Server Applications

I would like to compile a list of server applications that are available out there that I might use some day (or am using now). My preferences for software are GPL-based, lightweight, easy to setup up, easy to administer, easy to use, and widely-used (to get support). Most of these were found based on my experiences on the web or from searching.

For my web server, I have Ubuntu as the OS with Apache, MySQL, and /php, i.e., LAMP).

  1. UPDATE 1/8/2011 Web server: Apache is standard and most popular. nginx is supposedly a lot faster and more stable, especially for static content; it is also easy to configure. lighttpd and Mongoose are other alternatives. Here is a list and comparison.
  2. UPDATE 1/8/2011 Database: MySQL and PostgreSQL are popular open source programs. A list here.
  3. Content publishing/management system (CMS), e.g., blogs: WordPress, Joomla and Drupal (requires more knowledge of html and css). I use WordPress as my blogging platform. Most content websites I visit are using one of these platforms. Comparisons here. UPDATE 1/19/2011 For something simpler, consider PyBlosxom, or some solution that involves emacs and org-mode.
  4. Forum: phpBB. Comparisons here)
  5. Wiki: MediaWiki, MoinMoin, dokuwiki, mojomojo. Comparisons here.
  6. Audio and video streaming: GNUMP3d MPEG4IP, Ampache, Subsonic. I currently use Ampache, but might test out GNUMP3d some day. Note you can also use VLC to stream. A list here
  7. Images/pictures/photos: Gallery and phpGraphy. A comparison here and my testing of a few different applications here.
  8. Customer relationship management (CRM): vtiger, openCRX. A short list is here and a list of lists is here.
  9. Mailing list: Mailman is king; Majordomo. A short list can be found here.
  10. Single sign-on (SSO), Central Authentication Service (CAS): If the above services are related, consider integrating OpenID using a plugin (?). Some open source softwares are OpenAM, CoSign, jasig.
  11. Data collection, surveys, forms: LimeSurvey, phpESP, RedCAP (not open source; institutions only), Form Tools, and orbeon. This list of open source healthcare software might help.
  12. UPDATE 12/20/2010 Software Configuration Management (SCM) or Revision Control Software: of course, git or maybe Subversion. A comparison here.
  13. UPDATE 12/20/2010 Issue-tracking systems (bug tracking, help desk, service desk, tickets): Trac (interface with svn by default; can add git through a plugin) and Bugzilla for for source code (bugs), and OTRS, os Ticket, Request Tracker or eticketsupport for help desk. A comparison here; another here; stack overflow post.
  14. UPDATE 12/20/2010 Collaborative Software Development (Forge): FusionForge (descendant of the open source GForge). A list can be found here).
  15. UPDATE 12/20/2010 School-related: SchoolTool, Open Admin and Open School for administration (School Management Software). Check out Edubuntu and skolelinux as OS’s for students. Moodle is a Course Management Software (CMS) or Learning Management Software. Many more (different categories) can be found on SchoolForge. Loads of useful links and information regarding Linux and Education at this post.
  16. UPDATE 1/1/2011 Mail Server: See this and this. Looks like I would need Postfix (MTA) + many others, e.g., see this.
  17. UPDATE 1/8/2011 Enterprise Resource Planning (ERP) = CRM + HRMS, of which PeopleSoft is an example: Compiere and OpenERP; a list here and here.
  18. UPDATE 1/8/2011 Job portal/board: jobberBase; a list here.
  19. UPDATE 1/19/2011 Blog aggregators: Planet Venus, used by Planet Emacsen, or some wordpress plugins, used by R Bloggers (I think).
  20. UPDATE 8/29/2011 Question and Answer site like Stack Overflow and the Stack Exchange suite: OSQA and shapado; list here.

UPDATE 1/1/2011 See this list for applications of different types.

Automatically start Asterisk at boot time

Learned how to do so from this thread.

 <pre class="src src-sh"><span style="color: #b0c4de;">cd</span> ~/Downloads/asterisk/1.8/contrib/init.d <span style="color: #ff4500;">## </span><span style="color: #ff4500;">contrib folder is in source directory</span>

sudo cp rc.debian.asterisk /etc/init.d/asterisk sudo chmod 755 /etc/init.d/asterisk # to set the script as boot update-rc.d asterisk defaults

# to remove the script from boot update-rc.d -f asterisk remove

Modify the /etc/init.d/asterisk:

<pre class="src src-sh"><span style="color: #ff4500;"># </span><span style="color: #ff4500;">Full path to asterisk binary</span>

## DAEMON=ASTERISK_SBIN_DIR/asterisk DAEMON=/usr/sbin/asterisk ## ASTVARRUNDIR=__ASTERISK_VARRUN_DIR__ ASTVARRUNDIR=/var/run/asterisk/ ## ASTETCDIR=__ASTERISK_ETC_DIR__ ASTETCDIR=/etc/asterisk/

Be on my home network when I’m away from home via OpenVPN

In my previous employments, I remember co-workers having to use VPN when they work from home. They can access everything at the company as if they were physically on-site. I haven’t tried configuring it on my home network since if I ever needed anything, I ssh’d into my home NAS, and grabbed stuff from there. I guess VPN can be useful in that everything I do on the remote machine will seem like I’m at home, meaning all my mounted access to different directories on the NAS, access to the router, etc, are available while I’m away.

Been wanting to play around with VPN for a while since I know both DD-WRT and Tomato routers has OpenVPN bundled in them.

Instructions are clearly documented at the USB Tomato wiki (look here to get the easy rsa files in newer versions (14.04) of Ubuntu). Note that when pasting stuff into the web browser, include the BEGIN and END lines. Also note that in order to generate the files, you have to do so as root; sudo doesn’t cut it. On Ubuntu, do sudo -i to imitate su.

Keep the generated files in a safe place. The files that I keep on my laptop (client) to VPN into my home network are ca.crt, Client1.crt, and Client1.key. Then create this Client1 file:

##########################################
# ______ __
# /_ __/___ ____ ___ ____ _/ /_____
# / / / __ / __ `__ / __ `/ __/ __ 
# / / / /_/ / / / / / / /_/ / /_/ /_/ /
# /_/ ____/_/ /_/ /_/__,_/__/____/
# admin@domain.com
##########################################
# The hostname/IP and port of the server. You can have multiple remote entries to load balance between the servers.
remote server.dyndns.org 1194
# Specify that we are a client and that we will be pulling certain config file directives from the server.
client
ns-cert-type server
# On most systems, the VPN will not function unless you partially or fully disable the firewall for the TUN/TAP interface.
dev tun21
# Are we connecting to a TCP or UDP server?
proto udp
# Keep trying indefinitely to resolve the host name of the OpenVPN server. Useful for machines which are not permanently connected to the internet such as laptops.
resolv-retry infinite
# Most clients don't need to bind to a specific local port number.
nobind
# The persist options will try to avoid accessing certain resources on restart that may no longer be accessible because of the privilege downgrade.
persist-key
persist-tun
float
# SSL/TLS parms.
ca ca.crt
cert Client1.crt
key Client1.key
# Enable compression on the VPN link.
comp-lzo
# Silence repeating messages
;verb 3
# Silence repeating messages
mute 20

When I need to VPN, just do

sudo openvpn Client1 ## do this in directory where the 3 files are stored

Thank you open source community!

Update (12/14/2010): Password-protect OpenVPN

I wanted to add a password feature to my VPN since I’m afraid someone might get access to my key files. I asked how to do so on the Tomato forum, and was referred to this post. It is quite easy to implement. 10/25/2014: Did more research to see if it’s better to implement a passphrase for the key instead of what I implemented before, but this post confirms that the auth-user-pass-verify method is indeed the recommended way to implement authentication.

In the tomato web config, add the following:

init script (under Administration):

echo '#!/bin/sh
user1="user1name"
pass1="user1pass"
test "$user1" = "${username}" && test "$pass1" = "${password}" && exit 0
exit 1' > /tmp/quickAuth.sh
chmod 755 /tmp/quickAuth.sh

Restart the router or, better yet, execute the above code on the “System” page under “Tools”.

Under the “Advanced” tab on the VPN Server page, enter the following under “Custom Configuration”:

script-security 3
auth-user-pass-verify /tmp/quickAuth.sh via-env

Now, on my Client1 file above, add the line auth-user-pass somewhere (I placed it after comp-lzo).

Now when I vpn to the network, I have to enter a username and password. This is awesome.

UPDATE 1/1/2011: Issue with PeerGuardian/MoBlock

I have issues connecting to a computer on the local network through OpenVPN. See this post for more details. To connect to it, just turn off PeerGuardian (sudo pglcmd stop).

UPDATE 10/6/2011: Channel all internet traffic through VPN

The above method allows me to access computers on my home network. To direct all internet traffic from my current device to the VPN network (so that the IP the world would see is the VPN’s network), check the Direct clients to redirect Internet traffic checkbox in the Advanced Tab when setting up VPN in Tomato (according to this post). That way, I can use the internet securely when on a public network. I will only turn this feature on when I truly need it.

Unfortunately, there DNS names doesn’t resolve (only IP addresses will work). I seeked help here obtained a solution there and here. To fix the DNS issue, I added the following three lines to the end of the config we created earlier:

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf

and added

push "dhcp-option DNS 8.8.8.8"

to the “custom configuration” field under the “Advance” tab of the VPN server page on Tomato. The latter just says to use Google’s DNS server.

UPDATE 10/25/2014: Use on Android

I can VPN on Android via the OpenVPN app. It should work after I copy all my files (Client1.ovpn, Client1.key, Client1.crt, and ca.crt) into a single directory on Android, and import Client1.ovpn in the app. However, I don’t want to leave my keys on my phone like that for security reasons, so the Help file in the OpenVPN app suggests creating a pkcs12 file and adding that to the Android keychain. To do so, first remove the 3 lines referencing in Client1.key, Client1.crt, and ca.crt in Client1.ovpn file. Import this ovpn file instead. On Linux, do

openssl pkcs12 -export -in Client1.crt -inkey Client1.key -certfile ca.crt -out Client1.p12

to generate Client1.p12. Enter an extracting password (will be asked when importing into Android keychain). Transfer to phone and import it via the OpenVPN app (so only Client1.ovpn and Client1.p12 files needed); enter the extracting password. Now one should be able to connect to the VPN after entering the username and password from the auth-user-pass-verify method. This is cool!

Google Voice on Asterisk with an Auto-attendant and free calls

I’ve heard about Asterisk for some time now since using VoIP services such as Google Voice, Gizmo5, Sipgate and Skype. Most of these services allow you to receive unlimited phone calls for free; you just need to register the service using a sip client, such as Ekiga on Linux, telephone on Mac OS X, sipdroid on an Android phone with unlimited data. The only “fancy” thing I did with these services was receive Google Voice calls on Gizmo5 and using the voicemail feature for parents in my local youth group to leave messages (so I don’t have to release my personal phone number or talk to them…I am a busy person).

Before I continue, I just want to say that I really like Google Voice as a service. You get a free phone number that you can forward to different phones, including the VoIP provider Gizmo5. The voicemail transcription is just awesome; I even set my personal cell phone to use GV as it’s default voicemail application over the network provider’s. If you use an Android phone, you get the GV app that let’s you read voicemails and text messages, send text messages and call using the GV phone number. Most recently, you can even receive and call any US number for free!

I recently wanted to set up an auto-attendant with GV so my youth group’s main phone number could be routed to the specified person when parents need to speak with us; I really don’t like to give out our personal phone numbers, not because we don’t want to talk to parents, but because they still call you (thinking you’re in charge) when other volunteers have taken over your position at the group.

Searching for “free auto-attendant” or the likes yielded a few services. I checked out Phonebooth but it didn’t really do what I wanted to or is very limited; either that or I didn’t know how to set it up. I remembered Asterisk and finally looked more into it.

According to Wikipedia), Asterisk is an open source PBX (Private Branch Exchange). It’s called Asterisk (*) because once the original author wrote a program to connect a computer to the telephone system, he realized anything could be done with the program. Hence asterisk meaning anything.

I will now outline how to set up Google Voice to receive and forward calls with Asterisk, along with playing messages for the caller to hear. This is what I want to have for my youth group. Note figuring out this entire process was hard because I am not familiar with phone systems and networking. The folks from #asterisk on freenode was very helpful. Before I start, let me mention that the free book on asterisk is the definitive guide on learning this stuff. Reading the Dialplan section is a must for learning how to handle calls (play message, forward, etc). Debugging is a must when seeking help in the irc channel, forum, or mailing list.

Install Asterisk on a Linux system

I will provide instructions for how to install the plain Asterisk version, not AsteriskNow or the many derived products. You can install it using apt-get on Debian/Ubuntu, but we’ll need version 1.8 to get Google Voice working with Asterisk without going through another VoIP provider. I’ll install it from the 1.8 branch of the svn version:

sudo apt-get install libiksemel-dev libssl-dev libncurses5 g++ libxml2-dev
svn co http://svn.digium.com/svn/asterisk/branches/1.8
cd 1.8
./configure
make
sudo make install
sudo make samples

This will install asterisk. Be default, Asterisk needs to be run under the root user. sudo asterisk would start it. sudo asterisk -r will connect to a CLI on the current machine with asterisk running. sudo asterisk -c will start Asterisk and go directly into the CLI.

Google Voice setup

Edit the following files in /etc/asterisk/.

jabber.conf and replace gmail.address with yours, and tnttspJabber with what you want to call this connection:

[general]
debug=yes
autoprune=no
autoregister=yes

[tnttspJabber]
type=client
serverhost=talk.google.com
username=gmail.address/gmail ;; either will work
;;username=gmail.address/Talk
secret=password
port=5222
usetls=yes
usesasl=yes
statusmessage="I am an asterisk server." ;required
timeout=100

gtalk.conf:

[general]
;;context=default ;; you can specify here too
allowguest=yes
bindaddr=0.0.0.0

[guest]
context=tnttsp ;; context in extensions.conf
disallow=all
allow=ulaw
connection=tnttspJabber ;; refer to the connection name in [ ] in jabber.conf

This will make asterisk connect to GV via the jabber protocol. It is as if you are logged into gtalk in gmail, where you can send and receive phone calls.

The dialplan, the configuration in extensions.conf, is what we tell asterisk to do when a call is received from a channel or what to do when digits are pressed in a call. Please read it in the book.

A basic hello world example and the ability to dial out in extensions.conf:

[general]
[globals]

[tnttsp]
exten => s,1,Answer()
;;exten => s,n,Wait(10)
exten => s,n,Wait(1)
exten => s,n,SendDTMF(1) ;;needed for google voice; otherwise, only call to computer in gmail will work and not calls made to google voice
exten => s,n,Playback(hello-world)

;; call
exten => _1NXXNXXXXXX,1,Dial(Gtalk/tnttspJabber/+${EXTEN}@voice.google.com)

Some references for this setup are here, here (look in comments), here, and here (look in comments).

Note that to dial out, you need to use something like an AMI script or be in Asterisk. I have not yet figured out how to connect a sip client to asterisk to be able to dial out because I am not that savvy with networking. Sip client and asterisk needs to be directly connected to each other, and having the host and/or client behind firewalls make things complicated.

For wav files to be played using Playback() or Background(), make sure

  1. File paths do not include the extensions, such as .wav. For example, /home/username/sound/mysound not /home/username/sound/mysound.wav.
  2. Wav files need to be mono and 8000 Hz. Use the following script to convert them:
#! /bin/bash

## http://wiki.kolmisoft.com/index.php/Convert_WAV_file_to_Asterisk_playable_format
## http://www.voip-info.org/index.php?content_id=3339
for file in "$@"
do
mv $file ORG$file
sox ORG$file -r 8000 -c1 -s $file rate -ql
done

I have not tested mp3 files.

Wireless Bridge does not allow access to computers on the same network

My primary router is on tomato, and since I’ve been liking it so much, I decided to load tomato on my wireless bridge. After doing so, I followed these instructions (Wireless Ethernet bridge mode) to it to connect to the primary router. It was way easier than doing so on DD-WRT, and access to the internet works. However, access to computers connected to the primary router did not work. I believe this is a known issue (read comments in the link).

Guess tomato works well as a primary router but not so for a client router.

USB NAS and print server

I assume you have a compatible router with usb ports with the Teddy Bear mod Tomato firmware installed.

These instructions show that the USB NAS portion is quite easy. Once the hard drives are connected, they are automatically mounted in the router’s Linux OS. A computer on the same network can connect to the router’s hostname/ip via the samba protocol or ftp (if enabled).

Printserver was less obvious since I wasn’t familiar with it. Tomato uses p910nd printer daemon. By default, only 1 instance is running on Tomato on port 9100. If you plan on connecting multiple printers (eg, adding through a USB hub), then you will need to run additional instances of p910nd in the startup script of the Tomato firmware:

 <pre class="src src-sh">/usr/sbin/p910nd -b -f /dev/usb/lp1 1

Continue to add 2, 3, …, if more printers are required. Reboot the router, and another instance is added to port 9101, etc. Note: the ordering is based on the proximity of the USB ports. Check the USB page on the router config site to determine the ordering.

To add a printer on a Windows machine, you will have to add it MANUALLY (auto-detect of any kind will not work). Following copied in case those links die:

HOW TO SET UP A PRINTER WITH TOMATO

  • I installed the printer the same exact way I do most USB print servers
  • GO TO ADD PRINTER
  • ADD A NETWORK PRINTER
  • SKIP AUTO DETECTION AND DO IT MANUALLY
  • ADD A PRINTER USING A TCP/IP ADDRESS…
  • DEVICE TYPE: TCP/IP DEVICE
  • HOSTNAME/IP: Your_Router_IP (ex: 192.168.1.1, mine is different), PORT NAME: let it auto-populate
  • UNCHECK the “Query the printer…”
  • Detection should fail…
  • On bottom, DEVICE TYPE click on CUSTOM, then SETTINGS
  • Leave all default ports and settings and click OKAY
  • Finish everything and print a test page.

On my Ubuntu, searching the printer on the router’s hostname/ip works. However, on all machines, you will have to select the type of printer manually.

UCI ICS printing

Note to self on how to set up printing at UCI ICS on a Linux. Official instructions here.

Get to Printing (under System -> Administration), Add Printer. Under Network Printer, select LPD/LPR Host or Printer (IPP did not work for me). Enter printserver.ics.uci.edu for host, and enter the printer for queue. Move forward and specify printer and driver manually.