Difference between revisions of "SchoolOnffLine: Instalasi Beberapa Batch File Bermanfaat"

From OnnoWiki
Jump to navigation Jump to search
 
(8 intermediate revisions by the same user not shown)
Line 2: Line 2:
  
 
  apt-get install debmirror
 
  apt-get install debmirror
 +
mkdir /var/data
 
  mkdir /var/data/mirrorkeyring
 
  mkdir /var/data/mirrorkeyring
 
  gpg --no-default-keyring --keyring /var/data/mirrorkeyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg
 
  gpg --no-default-keyring --keyring /var/data/mirrorkeyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg
Line 9: Line 10:
 
  ## THE NEXT LINE IS NEEDED THE REST OF THE LINES STARTING WITH A # CAN BE DELETED
 
  ## THE NEXT LINE IS NEEDED THE REST OF THE LINES STARTING WITH A # CAN BE DELETED
 
   
 
   
  #!/bin/bash
+
  #!/bin/bash
 
   
 
   
 
  ## Setting variables with explanations.
 
  ## Setting variables with explanations.
Line 16: Line 17:
 
  # Don't touch the user's keyring, have our own instead
 
  # Don't touch the user's keyring, have our own instead
 
  #
 
  #
  export GNUPGHOME=/var/data/mirrorkeyring
+
  export GNUPGHOME=/var/data/mirrorkeyring  
 
   
 
   
 
  # Arch=        -a      # Architecture. For Ubuntu can be i386, powerpc or amd64.
 
  # Arch=        -a      # Architecture. For Ubuntu can be i386, powerpc or amd64.
Line 24: Line 25:
 
   
 
   
 
  # Minimum Ubuntu system requires main, restricted
 
  # Minimum Ubuntu system requires main, restricted
  # Section=      -s      # Section (One of the following - main/restricted/universe/multiverse).
+
  # Section=      -s      # Section (One of the following - main/restricted/universe/multiverse) .
  # You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian-installer,restricted/debian-installer
+
  # You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian- installer,restricted/debian-installer
 
  #
 
  #
 
  section=main,restricted,universe,multiverse
 
  section=main,restricted,universe,multiverse
 
   
 
   
  # Release=      -d      # Release of the system (Dapper, Edgy, Feisty, Gutsy, Hardy, Intrepid), and the -updates and -security ( -backports can be  added if desired)
+
  # Release=      -d      # Release of the system (Dapper, Edgy, Feisty, Gutsy, Hardy, Intrepid), and the -updates and -security ( -backports can be  added if desired)
 
  #
 
  #
 
  # release=jaunty,jaunty-security,jaunty-updates
 
  # release=jaunty,jaunty-security,jaunty-updates
 
  # release=karmic
 
  # release=karmic
 
  # release=karmic,karmic-security,karmic-updates
 
  # release=karmic,karmic-security,karmic-updates
  release=karmic,karmic-security,karmic-updates,karmic-backports,karmic-proposed
+
  # release=karmic,karmic-security,karmic-updates,karmic-backports,karmic-proposed
 +
# release=lucid,lucid-security,lucid-updates,lucid-backports,lucid-proposed
 +
release=maverick,maverick-security,maverick-updates,maverick-backports,maverick-proposed
 +
# release=natty,natty-backports,natty-proposed,natty-security,natty-updates
 
   
 
   
 
  # Server=      -h      # Server name, minus the protocol and the path at the end
 
  # Server=      -h      # Server name, minus the protocol and the path at the end
Line 42: Line 46:
 
  # server=opensource.telkomspeedy.com:5432
 
  # server=opensource.telkomspeedy.com:5432
 
  # server=dl2.foss-id.web.id
 
  # server=dl2.foss-id.web.id
  server=125.160.17.22
+
  # server=125.160.17.22
 +
# server=192.168.0.2
 +
# server=kambing.ui.edu
 +
server=152.118.24.30
 
   
 
   
 
  # Dir=          -r      # Path from the main server, so http://my.web.server/$dir, Server dependant
 
  # Dir=          -r      # Path from the main server, so http://my.web.server/$dir, Server dependant
Line 56: Line 63:
 
  # Make this a full path to where you want to mirror the material.
 
  # Make this a full path to where you want to mirror the material.
 
  #
 
  #
  outPath=/var/www/ubuntu
+
  outPath=/var/data/repo
 
   
 
   
 
  # The --nosource option only downloads debs and not deb-src's
 
  # The --nosource option only downloads debs and not deb-src's
 
  # The --progress option shows files as they are downloaded
 
  # The --progress option shows files as they are downloaded
 
  # --source \ in the place of --no-source \ if you want sources also.
 
  # --source \ in the place of --no-source \ if you want sources also.
  # --nocleanup  Do not clean up the local mirror after mirroring is complete. Use this option to keep older repository
+
  # --nocleanup  Do not clean up the local mirror after mirroring is complete. Use this option to keep older repository
 
  # Start script
 
  # Start script
 
  #
 
  #
Line 74: Line 81:
 
                 $outPath
 
                 $outPath
 
   
 
   
  #### End script to automate building of Ubuntu mirror ####
+
  #### End script to automate building of Ubuntu mirror ###
  
 
==updatewiki.sh==
 
==updatewiki.sh==
Line 91: Line 98:
 
  cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/
 
  cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/
 
  chown -Rf www-data.www-data /var/www/wiki
 
  chown -Rf www-data.www-data /var/www/wiki
  /etc/init.d/mysql restart
+
  service mysql stop
 +
service mysql start
 +
mysqladmin --user=root --password=123456 --force drop mediawiki
 +
mysqladmin --user=root --password=123456 create mediawiki
 +
mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql
 +
mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql
 +
service mysql stop
 +
service mysql start
 +
cd /var/www/wiki/maintenance
 +
php update.php
 +
service mysql stop
 +
service mysql start
 +
chown -Rf nobody.nogroup /var/data &
 +
chmod -Rf 777 /var/data &
 +
 
 +
==updatewikidb.sh==
 +
 
 +
vi /usr/local/bin/updatewikisb.sh
 +
 
 +
rm -Rf /usr/local/src/var
 +
rm -Rf /usr/local/src/wikidb*
 +
cp -Rf /var/data/library/datawiki/* /usr/local/src
 +
cd /usr/local/src
 +
tar zxvf images.tar.gz
 +
gunzip wikidb.sql.gz
 +
cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/
 +
chown -Rf www-data.www-data /var/www/wiki
 +
service mysql stop
 +
service mysql start
 
  mysqladmin --user=root --password=123456 --force drop mediawiki
 
  mysqladmin --user=root --password=123456 --force drop mediawiki
 
  mysqladmin --user=root --password=123456 create mediawiki
 
  mysqladmin --user=root --password=123456 create mediawiki
 
  mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql
 
  mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql
 
  mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql
 
  mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql
  /etc/init.d/mysql restart
+
  service mysql stop
 +
service mysql start
 
  cd /var/www/wiki/maintenance
 
  cd /var/www/wiki/maintenance
 
  php update.php
 
  php update.php
  /etc/init.d/mysql restart
+
  service mysql stop
 +
service mysql start
 
  chown -Rf nobody.nogroup /var/data &
 
  chown -Rf nobody.nogroup /var/data &
 
  chmod -Rf 777 /var/data &
 
  chmod -Rf 777 /var/data &
 +
  
 
==nobody.sh==
 
==nobody.sh==
Line 155: Line 193:
 
   /sbin/iptables -F
 
   /sbin/iptables -F
 
   /sbin/iptables -P INPUT DROP
 
   /sbin/iptables -P INPUT DROP
  /sbin/iptables -A INPUT -p tcp -i eth0 --destination-port 25 -s ! 192.168.0.1  -j DROP
+
/sbin/iptables -A INPUT -p tcp -i eth0 --destination-port 25 -s ! 192.168.0.1  -j DROP
  /sbin/iptables -A INPUT -p tcp -i eth1 --destination-port 25 -s ! 192.168.0.1  -j DROP
+
/sbin/iptables -A INPUT -p tcp -i eth1 --destination-port 25 -s ! 192.168.0.1  -j DROP
 
   
 
   
 
   /sbin/iptables -A INPUT -i ! ${UPLINK} -j ACCEPT
 
   /sbin/iptables -A INPUT -i ! ${UPLINK} -j ACCEPT
Line 167: Line 205:
 
   
 
   
 
  # block bad sites
 
  # block bad sites
   
+
  # /sbin/iptables -I INPUT -s 68.178.211.34 -j DROP
  /sbin/iptables -I INPUT -s 68.178.211.34 -j DROP
+
# /sbin/iptables -I INPUT -d 68.178.211.34 -j DROP  
  /sbin/iptables -I INPUT -d 68.178.211.34 -j DROP  
+
  # /sbin/iptables -I INPUT -s 64.27.5.168 -j DROP
   
+
# /sbin/iptables -I INPUT -d 64.27.5.168 -j DROP
  /sbin/iptables -I INPUT -s 64.27.5.168 -j DROP
 
  /sbin/iptables -I INPUT -d 64.27.5.168 -j DROP
 
 
   
 
   
 
  # turn off packet spoofing in all interfaces
 
  # turn off packet spoofing in all interfaces
Line 196: Line 232:
 
  fi  
 
  fi  
 
   
 
   
  # echo "Activate Port Forwarding .."
+
echo "Activate Transparent Proxy .."
 +
for x in ${INTERFACES}
 +
  do
 +
    iptables -t nat -A PREROUTING -s 192.168.0.0/24 -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 8080
 +
  done
 +
 +
  # echo "Activate SMTP Port Forwarding .."
 
  # /sbin/iptables -t nat -A PREROUTING -i ${UPLINK} -m multiport -p tcp \
 
  # /sbin/iptables -t nat -A PREROUTING -i ${UPLINK} -m multiport -p tcp \
  # --dport 25 -d ${NAT} -j DNAT --to 192.168.0.1:25
+
  # --dport 25 -d ${NAT} -j DNAT --to 192.168.0.254:25
  # /sbin/iptables -A FORWARD -i ${UPLINK} -m multiport -p tcp -d 192.168.0.1 \
+
  # /sbin/iptables -A FORWARD -i ${UPLINK} -m multiport -p tcp -d 192.168.0.254 \
 
  #  --dport 25 -j ACCEPT  
 
  #  --dport 25 -j ACCEPT  
 
   
 
   
Line 214: Line 256:
 
       # Turn off NAT or MASQUERADING
 
       # Turn off NAT or MASQUERADING
 
       /sbin/iptables -t nat -F POSTROUTING
 
       /sbin/iptables -t nat -F POSTROUTING
  fi  
+
  fi
 +
 
 +
==Set IP Statik==
 +
 
 +
vi /usr/local/bin/setipstatik.sh
 +
 
 +
cp /etc/rc.local.ip.statik /etc/rc.local
 +
 
 +
==Set IP Dinamik==
 +
 
 +
vi /usr/local/bin/setipdinamik.sh
  
 +
cp /etc/rc.local.ip.dinamik /etc/rc.local
  
 
==Set Executable==
 
==Set Executable==
  
 
  chmod -Rf 777 /usr/local/bin/
 
  chmod -Rf 777 /usr/local/bin/
 
  
 
==Pranala Menarik==
 
==Pranala Menarik==
Line 227: Line 279:
 
* [[SchoolOnffLine: Server Berbasis Sabily]]
 
* [[SchoolOnffLine: Server Berbasis Sabily]]
 
* [[SchoolOnffLine: Server Berbasis Ubuntu]]
 
* [[SchoolOnffLine: Server Berbasis Ubuntu]]
 +
* [[SchoolOnffLine: Desktop Berbasis Ubuntu menggunakan Remastersys]]
 +
 +
[[Category: Linux]]
 +
[[Category: Distro Linux]]
 +
[[Category: SchoolOnffLine]]

Latest revision as of 14:41, 14 August 2011

mirrorbuild.sh

apt-get install debmirror
mkdir /var/data
mkdir /var/data/mirrorkeyring
gpg --no-default-keyring --keyring /var/data/mirrorkeyring/trustedkeys.gpg --import /usr/share/keyrings/ubuntu-archive-keyring.gpg
vi /usr/local/bin/mirrorbuild.sh
#### Start script to automate building of Ubuntu mirror #####
## THE NEXT LINE IS NEEDED THE REST OF THE LINES STARTING WITH A # CAN BE DELETED

#!/bin/bash  

## Setting variables with explanations.

#
# Don't touch the user's keyring, have our own instead
#
export GNUPGHOME=/var/data/mirrorkeyring 

# Arch=         -a      # Architecture. For Ubuntu can be i386, powerpc or amd64.
# sparc, only starts in dapper, it is only the later models of sparc.
#
arch=i386

# Minimum Ubuntu system requires main, restricted
# Section=      -s      # Section (One of the following - main/restricted/universe/multiverse) .
# You can add extra file with $Section/debian-installer. ex: main/debian-installer,universe/debian-installer,multiverse/debian- installer,restricted/debian-installer
#
section=main,restricted,universe,multiverse

# Release=      -d      # Release of the system (Dapper, Edgy, Feisty, Gutsy, Hardy, Intrepid), and the -updates and -security (  -backports can be  added if desired)
#
# release=jaunty,jaunty-security,jaunty-updates
# release=karmic
# release=karmic,karmic-security,karmic-updates
# release=karmic,karmic-security,karmic-updates,karmic-backports,karmic-proposed
# release=lucid,lucid-security,lucid-updates,lucid-backports,lucid-proposed 
release=maverick,maverick-security,maverick-updates,maverick-backports,maverick-proposed
# release=natty,natty-backports,natty-proposed,natty-security,natty-updates 

# Server=       -h      # Server name, minus the protocol and the path at the end
# CHANGE "*" to equal the mirror you want to create your mirror from. au. in Australia  ca. in Canada.
# This can be found in your own /etc/apt/sources.list file, assuming you have Ubuntu installed.
#
# server=opensource.telkomspeedy.com:5432
# server=dl2.foss-id.web.id
# server=125.160.17.22
# server=192.168.0.2
# server=kambing.ui.edu
server=152.118.24.30 

# Dir=          -r      # Path from the main server, so http://my.web.server/$dir, Server dependant
#
inPath=ubuntu

# Proto=        -e      # Protocol to use for transfer (http, ftp, hftp, rsync)
# Choose one - http is most usual the service, and the service must be avaialbe on the server you point at.
#
proto=http

# Outpath=              # Directory to store the mirror in
# Make this a full path to where you want to mirror the material.
#
outPath=/var/data/repo

# The --nosource option only downloads debs and not deb-src's
# The --progress option shows files as they are downloaded
# --source \ in the place of --no-source \ if you want sources also.
# --nocleanup  Do not clean up the local mirror after mirroring is complete. Use this option to keep older repository
# Start script
#
debmirror       -a $arch \
                --no-source \
                -s $section \
                -h $server \
                -d $release \
                -r $inPath \
                --progress \
                -e $proto \
                $outPath

#### End script to automate building of Ubuntu mirror ###

updatewiki.sh

vi /usr/local/bin/updatewiki.sh 
rm -Rf /var/data/library/datawiki/*
rm -Rf /usr/local/src/var
rm -Rf /usr/local/src/wikidb*
wget http://125.160.17.21/speedyorari/view.php?file=datawiki/wikidb.sql.gz -O /var/data/library/datawiki/wikidb.sql.gz
wget http://125.160.17.21/speedyorari/view.php?file=datawiki/images.tar.gz -O /var/data/library/datawiki/images.tar.gz
cp -Rf /var/data/library/datawiki/* /usr/local/src
cd /usr/local/src
tar zxvf images.tar.gz
gunzip wikidb.sql.gz
cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/
chown -Rf www-data.www-data /var/www/wiki
service mysql stop
service mysql start
mysqladmin --user=root --password=123456 --force drop mediawiki
mysqladmin --user=root --password=123456 create mediawiki
mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql
mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql
service mysql stop
service mysql start
cd /var/www/wiki/maintenance
php update.php
service mysql stop
service mysql start
chown -Rf nobody.nogroup /var/data &
chmod -Rf 777 /var/data &

updatewikidb.sh

vi /usr/local/bin/updatewikisb.sh 
rm -Rf /usr/local/src/var
rm -Rf /usr/local/src/wikidb*
cp -Rf /var/data/library/datawiki/* /usr/local/src
cd /usr/local/src
tar zxvf images.tar.gz
gunzip wikidb.sql.gz
cp -Rf /usr/local/src/var/www/html/wiki/images /var/www/wiki/
chown -Rf www-data.www-data /var/www/wiki
service mysql stop
service mysql start
mysqladmin --user=root --password=123456 --force drop mediawiki
mysqladmin --user=root --password=123456 create mediawiki
mysql -u mediawiki -pmediawiki mediawiki < /var/www/wiki/maintenance/tables.sql
mysql -u mediawiki -pmediawiki mediawiki < /usr/local/src/wikidb.sql
service mysql stop
service mysql start
cd /var/www/wiki/maintenance
php update.php
service mysql stop
service mysql start
chown -Rf nobody.nogroup /var/data &
chmod -Rf 777 /var/data &


nobody.sh

vi /usr/local/bin/nobody.sh 
chown -Rf nobody.nogroup /var/data &
chmod -Rf 777 /var/data &

aktifkanproxy.sh

vi /usr/local/bin/aktifkanproxy.sh 
#!/bin/bash

# From: AHK <akuhon@kompas.com>
# To: linux-admin@linux.or.id

# Save this file and activate through # file_name start
# and de-activate through # file_name stop

# This firewall-script can be used for workstation, laptop, router
# or server that are not running network service (such as web server, ftp
# server etc)

# change the parameter UPLINK with Interface device to the Internet.
# In our case WLAN router with NIC wlan0 connected to the Internet
# and LAN connection with eth0.
# if you use dial-up modem, you might use ppp0 as your UPLINK

UPLINK="eth1"

# if you run the gateway as router and forward IP packet between eth devices
# please fill .yes., if not, please fill .no.

ROUTER="yes"

# Please change 202.150.10.45 to your static IP address of UPLINK device.
# For those who use dial-up or dynamic IP, please enter .dynamic.

# NAT="192.168.1.100"

NAT="dynamic" 

# please list all network interfaces including eth devices
# as well as dial-up interface such as ppp0

INTERFACES="lo eth0 eth1 eth2"

if [ "$1" = "start" ]
  then
  echo "Activate Firewall ..... "
  /sbin/iptables -F
  /sbin/iptables -P INPUT DROP
#  /sbin/iptables -A INPUT -p tcp -i eth0 --destination-port 25 -s ! 192.168.0.1  -j DROP
#  /sbin/iptables -A INPUT -p tcp -i eth1 --destination-port 25 -s ! 192.168.0.1  -j DROP

  /sbin/iptables -A INPUT -i ! ${UPLINK} -j ACCEPT
  /sbin/iptables -A INPUT -i ${UPLINK} -p tcp -s 0/0 --dport 25 -j ACCEPT
  /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  /sbin/iptables -A INPUT -p tcp -i ${UPLINK} -j REJECT --reject-with tcp-reset
  /sbin/iptables -A INPUT -p udp -i ${UPLINK} -j REJECT --reject-with icmp-port-unreachable
 
  /sbin/iptables -A FORWARD -p tcp --destination-port 25 -s ! 192.168.0.1  -j DROP

# block bad sites
# /sbin/iptables -I INPUT -s 68.178.211.34 -j DROP
# /sbin/iptables -I INPUT -d 68.178.211.34 -j DROP 
# /sbin/iptables -I INPUT -s 64.27.5.168 -j DROP
# /sbin/iptables -I INPUT -d 64.27.5.168 -j DROP

# turn off packet spoofing in all interfaces
for x in ${INTERFACES}
  do
    echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
  done 

if [ "$ROUTER" = "yes" ]
  then
  # Activate IP forwarding at router
    echo 1 > /proc/sys/net/ipv4/ip_forward
if [ "$NAT" = "dynamic" ]
  then
  # Dynamic IP address, activate Masquerading
    echo "Activate Masquerading (Dynamic IP) ...."
    /sbin/iptables -t nat -A POSTROUTING -o ${UPLINK} -j MASQUERADE
elif [ "$NAT" != "" ]
  then
  # Static IP address use source NAT
  echo "Activate SNAT (static IP) ...."
  /sbin/iptables -t nat -A POSTROUTING -o ${UPLINK} -j SNAT --to ${NAT}
fi 

echo "Activate Transparent Proxy .."
for x in ${INTERFACES}
  do
    iptables -t nat -A PREROUTING -s 192.168.0.0/24 -i eth0 -p tcp --dport 80 -j REDIRECT --to-ports 8080
  done 

# echo "Activate SMTP Port Forwarding .."
# /sbin/iptables -t nat -A PREROUTING -i ${UPLINK} -m multiport -p tcp \
# --dport 25 -d ${NAT} -j DNAT --to 192.168.0.254:25
# /sbin/iptables -A FORWARD -i ${UPLINK} -m multiport -p tcp -d 192.168.0.254 \
#  --dport 25 -j ACCEPT 

fi
  elif [ "$1" = "stop" ]
    then
      echo "Deactivate Firewall ..."
      /sbin/iptables -F INPUT
      /sbin/iptables -P INPUT ACCEPT
      /sbin/iptables -F FORWARD
      /sbin/iptables -P FORWARD ACCEPT
      /sbin/iptables -F OUTPUT
      /sbin/iptables -P OUTPUT ACCEPT
      # Turn off NAT or MASQUERADING
      /sbin/iptables -t nat -F POSTROUTING
fi

Set IP Statik

vi /usr/local/bin/setipstatik.sh
cp /etc/rc.local.ip.statik /etc/rc.local

Set IP Dinamik

vi /usr/local/bin/setipdinamik.sh
cp /etc/rc.local.ip.dinamik /etc/rc.local

Set Executable

chmod -Rf 777 /usr/local/bin/

Pranala Menarik