, and the first argument is default to eth0. Nethogs will show the list of process that uses most bandwith.

How to setup SSH Tunneling (SOCKS) Proxy

Sometimes we need to connect to some site via a very secure way without our nearby computers able to see (or sniff) which sites we are visiting, or to prevent any blocking from our LAN's firewall. One easy solution to solve this, but you'll need a VPS (Virtual Private Server) with public IP address of course, all you have to do is start a SSH connection to your VPS, for example:

sudo ssh -D my_local_port my_vps_user@my_vps_public_ip

for example:

ssh -D 8081 aurora@w.x.y.z

Then, setup your browser to use SOCKS to localhost:my_local_port, for example:

Voila, now everything that you browse will encrypted through to w.x.y.z.

Tracking or auditing Linux configuration changes

As a paranoid user, we sometimes want to know what configuration changed since we install something or upgrading using apt-get upgrade or pacman -Syu. We can use git to track changes in our filesystem, for example:

cd /
sudo git init .

create .gitignore file containing, for example:

/bin
/boot
/dev
/lib
/lib64
/media
/proc
/root
/run
/sbin
/sys
/tmp
/usr
/opt
/var
/etc/ld.so.cache
/home/whoami/.cache/home/whoami/.xsession-errors
/home/whoami/.viminfo
/home/whoami/.bash_history
/home/whoami/.wine
/home/whoami/.config/pulse
/home/whoami/.gstreamer-0.10
/home/whoami/.local/share/recently-used.xbel
/home/whoami/.local/share/gvfs-metadata

and then just add it to our repository:

git add .
git commit -m 'initial filesystem'

After that, just run the package manager's upgrade system command. When there are changes, we could see which files/folders that changed, by typing:

git status




And see the changes for one file:

git diff /path/to/file



This trick also can be used to track history or backup your system's configuration, just use private repository on bitbucket.