Sudah beberapa lama tidak aktif menulis kembali di blog ini, banyak yang ingin dibagikan namun tidak sempat. Begitulah pekerjaan seorang “Suparman” System Administrator di kampus tercinta. Belum lagi ditambah warisan pekerjaan sebagai koordinator Jaringan Komputer yang didapatkan karena rekan sekerja yang mengundurkan diri beberapa waktu lalu. 🙂
Hari ini baru sempat menulis lagi, dan mudah – mudahan akan terus berlanjut. Ada banyak pengetahuan yang didapat dari hasil eksperimen praktis dengan piranti lunak bebas  dan juga pembangunan infrastruktur yang dapat dibagikan. Semoga di akhirnya juga dapat menulis beberapa buku dari hasil eksperimen tersebut.
Hanya saja, samba server dikonfigurasi pada linux, sementara sharing folder dikonfigurasi pada windows. Berikut penjelasan dan tutorial lengkap mengenai samba server. Silakan disimak! Cara Konfigurasi Samba Server Di Debian 8 Untuk konfigurasi samba server, ada beberapa tahap yang harus dilakukan. Berikut penjelasannya secara lengkap.
Upgrade scele.ui.ac.id dengan moodle 2.x
Yah langsung saja ke hal yang ingin dibagikan yakni mengenai migrasi infrastruktur SCELE Universitas Indonesia. SCELE atau Student Centered e-Learning Environment telah digunakan oleh UI sejak 2006. Sistem ini menggunakan Moodle sebagai Learning Management System yang menyediakan sumber daya dan interaksi perkuliahan bagi mahasiswa dan dosen di UI.
SCELE pada tingkatan Universitas dipelihara oleh rekan – rekan di PPSP, sedangkan kami di PPSI mengembangkan back-end infrastruktur untuk sistem tersebut. Sistem yang sekarang menggunakan Moodle versi 1.9 dan beroperasi sejak tahun 2009.
Kira – kira setahun yang lalu di bulan Juni 2013, Â rekan – rekan di PPSP ingin memutakhirkan SCELE dengan moodle 2.x. Berdasarkan permintaan tersebut, saya pun menyiapkan sebuah server untuk digunakan oleh sistem SCELE baru tersebut. Hanya sebuah server dengan OS Debian 7 serta Webmin untuk membantu konfigurasi. Rekan – rekan PPSP pun akhirnya menginstalasikan sendiri moodle 2.x pada server yang baru tersebut. Saya kemudian membantu mengeset domain scele2.ui.ac.id untuk pengembangan SCELE baru tersebut.
Cerita pun berakhir disini, dan berlanjut di Juni 2014. Yap, butuh satu tahun nampaknya untuk pengembangan.
Berpindah ke NGINX
Menjelang berlangsungnya OBM 2014, tim PPSP berencana untuk mengoperasikan SCELE2 berbasis moodle 2.6. scele2.ui.ac.id akan berganti nama menjadi scele.ui.ac.id pada Semeseter Gasal 2014/2015. MABA tahun ini juga akan diperkenalkan pada sistem SCELE yang baru ini.
Terjadi diskusi singkat dengan rekan – rekan PPSP , saya dan rekan Adin untuk mengoptimalkan deployment dari sistem tersebut. Diskusi ini memutuskan memigrasikan lingkungan operasi Moodle dari Apache/PHP menjadi NGINX/PHP-FPM. Hal ini karena kombinasi Apache/PHP sangat boros sumber daya untuk menjalankan Moodle. Selain itu, optimasi juga akan dilakukan dengan memasang memcached untuk memperingan pekerjaan PHP menginterpretasikan halaman dari Moodle.
Berikut merupakan hal – hal yang saya lakukan untuk implementasi backend NGINX/PHP-FPM pada Moodle,
- Pasang NGINX dan Kawan – Kawan
Dikarenakan server yang digunakan sudah terinstalasi sistem Debian 7 dan Webmin, kita tidak perlu lagi melakukan pemasangan dari awal. Cukup pasang nginx dan kawan – kawan (php-fpm, memcached, dan lain – lain)
2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62 64 66 68 70 72 74 76 78 80 82 84 86 88 90 92 94 96 98 100 102 104 106 108 110 112 114 116 118 120 122 124 126 128 130 132 134 136 138 140 142 144 146 148 150 152 154 156 158 160 162 164 166 168 170 172 174 176 178 180 182 184 186 188 190 192 194 196 198 200 202 204 206 208 210 212 214 216 218 220 222 224 226 228 230 232 234 236 238 240 242 244 246 248 250 252 254 256 258 260 262 264 266 268 270 272 274 276 278 280 282 284 286 288 290 292 294 296 298 300 302 304 306 308 310 312 314 316 318 320 322 324 326 328 330 332 334 336 338 340 342 344 346 348 350 352 354 356 358 360 362 364 366 368 370 372 374 376 378 380 382 384 386 388 390 392 394 396 398 400 402 404 406 408 | ;the variable$pool can we used inany directive andwill be replaced by the [scele-1] ;Per pool prefix ;-'slowlog' ;-'chroot' ;-'php_values' ;When notset,the globalprefix(or/usr)applies instead. ;Note:Thisdirective can also be relative tothe globalprefix. ;prefix=/path/to/pools/$pool ;Unix user/group of processes ;Note:The user ismandatory.Ifthe group isnotset,the defaultuser's group user = beta.scele ; The address on which to accept FastCGI requests. ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on ; 'port' - to listen on a TCP socket to all addresses on a ; '/path/to/unix/socket' - to listen on a unix socket. listen = /var/run/php5-fpm.moodle-1.sock; ; Default Value: 128 (-1 on FreeBSD and OpenBSD) ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user listen.owner = beta.scele ;listen.mode = 0660 ; List of ipv4 addresses of FastCGI clients which are allowed to connect. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address ; must be separated by a comma. If this value is left blank, connections will be ; Default Value: any ; Specify the nice(2) priority to apply to the pool processes (only if set) ; The value can vary from -19 (highest priority) to 20 (lower priority) ; Note: - It will only work if the FPM master process is launched as root ; - The pool processes will inherit the master process priority ; Default Value: no set ; Choose how the process manager will control the number of child processes. ; static - a fixed number (pm.max_children) of child processes; ; dynamic - the number of child processes are set dynamically based on the ; following directives. With this process management, there will be ; pm.max_children - the maximum number of children that can ; pm.start_servers - the number of children created on startup. ; pm.min_spare_servers - the minimum number of children in 'idle' ; of 'idle' processes is less than this ; pm.max_spare_servers - the maximum number of children in 'idle' ; of 'idle' processes is greater than this ; ondemand - no children are created at startup. Children will be forked when ; new requests will connect. The following parameter are used: ; pm.max_children - the maximum number of children that ; pm.process_idle_timeout - The number of seconds after which ; Note: This value is mandatory. ; The number of child processes to be created when pm is set to 'static' and the ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'. ; This value sets the limit on the number of simultaneous requests that will be ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork. ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP ; CGI. The below defaults are based on a server without much resources. Don't ;Note:Used when pm isset to'static','dynamic'or'ondemand' pm.max_children=20 ;The number of childprocesses created on startup. ;DefaultValue:min_spare_servers+(max_spare_servers-min_spare_servers)/2 ;The desired minimum number of idle server processes. ;Note:Mandatory when pm isset to'dynamic' ;The desired maximum number of idle server processes. ;Note:Mandatory when pm isset to'dynamic' ;The number of seconds after which an idle process will be killed. ;DefaultValue:10s ;The number of requests eachchildprocess should execute before respawning. ;Thiscan be useful towork around memory leaks in3rdparty libraries.For ;endless request processing specify'0'.Equivalent toPHP_FCGI_MAX_REQUESTS. ;pm.max_requests=500 ;The URI toview the FPM status page.Ifthisvalue isnotset,no URI will be ;recognized asastatus page.It shows the following informations: ;process manager-static,dynamic orondemand; ;start since-number of seconds since FPM has started; ;accepted conn-the number of request accepted by the pool; ;listen queue-the number of request inthe queue of pending ;max listen queue-the maximum number of requests inthe queue ;listen queue len-the size of the socket queue of pending connections; ;active processes-the number of active processes; ;total processes-the number of idle+active processes; ;max active processes-the maximum number of active processes since FPM ;max children reached-number of times,the process limit has been reached, ;when pm tries tostart more children(works only for ;Value are updated inreal time. ;pool:www ;start time:01/Jul/2011:17:53:49+0200 ;accepted conn:190460 ;max listen queue:1 ;idle processes:4 ;total processes:15 ;max children reached:0 ;By defaultthe status page output isformatted astext/plain.Passing either ;'html','xml'or'json'inthe query stringwill returnthe corresponding ;http://www.foo.bar/status ;http://www.foo.bar/status?html ; ;By defaultthe status page only outputs shortstatus.Passing'full'inthe ;query stringwill also returnstatus foreachpool process. ;http://www.foo.bar/status?full ;http://www.foo.bar/status?html&full ;The Full status returns foreachprocess: ;state-the state of the process(Idle,Running,...); ;start time-the date andtime the process has started; ;start since-the number of seconds since the process has started; ;requests-the number of requests the process has served; ;request duration-the duration inµsof the requests; ;request URI-the request URI with the query string; ;content length-the content length of the request(only with POST); ;script-the main script called(or'-'ifnotset); ;last request cpu-the%cpu the last request consumed ;it's always 0 if the process is not in Idle state ; because CPU calculation is done when the request ; last request memory - the max amount of memory the last request consumed ;because memory calculation isdone when the request ;Ifthe process isinIdle state,theninformations are related tothe ;last request the process has served.Otherwise informations are related to ;Example output: ;pid:31330 ;start time:01/Jul/2011:17:53:49+0200 ;requests:12808 ;request method:GET ;content length:0 ;script:/home/fat/web/docs/php/test_mem.php ;last request memory:0 ;Note:There isareal-time FPM status monitoring sample web page available ;It's available in: ${prefix}/share/fpm/status.html ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; Default Value: not set ; The ping URI to call the monitoring page of FPM. If this value is not set, no ; URI will be recognized as a ping page. This could be used to test from outside ; - create a graph of FPM availability (rrd or such); ; - remove a server from a group if it is not responding (load balancing); ; Note: The value must start with a leading slash (/). The value can be ; anything, but it may not be a good idea to use the .php extension or it ; Default Value: not set ; This directive may be used to customize the response of a ping request. The ; response is formatted as text/plain with a 200 response code. ;ping.response = pong ; The access log file ;access.log = log/$pool.access.log ; The access log format. ; %%: the '%' character ; it can accept the following format: ; - %{system}C for system CPU only ; %d: time taken to serve the request ; - %{seconds}d (default) ; - %{mili}d ; - %{micro}d ; %e: an environment variable (same as $_ENV or $_SERVER) ; it must be associated with embraces to specify the name of the env ; - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e ; - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e ; %l: content-length of the request (for POST request only) ; %M: peak of memory allocated by PHP ; - %{bytes}M (default) ; - %{kilo}M ; - %{mega}M ; %o: output header ; it must be associated with embraces to specify the name of the header: ; - %{X-Powered-By}o ; - .... ; %P: PID of the parent of the child that serviced the request ; %Q: the '?' character if query string exists ; %r: the request URI (without the query string, see %q and %Q) ; %s: status (response code) ; it can accept a strftime(3) format: ; %T: time the log has been written (the request has finished) ; %d/%b/%Y:%H:%M:%S %z (default) ; ;access.format = '%R - %u %t '%m %r%Q%q' %s %f %{mili}d %{kilo}M %C%%' ; The log file for slow requests ; Note: slowlog is mandatory if request_slowlog_timeout is set ; The timeout for serving a single request after which a PHP backtrace will be ; dumped to the 'slowlog' file. A value of '0s' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ;request_slowlog_timeout = 0 ; The timeout for serving a single request after which the worker process will ; be killed. This option should be used when the 'max_execution_time' ini option ; does not stop script execution for some reason. A value of '0' means 'off'. ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays) ;request_terminate_timeout = 0 ; Set open file descriptor rlimit. rlimit_files = 65536 ; Set max core size rlimit. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ;rlimit_core = 0 ; Chroot to this directory at the start. This value must be defined as an ; absolute path. When this value is not set, chroot is not used. ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one ; of its subdirectories. If the pool prefix is not set, the global prefix ; Note: chrooting is a great security feature and should be used whenever ; possible. However, all PHP paths will be relative to the chroot ; Default Value: not set ; Note: relative path can be used. ; Default Value: current directory or / when chroot ; Redirect worker stdout and stderr into main error log. If not set, stdout and ; stderr will be redirected to /dev/null according to FastCGI specs. ; Note: on highloaded environement, this can cause some delay in the page ; Default Value: no ; Prevents arbitrary environment variables from reaching FPM worker processes ; by clearing the environment in workers before env vars specified in this ; Setting to 'no' will make all environment variables available to PHP code ; Default Value: yes ; Limits the extensions of the main script FPM will allow to parse. This can ; prevent configuration mistakes on the web server side. You should only limit ; FPM to .php extensions to prevent malicious users to use other extensions to ; Note: set an empty value to allow all extensions. ;security.limit_extensions = .php .php3 .php4 .php5 ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from ; Default Value: clean env ;env[PATH] = /usr/local/bin:/usr/bin:/bin ;env[TMPDIR] = /tmp ; Additional php.ini defines, specific to this pool of workers. These settings ; overwrite the values previously defined in the php.ini. The directives are the ; php_value/php_flag - you can set classic ini defines which can ; php_admin_value/php_admin_flag - these directives won'tbe overwritten by ;Forphp_*flag,valid values are on,off,1,0,true,false,yes orno. ;Defining'extension'will load the corresponding shared extension from ;extension_dir.Defining'disable_functions'or'disable_classes'will not ;overwrite previously defined php.ini values,but will append the newvalue ;Note:path INI options can be relative andwill be expanded with the prefix ;DefaultValue:nothing isdefined by defaultexcept the values inphp.ini and ;php_admin_value[sendmail_path]=/usr/sbin/sendmail-t-i-fwww@my.domain.com ;php_admin_value[error_log]=/var/log/fpm-php.www.log ;php_admin_value[memory_limit]=32M php_admin_value[error_log]=/home/scele/logs/moodle-fpm.log php_admin_value[memory_limit]=384M |
- Â Konfigurasi global nginx
Terdapat tiga berkas konfigurasi nginx yang harus dibuat / disesuaikan. Sebuah berkas konfigurasi merupakan berkas konfigurasi global nginx yang terletak di /etc/nginx/nginx.conf. Untuk bagian ini, sesuaikan bagian upstream sesuai dengan jumlah pool php-fpm yang dibuat
2 4 6 8 10 12 | .... # Upstream to abstract backend connection(s) for PHP. least_conn; server unix:/var/run/php5-fpm.moodle-2.sock; server unix:/var/run/php5-fpm.moodle-4.sock; } .... |
-  Konfigurasi virtual host pada nginx
Tidak seperti sistem SCELE sebelumnya yang melayani pengguna via  koneksi HTTP biasa, sistem yang baru akan melayani penggunanya via HTTPS. Setiap koneksi HTTP akan ditulis ulang menjadi HTTPS. Berikut merupakan berkas konfigurasi virtual host untuk setting tersebut.
2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 46 48 50 52 54 56 58 60 62 64 66 68 70 72 74 76 78 80 82 84 86 88 90 | $sudo vim/etc/nginx/sites-available/scele2.ui.ac.id server{ server_name scele2.ui.ac.id www.scele2.ui.ac.id; error_log/var/log/nginx/scele2.ui.ac.id.com_errors.log; access_log/var/log/nginx/scele2.ui.ac.id_access.log; rewrite^(.*)https://scele2.ui.ac.id$1 permanent; } $sudo vim/etc/nginx/sites-available/scele2.ui.ac.id.conf-ssl server{ server_name scele2.ui.ac.id www.scele2.ui.ac.id; server_name_in_redirect on; ssl_certificate/etc/nginx/ssl/ui.ac.id.crt; ssl_session_timeout5m; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; root/home/beta.scele/public_html; error_log/var/log/nginx/scele2.ui.ac.id.com_errors_ssl.log; access_log/var/log/nginx/scele2.ui.ac.id_access_ssl.log; location/{ try_files$uri$uri//index.php; fastcgi_split_path_info^(.+.php)(/.+)$; # Zero-day exploit defense. # Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi. # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked. fastcgi_param SCRIPT_FILENAME$document_root$fastcgi_script_name; fastcgi_pass moodle; include fastcgi_params; ## See the blacklist.conf file at the parent dir: /etc/nginx. if($bad_bot){ } ## Deny access based on the Referer header. return444; # Designed to be included in any server {} block.</p> log_not_found off; } # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) deny all; deny all; } |
- Â Mari nyalakan
 Mari kita nyalakan SCELE baru dengan menggunakan NGINX dan PHP-FPM
- Blog
- Grand Livina 2008 Auto Gearbox
- Guddiyan Parole Sonam Bajwa Mp3 Download Online
- Negro Spiritual Partituras
- Setting Moodle Di Debian Server Untuk Jaringan Lokal
- Spss 24 Crack Indir
- Usb Disk Security Crack
- Assistir Filme Completo Dublado Adrenalina 2
- Bmw F30 Bulb Sizes
- Synchromesh Meaning In Hindi
- Netflix Premium Account Generator Online
- Killah Priest Heavy Mental Zip
- Book Of Enoch Pdf
- El Pensamiento Salvaje .pdf
- Big Foot Saw
- How To Downlod Left 4 Dead 2 On Android
- Nikon D5300 Software
- The sims 3 couple poses
- Free zune software download windows 7
- P90x chest and back workout moves
- Download lil wayne the carter 1 zip
- Need for speed 2015 free download for windows 7
- Epson 2480 twain driver download
- Network virtual adapter driver
- Adobe illustrator cs3 free download full version windows 8
- 2004 e46 m3 specs
- Hp deskjet 1000 driver win7
- Uu mele rajini murugan song lyric meaning
- Anime studio 9 download
- Maze runner 2014 dual audio movie download
- Mac finder window in all files showing files 7 times
- Acronis mac backup
- 2014 ford flex front license plate bracket
- How to add grammarly to word its not showing up
- Nas life is good download mp3
- Pc horror games free download full version
- Wd for mac on pc
- Can i download netflix for offline viewing on pc
- 90-day free trial microsoft office 2013
- How do i take a full screenshot on mac
- Callaway xr driver adjustment chart
- Platform tools android sdk download
- Hp scan doctor download for win