Posts

Posted on

How to set up Apache on Armbian

1. Install apache and php
sudo apt install apache2
sudo apt install php

2. Enable user directory
sudo a2enmod userdir
in /etc/apache2/mods-enabled/
sudo ln -s ../mods-available/userdir.conf userdir.conf
(for CentOS, edit /etc/httpd/conf.d/userdir.conf)

3. Remove Indexes for securiety in /etc/apache2/apache2.conf
<Directory /var/www/>
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>

4. Enable php engine for user directory in /etc/apache2/mods-enable/php7.3.conf
<FilesMatch “^\.ph(ar|p|ps|tml)$”>
# Require all denied
</FilesMatch>
<IfModule mod_userdir.c>
<Directory /home/*/public_html>
# php_admin_flag engine Off
</Directory>
</IfModule>

Posted on

Slow Down Host Network with Hyper-V External Network Switch

Problem:
If external virtual switch is created on Virtual Switch Manager, network performance of host network is significantly decreased. Internal virtual switch is not affected.

Solutions:
1. Using ICS of host network
https://www.technig.com/connect-hyper-v-machines-to-internet/

2. Using RRAS for NAT configuration
https://www.dell.com/support/kbdoc/en-us/000118763/configuring-windows-server-2012-r2-as-a-router

3. Disabling VMQ and/or RSC
https://www.dell.com/support/kbdoc/en-us/000145221/windows-server-slow-network-performance-on-hyper-v-virtual-machines-with-virtual-machine-queue-vmq-enabled
https://docs.microsoft.com/en-us/windows-server/networking/technologies/hpn/rsc-in-the-vswitch

For VMQ:> Set-VMNetworkAdapter –ManagementOS -Name -VmqWeight 0
For RSC:> Set-VMSwitch -Name vSwitchName -EnableSoftwareRsc $false

4. Using NAT via Powershell
https://petri.com/using-nat-virtual-switch-hyper-v
https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/setup-nat-network

New-VMSwitch -SwitchName “NATSwitch” -SwitchType Internal
New-NetIPAddress -IPAddress 192.168.0.1 -PrefixLength 24 -InterfaceAlias “vEthernet (NATSwitch)”
New-NetNAT -Name “NATNetwork” -InternalIPInterfaceAddressPrefix 192.168.0.0/24
Posted on

Install Windows Server 2019 on Deskmini A300

0. Create VHDX for Windows Server (optional)

D:\vhd>diskpart

Microsoft DiskPart 버전 10.0.19041.610

Copyright (C) Microsoft Corporation.
컴퓨터: WORK

DISKPART> create vdisk file=d:\vhd\windows2019.vhdx maximum=262144 type=expandable

  100 퍼센트 완료

DiskPart가 가상 디스크 파일을 만들었습니다.

DISKPART> select vdisk file=d:\vhd\windows2019.vhdx

DiskPart가 가상 디스크 파일을 선택했습니다.

DISKPART> attach vdisk

  100 퍼센트 완료

DiskPart가 가상 디스크 파일을 연결했습니다.

DISKPART> create partition primary

DiskPart에서 지정한 파티션을 만들었습니다.

DISKPART> format fs=ntfs quick

  100 퍼센트 완료

DiskPart가 볼륨을 성공적으로 포맷했습니다.

DISKPART> assign

DiskPart에서 드라이브 문자 또는 탑재 지점을 할당했습니다.

DISKPART> exit

DiskPart 마치는 중...

D:\vhd>dism /get-wiminfo /wimfile:g:\sources\install.wim

배포 이미지 서비스 및 관리 도구
버전: 10.0.19041.746

이미지 정보 : g:\sources\install.wim

인덱스 : 1
이름 : Windows Server 2019 Standard
설명 : (권장) 이 옵션은 대부분의 Windows 그래픽 환경을 생략합니다. 명령 프롬프트와 PowerShell을 사용하거나 Windows 관리 센터 또는 기타 도구를 사용하여 원격으로 관리합니다.
크기 : 8,172,089,251바이트

인덱스 : 2
이름 : Windows Server 2019 Standard (데스크톱 경험)
설명 : 이 옵션은 별도의 드라이브 공간을 사용하는 완전한 Windows 그래픽 환경을 설치합니다. 이 옵션은 Windows 바탕화면을  사용하려고 하거나 이를 필요로 하는 앱이 있을 때 유용합니다.
크기 : 14,379,288,723바이트

인덱스 : 3
이름 : Windows Server 2019 Datacenter
설명 : (권장) 이 옵션은 대부분의 Windows 그래픽 환경을 생략합니다. 명령 프롬프트와 PowerShell을 사용하거나 Windows 관리 센터 또는 기타 도구를 사용하여 원격으로 관리합니다.
크기 : 8,170,791,267바이트

인덱스 : 4
이름 : Windows Server 2019 Datacenter (데스크톱 경험)
설명 : 이 옵션은 별도의 드라이브 공간을 사용하는 완전한 Windows 그래픽 환경을 설치합니다. 이 옵션은 Windows 바탕화면을  사용하려고 하거나 이를 필요로 하는 앱이 있을 때 유용합니다.
크기 : 14,362,818,387바이트

작업을 완료했습니다.

D:\vhd>dism /apply-image /imagefile:g:\sources\install.wim /index:4 /applydir:f:\

배포 이미지 서비스 및 관리 도구
버전: 10.0.19041.746

이미지 적용 중
[==========================100.0%==========================]
작업을 완료했습니다.

D:\vhd>bcdboot f:\Windows
부팅 파일을 만들었습니다.

D:\vhd>bcdedit

Windows 부팅 관리자
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
bootshutdowndisabled    Yes
default                 {default}
resumeobject            {########-####-####-####-############}
displayorder            {default}
                        {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows 부팅 로더
-------------------
identifier              {default}
device                  partition=F:
path                    \Windows\system32\winload.efi
description             Windows Server
locale                  en-us
inherit                 {bootloadersettings}
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=F:
systemroot              \Windows
resumeobject            {########-####-####-####-############}
nx                      OptOut

Windows 부팅 로더
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 10
locale                  ko-KR
inherit                 {bootloadersettings}
recoverysequence        {########-####-####-####-############}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \Windows
resumeobject            {########-####-####-####-############}
nx                      OptIn
bootmenupolicy          Standard
hypervisorlaunchtype    Auto

D:\vhd>

1. First time boot and automatic initial configuration.
SATA Floppy Image is required if RAID is configured.

2. Install Graphic Driver.
AMD Radeon™ Software Adrenalin 2020 Edition fails to be installed on Windows Server.
In INF file, you can find “NTamd64.10.0.1…14310” which means OSVERSIONINFOEX.wProductType == VER_NT_WORKSTATION(0x0000001).
Whereas, wProductType of Windows Server is VER_NT_SERVER(0x00000003), and thus, INF should be patched before installation to work properly.
In addition, by adding ;(semi-colon) in front of HKR,,CoInstallers32,%REG_MULTI_SZ%, Open CL would also work fine.
Or use PowerShell script for automation of above steps.

3. Install AMD GPIO Driver.
AMD GPIO Driver can be installed manually by updating Unknown Device (Microsoft ACPI Complaint System).

Driver files can be obtained from Asrock support page. (AMD all in 1 with VGA driver)

4. Enable Audio Services.
Enable service, Windows Audio and Windows Audio Endpoint Builder

5. Enable Wireless Features (optional).
5-A. Add features, Wireless LAN Service

5-B. And then, reboot once

5-C. Enable service, WLAN Autoconfig

5-D. Install Intel® Wireless Bluetooth® for Windows® 10 Driver

5-E. Resolve unknown device driver manually
https://www.intel.com/content/www/us/en/support/articles/000056758/intel-nuc.html

Posted on

Manage Firewall with netsh cmd

D:\>netsh advfirewall firewall show rule name=all | find "Desktop"
Rule Name:                            Remote Desktop - Shadow (TCP-In)
Grouping:                             Remote Desktop
Rule Name:                            Remote Desktop - User Mode (UDP-In)
Grouping:                             Remote Desktop
Rule Name:                            Remote Desktop - User Mode (TCP-In)
Grouping:                             Remote Desktop

D:\>netsh advfirewall firewall show rule name="Remote Desktop - User Mode (UDP-In)"
Rule Name:                            Remote Desktop - User Mode (UDP-In)
----------------------------------------------------------------------
Enabled:                              Yes
Direction:                            In
Profiles:                             Domain,Private,Public
Grouping:                             Remote Desktop
LocalIP:                              Any
RemoteIP:                             Any
Protocol:                             UDP
LocalPort:                            3389
RemotePort:                           Any
Edge traversal:                       No
Action:                               Allow
Ok.

D:\>netsh advfirewall firewall set rule name="Remote Desktop - User Mode (UDP-In)" new LocalPort=3388
Posted on

How to change Hotspot IP of armbian

e.g. To change ip range of access point to 10.9.1.x/24

1. edit /etc/network/interface.d/armbian.ap.nat

address 10.9.1.1
netmask 255.255.255.0
network 10.9.1.0
broadcast 10.9.1.255

2. edit /etc/dnsmasq.conf

listen-address=10.9.1.1
dhcp-range=10.9.1.50,10.9.1.150,12h
Posted on

How to forward hostapd (access point) traffics to VPN

/usr/sbin/ip route add default dev [dev.vpn] table [tbl.no]
/usr/sbin/ip rule add iif [dev.ap] table [tbl.no]

[dev.vpn] is a vpn device name. (e.g. tun0)
[dev.ap] is an access point (wlan) device name. (e.g. wlan0)
[tbl.no] is a desired table number which is not reserved, and can be replaced by string name if you add one in /etc/iproute2/rt_tables

to disable VPN forwarding,

/usr/sbin/ip route flush table [tbl.no]