Install Oracle Java 8 in Ubuntu with Updates via PPA

Thanks to WebUpd8, you can install the most up-to-date JDK and JRE directly from Oracle, as opposed to using OpenJDK which is the default in the Ubuntu repositories. As far as I know, this should work for any *buntu OSes, including Linux Mint and elementaryOS. They should also get updates automatically via the Update Manager while they are within the support window for the OS version you’re using.

I know this isn’t exactly news, and WebUpd8 posted this information over two years ago now, but I was shocked to find out about it myself just recently, and figured I’d just go ahead and post it on my blog for anyone else who happens across it without knowing as well.

Here are the steps, all together, for adding the PPA and installing Java 8 (currently update 40). I also included an additional step to remove all remnants of the OpenJDK package. I’m uncertain if the presence of OpenJDK would cause any problems, but I figured its not needed and so worth it to clear up an easy ~50-100MB of space anyway.

sudo apt-get purge openjdk*
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java8-installer
sudo apt-get install oracle-java8-set-default

The PPA is hosted at this location on Launchpad. As you will see if you visit the page, WebUpd8 doesn’t actually maintain any Java binary packages for on the PPA. Instead, it simply hosts the installers that pull the packages from Oracle’s own servers. An alternative might be to manually download and install the software from Oracle, but you would have to manually update it every time Oracle pushes out a new version. With this PPA, you will get updates for it automatically through the Update Manager for as long as your OS is within its support window.

If you prefer to use version 7 instead, you can issue the following commands to install the JDK and JRE packages installer for version and alternate the versions used.

sudo apt-get install oracle-java7-installer
sudo update-java-alternatives -s java-7-oracle

Then just use the following command to return to version 8, if you decide to.

sudo update-java-alternatives -s java-8-oracle

phpBB3: In-Line Code

One of the best features that was added in phpBB3 when it came out was the ability to add custom BBCodes for use in forum posts. It made it possible to include abilities like text effects, embedding videos and other things without having to use mods. It’s one of the best features in phpBB, and it’s also one reason why I prefer it over competitors like SMF (which, as far as I know, don’t even have this ability in the upcoming 2.1 release).

If discussions in your board center around programming, it’s probably worthwhile to you for posters to have the ability to bring attention to certain words or characters in their posts, particularly related to code, without the need to isolate it inside of a <div> the way the standard BBCode block does. Fortunately, it's extremely easy to do.

Assuming you're familiar with the phpBB ACP, navigate to the POSTING -> BBCodes section, and select Add a new BBCode.

You can use whatever you wish for the actual BBCode, but I chose iCode to keep it relatively simple and similar to the standard Code BBCode option.

For the BBCode usage section, define the usage as shown (with the exception of using a different BBCode name):

[iCode]{TEXT}[/iCode]

Then under HTML replacement, put the following:

<code style="background-color:#FFF; color:#2E8B57; border:1px solid #C9D2D8; padding: 0 1px; font:0.9em/1.3em Monaco,'Andale Mono','Courier New',Courier,mono;">{TEXT}</code>

Lastly, define a help-line, if you wish to have one, and select whether or not you want the button for the BBCode displayed on the posting page. Then just hit Submit, and you're done!

Here is how the text placed within the BBCode will look in a post (using prosilver):

phpBB3 In-Line BBCode

If you're using a different style other than prosilver, it may be worthwhile to define CSS style elements inside the theme stylesheets for each style so that the in-line code will look different depending on the style your forum users are using. In that case, you would want to use something like the following for your HTML usage section for the BBCode:

<code class="inline-code">{TEXT}</code>

After all, it would be more appropriate for this BBCode to style text in the post to follow the way it does in the regular Code block, that way people know what they're looking at.

Just remember that text placed inside of custom BBCodes is still parsed the way all other text in the post is, and so using other BBCodes within this one will result in the effects of those other BBCodes still being applied rather than showing them in an un-parsed format the way the standard Code BBCode tag does.

Nexus 7 (2012): Revert to Previous Firmware using Ubuntu 14.04

First of all, this is for the 2012 version of the Nexus 7 Wi-Fi. Though the steps for doing this on other Nexus devices may be similar enough to make following this post safe, I would still try to find some verification of that before doing it. Second, this will wipe the tablet of all data, applications and settings. With the exception of items that can be recovered via Google’s account backup service, you will lose everything on the tablet. I recommend using the USB link to back up any data you wish to keep before continuing.

I decided to post this after doing some research and reverting my Nexus 7 tablet – which had recently been updated to Android 5.1 – back to Android 4.1.2. If you’re wondering why I’d want to revert back, it’s safe to say you haven’t ran Lollipop on the 2012 Nexus 7. In fact, I haven’t ran it either, because crawled it would be a more fitting description. I suppose it’s to be expected that an OS three years newer than the hardware it’s installed on might make that hardware run sluggish, but I think it should be unjustified for a company with Google’s technical foundation to even release such an update for the device if it is going to be incapable of running in a state that provides any kind of real experience. A lot of us are used to being a step or two behind when it comes to Android updates anyway, especially with the pace that most phone manufacturers push out their updates.

To get back on subject, the process of reverting the Nexus back to an older version was actually quite easy. Though all of the tutorials and examples online referred to doing it from Windows – with occasional references to Mac in the form of “oh, just change this command to be like this,” nothing referred to using Linux. In fact, I couldn’t even find a location to download fastboot for Linux. Luckily, I didn’t need to. Apparently, Ubuntu has both fastboot and adb compiled in the repositories – at least for Ubuntu 14.04 – and supposedly from version 12.10 on. I believe there’s a PPA you can add to grab it if you’re using 12.04 or earlier, but I can’t speak to that from experience.

As far as the process of reverting the tablet to a former version goes, you can start with grabbing the image of whichever version you’re looking to revert to from Google’s page for factory Nexus images. Based on what I’ve seen since reverting back, OTA updates seem to be in succession, so you’ll be updating to the next immediate version (eg: from 4.1.2 to 4.2.2), in case you are afraid that you will have to re-image the tablet to go from one older version to a newer version that isn’t 5.1 Lollipop. You also want to make sure you have fastboot installed on your computer from the Ubuntu Software Center.

Make sure the tablet has USB debugging enabled. In newer versions of Android, you have to reveal the location, which is hidden by default, in Settings by first going to Settings -> About tablet and tapping several times on the Build number field. You’ll see a small message pop up saying that you’re on your way to becoming a developer. After a few more presses, there will be a new settings location under the System category titled Developer options, which holds the setting for enabling USB debugging. Make sure it’s enabled.

Next, power the tablet off, and then restart it by holding down all three physical buttons simultaneously (Power + Volume Up + Volume Down) until you see the Google splash screen and the Android bootloader screen. Lastly, make sure the tablet is plugged into the computer’s USB port using the charge cable. At this point, you’re done with the tablet itself and can set it aside (somewhere it won’t get knocked around!).

Now navigate to the tgz file for the factory image you downloaded. First, extract the archive. Then, open a terminal and navigate to the directory where the tgz and extracted folder are located. In my case, it was my Downloads folder, which can be easily accessed by:

cd ~/Downloads

Next, check the hash value of the archive and make sure it matches the one listed on Google’s page for the factory image you downloaded. In my case, I used 4.1.2. If using a different Android version, or the 3G tablet (which is codenamed nakasig instead of nakasi), you will obviously have a different filename.

jerry@Ubuntu:~$ md5sum nakasi-jzo54k-factory-973f190e.tgz
d906b505ccae0d439839d3c5fafb137a  nakasi-jzo54k-factory-973f190e.tgz

If the hash value matches, we’re good. If not, you need to re-download the file and check again. Assuming the hash was good, navigate to the folder that was extracted.

cd nakasi-jzo54k

Now we need to verify that fastboot recognizes the tablet is connected to the computer. If you just type fastboot into the terminal, it will return some information for what commands and options can be pushed to it. The command we need is devices.

fastboot devices

If the terminal line breaks directly back to prompt without listing any devices, it means the computer is not able to communicate with the tablet. You may need to restart the tablet, or you may not have enabled USB debugging. Otherwise, you’ll see a serial number beside the word fastboot.

Assuming your device was recognized, it’s now time to unlock the bootloader (which will wipe the tablet – make sure you backed up any important data beforehand) and flash the image.

fastboot oem unlock

At this point, the tablet will display a screen warning about unlocking the bootloader (guess I was wrong about being done with the tablet). Make sure Yes is selected and hit the power button. Once it returns to the bootloader screen, proceed with flashing the image to the tablet.

At this point, a lot of tutorials state to enter each fastboot command manually. If you look at flash-all.sh in a text editor, you’ll see that the shell script enters the exact same commands, but saves you the work of doing it. I decided to use the shell script.

./flash-all.sh

At this point, you’ll see fastboot spitting some information and time lapses into the terminal. You want to leave it alone until it finishes. You’ll know when it’s done, because it will end with the following lines:

rebooting...

finished. total time: 105.989s

The value for total time will vary, but it typically shouldn’t take more than 2-3 minutes. Still, I would wait for 30 minutes if it seemed to take that long, because I would assume that trying to interrupt the process could cause problems for the tablet.

After the process has finished, the tablet will automatically restart and boot into the reverted Android version. It will prompt you with a screen similar to the one it did when you bought the tablet and turned it on for the first time. At this point, I would follow the prompts and any steps it has you do to initialize the tablet. But once you’re at the home screen, you will want to go to Settings -> Developer options, turn the slider from OFF to ON and then check to enable USB debugging. Now turn the tablet back off and reboot into the bootloader.

Once you’re into the bootloader and verified with fastboot that the tablet is recognized, re-apply the bootloader lock to re-secure the tablet and help protect your data.

fastboot oem lock

The main reason for doing this is to protect the data on your tablet, in case it is ever lost or stolen. If the bootloader is locked, fastboot and adb cannot be used to access or manipulate data on the tablet – and unlocking it again will wipe the data again. If it is left unlocked, this safeguard will not be in place.

Virtualmin: Default IPv4 Address of 127.0.0.2

If you’ve installed Virtualmin on your fresh VPS, ran through its initial checks, and then try to add a new Virtual Server only to find that it keeps detecting and setting 127.0.0.2 as the default IPv4 address, here’s how to fix this problem.

For reference, you can determine the proper network interface to use by going to Webmin -> Networking -> Network Configuration -> Network Intefaces, which will bring you to the screen you see here.

Webmin - Network InterfacesThe line that has the red marker blocking out the IP would be the one of importance. This should be where your actual external IPv4 address is shown. Due to the fact that this seems to be an issue mainly for OpenVZ VPS servers, it’s likely that the interface will be the same for you as it is in my example: venet0:0.

To fix the issue, head over to Virtualmin -> System Settings -> Virtualmin Configuration, and then in the drop-down menu at the top of the page select Network settings. There’s a chance that the value for Network interface for virtual addresses will be defined rather than being set to Detect automatically. If so, it will likely be venet0. Either way, the setting needs to be changed. This is what the configuration page looks like in my situation.

Virtualmin - Network Configuration (Original)It needs to be changed to whatever interface was configured with your real external IPv4 address from the Network Interfaces section in Webmin – which is likely venet0:0, as already mentioned. Whatever the case, manually set the interface to whatever it is for your situation and click Save.

Virtualmin - Network Configuration (Changed)As soon as the change is applied and the page reloads, Virtualmin should display an alert informing you that the primary address has changed and virtual servers using the incorrect address may be unreachable or serving the wrong material. Simply click the button Update Incorrect IP Addresses to have Virtualmin bring you to the configuration page where you can correct the address for all Virtual Servers you have configured simultaneously.

Virtualmin - Update Incorrect IP AddressesThe Change IP Addresses configuration page should have all necessary changes automatically populated for you. You should only have to hit the Change Now button to apply the changes and complete the process.

Virtualmin - Change IP AddressesI hope this helps.

phpBB 3.1: prosilver Forum Heights

I like some of the new additional features in the phpBB 3.1 branch, but I personally am not a big fan of the way forum tables are styled. In the 3.0 branch, I used a mod to display the last post subject on the board index, but this was a feature included in 3.1 by default. Whereas a lot of people seemed to hate how wide the last post column was in prosilver for 3.0, it worked out well for me, because it made sure I had plenty of space to accommodate the text for the post subject – as well as to include the poster’s name, moved to the line with the time-stamp, without having to break to a third line. That made it possible to keep the rows narrow and, in my opinion, more appealing.

Well, I’m admittedly not very educated when it comes to styling or using CSS, so I really couldn’t determine how to make the changes to the prosilver style in 3.1 to have the same width distribution as it had in 3.0. I didn’t want to blindly tinker too much either, just in case any changes I might make would create issue with other elements in the board’s style. But what I thought was worth doing, and should have been done by the style team anyway, was to just set a minimum height for the rows. The reason I think this is worth doing, and should have been done by the phpBB style team by default, is because it is extremely ugly, in my opinion, to see the typical narrow forum rows for forums that have no posts, and then see the expanded rows for the forums that do have post info. If nothing else, it should have been consistent.

I found that the height of forums that have posts in them tend to be 50px after accommodating for the subject, author and time-stamp. So, I simply made that small change to those forum table styles to make it so that they were always a minimum of 50px in height. The colours.css file in the style’s theme folder is the one that holds these settings.

If you want to make this change, just open colours.css and find the following lines:

.forum_link			{ background-image: url("./images/forum_link.gif"); }
.forum_read			{ background-image: url("./images/forum_read.gif"); }
.forum_read_locked		{ background-image: url("./images/forum_read_locked.gif"); }
.forum_read_subforum		{ background-image: url("./images/forum_read_subforum.gif"); }
.forum_unread			{ background-image: url("./images/forum_unread.gif"); }
.forum_unread_locked		{ background-image: url("./images/forum_unread_locked.gif"); }
.forum_unread_subforum		{ background-image: url("./images/forum_unread_subforum.gif"); }

And just define a minimum height for each one with min-height: 50px;.

.forum_link			{ background-image: url("./images/forum_link.gif"); min-height: 50px; }
.forum_read			{ background-image: url("./images/forum_read.gif"); min-height: 50px; }
.forum_read_locked		{ background-image: url("./images/forum_read_locked.gif"); min-height: 50px; }
.forum_read_subforum		{ background-image: url("./images/forum_read_subforum.gif"); min-height: 50px; }
.forum_unread			{ background-image: url("./images/forum_unread.gif"); min-height: 50px; }
.forum_unread_locked		{ background-image: url("./images/forum_unread_locked.gif"); min-height: 50px; }
.forum_unread_subforum		{ background-image: url("./images/forum_unread_subforum.gif"); min-height: 50px; }

Now all rows displaying forum names and post information will have the same height, whether they have a post to display information for or not.

Note that you may have to purge your forum’s cache from the ACP after making the changes.

Xfce: Gnome System Monitor

If you’re like me and you’ve mostly been experienced with using the Gnome System Monitor to look at the status of your machine and running applications, you’ll find it missing if you decide to change over to a different desktop environment such as Xfce.

I just recently installed the Xfce version of Linux Mint on one of my PCs, and the first thing I always do is set CTRL+Alt+Delete to open System Monitor. Searching for System Monitor in the menu gave no results, so I searched online for xfce system monitor. The only pertinent result that I found was of someone explaining to install Gnome System Monitor in Xubuntu using CLI. I’m assuming Xubuntu’s repositories have Gnome System Monitor in them to give you a result when searching in the Software Center, so you can install it just as easily through the software application with a UI rather than worrying with CLI, but I personally only installed it from the Software Manager in Linux Mint. I also wanted to know if there was any default application for monitoring running processes, and luckily the same post mentioned Xfce Task Manager.

As the post suggested, Gnome System Monitor is a more appealing application than Xfce Task Manager, but I actually like the simplicity of Xfce Task Manager as well. I also like the fact that it shows you the load on the CPU and memory above the list of running processes, rather than requiring you to switch between tabs to view the two separately as in Gnome System Monitor. Either way, I still installed Gnome System Monitor, but I decided to map keyboard shortcuts to both.

You can map keyboard shortcuts in Xfce by opening All Settings from the corner shortcut icon of the main menu and scrolling down to Keyboard under the Hardware category. It’s pretty straightforward. You’ll a tab titled Application Shortcuts. Just click the Add button at the bottom of the pane listing current shorcuts.

I personally chose to make Xfce Task Manager the common CTRL+Alt+Delete shortcut, and then made Gnome System Monitor CTRL+Shift+Alt+Delete. The commands for running the two applications are xfce4-taskmanager and gnome-system-monitor. You’ll be prompted that CTRL+Alt+Delete is already set for the command to lock the screen. Just click the button that says to map it to whichever monitoring application you want it to run, if you don’t want to use a different shortcut altogether.

Another plus I’ll give to Xfce Task Manager is that it defaults to create a minimized icon on the panel next to the clock that you can click on to relaunch the application in a window or hover over to view current loads on the CPU and memory. This can be disabled in the Preference settings of the application, and if you run it using the keyboard shortcut again while it is already minimized in the panel, it will actually launch a second instance (including an additional minimized icon in the panel). Not a huge deal, but a slight annoyance.

phpBB 3.1.x: Soft Delete for Boards Upgraded from 3.0.x

phpBB 3.1.x boards now have the ability to allow moderators to soft-delete posts so that they can later review the post and/or decide to restore it. If you upgraded from 3.0.x to 3.1.x instead of just installing a fresh 3.1.x board, you might have noticed that the confirmation message when deleting a post or thread doesn’t mention anything about soft- or hard-deletion. To fix the issue, all you have to do is modify some permissions that appear to be improperly set for the moderator roles in the permissions settings on the board during the upgrade.

The steps to fixing the issue are:

  • Go to your ACP.
  • Click on the Permissions tab.
  • Click on Moderator roles under the Permission Roles category in the left navigation pane.
  • Click the green edit cog icon to the right of the Full Moderator role.
  • Scroll down to the Moderative permissions section of the page.
  • Click on the Misc tab.
  • Change the Can soft delete posts entry from No to Yes.
  • Click Submit.

Anyone who has Global Moderator status on your board will now be able to soft delete posts as opposed to only being able to permanently delete them. The same must be done for any other moderator levels you want to be able to do soft-deletion as well. The Queue Moderator role doesn’t need the ability to perform any deletions – per its role description (only validating and editing posts queued for moderation), but you may decide you want the Standard and Simple moderator roles to only be able to soft-delete, whereas they can only hard-delete posts and topics due to the permissions issue of the upgrade. By default (in a fresh 3.1.x installation), the Standard, Simple and Full moderator roles are supposed to all be able to perform soft- and hard-delete on posts and topics.

Installing Linux via Bootable USB

Most of my Linux experience has been with Ubuntu. If not Ubuntu, then a relative flavor with Linux Mint and some slight tinkering with elementaryOS. The great thing about these three is that you can easily create a bootable media for either running a live desktop to test or to install thanks to the Startup Disk Creator application that ships with Ubuntu and Linux Mint both (and likely eOS also, but I didn’t check).

If you want to create a bootable media for another distribution, you’re out of luck with Startup Disk Creator. Even Debian distributions, which Ubuntu is derived from and actually show up in the pane listing ISO source images to use in Startup Disk Creator, won’t complete write to the USB drive without spitting out an error right before it would normally queue for password to write the boot record onto the media.

You’ll get a few different opinions on how to create a bootable media when searching online, some of which suggest installing and using additional packages such as UNetBootin or USB Creator. If you’re not comfortable with using terminal, or aren’t familiar enough with mounted drives and devices to make sure you don’t commit an act that will cause you to potentially lose vital data on your computer, then perhaps those are the better options.

For me, I hate installing any applications or packages that I don’t need. Since Ubuntu, and I wager most Linux distributions, ship with dd I prefer to use that. What’s better is its use is fairly straight-forward on top of it. You can get a few ideas of what dd can be used for by viewing its Wikipedia page. It appears to be a relatively easy option for backing up sensitive data, such as the MBR on a drive.

But anyway. If you’re looking to create a bootable media for a non-buntu distro, you can do so with dd with the following command:

sudo dd if=image.is of=/dev/sd?

If you read up on dd at the Wikipedia page, you’d have seen that there is also an argument you can pass: bs. By default, bs, which defines the block size for reading and writing in dd, is 512 bytes. Some suggestions that I’ve seen online recommend defining the block size to be larger. Larger block size would lean one to believe means less cycles when writing. So, you may want to bump that up to something larger, though staying within appropriate boundaries. Examples online of using dd to create writable USB drives often include a block size of 1MB. So, you could include that in the command:

sudo dd if=media.is of=/dev/sd? bs=1M

You must also make sure the media you’re writing to isn’t mounted before using dd to write to it:

sudo umount /dev/sd?

So, for example, if you’re USB drive was mounted as device sdc and your Linux distro image was named Linux-LiveUSB.iso (and we’re assuming you’ve navigated terminal to be in the same directory as the ISO image to avoid needing to include the path), you would issue the following to write it to the USB drive:

sudo umount /dev/sdc
sudo dd if=Linux-LiveUSB.iso of=/dev/sdc bs=1M

A brief summary of the commands are

  • if: Input File. This is the location and file that is being read from.
  • of: Output File. This is the location and/or file that is being written to.
  • bs: Block Size. This is the size, in bytes, that each data block is being read and written at. The default is 512, so leaving this undefined will have dd read and write data blocks at 512 bytes.

Lastly, I would say to only use this method if you need to create a bootable USB drive, and there are no other pre-installed software to get the job done. For example, why use this over Startup Disk Creator if you’re in a *buntu OS and need to create a bootable *buntu USB drive? There is no reason to. If you’re writing to a CD/DVD, then I would think the included disk burning software on your system would work just fine. If not, then dd should work fine for that as well. Just use the device name of the disk burner when designating the output file in the command. If the idea of manipulating data via terminal scares you, then I’d say better safe than sorry, and just look around for a fitting application with an easy UI.

BIND Authoritative-Only DNS Server on Ubuntu Server 14.04 or Debian 7

This post will explain how to get a DNS server setup going on Ubuntu Server 14.04 or Debian 7 using BIND. The arrangement assumes the following:

  • You’re using a master/slave configuration.
  • Your server host provides the rDNS for you. Most VPS hosting services handle the rDNS, so you’re not required to configure it on your own DNS server.
  • Your hostnames for the servers have been configured as fully qualified domain names.

For the example, the master server will be located at ns1.mydomain.com with an IP address of 10.0.0.1 and the slave server will be located at ns2.mydomain.com with an IP address of 10.0.0.2. Our test domain that is being handled by the DNS servers will be testdomain.com and will be configured to point to the same IP address as the master DNS, which is where we would assume the web server servicing the domain will be located.

For the commands shown in the explanations, it’s assumed that you’re logged in or acting as the root user. If not, you need to precede the commands with sudo, this includes when opening configuration files for editing. You’ll get a permissions error when you try to save the file if you don’t.

Installation

Start by installing BIND on both servers:

apt-get update
apt-get install bind9 bind9utils bind9-doc

If you’re notified that the file /etc/init.d/bind9 already exists on the server, and asked what you would like to do about it, respond with Y or I to install the version that is included with the package.

Configuration

Once the installation is complete, you already have a DNS server running on your Ubuntu installation. We only have to make some configuration changes to ensure master and slave servers are communicating with each other and that the master has been configured with the zone information for the domains being serviced by the DNS servers.

First, open /etc/bind/named.conf.options for editing. You should have something like the following:

options {
        directory "/var/cache/bind";

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        //      0.0.0.0;
        // };

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};

We need to add the following two lines anywhere within the brackets defining the options block:

recursion no;
allow-transfer { none; };

Example with added lines:

options {
        directory "/var/cache/bind";

        recursion no;
        allow-transfer { none; };

        // If there is a firewall between you and nameservers you want
        // to talk to, you may need to fix the firewall to allow multiple
        // ports to talk.  See http://www.kb.cert.org/vuls/id/800113

        // If your ISP provided one or more IP addresses for stable
        // nameservers, you probably want to use them as forwarders.
        // Uncomment the following block, and insert the addresses replacing
        // the all-0's placeholder.

        // forwarders {
        //      0.0.0.0;
        // };

        //========================================================================
        // If BIND logs error messages about the root key being expired,
        // you will need to update your keys.  See https://www.isc.org/bind-keys
        //========================================================================
        dnssec-validation auto;

        auth-nxdomain no;    # conform to RFC1035
        listen-on-v6 { any; };
};

Save the changes and close the file.

Next, we need to configure the local file to point to the zone files for the domains that will be serviced by the DNS servers. Assuming that we’re servicing a domain called testdomain.com, open /etc/bind/named.conf.local and add the following – as designated for master and slave configurations:

Master

zone "testdomain.com" {
        type master; also-notify { 10.0.0.2; };
        file "/etc/bind/zones/db.testdomain.com";
};

Slave

zone "testdomain.com" {
        type slave; masters { 10.0.0.1; };
        file "/etc/bind/zones/db.testdomain.com";
};

Since the zone block within the local file is pointing to a sub-directory within BIND’s primary directory to house the zone files, we need to create the zones directory and change its owner to the bind user. This needs to be done for both the master and slave servers:

mkdir /etc/bind/zones
chown bind: /etc/bind/zones

Now, you can create the zone file for the domain. For the example, we called the file db.testdomain.com, and configured BIND to look for the file in the /etc/bind/zones directory.

An example of our zone file would look like:

$ORIGIN testdomain.com.
$TTL 1800
@       IN      SOA     ns1.mydomain.com.       admin.testdomain.com. (
                        2015010101              ; serial number
                        3600                    ; refresh
                        900                     ; retry
                        1209600                 ; expire
                        1800                    ; ttl
                        )
; Name servers
                    IN      NS      ns1.mydomain.com.	; master DNS
                    IN      NS      ns2.mydomain.com.	; slave DNS

; A records for name servers
ns1                 IN      A       10.0.0.1		; master DNS IP
ns2                 IN      A       10.0.0.2		; slave DNS IP

; Additional A records
@                   IN      A       10.0.0.1		; www IP

; CNAME records
www                 IN      CNAME   testdomain.com.	; www IP

The settings above are fairly straightforward for configuring a zone with NS records and records to point to a web server for serving pages. Just be aware that the value for serial needs to be changed every time the zone file is updated, otherwise the DNS server will not update other servers. For the appended www, you could include an A record that points to the web server’s IP address, just like the origin does, but I believe it is more appropriate to point it to the origin with a CNAME record, as I updated this example to do. Feel free to correct me if you know better.

Check Configurations

At this point, all configuration is done. You simply need to check the configuration and zone files for errors, and then restart the servers.

You can check the local configuration by issuing:

named-checkconf /etc/bind/named.conf.local

If it returns nothing (line-breaks directly back to the command prompt), then everything checked good.

You can then check the zone configuration with (on the master server):

named-checkzone testdomain.com /etc/bind/zones/db.testdomain.com

If all checked well, it should return something like:

zone testdomain.com/IN: loaded serial 2015010101
OK

Now, simply restart the two servers.

service bind9 restart

After waiting for the configurations to propogate (varies in time – could be over 24 hours), you can pull up a prompt on your local linux machine and issue the following to see if the DNS has updated the domain to point to your master DNS server’s IP address:

nslookup testdomain.com

A successful setup should return something similar to:

Non-authoritative answer:
Name:	testdomain.com
Address: 10.0.0.1

An unsuccessful setup would return something more like this:

** server can't find testdomain.com: SERVFAIL

If you get an error, it could be that you didn’t give the servers enough time to update the information for the domains. Either way, you can view the system log on the servers to see if there are any errors:

tail -f /var/log/syslog

Look for the following to indicate successful zone information loading and communication between master and slave servers:

named[4215]: zone testdomain.com/IN: loaded serial 2015010101
named[4215]: zone testdomain.com/IN: sending notifies (serial 2015010101)

Anything else, pertaining specifically to the domain you configured, might indicate there is a problem with either the zone file or that the master and slave are not communicating. Ensure your firewall is allowing traffic on port 53.

HostUS VPS Specials

These are two specials that HostUS is offering on their OpenVZ VPS services. It hasn’t been stated when the specials will end, but I’d grab them while they’re available if you’re in the market. Beyond the specials, they appear to have very affordable VPS options available, and I believe they’re in the process of adding KVM options as well. Worth a look if you are considering purchasing a VPS.

768MB
768MB RAM / 768MB vSwap
1 vCPU Core (Fair Share)
20 GB Disk Space
2048 GB Bandwidth / 1Gbit Uplink (Fair Share)
1x IPv4 address / 4 x IPv6 Addresses
OpenVZ/In-House Panel
$10/year (Click Here)

6GB
6GB RAM / 6GB vSwap
4 vCPU Cores (Fair Share)
150GB Disk space
5TB Bandwidth / 1Gbit/s port
3 x IPv4 address / 4 x IPv6 Addresses
OpenVZ/In-House Control Panel
$18/quarter or $65/year (Click Here)