How to Configure Static IP Address Using nmcli in Linux

Configuring a static IP address is a common task for Linux administrators, especially when setting up servers or virtual machines that require consistent network settings. The nmcli command-line tool, part of NetworkManager, provides a powerful and scriptable way to manage network connections without a GUI. In this guide, we’ll walk through the essential nmcli commands to set a static IPv4 address, gateway, DNS, and disable IPv6 for a network interface.

Step-by-Step: Setting a Static IP Address with nmcli

Let’s assume your network interface is named ens33. Here’s how to configure it:

1. Assign a Static IPv4 Address
   nmcli con mod ens33 ipv4.addresses "172.16.3.150/16"
   This sets the IP address to 172.16.3.150 with a subnet mask of 255.255.0.0 (CIDR /16).
2. Set the Default Gateway
   nmcli con mod ens33 ipv4.gateway "172.16.0.1"
   This command configures the default gateway for outgoing traffic.
3. Configure DNS Server
   nmcli con mod ens33 ipv4.dns "8.8.8.8"
   This sets Google’s DNS server for name resolution. You can add multiple DNS servers by separating them with a comma, e.g., "8.8.8.8,8.8.4.4".
4. Disable IPv6 (Optional)
   nmcli con mod ens33 ipv6.method "disabled"
   If your environment does not use IPv6, disabling it can simplify network troubleshooting and improve security.
5. Set IPv4 Method to Manual
   nmcli con mod ens33 ipv4.method manual
   This ensures that the interface uses manual (static) configuration instead of DHCP.

Applying the Changes

After making these changes, you need to bring the connection down and back up for the settings to take effect:

 nmcli con down ens33 nmcli con up ens33 

Example: Complete Static IP Setup Script

nmcli con mod ens33 ipv4.addresses "172.16.3.150/16" 
nmcli con mod ens33 ipv4.gateway "172.16.0.1" 
nmcli con mod ens33 ipv4.dns "8.8.8.8" 
nmcli con mod ens33 ipv6.method "disabled" 
nmcli con mod ens33 ipv4.method manual 
nmcli con down ens33 nmcli con up ens33 

Additional Tips

• Check Connection Name: Use nmcli con show to list all available connections and confirm your interface name (e.g., ens33).
• Disable IPv6 for Other Connections: Replace ens33 with your actual interface name as needed.
• Verify Configuration: After applying changes, use ip addr and nmcli dev show ens33 to verify your settings.

Summary Table: Key nmcli Commands

Command	Description
nmcli con mod ens33 ipv4.addresses "IP/CIDR"	Set static IP address and subnet
nmcli con mod ens33 ipv4.gateway "GATEWAY"	Set default gateway
nmcli con mod ens33 ipv4.dns "DNS"	Set DNS server(s)
nmcli con mod ens33 ipv6.method "disabled"	Disable IPv6
nmcli con mod ens33 ipv4.method manual	Set IPv4 configuration to manual
nmcli con down ens33	Deactivate the connection
nmcli con up ens33	Activate the connection

With these nmcli commands, you can quickly and reliably configure static IP settings on your Linux systems, making network management more efficient and consistent.

Installing PHP 8.3 on RHEL-based Systems: A Step-by-Step Guide

PHP stands as a cornerstone of web development, a versatile scripting language and interpreter renowned for its open availability and prevalent use on Linux-based web servers. Keeping your PHP installation up-to-date is crucial for performance, security, and access to the latest features. This guide walks you through the process of installing PHP 8.3 on your Red Hat Enterprise Linux (RHEL) based system, leveraging the EPEL and REMI repositories for a streamlined experience.

Adding the EPEL and REMI Repositories

To gain access to a wider range of software packages, including the latest PHP versions, we'll add the Extra Packages for Enterprise Linux (EPEL) and the Remi Community Repository (REMI) to your system's package manager. Execute the following commands in your terminal:

Bash

sudo dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf -y install https://rpms.remirepo.net/enterprise/remi-release-9.2.rpm

Note: The dnf command is the package manager used in modern RHEL-based systems like CentOS, Fedora, and AlmaLinux. The -y flag automatically confirms the installation, so proceed with caution.

Installing Yum Utilities

The yum-utils package provides a collection of helpful utilities for managing your DNF repositories and packages. Install it using the following command:

Bash

sudo dnf -y install yum-utils

While the command mentions yum, it's often a symbolic link to dnf on newer systems, so this command works seamlessly.

Enabling the PHP 8.3 Remi Repository

The REMI repository offers more recent PHP versions than the default RHEL repositories. To enable the PHP 8.3 stream from REMI, you'll first need to reset any active PHP modules and then enable the specific PHP 8.3 module:

Bash

sudo dnf module reset php
sudo dnf module install php:remi-8.3

The dnf module reset php command ensures a clean slate by disabling any previously enabled PHP modules. Following this, dnf module install php:remi-8.3 activates the PHP 8.3 module provided by the REMI repository.

With these steps completed, your system is now configured to install PHP 8.3 and its associated packages from the REMI repository. You can now proceed to install PHP 8.3 and any extensions you require using the dnf install php php-<extension-name> command.

Fixing “Permission Denied” Errors in Nginx Reverse Proxy Setups with SELinux

Running Nginx as a reverse proxy on a system with SELinux enabled can sometimes lead to frustrating errors like:

[crit] connect() to 172.16.5.32:32400 failed (13: Permission denied) while connecting to upstream, client: 172.16.0.1, server: rplex.adminz.in, request: "GET /web/index.html HTTP/2.0", upstream: "http://172.16.5.32:32400/web/index.html", host: "rplex.adminz.in:8443"

If you’re seeing this, SELinux is likely blocking Nginx from making outbound network connections to your upstream servers. Here’s how you can diagnose and fix the issue.

Understanding the Problem

When SELinux is in enforcing mode, it restricts what processes can do—even if you’re running as root. By default, Nginx (and other web servers running under the httpd_t SELinux context) cannot make arbitrary outbound network connections. This is a security feature, but it can block legitimate reverse proxy setups.

Typical log entries look like this:

[crit] connect() to <backend-ip>:<port> failed (13: Permission denied) while connecting to upstream, ...

Diagnosing SELinux Denials

To confirm SELinux is the culprit:

Check your Nginx error logs for “(13: Permission denied)” messages.

Inspect the SELinux audit logs:

sudo grep nginx /var/log/audit/audit.log | grep denied

If you see denials related to name_connect on a TCP socket, SELinux is blocking the connection.

The Solution: Allow Nginx Network Connections

SELinux controls network permissions for web servers using Boolean flags. The most relevant for Nginx reverse proxies is httpd_can_network_connect.

What does httpd_can_network_connect do?

Enabling this Boolean allows Nginx (and other httpd processes) to make outgoing network connections to any port.

This is required for Nginx to proxy requests to other backend servers, especially if they’re not on standard HTTP/HTTPS ports.

How to Enable It

Make the change persistent with:

setsebool -P httpd_can_network_connect true

The -P flag makes the change survive reboots.

After running this command, restart Nginx:

systemctl restart nginx

This should resolve the “permission denied” errors when connecting to upstream servers.

Harvester Setup and Configuration

Harvester is an open-source hyperconverged infrastructure (HCI) software that provides a powerful and easy-to-use platform for deploying and managing virtual machines (VMs). Built on Kubernetes, it simplifies the process of setting up and maintaining a virtualized environment. 

The following steps will guide you in setting up Harvester 

Download the Harvester ISO from the website.

Make a bootable USB from the ISO with any of the following tools

• https://etcher.balena.io/
• https://rufus.ie/en/

Once the machine has been booted from USB we will get the following Page

Once booted, follow the steps to complete the installatoon

1. Cluster Creation:
• Select "Create a new Harvester Cluster"
2. Disk Selection:
• Use the right arrow key to navigate and choose a disk for Harvester's system.
• Select a separate disk dedicated to storing virtual machine data.
3. Host Configuration:
• Enter a hostname for your Harvester node.
4. Network Setup:
• Use the right arrow key to select your network interface card (NIC).
• Choose between DHCP or static IP configuration.
• If using Static, provide the necessary network details (IP address, subnet mask, gateway).
• Configure DNS server addresses.
5. VIP Configuration:
• Use the right arrow key to navigate, Choose between DHCP or static IP for the Virtual IP (VIP) address.
• If using Static, enter the desired VIP.
6. Cluster Token:
• Set a cluster token. This is crucial for adding more nodes to your cluster later.
7. Password and SSH:
• Set a strong password for accessing the node (default SSH user is 'rancher').
8. NTP Servers:
• Configure NTP servers (defaults to 0.suse.pool.ntp.org) to ensure time synchronization across all nodes. Use commas to separate multiple server addresses.
9. Optional Configurations:
• HTTP Proxy: If needed, provide the proxy URL.
• SSH Keys: Import SSH keys by providing their HTTP URL (e.g., GitHub public keys).
• Harvester Configuration: If you have a specific configuration file, enter its HTTP URL.
10. Review and Install:
• Review all the settings you've configured.
• Confirm to start the installation process. This might take a few minutes.
11. Access Harvester:
• After the node restarts, the Harvester console will show the management URL and node status.
• Access the web interface using the provided URL (defaults to https://your-virtual-ip).
• Use F12 to switch to the shell if needed, and type exit to return to the console.

Latest Steps can be found @  https://github.com/harvester/harvester

Enabling the MsSQL Extension in cPanel/WHM: A Manual Installation Guide

While cPanel/WHM offers a wide range of PHP extensions out of the box, the MsSQL extension for connecting to Microsoft SQL Server databases requires a bit of manual effort. In this guide, we'll walk you through the step-by-step process of installing and configuring the MsSQL extension on your cPanel server.

Prerequisites:

• Root Access: You'll need root privileges on your server to perform these steps.
• Source Code: Instead of using RPM packages (which can lead to dependency issues), we'll compile the necessary components from source code.

Installing Required Modules

1. unixODBC:

   • Download: Get the source code from the official unixODBC website.
   • Extract: tar -xvf unixODBC-X.X.X.tar.gz (replace X.X.X with the version you downloaded).
   • Configure and Install:

     cd unixODBC-X.X.X
     ./configure --prefix=/usr/local --enable-gui=no
     make
     make install
     

     FreeTDS:
2. • Download: Download FreeTDS version 0.82 (or a compatible older version) from ftp://ftp.freetds.org/pub/freetds/old/0.82/freetds-0.82.tar.gz.
   • Extract: tar -xvf freetds-0.82.tar.gz
   • Configure and Install:

     cd freetds-0.82
     ./configure --with-tdsver=8.0 --with-unixODBC=/usr/local
     make
     make install
     

     Configure FreeTDS:
3. • Edit freetds.conf: Find the freetds.conf file (usually in /usr/local/etc or /etc) and add the following, replacing placeholders:

     [MSHOSTNAME]
     host = your_sql_server_hostname_or_IP
     port = 1433 
     tds version = 8.0
     

Compiling mssql.so

1. Navigate to PHP Extension Directory:

   cd /home/cpeasyapache/src/php-X.X.X/ext/mssql

   (Replace X.X.X with your PHP version.)

2. Prepare and Build:

   phpize
   ./configure
   make
   make install

Activating the Extension

1. Locate php.ini: Find your PHP configuration file (php.ini). Its location can vary depending on your setup.
2. Add Extension: Open php.ini in a text editor and add the following line:

   extension="mssql.so"
   

3. Restart Apache:

   service httpd restart

Verifying Installation

To confirm that the extension is loaded, you have two options:

• Check Modules: Run php -m | grep mssql. If the installation was successful, you'll see "mssql" in the output.
• Create a phpinfo Page: Create a PHP file with the following content:

  <?php phpinfo(); ?>
  Open this file in your browser and search for "mssql." You should see detailed information about the MsSQL extension.

Troubleshooting Tip:

If you encounter an error during the FreeTDS configuration related to unixODBC, try using an older version of FreeTDS (like 0.82), as newer versions might have compatibility issues.

By carefully following these steps, you can manually install and enable the MsSQL extension in your cPanel/WHM environment, allowing your PHP applications to seamlessly interact with Microsoft SQL Server databases.

PEAR Management in cPanel

Installing PEAR in cPanel: A Guide for PHP Developers

PEAR (PHP Extension and Application Repository) is a valuable resource for PHP developers, offering a framework and distribution system for reusable PHP components. Whether you're building custom web applications or need specific functionality, PEAR can streamline your development process.

In this guide, we'll walk you through the steps for installing PEAR in your cPanel environment. The process varies slightly depending on your PHP version:

PHP Versions Less Than 5.3

1. Download go-pear: Use the following command in your terminal or SSH session:

   wget http://pear.php.net/go-pear

2. Install PEAR: Run the downloaded script:

   php go-pear.php

   Follow the on-screen prompts to customize your installation.

PHP Versions 5.3 and Above

1. Download go-pear.phar: Fetch the updated installer:

   wget http://pear.php.net/go-pear.phar

2. Install PEAR: Execute the installer using the following command:

   php go-pear.phar
   

   Again, follow the instructions to configure PEAR to your liking.

Important Notes

• Root Access: You'll need root access (via SSH or console) to perform these commands. If you're not comfortable with server administration, contact your hosting provider for assistance.
• Alternative Method: cPanel may have a built-in PEAR installer available in the software section. Check if this option exists for a more user-friendly installation.

Once PEAR is installed, you can manage packages using the pear command line tool:

• Installing a Package:

  pear install <package_name>
• Upgrading a Package:

  pear upgrade <package_name>
• Uninstalling a Package:

  pear uninstall <package_name>
• Listing Installed Packages:

  pear list

Why PEAR Matters

PEAR simplifies PHP development by providing:

• Reusable Components: A vast library of code packages for various tasks.
• Consistent Structure: A standardized way to organize and manage PHP projects.
• Easy Installation: Simple commands for adding and updating packages.
• Community Support: A large and active community of developers for troubleshooting and support.

By leveraging PEAR's capabilities, you can save time and effort while building robust and reliable PHP applications.

Let me know if you have any further questions about using PEAR with cPanel!

Resolving "Sorry, that domain is already setup (remove it from httpd.conf)" Error in cPanel/WHM

If you're a cPanel/WHM administrator, you might have encountered the frustrating error "Sorry, that domain is already set up (remove it from httpd.conf)" when trying to add a new domain. This error typically indicates that the domain name you're attempting to use is already associated with another account or configuration on your server.

In this guide, we'll break down the causes of this error and provide step-by-step instructions on how to resolve it.

Why Does This Error Occur?

There are two main reasons you might encounter this error:

Reason 1: The domain is already in use.

• The domain could be assigned as a primary, addon, or parked domain on another cPanel account.
• It might be lingering in the server's configuration even after being removed from an account.

Reason 2: Technical Glitches

• The removal process for the domain might not have been completed correctly, leaving remnants in the system.

Troubleshooting and Resolution

1. Check if the Domain is Actively Used

If the error is due to the domain already being associated with another account:

• Remove the domain: Log into the cPanel account that's using the domain and remove it as an addon, parked, or primary domain.

If you encounter the error "Error from park wrapper: Sorry, you do not control the domain" while trying to remove it, proceed to the next step.

2. Identify the Domain Owner and Remove Entries

1. Find the Owner: Use the following commands in the server's command line (SSH) to determine which account the domain is associated with:

   /scripts/whoowns example.com 

   If this doesn't yield results, try:

   grep example.com /var/cpanel/users/*

   (Replace "example.com" with the actual domain name.)

2. Remove Domain Entries: Once you know the owner account, remove any references to the domain from the following files:

   • /var/named/example.com.db
   • /etc/httpd/conf/httpd.conf (remove the virtual host entry)
   • /var/cpanel/users/username (remove entries related to the domain)
   • /etc/userdomains
   • /etc/localdomains
   • /etc/named.conf (remove entries related to the domain)
   • Remove DNS entry in WHM: Go to the DNS Zone Manager in WHM and remove the DNS zone for the domain.

3. Update User Domains: Finally, run the following command as root:

   /scripts/updateuserdomains

Important Considerations:

• Backups: Before making any changes to configuration files, it's crucial to have a backup of your server in case of unintended consequences.
• Technical Expertise: If you're not comfortable with editing configuration files, consider seeking help from your hosting provider or a qualified system administrator.

By following these steps, you should be able to resolve the "Sorry, that domain is already set up" error and successfully add the domain to the desired cPanel account.