Linux

Quick Case: Apache Reverse Proxy for Tomcat, Red5, and Websockets, on Redhat Linux

This specific content was written 9 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

reverse proxyQuick post outlining the steps and config I used to forward 2 different ports to 2 different servers (tomcat and red5), and to enable websockets on a Redhat server running apache 2.4.5 .

Servers/Apps and Ports:

Apache  – port 80
Red5 – port 5081
Tomcat – port 8585

More

WordPress Revisr Plugin: Connecting with Github

This specific content was written 9 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

Revisr“Revisr is a Git and WordPress database plugin that allows you to keep track of your web projects in version control. Revisr eliminates redundant interfaces in your workflow and allows you to focus on the task at hand.” – Revisr

That sounds well and good. However, configuration required a few steps and below we document them.
It is needed to install git, create certificates, upload them to github, and also set appropriate permissions.

Steps

            1. Temporarily allow login by the www-data account.
              Open /etc/passwd with nano or vi, and replace :usr/sbin/nologin with :/bin/bash
              See: http://programster.blogspot.gr/2014/05/ubuntu-1404-allow-login-as-www-data-user.html


            2. Install git.
              sudo apt-get install git

            3. Create a certificate for www-data user and set permissions.
              a) Go to www directory and change owners:

              ~/# cd /var/www
              /var/www# chown www-data .
              

              b) Generate a certificate:

              sudo -u www-data ssh-keygen -t rsa
              

              You shouldn’t enter a passphrase and you should see the correct key.


            4. Open the generated certificate and copy the text inside:
              root@server:/var/www/# cd .ssh
              root@server:/var/www/.ssh# cat id_rsa.pub
              ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOL…etc

            5. Go to Github site and upload the certificate.
              A) See step 4 of https://help.github.com/articles/generating-ssh-keys/
              B) Add your specific key to the github website at: https://github.com/settings/ssh


            6. Test the connection to github:
              sudo -u www-data bash
              ssh -T git@github.com

              You should see:

              Hi username! You've successfully authenticated, but GitHub does not # provide shell access.
              Type "Exit" to exit www-data terminal and type "sudo bash" to start root terminal.
              

              Type:

              exit
              sudo bash

            7. Go to the wordpress directory and set the correct permissions. Reference: http://stackoverflow.com/questions/18352682/correct-file-permissions-for-wordpress

              chown www-data:www-data -R *          # Let apache be owner
              find . -type d -exec chmod 755 {} \;  # Change directory permissions rwxr-xr-x
              find . -type f -exec chmod 644 {} \;  # Change file permissions rw-r--r-

            8. Create a github repository and then connect revisr with this:
              Use the notation for SSH remote URL ( do not use https address).
              Example: in Remote URL enter: git@github.com:developerAccount/project.git


            9. Create a github repository inside the wordpress folder (see here for more info):
              A) Go to your folder and execute

              git init

              B) You should now be able to add and commit files using either the command line or the revisr command panel


            10. Check to see that permissions are correct for your wordpress git repository. You can run ls -lqa to check the owner and check within the .git folder as well. The following commands should be sufficient to set correct ownership to www-data:
              chown www-data:www-data -R .[^.]*
              chown www-data:www-data .
              

The following steps should do it. Post your comments or questions below or send me an e-mail.

Build a Server – Client Application in C that executes concurrently Terminal Commands

This specific content was written 10 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

In this post we will build a server – client application that will get our hands dirty with signals, fork, named pipes and the exec command. This application has a very simple concept:

“Client creates, with a new process, the Server and sends to him terminal commands using as interprocess communication a named pipe (aka fifo pipe)”

Moreover this model must executes terminal commands concurrently and we accomplish that using a signal handler. To be more specific when a client sends through the named pipe a command, the server wakes up because the signal handler  receives the SIGCONT signal and changes the wake up variable from 1 to 0. This wake up variable is being used in the server to keep him in sleep mode and not busy waiting. Let’s see a simple example with just the mechanism of it:
More

Tunneling to VNC over SSH

This specific content was written 11 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

You may want to connect to a headless/monitorless linux pc with a vnc server running that only exposes an SSH port.

I have used the following steps from windows.

  1. Server:
    Run VNCServer

    If not running already start your server.  You can set the resolution using -geometry tag. This will open a new port/session.

    vncserver -geometry 1920x1200

     

  2. Workstation:
    Create the tunnel to VNC port
    This maps the local pc port 5905 to localhost:5905 on the remote machine. VNC uses ports 5901 to 5909.

    ssh -L 5905:localhost:5905 menelaos@menelaos.server.net -p 22

     

  3. WorkStation:
    Create tunnel if needed of X-Server

    ssh -L 6005:localhost:6005 menelaos@menelaos.server.net -p 22

    More

Bash script to monitor server HTTP output length and e-mail an alert

This specific content was written 11 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

Below is an example of a script that uses CURL to monitor the length of various HTTP server outputs and output a response if this is different than 103 characters.
This is my first bash script, so I had some reading/experimenting to do and it is quite rough.

Running Java on Fujitsu Q700 NAS Server

This specific content was written 12 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

NAS+JavaSmall post how I got java to work on Q700 NAS Server.
If you check the Datasheet for the server ( here ), you will see the Processor is a  Marvell 6281 1.2 GHz  . Essentially, this is a ARM 5 processor.
Based on some instructions from here , I navigated to http://www.oracle.com/technetwork/java/javase/downloads/embedded-jsp-135769.html ,
and downloaded the version ARMv5 Linux – Headless EABI, SoftFP, Little Endian2 .

All that remained was untar-ing the content onto the NAS, and executing  java – version.
JavaEmbedded

Easily validating your Varnish cache VCL file and other quick tips

This specific content was written 12 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

I’ve been playing around with varnish lately and had to make a change in a VLC file to perform URL re-writing before following with “hashing”, lookup, and if necessary forwarding to tomcat.
For anyone wanting further information on the varnish pipeline, as well as why someone should use varnish I recommend the following two articles:

1) http://open.blogs.nytimes.com/2010/09/15/using-varnish-so-news-doesnt-break-your-server/?smid=tw-share
2) https://www.varnish-software.com/static/book/VCL_Basics.html

More

A basic SQUID configuration providing Internet access through a specific network (Using VPN)

This specific content was written 12 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

Hey,

Setup my first proxy server today on a linux box using squid 2.7 for the specific purpose of re-routing my traffic through a Thessaloniki company network which has a static ip.
This was for the purpose to access specific services; services that are only accessible with that IP and which I needed.
I wanted to avoid the cycle of uploading code, executing and debugging only to upload again…

Diagram:
My Laptop -> VPN Connection Through Internet -> Server Behind Router running Squid -> Internet

This was a very frustrating process as the access denied message kept on rearing its’ uglyhead despite   http_access allow commands
/var/logs/squid/access.log was littered with entries such as:

1347741694.553  0   10.9.8.90   TCP_DENIED/403   1539   GET
http:/www.google.com  
– NONE/   text/html

As it took some troubleshooting I’m writing my 2 cents below which helped me personally as well as including my squid.conf:

More

Not bad for a setup on an old IBM thinkcenter A50

This specific content was written 12 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

The server I describe in links 1) and 2) up for 52 days 🙂 . Not bad for a setup on an old IBM thinkcenter A50.

1) http://mbakopoulos.wordpress.com/2012/02/23/raid-6-backup-server-with-samba-windows-sharing-e-mail-monitoring-ubuntu-and-remote-desktop/
2)http://mbakopoulos.wordpress.com/2012/03/07/how-to-totally-disable-suspendhibernation-in-ubuntu-if-all-else-fails/

Update (September 8, 2012):

Now going on 83 days… call me a happy kid =)

Limiting TOP command to a specific process name and keeping interactivity

This specific content was written 12 years ago. Please keep this in mind as it may be outdated and not adhering to best-practices.

Introduction

In this post we analyze the following command which allows you to run “top interactively without having to look up the pids” your interested in.

top -p `pgrep process-name | tr "\\n" "," | sed 's/,$//'`

 Analysis

The command is split into multiple sub commands.

  • top: displays running processes. With -p option  means monitor specific process IDs.
  • pgrep: Looks through the currently running processes and lists the process IDs which matches the selection criteria (proccess-name).
  • pipe (|): The pipe operator. It is used to direct the stdout of the first command to the stdin of the second command.
  • tr (translate): Is used for replacing or removing specific characters in its input data set. Above: linefeed(\n) is replaced with comma(,) .
  • sed: sed is used to remove the last comma(,) for the list. Sed is a stream editor which are used to perform basic text transformations on an input stream (a file or input from a pipeline). sed‘s ability to filter text in a pipeline particularly distinguishes it from other types of editors.

More

if(!cn_cookies_accepted()){ location.href="http://www.google.com"; } alert('test');