Friday, February 10, 2012

Installing netatalk on Centos5

Installing netatalk on Centos 5 is actually fairly easy, once you figure out the packages that need to be installed. Here's the basic steps:

1) in /etc/yum.repos.d/CentOS-Base.repo, under the [centosplus] section, make sure you have the following line:
enabled=1

2) Run the following commands:


yum update
yum install netatalk netatalk-devel


3) reboot in order for any kernel modules and all that to get into there.

Now, you'll need to configure netatalk. The configuration files are all in:

/etc/atalk


There are only 2 files to really be concerned about.

1) AppleVolumes.default
at the bottom of the file, if you want to enable home directories, have, on a single line, the following:

~

If you want to create a shared directory, have something like the following:

/path/to/directory "Name of the Volume" options:tm


2) afpd.conf

At the bottom of the file, have a line similar to this:

"Name of Volume" -transall -uamlist uams_guest.so,uams_clrtxt.so,uams_dhx.so -nosavepassword

Then, just use the /etc/init.d/netatalk script to start up everything.

You should now be able to connect up to the Appletalk server using the ip address.

The next part is if you want the server to show up normally under the Appletalk network.

1) install the avahi software:

yum install avahi avahi-devel

2) modify /etc/avahi/services/afpd.services to have something like the following:
 <?xml version="1.0" standalone='no'?>  
 <!DOCTYPE service-group SYSTEM "avahi-service.dtd">  
 <service-group>  
  <name replace-wildcards="yes">[Your Volume Name]</name>  
  <service>  
   <type>_afpovertcp._tcp</type>  
   <port>548</port>  
  </service>  
  <service>  
   <type>_device-info._tcp</type>  
   <port>0</port>  
   <txt-record>model=Xserve</txt-record>  
  </service>  
 </service-group>

3) Finally, restart the messagebus and the avahi service, in that order:

/etc/init.d/messagebus restart
/etc/init.d/avahi restart
Posted by at 1 comment:
Labels: ,

Wednesday, January 25, 2012

Creating a .pem file from GoDaddy SSL cert.

If using an SSL accelerator like Pound, you need to create a .pem file with your private key, the .crt file from GoDaddy, and their intermediate cert file.

Let's say you have a domain name of foo.com. You'll first need to generate the the .csr file for GoDaddy with the following command:


openssl req -new -newkey rsa:2048 -nodes -keyout foo.com.key -out foo.com.csr

This gives you 2 files:
foo.com.key - This is the private key
foo.com.csr - This is the Certificate Signing Request

You'll give the foo.com.csr file to the SSL signing authority. In the case of GoDaddy, they'll give you back a .zip file with the following 2 files:

foo.com.crt - This is your cert
gd_bundle.crt - This is the GoDaddy Certificate Chain

With all these files, you need to generate the .pem file. This is actually pretty easy. Assuming that you created the private key (foo.com.key) without a password, you can just do the following in order to create your .pem file:


cat foo.com.crt foo.com.key gd_bundle.crt > foo.com.pem
Posted by at 7 comments:
Labels: ,

Tuesday, July 5, 2011

PFSense architecture version

For the ALIX boards, use the i386 version of the images.
Posted by at No comments:
Labels:

Friday, July 1, 2011

Minicom updated configuration

My minicom configuration is:

cat /opt/local/etc/minirc.dfl


# Machine-generated file - use "minicom -s" to change parameters.
pu port             /dev/tty.usbserial
pu baudrate         9600
pu bits             8
pu parity           N
pu stopbits         1
Posted by at No comments:
Labels:

Thursday, June 30, 2011

Serial Console Cable

I'm going to be doing a majority of the setup for my PFSense box using my Mac. The PFSense box will have a DB9 serial connector which is what will be used for most of the initial setup. In order to get it going, I will need the following:

  • minicom installed (I'm sure you can use something else, but I'm going with this)
  • usb <-> db9 connector
  • null modem cable


If you've been doing a lot of system administration work, you may already have MacPorts setup. If not, then get that installed. Once you do have it installed, it should be as simple as:

sudo port install minicom

This will take a while as it also has to download/compile/install perl.

For the hardware installation, I ordered the following from Amazon:

Once everything is connected up, I should be able to connect up to the PFSense box with just the following command:

minicom -b 9600

EDIT: It appears that with newer versions of OS X, a different driver is required to get the TRENDnet USB to Serial Converter TU-S9 working correctly. A driver from Prolific Technology for the PL-2303 is required. It can be downloaded at:

http://www.prolific.com.tw/US/ShowProduct.aspx?p_id=229&pcid=41
Posted by at 1 comment:
Labels: ,

PFSense hardware order

I'm in the process of setting up a new office router. As I've done at a previous place, I'm opt'ing to build out a PFsense box. For the hardware, I've ordered an ALIX kit from Netgate.

http://store.netgate.com/ALIX2D3-2D13-Kit-Red-Unassembled-P174.aspx

Essentially, it's a single board computer with a flash drive. The kit comes unassembled with the following:
- ALIX system board with 3 ethernet ports, DB9 serial port, dual usb port
- enclosure
- CF card
- power supply

Assembly for the whole system is pretty easy and should just require a phillips head screwdriver.
Posted by at No comments:
Labels:

First Posting

Over the years, I've setup lots of different services of various techie like natures. On occasion, I look at something and think "How in the world did I do that and where are my notes for it?" My goal for this blog, at least right now (pretend this is a terms of service agreement) is that I'll dump my notes here.
Posted by at No comments:
Subscribe to: Posts (Atom)