Tag Archives: server

Install Dropbox on Ubuntu Server

Dropbox is so useful! Wouldn’t it be great to have that same convenience and function for your user account on your server, just like you have on your workstation?

This has been tested on Ubuntu Lucid and Jaunty. This procedure will create a system with:

  • Install a separate Dropbox client (daemon) for individual users
  • Each user has a separate Dropbox account
  • All the daemons will be managed together with normal daemon controls

This allows individuals to have their own Dropbox accounts, each with a separate process syncing their individual ~/Dropbox directory. With one command an admin can start or stop all the daemons at once.

Install Prerequisites

Later, we’ll need to read a sqlite3 database record, so install sqlite3.

sudo aptitude -y install sqlite3

Install Dropbox client for an individual user

This step is repeated for each user that wants a Dropbox client. Start by setting up your own account, then repeat for each user. This is run with a user’s own account. The changes made all take place in their home directory.

First, determine whether you have 32-bit or 64-bit Ubuntu Server. You must install the correct version, either 32 or 64 bit or it will not work. The following command will tell you which is installed:

uname -a | grep '_64' >/dev/null && echo 'A 64-bit OS is installed'; uname -a | grep '_64' >/dev/null || echo 'A 32-bit OS is installed'

Run the correct installation, based on whether a 32-bit or 64-bit OS is installed.

32-bit installation:

cd ~
wget -O dropbox.tar.gz http://www.dropbox.com/download/?plat=lnx.x86
tar -zxof dropbox.tar.gz

or

64-bit installation:

cd ~
wget -O dropbox.tar.gz http://www.dropbox.com/download/?plat=lnx.x86_64
tar -zxof dropbox.tar.gz

Link user’s Dropbox client to their Dropbox account:

wget http://dl.dropbox.com/u/6995/dbmakefakelib.py
python dbmakefakelib.py

The above will run for a little while without printing anything, then print “dropboxd ran for 15 seconds without quitting – success?”. When it does so, press control-c twice. Yes, it is unusual. What this does is populate a sqlite3 database with an ID from the Dropbox server. Next, we’ll extract that code and use it to link your Dropbox user account with this CLI Dropbox client instance.

On the server, via SSH

Get the URL with:

echo https://www.dropbox.com/cli_link?host_id=`echo '.dump config' | sqlite3 ~/.dropbox/dropbox.db | grep host_id | cut -d \' -f 4 | python -c 'print raw_input().decode("base64")' | grep '^V' | cut -b 2-`

On your local machine, in a web browser

Copy the URL that the above printed and paste it into a web browser. When you do so, Dropbox will register your client on the server with your Dropbox account.

At this point, Dropbox will not be quite working yet. The next steps will take care of that.

Create Dropbox daemon control

The next task is to create a system to start and stop the dropbox daemon for each user on the system that has Dropbox installed for his/her user account. The following daemon init script was lifted from: http://wiki.dropbox.com/TipsAndTricks/TextBasedLinuxInstall.

Of course, this is for the use of the system admin. This creates a normal daemon init start/stop script and installs it so the Dropbox daemons are started when the system boots. The admin can also use this to control the Dropbox daemons manually.

sudo vi /etc/init.d/dropbox

Paste in the following code. Then, modify line 3, replacing “user1 user2″ with your username. For future reference, additional user’s Dropbox daemons can be controlled with this one script – add additional username separated with spaces.

# dropbox service
# separate usernames in the following line with spaces.
DROPBOX_USERS="user1 user2"
 
DAEMON=.dropbox-dist/dropbox
 
start() {
    echo "Starting dropbox..."
    for dbuser in $DROPBOX_USERS; do
        HOMEDIR=`getent passwd $dbuser | cut -d: -f6`
        if [ -x $HOMEDIR/$DAEMON ]; then
            HOME="$HOMEDIR" start-stop-daemon -b -o -c $dbuser -S -u $dbuser -x $HOMEDIR/$DAEMON
        fi
    done
}
 
stop() {
    echo "Stopping dropbox..."
    for dbuser in $DROPBOX_USERS; do
        HOMEDIR=`getent passwd $dbuser | cut -d: -f6`
        if [ -x $HOMEDIR/$DAEMON ]; then
            start-stop-daemon -o -c $dbuser -K -u $dbuser -x $HOMEDIR/$DAEMON
        fi
    done
}
 
status() {
    for dbuser in $DROPBOX_USERS; do
        dbpid=`pgrep -u $dbuser dropbox`
        if [ -z $dbpid ] ; then
            echo "dropboxd for USER $dbuser: not running."
        else
            echo "dropboxd for USER $dbuser: running (pid $dbpid)"
        fi
    done
}

case "$1" in
  start)
    start
    ;;
 
  stop)
    stop
    ;;
 
  restart|reload|force-reload)
    stop
    start
    ;;
 
  status)
    status
    ;;
 
  *)
    echo "Usage: /etc/init.d/dropbox {start|stop|reload|force-reload|restart|status}"
    exit 1
 
esac
 
exit 0

Make the init script executable and restart the daemon:

sudo chmod +x /etc/init.d/dropbox
sudo /etc/init.d/dropbox restart

When you restart the daemon, it will be running correctly linked to your Dropbox account. It will create a Dropbox directory in your home directory and will start to populate it with files you have on Dropbox.

Have the daemon(s) run automatically at boot time:

sudo update-rc.d dropbox defaults

The above correctly copies links as needed so the daemon(s) start when the server boots.

Managing the Daemons

A separate daemon will be run for each user that has the Dropbox client installed – with only one command. This makes it easy for individual users to have separate Dropbox accounts, each syncing to ~/Dropbox for their user account. Here are the commands to manage these daemons:

Start Dropbox services for all users:

sudo /etc/init.d/dropbox start

Stop Dropbox services for all users:

sudo /etc/init.d/dropbox stop

Restart Dropbox services for all users:

sudo /etc/init.d/dropbox restart

Get service status for each user Dropbox service:

sudo /etc/init.d/dropbox status

Passive Mode (PASV) FTP client on an Ubuntu server

If you need to communicate from your Ubuntu server to an FTP server that requires passive mode, there is a problem: your firewall likely blocks communication. Using an FTP client manually, you can probably connect with the server, but not list or transfer files!

The reasons for this are straightforward, your system is operating exactly as it is configured to. The explanation requires a little understanding of FTP and firewalls.

Most IP protocols use one port on the local machine and port on the server being connected to. FTP happens to use two ports instead of one. When negotiating a connection, the two computers negotiate which port to send data to. This brings us to an important difference between the two modes:

  • In active mode FTP, the client sends the server a PORT command, which tells the server client which port to use for data. The client connects to the server.
  • In passive more, the client sends the server a PASV command that asks for a server port to use for data. The server connects with the client.

The tricky bits concern this second port that is negotiated. This port is not a fixed number, it is a dynamically allocated port above 1023. The port number is encoded in a packet as two numbers that need to be multiplied together to get the port number. The firewalls involved need to be smart enough to recognize the FTP negotiation and extract this data from the data, open that specified port and keep it open during the FTP session.

In active mode, this tricky bit is handled by the server, but in passive mode, it is handled by the client’s firewall! Ah ha! So, you need to configure your firewall to be smart about address translation and FTP connections.

Configuring the firewall

You will need to activate a couple of kernel modules for iptables. These will turn on NAT (network address translation) for FTP and FTP connection tracking. As iptables/Netfilter is part of the kernel, we need to use modprobe to add these to the current session and also make changes to /etc/modules so the modules will load next time the server is rebooted.

First, use modprobe to use these two modules now:

sudo modprobe ip_nat_ftp
sudo modprobe ip_conntrack_ftp

Then, modify /etc/modules so the modules will load on next reboot:

sudo vi /etc/modules

Add these lines:

ip_nat_ftp
ip_conntrack_ftp

With these two modules, you should now be able to use passive mode from an FTP client on your Ubuntu server.

Perl Low Disk Space Warning Cron Script

This is a quick little script I wrote to warn me when disk space is getting low on a server I’m responsible for.

i just stuck this into a daily cron and now I know when to act!

#!/usr/bin/perl
#
# lowdiskspacewarning.pl
#
use strict;
use Filesys::DiskFree;

# init
my $sendmail = "/usr/lib/sendmail -t";

# file system to monitor
my $dirFilesystem = "/";
my $systemName = "putYourSystemNameHere";

# low diskspace warning threshhold
my $warningThreshhold=20 ; # in percent

# fs disk freespace
my $fsHandle = new Filesys::DiskFree;
$fsHandle->;df();
my $fsSpaceAvail = $fsHandle->;avail($dirFilesystem);
my $fsSpaceTotal = $fsHandle->;total($dirFilesystem);
my $fsSpaceUsed = $fsHandle->;used($dirFilesystem);
my $fsSpaceAvailPct = (($fsSpaceAvail) / ($fsSpaceAvail+$fsSpaceUsed)) * 100.0;

# email setup
my $emailTo='it@yourdomain.com';
my $emailFrom='root@yourdomain.com';
my $emailSubject="WARNING Low Disk Space for: $systemName";
my $emailBody = sprintf("WARNING Low Disk Space on '$systemName $dirFilesystem': %0.2f%%\n", $fsSpaceAvailPct);

# If free space is below threshhold, e-mail a warning message.
if ($fsSpaceAvailPct < $warningThreshhold) {
        open(MAIL, "|$sendmail");
        print MAIL "To: $emailTo\n";
        print MAIL "From: $emailFrom\n";
        print MAIL "Subject: $emailSubject\n";
        print MAIL $emailBody;
        close(MAIL);
}

Installing Trac and Subversion on Ubuntu Ibex

These are basically my notes from installing Trac and Subversion on an Ubuntu Intrepid Ibex server.

Install Software Packages

sudo aptitude install libapache2-mod-python libapache2-svn python-setuptools subversion python-subversion
sudo easy_install Trac

Create the Trac Environments Directory

sudo mkdir /var/lib/trac
sudo chown www-data:www-data /var/lib/trac

Setup Apache2

Using the default Ubuntu Apache virtual server setup, create a virtual server instance for
Trac. This single instance will be used for all Trac projects on the server.

sudo vi /etc/apache2/sites-available/trac.websitename.com

Your file will look a lot like the following. Use your website name instead of websitename.com and use a valid e-mail addressinstead of webmaster@websitename.com.


	ServerAdmin it@sitename.com
	ServerName trac.sitename.com
	DocumentRoot /hkm/var/www/trac.sitename.com/public
	LogLevel warn
	ErrorLog /hkm/var/www/trac.sitename.com/logs/error.log
	CustomLog /hkm/var/www/trac.sitename.com/logs/combined.log combined
	# DirectoryIndex index.html
 
	
		SetHandler mod_python
		PythonInterpreter main_interpreter
		PythonHandler trac.web.modpython_frontend
		PythonOption TracEnvParentDir /var/lib/trac
		PythonOption TracUriRoot /projects
		PythonOption PYTHON_EGG_CACHE /tmp
	
 
	# use the following for one authorization for all projects 
	# (names containing "-" are not detected):
	
		AuthType Basic
		AuthName "trac"
		AuthUserFile /path/htpasswd_filename_here
		Require valid-user
	

Now, use the Debian/Ubuntu utility a2ensite to create a link in apache2/sites-enabled to the file you just created in apache2/sites-available. Then, reload apache2 to enable the new subdomain.

sudo a2ensite trac
sudo  /etc/init.d/apache2 reload

You will also need to create a DNS A record to point to the server for this subdomain, but this is outside the scope of this blog entry.

Create Trac and Subversion Environments

Here we will make directories and create the Subversion repositories.

sudo mkdir /var/lib/svn
sudo mkdir /usr/share/trac
sudo svnadmin create /var/lib/svn/project1
sudo svnadmin create /var/lib/svn/project2

Set some permissions:

sudo chown -R www-data /var/lib/svn
sudo chown -R www-data /usr/share/trac
sudo  /etc/init.d/apache2 reload

Set up Trac

sudo mkdir /var/lib/trac

Initialize Trac for one of your projects.

sudo trac-admin /var/lib/trac/project1 initenv

The utility will ask for:

Project Name [My Project]>: project1
Database connection string [sqlite:db/trac.db]>:
Repository type [svn]>:
Path to repository [/path/to/repos]>: /var/lib/svn/project1

Repeat the above for the following, substituting the project code for each:

sudo trac-admin /var/lib/trac/project2 initenv
sudo chown -R www-data /var/lib/trac

Get Subversion Running

Modify /etc/apache2/mods-available/dav_svn.conf

sudo vi /etc/apache2/mods-available/dav_svn.conf
<Location /svn>
  DAV svn
 
  SVNParentPath /var/lib/svn
  SVNListParentPath On
 
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /path/htpasswd_filename_here
 
  # To enable authorization via mod_authz_svn
  #AuthzSVNAccessFile /etc/apache2/dav_svn.authz
 
  <LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
  </LimitExcept> 
 
</Location>

Install More aptitude packages for Trac plugins

Install some packages that will be needed.

sudo aptitude install build-essential graphviz
sudo aptitude install enscript
sudo aptitude install htmldoc

Using easy_install to Install more Trac Plugins

Because these are installed, you will be able to turn these on easily as Trac administrator.

sudo easy_install http://svn.edgewall.org/repos/genshi/trunk/
sudo easy_install http://trac-hacks.org/svn/accountmanagerplugin/trunk
sudo easy_install http://trac-hacks.org/svn/customfieldadminplugin/0.11
sudo easy_install http://trac-hacks.org/svn/eclipsetracplugin/tracrpcext/0.10
sudo easy_install http://trac-hacks.org/svn/iniadminplugin/0.11
sudo easy_install http://trac-hacks.org/svn/masterticketsplugin/0.11
sudo easy_install http://trac-hacks.org/svn/pagetopdfplugin/0.10/
sudo easy_install http://trac-hacks.org/svn/progressmetermacro/0.11
sudo easy_install http://trac-hacks.org/svn/ticketdeleteplugin/0.11
sudo easy_install http://trac-hacks.org/svn/tracwysiwygplugin/0.11
sudo easy_install http://wikinotification.ufsoft.org/svn/trunk