Install and configure Jenkins on Ubuntu 16.04

By

Introduction

Jenkins is an automation server written in Java, as a fork of the Hudson project. It helps to automate part of the software development process, with aids like continuous integration, but also by further empowering teams to implement the technical part of a Continuous Delivery. Jenkins supports many SCM (Source Control Management) software systems including Git, SVN, and Mercurial and provides hundreds of plugins to automate projects.
This tutorial explains how to install and use Jenkins on Ubuntu 16.04 using Apache as server.

Install Java

Jenkins requires Java, so, install OpenJDK7 on the server. First, install

python-software-properties

:

# apt install python-software-properties

Then you can add Java repository:

# add-apt-repository ppa:openjdk-r/ppa

Update Ubuntu repos and install OpenJDK:

# apt update
# apt install openjdk-7-jdk

Run

$ java -version

to verify that you have OpenJDK7 correctly installed.

Install Jenkins

Jenkins team provides a repository for Ubuntu. First, add it:

$ wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
# sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'

Update repository and install Jenkins:

# apt update
# apt install jenkins

The installation process will perform the following tasks:

Setup Jenkins as a daemon launched on start
Create a Jenkins user to run this service
Direct console log output to the file
/var/log/jenkins/jenkins.log
Populate /etc/default/jenkins with configuration parameters for the launch
Set Jenkins to listen on port 8080. Access this port with your browser to start configuration

Next, start Jenkins:

# systemctl start jenkins

Verify that it is running and listening on port 8080 with the following command:

# nestat -plntu | grep 8080

You will see a line like this:

tcp6       0      0 :::8080                 :::*                    LISTEN      122        54406       12370/java

Install and Configure Apache

Install Apache web server on your system:

# apt install apache2

Next, enable the

proxy

and

proxy_http modules

for configuring it as a front end server and reverse proxy for Jenkins. This is done by executing the following commands:

# a2enmod proxy
# a2enmod proxy_http

Now you must create a new Virtual Host file in the

/etc/apache2/sites-available/

directory.

# $EDITOR /etc/apache2/sites-available/jenkins.conf

Here, paste the following lines:

<Virtualhost *:80>
    ServerName        my.jenkins.id
    ProxyRequests     Off
    ProxyPreserveHost On
    AllowEncodedSlashes NoDecode
 
    <Proxy http://localhost:8080/*>
      Order deny,allow
      Allow from all
    </Proxy>
 
    ProxyPass         /  http://localhost:8080/ nocanon
    ProxyPassReverse  /  http://localhost:8080/
    ProxyPassReverse  /  http://my.jenkins.id/
</Virtualhost>

Save the file and activate the Jenkins Virtual Host with the

a2ensite

command.

# a2ensite jenkins

All these modifications will become effective after restarting Apache and Jenkins, so:

# systemctl restart apache2
# systemctl restart jenkins

Executing the following command, you can verify that Apache is using port 80 and Jenkins port 8080:

netstat -plntu | grep 80

Configure Jenkins

Open your browser, and go to URL

http://localhost:8080

You will see this page:

On your terminal, execute the following command:

# cat /var/lib/jenkins/secrets/initialAdminPassword

Copy the prompted password; in my case, this is:

f698b591187c40f298f24eea4847734a

Paste it on Jenkins configuration page, and click Continue

Click on Install suggested plugins. It will install various plugins automatically. This process will not take too long.
Next, we must create a new admin user:

Enter the required information, and then click on Save and finish. In the next page, click on Start using Jenkins and it will open the Jenkins Dashboard.

Configure security

Now that installation is finished, we need to configure Jenkins standard security settings.
On the Dashboard, click on Manage Jenkins -> Configure Global Security. You will see a page with different settings. Scroll and enable Matrix-based security. This will let you chose permissions for users. Add the user “admin”, and give him all permissions. To Anonymous, enable just the Read. Click on Save.

From now on, you can use your Jenkins based server for managing development jobs. Through the Dashboard you can add users, create new projects and configure them.

Let’s Encrypt your Apache webserver on CentOS 7

By

Giuseppe Molica

Introduction

It was September when, with a post on its blog, Google announced that starting from Chrome 56, its browser will mark non-secure pages containing password and credit card input fields as Not Secure in the URL bar.
It’s important to note that we are talking about all HTTP pages collecting users’ “critical” data.
This move is part of a long-term plan to mark all HTTP sites as non-secure. So, if you own (or manage) a web server, you need to make the right move:this article this will explain just what that means.

Why HTTPS?

The first question is: why is Google doing this? What are the concerns around HTTP, and why, today, is it a good choice to secure connections?
Of course, everybody knows that secure is better then insecure; but in this case, the big problem with HTTP is that it lacks a system for protecting communications between clients and servers. This exposes data to different kinds of attacks, for instance, the “Man in the middle” (MIM), in which the attacker intercepts your data. If you are using some transaction system with your bank, using credit card infos, or just entering a password to log in to a web site, this can become very dangerous.
This is why HTTPS exists (HTTP over TLS, or, HTTP over SSL, or, HTTP Secure).
If you are on Unixmen, you probably know what this means: SSL/TLS ensures encrypted connections.
So, if your job is to keep a web server up and running on, you should switch to HTTPS.

Getting started with HTTPS

First off, to enable HTTPS on your site, you need a certificate. These can be acquired from a Certificate Authority (CA). Next you’ll want to follow our tutorial, where we’ll talk about Let’s Encrypt. We will configure on an Apache web server running on CentOS 7.
In order to get it, it’s necessary to demonstrate control over the domain to secure. You can accomplish this task through software that uses ACME.
We will suppose that you have shell access to your server; in other words, that you can connect through SSH.

Using Certbot

Certbot is a powerful, yet easy to use, ACME client that the EFF provides.
In CentOS 7, you can find Certbot on the EPEL repository; if you enable it, just install what you need:

# yum install python-certbot-apache

It has a solid Apache plugin, and it automates almost all the required passages. Just give the command:

$ certbot --apache

After that, you’ll see a guide to customize your options, just like this:

Enter the domain you want to secure; then, Certbot will prompt you to enter your email address.

Next, you will choose the Virtual Host file, being the default ssh.conf.
After that, you can decide whether to enable both http and https access or redirect to https. The secure option is the second one (https). At the end of the procedure, Certbot will display a message containing configuration information.

Edit CentOS SSL configuration

If you want to add more security, you have to make some changes.
First, edit the Virtual Host file you specified during configuration through Certbot. If you used the default one, the file should be

/etc/httpd/conf.d/ssl.conf

.
There, for securing Apache SSL, we can follow this recommandation, which, for our example, is:

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off 
SSLUseStapling on 
SSLStaplingCache "shmcb:logs/stapling-cache(150000)" 
# Requires Apache >= 2.4.11
SSLSessionTickets Off

Of course, remember that you can have compatibility troubles with old clients, so it’s up to you whether to change the previous lines as suggested, or choose another route.
When you’re finished, save and close the file.

Testing and executing your new configuration

This is the easiest task. Check for syntax errors, running:

# apachectl configtest

If, as output, you have a

Syntax OK

it means that you have not made mistakes in editing conf file.
So, it’s time to restart Apache:

# systemctl restart httpd

Now, if everything went well, your web server will start to serve pages through SSL connections.

More about certificates

Let’s Encrypt certificates last for 90 days, so it’s up to you to renew. Using Certbot, you can test the automatic renewal system with this command:

certbot renew --dry-run

If it works, you can add a cron or systemd job to manage automatic renewal.

Conclusion

If you are at this point, your web server should be serving clients through secure connections.
And, of course, Chrome will no longer mark your site as Not Secure.

How to sync files with lsyncd

By

Giuseppe Molica

Introduction

We’ve already talked about using tools like rsync for managing backup of your systems, but there’s another “problem” which has to be solved if you have multiple remote computers: synchronization.
In this article, we’ll talk about lsyncd, a daemon that enables you to mirror your directories to any other directory on your network, or even locally. For performance purposes, it only mirror changes to your directory.

Install

If you use Ubuntu, you’ll find it already in the repositories:

# apt install lsyncd

If you’re a RHEL/CentOS/Fedora user, then you have to enable EPEL first. Then:

# yum install lsyncd

After installation, you’ll find sample configurations in

/usr/share/doc/lsyncd/examples/

or in

/usr/share/doc/lsyncd-VERSION/examples/

, depending on whether you are using Ubuntu or RedHat-based distros.

Configuring a local syncing

So, for testing, let’s try a local syncing with lsyncd.
First, let’s create a “source folder”, containing the files we want to sync.

$ mkdir -p $HOME/unixmen/sync_source

Then, we’ll make a backup folder:

$ mkdir $HOME/sync_backup

Just for test, populate the source directory with zero-lenght files, using touch command:

touch $HOME/unixmen/sync_source/unixmentest{1..10}0

Now, make log and status files:

# mkdir /var/log/lsyncd
# touch /var/log/lsyncd.{log,status}

Configuration file goes on

/etc/lsyncd

:

# mkdir /etc/lsyncd

In there, we’ll create a new config file:

# nano /etc/lsyncd/lsyncd.conf.lua

Where we’ll put the following code:

settings = {
logfile = "/var/log/lsyncd/lsyncd.log",
statusFile = "/var/log/lsyncd/lsyncd.status"
}

sync {
default.rsync,
source = "$HOME/unixmen/sync_source/",
target = "$HOME/sync_backup",
}

Right now, if you look in the backup directory, you’ll find it empty, because the service is not running.
But, to solve this, simply restart lsyncd with the following:

# systemctl restart lsyncd

It will start (and keep) syncing, even if you add more files on sync_source. It works completely in automated mode.

Conclusion

In a similar way, you can sync remote files, with just the difference that you’ll use SSH, and varying just a little bit in the conf file.
There are a lot of examples that you can look for in

/usr/share/doc/lsyncd/examples/

, or just lsyncd documentation. Happy syncing!

Mount remote directories with SSHFS

By

Giuseppe Molica

Introduction

For those who don’t know, SSHFS stands for Secure SHell FileSystem. It’s a client that enables us to interact with remote directories through SFTP (SSH File Transfer Protocol).
This is a secure file transfer protocol that provides file access, file transfer and file management features over SSH. We’ll install it on a Red Hat based distro.

Install SSHFS Client

First, you need to enable epel-repository. Then, just use yum:

# yum install sshfs

Create a mount point and mount an FS

You must create a mount point directory where you will mount your remote file system. For example on /mnt/sshfstest. Of course, use the mount point you want or need.
Now, you can mount a remote directory under /etc/sshfstest.

# sshfs -o IdentityFile=~/.ssh/id_rsa hostname@X.X.X.X:/remote/directory /mnt/sshfstest

Check mount point

To test, check if the commands above made their jobs. For instance, you can use df.

# df -hT

Conclusion

That’s all, now you have mounted your remote directory. If you want, you can do this permanently editing the /etc/fstab file.

How to install Munin on RHEL/CentOS/Fedora

By

Giuseppe Molica

Introduction

Munin is a networked resource monitoring tool that can help analyze resource trends. It has an architecture master/node, built for modularity and plug and play. It shows all the information you need in graphs, through a web interface. The Munin framework is written in Perl, and uses RRDTool.

Prerequisites

In order to run Munin, you have to satisfy the following requirements:

Perl 5.10 or newer
A web server (this is optional, but we’ll use Apache in this tutorial)

Installation

In order to install Munin on RedHat, CentOS or Fedora, you need the EPEL repository.
Then, just:

# yum install munin-node

on all nodes, and

# yum install munin

on the master.

Install Apache Web Server

If it’s not already installed, install Apache:

# yum install httpd

and then, enable it:

# systemctl enable httpd
# systemctl start httpd

Configuration

Node

First, decide which plugins you want to use. The easiest solution is to run the following command:

munin-node-configure --shell --families=contrib,auto | sh -x

After this, you have to configure access. By default, munin node listens on all interfaces, but has a restrictive access list. So, you have to add your Munin master’s IP address, using the cidr_allow statement.
For more information about the syntax, just see Net::Server.

At this point, you cant start the node agent as root.

Master

In the master, you have to add some nodes on /etc/munin/munin.conf configuration file. The syntax is INI-like.

Conclusion

That’s it! If you’ve followed the steps correctly, you now have a resource monitoring tool which will make a huge difference in your work. Enjoy!

New release of CentOS Linux 7

By

Giuseppe Molica

Introduction

Since the release of Red Hat Enterprise Linux 7.3, we’ve been waiting for a new version of CentOS. And, of course, it’s no surprise that Karanbir Singh worked on it, and, on the official mailing list, announced the release of CentOS Linux 7.

What’s new

As stated in this launch message, “updates released since we froze the iso and install media content are posted in the updates repo along with the release. This will include content from late November 2016 and December 2016, therefore anyone running a new install is highly encouraged to run a ‘yum update’ operation immediate on install completion. You can apply all updates, including the content released today, on your existing CentOS Linux 7/x86_64 machine by just running ‘yum update'”.

Some important updates:

Support for the 7th-generation Core i3, i5, and i7 Intel processors and I2C on 6th-generation Core Processors
Various packages have been rebased. Some of those are samba, squid, systemd, krb5, gcc-libraries, binutils, gfs-utils, libreoffice, GIMP,SELinux, firewalld, libreswan, tomcat and open-vm-tools
SHA2 supported by OpenLDAP
ECC-support added to OpenJDK-8, PerlNet:SSLeay and PerlIO::Socket::SSL
Bluetooth LE is now supported
Technology Preview: Among others support of Btrfs, OverlayFS, CephFS, DNSSEC, kpatch, the Cisco VIC and usNIC kernel driver, nested virtualization with KVM and multi-threaded xz compression with rpm-builds

The team recommends using torrents for downloading the new ISO (tagged as 1611), in order to preserve bandwith on official mirrors.
Link for downloading a Minimal ISO: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1611.torrent

So, it’s time to upgrade!

Install Redmine 3 on CentOS 7 with Nginx as web server

By

Giuseppe Molica

Introduction

Redmine is a web application for project management, written entirely using Ruby on Rails, and released under the terms of GPLv2.
Some of its features include:

Multiple projects support.
Flexible issue tracking system.
Documents, news, and files management.
Per project wiki.
Per project forums.
SCM integration.
Multiple LDAP authentication support.

Getting started

First of all, there are a lot of dependencies required. On the server, execute the command:

# yum install zlib-devel patch curl-devel ImageMagick-devel openssl-devel httpd-devel
libtool apr-devel apr-util-devel bzip2 mysql-devel ftp wget gcc-c++ autoconf readline 
readline-devel zlib libyaml-devel libffi-devel make automake bison iconv-devel 
subversion

Install Ruby

Redmin 3.2.x requires Ruby 2.2. So, first you’ll want to install Ruby Version Manager which allows managing of multiple ruby environments.

# gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
# curl -L https://get.rvm.io | bash -s stable --ruby=2.2.5

The last command will download and execute a BASH script for installing and configuring Ruby 2.2.5.

This will take some time. Once it is complete, execute the following commands for adding rvm to the .bashrc file and reload automatically.
First:

# source /usr/local/rvm/scripts/rvm

Next, edit

.bashrc

adding the following lines:

[[ -s "/usr/local/rvm/scripts/rvm" ]]
source "/usr/local/rvm/scripts/rvm"

Reload

.bashrc

.
Next, check Ruby and RVM versions:

# ruby -v

which, in my case, gives the output:

ruby 2.2.5p319 (2016-04-26 revision 54774) [x86_64-linux]

and

# rvm -v

which gives the output:

rvm 1.28.0 (latest) by Wayne E. Seguin <wayneeseguin@gmail.com>, Michal Papis <mpapis@gmail.com> [https://rvm.io/]

Configure MySQL

First, install (if not yet present) MySQL

# rpm -Uvh https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
# yum repolist
# yum install mysql-server

Run it:

# systemctl start mysqld

During installation process, MySQL generated a temporary password, which is stored in

/var/log/mysqld.log

; access it:

# grep 'temporary password' /var/log/mysqld.log

It will return a temporary password, which will be used for logging into mysql shell:

# mysql -u root -p

mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'my_new_strong_password';

Create a new database for Redmine:

mysql> CREATE DATABASE redmine SET utf8;
mysql> CREATE USER 'redmineuser'@localhost' IDENTIFIED BY 'user_strong_password';
mysql> GRANT ALL PRIVILEGES ON redmine.* TO 'redmineuser'@'localhost' IDENTIFIED BY 'user_strong_password';
mysql> FLUSH PRIVILEGES;
mysql> EXIT;

Phusion Passenger and Nginx

Phusion Passenger, as stated in its official website, is an application server that acting as a process manager, reverse proxy and by providing operations tools, enables you to quickly launch and easily maintain Ruby, Node.js, Python and Meteor apps.

Install it with the

gem

command:

# gem install passenger --no-ri --no-rdoc

Then, execute:

# passenger-install-nginx-module

You will be asked for some information, and then it will install Nginx. The default installation directory is

/opt/nginx

. Of course, you can change it. In it, edit

conf/nginx.conf

.

On line 23, paste the following content:

include vhost/*.conf;

Save and close the file. Next, create a

vhost

directory for Virtual Host configuration files.

# mkdir -p /opt/nginx/conf/vhost

In this directory, create a

redmine.conf

file. The paste the following into that file:

server {
listen 80;
server_name www.redmine.me;

root /var/www/redmine/public;
passenger_enabled on;
client_max_body_size 10m; # Max attachemnt size

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

If you want to use Nginx with

systemd

, create the file

/lib/systemd/system/nginx.service

, and then paste the following into that file:

[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network.target remote-fs.target nss-lookup.target

[Service]
Type=forking
PIDFile=/opt/nginx/logs/nginx.pid
ExecStartPre=/opt/nginx/sbin/nginx -t
ExecStart=/opt/nginx/sbin/nginx
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

After saving and exiting, you can start Nginx:

# systemctl daemon-reload
# systemctl start nginx

Install Redmine

Now, it’s possible to install Redmine in

/var/www/

# cd /var/www/
# svn co https://svn.redmine.org/redmine/branches/3.2-stable redmine

In the newly created

redmine

folder, execute the following commands:

# cp config/configuration.yml.example config/configuration.yml
# cp config/database.yml.example config/database.yml

Next, edit

config/database.yml

:

production:
adapter: mysql2
database: redmine
host: localhost
username: redmineuser
password: "user_strong_password"
encoding: utf8

Always in

redmine

directory:

# mkdir -p tmp tmp/pdf public/plugin_assets
# chown -R nobody:nobody files log tmp public/plugin_assets
# chmod -R 775 files log tmp public/plugin_assets

Next, install Bundler to manage gems dependencies:

# gem install bundler

And then:

# bundle install --without development test

Generate a secret token:

# bundle exec rake generate_secret_token

and create database structure:

# RAILS_ENV=production bundle exec rake db:migrate
# RAILS_ENV=production bundle exec rake redmine:load_default_data

After that, restart nginx and visit the domain name with a browser, in which you’ll use a Dashboard (after logging in) for creating and managing projects.

Our work is done!

How to install and configure Nextcloud on Ubuntu 16.04 with Apache

By

Giuseppe Molica

Introduction

Nextcloud is a cloud storage service invented by ownCloud founder. Unlike other popular services, in this case you can set up your own storage system, on your server. Nextcloud gives you fine-grained control over data access, facilitates file synchronization and allows for sharing across devices. It is a great solution for not only private users but also for organizations.
It supports many databases, like Oracle, SQLite, PostreSQL and MySQL. The project provides a desktop client for Windows, GNU/Linux and macOS, and a mobile app for Android and iOS. It also provides several additional features beyond storage.

Please read on to learn how to configure Nextcloud 11 on Ubuntu 16.04.

Prerequisites

In order to install and use Nextcloud, you’ll need Apache, MariaDB and PHP7. Follow our guide if you need to install the LAMP stack on Ubuntu 16.04.

Installation

Download Nextcloud 11 onto your server. You can do this through a browser, or, easily, with the following command:

$ wget https://download.nextcloud.com/server/releases/nextcloud-11.0.0.zip

Next, extract the archive:

$ unzip nextcloud-11.0.0.zip

Now, you should see a new folder named

nextcloud

; copy this directory to

/var/www/

, executing the command:

# cp -r nextcloud /var/www/

The Apache user must have write permission:

# chown www-data:www-data /var/www/nextcloud/ -R

Create user and a database in MariaDB

Log into MariaDB with the following command:

# mysql -u root -p

If everything went well, create the database for Nextcloud. In this tutorial we’ll name this database nextclouddb.

mysql> CREATE DATABASE nextclouddb;

Create a user for this database. Of course, you can enter the username if you choose.

mysql> CREATE USER mynextclouduser@localhost IDENTIFIED BY 'my_strong_password';

Grant this user all privileges:

mysql> GRANT ALL PRIVILEGES ON nextclouddb.* TO mynextclouduser@localhost IDENTIFIED BY 'my_strong_password';

Next, just exit:

mysql> FLUSH PRIVILEGES;
mysql> EXIT;

If you want to enable the binary logging in MariaDB, edit the mysqld configuration file, which is

/etc/mysql/mariadb.conf.d/50-server.conf

, adding, in the

[mysqld]

section, the following lines:

log-bin        = /var/log/mysql/mariadb-bin
log-bin-index  = /var/log/mysql/mariadb-bin.index
binlog_format  = mixed

Save and close the file, and then reload MariaDB:

# systemctl reload mysql

If you see an error message like this:Failed to reload mysql.service: Job type reload is not applicable for unit mysql.service.
See system logs and ‘systemctl status mysql.service’ for details.
you have to restart mysql.

# systemctl restart mysql

Apache Virtual Host File for Nextcloud

In

/etc/apache2/sites-available

, create a

nextcloud.conf

file.

In that file, paste the following content:

<VirtualHost *:80>
 DocumentRoot "/var/www/nextcloud"
 ServerName nextcloud.example.com

 ErrorLog ${APACHE_LOG_DIR}/error.log
 CustomLog ${APACHE_LOG_DIR}/access.log combined

<Directory /var/www/nextcloud/>
 Options +FollowSymlinks
 AllowOverride All

 <IfModule mod_dav.c>
 Dav off
 </IfModule>

 SetEnv HOME /var/www/nextcloud
 SetEnv HTTP_HOME /var/www/nextcloud
 Satisfy Any

</Directory>

</VirtualHost>

Note: of course, in the “ServerName” line you must change “example.com” with your domain.

After saving and closing, create a link to

/etc/apache2/sites-enabled/

, executing the following command:

# ln -s /etc/apache2/sites-available/nextcloud.conf /etc/apache2/sites-enabled/nextcloud.conf

Enable required Apache modules and install PHP modules:

# a2enmod rewrite  env headers mime dir ssl setenvif
# apt install php7.0-common php7.0-gd php7.0-json php7.0-curl  php7.0-zip php7.0-xml php7.0-mbstring

These modules will be loaded after restarting Apache:

# systemctl restart apache2

Configure through your web browser

The last part of the configuration process must be done on your browser. Go to the URL you specified in

nextcloud.conf

. You will see the following page

Note: in my case there is Italian localization.

There you will be asked to create an admin account, and specify a Nextcloud data folder. For security reasons, it’s better to put the last one outside the Nextcloud root. So, for example:

# mkdir /var/www/nextclouddata

Make sure the Apache user has write permission:

# chown www-data:www-data /var/www/nextclouddata -R

Create user, specify data folder, and then scrolling the page you will see:

In that form you must enter the same database information you provided in the previous steps. Then you can connect Nextcloud to MariaDB.
Finally, just click on Finish setup and wait until Nextcloud finishes configuring. When it is complete you will see the Nextcloud web interface.

As you can see, the set up is very easy and once you have completed it you won’t be disappointed by the result! Congrats! You have configured your own cloud storage and you’re ready to use it!

How to install Django on Ubuntu (the right way) for novice users

By

SureSwift Content

About Django

Django is a great web application development framework, especially for the perfectionist with deadlines built into python programming language. It provides a very good structure and easy methods that help to do the heavy lifting when writing web applications.
If you have never used Django before and are looking for an installation guide on your Ubuntu machine then you are in the right place. In this article we will teach you how to set up a very simple Django development environment, step by step.

Some Tools We Need

There are many different ways to install the Django framework in Ubuntu. In order to stay updated with the latest python development industry standards we need to install a few tools before getting Django up and running it on our machine.
The first tool is called pip which is a very practical python package management system widely used by python developers all over the world. I mainly use pip to install packages for my python projects, generate dependencies of a project and also uninstall different python packages from my machine when they are no longer required.

Before installing pip we highly recommend updating the package index on your machine with the help of the command shown below.

sudo apt-get update

The following command can be used to install the pip python package manager inside Ubuntu:

 sudo apt-get install python-pip

Now, you can easily install python packages on your Ubuntu machine by following the syntax shown here:

 pip install name-of-python-package-here

But we do not recommend installing packages yet! Python developers use another tool during the development of their python projects…

This tool is called virtualenv. It is really useful as it helps to manage dependency conflicts between different python projects on the same machine. Essentially, this tool helps to create isolated virtual environments where you can develop without any worries about package conflicts.

To install virtualenv on Ubuntu the following command can be used:

sudo pip install vitualenv

Create A Virtual Environment For Your Project

Virtualenv can be easily used to create isolated virtual environments for your python projects.
For example, to create a virtual environment under the name of venv1 the following command can be used:

virtualenv venv1

In order to work on an isolated environment it needs to be activated. The following command will make that happen:

 source venv1/bin/activate

But working with virtualenv is a bit annoying as there are many different commands you need to remember and type on your terminal emulator.
The best solution is to install and use virtualenvwrapper which makes working with python virtual environments very easy. Once you have finished installing and configuring virtualenvwrapper working on a virtual environment is as easy as typing the following command:

workon venv1

Now that pip and virtualenv tools are available on your machine it is time to install and configure virtualenvwrapper. To install virtualenvwrapper use pip, as shown below:

pip install virtualenvwrapper

There are a few steps you need to follow in order to do this properly. On your command prompt run the following command:

source /usr/local/bin/virtualenvwrapper.sh

All virtual environments you create will be available inside the directory ~/.virtualenvs.

If you want to keep your virtual environments inside another directory then use the following commands (as shown in the official documentation of the virtualenvwrapper):

export WORKON_HOME=~/Name-Of-DIrectory-Here

mkdir -p $WORKON_HOME
source /usr/local/bin/virtualenvwrapper.sh

I like to keep my virtual environments inside ~/.virtualenvs. My projects are inside ~/projects.
To create a virtual environment just use the command mkvirtualenv as shown below:

 mkvirtualenv linuxtuts

The following output is displayed on my terminal when executing the above command.

 New python executable in linuxtuts/bin/python

 Installing setuptools, pip...done.

To work on the virtual environment linuxtuts use the following command:

workon linuxtuts

Once the virtual environment has been activated your command prompt will change. Mine looks like this:

 (linuxtuts)oltjano@baby:~/Desktop$

As you can see from the output shown above, linuxtuts is the name of the virtual environment we created.

Make the changes permanent

In order for the commands offered by virtualenvwrapper to work every time you open the terminal you will need to make some changes in the .bashrc file.

The .bashrc file is used to set up environment variables, function aliases and lots of other information you will want to have when opening a new terminal window. Read more on .bashrc.

Open the .bashrc file with your text editor, and then copy/paste the following into it and save the file.

export WORKON_HOME=$HOME/.virtualenvs
source /usr/local/bin/virtualenvwrapper.sh

Install Django

Inside the virtual environment use the command ‘which python’ to see the python executable you are using.

which python

The above command produces the following output on my machine. Depending on the name of your directory for the virtual environments you will get a different output, but structured in a very similar way.

 /home/oltjano/.virtualenvs/linuxtuts/bin/python

The above output is telling us that the python executeable being used is inside the virtual environment, which in this case is linuxtuts.

Deactivate the virtual environment with the command deactivate.

deactivate

Remove the virtual environment linuxtuts with the help of the following command:

 rmvirtualenv linuxtuts

The reason we decided to remove linuxtuts is that we did not choose the version of python we wanted to use inside the virtual environment we created.
It can be done with the following command:

 mkvirtualenv -p /usr/bin/python-version-here

In a project I am working on we use python3.2. To run the project I create a special environment for it:

 mkvirtualenv -p /usr/bin/python3.2 linuxtuts

The above command produces the following output:

Running virtualenv with interpreter /usr/bin/python3.2

New python executable in linuxtuts/bin/python3.2
 Installing setuptools, pip...done

Also creating executable in linuxtuts/bin/python

The command prompt will look similar to mine.

(linuxtuts)oltjano@baby:~/Desktop$

You can use any python version required by your project. The installation of Django is very easy. Just run the following command:

pip installl django

The above command produces the following output:

 (linuxtuts)oltjano@baby:~/Desktop$ pip install django

You are using pip version 6.0.7, however version 6.0.8 is available.

You should consider upgrading via the 'pip install --upgrade pip' command.
 100% |################################| 7.4MB 40kB/s

Collecting django
 Downloading Django-1.7.6-py2.py3-none-any.whl (7.4MB)
 Successfully installed django-1.7.6

Installing collected packages: django

To install a different version of Django, specify the version you would like to use, as shown here:

 pip install Django==1.0.4

It is up to you which version of python and Django you want to use for your projects.

Set up your first simple project in Django

After you have finished the installation of Django in a virtual environment, you probably want to start your first project.

Fortunately for us, Django offers management tools for your projects. The django-admin.py tool can be used to start the project.

Create a fresh virtual environment for your new project.

mkvirtualenv -p /usr/bin/python2.7 fresh_project

Note: Depending on the version of python you want to use you need to change the path listed above.

Install a new copy of Django inside your virtual environment.

pip install django

Use the following command to start a fresh Django project.

 django-admin.py startproject fresh_project

Then cd to your project directory and list the files inside your project. The directory structure will be similar to the one shown below.

fresh_project manage.py

The manage.py is another tool you have to work on your Django projects. Each Django project is composed of apps.

You can create a new app with the following command:

python manage.py startapp myapp

If you do an ls now, the directory structure should look like the one shown below:

fresh_project manage.py myapp

It is always a good idea to generate the requirements.txt file for every project you write in Django so that when you show it to your friends or want to run the project in another machine you can easily install the needed packages to run the project.

Create a new file called requirements.txt on the top level directory of your project and append the packages there using the following syntax:

django==1.9.5

As you can see from the above command, you append the package name then add its version. This is very important.

If you do an ls now, inside your project you should get the following:

fresh_project manage.py myapp requirements.txt

Install the requirements for the project on a new machine by using the following command:

 pip install -r requirements.txt

Are you asking yourself how to run the Django project? Just run it using the following command which starts the built-in Django development server:

python manage.py runserver

And then visit http://127.0.0.1:8000/. You will get a message from Django congratulating you on running your first Django project!

Conclusion

Knowledge on tools such as virtualenv and virtualenvwrapper is a must for a python developer. In this article I showed you how to install Django on Ubuntu and also how to set up a very basic Django development environment.

I will publish another tutorial on Django where I will explain in detail how to set up a professional Django development environment in linux.

How to install and configure Piwik on Ubuntu Server 16.04

By

Giuseppe Molica

Web analytics – a general overview

Those who own a website probably know what “web analytics” refers to. It’s a general term indicating the study of the impact of a website on its users. A business based on Internet services, like e-commerce, needs to find statistical information about people who visit the site, and this data is provided by web analytics software.
According to W3Techs, the most used is Google Analytics. But, if you don’t want to use a remote-hosted service, you may want to give Piwik a chance.
Piwik is an open source project with advanced privacy features that is executed by your own server.
Interested? This tutorial will explain how to set up Piwik on an Ubuntu Server 16.04 machine:

Prerequisites

If your server is up and running, you probably already have the LAMP stack, but, if you don’t, just follow our tutorial on how to install it on Ubuntu 16.04.
Piwik has the following requirements:

Webserver such as Apache, Nginx, IIS, or others;
PHP 5.5.9 (recommendend PHP 7);
MySQL >5.7, or MariaDB;
PHP extensions:
php5-curl php5-gd php5-cli php5-geoip php5-mysql

Getting started

If your system has all the required components, enter the following commands to download the latest version of Piwik:

cd /var/www/html/
wget http://builds.piwik.org/latest.zip
unzip latest.zip

Assign permissions

In

/var/www/html/

you should now have a folder named

piwik

. Change its permissions with the following commands:

	chown -R www-data:www-data /var/www/html/piwik
	chmod -R 0755 /var/www/html/piwik/tmp

Configure MySQL

You will need to specify a MySQL user with permission to create and edit tables in the database.
For creating a new one, enter the following commands on your shell:

$ mysql -u root -p
mysql> CREATE DATABASE piwik_database;
mysql> CREATE USER 'piwik'@'localhost' IDENTIFIED BY 'password_here';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES ON piwik_database.* TO 'piwik'@'localhost';
mysql> exit

Note: pikiw_database is the name of a database which should only have Piwik tables.

Now, you can begin to configure Piwik. In your browser, go to

http://localhost/piwik

. You’ll see the following page:

Click Next, and you’ll see:

In this case, you can see that my system needs the PHP extension mbstrings. After enabling it, just reloading the page should reset it, and then it will be possible to go on.
Next, Piwik will ask you to setup a database. Enter your username and password, and click on Next. Piwik will create the required tables, and check everything.
The following page is really important:

The super user is the user that you create when you install Piwik and it has the highest permissions. Enter the required information, and be sure to keep your super user login data safe, because it’s the only way you can access Piwik for the first time.
The super user can perform administrative tasks including adding new websites to monitor, adding users, changing user permissions, and enabling and disabling plugins.

When you finish, click Next

Set up a web site

Enter website URL, name and time zone. This will be the first site Piwik will track. Of course, you can add more once the installation is complete.

Last thing to do is setting up a JavaScript Tag. A Tracking code is required to record visitors, visits and page views in Piwik. If you use a CMS, like WordPress, you should use an add-on, extension or plugin to make sure this tag appears where it needs to.

Click on Next, and that’s all! You have completed your Piwik installation!

First access

Log in to the dashboard using the super user data entered during the installation process. From the dashboard you can see all tracking data, which will be updated in real-time. It’s also easy to add new sites, if you need, or other users.

Medium and High-Traffic Websites

If you own (or manage) a website with many visitors (more than a few hundred per day), the Piwik team recommends setting up auto-archiving cron task so that Piwik calculates periodical reports. This is due to the fact that, by default, Piwik will recalculate statistics every time a report is visited, slowing down the system and increasing the load on the database.

How to generate and check strong passwords in Linux

By

Giuseppe Molica

Introduction

Different operations require different security layers. Accessing your email account, your social media, your bank account, and a remote server that you administer through SSH all need different security layers, and contain data which hold different “weight”.
But, in order to accessing all these operations, you will always require the same thing: a password.
We all know that a strong password is what you really need in order to be protected from attacks, and, of course, we all know that it’s better to use different passwords for different services.
A very unwise decision (and common mistake) would be using your server password to access Facebook. This decision could cause you lots of trouble.
So how can we easily manage the task of creating strong passwords?
In this tutorial, we will talk about how to generate and check your passwords.

Generate a strong password

A strong password should be composed of a mix of alphabet characters, numbers, and symbols.
A second requirement is to not use known words, birth dates or names, because you would be vulnerable to dictionary attacks.
Another important question to ask: how many characters should a password contain? There is actually no concrete answer, but having more than 16 characters is a great choice.
So, if your system has OpenSSL or GPG, you can use those tools to accomplish the generation task.
For example, with the following command we can generate with GPG:

$ gpg --gen-random --armor 1 32

In my case, just now, the result was:

6lS7cgCyT9vkCZIDQIXcgbXk7bkoVZqdZ0U4HZ4RJw8=

Similarly, with OpenSSL:

$ openssl rand -base64 32

and the output is:

CrUk9dNutlsCErYv5U19ZWP0Pe9GwQgwdDgUNEapXjk=

As you can see, it’s incredibly efficient and also very easy!
Note: Do NOT use the previous passwords! These are just examples.

Checking if your password is strong

Now that we have a password, it’s time to find out if it passes the test: is your password strong enough? Even if someone uses a brute-force attack?
In order to determine of the password is strong enough, we’re going to use cracklib.

Install cracklib on a Linux

To install cracklib on RHEL/Fedora/CentOS, just use yum:

# yum install cracklib

Type the following command to install on Debian-based systems:

# apt-get install libcrack2

So, now we will use

cracklib-check

command.

First, we test a simple password:

$ echo "123abcd" | cracklib-check

If you do this, you’ll get:

abcd1234: it is too simplistic/systematic

And if you use a normal word?:

$ echo "admin" | cracklib-check

admin: it is based on a dictionary word

Of course, these results are not surprising. Use an everyday English word, and a dictionary based attack would be successful in no time at all.
So, it’s time to check if it was a good idea to generate two passwords!
In this case, we will use a different way of writing the command, so the passwords will not be stored in shell history:

$ cat|cracklib-check

Then, paste:

CrUk9dNutlsCErYv5U19ZWP0Pe9GwQgwdDgUNEapXjk=

You will read:

CrUk9dNutlsCErYv5U19ZWP0Pe9GwQgwdDgUNEapXjk=: OK

In this case, I don’t think anyone would be surprised that this password was given the green light.

openssl

command followed all the rules necessaries for creating a good, strong password.

Password managers

So, that’s all! In this tutorial we have seen how easy it can be to generate and verify a password, but don’t forget to generate a different password for each service! Unfortunately, this leaves you with an assortment of random passwords… how do you remember them all?
Of course, there is software written for this task. A good password manager is what you will need! Happy hunting!

Backup with Percona XtraBackup on Ubuntu 16.04

By

Giuseppe Molica

Introduction

Percona XtraBackup is an open source backup utility for MySQL-based servers that doesn’t lock your database while performing backup. Using it provides the following benefits:

Backups are completed quickly and reliably
Uninterrupted transaction processing during backups
Savings on disk space and network bandwidth
Automatic backup verification
Higher uptime due to faster restore time

This tool works with MySQL, but also with MariaDB and Percona Server. It supports backup of InnoDB, XtraDB, and HailDB.
In this guide, we’ll install Percona XtraBackup on an Ubuntu 16.04.

Install Percona XtraBackup

First of all, you’ll need access to your server console (of course).
We will use the latest package of this utility, so, add the Percona repository with the following command:

$ wget https://repo.percona.com/apt/percona-release_0.1-4.$(lsb_release -sc)_all.deb

Then, install the downloaded package with dpkg:

# dpkg -i percona-release_0.1-4.xenial_all.deb

Now, update the local cache:

# apt-get update

And finally, install Percona XtraBackup:

# apt-get install percona-xtrabackup-24

We have now successfully installed Percona XtraBackup.

Configure a new user and a backup directory

Assuming you have a MySQL compatible database already, access its shell as the root user:

mysql -u root -p

Then, create a new user, called ‘backupusr’, with the password ‘mypwd’:

CREATE USER 'backupusr'@'localhost' IDENTIFIED BY 'mypwd'

Grant this user the privileges “RELOAD, PROCESS, LOCKTABLE, REPLICATION CLIENT”:

GRANT RELOAD, LOCK TABLES, PROCESS, REPLICATION CLIENT ON *.* TO 'backupusr'@'localhost';
FLUSH PRIVILEGES;
exit

Then, create a folder in which you can store the backup, for example:

mkdir -p ~/backup/mysql/

Performing backup

So, now we want to back up our databases. To start the process:

xtrabackup --backup --target-dir=~/backup/mysql/

If the target directory does not exist, ‘xtrabackup’ creates it. If the directory does exist and is empty, xtrabackup will succeed. xtrabackup will not overwrite existing files.

That’s it! you have performed a backup of your database.

NOTE: if the DB data or log files aren’t stored in the same directory, you might need to specify the location of those.

How to install LDAP on CentOS 7

By

Giuseppe Molica

Introduction

LDAP stands for Lightweight Directory Access Protocol and, as the name suggests, it’s a standard protocol for accessing and maintaining distributed directory information services over an IP network.
In this tutorial, we’ll install a LDAP server on Centos 7 using 389 Directory Server.

Getting started

First of all, configure FQDN in /etc/hosts.
In that file, put the server’s fully qualified domain name.

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
X.X.X.X yoursever.hostname.lan server

Of course, substitue the last line in this example with your server’s informations.

Configure firewall

As you may know, we need to allow LDAP server’s default ports via firewall in order to access it from a remote system.
So:

firewall-cmd --permanent --add-port=389/tcp

firewall-cmd --permanent --add-port=636/tcp

firewall-cmd --permanent --add-port=9830/tcp

Now, restart firewalld service.

firewall-cmd --reload

Create an user account

Now, create a new user.

useradd ldapuser

and set a password

passwd ldapuser

Restart CentOS.

Install LDAP Server

Note: you need to have EPEL repository.
Install 389 DS server:

yum install 389-ds-base 389-admin

After installing it, it’s time to configure:

setup-ds-admin.pl

Conclusion

At this point, you have installed and configured everything. You can, of course, tweak something, and, for example, enable directory server and directory admin services automatically on every reboot. It’s up to you!

How to install Gitlab on Debian 8

By

Giuseppe Molica

What is Gitlab?

As stated in official website, “GitLab is an application to code, test, and deploy code together. It provides Git repository management with fine grained access controls, code reviews, issue tracking, activity feeds, wikis, and continuous integration”.
Many big IT-companies, like IBM, Red Hat and StackExchange are using it every day for managing their projects, because it is probably the best solution for build your own git server.

Getting started – Install prerequisites

Suppose you want to install Gitlab Community Edition on your server running Debian 8, behind Nginx proxy. First of all, you have to login as root to your server. Then:

# apt-get -y install curl openssh-server ca-certificates postfix

During installation, you’ll have to configure Postfix.

Add the repository and install

After that, add the Gitlab repository using curl

# curl -sS https://packages.gitlab.com/install/repositories/gitlab/gitlab-ce/script.deb.sh | sh

Now, you can install Gitlab CE with apt

# apt-get -y install gitlab-ce

If everything went fine, you can go to next step, which is Gitlab configuration.

Configure

This is really easy. You have just to run one command.

# gitlab-ctl reconfigure

After that, you have to go to your server hostname (or IP address) with a web browser. You will be redirected to a page that will let you chang the Gitlab admin password.
That’s all. Now, after logging in, you will have access to the Gitlab dashboard, for creating and managing your projects.

How to prevent SSH from disconnecting sessions

By

Giuseppe Molica

Introduction

If you work with SSH, you already know that, after few minutes of inactivity, a session would be closed automatically, for security reasons. In fact, you could have forgotten to shut it down, and someone could take control of your system. But, if you think it’s not your problem, you can change this behaviour in your GNU/Linux configuration. The following commands must be executed from SSH client.

How to stop SSH from disconnecting

The following steps needs to be performed in your SSH client, not in the remote server.

First of all, open your text editor and modify your current user config file, which is located at:

~/.ssh/config

Add the following lines:

Host *
 ServerAliveInterval 60

ensuring that the second line will start with a space.

The first line, tells SSH to apply this configuration for all remote hosts. Of course, you can specify just one of them, changing ‘*’ with the desired host.

After you did this, you need to apply the above settings:

sudo source ~/.ssh/config

To apply this settings globally, add or modify the following line in /etc/ssh/ssh_config file.

ServerAliveInterval 60

Save and close the file.

In this way, your SSH session will not be closed for inactivity.

Conclusion

Remember that the security of your system, expecially in server case, is not secondary, and that is all in your hand. Changing the behaviour of programs like SSH must be done only if you know exactly what you want, and after being sure that this will not put you in some problem.

Upgrading from Fedora 24 to Fedora 25

By

Giuseppe Molica

Introduction

We already talked about the release of Fedora 25, and the improvements it brings. In this article, we will see how to upgrade from Fedora 24.

If you are using Workstation edition with GNOME, you should see a notification about the upgrade. In this case (but even if you didn’t receive te notification), you can upgrade using GNOME Software graphical package manager.

A general way to upgrade

If you want to upgrade a Server edition, or you are just a CLI-user, the shell is there for you. You can complete the task using the powerful DNF system.
First of all, make sure that your installation is up to date, and, of course, that you have a backup of your most important files!
When you are ready, just install the DNF Upgrade plugin and then the new version of Fedora, with the two commands below:

# dnf install dnf-plugin-system-upgrade

# dnf system-upgrade download --releasever=25

That’s all. The system will download all packages; after installation, you will need to reboot your machine, and you’ll be ready to use your new Fedora 25.

Fedora 25 released!

By

Giuseppe Molica

Fedora 25, a lot of improvements

On November 22,Red Hat’s Fedora community Linux distribution debuted its second major milestone release of 2016. Fedora is not just a GNU/Linux distribution, but a global community working to improve free and open source software.

As usual, the community delivered three editions: Fedora 25 Workstation, Fedora 25 Server, Fedora 25 Atomic Host.

Fedora 25 Workstation

This is were big things happens. The most important part is the debut of the Wayland display server as default. After decades, X11 system is ready to leave, replaced by a modern infrastructure, providin a richer experience for graphical environments and a better way to interact with hardware.
The flagship version also includes GNOME 3.22, which bring many enhancements. Developers will find updated tools, and a improved Flatpak support.
And a new entry. In fact, just as stated in the releases note:”Fedora 25 provides the Rust compiler and its Cargo package management tool”.

Fedora 25 Server

This version now includes a new SELinux Troubleshooter module for Cockpit; this helps when a SELinux denial is encountered, without manual workarounds.
And what if you need to see what keys are connecting to a machine? Fedora now will display SSH keys in the Cockpit dashboard!
There are also improvements in FreeIPA, which has been upgraded to 4.4 version.

Getting more informations

For a complete releases note, take a look here.

Remove duplicate files with fdupes

By

Giuseppe Molica

Introduction

Sometimes we all need to find some duplicate file in our system; this is a very tedious task, expecially if we have to do it “by hand”.
If you are a GNU/Linux users (and you if you are read me, you are), you know that, following the UNIX tradition, there is a tool for everything. And so, GitHub has the solution: fdupes. This is a tool written in C and released under the MIT license for identifying duplicate files residing within specified directories.

Getting fdupes

Of course, you could build it from scratch, but it’s not necessary.
On Debian based systems you can find it with APT:

$ sudo apt-get install fdupes

On Fedora, CentOS and RHEL, after enabling epel repository:

# yum install fdupes

# dnf install fdueps

How to use fdupes

Using fdupes is really easy. For finding duplicates, you have just to:

$ fdupes /path/to/some/directory

This command will only look in directory specified as argument, and will print out the list of duplicate files (if there are).
If you to look also in sub-directories, you must add the “-r” option which stands for “recursively”.
And what if you want to see the size of files? Of course you can:

$ fdupes -S /path/to/some/directory

You can specify more than one directory:

$ fdupes /path/to/first/directory /path/to/second/directory

and so on.

Then, if you want to delete all the duplicates, just:

$ fdupes -d /path/to/directory

This will preserve a copy, and delete everything else.

Conclusion

For a complete list of options:

$ fdupes -h

which will print out

Usage: fdupes [options] DIRECTORY...
-r --recurse for every directory given follow subdirectories
encountered within
-R --recurse: for each directory given after this option follow
subdirectories encountered within (note the ':' at
the end of the option, manpage for more details)
-s --symlinks follow symlinks
-H --hardlinks normally, when two or more files point to the same
disk area they are treated as non-duplicates; this
option will change this behavior
-n --noempty exclude zero-length files from consideration
-A --nohidden exclude hidden files from consideration
-f --omitfirst omit the first file in each set of matches
-1 --sameline list each set of matches on a single line
-S --size show size of duplicate files
-m --summarize summarize dupe information
-q --quiet hide progress indicator
-d --delete prompt user for files to preserve and delete all
others; important: under particular circumstances,
data may be lost when using this option together
with -s or --symlinks, or when specifying a
particular directory more than once; refer to the
fdupes documentation for additional information
-N --noprompt together with --delete, preserve the first file in
each set of duplicates and delete the rest without
prompting the user
-v --version display fdupes version
-h --help display this help message

So, now you can clean your filesystem from duplicates!