How to connect a road warrior VPN linux client to a Check Point Firewall-1

Yesterday I received a message in the debian-user-spanish mailing list with subject: Conectarse por VPN a un Firewall-1

In that email the user was referring to very useful tutorial: Check Point Firewall-1 NG(X). I remembered that link as I used it to configure my first road warrior VPN client. But this document is outdated as the procedure to obtain the private key is not valid anymore. There is a new procedure that I documented in my personal wiki. In this post I am gonna copy & paste the right procedure from it.

Continue reading


Backing up a cpanel hosting account

Since 2005 I have hosted this web page in the Cpanel based Bluehost company. First with Joomla and recently migrated to WordPress.

Bluehost allows to download a daily, weekly and monthly backup from your Cpanel control panel, but manual intervention is needed:

  1. Logon in the control panel
  2. Navigate to the backup page
  3. Perform the backup
  4. Download it to your local computer.

This is a manually/time consuming task and of course you should not forget it!!

In this post I gonna show my automatic method to backup files and databases using:

  1. Crontab for automatic backups.
  2. Public/private keys for passwordless ssh connections.
  3. Rsync command for synchronizing directories between remote and local servers. This way bandwidth is reduced as if a file has already been copied to the local server no data transfer is needed.
  4. Mysqldump for dumping the MySQL databases to a local file.
  5. SpiderOak for data deduplication and remote backup.

Some previous knowledge is needed to understand how it works, anyway there are some useful links to understand it. 🙂

Continue reading


Debian Templates Disk Images Qemu/KVM for libvirt

A long time ago, in a galaxy far far away when I started with openvz I followed this tutorial for Debian template creation. Now I am adapting it (using my own experience and this template-squeeze tutorial too) to Qemu/KVM disk images than later can be used directly or via libvirt.

This procedure tries to generalize the template. While working with disk cloned images many elements need to be “generalized” before capturing and deploying a disk image to multiple computers. Some of these elements include:

  1. ssh keys
  2. /etc/apt/sources.list

The more “generalized” is a template, the less manual work is needed after deploying it.

This method must work in others virtualization systems: vmware, virtualbox, etc. As it is “virtualizator/hypervisor/emulator independent” as it is focused only in the disk image.

Continue reading


Installing Puppet master and client in the same host. The Debian way

Since I started learning puppet several weeks ago I wanted to install the client and the server in the same host but using several aliases for the same machine. But there are several funny error related to puppet master and client sharing the same ssl directory: SSL certificate confusion, obscure errors, and SSL revocation horrors.

I took the main ideas from Splitting puppetd from puppetmaster from madduck‘s blog. But using this method you don’t have to create 2 differents ssl directories. Both installations (client and server) will share the same directory. I think it’s easier to implement and maintain.

The golden rule is to create all the SSL stuff (CA, keys, certificates,etc) in the right moment. And you may ask… When is the right moment? After the file /etc/puppet/puppet.conf is created with the certname directive properly updated. As by default puppet create all the SSL stuff using the hostname instead of the alias you want.

This tutorial assume you are using Debian (but should work on its derivatives: Ubuntu, Mint, etc) and have one server with two aliases replying to the same host (via /etc/hosts or DNS) In my case: puppet (server) and mediacenter (client).

Continue reading


Migration from Joomla to WordPress succesfully done!

Last week I finally finished the migration from my old 1.0.15 Joomla installation to the new shiny 3.2.1 WordPress. I had in mind to migrate to the new 1.5.X Joomla series but there was not an easy one-click upgrade tool as there was so many core differences between version and some manual work had to be done. That was the reason to study other options.

Finally I decided to move on with WordPress and with the help of Misterpah‘s Mambo Importer plug-in at least half of the work was already done. 🙂 Although some manual work has to be done (recreating path’s, images, etc) 🙁

Special thanks to Misterpah for sharing his knowledge and time!

P.S.: Starting from today all (or at least almost) news posts/pages will be written in English.


Como instruir a SpamAssasin en Alojamientos basados en cPanel

Leyendo los foros de mi proveedor de alojamiento encontré un hilo muy interesante sobre como instruir SpamAssassin y después de darle unas cuantas vueltas hice este script para añadir la funcionalidad de que SpamAssasin aprenda de las preferencias de lo que los usuarios han marcado como SPAM o NO SPAM.

Esto significa que con un solo script se añade la funcionalidad de “Marcar como Spam”  o bien “No es Spam”  que tienen algunos de los mas famosos webmails gratuitos Gmail, Yahoo, etc . Y por supuesto que SpamAssasin aprenda de ello  para todas las cuentas de todos los dominios que tengamos alojados. Eso si, siempre que la empresa de alojamiento este basada en cPanel.

Continue reading


El mundo es un pañuelo y con youtube aun mas

En uno de las días  del viaje a China (2007) con mis dos becarias (Cristina y Nerea)  fuimos a la gran muralla con el becario “económico” de Irlanda y 2 Americanos amigos de unos amigos…. Hoy, la novia de un amigo me ha reconocido en un vídeo mientras buscaba musica por internet y me ha mandado estos links.

Continue reading