Difference between revisions of "SchoolOnffLine: Instalasi Beberapa Batch File Bermanfaat"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
(8 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
apt-get install debmirror | apt-get install debmirror | ||
+ | mkdir /var/data | ||
mkdir /var/data/mirrorkeyring | mkdir /var/data/mirrorkeyring | ||
gpg --no-default-keyring --keyring /var/data/mirrorkeyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg | gpg --no-default-keyring --keyring /var/data/mirrorkeyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg | ||
Line 9: | Line 10: | ||
## THE NEXT LINE IS NEEDED THE REST OF THE LINES STARTING WITH A # CAN BE DELETED | ## THE NEXT LINE IS NEEDED THE REST OF THE LINES STARTING WITH A # CAN BE DELETED | ||
− | #!/bin/bash | + | #!/bin/bash |
## Setting variables with explanations. | ## Setting variables with explanations. | ||
Line 16: | Line 17: | ||
# Don't touch the user's keyring, have our own instead | # Don't touch the user's keyring, have our own instead | ||
# | # | ||
− | export GNUPGHOME=/var/data/mirrorkeyring | + | export GNUPGHOME=/var/data/mirrorkeyring |
# Arch= -a # Architecture. For Ubuntu can be i386, powerpc or amd64. | # Arch= -a # Architecture. For Ubuntu can be i386, powerpc or amd64. | ||
Line 24: | Line 25: | ||
# Minimum Ubuntu system requires main, restricted | # Minimum Ubuntu system requires main, restricted | ||
− | # Section= -s # Section (One of the following - main/restricted/universe/multiverse). | + | # Section= -s # Section (One of the following - main/restricted/universe/multiverse) . |
− | # You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian-installer,restricted/debian-installer | + | # You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian- installer,restricted/debian-installer |
# | # | ||
section=main,restricted,universe,multiverse | section=main,restricted,universe,multiverse | ||
− | # Release= -d # Release of the system (Dapper, Edgy, Feisty, Gutsy, Hardy, Intrepid), and the -updates | + | # Release= -d # Release of the system (Dapper, Edgy, Feisty, Gutsy, Hardy, Intrepid), and the -updates and -security ( -backports can be added if desired) |
# | # | ||
# release=jaunty,jaunty-security,jaunty-updates | # release=jaunty,jaunty-security,jaunty-updates | ||
# release=karmic | # release=karmic | ||
# release=karmic,karmic-security,karmic-updates | # release=karmic,karmic-security,karmic-updates | ||
− | release=karmic,karmic-security,karmic-updates,karmic-backports,karmic-proposed | + | # release=karmic,karmic-security,karmic-updates,karmic-backports,karmic-proposed |
+ | # release=lucid,lucid-security,lucid-updates,lucid-backports,lucid-proposed | ||
+ | release=maverick,maverick-security,maverick-updates,maverick-backports,maverick-proposed | ||
+ | # release=natty,natty-backports,natty-proposed,natty-security,natty-updates | ||
# Server= -h # Server name, minus the protocol and the path at the end | # Server= -h # Server name, minus the protocol and the path at the end | ||
Line 42: | Line 46: | ||
# server=opensource.telkomspeedy.com:5432 | # server=opensource.telkomspeedy.com:5432 | ||
# server=dl2.foss-id.web.id | # server=dl2.foss-id.web.id | ||
− | server=125.160.17.22 | + | # server=125.160.17.22 |
+ | # server=192.168.0.2 | ||
+ | # server=kambing.ui.edu | ||
+ | server=152.118.24.30 | ||
# Dir= -r # Path from the main server, so http://my.web.server/$dir, Server dependant | # Dir= -r # Path from the main server, so http://my.web.server/$dir, Server dependant | ||
Line 56: | Line 63: | ||
# Make this a full path to where you want to mirror the material. | # Make this a full path to where you want to mirror the material. | ||
# | # | ||
− | outPath=/var/ | + | outPath=/var/data/repo |
# The --nosource option only downloads debs and not deb-src's | # The --nosource option only downloads debs and not deb-src's | ||
# The --progress option shows files as they are downloaded | # The --progress option shows files as they are downloaded | ||
# --source \ in the place of --no-source \ if you want sources also. | # --source \ in the place of --no-source \ if you want sources also. | ||
− | # --nocleanup Do not clean up the local mirror after mirroring is complete. Use this option to keep older | + | # --nocleanup Do not clean up the local mirror after mirroring is complete. Use this option to keep older repository |
# Start script | # Start script | ||
# | # | ||
Line 74: | Line 81: | ||
$outPath | $outPath | ||
− | #### End script to automate building of Ubuntu mirror | + | #### End script to automate building of Ubuntu mirror ### |
==updatewiki.sh== | ==updatewiki.sh== | ||
Line 91: | Line 98: | ||
cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/ | cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/ | ||
chown -Rf www-data.www-data /var/www/wiki | chown -Rf www-data.www-data /var/www/wiki | ||
− | / | + | service mysql stop |
+ | service mysql start | ||
+ | mysqladmin --user=root --password=123456 --force drop mediawiki | ||
+ | mysqladmin --user=root --password=123456 create mediawiki | ||
+ | mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql | ||
+ | mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql | ||
+ | service mysql stop | ||
+ | service mysql start | ||
+ | cd /var/www/wiki/maintenance | ||
+ | php update.php | ||
+ | service mysql stop | ||
+ | service mysql start | ||
+ | chown -Rf nobody.nogroup /var/data & | ||
+ | chmod -Rf 777 /var/data & | ||
+ | |||
+ | ==updatewikidb.sh== | ||
+ | |||
+ | vi /usr/local/bin/updatewikisb.sh | ||
+ | |||
+ | rm -Rf /usr/local/src/var | ||
+ | rm -Rf /usr/local/src/wikidb* | ||
+ | cp -Rf /var/data/library/datawiki/* /usr/local/src | ||
+ | cd /usr/local/src | ||
+ | tar zxvf images.tar.gz | ||
+ | gunzip wikidb.sql.gz | ||
+ | cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/ | ||
+ | chown -Rf www-data.www-data /var/www/wiki | ||
+ | service mysql stop | ||
+ | service mysql start | ||
mysqladmin --user=root --password=123456 --force drop mediawiki | mysqladmin --user=root --password=123456 --force drop mediawiki | ||
mysqladmin --user=root --password=123456 create mediawiki | mysqladmin --user=root --password=123456 create mediawiki | ||
mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql | mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql | ||
mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql | mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql | ||
− | + | service mysql stop | |
+ | service mysql start | ||
cd /var/www/wiki/maintenance | cd /var/www/wiki/maintenance | ||
php update.php | php update.php | ||
− | + | service mysql stop | |
+ | service mysql start | ||
chown -Rf nobody.nogroup /var/data & | chown -Rf nobody.nogroup /var/data & | ||
chmod -Rf 777 /var/data & | chmod -Rf 777 /var/data & | ||
+ | |||
==nobody.sh== | ==nobody.sh== | ||
Line 155: | Line 193: | ||
/sbin/iptables -F | /sbin/iptables -F | ||
/sbin/iptables -P INPUT DROP | /sbin/iptables -P INPUT DROP | ||
− | + | # /sbin/iptables -A INPUT -p tcp -i eth0 --destination-port 25 -s ! 192.168.0.1 -j DROP | |
− | + | # /sbin/iptables -A INPUT -p tcp -i eth1 --destination-port 25 -s ! 192.168.0.1 -j DROP | |
/sbin/iptables -A INPUT -i ! ${UPLINK} -j ACCEPT | /sbin/iptables -A INPUT -i ! ${UPLINK} -j ACCEPT | ||
Line 167: | Line 205: | ||
# block bad sites | # block bad sites | ||
− | + | # /sbin/iptables -I INPUT -s 68.178.211.34 -j DROP | |
− | + | # /sbin/iptables -I INPUT -d 68.178.211.34 -j DROP | |
− | + | # /sbin/iptables -I INPUT -s 64.27.5.168 -j DROP | |
− | + | # /sbin/iptables -I INPUT -d 64.27.5.168 -j DROP | |
− | |||
− | |||
# turn off packet spoofing in all interfaces | # turn off packet spoofing in all interfaces | ||
Line 196: | Line 232: | ||
fi | fi | ||
− | # echo "Activate Port Forwarding .." | + | echo "Activate Transparent Proxy .." |
+ | for x in ${INTERFACES} | ||
+ | do | ||
+ | iptables -t nat -A PREROUTING -s 192.168.0.0/24 -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 8080 | ||
+ | done | ||
+ | |||
+ | # echo "Activate SMTP Port Forwarding .." | ||
# /sbin/iptables -t nat -A PREROUTING -i ${UPLINK} -m multiport -p tcp \ | # /sbin/iptables -t nat -A PREROUTING -i ${UPLINK} -m multiport -p tcp \ | ||
− | # --dport 25 -d ${NAT} -j DNAT --to 192.168.0. | + | # --dport 25 -d ${NAT} -j DNAT --to 192.168.0.254:25 |
− | # /sbin/iptables -A FORWARD -i ${UPLINK} -m multiport -p tcp -d 192.168.0. | + | # /sbin/iptables -A FORWARD -i ${UPLINK} -m multiport -p tcp -d 192.168.0.254 \ |
# --dport 25 -j ACCEPT | # --dport 25 -j ACCEPT | ||
Line 214: | Line 256: | ||
# Turn off NAT or MASQUERADING | # Turn off NAT or MASQUERADING | ||
/sbin/iptables -t nat -F POSTROUTING | /sbin/iptables -t nat -F POSTROUTING | ||
− | fi | + | fi |
+ | |||
+ | ==Set IP Statik== | ||
+ | |||
+ | vi /usr/local/bin/setipstatik.sh | ||
+ | |||
+ | cp /etc/rc.local.ip.statik /etc/rc.local | ||
+ | |||
+ | ==Set IP Dinamik== | ||
+ | |||
+ | vi /usr/local/bin/setipdinamik.sh | ||
+ | cp /etc/rc.local.ip.dinamik /etc/rc.local | ||
==Set Executable== | ==Set Executable== | ||
chmod -Rf 777 /usr/local/bin/ | chmod -Rf 777 /usr/local/bin/ | ||
− | |||
==Pranala Menarik== | ==Pranala Menarik== | ||
Line 227: | Line 279: | ||
* [[SchoolOnffLine: Server Berbasis Sabily]] | * [[SchoolOnffLine: Server Berbasis Sabily]] | ||
* [[SchoolOnffLine: Server Berbasis Ubuntu]] | * [[SchoolOnffLine: Server Berbasis Ubuntu]] | ||
+ | * [[SchoolOnffLine: Desktop Berbasis Ubuntu menggunakan Remastersys]] | ||
+ | |||
+ | [[Category: Linux]] | ||
+ | [[Category: Distro Linux]] | ||
+ | [[Category: SchoolOnffLine]] |
Latest revision as of 14:41, 14 August 2011
mirrorbuild.sh
apt-get install debmirror mkdir /var/data mkdir /var/data/mirrorkeyring gpg --no-default-keyring --keyring /var/data/mirrorkeyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg vi /usr/local/bin/mirrorbuild.sh
#### Start script to automate building of Ubuntu mirror ##### ## THE NEXT LINE IS NEEDED THE REST OF THE LINES STARTING WITH A # CAN BE DELETED #!/bin/bash ## Setting variables with explanations. # # Don't touch the user's keyring, have our own instead # export GNUPGHOME=/var/data/mirrorkeyring # Arch= -a # Architecture. For Ubuntu can be i386, powerpc or amd64. # sparc, only starts in dapper, it is only the later models of sparc. # arch=i386 # Minimum Ubuntu system requires main, restricted # Section= -s # Section (One of the following - main/restricted/universe/multiverse) . # You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian- installer,restricted/debian-installer # section=main,restricted,universe,multiverse # Release= -d # Release of the system (Dapper, Edgy, Feisty, Gutsy, Hardy, Intrepid), and the -updates and -security ( -backports can be added if desired) # # release=jaunty,jaunty-security,jaunty-updates # release=karmic # release=karmic,karmic-security,karmic-updates # release=karmic,karmic-security,karmic-updates,karmic-backports,karmic-proposed # release=lucid,lucid-security,lucid-updates,lucid-backports,lucid-proposed release=maverick,maverick-security,maverick-updates,maverick-backports,maverick-proposed # release=natty,natty-backports,natty-proposed,natty-security,natty-updates # Server= -h # Server name, minus the protocol and the path at the end # CHANGE "*" to equal the mirror you want to create your mirror from. au. in Australia ca. in Canada. # This can be found in your own /etc/apt/sources.list file, assuming you have Ubuntu installed. # # server=opensource.telkomspeedy.com:5432 # server=dl2.foss-id.web.id # server=125.160.17.22 # server=192.168.0.2 # server=kambing.ui.edu server=152.118.24.30 # Dir= -r # Path from the main server, so http://my.web.server/$dir, Server dependant # inPath=ubuntu # Proto= -e # Protocol to use for transfer (http, ftp, hftp, rsync) # Choose one - http is most usual the service, and the service must be avaialbe on the server you point at. # proto=http # Outpath= # Directory to store the mirror in # Make this a full path to where you want to mirror the material. # outPath=/var/data/repo # The --nosource option only downloads debs and not deb-src's # The --progress option shows files as they are downloaded # --source \ in the place of --no-source \ if you want sources also. # --nocleanup Do not clean up the local mirror after mirroring is complete. Use this option to keep older repository # Start script # debmirror -a $arch \ --no-source \ -s $section \ -h $server \ -d $release \ -r $inPath \ --progress \ -e $proto \ $outPath #### End script to automate building of Ubuntu mirror ###
updatewiki.sh
vi /usr/local/bin/updatewiki.sh
rm -Rf /var/data/library/datawiki/* rm -Rf /usr/local/src/var rm -Rf /usr/local/src/wikidb* wget http://125.160.17.21/speedyorari/view.php?file=datawiki/wikidb.sql.gz -O /var/data/library/datawiki/wikidb.sql.gz wget http://125.160.17.21/speedyorari/view.php?file=datawiki/images.tar.gz -O /var/data/library/datawiki/images.tar.gz cp -Rf /var/data/library/datawiki/* /usr/local/src cd /usr/local/src tar zxvf images.tar.gz gunzip wikidb.sql.gz cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/ chown -Rf www-data.www-data /var/www/wiki service mysql stop service mysql start mysqladmin --user=root --password=123456 --force drop mediawiki mysqladmin --user=root --password=123456 create mediawiki mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql service mysql stop service mysql start cd /var/www/wiki/maintenance php update.php service mysql stop service mysql start chown -Rf nobody.nogroup /var/data & chmod -Rf 777 /var/data &
updatewikidb.sh
vi /usr/local/bin/updatewikisb.sh
rm -Rf /usr/local/src/var rm -Rf /usr/local/src/wikidb* cp -Rf /var/data/library/datawiki/* /usr/local/src cd /usr/local/src tar zxvf images.tar.gz gunzip wikidb.sql.gz cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/ chown -Rf www-data.www-data /var/www/wiki service mysql stop service mysql start mysqladmin --user=root --password=123456 --force drop mediawiki mysqladmin --user=root --password=123456 create mediawiki mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql service mysql stop service mysql start cd /var/www/wiki/maintenance php update.php service mysql stop service mysql start chown -Rf nobody.nogroup /var/data & chmod -Rf 777 /var/data &
nobody.sh
vi /usr/local/bin/nobody.sh
chown -Rf nobody.nogroup /var/data & chmod -Rf 777 /var/data &
aktifkanproxy.sh
vi /usr/local/bin/aktifkanproxy.sh
#!/bin/bash # From: AHK <akuhon@kompas.com> # To: linux-admin@linux.or.id # Save this file and activate through # file_name start # and de-activate through # file_name stop # This firewall-script can be used for workstation, laptop, router # or server that are not running network service (such as web server, ftp # server etc) # change the parameter UPLINK with Interface device to the Internet. # In our case WLAN router with NIC wlan0 connected to the Internet # and LAN connection with eth0. # if you use dial-up modem, you might use ppp0 as your UPLINK UPLINK="eth1" # if you run the gateway as router and forward IP packet between eth devices # please fill .yes., if not, please fill .no. ROUTER="yes" # Please change 202.150.10.45 to your static IP address of UPLINK device. # For those who use dial-up or dynamic IP, please enter .dynamic. # NAT="192.168.1.100" NAT="dynamic" # please list all network interfaces including eth devices # as well as dial-up interface such as ppp0 INTERFACES="lo eth0 eth1 eth2" if [ "$1" = "start" ] then echo "Activate Firewall ..... " /sbin/iptables -F /sbin/iptables -P INPUT DROP # /sbin/iptables -A INPUT -p tcp -i eth0 --destination-port 25 -s ! 192.168.0.1 -j DROP # /sbin/iptables -A INPUT -p tcp -i eth1 --destination-port 25 -s ! 192.168.0.1 -j DROP /sbin/iptables -A INPUT -i ! ${UPLINK} -j ACCEPT /sbin/iptables -A INPUT -i ${UPLINK} -p tcp -s 0/0 --dport 25 -j ACCEPT /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT /sbin/iptables -A INPUT -p tcp -i ${UPLINK} -j REJECT --reject-with tcp-reset /sbin/iptables -A INPUT -p udp -i ${UPLINK} -j REJECT --reject-with icmp-port-unreachable /sbin/iptables -A FORWARD -p tcp --destination-port 25 -s ! 192.168.0.1 -j DROP # block bad sites # /sbin/iptables -I INPUT -s 68.178.211.34 -j DROP # /sbin/iptables -I INPUT -d 68.178.211.34 -j DROP # /sbin/iptables -I INPUT -s 64.27.5.168 -j DROP # /sbin/iptables -I INPUT -d 64.27.5.168 -j DROP # turn off packet spoofing in all interfaces for x in ${INTERFACES} do echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter done if [ "$ROUTER" = "yes" ] then # Activate IP forwarding at router echo 1 > /proc/sys/net/ipv4/ip_forward if [ "$NAT" = "dynamic" ] then # Dynamic IP address, activate Masquerading echo "Activate Masquerading (Dynamic IP) ...." /sbin/iptables -t nat -A POSTROUTING -o ${UPLINK} -j MASQUERADE elif [ "$NAT" != "" ] then # Static IP address use source NAT echo "Activate SNAT (static IP) ...." /sbin/iptables -t nat -A POSTROUTING -o ${UPLINK} -j SNAT --to ${NAT} fi echo "Activate Transparent Proxy .." for x in ${INTERFACES} do iptables -t nat -A PREROUTING -s 192.168.0.0/24 -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 8080 done # echo "Activate SMTP Port Forwarding .." # /sbin/iptables -t nat -A PREROUTING -i ${UPLINK} -m multiport -p tcp \ # --dport 25 -d ${NAT} -j DNAT --to 192.168.0.254:25 # /sbin/iptables -A FORWARD -i ${UPLINK} -m multiport -p tcp -d 192.168.0.254 \ # --dport 25 -j ACCEPT fi elif [ "$1" = "stop" ] then echo "Deactivate Firewall ..." /sbin/iptables -F INPUT /sbin/iptables -P INPUT ACCEPT /sbin/iptables -F FORWARD /sbin/iptables -P FORWARD ACCEPT /sbin/iptables -F OUTPUT /sbin/iptables -P OUTPUT ACCEPT # Turn off NAT or MASQUERADING /sbin/iptables -t nat -F POSTROUTING fi
Set IP Statik
vi /usr/local/bin/setipstatik.sh
cp /etc/rc.local.ip.statik /etc/rc.local
Set IP Dinamik
vi /usr/local/bin/setipdinamik.sh
cp /etc/rc.local.ip.dinamik /etc/rc.local
Set Executable
chmod -Rf 777 /usr/local/bin/