Repair panic: ufs_dirbad: /: bad dir ino FreeBSD

Komputer random reboot dengan error di console spt ini.

...
panic: ufs_dirbad: /: bad dir ino 1777399 at offset 3072: mangled entry
...

Perbaiki dengan cara sebagai berikut:

Booting single user (read-only mode tanpa mounting file-system).

Lakukan fsck -y terlebih dahulu.

Check partisi yang bermasalah, dalam hal ini partisi root (/).

# cat /etc/fstab
# Device        Mountpoint      FStype  Options Dump    Pass#
/dev/ada0p2     /               ufs     rw      1       1
/dev/ada0p3     none            swap    sw      0       0
fdesc           /dev/fd         fdescfs rw      0       0

Lakukan pengecekan di /dev/ada0p2 yg mana adalah partisi root (/).

# fsdb /dev/ada0p2

Cari inode yang ditunjukan sesuai error diatas, dalam hal ini inode 1777399. Dalam hal fsdb akan menunjukan file atribut mana saja yang bermasalah.

fsdb (inum: 2)> inode 1777399

Skg kita ada di prompt inum 1777399, lakukan clear untuk inode 1777399.

fsdb (inum: 1777399)> clri 1777399

Exit debugger fsdb.

fsdb (inum: 1777399)> quit

Lakukan fsck -y kembali, mungkin akan diperlukan beberapa kali sampai file-system benar-benar clean.

# fsck -y /dev/ada0p2

Resize Partition di FreeBSD

Kita cek partisi yang ada di OS kita.

root:~# gpart show ada0
=>       34  312581741  ada0  GPT  (149G)
         34        128     1  freebsd-boot  (64K)
        162  304086912     2  freebsd-ufs  (145G)
  304087074    8388608     3  freebsd-swap  (4.0G)
  312475682     106093        - free -  (52M)

Kita akan menghapus free-space dan meresize ada0p2/ada0p3. deaktifkan dahulu swap-nya.

root:~# swapoff /dev/ada0p3

Matikan dahulu GEOM Safety variable lewat sysctl(8).

root:~# sysctl kern.geom.debugflags=16

Hapus partisi freebsd-swap (/dev/ada0p3) dahulu. Partisi ini hanya penyimpanan sementara saja, jd aman untuk dihapus.

root:~# gpart delete -i 3 ada0

Sekarang kita lakukan resize untuk partisi freebsd-ufs (/dev/ada0p2) dari 145G ke 147G. Untuk swap dikurangi 2G.

root:~# gpart resize -i 2 -a 4k -s 147G ada0

Bikin kembali swap-nya & aktifkan kembali partisinya.

root:~# gpart add -t freebsd-swap ada0
root:~# swapon /dev/ada0p3

Cek ulang partisi akhirnya & aktifkan kembali GEOM Safety variable.

root:~# gpart show ada0
=>       34  312581741  ada0  GPT  (149G)
         34        128     1  freebsd-boot  (64K)
        162  308281342     2  freebsd-ufs  (147G)
  308281504    4300271     3  freebsd-swap  (2.0G)

root:~# sysctl kern.geom.debugflags=0
kern.geom.debugflags: 16 -> 0

Agar size baru (/dev/ada0p2 - freebsd-ufs) dapat digunakan sesuai dengan size yang baru dibikin.

root:~# growfs /dev/ada0p2
Device is mounted read-write; resizing will result in temporary write suspension for /.
It's strongly recommended to make a backup before growing the file system.
OK to grow filesystem on /dev/ada0p2, mounted on /, from 145GB to 147GB? [Yes/No] yes
super-block backups (for fsck_ffs -b #) at:
 305234240, 306516736, 307799232

Recovery Bad-Sector Hardisk di FreeBSD

Terlebih dahulu backup data penting!
Cek bad sector hardisk.

root:~# smartctl -t long /dev/ada0
root:~# smartctl -l selftest /dev/ada0 | awk 'NR==7'
# 1  Extended offline    Completed: read failure       90%     36067         27292160
                                                                             ^^^^^^^^ (L)

Cek UFS file system.

root:~# dumpfs /dev/ada0p2 | egrep '^bsize'
bsize   32768   shift   15      mask    0xffff8000
        ^^^^^ (B)

Cari sector pertama partisi yg digunakan dalam hardisk.

root:~# fdisk -s /dev/ada0
/dev/ada0: 310101 cyl 16 hd 63 sec
Part        Start        Size Type Flags
   1:           1   312581807 0xee 0x00
                ^ (S)

Cari sector-size hardisk.

root:~# gpart list ada0 | tail -n 5
1. Name: ada0
   Mediasize: 160041885696 (149G)
   Sectorsize: 512
               ^^^ (M) 
   Mode: r2w2e3

Gunakan formula dibawah ini.

b = ((L - S) * M) / B)
L = 27292160
S = 1
M = 512
B = 32768

b = ((27292160 - 1) * 512) / 32768
b = 426439.984375 ~ 426439 (int)

Rubah permission agar bisa mode write.

root:~# sysctl kern.geom.debugflags=0x10

Untuk sector 426439 (bad sector) tidak akan digunakan oleh sistem untuk menyimpan data.

root:~# dd if=/dev/zero of=/dev/ada0 bs=32768 count=1 seek=426439

Untuk diagnosa isi sector 426439 (bad sector) bisa diredirect outputnya ke file.

root:~# dd if=/dev/ada0 of=hasil.txt bs=32768 count=1 skip=426439

Kembalikan permission ke semula.

root:~# sysctl kern.geom.debugflags=0

Cek kembali bad sector.

root:~# smartctl -t long /dev/ada0

Pastikan hasilnya -. Ini sample outputnya:

root:~# smartctl -l selftest /dev/ada0 | awk 'NR==7'
# 1  Extended offline    Completed without error       00%     36073         -
                                                                             ^

Jangan lupa setelah yakin tidak ada bad sector, recovery semua file lewat make world & restore file backup.

FreeBSD: make buildworld failure in libllvmsupport

Saya mendapat error yg cukup mengesalkan ketika Rebuild FreeBSD dari source , cukup lama googling mencari referensi error yang terjadi, ternyata solusinya cukup simple meskipun dengan nebak2 library clang(1) yg digunakan. Seperti kita ketahui bahwa FreeBSD 10.0-RELEASE sudah merubah untuk default compilernya dari GCC ke clang(1). Berikut saya post error yang terjadi:

c++  -O2 -pipe -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/tools/clang/include -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support -I. -I/usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/clang/include -DLLVM_ON_UNIX -DLLVM_ON_FREEBSD -D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -DNDEBUG -fno-strict-aliasing -DLLVM_DEFAULT_TARGET_TRIPLE=\"i386-unknown-freebsd10.3\" -DLLVM_HOST_TRIPLE=\"i386-unknown-freebsd10.3\" -DDEFAULT_SYSROOT=\"\" -ffunction-sections -fdata-sections -I/usr/obj/usr/src/tmp/legacy/usr/include  -fno-exceptions -fno-rtti  -c /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp -o APFloat.o
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp:15:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APFloat.h:20:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APInt.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/ArrayRef.h:14:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/SmallVector.h:17:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/AlignOf.h:19:
In file included from /usr/include/c++/v1/cstddef:38:
In file included from /usr/include/c++/v1/stddef.h:51:
/usr/include/c++/v1/__nullptr:24:29: error: variable has incomplete type 'struct _LIBCPP_TEMPLATE_VIS'
struct _LIBCPP_TEMPLATE_VIS nullptr_t
                            ^
/usr/include/c++/v1/__nullptr:24:8: note: forward declaration of 'std::__1::_LIBCPP_TEMPLATE_VIS'
struct _LIBCPP_TEMPLATE_VIS nullptr_t
       ^
/usr/include/c++/v1/__nullptr:24:38: error: expected ';' after top level declarator
struct _LIBCPP_TEMPLATE_VIS nullptr_t
                                     ^
/usr/include/c++/v1/__nullptr:47:48: error: unknown type name 'nullptr_t'
inline _LIBCPP_ALWAYS_INLINE _LIBCPP_CONSTEXPR nullptr_t __get_nullptr_t() {return nullptr_t(0);}
                                               ^
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp:15:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APFloat.h:20:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APInt.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/ArrayRef.h:14:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/SmallVector.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/MathExtras.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/SwapByteOrder.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/clang/include/llvm/Support/DataTypes.h:36:
In file included from /usr/include/c++/v1/cmath:301:
In file included from /usr/include/c++/v1/math.h:309:
/usr/include/c++/v1/type_traits:472:114: error: expected class name
    : public integral_constant(nullptr)) == 1> {};
                                                                                                                 ^
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/lib/Support/APFloat.cpp:15:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APFloat.h:20:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/APInt.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/ArrayRef.h:14:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/ADT/SmallVector.h:19:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/MathExtras.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/include/llvm/Support/SwapByteOrder.h:18:
In file included from /usr/src/lib/clang/libllvmsupport/../../../contrib/llvm/../../lib/clang/include/llvm/Support/DataTypes.h:36:
/usr/include/c++/v1/cmath:679:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       acos(float __lcpp_x) _NOEXCEPT       {return acosf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:654:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       acos(float __lcpp_x) _NOEXCEPT       {return acosf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:675:9: note: using declaration
using ::acos;
        ^
/usr/include/c++/v1/cmath:680:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double acos(long double __lcpp_x) _NOEXCEPT {return acosl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:655:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double acos(long double __lcpp_x) _NOEXCEPT {return acosl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:675:9: note: using declaration
using ::acos;
        ^
/usr/include/c++/v1/cmath:686:1: error: declaration conflicts with target of using declaration already in scope
acos(_A1 __lcpp_x) _NOEXCEPT {return acos((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:661:1: note: target of using declaration
acos(_A1 __lcpp_x) _NOEXCEPT {return acos((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:675:9: note: using declaration
using ::acos;
        ^
/usr/include/c++/v1/cmath:694:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       asin(float __lcpp_x) _NOEXCEPT       {return asinf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:666:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       asin(float __lcpp_x) _NOEXCEPT       {return asinf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:690:9: note: using declaration
using ::asin;
        ^
/usr/include/c++/v1/cmath:695:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double asin(long double __lcpp_x) _NOEXCEPT {return asinl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:667:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double asin(long double __lcpp_x) _NOEXCEPT {return asinl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:690:9: note: using declaration
using ::asin;
        ^
/usr/include/c++/v1/cmath:701:1: error: declaration conflicts with target of using declaration already in scope
asin(_A1 __lcpp_x) _NOEXCEPT {return asin((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:673:1: note: target of using declaration
asin(_A1 __lcpp_x) _NOEXCEPT {return asin((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:690:9: note: using declaration
using ::asin;
        ^
/usr/include/c++/v1/cmath:709:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       atan(float __lcpp_x) _NOEXCEPT       {return atanf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:678:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       atan(float __lcpp_x) _NOEXCEPT       {return atanf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:705:9: note: using declaration
using ::atan;
        ^
/usr/include/c++/v1/cmath:710:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double atan(long double __lcpp_x) _NOEXCEPT {return atanl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:679:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double atan(long double __lcpp_x) _NOEXCEPT {return atanl(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:705:9: note: using declaration
using ::atan;
        ^
/usr/include/c++/v1/cmath:716:1: error: declaration conflicts with target of using declaration already in scope
atan(_A1 __lcpp_x) _NOEXCEPT {return atan((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:685:1: note: target of using declaration
atan(_A1 __lcpp_x) _NOEXCEPT {return atan((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:705:9: note: using declaration
using ::atan;
        ^
/usr/include/c++/v1/cmath:724:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       atan2(float __lcpp_y, float __lcpp_x) _NOEXCEPT             {return atan2f(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:690:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       atan2(float __lcpp_y, float __lcpp_x) _NOEXCEPT             {return atan2f(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:720:9: note: using declaration
using ::atan2;
        ^
/usr/include/c++/v1/cmath:725:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double atan2(long double __lcpp_y, long double __lcpp_x) _NOEXCEPT {return atan2l(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:691:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double atan2(long double __lcpp_y, long double __lcpp_x) _NOEXCEPT {return atan2l(__lcpp_y, __lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:720:9: note: using declaration
using ::atan2;
        ^
/usr/include/c++/v1/cmath:736:1: error: declaration conflicts with target of using declaration already in scope
atan2(_A1 __lcpp_y, _A2 __lcpp_x) _NOEXCEPT
^
/usr/include/c++/v1/math.h:702:1: note: target of using declaration
atan2(_A1 __lcpp_y, _A2 __lcpp_x) _NOEXCEPT
^
/usr/include/c++/v1/cmath:720:9: note: using declaration
using ::atan2;
        ^
/usr/include/c++/v1/cmath:750:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY float       ceil(float __lcpp_x) _NOEXCEPT       {return ceilf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:713:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY float       ceil(float __lcpp_x) _NOEXCEPT       {return ceilf(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:746:9: note: using declaration
using ::ceil;
        ^
/usr/include/c++/v1/cmath:751:46: error: declaration conflicts with target of using declaration already in scope
inline _LIBCPP_INLINE_VISIBILITY long double ceil(long double __lcpp_x) _NOEXCEPT {return ceill(__lcpp_x);}
                                             ^
/usr/include/c++/v1/math.h:714:46: note: target of using declaration
inline _LIBCPP_INLINE_VISIBILITY long double ceil(long double __lcpp_x) _NOEXCEPT {return ceill(__lcpp_x);}
                                             ^
/usr/include/c++/v1/cmath:746:9: note: using declaration
using ::ceil;
        ^
/usr/include/c++/v1/cmath:757:1: error: declaration conflicts with target of using declaration already in scope
ceil(_A1 __lcpp_x) _NOEXCEPT {return ceil((double)__lcpp_x);}
^
/usr/include/c++/v1/math.h:720:1: note: target of using declaration
ceil(_A1 __lcpp_x) _NOEXCEPT {return ceil((double)__lcpp_x);}
^
/usr/include/c++/v1/cmath:746:9: note: using declaration
using ::ceil;
        ^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
*** Error code 1

Stop.
make[3]: stopped in /usr/src/lib/clang/libllvmsupport
*** Error code 1

Stop.
make[2]: stopped in /usr/src
*** Error code 1

Stop.
make[1]: stopped in /usr/src
*** Error code 1

Stop.
make: stopped in /usr/src

Solusi yang saya lakukan adalah sbb:
Keyword ada di /usr/include/c++/v1/cmath:746, error itu kurang lebih seputar header declaration konflik dengan header yang sudah terinstall sebelomnya. Tipe data long double sepertinya tidak dapat didefinisikan di scope ketika proses build object file. Temukan file cmath di /usr dengan perintah:

root:/usr# find . -type f -name "cmath"
./src/contrib/libstdc++/include/tr1/cmath
./src/contrib/libc++/include/cmath (cmath dari source SVN)
./include/c++/v1/cmath (cmath yang bermasalah)
./local/lib/gcc5/include/c++/ext/cmath
./local/lib/gcc5/include/c++/tr1/cmath
./local/lib/gcc5/include/c++/cmath

OK, kita liat susunan direktori & filenya banyak kemiripan antara /usr/include/c++/v1/ dengan /usr/src/contrib/libc++/include/. Kita tinggal copykan saja tapi sebelomnya kita backup terlebih dahulu.

root:~# cd /usr/include/c++
root:/usr/include/c++# mv v1 v1.old
root:/usr/include/c++# cp -rp /usr/src/contrib/libc++/include .
root:/usr/include/c++# mv include v1

Silahkan dicoba kembali proses make buildworld, saya mengalami kekurangan dua file header yg dibutuhkan yaitu cxxabi.h dan unwind.h, silahkan kita cari lagi kedua file ini di /usr/src dan kopikan saja:

root:/usr/include/c++/v1# find /usr/src -type f -name "cxxabi.h"
/usr/src/contrib/libstdc++/libsupc++/cxxabi.h
/usr/src/contrib/libcxxrt/cxxabi.h (Kita ambil yang ini)
root:/usr/include/c++/v1# cp /usr/src/contrib/libcxxrt/cxxabi.h .
root:/usr/include/c++/v1# find /usr/src -type f -name "unwind.h"
/usr/src/sys/ia64/include/unwind.h
/usr/src/contrib/libcxxrt/unwind.h
/usr/src/contrib/llvm/tools/clang/lib/Headers/unwind.h (Kita ambil yang ini)
/usr/src/contrib/libexecinfo/unwind.h
/usr/src/include/unwind.h
root:/usr/include/c++/v1# cp /usr/src/contrib/llvm/tools/clang/lib/Headers/unwind.h .

Silahkan make buildworld kembali, jika ada error coba teliti stderr di consolenya. Dan silahkan tebak2 lagi seperti contoh langkah diatas :-).

Instalasi SSL Gratis Dari Let's Encrypt

Beberapa waktu lalu saya sempat membahasa tentang pemasangan fitur SSL dengan metode Self-Signing. Sekarang, saya coba menggunakan Let's Encrypt. Caranya cukup sederhana karena semua dikerjakan secara auto.
• Download atau copy-paste acme.sh di https://github.com/Neilpang/acme.sh.
• Copykan di root folder, usahakan menggunakan root akses karena kita perlu merestart daemon nginx webserver dan menempatkan sertifikat di /etc/ssl/certs. Buat folder .acme.sh di root folder dan download acme.sh script.

# mkdir .acme.sh
# cd .acme.sh && fetch https://raw.githubusercontent.com/Neilpang/acme.sh/master/acme.sh
# chmod 700 acme.sh

Kita mulai mengkonfigurasi dan menginstal sertifikatnya. Saya asumsikan anda sudah mempunyai sebuah domain yang valid dan terinstall webserver.

# cd .acme.sh
# ./acme.sh --issue -d domainanda.com -w /path/to/root/webserver/document
[Mon May 15 19:28:12 WIB 2017] Registering account
[Mon May 15 19:28:15 WIB 2017] Registered
[Mon May 15 19:28:16 WIB 2017] Update success.
[Mon May 15 19:28:16 WIB 2017] ACCOUNT_THUMBPRINT='MINkdh3CiCitr1h4YesQSO2azn7bs3NIFwJOLbTSpug'
[Mon May 15 19:28:16 WIB 2017] Creating domain key
[Mon May 15 19:28:17 WIB 2017] Single domain='domainanda.com'
[Mon May 15 19:28:17 WIB 2017] Getting domain auth token for each domain
[Mon May 15 19:28:17 WIB 2017] Getting webroot for domain='domainanda.com'
[Mon May 15 19:28:17 WIB 2017] Getting new-authz for domain='domainanda.com'
[Mon May 15 19:28:19 WIB 2017] The new-authz request is ok.
[Mon May 15 19:28:19 WIB 2017] Verifying:domainanda.com
[Mon May 15 19:28:24 WIB 2017] Success
[Mon May 15 19:28:24 WIB 2017] Verify finished, start to sign.
[Mon May 15 19:28:26 WIB 2017] Cert success.
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISBAb5KVD8Z+F2hCdzvVfK0cp6MA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzA1MTUxMTI4MDBaFw0x
NzA4MTMxMTI4MDBaMBcxFTATBgNVBAMTDHduLnNseWlwLm5ldDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBALtbiMysoSdf+7VfuiL+6vc5qscn6DPd2j2f
YbWVIki3PdsJUmr66/oj3wRXRMbzflhfVgLfnFvj9mUb+44pIChRSc5R4AboqIFo
vngilTgDAjtbpceCmeTj3DNpa1sJN9BVmrfRazLBgzg0dPQ6QJpixtKcRiwbOJsx
k5XM7SOeq1hFpNef3NPc6wyIhcv+h+e1Id8WJPWGaJgNq+QnC7AnnIRRcjuaCZsl
SKeenGBUcpHKNUKOY7AADZ2hHR74Eg7IGcbOt+LrnljE/613BXi2U8GYbL28LoIq
YrNFAxjqoKPXZtfWuIHYYxfAbiejGhnmzPPKlKsZ2rRTAREZJUMCAwEAAaOCAg0w
ggIJMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUbBO4xZOZeedw10ZZYg083IAcnqgw
HwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwcAYIKwYBBQUHAQEEZDBi
MC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQub3Jn
LzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9y
Zy8wFwYDVR0RBBAwDoIMd24uc2x5aXAubmV0MIH+BgNVHSAEgfYwgfMwCAYGZ4EM
AQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZpY2F0
ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMgYW5k
IG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xpY3kg
Zm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8wDQYJ
KoZIhvcNAQELBQADggEBAJad1Nm5x62oMmMNy2zsCe6bckLQaW5MhqXzez13Uz2A
DnaUTgpYC6+AIJmCaPjNkozSOcb8KDXPx2Mmdt16ZB0wjgBqcMJfcrm9EjTXafQZ
SlIXQYQuB0hsoJIXWQacAXjNlFnRUSEk9DSCBy7Xnq55qbFPrrqj3L51qjlGE6zE
s+Fbt0BIKpybBy0JGltMJtAQaVkFgYnAXj1mvKSnf3FYwBySNBciumyKDr9cSlkQ
CyjduyR7HB3GgeIlndYvPnkT0x5PEdWoiqh8ACMAWqJyfwEXWGOTxBNdtMdbGV37
zDyK/nDHeWd2LP3dXxCxaSxrhFHD0hnRv+krOzHguXU=
-----END CERTIFICATE-----
[Mon May 15 19:28:26 WIB 2017] Your cert is in  /root/.acme.sh/domainanda.com/domainanda.com.cer
[Mon May 15 19:28:26 WIB 2017] Your cert key is in  /root/.acme.sh/domainanda.com/domainanda.com.key
[Mon May 15 19:28:26 WIB 2017] The intermediate CA cert is in  /root/.acme.sh/domainanda.com/ca.cer
[Mon May 15 19:28:26 WIB 2017] And the full chain certs is there:  /root/.acme.sh/domainanda.com/fullchain.cer
# ls -laF
drwxr-xr-x   4 root  wheel     512 May 15 19:28:39 2017 .
drwxr-xr-x  12 root  wheel    1024 May 15 19:25:13 2017 ..
-rw-r--r--   1 root  wheel     196 May 15 19:28:26 2017 account.conf
-rwxr-xr-x   1 root  wheel  142712 May  3 21:04:02 2017 acme.sh
drwxr-xr-x   3 root  wheel     512 May 15 19:28:09 2017 ca
-rw-r--r--   1 root  wheel     448 May 15 19:28:26 2017 http.header
drwxr-xr-x   2 root  wheel     512 May 15 19:28:26 2017 domainanda.com

Selanjutkan kita lakukan proses instalasi sertifikatnya.

# cd .acme.sh && ./acme.sh --install-cert -d domainanda.com --key-file /etc/ssl/certs/domainanda.com.key --fullchain-file /etc/ssl/certs/domainanda.com.pem
# vim /usr/local/etc/nginx/nginx.conf
server {
    listen  domainanda.com:443 ssl default_server;
    root   /usr/local/www/data;
    add_header X-Powered-By "domainanda.com";
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header Referrer-Policy no-referrer;
    add_header Strict-Transport-Security "max-age=31536000;" always;
    add_header Content-Security-Policy "default-src 'self'; script-src 'self' domainanda.com";
    ssl_certificate      /etc/ssl/certs/domainanda.com.pem;
    ssl_certificate_key  /etc/ssl/certs/domainanda.com.key;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_ecdh_curve secp384r1;
    ssl_session_tickets off;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_prefer_server_ciphers  on;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
}
# /usr/local/etc/rc.d/nginx restart

Karena sertifikat ini berlaku maksimal cuma 3 bulan, maka kita harus merenew sebelom expired:

# cd /root/.acme.sh/ && ./acme.sh --renew -d domainanda.com --force
# cd /root/.acme.sh/ && ./acme.sh --install-cert -d domainanda.com --key-file /etc/ssl/certs/domainanda.com.key --fullchain-file /etc/ssl/certs/domainanda.com.pem
# /usr/local/etc/rc.d/nginx restart

Lakukan secara simultan dengan menggunakan crontab(5) setiap 2 bulan sekali:

# crontab -l
0       1       1       */2     *       cd /root/.acme.sh/ && ./acme.sh --renew -d domainanda.com --force && ./acme.sh --install-cert -d domainanda.com --key-file /etc/ssl/certs/domainanda.com.key --fullchain-file /etc/ssl/certs/domainanda.com.pem --reloadcmd "/usr/local/etc/rc.d/nginx reload"

Menggunakan Email Client untuk POP3s/IMAPs Google's Mail

Beberapa waktu lalu untuk POP3s (POP3 support TLS/SSL) dan IMAPs (IMAP support TLS/SSL) bisa dengan mudah mengkonfigurasi Email client kita, namun akhir-akhir ini sudah tidak bisa dengan cara tersebut, karena Google sudah memberlakukan security dengan menggunakan OAuth 2.0. Dengan demikian Email client yang tidak mendukung mekanisme verifikasi OAuth 2.0 otomatis selalu mendapat error Wrong password, ada beberapa cara untuk mengakses Google's Mail dari desktop atau gadget kita.
• Menggunakan email client yang sudah mendukung OAuth atau,
• Setting account kita dengan mode Access for less secure apps menjadi Turn off lewat tautan ini.

Tentu cara yang kedua lebih fleksible meskipun dari sisi keamanan menjadikan akun kita rentan. Tapi bagaimana lagi karena kenyataannya belom banyak email client yang mendukung OAuth ini. Saya coba ThunderBird bisa bekerja tanpa setting Access for less secure ini tapi sayangnya hanya mendukung IMAPs (IMAP support TLS/SSL) saja.

Links download program yang sering digunakan

• Google Chrome: http://r5---sn-2uuxa3vh-cqve.gvt1.com/edgedl/release2/NEMc4bk58xw/58.0.3029.110_chrome_installer.exe
• Firefox All Release: http://ftp.mozilla.org/pub/firefox/releases/
• Android Emulator (BlueStacks): http://cdn.bluestacks.com/downloads/2.6.104.6367/BlueStacks2_native.exe?filename=BlueStacks2_native_ea21a5e2c3a2c5b21eb78c7a929b5c2d.exe
• VirtualBox (OS Emulator): http://download.virtualbox.org/virtualbox/5.1.18/VirtualBox-5.1.18-114002-Win.exe
• Microsoft Office Compatibility: https://download.microsoft.com/download/9/2/2/9222D67F-7630-4F49-BD26-476B51517FC1/FileFormatConverters.exe
• HiJackThis: https://nchc.dl.sourceforge.net/project/hjt/2.0.5%20beta/HijackThis.exe
• WinSCP: https://winscp.net/download/WinSCP-5.9.4-Portable.zip
• PuTTY 32-bit: https://the.earth.li/~sgtatham/putty/latest/w32/putty.exe
• PuTTY 64-bit: https://the.earth.li/~sgtatham/putty/latest/w64/putty.exe
• LanCalculator: http://lantricks.com/download/lancalculator_setup.exe
• LAN Messenger: https://nchc.dl.sourceforge.net/project/lanmsngr/1.2.35/lmc-1.2.35-win32.exe
• K-Lite Codec Pack: https://www.codecguide.com/download_kl.htm
• Rufus: https://rufus.akeo.ie/downloads/
• Process Hacker: http://processhacker.sourceforge.net/downloads.php
• WinMerge: http://winmerge.org/downloads/
• EaseUS Partition Master Free: http://www.partition-tool.com/personal.htm
• GSmartControl: http://gsmartcontrol.sourceforge.net/home/index.php/Downloads
• µTorrent Stable: http://www.utorrent.com/downloads/win
• tracetcp: http://simulatedsimian.github.io/tracetcp_download.html
• TCPView: https://technet.microsoft.com/en-us/sysinternals/tcpview.aspx
• TCPing: https://www.elifulkerson.com/projects/downloads/tcping-0.34/tcping.exe
• SHA1: http://www.hashcash.org/binaries/win32/sha1.exe
• SHA256: http://www.sedosoft.com/downloads/crypto/SHA256/SHA256.exe
• Agent Ransack: http://bit.ly/2nCDuS2 (Google Drive Share)
• DelTree: http://bit.ly/2n5ToTz (Google Drive Share)
• Diff for DOS CMD: http://bit.ly/2mkjao8 (Google Drive Share)
• Draw-9 Patch for Android-Dev: http://bit.ly/2nCwdBU (Google Drive Share)
• HDat2Exe: http://bit.ly/2n008km (Google Drive Share)
• HDD Regenerator: http://bit.ly/2n65iwN (Google Drive Share)
• MD5 for DOS CMD: http://bit.ly/2n5Xmve (Google Drive Share)
• MiFlash 32-bit: http://bit.ly/2nJA9xm (Google Drive Share)
• MiFlash 64-bit: http://bit.ly/2nVghH4 (Google Drive Share)
• TWRP for Mi4i Device (Ferrari): http://bit.ly/2ndsDNB (Google Drive Share)
• Wget for DOS CMD: http://bit.ly/2n02aB3 (Google Drive Share)
• Windows 7 Activator 32-bit & 64-bit: http://bit.ly/2mLWGZs (Google Drive Share)
• Windows 10 Activator 32-bit & 64-bit: http://bit.ly/2nCLyCa (Google Drive Share)
• HDD Sentinel for DOS: http://bit.ly/2mkymBN (Google Drive Share)
• Deep Freeze Standard Version 7 & Version 8: http://bit.ly/2mLY4LS (Google Drive Share)
• Color Detector for HEX Color: http://bit.ly/2nCQG9L (Google Drive Share)
• Bitanalyzer for HTTP Sniffing: http://bit.ly/2nCOP4x (Google Drive Share)
• WinRAR for 32-bit & 64-bit: http://bit.ly/2nJLoWt (Google Drive Share)