17 Oktober 2017

Resize Partition di FreeBSD

Kita cek partisi yang ada di OS kita.
root:~# gpart show ada0
=>       34  312581741  ada0  GPT  (149G)
         34        128     1  freebsd-boot  (64K)
        162  304086912     2  freebsd-ufs  (145G)
  304087074    8388608     3  freebsd-swap  (4.0G)
  312475682     106093        - free -  (52M)
Kita akan menghapus free-space dan meresize ada0p2/ada0p3. deaktifkan dahulu swap-nya.
root:~# swapoff /dev/ada0p3
Matikan dahulu GEOM Safety variable lewat sysctl(8).
root:~# sysctl kern.geom.debugflags=16
Hapus partisi freebsd-swap (/dev/ada0p3) dahulu. Partisi ini hanya penyimpanan sementara saja, jd aman untuk dihapus.
root:~# gpart delete -i 3 ada0
Sekarang kita lakukan resize untuk partisi freebsd-ufs (/dev/ada0p2) dari 145G ke 147G. Untuk swap dikurangi 2G.
root:~# gpart resize -i 2 -a 4k -s 147G ada0
Bikin kembali swap-nya & aktifkan kembali partisinya.
root:~# gpart add -t freebsd-swap ada0
root:~# swapon /dev/ada0p3
Cek ulang partisi akhirnya & aktifkan kembali GEOM Safety variable.
root:~# gpart show ada0
=>       34  312581741  ada0  GPT  (149G)
         34        128     1  freebsd-boot  (64K)
        162  308281342     2  freebsd-ufs  (147G)
  308281504    4300271     3  freebsd-swap  (2.0G)

root:~# sysctl kern.geom.debugflags=0
kern.geom.debugflags: 16 -> 0

11 Oktober 2017

Recovery Bad-Sector Hardisk di FreeBSD

Terlebih dahulu backup data penting!
Cek bad sector hardisk.
root:~# smartctl -t long /dev/ada0
root:~# smartctl -l selftest /dev/ada0 | awk 'NR==7'
# 1  Extended offline    Completed: read failure       90%     36067         27292160
                                                                             ^^^^^^^^ (L)
Cek UFS file system.
root:~# dumpfs /dev/ada0p2 | egrep '^bsize'
bsize   32768   shift   15      mask    0xffff8000
        ^^^^^ (B)
Cari sector pertama partisi yg digunakan dalam hardisk.
root:~# fdisk -s /dev/ada0
/dev/ada0: 310101 cyl 16 hd 63 sec
Part        Start        Size Type Flags
   1:           1   312581807 0xee 0x00
                ^ (S)
Gunakan formula dibawah ini.
b = ((L - S) * 512) / B)
L = 27292160
B = 32768
S = 1
Media sector size = 512

b = ((27292160 - 1) * 512) / 32768
b = 426439.984375 ~ 426439 (int)
Rubah permission agar bisa mode write.
root:~# sysctl kern.geom.debugflags=0x10
Untuk sector 426439 (bad sector) tidak akan digunakan oleh sistem untuk menyimpan data.
root:~# dd if=/dev/zero of=/dev/ada0 bs=32768 count=1 seek=426439
Untuk diagnosa isi sector 426439 (bad sector) bisa diredirect outputnya ke file.
root:~# dd if=/dev/ada0 of=hasil.txt bs=32768 count=1 skip=426439
Kembalikan permission ke semula.
root:~# sysctl kern.geom.debugflags=0
Cek kembali bad sector.
root:~# smartctl -t long /dev/ada0
Pastikan hasilnya -. Ini sample outputnya:
root:~# smartctl -l selftest /dev/ada0 | awk 'NR==7'
# 1  Extended offline    Completed without error       00%     36073         -
                                                                             ^
Jangan lupa setelah yakin tidak ada bad sector, recovery semua file lewat make world & restore file backup.

15 Juli 2017

FreeBSD: make buildworld failure in libllvmsupport

Saya mendapat error yg cukup mengesalkan ketika Rebuild FreeBSD dari source , cukup lama googling mencari referensi error yang terjadi, ternyata solusinya cukup simple meskipun dengan nebak2 library clang(1) yg digunakan. Seperti kita ketahui bahwa FreeBSD 10.0-RELEASE sudah merubah untuk default compilernya dari GCC ke clang(1). Berikut saya post error yang terjadi:
c++  -O2 -pipe -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/tools/clang/include -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support -I. -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/clang/include -DLLVM_ON_UNIX -DLLVM_ON_FREEBSD -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -DNDEBUG -fno-strict-aliasing -DLLVM_DEFAULT_TARGET_TRIPLE=\"i386-unknown-freebsd10.3\" -DLLVM_HOST_TRIPLE=\"i386-unknown-freebsd10.3\" -DDEFAULT_SYSROOT=\"\" -ffunction-sections -fdata-sections -I/usr/obj/usr/src/tmp/legacy/usr/include  -fno-exceptions -fno-rtti  -c /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp -o APFloat.o
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp:15:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APFloat.h:20:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APInt.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/ArrayRef.h:14:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/SmallVector.h:17:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/AlignOf.h:19:
In file included from /usr/include/c++/v1/cstddef:38:
In file included from /usr/include/c++/v1/stddef.h:51:
/usr/include/c++/v1/__nullptr:24:29: error: variable has incomplete type 'struct _LIBCPP_TEMPLATE_VIS'
struct _LIBCPP_TEMPLATE_VIS nullptr_t
                            ^
/usr/include/c++/v1/__nullptr:24:8: note: forward declaration of 'std::__1::_LIBCPP_TEMPLATE_VIS'
struct _LIBCPP_TEMPLATE_VIS nullptr_t
       ^
/usr/include/c++/v1/__nullptr:24:38: error: expected ';' after top level declarator
struct _LIBCPP_TEMPLATE_VIS nullptr_t
                                     ^
/usr/include/c++/v1/__nullptr:47:48: error: unknown type name 'nullptr_t'
inline _LIBCPP_ALWAYS_INLINE _LIBCPP_CONSTEXPR nullptr_t __get_nullptr_t() {return nullptr_t(0);}
                                               ^
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp:15:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APFloat.h:20:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APInt.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/ArrayRef.h:14:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/SmallVector.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/MathExtras.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/SwapByteOrder.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/clang/include/llvm/Support/DataTypes.h:36:
In file included from /usr/include/c++/v1/cmath:301:
In file included from /usr/include/c++/v1/math.h:309:
/usr/include/c++/v1/type_traits:472:114: error: expected class name
    : public integral_constant(nullptr)) == 1> {};
                                                                                                                 ^
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp:15:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APFloat.h:20:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APInt.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/ArrayRef.h:14:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/SmallVector.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/MathExtras.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/SwapByteOrder.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/clang/include/llvm/Support/DataTypes.h:36:
/usr/include/c++/v1/cmath:679:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       acos(float __lcpp_x) _NOEXCEPT       {return acosf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:654:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       acos(float __lcpp_x) _NOEXCEPT       {return acosf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:675:9: note: using declaration
using ::acos;
        ^
/usr/include/c++/v1/cmath:680:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double acos(long double __lcpp_x) _NOEXCEPT {return acosl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:655:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double acos(long double __lcpp_x) _NOEXCEPT {return acosl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:675:9: note: using declaration
using ::acos;
        ^
/usr/include/c++/v1/cmath:686:1: error: declaration conflicts with target of using declaration already in scope
acos(_A1 __lcpp_x) _NOEXCEPT {return acos((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:661:1: note: target of using declaration
acos(_A1 __lcpp_x) _NOEXCEPT {return acos((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:675:9: note: using declaration
using ::acos;
        ^
/usr/include/c++/v1/cmath:694:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       asin(float __lcpp_x) _NOEXCEPT       {return asinf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:666:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       asin(float __lcpp_x) _NOEXCEPT       {return asinf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:690:9: note: using declaration
using ::asin;
        ^
/usr/include/c++/v1/cmath:695:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double asin(long double __lcpp_x) _NOEXCEPT {return asinl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:667:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double asin(long double __lcpp_x) _NOEXCEPT {return asinl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:690:9: note: using declaration
using ::asin;
        ^
/usr/include/c++/v1/cmath:701:1: error: declaration conflicts with target of using declaration already in scope
asin(_A1 __lcpp_x) _NOEXCEPT {return asin((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:673:1: note: target of using declaration
asin(_A1 __lcpp_x) _NOEXCEPT {return asin((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:690:9: note: using declaration
using ::asin;
        ^
/usr/include/c++/v1/cmath:709:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       atan(float __lcpp_x) _NOEXCEPT       {return atanf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:678:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       atan(float __lcpp_x) _NOEXCEPT       {return atanf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:705:9: note: using declaration
using ::atan;
        ^
/usr/include/c++/v1/cmath:710:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double atan(long double __lcpp_x) _NOEXCEPT {return atanl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:679:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double atan(long double __lcpp_x) _NOEXCEPT {return atanl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:705:9: note: using declaration
using ::atan;
        ^
/usr/include/c++/v1/cmath:716:1: error: declaration conflicts with target of using declaration already in scope
atan(_A1 __lcpp_x) _NOEXCEPT {return atan((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:685:1: note: target of using declaration
atan(_A1 __lcpp_x) _NOEXCEPT {return atan((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:705:9: note: using declaration
using ::atan;
        ^
/usr/include/c++/v1/cmath:724:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       atan2(float __lcpp_y, float __lcpp_x) _NOEXCEPT             {return atan2f(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:690:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       atan2(float __lcpp_y, float __lcpp_x) _NOEXCEPT             {return atan2f(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:720:9: note: using declaration
using ::atan2;
        ^
/usr/include/c++/v1/cmath:725:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double atan2(long double __lcpp_y, long double __lcpp_x) _NOEXCEPT {return atan2l(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:691:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double atan2(long double __lcpp_y, long double __lcpp_x) _NOEXCEPT {return atan2l(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:720:9: note: using declaration
using ::atan2;
        ^
/usr/include/c++/v1/cmath:736:1: error: declaration conflicts with target of using declaration already in scope
atan2(_A1 __lcpp_y, _A2 __lcpp_x) _NOEXCEPT
^
/usr/include/c++/v1/math.h:702:1: note: target of using declaration
atan2(_A1 __lcpp_y, _A2 __lcpp_x) _NOEXCEPT
^
/usr/include/c++/v1/cmath:720:9: note: using declaration
using ::atan2;
        ^
/usr/include/c++/v1/cmath:750:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       ceil(float __lcpp_x) _NOEXCEPT       {return ceilf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:713:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       ceil(float __lcpp_x) _NOEXCEPT       {return ceilf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:746:9: note: using declaration
using ::ceil;
        ^
/usr/include/c++/v1/cmath:751:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double ceil(long double __lcpp_x) _NOEXCEPT {return ceill(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:714:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double ceil(long double __lcpp_x) _NOEXCEPT {return ceill(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:746:9: note: using declaration
using ::ceil;
        ^
/usr/include/c++/v1/cmath:757:1: error: declaration conflicts with target of using declaration already in scope
ceil(_A1 __lcpp_x) _NOEXCEPT {return ceil((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:720:1: note: target of using declaration
ceil(_A1 __lcpp_x) _NOEXCEPT {return ceil((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:746:9: note: using declaration
using ::ceil;
        ^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
*** Error code 1

Stop.
make[3]: stopped in /usr/src/lib/clang/libllvmsupport
*** Error code 1

Stop.
make[2]: stopped in /usr/src
*** Error code 1

Stop.
make[1]: stopped in /usr/src
*** Error code 1

Stop.
make: stopped in /usr/src
Solusi yang saya lakukan adalah sbb:
Keyword ada di /usr/include/c++/v1/cmath:746, error itu kurang lebih seputar header declaration konflik dengan header yang sudah terinstall sebelomnya. Tipe data long double sepertinya tidak dapat didefinisikan di scope ketika proses build object file. Temukan file cmath di /usr dengan perintah:
root:/usr# find . -type f -name "cmath"
./src/contrib/libstdc++/include/tr1/cmath
./src/contrib/libc++/include/cmath (cmath dari source SVN)
./include/c++/v1/cmath (cmath yang bermasalah)
./local/lib/gcc5/include/c++/ext/cmath
./local/lib/gcc5/include/c++/tr1/cmath
./local/lib/gcc5/include/c++/cmath
OK, kita liat susunan direktori & filenya banyak kemiripan antara /usr/include/c++/v1/ dengan /usr/src/contrib/libc++/include/. Kita tinggal copykan saja tapi sebelomnya kita backup terlebih dahulu.
root:~# cd /usr/include/c++
root:/usr/include/c++# mv v1 v1.old
root:/usr/include/c++# cp -rp /usr/src/contrib/libc++/include .
root:/usr/include/c++# mv include v1
Silahkan dicoba kembali proses make buildworld, saya mengalami kekurangan dua file header yg dibutuhkan yaitu cxxabi.h dan unwind.h, silahkan kita cari lagi kedua file ini di /usr/src dan kopikan saja:
root:/usr/include/c++/v1# find /usr/src -type f -name "cxxabi.h"
/usr/src/contrib/libstdc++/libsupc++/cxxabi.h
/usr/src/contrib/libcxxrt/cxxabi.h (Kita ambil yang ini)
root:/usr/include/c++/v1# cp /usr/src/contrib/libcxxrt/cxxabi.h .
root:/usr/include/c++/v1# find /usr/src -type f -name "unwind.h"
/usr/src/sys/ia64/include/unwind.h
/usr/src/contrib/libcxxrt/unwind.h
/usr/src/contrib/llvm/tools/clang/lib/Headers/unwind.h (Kita ambil yang ini)
/usr/src/contrib/libexecinfo/unwind.h
/usr/src/include/unwind.h
root:/usr/include/c++/v1# cp /usr/src/contrib/llvm/tools/clang/lib/Headers/unwind.h .
Silahkan make buildworld kembali, jika ada error coba teliti stderr di consolenya. Dan silahkan tebak2 lagi seperti contoh langkah diatas :-).

15 Mei 2017

Instalasi SSL Gratis Dari Let's Encrypt

Beberapa waktu lalu saya sempat membahasa tentang pemasangan fitur SSL dengan metode Self-Signing. Sekarang, saya coba menggunakan Let's Encrypt. Caranya cukup sederhana karena semua dikerjakan secara auto.
• Download atau copy-paste acme.sh di https://github.com/Neilpang/acme.sh.
• Copykan di root folder, usahakan menggunakan root akses karena kita perlu merestart daemon nginx webserver dan menempatkan sertifikat di /etc/ssl/certs. Buat folder .acme.sh di root folder dan download acme.sh script.
# mkdir .acme.sh
# cd .acme.sh && fetch https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh
# chmod 700 acme.sh
Kita mulai mengkonfigurasi dan menginstal sertifikatnya. Saya asumsikan anda sudah mempunyai sebuah domain yang valid dan terinstall webserver.
# cd .acme.sh
# ./acme.sh --issue -d domainanda.com -w /path/to/root/webserver/document
[Mon May 15 19:28:12 WIB 2017] Registering account
[Mon May 15 19:28:15 WIB 2017] Registered
[Mon May 15 19:28:16 WIB 2017] Update success.
[Mon May 15 19:28:16 WIB 2017] ACCOUNT_THUMBPRINT='MINkdh3CiCitr1h4YesQSO2azn7bs3NIFwJOLbTSpug'
[Mon May 15 19:28:16 WIB 2017] Creating domain key
[Mon May 15 19:28:17 WIB 2017] Single domain='domainanda.com'
[Mon May 15 19:28:17 WIB 2017] Getting domain auth token for each domain
[Mon May 15 19:28:17 WIB 2017] Getting webroot for domain='domainanda.com'
[Mon May 15 19:28:17 WIB 2017] Getting new-authz for domain='domainanda.com'
[Mon May 15 19:28:19 WIB 2017] The new-authz request is ok.
[Mon May 15 19:28:19 WIB 2017] Verifying:domainanda.com
[Mon May 15 19:28:24 WIB 2017] Success
[Mon May 15 19:28:24 WIB 2017] Verify finished, start to sign.
[Mon May 15 19:28:26 WIB 2017] Cert success.
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISBAb5KVD8Z+F2hCdzvVfK0cp6MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MTUxMTI4MDBaFw0x
NzA4MTMxMTI4MDBaMBcxFTATBgNVBAMTDHduLnNseWlwLm5ldDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBALtbiMysoSdf+7VfuiL+6vc5qscn6DPd2j2f
YbWVIki3PdsJUmr66/oj3wRXRMbzflhfVgLfnFvj9mUb+44pIChRSc5R4AboqIFo
vngilTgDAjtbpceCmeTj3DNpa1sJN9BVmrfRazLBgzg0dPQ6QJpixtKcRiwbOJsx
k5XM7SOeq1hFpNef3NPc6wyIhcv+h+e1Id8WJPWGaJgNq+QnC7AnnIRRcjuaCZsl
SKeenGBUcpHKNUKOY7AADZ2hHR74Eg7IGcbOt+LrnljE/613BXi2U8GYbL28LoIq
YrNFAxjqoKPXZtfWuIHYYxfAbiejGhnmzPPKlKsZ2rRTAREZJUMCAwEAAaOCAg0w
ggIJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUbBO4xZOZeedw10ZZYg083IAcnqgw
HwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEEZDBi
MC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
LzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y
Zy8wFwYDVR0RBBAwDoIMd24uc2x5aXAubmV0MIH+BgNVHSAEgfYwgfMwCAYGZ4EM
AQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0
ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5k
IG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kg
Zm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJ
KoZIhvcNAQELBQADggEBAJad1Nm5x62oMmMNy2zsCe6bckLQaW5MhqXzez13Uz2A
DnaUTgpYC6+AIJmCaPjNkozSOcb8KDXPx2Mmdt16ZB0wjgBqcMJfcrm9EjTXafQZ
SlIXQYQuB0hsoJIXWQacAXjNlFnRUSEk9DSCBy7Xnq55qbFPrrqj3L51qjlGE6zE
s+Fbt0BIKpybBy0JGltMJtAQaVkFgYnAXj1mvKSnf3FYwBySNBciumyKDr9cSlkQ
CyjduyR7HB3GgeIlndYvPnkT0x5PEdWoiqh8ACMAWqJyfwEXWGOTxBNdtMdbGV37
zDyK/nDHeWd2LP3dXxCxaSxrhFHD0hnRv+krOzHguXU=
-----END CERTIFICATE-----
[Mon May 15 19:28:26 WIB 2017] Your cert is in  /root/.acme.sh/domainanda.com/domainanda.com.cer
[Mon May 15 19:28:26 WIB 2017] Your cert key is in  /root/.acme.sh/domainanda.com/domainanda.com.key
[Mon May 15 19:28:26 WIB 2017] The intermediate CA cert is in  /root/.acme.sh/domainanda.com/ca.cer
[Mon May 15 19:28:26 WIB 2017] And the full chain certs is there:  /root/.acme.sh/domainanda.com/fullchain.cer
# ls -laF
drwxr-xr-x   4 root  wheel     512 May 15 19:28:39 2017 .
drwxr-xr-x  12 root  wheel    1024 May 15 19:25:13 2017 ..
-rw-r--r--   1 root  wheel     196 May 15 19:28:26 2017 account.conf
-rwxr-xr-x   1 root  wheel  142712 May  3 21:04:02 2017 acme.sh
drwxr-xr-x   3 root  wheel     512 May 15 19:28:09 2017 ca
-rw-r--r--   1 root  wheel     448 May 15 19:28:26 2017 http.header
drwxr-xr-x   2 root  wheel     512 May 15 19:28:26 2017 domainanda.com
Selanjutkan kita lakukan proses instalasi sertifikatnya.
# cd .acme.sh && ./acme.sh --install-cert -d domainanda.com --key-file /etc/ssl/certs/domainanda.com.key --fullchain-file /etc/ssl/certs/domainanda.com.pem
# vim /usr/local/etc/nginx/nginx.conf
server {
    listen  domainanda.com:443 ssl default_server;
    root   /usr/local/www/data;
    add_header X-Powered-By "domainanda.com";
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy no-referrer;
    add_header Strict-Transport-Security "max-age=31536000;" always;
    add_header Content-Security-Policy "default-src 'self'; script-src 'self' domainanda.com";
    ssl_certificate      /etc/ssl/certs/domainanda.com.pem;
    ssl_certificate_key  /etc/ssl/certs/domainanda.com.key;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_ecdh_curve secp384r1;
    ssl_session_tickets off;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_prefer_server_ciphers  on;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
}
# /usr/local/etc/rc.d/nginx restart
Karena sertifikat ini berlaku maksimal cuma 3 bulan, maka kita harus merenew sebelom expired:
# cd /root/.acme.sh/ && ./acme.sh --renew -d domainanda.com --force
# cd /root/.acme.sh/ && ./acme.sh --install-cert -d domainanda.com --key-file /etc/ssl/certs/domainanda.com.key --fullchain-file /etc/ssl/certs/domainanda.com.pem
# /usr/local/etc/rc.d/nginx restart
Lakukan secara simultan dengan menggunakan crontab(5) setiap 2 bulan sekali:
# crontab -l
0       1       1       */2     *       cd /root/.acme.sh/ && ./acme.sh --renew -d domainanda.com --force && ./acme.sh --install-cert -d domainanda.com --key-file /etc/ssl/certs/domainanda.com.key --fullchain-file /etc/ssl/certs/domainanda.com.pem --reloadcmd "/usr/local/etc/rc.d/nginx reload"

25 Maret 2017

Menggunakan Email Client untuk POP3s/IMAPs Google's Mail

Beberapa waktu lalu untuk POP3s (POP3 support TLS/SSL) dan IMAPs (IMAP support TLS/SSL) bisa dengan mudah mengkonfigurasi Email client kita, namun akhir-akhir ini sudah tidak bisa dengan cara tersebut, karena Google sudah memberlakukan security dengan menggunakan OAuth 2.0. Dengan demikian Email client yang tidak mendukung mekanisme verifikasi OAuth 2.0 otomatis selalu mendapat error Wrong password, ada beberapa cara untuk mengakses Google's Mail dari desktop atau gadget kita.
• Menggunakan email client yang sudah mendukung OAuth atau,
• Setting account kita dengan mode Access for less secure apps menjadi Turn off lewat tautan ini.

Tentu cara yang kedua lebih fleksible meskipun dari sisi keamanan menjadikan akun kita rentan. Tapi bagaimana lagi karena kenyataannya belom banyak email client yang mendukung OAuth ini. Saya coba ThunderBird bisa bekerja tanpa setting Access for less secure ini tapi sayangnya hanya mendukung IMAPs (IMAP support TLS/SSL) saja.

20 Maret 2017

Links download program yang sering digunakan

05 Oktober 2016

Cara Rooting Di Xiaomi

Jika anda sudah berhasil mengikuti step-1 s/d step-4 di artikel Cara Flashing ROM Di Xiaomi, anda tinggal melakukan beberapa step saja untuk proses rooting di device Xiaomi ini. Untuk proses rooting umumnya ada beberapa cara yaitu dengan menggunakan custom recovery TWRP dan CyanogenMod. Dalam artikel ini saya menggunakan custom recovery dari TWRP.

Download terlebih dahulu custom recovery sesuai dengan device anda di https://twrp.me/Devices/. Jika device anda tidak ada di list itu, ya sudah bubar saja :-).

Saya menggunakan Xiaomi Mi 4i (ferrari) dan kebetulan ada di list devicenya. Silahkan download di https://dl.twrp.me/ferrari/twrp-3.0.2-0-ferrari.img simpan di komputer/laptop anda.

Download SU Binary disini dan simpan di storage device anda. SU Binary ini nanti dipake ketika device dalam mode Fastboot. Jadi pastikan jangan disimpan di komputer/laptop.

Pada artikel Cara Flashing ROM Di Xiaomi, anda sudah menginstall Xiaomi Mi Flash Tool Version 6.8.30 di komputer/laptop bukan? Nah kita perlu aplikasi yang namanya adb.exe dan fastboot.exe. Defaultnya ada di C:\Program Files\Xiaomi\MiPhone\Google\Android, biar gampang copykan saja twrp-3.0.2-0-ferrari.img yang sudah didownload tadi ke folder C:\Program Files\Xiaomi\MiPhone\Google\Android.

Buka Command Prompt, ketik perintah ini:
C:\Users\user>cd C:\Program Files\Xiaomi\MiPhone\Google\Android [Enter]
C:\Program Files\Xiaomi\MiPhone\Google\Android>adb devices [Enter]
* daemon not running. starting it now on port 5037 *
* daemon started successfully *
List of devices attached
8060faf1        device
Itu artinya device anda sudah dikenali. Silahkan masuk mode Fastboot spt yg sudah dijelaskan pada artikel Cara Flashing ROM Di Xiaomi step ke-10. Setelah itu kita lakukan proses rooting ini:
C:\Program Files\Xiaomi\MiPhone\Google\Android>fastboot flash recovery twrp-3.0.2-0-ferrari.img [Enter]
target reported max download size of 268435456 bytes
sending 'recovery' (27222 KB)...
OKAY [  0.860s]
writing 'recovery'...
OKAY [  0.895s]
finished. total time: 1.758s

Kita boot melalui dengan custom recovery baru:
C:\Program Files\Xiaomi\MiPhone\Google\Android>fastboot boot twrp-3.0.2-0-ferrari.img [Enter]
downloading 'boot.img'...
OKAY [  0.862s]
booting...
OKAY [  0.260s]
finished. total time: 1.125s

Nah, kita masuk ke mode TWRP, silahkan geserkan ke kanan Swipe to Unlock, lalu cari menu install dan arahkan ke file SuperSU-v2.78-201609011115.zip yang sudah kita simpan di device kita itu. Tinggal geser saja ke kanan Swipe to confirm Flash untuk mengkonfirmnya, tap Reboot System. Setelah itu device anda akan reboot otomatis dan sudah rooted.