# Help and Support EN # Applications # Bind DNS #### Common Issues ##### Issue: server booted with a time in the future, and bind / named downloaded the trust information with a future timestamp Often you'll see this in the logs: validating ./DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.' managed-keys-zone: No valid trust anchors for '.' Solution: 1\) shut down named 2\) delete /var/named/dynamic/managed-keys.bind.jnl and create file just containing: ;BIND LOG V9 8 3\) ensure new file is owned by the named user. 4\) start up named You'll see something like this in the logs: Apr 28 12:49:00 XXXXXX named\[4093\]: managed-keys-zone: journal rollforward failed: no more Apr 28 12:49:00 XXXXXX named\[4093\]: managed-keys-zone: unable to load from '/var/named/dynamic/managed-keys.bind.jnl'; renaming file to '/var/named/dynamic/jn-xMvuHJmM' for failure analysis and retransferring. And then your dnssec should start working again... There's probably better ways to trigger the resolution, but the above seems to work.... # E-mail Settings This chapter covers basic email settings for all platforms, as well as per platform specific guides. # Android Phone and Tablets For Android based phones, tablets, Chromebook and IoT devices, there are a number of options of e-mail clients. Some vendors supply their own developed email client however Google’s own GMAIL client is common across all legitimate android devices and we support this client. ### POP/IMAP [![image-1656323242555.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/nR1It9DKvXiCMTa7-image-1656323242555.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/nR1It9DKvXiCMTa7-image-1656323242555.png) Figure 26 go to the add account function under 'Accounts' In Android settings, or Gmail [![image-1656323255611.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/PsNlIYpX4gWXKfLL-image-1656323255611.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/PsNlIYpX4gWXKfLL-image-1656323255611.png) Figure 27 choose to add an IMAP account [![image-1656323261960.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/uEXtBfIPxRspFJnw-image-1656323261960.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/uEXtBfIPxRspFJnw-image-1656323261960.png) Figure 28 Once the email address is entered, Manual setup is unlocked. Choose **MANUAL SETUP** [![image-1656323278724.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/GhnTwp7uWb3BNAR3-image-1656323278724.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/GhnTwp7uWb3BNAR3-image-1656323278724.png) Figure 29 choose IMAP account. Optionally you may choose POP3 [![image-1656323298575.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/XyKrQXDlZDTDkCZW-image-1656323298575.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/XyKrQXDlZDTDkCZW-image-1656323298575.png) Figure 30 enter the password for the IMAP email account you wish to setup [![image-1656323309933.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/VY0tJtR57MeGiP4q-image-1656323309933.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/VY0tJtR57MeGiP4q-image-1656323309933.png) Figure 31 change the **INCOMING** mail server to **mail.rackcorp.com** [![image-1656323319715.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/f7Q5S834UMJtPayM-image-1656323319715.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/f7Q5S834UMJtPayM-image-1656323319715.png) Figure 32 change the **OUTGOING** mail server to **mail.rackcorp.com**. **Change** the port to 25 and security to **STARTTLS** If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323339394.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/Xf0Q43sd0n6S5dvh-image-1656323339394.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/Xf0Q43sd0n6S5dvh-image-1656323339394.png) Figure 33 successful account configuration will result in a success message ### Exchange [![image-1656323359349.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/TtOhbjVhmWOlgSFC-image-1656323359349.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/TtOhbjVhmWOlgSFC-image-1656323359349.png) Figure 34 within GMAIL, choose add account or add another email address [![image-1656323370352.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/UwfEN0A9DJu81Yln-image-1656323370352.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/UwfEN0A9DJu81Yln-image-1656323370352.png) Figure 35 GMAIL will present a list of account types. Choose EXCHANGE [![image-1656323380566.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/JNadfqGf73TbDkoZ-image-1656323380566.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/JNadfqGf73TbDkoZ-image-1656323380566.png) .Figure 36 enter the email address for your EXCHANGE account at the prompt to begin the setup process [![image-1656323393255.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/0KYEiVm884oeOdEN-image-1656323393255.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/0KYEiVm884oeOdEN-image-1656323393255.png) Figure 37 enter the password for your exchange account when prompted [![image-1656323404575.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/CidWmWuLDYexHBss-image-1656323404575.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/CidWmWuLDYexHBss-image-1656323404575.png) Figure 38 several prompts will be made during the exchange setup process. Agree to these by pressing OK [![image-1656323413179.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/TeoDOfY3GbyLM41K-image-1656323413179.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/TeoDOfY3GbyLM41K-image-1656323413179.png) Figure 39 once your password is accepted, a further page will display a summary of your account settings. simply press NEXT [![image-1656323424557.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/0gIUwt1ml4xlqEZN-image-1656323424557.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/0gIUwt1ml4xlqEZN-image-1656323424557.png) Figure 40 several prompts will be made during the exchange setup process. Agree to these by pressing OK. [![image-1656323446837.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/RtEDPoLwWPKjSlsK-image-1656323446837.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/RtEDPoLwWPKjSlsK-image-1656323446837.png) Figure 41 To add exchange accounts to a mobile device, the exchange server requires mobile device management rules as listed to be applied to your device. Please read the above screen carefully. Changes to the security settings of your device will be made automatically and are required to add exchange mail to your device. [![image-1656323456415.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/MONMs7nV2prgdfXQ-image-1656323456415.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/MONMs7nV2prgdfXQ-image-1656323456415.png) Figure 42 when the Gmail exchange setup process is complete the success message is displayed # Apple iPhone and iPad ### POP/IMAP manual setup [![image-1656323488764.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/fUojpEJe90GyzRe4-image-1656323488764.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/fUojpEJe90GyzRe4-image-1656323488764.png) Figure 43 Navigate to the settings icon in your idevice, and then Passwords and Accounts [![image-1656323496199.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/E8Gv0nxGJyxvazHl-image-1656323496199.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/E8Gv0nxGJyxvazHl-image-1656323496199.png) Figure 44 in the Settings -> Passwords & accounts page, hit Add Account. Fetch New Data should be Push [![image-1656323513514.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/FseyRhVlsS5JFRRJ-image-1656323513514.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/FseyRhVlsS5JFRRJ-image-1656323513514.png) Figure 45 we are manually setting up an IMAP or POP account so choose Other [![image-1656323526830.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/dQzMLuBX7TySLKgR-image-1656323526830.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/dQzMLuBX7TySLKgR-image-1656323526830.png) Figure 46 Under Other - Add Mail Account [![image-1656323540640.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/ouzsqiRvfHkPpGuK-image-1656323540640.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ouzsqiRvfHkPpGuK-image-1656323540640.png) Figure 47 Fill in your email account details as requested [![image-1656323549724.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/ux6toodwpxqx0cxo-image-1656323549724.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ux6toodwpxqx0cxo-image-1656323549724.png) Figure 48 fill in the email account and server details as illustrated If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323594389.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/zjxrV9z1HuB3SN4F-image-1656323594389.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/zjxrV9z1HuB3SN4F-image-1656323594389.png) Figure 49 once your account details are saved and tested, you can choose what data to sync to the mail server, leave the default setting [![image-1656323608297.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/wJlDYV4b5S6uLG7T-image-1656323608297.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/wJlDYV4b5S6uLG7T-image-1656323608297.png) Figure 50 on success your email account is now added to the account list in iOS ### Exchange [![image-1656323639715.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/rukqcYfyHcXCuUGB-image-1656323639715.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/rukqcYfyHcXCuUGB-image-1656323639715.png) Figure 51 we are setting up an EXCHANGE account [![image-1656323660888.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/SfJJSP17iYq5V5BL-image-1656323660888.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/SfJJSP17iYq5V5BL-image-1656323660888.png) Figure 52 enter your email address for your exchange account [![image-1656323687668.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/EdhWQ6HOF386KyHA-image-1656323687668.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/EdhWQ6HOF386KyHA-image-1656323687668.png) Figure 53 enter your password and create an account description [![image-1656323761877.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/ZDML6uE8uRMlvJ0d-image-1656323761877.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ZDML6uE8uRMlvJ0d-image-1656323761877.png) Figure 53 enter your password and create an account description [![image-1656323772148.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/fxQ1fQQ7o0s5kzk9-image-1656323772148.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/fxQ1fQQ7o0s5kzk9-image-1656323772148.png) Figure 55 fill in your account details as follows [![image-1656323780830.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/xMW7V5szIQNh6XeM-image-1656323780830.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/xMW7V5szIQNh6XeM-image-1656323780830.png) Figure 56 once your account details are confirmed and verified, you will receive a sync options screen. Choose here what options you want to sync to your device. Syncing contacts for example will overwrite your existing contacts and upload existing contacts # Apple Mac OS ### Exchange setup ### POP3/IMAP manual setup [![image-1656323219274.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/0bNGBqMpgY4Kq72n-image-1656323219274.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/0bNGBqMpgY4Kq72n-image-1656323219274.png) Figure 23 in Mac Mail accounts, select add other mail account [![image-1656323214675.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/POzq3AXR8QGCk8hK-image-1656323214675.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/POzq3AXR8QGCk8hK-image-1656323214675.png) Figure 24 In the Mac Mail setup wizard, fill in your POP/IMAP account details [![image-1656323209631.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/BV2aUGDewXKAovZw-image-1656323209631.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/BV2aUGDewXKAovZw-image-1656323209631.png) Figure 25 Mac Mail setup wizard will then request the server names. Fill in mail.rackcorp.com If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. # Basic E-Mail Settings RackCorp supports mail auto discovery. This is a feature built into modern email clients that allows the email program to obtain the correct mail settings for a user based just on their email address and password. This works for POP, IMAP and Exchange email options on RackCorp. If you do not wish to use auto discovery, standard email settings are supported including optional SSL and TLS encryption between the end user and RackCorp mail servers. ## Email Settings | POP/IMAP Choose **POP** OR **IMAP** email server. **IMAP** is generally recommended. **POP** Email downloads entire emails to your device before they can be viewed and optionally deletes them from the server. - Pros: Useful for archival, allows inbox and mail management such as zero inbox - Cons: not ideal for multi devices, slower to look at new emails **IMAP** downloads a header of the email first so the sender, subject, date can be previewed and keeps all the mail on the server. - Pros: Lightweight and stores mail on server, ideal for multi device use and low bandwidth Cons: offline viewing of email depends on settings and if entire mail has been downloaded. ### Global Common Settings:
Email
Username
Password your\_password
Incoming Server mail.rackcorp.com
Outgoing Server mail.rackcorp.com
Outgoing Server Type SMTP
Outgoing Server Username (or tick ‘same as incoming’) if available
Outgoing server password your\_password
Webmail https://webmail.rackcorp.com
### USA Common Settings:
Email
Username
Password your\_password
Incoming Server mail.us.rackcorp.com
Outgoing Server mail.us.rackcorp.com
Outgoing Server Type SMTP
Outgoing Server Username (or tick ‘same as incoming’) if available
Outgoing server password your\_password
Webmail https://webmail.us.rackcorp.com
### Mongolia Common Settings:
Email
Username
Password your\_password
Incoming Server mail.mn.rackcorp.com
Outgoing Server mail.mn.rackcorp.com
Outgoing Server Type SMTP
Outgoing Server Username (or tick ‘same as incoming’) if available
Outgoing server password your\_password
Webmail https://webmail.mn.rackcorp.com
Choose a type of encryption from **SSL** or **TLS**. **TLS** is recommended for compatibility. ### POP
**POP with SSL** **POP with TLS or STARTTLS**
Incoming Server Port: 995 Outgoing Server Port: 465 Incoming Server Port: 143 Outgoing Server Port: 25
### IMAP
**IMAP with SSL** **IMAP with TLS or STARTTLS**
Incoming Server Port: 993 Outgoing Server Port: 465 Incoming Server Port: 143 Outgoing Server Port: 25
RackCorp global **webmail** for standard email is available at https://webmail.rackcorp.com ## Email Settings | Exchange To setup exchange email accounts in your client, the recommended way is to use auto discover with an exchange compatible mail client or use Outlook Web Access (OWA, Microsoft’s implementation of webmail, web based version of the Outlook email client for Exchange Email). Supply your email address and password to the email client and it will perform the setup process. The setup process on most clients this will also setup Calendar, Tasks and Contacts. On Mobile devices, a device security policy may be applied by the setup process. The address for OWA varies depending on the region and is available in your Outlook account information **[https://mail.ex1.rackcorp.com](https://mail.ex1.rackcorp.com)** is the global OWA system **[https://mail.ex1.rackcorp.mn](https://mail.ex1.rackcorp.mn)** is the Mongolian OWA system **mail.ex1.rackcorp.com** is the primary RackCorp Exchange server if manual configuration is desired ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ZHPKXwY3RDPMgbVv-embedded-image-xhzocrul.png) Figure 1 Outlook Web Access (OWA) webmail on RackCorp # Microsoft Office Outlook

Guide for Outlook 2010,2013,2016,2019,2022 & Office 365

### Outlook 2010/2013/2016 - Standard E-Mail [![image-1656322814985.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/3MNewn5BIsb6Hzmm-image-1656322814985.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/3MNewn5BIsb6Hzmm-image-1656322814985.png) Figure 2 Microsoft Outlook account settings (File Menu) ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/bxZhsZO8XCbL70cM-embedded-image-alvu6ycn.png) Figure 3 Microsoft Outlook Add Account - Auto Setup ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/KkNcojjAM8Q8NTKB-embedded-image-rwus3fsl.png) Figure 4 Enter your account password here if prompted during the auto setup process enter it. If you are also prompted to allow server settings, press allow ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/oW6gCHjflMZuuXMM-embedded-image-vorel4n7.png) Figure 5 Microsoft Outlook auto account setup successful notfication ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/O5Xi7DyTQyM1UDvx-embedded-image-4lvo9kcr.png) Figure 6 settings for your newly added account are available from the File menu in Microsoft Outlook and selecting the appropriate account from the drop down ### Outlook 2019/Outlook 365 - Standard Email The setup screens for both these versions vary to other versions of versions of Outlook so verbal setup instructions will not be fully applicable. [![image-1656323004435.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/5q3MZ5Be2SL7TGb2-image-1656323004435.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/5q3MZ5Be2SL7TGb2-image-1656323004435.png) Figure 7 Microsoft Outlook account settings (File Menu) [![image-1656323008992.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/JUWWl5yA1q6Hpfgx-image-1656323008992.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/JUWWl5yA1q6Hpfgx-image-1656323008992.png) Figure 8 enter your email address in the Outlook welcome screen and tick manual setup [![image-1656323021228.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/vaSVMQb86AbWTKnP-image-1656323021228.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/vaSVMQb86AbWTKnP-image-1656323021228.png) Figure 9 Choose from IMAP or POP email accounts. IMAP is recommended. [![image-1656323039887.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/H0GDu6Kuomoexlnd-image-1656323039887.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/H0GDu6Kuomoexlnd-image-1656323039887.png) Figure 10 complete the email settings as illustrated, incoming and outgoing mail servers, encryption and ports If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323047556.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/TqFsUxD2tVu5TVI3-image-1656323047556.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/TqFsUxD2tVu5TVI3-image-1656323047556.png) Figure 11 complete the password for your email account [![image-1656323056881.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/SgYc2eiZLSVusW5B-image-1656323056881.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/SgYc2eiZLSVusW5B-image-1656323056881.png) Figure 12 Outlook welcome process is a success message. There is a optional link selected by default that leads to a webpage describing how to install Outlook for mobile. ### Outlook 2019/Outlook 365 - Hosted Exchange [![1_add-email.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/oEJmxDZl3ZvTYkux-1-add-email.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/oEJmxDZl3ZvTYkux-1-add-email.png "Add a new account to outlook. Note the exact screen varies version to version") Figure 13. Add a new account to outlook. Note the exact screen varies version to version [![2_select.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/apkFz5x0PtNsDQBu-2-select.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/apkFz5x0PtNsDQBu-2-select.png) Fig 14. Choose **EXCHANGE** from the email selection [![3_perm.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/jJmLWeBgD86vY9xW-3-perm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/uR6CKB7ySOXctZE0-3-perm.png) Fig 15. A permissions popup will appear soon after. Select The options circled in red as screenshot. The popup might be hidden or obscured by outlook. [![4_password.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/0ZDRqazP0i3R1zBS-4-password.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/0ZDRqazP0i3R1zBS-4-password.png) Fig 16. enter your exchange password. Selecting Remeber my Password is optional. [![5_options.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/Q1ysY9Kng87g5E8V-5-options.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/Q1ysY9Kng87g5E8V-5-options.png) Fig 17. If your password is correct you will be presented with options. The defaults are sufficient. [![6_confirm.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/gB1zPTMslvCVpCsy-6-confirm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/gB1zPTMslvCVpCsy-6-confirm.png) Fig 18. Final Notice of Successful Addition of account # Mozilla Thunderbird Email Client Setup | Mozilla Thunderbird [![image-1656323159082.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/dppihEg3U8OJyOVi-image-1656323159082.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/dppihEg3U8OJyOVi-image-1656323159082.png) Figure 20 Mozilla Thunderbird setup, choose add mail account from the dropdown and fill in the details then press continue. [![image-1656323168119.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/hvVe4Y39pylwkeXb-image-1656323168119.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/hvVe4Y39pylwkeXb-image-1656323168119.png) Figure 21 Mozilla Thunderbird email setup - choose manual Config now if you wish to define your own mail server settings [![image-1656323180327.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/Qaw4b6gd51R4LcP3-image-1656323180327.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/Qaw4b6gd51R4LcP3-image-1656323180327.png) Figure 22 Mozilla Thunderbird setup - once the manual setup window appears, complete the mail server details, choosing IMAP or POP If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. # Windows Mail ## Windows 10 Mail ### POP/IMAP manual setup Auto discovery or manual settings can be used with Win10 Mail [![image-1656323074090.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/LTVtZSWCKLeDjdXs-image-1656323074090.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/LTVtZSWCKLeDjdXs-image-1656323074090.png) Figure 13 Windows 10 Mail setup – Click Accounts and then add account. Select Advanced setup [![image-1656323083469.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/lCVJCd239UuMXdcd-image-1656323083469.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/lCVJCd239UuMXdcd-image-1656323083469.png) Figure 14 Windows 10 mail manual setup for RackCorp POP/IMAP email - choose advanced setup If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323097525.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/92WMSV1dsblIYAj0-image-1656323097525.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/92WMSV1dsblIYAj0-image-1656323097525.png) Figure 15 Windows 10 mail manual setup for RackCorp POP/IMAP email - choose Internet email [![image-1656323106891.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/bKrYjHWQMTI16L6n-image-1656323106891.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/bKrYjHWQMTI16L6n-image-1656323106891.png) Figure 16 Windows 10 mail manual setup for RackCorp POP/IMAP email - fill in the details as illustrated, choose IMAP or POP ### Exchange At This time, there is an issue with the latest release of the email application for Windows 10, which prevents the ‘**EXCHANGE**’ option below from being chosen, **ADVANCED SETUP** must be chosen [![image-1656323121981.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/l662do881JtIMJ15-image-1656323121981.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/l662do881JtIMJ15-image-1656323121981.png) Figure 17 Windows 10 mail setup for RackCorp Hosted Exchange - choose advanced setup [![image-1656323129726.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/m9ZdTcoectgmckav-image-1656323129726.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/m9ZdTcoectgmckav-image-1656323129726.png) Figure 18 Windows 10 mail setup for RackCorp Hosted Exchange - select Exchange ActiveSync [![image-1656323142986.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/rTvt43Hn0pqtro2z-image-1656323142986.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/rTvt43Hn0pqtro2z-image-1656323142986.png) Figure 19 Windows 10 mail setup for RackCorp Hosted Exchange - fill in the details as illustrated. Domain is to be left blank. Once you have completed **THE ADD AN ACCOUNT** form, Windows will prompt you about security policies for your computer. Select **YES. Selecting YES may strength your windows security settings such as your password strength requirements** You will then receive an **ALL FINISHED** success message. # How to check Exchange mailbox free space How to Check your exchange mailbox free space and avoid fake spam emails regarding your mailbox. Regarding hosted exchange provided mailboxes, all folders within that mailbox count towards the account quota. If the user is frequently reaching their quota we recommend keeping the Deleted Items folder empty ("emptying the trash") or locally archiving folders to a new PST folder. There are a number of official ways to check the storage size of your hosted exchange mailbox. If you receive a message claiming your storage is full from or any other specific email address, or the email has a coloured box to click to resolve the issue please ignore and delete the email as it is a fake spam. The only legitimate email alerting to a full mailbox comes from "Outlook" itself had has a Envelope Icon as below screenshot. [![owa1.PNG](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/gSlVPttqr8HJ4GJ7-owa1.PNG)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/gSlVPttqr8HJ4GJ7-owa1.PNG) Figure 1: Outlook Web Anywhere - Click Options -> General -> My Account [![owa2.PNG](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/MgE4GYCrKAKSe6SY-owa2.PNG)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/MgE4GYCrKAKSe6SY-owa2.PNG) Figure 2: Microsoft Office Outlook 2021 Status bar [![owa3.PNG](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/jzZkP0FaNWfUR2nn-owa3.PNG)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/jzZkP0FaNWfUR2nn-owa3.PNG) Figure 3: System generated mailbox alerts. Please note the look and feel of these emails as others will be fake. # Getting started with rclone for RackCorp S3 storage - Windows rclone is an open source multi-platform tool for managing your cloud file storage. Multiple storage providers are supported natively including the large hyper-scalers as well as regional niche providers. RackCorp S3 Storge is natively supported in rclone making setup straight forward. As a command line based tool, rclone by itself is sufficent for transferring files and managing your S3 bucket on rackcorp. Integration withing the OS via a driver letter or folder-path is available via OS file system drivers. WinFSP, an optional install, enables FUSE integration with rclone to provide a drive letter or path for your S3 buckets on Windows. #### Downloads [https://rclone.org/downloads/](https://rclone.org/downloads/) (please download stable ver unless advised by tech support) [https://github.com/winfsp/winfsp/releases/](https://github.com/winfsp/winfsp/releases/) (optional, required for drive letter/folder function) - Unzip rclone into a easily accessible directory - Open a command prompt and navigate to that directory - Run rclone config #### Setup and configure rclone [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/Xw5DNx7D2V8Y0TST-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/Xw5DNx7D2V8Y0TST-image.png) #### Setup ``` C:\Users\KngtRider\Downloads\rclone>rclone config No remotes found - make a new one n) New remote s) Set configuration password q) Quit config n/s/q> ``` Select New Remote and give it a friendly name ``` Name> type "rackcorpS3" or whatever you want ``` Choose your storage backend type ``` name> rackcorps3 Option Storage. Type of storage to configure. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. 1 / 1Fichier \ "fichier" 2 / Alias for an existing remote \ "alias" 3 / Amazon Drive \ "amazon cloud drive" 4 / Amazon S3 Compliant Storage Providers including AWS, Alibaba, Ceph, Digital Ocean, Dreamhost, IBM COS, Minio, RackCorp, SeaweedFS, and Tencent COS \ "s3" ``` Select Item 4, Amazon Compatible S3 ``` Storage> 4 Option provider. Choose your S3 provider. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value.  1 / Amazon Web Services (AWS) S3    \ "AWS"  2 / Alibaba Cloud Object Storage System (OSS) formerly Aliyun    \ "Alibaba"  3 / Ceph Object Storage    \ "Ceph"  4 / Digital Ocean Spaces    \ "DigitalOcean"  5 / Dreamhost DreamObjects    \ "Dreamhost"  6 / IBM COS S3    \ "IBMCOS"  7 / Minio Object Storage    \ "Minio"  8 / Netease Object Storage (NOS)    \ "Netease"  9 / RackCorp Object Storage    \ "RackCorp" ``` Select item 9, Rackcorp ``` Choose a number from below, or type in your own value. 1 / Enter AWS credentials in the next step. \ "false" 2 / Get AWS credentials from the environment (env vars or IAM). \ "true" ``` Select Item 2, Enter Credentials ``` Option access_key_id. AWS Access Key ID. Leave blank for anonymous access or runtime credentials. Enter a string value. Press Enter for the default (""). access_key_id> ```

Generate and grab your credentials from the RackCorp Portal

[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/Hr0UcmxsT9Dw4Jla-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/Hr0UcmxsT9Dw4Jla-image.png) Lets enter KDTTI5TWN4L4Y1JNH837 ``` Option secret_access_key. AWS Secret Access Key (password). Leave blank for anonymous access or runtime credentials. Enter a string value. Press Enter for the default (""). secret_access_key> ```

Grab your key and secret from the RackCorp portal, remembering that is is a one-time-operation and your secret will no longer be available once it is first viewed

[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/ALw5TXAUPrwWa47x-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/ALw5TXAUPrwWa47x-image.png) ``` Option region. region - the location where your bucket will be created and your data stored. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. 1 / Global CDN (All locations) Region \ "global" 2 / Australia (All states) \ "au" 3 / NSW (Australia) Region \ "au-nsw" 4 / QLD (Australia) Region \ "au-qld" 5 / VIC (Australia) Region \ "au-vic" 6 / Perth (Australia) Region \ "au-wa" 7 / Manila (Philippines) Region \ "ph" 8 / Bangkok (Thailand) Region \ "th" 9 / HK (Hong Kong) Region \ "hk" 10 / Ulaanbaatar (Mongolia) Region \ "mn" 11 / Bishkek (Kyrgyzstan) Region \ "kg" 12 / Jakarta (Indonesia) Region \ "id" 13 / Tokyo (Japan) Region \ "jp" 14 / SG (Singapore) Region \ "sg" 15 / Frankfurt (Germany) Region \ "de" 16 / USA (AnyCast) Region \ "us" 17 / New York (USA) Region \ "us-east-1" 18 / Freemont (USA) Region \ "us-west-1" 19 / Auckland (New Zealand) Region \ "nz" ``` Choose 2, AUS ``` Location constraint - the location where your bucket will be located and your data stored. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. 1 / Global CDN Region \ "global" 2 / Australia (All locations) \ "au" 3 / NSW (Australia) Region \ "au-nsw" 4 / QLD (Australia) Region \ "au-qld" 5 / VIC (Australia) Region \ "au-vic" 6 / Perth (Australia) Region \ "au-wa" 7 / Manila (Philippines) Region \ "ph" 8 / Bangkok (Thailand) Region \ "th" 9 / HK (Hong Kong) Region \ "hk" 10 / Ulaanbaatar (Mongolia) Region \ "mn" 11 / Bishkek (Kyrgyzstan) Region \ "kg" 12 / Jakarta (Indonesia) Region \ "id" 13 / Tokyo (Japan) Region \ "jp" 14 / SG (Singapore) Region \ "sg" 15 / Frankfurt (Germany) Region \ "de" 16 / USA (AnyCast) Region \ "us" 17 / New York (USA) Region \ "us-east-1" 18 / Freemont (USA) Region \ "us-west-1" 19 / Auckland (New Zealand) Region \ "nz" ``` Choose 2, AUS ``` Option acl. Canned ACL used when creating buckets and storing or copying objects. This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too. For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl Note that this ACL is applied when server-side copying objects as S3 doesn't copy the ACL from the source but rather writes a fresh one. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. / Owner gets FULL_CONTROL. 1 | No one else has access rights (default). \ "private" / Owner gets FULL_CONTROL. 2 | The AllUsers group gets READ access. \ "public-read" / Owner gets FULL_CONTROL. 3 | The AllUsers group gets READ and WRITE access. | Granting this on a bucket is generally not recommended. \ "public-read-write" / Owner gets FULL_CONTROL. 4 | The AuthenticatedUsers group gets READ access. \ "authenticated-read" / Object owner gets FULL_CONTROL. 5 | Bucket owner gets READ access. | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it. \ "bucket-owner-read" / Both the object owner and the bucket owner get FULL_CONTROL over the object. 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it. \ "bucket-owner-full-control" ``` Choose 1 For owner full control over your files with no public access ``` Edit advanced config? y) Yes n) No (default) y/n> ``` Choose N Summary of settings is next displayed ``` [rackcorps3] type = s3 provider = RackCorp env_auth = false access_key_id = OG4CONUEWUQEIVUTFI9F secret_access_key = tA+Nswu25EF6oxEKHzW3SjDuwSBjK1k8GQ73WMQk region = au endpoint = au.s3.rackcorp.com location_constraint = au-nsw acl = private -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote ``` Press Y to accept changes. You are returned to the main menu. ``` Name Type ==== ==== rackcorps3 s3 e) Edit existing remote n) New remote d) Delete remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config e/n/d/r/c/s/q> ``` Q to quit back to the command prompt. ##### Connect rclone to a drive letter or folder-path on the operating system Where rackcorps3: is your friendly connection name from setup and s: can be a spare drive letter not in use by your system ``` C:\Users\KngtRider\Downloads\rclone>rclone mount rackcorps3: s: The service rclone has been started. ``` [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/W8fPbLF3iVkuFt77-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/W8fPbLF3iVkuFt77-image.png)

This will launch drive letter on demand. Once the process/rclone window is closed, the drive letter will be unmounted.

[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/pUrBMWM7ov5HdAIa-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/pUrBMWM7ov5HdAIa-image.png) ### Advanced Setup Topics #### Autostart on Windows The following code will establish a windows service that will mount the S3 drive letter on startup but via a context that is visible to all users of the computer

For this guidance, we assume the rclone is unzipped to c:\\rclone. If you are following the above instructions, change the path for rclone to the exact path you used in those instructions, eg c:\\users\\yourwindowsusername\\Downloads\\rclone

- Open a command prompt and navigate to c:\\rclone - Execute Powershell by running powershell at the cmd prompt [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/VIYvDfSNvbKfw2RG-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/VIYvDfSNvbKfw2RG-image.png) - At the powershell prompt enter this command to create the new rclone service ``` New-Service -Name Rclone -BinaryPathName 'c:\rclone\rclone.exe mount rackcorps3: S: --config c:\rclone\rclone.conf --log-file c:\rclone\mount.txt' ``` [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/nqk1iXZbtrTAjRAd-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/nqk1iXZbtrTAjRAd-image.png) Where: - c:\\rclone\\ is your path to rclone - rackcorps3: is the friendly name for your S3 instance - S: is the desired drive letter Providing all the parameters are correct including keys, the service should execute as its set to automatic mode and the drive letter S: should appear.

To manually interact with the service, use 'net stop rclone' and 'net start rclone' at the windows command prompt

# Getting started with S3 storage on RackCorp Hybrid Cloud - Windows & Mac

This document will cover the basics to get up and running to use RackCorp’s S3 storage service, including setting up access keys and secrets, creating buckets and transferring/manipulating your files via a number of third party client applications on Windows.

There are several ways to host your files on RackCorp S3. This document focuses on Windows Clients but most applications are also available for Mac and Linux. - FTP style application (browser) - Mounted Drive Letter application (drive) - API access for modern web applications. You are free to use a S3 compliant application of your choosing, although the following applications are validated with our service and for which we can provide limited support and assistance.
Windows MAC LINUX
FileZilla Pro Payware FileZilla Pro Payware FileZilla Pro Payware
Cyberduck (Browser) Free Cyberduck (Browser) Free rclone
Mountain Duck (Drive) Trial Mountain Duck (Drive) Trial
CloudBerry MSP360 Explorer Free Cloudberry MSP360 Explorer Free
rclone rclone
TNT Drive Trial Mountain Duck
Expan Drive Expan Drive
S3Browser Freeware
WinSCP
OBJECT STORAGE - S3 compatible object storage contains one or more storage buckets; each bucket contains a number of widgets. - Each widget has a unique ID. - Each widget has some meta data describing attributes of the object such as dates or revisions - Inside each widget is some data we want to access. - We are able to sort through the widgets that are in these buckets until we find the one we are looking for. --- ### 1. Create your S3 credentials in RackCorp Portal. The Storage tab in RackCorp Portal manages your CREDENTIALS and BUCKETS [![image-1637553738059.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637553738059.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637553738059.png) 1.1 Start by adding a new credential. Give your new key a descriptive name, e.g. Employee name, Client or contractor name. Try to keep this distinct compared to what you name your buckets later. [![new_s3_creds.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/uNZpCnNnTpY4gz4Q-new-s3-creds.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/uNZpCnNnTpY4gz4Q-new-s3-creds.png) Think of your access key as your username Think of your ‘secret’ key as your password. 1.2 Choose the customer in the dropdown field. This would be either your company/client name or a sub-customer/sub-client. You would have originally setup any sub-customers in the RackCorp portal under the Customers section. 1.3 Define an optional expiry date for the key. If you are going to be issuing an amount of keys this is a good way to track of authorised access. 1.4 Define the Read/Write Permission for the credential. This is ideal if you would like to create a credential for someone that you would like to share files with, or to freeze files. Once you have created or updated your key, a summary result is displayed. A progress spinner is displayed while your keys are generated and a green tick means they are ready to view. [![storage1.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/Rj8mdxW6pbMcv9JA-storage1.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/Rj8mdxW6pbMcv9JA-storage1.png) [![image-1637553832034.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637553832034.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637553832034.png) Click on the access key to retrieve your access key and secret. This is a ONE-TIME PROCESS. [![image-1637553897192.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637553897192.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637553897192.png) TAKE A NOTE OF YOUR ‘SECRET’ DISPLAYED IN THIS POPUP. It is NOT retrievable. You now have the three elements needed to securely access your files in RackCorp S3 - Your endpoint URL: For some of our customers we will setup a custom URL, In this document we will use s3.rackcorp.com as an example. - Your ACCESS KEY : Retrievable from the portal - Your SECRET : A one-time code displayed in the portal In RackCorp S3, there is a many to many relationships between access keys and buckets. This means all keys created under a customer can access all the buckets created under that customer. [![hierarchy.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/j9z4YNnB10uzoDbJ-hierarchy.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/j9z4YNnB10uzoDbJ-hierarchy.png) --- ### 2. Create your S3 buckets. [![new_s3_buckets.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/pKSvCWNIms779ceF-new-s3-buckets.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/pKSvCWNIms779ceF-new-s3-buckets.png) 2.1 Define a descriptive name for your bucket. The name should reflect what the bucket’s purpose is. Such as `TropicalHolidayProject` or ‘a1bucket’ in our example. For bucket names please use alphanumeric characters, dash and no spaces. 2.2 Choose the customer in the dropdown field. This would be either your company/client name or a sub-customer/sub-client. You would have originally set up any sub-customers in the RackCorp portal under the Customers section. 2.3 Choose the region for where you would like to store your buckets. In this drop-down we list common regional options and these options may vary per customer. If these do not suit you contact our support department who can define manual region rules for you. An example S3 Region might be “Australia”, which would encompass several physically distinct data storage locations; “Australia - East” for NSW and Victoria or “Philippines and Hong Kong”. The field has been pre-populated with two of our NSW datacentres, a Sydney region covering both as well as Thailand. 2.4 Access Policy determines whether your access key is required to access this bucket. You could typically use this option to enable public web content PUBLIC ENABLE = No key is required to access the bucket. PUBLIC DISABLE = Access key is required to access the bucket. 2.5 Status is simply an enable/on-off toggle for the container. 2.6 Wait for your bucket to be added. [![storage2.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/TACQubakh9zzZOtn-storage2.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/TACQubakh9zzZOtn-storage2.png) ### 3. Configure your S3 application with your credentials. We will demonstrate two types of windows applications as client examples for RackCorp S3. A ‘FTP’ style application and a drive-letter type app, where buckets are mounted as windows drive letters, allowing files to be natively accessed by windows applications without having to GET or PUT them from the S3 server first.
S3 Applications
FileZilla Pro Payware [https://filezillapro.com/](https://filezillapro.com/)
Cyber Duck (Browser) Freeware https://cyberduck.io/
Mountain Duck (Drive) Trial [https://mountainduck.io](https://mountainduck.io)/
CloudBerry MSP360 Explorer Freeware [https://www.msp360.com/explorer.aspx](https://www.msp360.com/explorer.aspx)
CloudBerry MSP360 Drive Trial [https://www.msp360.com/drive.aspx](https://www.msp360.com/drive.aspx)
TNT Drive Trial [https://tntdrive.com/](https://tntdrive.com/)
S3Browser Freeware [https://s3browser.com/](https://s3browser.com/)
WinSCP https://winscp.net/eng/index.php
rclone https://rclone.org/downloads/
Expan Drive https://www.expandrive.com/
### WINDOWS #### 3.1 FTP Style S3 Client These require your files to be downloaded to your computer and then uploaded back to the server when needed. These types of clients are ideal for managing files that are not often edited and for which you may require additional features to manipulate your files and buckets. ##### 3.1.1 S3 Browser freeware Accounts -> Add New Account to setup your keys in the client [![add_new_account.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/uV8BUVsoOcyYrGh0-add-new-account.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/uV8BUVsoOcyYrGh0-add-new-account.png) For ‘S3 Browser’, simply drag and drop your files between your PC and your bucket. [![s3_browse.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/tWyUldsEE7E0Mpy0-s3-browse.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/tWyUldsEE7E0Mpy0-s3-browse.png) We can see here that our credential has access to two buckets as that’s what we created in the portal. 3.1.2 Cloudberry Explorer for Windows Please add a 'S3 Compatible' Connection [![cloud_s3.PNG](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/EGPGcSykPGlcdBxn-cloud-s3.PNG)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/EGPGcSykPGlcdBxn-cloud-s3.PNG) Choose your S3 Source either in the left or right pane of the application [![cloud_s3_2.PNG](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/qjrszZ2pK2gXoJoE-cloud-s3-2.PNG)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/qjrszZ2pK2gXoJoE-cloud-s3-2.PNG) #### 3.2 Drive Letter mount clients These applications mount each bucket a driver letter in windows explorer, allowing you to manage your files as if they are native in your windows system. Downloads/uploads occur when you copy files to/from that particular drive letter/bucket. These are better for managing large numbers of content rich files that would be edited by the end user such as photos text or video, and for those who would like ease of use. ##### 3.2.1 TNT drive trial [![image-1637554395262.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637554395262.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637554395262.png) [![3_2_1.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/DfiNP7OzZXsq5Qcn-3-2-1.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/DfiNP7OzZXsq5Qcn-3-2-1.png) ### MAC OS FTP-Style We recommend Cyberduck for those who would like get/put style of application. Drive-Mount We have tested and validated both Mountain Duck (from the developer of Cyber Duck) as well as Cloud Mounter against MacOS Ventura. These S3 clients will give you folder/drive mount access for your S3 Buckets. ##### Mountain Duck

Please add a "amazon s3' type connection configurator, using the endpoint of your choice

[![Screenshot 2023-07-04 at 3.54.56 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/OZ3QdxAXZq1SUQO8-screenshot-2023-07-04-at-3-54-56-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/OZ3QdxAXZq1SUQO8-screenshot-2023-07-04-at-3-54-56-pm.png) #### CloudMounter Please update to the latest version For Ventura Support and follow the below settings example to setup Cloud Mounter.

Add a "amazon s3' connection and fill in the details per rackcorp portal. Substitute the Server Endpoint for the one of your choosing eg AU or AU-NSW or S3 regions s per our S3 settings page.

[![Screenshot 2023-07-04 at 3.54.14 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/CsFZmnRczAfIhtto-screenshot-2023-07-04-at-3-54-14-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/CsFZmnRczAfIhtto-screenshot-2023-07-04-at-3-54-14-pm.png) [![Screenshot 2023-07-04 at 3.54.14 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/uUbKjJoZrfoVLHwy-screenshot-2023-07-04-at-3-54-14-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/uUbKjJoZrfoVLHwy-screenshot-2023-07-04-at-3-54-14-pm.png) ##### Expan Drive For ExpanDrive please add a "Amazon S3" Connection [![Screenshot 2023-07-05 at 3.41.51 pm (2).png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/OMJBIuF5FbDp6Qbn-screenshot-2023-07-05-at-3-41-51-pm-2.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/OMJBIuF5FbDp6Qbn-screenshot-2023-07-05-at-3-41-51-pm-2.png) [![Screenshot 2023-07-05 at 3.44.04 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/M4JfcQJ4yHPy0AfS-screenshot-2023-07-05-at-3-44-04-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/M4JfcQJ4yHPy0AfS-screenshot-2023-07-05-at-3-44-04-pm.png) ### 4. Advanced Features This document is intended to get you up and running with the RackCorp S3 Storage service using popular Windows client applications. To use advanced features like file versioning, encryption, Access Control Lists, cross-region replication, Transfer Acceleration, bucket logging and API access, please contact your account manager for additional information. These features may require specific settings or regions to work. Document History: 008: Add Mac/Windows Expan Drive, Cloudberry for Windows 007: Added Mountain Duck and Cloud Mounter for Mac OSX Ventura 006: Added WinSCP and rclone 005: Multi Language support 004: Add support and usage guidance for Cyber Duck and Mountain Duck from iterate GmbH # Install OPNsense Firewall ## OPNsense 20.x setup workflow for RackCorp Hybrid cloud #### Summary: Setting up OPNsense is easy if one has direct access bare metal, or has a desktop virtualisation where one can define internal NICs/networks, which can be used for the LAN side management. However, since we are setting up in a hybrid public/private cloud, without a management terminal (VM) setup on the same subnet as the LAN network, we will not be able to manage and configure the OPNsense since the locked down WAN interface is the one exposed to the outside world. Additionally, limited configuration is provided through its’s terminal shell. We want to have some management ports (properly secured) exposed to the Internet. For our hybrid cloud, we shall swap the public and private interfaces in OPNsense This is the reverse of the expected setup flow. We do this because the LAN interface has a preset ‘allow all’ rule which lets us login to its management portal. This will allow us to easily configure the system remotely via web browser and then we will change the settings back to the Public IP being on the WAN interface and private IP on the LAN interfaces.

The general steps to get OPNsense 20 running on RackCorp Hybrid are as follows:

Install ISO

Get access to Web GUI

Make firewall rule on WAN interface for remote management

Reassign/swap the LAN/WAN interfaces

Rekey in the correct IP address for the LAN/WAN interfaces

The WAN IP included in this guide is for example only. Please replace it with the one we have provided you

[![image-1637654675114.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637654675114.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637654675114.png) --- #### 1. Install ISO OPNsense assigns its Interfaces to NICs in the order they are assigned to in the RackCorp Portal, starting with LAN interface. So let’s ‘swap’ the interfaces so we can login to the management webpage: 1\. Start off with the following configuration for the RackCorp Portal and OPNsense in your RackCorp VM
**RackCorp vNIC ID****RackCorp vNIC Label****IP****VLAN****OPNsense Interface**
**NIC 1****Public****116.206.80.210 /27****<your assigned VLAN>** **Public VLAN1 for Demo****LAN (vtnet0)**
**NIC 2****Private****10.0.0.1 /24****<your assigned VLAN> Public VLAN1 for Demo****WAN (vtnet1)**
Rackcorp portal will display green lights when the configuration is correct. Setup your RackCorp VM with the networking from the above table. - Don’t forget to add the VLANs - For demonstration, we have left the default vNIC labels. If the vNIC labels are confusing you could define them based on the interface, e.g. Private or Public combined with the end of the vNIC MAC address e.g. 33 or 34. --- 2\. Follow the boot and installation instructions for the OPNsense 20.x using the ISO image file. 2.1 Mount the OPNsense Installer ISO in RackCorp and then boot the VM. [![image-1637655239952.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655239952.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655239952.png) 2.2 A live environment is booted with optional installation.

Do not run interface assignment during boot if you are going to install to HD.

[![image-1637655296211.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655296211.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655296211.png) 2.3 Once booted, install the system to disk using the following Login: **installer** password: **opnsense** Follow the guided instructions to install to HDD. The defaults are fine for a single disk install. Once complete, follow the prompt to reboot the OPNsense install and EJECT the ISO from the RackCorp portal. [![image-1637655411184.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655411184.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655411184.png) --- #### 2. Get access to Web GUI 3\. Opnsense has a built in wizard in the console menu that aids the user to setup their LAN NIC, WAN NIC, any tertiary NIC such as a DMZ or management NIC as well as IPv4/6 addressing and DHCP. Your Opnsense will have booted to this menu after install. 3.1 **SET INTERFACE IP** for **WAN** Select **NONE**, this will clear the interface and let us re-assign. 3.2 **SET INTERFACE IP** for **LAN** Select **116.206.80.210**/27 as per table. Since this example uses a 27 bit subnet, our gateway is .193 and our maximum host is .223. For DNS use RackCorp NS1 110.232.116.249 or Google DNS 8.8.8.8
**Interface****LAN**
**DHCP**No
**New LAN IP**116.206.80.210
**Subnet**27
**Gateway**116.206.80.193
**Gateway as name server**No
**IPv4 Name server**8.8.88
**IPv6 LAN Interface via WAN Tracking:**No
**IPv6 LAN Interface via DHCP:**No
**IPv6 Address:**<enter> for none
**LAN DHCP Server:**n
**HTTP fallback for web GUI**n
--- 4\. Once you have keyed in the LAN IP address, you should be able to access it via web browser. There will be an introductory setup wizard but be sure to skip the WAN setup page. Login to OPNsense web page. Click logo top left to skip configuration wizard. Once we have logged into the OPNsense management page, this is verification that we can access the system [![image-1637655966988.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655966988.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655966988.png) --- #### 3. Make firewall rule on WAN interface for remote management 5\. Add an alias to define management ports. **Firewall-> Aliases**. We use ports **80, 443, 8080** in this example. **\[Save\]. \[Apply\]** [![image-1637655998622.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655998622.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655998622.png) --- 6\. Add WAN port forward rule to **Firewall -> Rules -> WAN.**
**Protocol:**TCP
**Source Port:**Any
**Destination port range Start:**<Your alias name> Scroll UP in the list to find it.
**Destination port range End:**<Your alias name> Scroll UP in the list to find it.
**Log Packets:**Enabled
**\[Save\]. \[Apply\].** [![image-1637656148345.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656148345.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656148345.png) --- #### 4. Reassign/swap the LAN/WAN interfaces 7\. **Interfaces-> Assignments**. Compare the settings here versus Rackcorp portal Where are we now: a LAN Interface with public IP set in OPNsense and WAN interface with no WAN IP set. Since our Port Forward that will allow us to access management interface externally is now defined, we can swap the interfaces. You need to swap both the interfaces in OPNsense portal. 7.1 In OPNense portal, **(Interfaces->Assignments)** Swap so that (LAN) -> VTNET1 RackCorp NIC 2 (WAN) -> VTNET0 RackCorp NIC 1 [![image-1637656224532.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656224532.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656224532.png) [![image-1637656231088.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656231088.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656231088.png) **\[SAVE\]** --- #### 5. Rekey in the correct IP address for the LAN/WAN interfaces 8\. Once you have swapped, OPNsense might forget the IP subnets and we need to re-key them into the console. Re-key in the IP/subnets using option 2. Clear them if necessary with <ENTER NONE>
**Interface****LAN**
**Configure via DHCP**No
**New LAN IP**10.0.0.1
**Subnet**24
**Gateway**<enter> for none
**IPv6 LAN Interface via WAN Tracking:**N
**IPv6 LAN Interface via DHCP6:**N
**IPv6 Address:**<enter for none
**LAN DHCP Server:**Y
**SDHCP End Address:**10.0.0.20
**Revert to HTTP as web GUI protocol**N
**Interface****WAN**
**Configure via DHCP**N
**New WAN IP**116.206.80.210
**Subnet**27
**Gateway**116.206.0.193
**Gateway as name server**no
**IPv4 Name server**8.8.8.8
**IPv6 WAN Interface via DHCP6:**N
**IPv6 Address:**<enter> for none
**Revert to HTTP as web GUI protocol**N
[![image-1637656639516.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656639516.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656639516.png) --- 9\. Once both LAN and WAN have been rekeyed, you should be able to log in to the OPNsense management portal via its WAN address and RackCorp vNIC status lights turn green. [![image-1637656707606.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656707606.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656707606.png) [![image-1637656714913.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656714913.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656714913.png) --- 10\. Follow our additional tasks for further configuration as required. --- 11\. If you have problems with this procedure, select **(4) Reset Factory Settings** in the console menu. The OPNsense will reset itself, then shutdown. Restart the VM from RackCorp and try again. **11) Reload all services can also help** [![image-1637656756688.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637656756688.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637656756688.png) #### ADDITIONAL TASKS Once your basic setup is running, it can be further configured to suit your requirements. Consult your security policy on how to handle such appliance management. Things to consider can be, of which many are industry best practice - Considering adding a management network or 1 or more DMZ networks to the firewall for added functionality - Use VPN functionality for management login instead of HTTP/S ports. - Use VPN functionality for remote workers to be able to access enterprise content. - If HTTP/S ports are desired for management via WAN/Internet, consider changing the port numbers and or whitelisting the OPNsense IP/URL to particular authorised management systems. - Configure and test SSH access if necessary, bound by whitelisting, management interface or VPN tunnel. - Install additional plugins, such as Wireguard VPN or other utilities via the plugins page to enhance the functionality of the firewall. # RackCorp BGP Communities

***RackCorp is currently undergoing a transition to our BGP model globally. If you notice a combination of communities is not working as you expect, please raise a support ticket as our team as it may be our issue***

**BGP Looking Glass URL** *(RackCorp is currently undergoing testing on this service and it is not currently publicly available)* https://lg.rackcorp.com/

### **Transit Management (outbound)** *(Please note while we try to pass on these communities, upstream networks may still advertise to these providers)* 56038:283 Don't advertise to CoreIX (AS31708) 56038:284 Don't advertise to Hurricane Electric (AS6939) 56038:285 Don't advertise to Constant (AS20473) 56038:297 Don't advertise to NTT (AS2914) 56038:279 Don't advertise to Vocus (AS4826) 56038:286 Don't advertise to IPTransit (AS64098) 56038:287 Don't advertise to Indonet (AS9340) 56038:288 Don't advertise to Voxility (AS3223) 56038:289 Don't advertise to China Telecom (AS58453) 56038:290 Don't advertise to Aknet (AS12764) 56038:291 Don't advertise to Cogent (AS174) 56038:292 Don't advertise to Mongolia National DC (AS56301) 56038:293 Don't advertise to Gemnet (AS45204) ### **Peering Management (outbound)** *(Please note while we try to pass on these communities, upstream networks may still advertise to peering exchanges)* 56038:300 Don't advertise to WA-IX AU 56038:301 Don't advertise to NSW-IX AU 56038:302 Don't advertise to VIC-IX AU 56038:303 Don't advertise to QLD-IX AU 56038:310 Don't advertise to Megaport WA IX AU 56038:311 Don't advertise to Megaport NSW IX AU 56038:312 Don't advertise to Megaport VIC IX AU 56038:313 Don't advertise to Megaport QLD IX AU 56038:320 Don't advertise to DEC-IX DE ### **Global Management (outbound)** 56038:666 Blackhole prefix wherever possible (only IPv4 /32 or IPv6 /128 allowed) 56038:777 Do not advertise outside of local city (Useful if deploying anycast and utilising other vendors besides RackCorp) 56038:888 Attempt to pad announcements globally with prefixes for optimal anycast traffic 56038:8880 Attempt to pad announcements globally with prefixes for optimal anycast traffic (identical to :888) 56038:8881 Attempt to pad announcements globally with prefixes for optimal anycast traffic +1 56038:8882 Attempt to pad announcements globally with prefixes for optimal anycast traffic +2 56038:8883 Attempt to pad announcements globally with prefixes for optimal anycast traffic +3 56038:8889 Do not advertise 56038:2000 Do not advertise by default (Use specific keyed communities) #### **Cloud Users next-hop (outbound)** You can use 110.232.119.254 as your next-hop. Our systems will automatically assign your VM primary IP as the next hop. #### **Keyed Management (outbound)** *(Please note while we try to pass on these communities, upstream networks may still advertise at these locations)* A: 1=Dont Advertise, 2=Advertise no padding, 3=Advertise pad x1, 4=Advertise pad x2, 5=Advertise pad x3, 6=Advertise no-export B: 0=Transit + Peering, 1=Transit Only, 2=Peering Only 56038:1AB00 Global 56038:1AB21 AU Brisbane 56038:1AB01 AU Sydney GlobalSwitch 56038:1AB26 AU Sydney Equinix 56038:1AB02 AU Melbourne 56038:1AB03 AU Perth 56038:1AB09 DE FRA8 56038:1AB08 HK 56038:1AB14 IN 56038:1AB13 JP 56038:1AB19 MN MNDC1 56038:1AB20 MN GEMNET1 56038:1AB12 NL Amsterdam 56038:1AB11 NZ 56038:1AB17 TH BKK1 56038:1AB18 TH BKK2 56038:1AB06 UK London 56038:1AB04 US Fremont 56038:1AB05 US Chicago 56038:1AB15 US Los Angeles, CA 56038:1AB16 US Reston VA 56038:1AB07 SG 56038:1AB22 KG NSP1 56038:1AB23 PH Carmona 56038:1AB24 PH Makati 56038:1AB25 ID Jakarta 56038:5070 Force local-pref 70 56038:5080 Force local-pref 80 (Default) 56038:5090 Force local-pref 90 56038:5095 Force local-pref 95 #### **Informational Communities (inbound)** 56038:3000 Received via local 56038:3001 Received via transit 56038:3002 Received via peering 56038:3003 Received via customer #### **BGP Internal Distancing (inbound)** RackCorp uses a private AS65001 to represent some internal connectors in the BGP router path and is used to indicate distance between datacenters/cities. You can make use of these internally if you wish in calculating optimal routing # RackCorp Datacenter Locations and Codes #### **Datacenter Codes and Test IPs** The codes below identify the locations of servers both at order time and on billing information
DC CodeDC DescriptionTest IP v4Test IP v6
RC-AU-NEXTDCB2AU Brisbane NextDC B2185.207.10.109
RC-AU-VOCUS530AU Melbourne Vocus 530103.233.30.118
RC-AU-VOCUSPER03AU Perth Vocus PER03 PerthIX103.233.31.38
RC-AU-GLOBESW1AU Sydney GlobalSwitch116.206.80.238
RC-AU-EQX1AU Sydney Equinix SYD4103.43.116.87
RC-DE-FRANKFURT2DE Frankfurt FRA8103.43.118.76
RC-HK-EQXHK2HK Hong Kong EQXHK2116.206.82.37
RC-ID-DCI1ID Jakarta DCI1185.207.9.5
RC-ID-AREA31 ID Jakarta Area31 103.69.75.46
RC-KG-NSP1KG Kyrgyzstan NSP1137.83.12.36
RC-MN-GEM1MN Gemnet1116.206.83.60
RC-MN-MNDC1MN National DC1103.43.117.37
RC-NZ-SH1NZ Auckland SH1120.138.21.118
RC-PH-CRM1PH Philippines Carmona45.250.158.14
RC-PH-MAK1PH Philippines Makati103.219.70.176
RC-TH-BKK2TH Thailand NTT BKK2116.206.81.103
RC-TH-TCC1TH Thailand TCC DC1185.207.8.36
RC-UK-MEMACO1UK Memaco House103.69.74.412406:4a00:1f00::4
RC-US-VA1USA Virgina CoreSite VA1103.69.73.4
RC-US-LA2USA Los Angeles LA2103.69.72.4
#### **RackCorp IP Address Allocations** ##### IPv4 185.207.8.0/22 103.69.72.0/22 110.232.116.0/22 103.43.116.0/22 103.233.30.0/23 137.83.12.0/24 116.206.80.0/22 ##### IPv6 2406:4a00::/32 # RACKCORP REST API # RACKCORP REST API Rackcorp has migrated many of its functionalities to work with REST API architecture to modernize and make easy the process to get data through HTTP protocol. Every month we are adding new services through REST API. It is important you follow us to get the last updates and the last version of our API. ##### **API Information:** Current Version: v2.8 API URL: [https://www.rackcorp.net/api/v2.8](https://www.rackcorp.net/api/v2.7) Before you start to create any code or connect through our API, you need to create an API Key access which allows your code to make HTTPS requests to our services and be authorized to get data for your services. We will explain here how you add this API Key in your code. To create API credentials, goto ADMINISTRATION -> API in our portal. URL: [https://portal.rackcorp.com/index.php?cmd=api](https://portal.rackcorp.com/index.php?cmd=api&if=0) Then, you click ADD, type a **name** for this new Key and a **secret** ( password ) and SAVE.[![key.PNG](https://wiki.rackcorp.com/uploads/images/gallery/2023-01/scaled-1680-/nBxn0uJWbaY6xGpx-key.PNG)](https://wiki.rackcorp.com/uploads/images/gallery/2023-01/nBxn0uJWbaY6xGpx-key.PNG)

Make sure to record your SECRET phrase somewhere safe. It is required for API access and cannot be retrieved, It can only reset via the API portal key details page

##### ##### **API Standards:** As described in our article [REST API Architecture and Standards](https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards), there is no definitive standard patterns that all engineers/devs should follow to create REST API for their app. In Rackcorp we keep things simple. The main structure for our REST API follows the patterns below: version: v2.8 main URL: [https://api.rackcorp.net/api](https://api.rackcorp.net/api) object data: customers | dc | network | api | dns | device URL format: [https://api.rackcorp.net/api/](https://api.rackcorp.net/api)+version+/object data/+ID item Example GET all data: [https://api.rackcorp.net/api/v2.8/device](https://api.rackcorp.net/api/v2.7/devices) Example GET one Item: [https://api.rackcorp.net/api/v2.8/device/1 ](https://api.rackcorp.net/api/v2.7/devices/1) **Bellow is some example code which you can use as example to implement your first REST API connection to our platform:**

**We strongly recommend that you only make REST API calls from your back-end code. Be careful when using javascript code to call a REST API url. Never add your credentials in front-end code. Speak to our team if unsure.**

In this simple introduction to code REST API, we will use PHP and PYTHON programming language. **PHP:** In the sample bellow we add a dummy API KEY and API SECRET. Please, change this data accordingly with your data ``` "dc.getall"]; $query['APIUUID'] = ""; // No authetnication required for getting datacenter list $query['APISECRET'] = ""; $curl = curl_init($url); curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($query)); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($curl); if($response) { return json_decode($response, true); } return false; ?> ``` **PYTHON:** ``` import json import logging import sys import os import glob import re from bson import json_util from flask.helpers import make_response from flask import request, jsonify version = 'v2.8' apiurl = 'https://api.rackcorp.net/api'+version+'/'+dc setheaders = { 'content-type': 'application/json', 'User-Agent': 'Mozilla', 'jwt': jwt } data = {} data['APIUUID'] = '' data['APISECRET'] = '' apiresp = None apiresp = requests.get(self.apiurl+'/sessions/logout',data=self.rcdata,headers=setheaders) ``` As you can see in both examples, the logic to connect through our API is quite simple. You just need the URL, the APIUUID and APISECRET as part of the object or array that gets passed to the API. Below you can find links with more advanced docs to use our API. Also, the complete list of REST API services (urls) explaining the query data and the expected response data for each situation. ##### **REST API GibHub Docs:** [Link: https://github.com/RackCorpCloud/rackcorp-api/wiki/RACKCORP-REST-API](https://github.com/RackCorpCloud/rackcorp-api/wiki/RACKCORP-REST-API) ##### **Swagger RACKCORP REST API:** Swagger is a suite of API developer tools from SmartBear Software and a former specification upon which the OpenAPI Specification is based. This platform displays in simple layout all REST API functions allowing you visualize what your code should expect as response for each call (GET, PUT, PUSH, DELETE). You can see through this platform the schema for each function and also, the expected JSON format response. You can also make tests to connect through your services in our servers using your real APIUUID and APISECRET. It is good for testing staging environments and make sure that your call will receive exactly what your code expects.

Dont forget to select which url path API you wanna use for tests. In Swagger page you can see in Server three options. The first one is a swagger mocking URL which is not for tests. The second one is the RACKCORP Production REST API Core (please be careful to use this URL ). The third one is the RACKCORP Staging REST API which should be used for tests.

Link: [https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.8](https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.8 "https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.8")[ ](https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.7) # RACKCORP REST API EXAMPLES **Reference material:** **Swagger App: [https://app.swaggerhub.com/apis-docs/RackCorp/Rackcorp-REST-API/2.8](https://app.swaggerhub.com/apis-docs/RackCorp/Rackcorp-REST-API/2.8)** **Rackcorp REST API docs: [https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards](https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards "https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards")** **PHP Code:** **Simple server creation:** ``` "FAULT", "message" => "API Error"); } return json_decode($response, true); } $customerID = 1000; // Change this to your customer ID (available in portal under ADMINISTRATION -> MY DETAILS) // locations are defined here: https://wiki.rackcorp.com/books/help-and-support-en/page/rackcorp-datacenter-locations-and-codes $neworder = "data": [ "customerid": $customerID, "currency": "AUD", "servicebilltag": "CLOUDSERVER", "productdetails": [ "BILLINGMODEL": "monthly", "NOINSTANCES": 1, "HOSTNAME": "Test Machine", "CLOUDTYPE": "public", "DCID": "89", "OS": "OS-ALMALINUX-16.1", "VMHID": "", "CPU": 2, "MEMORYGB": 4, "STORAGEGB": 20, "IPV6": 0, "IPV4": 1, "NT-SPEED": "NT-SPEED100", "TRAFFICGB": "TRAFFICGB-100", "BKP": "BKP-FREE", "SUPPORT": "SUPPORT-STD", "DDOS": "", "SECURITY":[] ] ]; // Lodge the order (this just locks pricing in for up to 72 hours but doesnt actually create any resources) // IMPORTANT - method POST $response = rackcorpAPI("/order/create/server", $neworder); var_dump($response); // You can look up the order if you want: // IMPORTANT - method GET $response = rackcorpAPI("/order/"+$response['data']["orderid"]); var_dump($response); // Then confirm the order to start provisioning: // IMPORTANT - method GET $response = rackcorpAPI("/order/confirm/server/"+$response['data']["orderid"]); var_dump($response); ?> ``` **Starting a server using cloud-init:** After creating a server, you can also choose to start it using cloud-init with your own custom code: ``` $cloudInitStartupData = Array( "cloudInit" => Array( "volumeName" => "config-2", "userData" => "#cloud-config ssh_pwauth: True users: - default - name: user1 groups: sudo shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] plain_text_passwd: testtest888 lock_passwd: false ", "metaData" => "instance-id: ServerTest9999 local-hostname: MyServerHostname9999 " ) ); $serverIDToStart = 9999; $tx = Array ("objId"=>$serverIDToStart, "objType"=>"DEVICE", "type"=>"STARTUP", "data"=>json_encode($cloudInitStartupData)); // See earlier example for rackcorpAPI function $response = rackcorpAPI("rctransaction.create", $tx); var_dump($response); ?> ``` # REST API Architecture and Standards REST API architecture has been create to make the procedures to access data from different services easier and more standardized. This logical architecture frequently uses json data structure to send and receive data. JSON is an open standard file format and data interchange format that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and arrays. Json data example: ``` {

"api": "v2.7",

"apipath": "https://www.rackcorp.net/api/v2.7"

} ``` This data could be represented as an array or object in many languages such as PHP, PYTHON and C# Rackcorp has migrated many of its functionalities to work with REST API architecture to modernize and make easy the process to get data through HTTP protocol. Every month we are adding new services through REST API. It is important you follow us to get the last updates and the last version of our API. ##### **Some important concept of REST API:** - **HTTP methods - GET, POST, PUT, DELETE** Web developers are likely familiar with GET and POST, along with the other HTTP methods, also sometimes called HTTP verbs. These methods define the type of request being made to a REST API. - **Methods by use:** - GET - request data - POST - insert new data - PUT - update data - DELETE - delete data - **Resource Names:** Resources are sometimes referred to as the nouns that the HTTP verbs act upon. Earlier web services were built around remote procedure calls, which saw APIs as extensions of the code that called them. By contrast, REST resources can be accessed with multiple HTTP methods. - - `GET /api/animals:` retrieve a list of animals - `POST /api/animals:` add a new animal - `GET /api/animals/dog:` retrieve a single animal by ID - `PUT /api/animals/dog:` update a single animal by ID - `DELETE /api/animals/dog:` delete an animal by ID - **Data Formats:** Most API requests will return content from the server that the client needs to interpret. Rarely is this content plain text—usually, it will use a structured data format. While REST does not specify any data formats, JSON and XML are the two most commonly used. Json: ``` {

"id": "dog",

"name": "Pet dog",

"genus": "Canis",

"img": "https://cdn2.thedogapi.com/images/1MZ0YbOpS.jpg"

} ``` Xml: ```



dog

Domestic dog

Canis

https://cdn2.thedogapi.com/images/1MZ0YbOpS.jpg



``` - **HTTP Statuses:** Since REST APIs depend upon HTTP standards, each request’s status is used to communicate the result of the request, such as success or failure. Each status code provides a machine-readable response, plus a human-readable message. Web developers (and a number of users) will be familiar with many of these. - - **200**: Success - **201**: Created - **401**: Unauthorized - **403**: Forbidden - **404**: Not found - **429**: Too many requests While REST is not a standard, there are many other standards often associated with REST. For example, OAuth covers third-party authorization for resources while JSON PATCH describes a standard approach to the HTTP PATCH method for the JSON data format. An important standard to keep in mind as you design your own APIs is the OpenAPI specification. ##### **How to make a REST API request to get, insert and update data?** You can make a REST API using any programming language such as Javascript, PHP, PYTHON and C#. In this article we will add some samples of code to explain how to make a request using Javascript (JQUERY) and PHP. We choose these two languages because it is most popular language to deploy a website.

**We strongly recommend only make REST API calls from your back-end code, be careful when use javascript code to call a REST API url. Never add your credentials in front-end code.**

**Javscript (JQUERY):** Firstly, you need to create a small logic to call the api url as the sample bellow: ```

``` You can see that the code to make requests using REST API is quite simple. We have a variable called 'data' which is the object which would contain the pair of key-values which will be translate into a query in back-end. Them, we create a string variable which is the URL to connect to the REST API HTTP. With this two variables, we are able to create the AJAX script to call the REST API. If the code is correct, the logic will redirect to SUCCESS, if the code is wrong it will redirect to ERROR. Them, you can treat the response ('rest') as you wish. Be careful to use javascript to make REST API requests. It is because javascript is a front-end programming language, it means the code runs in the user desktop (notebook, phones) and this code can be intercepted by hackers and any other malicious person. REST API requests in javascript is only recommended when you dont need to pass sensitive data, like keys, password or personal information. In the sample above, we called an URL to list all Data Centers (DC) in Rackcorp which doesnt need authentication, it is open to the world. **PHP:** In PHP usually developers use CURL function to connect through HTTP. In the sample bellow you can understand how to implement a REST API request from your server to another server. ```


$v = 'v2.7';

$url = "https://api.rackcorp.net/api/". $v . "/dcs";

$query = [];



$curl = curl_init($url);

curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($query));

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);



$response = curl_exec($curl);



if($response) {

return json_decode($response, true);

}



return false; ``` As you can see we created the same variables 'v' and 'query' in PHP to call the REST API url. Them, we start creating the CURL initial command. We set some options in the CURL function such as POSTFIELDS and RETURNTRANSFER. You have many other options that you can add to CURL PHP. Have a look in the PHP docs to find out the best approach for your code logic. ##### Conclusion: REST API request is a quite simple way to get, insert, and update data through internet with small effort. Nowadays, Mostly of services through the internet has implemented REST API functions and RACKCORP also has its own standard. If you need to connect to us using REST API, read more in [RACKCORP REST API](https://wiki.rackcorp.com/books/help-and-support-en/page/rackcorp-rest-api) # S3 Storage Settings ### **S3 Storage Regions**
RegionArea Code
Australia GlobalSwitch DC1au-nsw-gbl1
Australia Equinix SYD4au-nsw-eqx4
Australia Sydneyau-nsw
Thailand Bangkok NTT DC1th-bkk
Mongolia Ulaanbaatarmn
Mongolia Ulaanbaatar GEMNET DC1mn-gem1
Hong Konghk
Hong Kong Equinix HK2hk-eqx2
Philippinesph
Philippines Carmona DC1ph-crm1
Kyrgyzstankg
Kyrgyzstan - NSP DC1kg-nsp1
Indonesiaid
Indonesia - Area31 DC1id-area31
Australia LEDC NSW Datacentersau-nsw-ledc
Australia NSW Newcastleau-nsw-ledc-ncle1
Australia NSW Dubboau-nsw-ledc-dbo1
WHERE S3 ENDPOINT URL is areacode.s3.rackcorp.com EG au-nsw-ledc-ncle1.s3.rackcorp.com to force data to newcastle data center, Australia ### **How to install s3cmd for RackCorp** #### **INSTALL PACKAGES** **CentOS 8+ / Rocky Linux / RPM-based Linux** ```shell yum install s3cmd ``` **Debain / Ubuntu / .deb based linux** ```shell apt install s3cmd ``` #### **CONFIGURATION** **Demo Read-Only Access Key / Secret** **Access Key:** F4LV2SVMHUOL1UOD2LLF **Secret Key:** plax+zs9eSmvLVl2E7Wc8fRyv+cyuq7vYgQi7E/6 **Default Region:** US **S3 Endpoint:** s3.rackcorp.com **DNS Template (if required):** %(bucket)s.s3.rackcorp.com **(You can create your own inside our portal SERVICES -> STORAGE -> S3 CREDENTIALS / S3 BUCKETS)** ```shell [demo@demohost demo]# s3cmd --configure ``` Enter new values or accept defaults in brackets with Enter. Refer to user manual for detailed description of all options. ```shell ``` Access key and Secret key are your identifiers for Amazon S3. Leave them empty for using the env variables. Access Key: F4LV2SVMHUOL1UOD2LLF Secret Key: plax+zs9eSmvLVl2E7Wc8fRyv+cyuq7vYgQi7E/6 Default Region \[US\]: ```shell ``` Use "s3.amazonaws.com" for S3 Endpoint and not modify it to the target Amazon S3. S3 Endpoint \[s3.amazonaws.com\]: s3.rackcorp.com ```shell ``` Use "%(bucket)s.s3.amazonaws.com" to the target Amazon S3. "%(bucket)s" and "%(location)s" vars can be used if the target S3 system supports dns based buckets. DNS-style bucket+hostname:port template for accessing a bucket \[%(bucket)s.s3.amazonaws.com\]: %(bucket)s.s3.rackcorp.com ```shell ``` Encryption password is used to protect your files from reading by unauthorized persons while in transfer to S3 Encryption password: Path to GPG program \[/bin/gpg\]: ```shell ``` When using secure HTTPS protocol all communication with Amazon S3 servers is protected from 3rd party eavesdropping. This method is slower than plain HTTP, and can only be proxied with Python 2.7 or newer Use HTTPS protocol \[Yes\]: ```shell ``` On some networks all internet access must go through a HTTP proxy. Try setting it here if you can't connect to S3 directly HTTP Proxy server name: ```shell ``` New settings: Access Key: F4LV2SVMHUOL1UOD2LLF Secret Key: plax+zs9eSmvLVl2E7Wc8fRyv+cyuq7vYgQi7E/6 Default Region: US S3 Endpoint: s3.rackcorp.com DNS-style bucket+hostname:port template for accessing a bucket: %(bucket)s.s3.rackcorp.com Encryption password: Path to GPG program: /bin/gpg Use HTTPS protocol: True HTTP Proxy server name: HTTP Proxy server port: 0 ```shell ``` Test access with supplied credentials? \[Y/n\] Y Please wait, attempting to list all buckets... Success. Your access key and secret key worked fine :-) ```shell ``` Now verifying that encryption works... Not configured. Never mind. ```shell ``` `Save settings? [y/N] YConfiguration saved to '/home/demo/.s3cfg'` ``` ``` ### **Recommended Client Software** While there is no formal (*RFC documented*) '**S3 Protocol**', the RackCorp S3 storage platform supports largely conforms to what the industry largely follow, that being the protocol implemented by Amazon. This means that most client software that has '**native S3**' or '**AWS S3**' support, will typically work with RackCorp S3, given the correct configuration. If you experience issues with any particular functionality or client software that you believe should work, please feel free to raise a support ticket and we will investigate. ### **S3 Security Considerations** There are many use-cases for S3 storage, one of which is hosting of static web content. This requires your bucket to have **'PUBLIC READ ENABLED'** permissions selected in the bucket configuration. This means that anyone with a URL to a resource stored in your bucket will be able to access it without requiring any credentials or authentication. This is perfect for static images and other content, for use behind a CDN or for objects in-bedded into your website/mobile application. If you are not using your bucket for hosting of static web content, you **must** ensure that the **'PUBLIC READ DISABLED'** permissions are selected. This ensures that only valid users with an access + secret keypair can access resources in your bucket. Additionally, you can use a **'Presigned URL'** for both uploading and accessing of data in buckets, in the same way that you would here: [(AWS S3 - presigned urls)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-presigned-url.html). This is the preferred approach for all common use cases as it reduces any potential exposure of data stored in your buckets. For assistance on the points above, please feel free to raise a support request for clarifications. ### **S3 Storage White-label Partner Services** RackCorp also extends all of the above S3 Storage Regions to our white-label partner programme where you assign your s3.<yourhostname> nameservers to RackCorp hosted DNS. Please contact for further information. # Security Token How-To ### 1. Choose user Log into the portal using your username and password and navigate to **ADMINISTRATION** -> **MY DETAILS** [![image-1637237370427.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237370427.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237370427.png) Click on **MY DETAILS**. The **CLIENTS AND USERS PAGE** is displayed. [![image-1637238289496.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637238289496.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637238289496.png) Click **USERS** to display the assigned users under your **CLIENT** (customer) account, and select a **USER** to edit [![image-1637238745321.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637238745321.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637238745321.png) --- ### 2. Find token link Note your user details, there should be a **SECURITY TOKEN** link visible ready to be used for the first time. [![image-1637237366342.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237366342.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237366342.png) --- ### 3. Security token setup The security token setup window is displayed where you can generate your key to add to your desired authenticator application. [![image-1637237513447.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237513447.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237513447.png) ### 4. Connect TOTP Seed Once the **Generate** button is pressed, a TOTP Seed key and a Google Authenticator key are displayed. For convivence, a QR code is generated that can be scanned by an authenticator app. [![image-1637237518553.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237518553.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237518553.png) [![image-1637237347612.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237347612.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237347612.png)

We strongly recommend that a separate physical device such as a phone, tablet or hardware key be used for multi factor authentication.

Google authenticator for mobile devices can scan the generated QR code using the device camera to retrieve the token key and setup your authentication. For desktop authenticators such as a YubiKey hardware key, a screen capture function is available where it can capture the generated displayed QR code from the screen. Otherwise for applications such as WinAuth you will need to copy and paste the URL to the QR code image or manually input the key code into the authenticator.

Once the key generator window is closed, your keys are no longer accessible using this function and need to be regenerated and you are returned to your user details.

--- ### 5. Performance check Once your authenticator is setup, it is advisable to test it before setting your user preferences to enforce Two-Factor Authentication on login, should the key be wrong technical support will need to reset the users access. Navigate to **POWER** and click **LOGOUT** [![image-1637238969363.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637238969363.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637238969363.png) You are returned to the RackCorp portal login at portal.rackcorp.com or your company's white label link [![image-1637239058915.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637239058915.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637239058915.png) At this step, using your new authenticator to generate the Security Token and input it into the field and login, log back into the portal. Should this be successful progress to step **6**. otherwise check your authenticator for most current code or contact RackCorp Technical Support. --- ### 6. Configure security token for a user Should you login successfully after configuring 2FA, The final step to Security Token setup is to select whether two factor authentication is mandatory required or not on login by selecting **REQUIRED** or **NOT REQUIRED**. [![image-1637237332766.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237332766.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237332766.png) --- ### 7. Final test Perform a final test of your new 2FA settings. As per step **5,** log out of the RackCorp Portal and then login using your newly setup Two Factor Authentication in addition to your username and password. You should have be able to login successfully and can continue using our services. # Self-Signed SSL certificates Navigating OpenSSL can be tricky with a number of command line chains to memorise, that generate different products. Should a temporary self-sign be needed for a website initial deployment or test process, the following webpage has a all in one generator and presents all results on the page itself with nothing needed to install Only thing of note is industry now requires 1YR max SSL validitty. Some generators will mark the validity for 10 YEARS and RackCorp portal will recognise this as it is technically legitimate. This webpage generator says 1YR but will generate 3 months, typical of a free self sign 'R3' type generator [https://en.rakko.tools/tools/46/](https://en.rakko.tools/tools/46/) # Update BookStack on RackCorp

- For RackCorp Web Hosting Platform Only -

1\. Login to the hosted website shell using a local user, NOT a super user. the PHP version gets misdetected as superuser --- 2\. cd /httpdocs/Bookstack --- 3\. ls to verify folder contents. note artisan, composer.\*, composer.phar ``` -bash-4.4$ ls -l total 2900 -rw-r--r-- 1 12425 12425 1186 Nov 7 07:04 LICENSE drwxr-xr-x 20 12425 12425 4096 Dec 20 06:38 app -rwxr-xr-x 1 12425 12425 1685 Nov 7 07:04 artisan drwxr-xr-x 3 12425 12425 4096 Dec 20 06:38 bootstrap -rw-r--r-- 1 12425 12425 57721 Nov 7 07:06 composer-setup.php -rw-r--r-- 1 12425 12425 3353 Dec 20 06:38 composer.json -rw-r--r-- 1 12425 12425 397702 Dec 20 06:38 composer.lock -rw-r--r-- 1 12425 12425 2286233 Nov 7 07:11 composer.phar -rw-r--r-- 1 12425 12425 200 Nov 7 07:04 crowdin.yml drwxr-xr-x 5 12425 12425 4096 Dec 20 06:38 database drwxr-xr-x 5 12425 12425 4096 Nov 7 07:04 dev -rw-r--r-- 1 12425 12425 1292 Nov 7 07:04 docker-compose.yml -rw-r--r-- 1 12425 12425 112666 Dec 20 06:38 package-lock.json -rw-r--r-- 1 12425 12425 1420 Dec 20 06:38 package.json -rw-r--r-- 1 12425 12425 452 Dec 20 06:38 phpstan.neon.dist -rw-r--r-- 1 12425 12425 2610 Dec 20 06:38 phpunit.xml drwxr-xr-x 5 12425 12425 4096 Dec 20 06:38 public -rw-r--r-- 1 12425 12425 14715 Dec 20 06:38 readme.md drwxr-xr-x 7 12425 12425 4096 Nov 7 07:04 resources drwxr-xr-x 2 12425 12425 4096 Dec 20 06:38 routes -rw-r--r-- 1 12425 12425 552 Nov 7 07:04 server.php drwxr-xr-x 8 12425 12425 4096 Dec 20 06:38 storage drwxr-xr-x 13 12425 12425 4096 Dec 20 06:38 tests drwxr-xr-x 2 12425 12425 4096 Nov 7 07:04 themes drwxr-xr-x 43 12425 12425 4096 Nov 7 07:11 vendor -rw-r--r-- 1 12425 12425 9 Dec 20 06:38 version ``` --- 4\. `git pull origin release && php composer.phar install --no-dev && php artisan migrate` this is different to the web instructions, we add the php runtime and .phar due to the environment, otherwise command wont work --- 5\. should see GIT run and do its changes, and then composer run and do its package installs. Any errors mean the command line is wrong for the environment, or the web documentation command line was used. ``` remote: Total 1799 (delta 1140), reused 1153 (delta 1137), pack-reused 635 Receiving objects: 100% (1799/1799), 634.53 KiB | 0 bytes/s, done. Resolving deltas: 100% (1523/1523), completed with 453 local objects. From https://github.com/BookStackApp/BookStack * branch release -> FETCH_HEAD 01cdbdb..009212a release -> origin/release Updating 01cdbdb..009212a Fast-forward .env.example.complete | 7 +- .github/translators.txt | 10 + .github/workflows/phpstan.yml | 41 + .github/workflows/phpunit.yml | 8 +- .github/workflows/test-migrations.yml | 6 +- .gitignore | 3 +- app/Actions/Activity.php | 2 +- app/Actions/ActivityService.php | 13 +- app/Actions/Comment.php | 2 + app/Actions/CommentRepo.php | 5 +- app/Actions/Tag.php | 9 + app/Actions/TagRepo.php | 53 +- app/Api/ApiDocsGenerator.php | 21 +- app/Api/ApiToken.php | 2 +- app/Api/ApiTokenGuard.php | 4 +- app/Auth/Access/ExternalBaseUserProvider.php | 19 +- app/Auth/Access/Guards/LdapSessionGuard.php | 2 +- app/Auth/Access/Ldap.php | 19 +- app/Auth/Access/LdapService.php | 2 +- ``` ``` Installing dependencies from lock file Verifying lock file contents can be installed on current platform. Package operations: 16 installs, 33 updates, 6 removals Cannot create cache directory /home/httpd/vhostmounts/local/2425/.composer/cache/files/, or directory is not writable. Proceeding without cache - Downloading composer/package-versions-deprecated (1.11.99.4) - Downloading voku/portable-ascii (1.5.6) - Downloading phpoption/phpoption (1.8.1) - Downloading graham-campbell/result-type (v1.0.4) ``` ``` Package manifest generated successfully. 58 packages you are using are looking for funding. Use the `composer fund` command to find out more! > @php artisan cache:clear Application cache cleared! > @php artisan view:clear Compiled views cleared! ************************************** * Application In Production! * ************************************** Do you really wish to run this command? (yes/no) [no]: > yes Nothing to migrate. ``` --- 6\. The install ends with caches being cleared, lets run them again according to the instructions ``` -bash-4.4$ php artisan cache:clear Application cache cleared! -bash-4.4$ php artisan config:clear Configuration cache cleared! -bash-4.4$ php artisan view:clear Compiled views cleared! -bash-4.4$ ``` --- 7\. Verify version in application # Virtual Networking RackCorp’s Cloud platform supports fully customisable interworking for your virtual machines; with regards to customisable VLANs both tagged and untagged, and definable IPv4 and IPv6 subnets. Since the RackCorp cloud platform supports a ‘many customers can have many sub customers hierarchy, as a reseller or system manager can define custom networks for each customers private clouds very easily. Once your VLANs and IP subnets are setup, these can be tied into your VMs via up to 3 virtual NICs. No end user software environment configuration is necessary. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/OBX3Ay1G4irXOqW2-embedded-image-w8dkd21j.png)

VLAN and IP subnets are accessed via the SERVICES -> NETWORK menu

--- ### Add a new VLAN Click Add New on the VLANs tab an fill in the form appropriately.

Leave LAN ID field blank unless you have been given a specific LAN ID to use by RackCorp support

[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/scaled-1680-/SVKJmZznJ4PqdkQl-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/SVKJmZznJ4PqdkQl-image.png) ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/qZp5uOnFjwtbnpU1-embedded-image-3mb4lquq.png) --- ### Add a new IP Network Next, use the Add new IP network to add a new subnet to your account. Take care to assign it to your newly created desired VLAN. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/QyDx2AvbyEEnKwSg-embedded-image-csvst9ks.png)

You now have a newly defined Private VLAN and IP subnet.

![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/JeahYKhFi54ePprT-embedded-image-uarqyfeb.png) Next, we assign these newly created resources to a virtual machine. --- ### Adding Virtual NICs to Virtual Machines Select your VM from the SERVICES-> SERVERS list in your RackCorp Portal Account. Click on the NETWORK tab. [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/scaled-1680-/EQPW6We0qprZkC4g-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/EQPW6We0qprZkC4g-image.png) For this example demonstration we will add a 2nd private vNIC to the default configuration, preserving NIC1 which is the default PUBLIC vNIC that was configured when ordering the virtual machine. 1\. Add a new PRIVATE NIC and select the desired VLAN and tagged/untagged. 2\. Review any advanced settings, leave as default if unsure: · DRIVER - Our vNIC are configured to use the RedHat virtio paravirtual driver by default. If you are using an older operating system you may select Intel E1000 · ALLOW DHCP SERVER – select if this NIC will be running a DHCP server · ONLY ALLOW REGISTERED IPs - If selected, traffic leaving this server from IPs other than that registered in the portal will be blocked. NOTE: firewalls and routers will regularly pass such traffic so you should leave this unticked for such devices. · NIC PASSTHROUGH - allows all traffic to pass through the NIC and disables stateful tracking of traffic ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/qZKCOMZvMNw6qGPe-embedded-image-loc93wqu.png)![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/ADIsW0iXXH44B8Kg-embedded-image-t3uhnhxs.png) 3. The new vNIC has been created successfully. Next, add the particular subnet to the vNIC ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/dFBhEkGPCAOECc80-embedded-image-gtwpmlu8.png) Upon selection of your new VLAN, the associated subnet is pre-populated. Enter your desired host IP address for the 2nd vNIC under IP or use auto select, then press VALAIDATE IP to check your configuration. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/FNTYD8qfPYJHl7HO-embedded-image-kpwgcf6d.png) ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/wrxzEYjsIl3Qy6aY-embedded-image-m8zlgmyd.png) ### Further Reading See our OPNSENSE firewall setup guide for further examples on how to use virtual NICs and VLANs with RackCorp Hybrid Cloud [https://wiki.rackcorp.com/books/help-and-support-en/page/install-opnsense-firewall](https://wiki.rackcorp.com/books/help-and-support-en/page/install-opnsense-firewall) # Virtual Server BGP Settings ### BGP Configuration for RackCorp AS56038 All RackCorp VMs globally are capable of advertising prefixes via BGP at no extra cost. The following instructions relate to customers with virtual servers who wish to advertise their public IP addresses. 1\) Preparation: Submit a support ticket via the support portal with the following information: \- Your AS (if you have one, otherwise we will advertise your IPs under AS56038). We can also accept an AS-SET. \- Any prefixes you wish to advertise. If we should render this via IRR, we can also do this. Please ensure you add the following to your whois data for your AS (RPSL): import: from AS56038 accept ANY export: to AS56038 announce ASXXXXXXXX where ASXXXXXXXX is your ASN 2\) Set up a bgp service on your VM. We recommend using bird, however you can use any daemon you wish. 3\) Note that it may initially take up to 24 hours for some of our upstreams to pick up and start carrying your prefixes. Also consider: [RackCorp BGP Communities - LINK](https://wiki.rackcorp.com/books/help-and-support-en/page/rackcorp-bgp-communities "BGP Communities") Particularly if you're using Anycast as RackCorp takes great care to try to give a globally balanced anycast network, so consider using 56038:888 community if you're using RackCorp for Anycast BGP services. #### Example BGP Configurations Bird BGP v2 example configuration Under Centos 8 / Rocky 8 Linux: ``` yum install epel-release

yum install bird





cat /etc/bird.conf 



log syslog all;



router id YOURSERVERIPADDRESS;



protocol device {

        scan time 5;

}



protocol direct {

        interface "dummy*";

        ipv4;

        ipv6;

}



protocol bgp rackcorpannounce1

{

    local as 56038;

    source address YOURSERVERIPADDRESS;

    neighbor 110.232.119.251 as 56038;

    ipv4 {

    import none;

    export all;

    };

}

protocol bgp rackcorpannounce2

{

    local as 56038;

    source address YOURSERVERIPADDRESS;

    neighbor 110.232.119.252 as 56038;

    ipv4 {

    import none;

    export all;

    };

}

protocol static {

        ipv4;

        # ignore the fact that it says reject, this is where your IP prefixes go

        route X.X.X.X/32 reject;

} ``` # Windows L2TP/IPsec VPN Client Configuration

For Windows 8, 10, 11

##### **1**. Open **Control panel** and select **Network and Sharing center**. [![L2TP_1.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/kiHB52xfTg0uQaIV-l2tp-1.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/kiHB52xfTg0uQaIV-l2tp-1.png) --- ##### **2**. Choose Set up a new connection or network option. [![image11.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/M8JrZRrpegssGNXR-image11.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/M8JrZRrpegssGNXR-image11.png) --- ##### **3**. Choose Connect to a workplace option and click Next. [![image8.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/X1aE0pZzkZjGafav-image8.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/X1aE0pZzkZjGafav-image8.png) --- ##### **4**. Click Use my Internet connection (VPN) option. [![image9.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/7zGbTtEqjbB26aQ3-image9.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/7zGbTtEqjbB26aQ3-image9.png) --- ##### **5**. Enter IP address of ASA's WAN interface or FQDN and any name for VPN adapter which is locally significant and click Create. [![image6.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/NWIKaf1vqbRguom4-image6.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/NWIKaf1vqbRguom4-image6.png) --- ##### **6**. On Network and Sharing Center, choose Change adapter settings option on the left pane of the window. [![image5.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/msJaMkM3WtjPnHC9-image5.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/msJaMkM3WtjPnHC9-image5.png) --- ##### **7**. Right click the recently created adapterfor L2TP VPN and choose Properties. [![image13.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/QxogeyEtgqinZEzU-image13.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/QxogeyEtgqinZEzU-image13.png) --- ##### **8**. Navigate to Security tab, choose the Type of VPN as Layer 2 Tunneling Protocol with IPsec (L2TP/IPsec) and then click on Advanced settings. [![image2.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/w1LkvOzJttDWQiZl-image2.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/w1LkvOzJttDWQiZl-image2.png) --- ##### **9**. Enter the preshared key as the same mentioned in tunnel-group DefaultRAGroup and click OK. In this example, C!sc0@123 is used as the pre-shared key. [![image1.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/UfVFQbKGIGY5bSn5-image1.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/UfVFQbKGIGY5bSn5-image1.png) --- ##### **10.** Choose the authentication method as Allow these protocols and ensure that only "Microsoft CHAP Version 2 (MS-CHAP v2) checkbox is checked and click OK. [![image3.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/nZQCcA99kXSb5U3e-image3.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/nZQCcA99kXSb5U3e-image3.png) --- ##### **11**. Under network connections, right click on L2TP VPN adapter and choose Connect/Disconnect. [![image10.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/a2i5Za3Y52hZdj2J-image10.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/a2i5Za3Y52hZdj2J-image10.png) --- ##### **12**. Networks icon will pop up and click Connect on L2TP VPN connection. [![image7.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/zXE7yR9grUt5NGoJ-image7.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/zXE7yR9grUt5NGoJ-image7.png) --- ##### **13**. Enter the user credentials and click OK. [![image4.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/WU4KwGkAI4E4XJKJ-image4.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/WU4KwGkAI4E4XJKJ-image4.png) # Virtual Machine Monitoring via SNMP To monitor parameters from within your windows virtual machines you will require two items to be installed: **a. Monitoring server** A virtual machine deployed on the VMhosts dedicated for internal monitoring for each of the clients. This will be connected to the same VLAN as the client. Example specifications: VM specifications: 1 core, 2GB RAM, 10 GB storage **b. SNMP Service (Agent) installed in the WIndows Virtual Machines you wish to monitor.** Ensure Windows firewall allows SNMP traffic. --- **Step 1:** Installing the SNMP Service, sub features and management tools: This can be done via the add remove features or via PowerShell using the following command on the nominated Server: For Wndows Powershell 2014 edition, use : ‘Add-WindowsFeature snmp-service –IncludeAllSubfeatures -IncludeManagementTools’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/ZJNVcLzQbRfRoTbu-embedded-image-glsype2s.png) For Windows Powershell 2016 edition, use To check if SNMP is installed, ‘Get-WindowsFeature \*SNMP\*’ To install SNMP, ‘Install-WindowsFeature SNMP-Service -IncludeAllSubFeature -IncludeManagementTools’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/txTyzKXjK2cQ9LBK-embedded-image-jtufg18e.png) --- **Step 2:** Open the ‘Services’ panel via Control Panel / Administrative Tools or by right clicking the start button, selecting ‘Run’ and entering services.msc followed by ‘OK’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/4YnlNjL1II27dVtd-embedded-image-yf8lgsm5.png) Navigate down to ‘SNMP Service’ and double click on the service, this will open a dialog box with the properties for the SNMP Service. Next we will need to click the Security tab followed by the ‘Add’ button under the ‘Accepted Community Names” title. You can now enter in a community name that’s relevant to you, for this example we have used ‘SnmpM0nitor’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/8mTNtUdOEJ8Iw0jy-embedded-image-ltljjr5v.png) Now we will need to configure where the server will accept SNMP Packets from, this is configured under the “Accept SNMP packets from these hosts” title, click on ‘ADD’ button and enter in the IP address/es of the SNMP Monitoring Servers you just set up. Once completed select Apply and OK to exit. Restart the service by right clicking on the ‘SNMP Service” and selecting Restart --- **Step 3:** After SNMP has been installed and configured you will need to download and install the following application “SNMP-Informant” - [http://www.wtcs.org/informant/files/informant-std-17.zip](http://www.wtcs.org/informant/files/informant-std-17.zip) This will provide SNMP the correct MIBs for the Cloud Monitoring Service – the additional MIB’s structure the collected information in a compatible format . --- **Step 4:** Firewall rules will need to be updated to allow the incoming SNMP requests, open ‘Windows Firewall with Advanced Settings” which is located in ‘Control Panel’ then ‘Administrative Tools’![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/9BIRJpfWDCFmBI4d-embedded-image-9xzlpz3t.png) Locate the existing ‘SNMP Sevice (UDP In) rules and double click the first one (which one is not important), select the ‘Advanced Tab’ and make sure ‘Domain, Private & Public’ are ticked then change the ‘Edge Traversal’ to ‘Allow Edge Traversal’. Select OK and close the remaining windows. --- **Step 5:** Within the Cloud portal, navigate to the server which has the SNMP Agent installed (Services / Servers Tab). Once on the Server Summary page select the Monitoring Tab. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/WZK0Uswh9M9jGvqE-embedded-image-0xxwbicr.png)Select ‘ADD NEW MONITOR’ followed by the ‘Monitor Type’ you are after. The following page will contain the fields required for your Cloud Monitoring System to successfully monitor the desired server. We recommend populating the following fields: **SNMP Community Name:** will be the SNMP community string previously defined in Step 2 **Alert Threshold:** If your monitoring CPU specify the CPU load that will trigger an alert. **Alert Only if Exceed for:** How long the alert threshold is exceed for in duration to trigger an alert (Important as brief CPU spikes do occur) **Alert:** This will enable alerts to be created if the alert parameters are met. **Alert Email:** Nominate a email address to receive the alert. Providing these fields are populated, then select Submit. You will be brought back to the previous page “Monitoring Tab” where you will see the new monitor appear. The metrics will start to flow in and you should see some information after 10 minutes. You can then add more monitors depending on your requirements. --- **Step 6:** This step is only required if your server has a Private IP Address and is behind a NAT Firewall. Prior to this step, it is expected that a Public IP NAT or PAT would have been made on your perimeter firewall to the nominated Server(s). NAT & PAT instructions are not included in this document due to the variety of firewalls available – we recommend you speak to you firewall management vendor to configure this for you. Once you are aware of your Servers Public IP Nat and the associated firewall rule is enabled to allow SNMP (port 161 UDP), then you will need to edit the ‘Additional Information’ field on the Server Summary Page. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/h5TqGj1qLSI9VgtP-embedded-image-ve7mq23q.png)The information to be inserted is: “SNMP NAT <ip address>” where the <ip address> will contain the Public IP provided by your Firewall Management vendor. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/Z94CPAtnSjXxGZ0R-embedded-image-idckh8lg.png) Navigate back to the monitor we previously set up on the ‘Monitor Tab’. Here we will need to populate the Override Polling Host/Port field with the Public IP Address previously used in the Additional Information field. If you have used AT, you will need to specify the port after the IP Address with a semi colon used as a separator. e.g. 110.232.116.11:14000 Click Submit and your monitor should being to show metrics within 10 minute. # How to change Remote Desktop Protocol (RDP) port setting in Windows Server This procedure comprises of several steps 1\. Change the port number 2\. Add the port to Windows Firewall 3\. Toggle RDP services on/off 4\. Reconfigure RackCorp VM Firewall to new port, if applicable 5\. Port Scan to verify results. --- In this example, we shall use a simple PowerShell script to enact the changes. changing RDP from 3389 to 13990 on windows server. ```powershell $portvalue = 13390 Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue  New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Any' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue  New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Any' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue  ``` Once you have run this script, Toggle RDP in the windows remote desktop settings on and off Use https://port.tools/nmap-online-port-scan/ to verify that the applicable ports you are opening and closing come up as open or filtered # Getting Started with Hybrid Cloud Each RackCorp VM by default comes with a Public NIC and Public IPV4 IP . This can be changed at order time or after ordering when the VM is provisioned. Users can delete the public NIC for a VM after ordering and add private NICs. When adding the private NICs they can select which (or many) of their private VLANs the private NIC has access to. They can add up to three NICs per VM. They can have one public and one private if they wish. The nature of the hosted private cloud means it is isolated from the internet. We offer a number of different firewall solutions to allow connectivity to these private or Hybrid Clouds For a basic solution we can deploy a VYOS firewall VM for the customer if they want inter-VLAN firewalling and NAT. It gets deployed with basic outbound NAT and remote SSH based management by default. VYOS is strictly a command line only application A more advanced solution is a managed firewall as a service. We provide ISO27001 managed firewall for them with all changes tracked logged. We also do updates and setup high availability/monitoring.