Category Archives: Administration

SFTP upload on one line

This can be used in a script to schedule uploads, however it is not recommended to use it and store passwords in plain text, but sometimes you might not have choice if you don’t control the remote server.

You will also need the sshpass package installed.

sshpass -p "password" sftp user@remote.com:/directory <<< $'put /var/www/www.local.com/httpdocs/var/export/*.Products.csv'

Ubuntu 16.04 – Install Apache2 and php7

I have experimented some time ago, with php7, as described in this post. At that time that wasn’t official realease, however the link seems to pick up on some searches in google, and there was some confusion for people expecting this to be copy/paste guide.

So I would try to fix these and outline the steps to install Apache2 with php7 on the latest server LTS Ubuntu – 16.04.01 – freshly downloaded from the official site, at the time of the writing.

First, the two most repeated commands:


sudo apt-get update

sudo apt-get upgrade

That will update any software installed on the server distro.

Then install apache2 –

sudo apt-get install apache2

Open the IP of the server you have installed it on and you should be presented with the default apache web page, if nothing is showing, you need to check if apache2 is running and if the firewall/ufw is blocking requests.

It comes the turn to install mysql –

sudo apt-get install mysql-server

You will be asked to provide password for the MySQL root user, you should be aware this is not the same user as the Linux root user, it is different one having rights to do everything with every database in MySQL, so it is a good idea to pick a different password then the ones you are using currently in the system.

After installation is finished, we will have to run buil-in script to tighten some of the security for MySQL and clean up some things –

sudo mysql_secure_installation

You will be asked for you the root password (MySQL root user), and then to choose a level for password validation:


There are three levels of password validation policy:

LOW Length >= 8

MEDIUM Length >= 8, numeric, mixed case, and special characters

STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1

They are self explainatory, but I don’t really like password validators – I find them stupid security measure, especially on the level of MySQL server/users. So I would set that to 0/low for machines I am using.

You should read the questions and answer then with ‘y’ or ‘no’, in the past it was fine to answer all with ‘y/yes’ however, now I am noticing that the first question is “Change the password for root” – you might not really want to do that, so the best thing is to read what are you actually asked.

 

Ok, so we are getting there, let’s install php7 with the apache mod –

sudo apt-get install php7.0 libapache2-mod-php7.0 php7.0-mcrypt php7.0-mysql

Then you could check the php version in the terminal with –

php -v

And the final step is to be sure apache is interpreting php in the browser.

First, become root with –

sudo -i

Then will add php info page to the server web root directory, so we could open it in our browser after that to verify it is running properly on check all the configuration details for php –

echo '<?php phpinfo(); ?> > /var/www/html/info.php'

After that you should navigate in your browser to the IP your server is listening to, and add /info.php after it, so it would look something like this –

http://192.168.122.113/info.php

That’s pretty much for it, but this where the complicated things starts from.

Dump and compress all MySQL databases

This is a little variation of a script I used in the past, what will do is find all databases, and export them compressed, with piping to gzip.

#!/bin/bash
MYSQLDUMP="$(which mysqldump)"
DIR="/root/db_dumps"
DBS=`mysql --defaults-extra-file=.my.cnf -e"show databases"`

#Remove	old dumps
rm -f $DIR/*.sql*

for DATABASE in $DBS
do
if [ $DATABASE != "Database" ]; then
FILENAME=$DATABASE
$MYSQLDUMP --defaults-extra-file=.my.cnf $DATABASE --single-transaction | gzip > $DIR/$FILENAME.sql.gz
fi
done

rm -f $DIR/information_schema.sql*
rm -f $DIR/performance_schema.sql*

.my.cnf file contents:

[client]
user=root
password=your_password

.my.cnf file should be in the user directory owned by him with permissions 600 or even 400

Postfix allow only localhost outgoing emails.

A lot of servers don’t need to receive mail, as people nowadays use services like Gmail.

It is simple as changing the inet_interfaces directive in main.cnf from all to 127.0.0.1

vim /etc/postfix/main.cf
inet_interfaces = 127.0.0.1

You can verify it by testing with nmap, it should say it is a closed port

nmap -p 25 domain.com

Starting Nmap 6.40 ( http://nmap.org ) at 2016-01-28 22:55 EET
Nmap scan report for embodyactive.net.au (128.199.108.77)
Host is up (0.37s latency).
PORT   STATE  SERVICE
25/tcp closed smtp

Nmap done: 1 IP address (1 host up) scanned in 0.79 seconds

Convert AWS .ppk key to .pem openSSH

I had to deal recently with AWS instance, and I was provided only with .ppk key, which is not not exaclty compatible with openSSH.
You can use PuTTY under Linux, but this thing looks really awful, if you think I am being pretentious just take a look at this garbage:

So what you need to do is to use

puttygen

which comes with PuTTY.

You will have to install with your package manager PuTTY, it should be available in yout repos, as it is fairly popular package.

I am using Ubuntu so for me that would be:

sudo apt-get install putty

Navigate to the folder where your .ppk key is and generate .pem key:

puttygen aws.ppk -O private-openssh -o aws.pem

Move it to your .ssh filder where all the other keys are and change key permissions:

sudo chown 400 .ssh/aws.pem 

And then connect specifying that you want to use your with the -i option:

ssh -i .ssh/aws.pem ubuntu@ec2-21-000-12-37.compute-1.amazonaws.com

Just be careful about the key path, and typos and it should be fine.

Install PHP 7 on Ubuntu

Note: This “guide” was meant for Ubuntu 14.04, I haven’t tested it on 16.04 and it most probably will not work, so please do not attempt to use it at all. I doubt that it would even work on 14.04 fallowing this guide.

You can refer to this guide for php7 with apache2 – Ubuntu 16.04 – Install Apache2 and php7

If you want to try the new php7 which GA release (General availability) is about to be finished in mid October, you can fallow these instructions.

I have done this little experiment on a virtual machine, and I strongly advice for you to do the same. But if you have balls go and do it on a production server.

Usually you will need to download and compile the packages on your system, but since I am lazy I searched for a ppa, and seems Ondřej Surý was kind enough to compile them, put them on ppa, and update them regularly.
This is the ppa – https://launchpad.net/~ondrej/+archive/ubuntu/php

I actually had php5 and apache running on this virtual instance, so even before adding the ppa, you need to remove everything php5 related, otherwise you might have conflicts and problems like me:

sudo apt-get remove php5*

Then add the php7 ppa:

sudo add-apt-repository ppa:ondrej/php

run update:

sudo apt-get update

and install php7:

sudo apt-get install php7.0

For apache you will need to enable php7 mod with:

sudo a2enmod php7.0

disable php5 mod (if you had php5 in the first place):

sudo a2dismod php5

Restart apache:

sudo service apache2 restart

and you are good to go.

You can put a file with

<!--?php phpinfo(); ?-->

and take a look at your brand new php7 install.

After that I decided to run a simple test to see if php7 is really that much faster than php5, and run on two identical VM’s the script from http://www.php-benchmark-script.com/.

PHP 5

--------------------------------------
| PHP BENCHMARK SCRIPT |
--------------------------------------
Start : 2015-09-20 01:24:52
Server : localhost@192.168.1.139
PHP version : 5.5.9-1ubuntu4.11
Platform : Linux
--------------------------------------
test_math : 0.856 sec.
test_stringmanipulation : 0.923 sec.
test_loops : 0.540 sec.
test_ifelse : 0.427 sec.
--------------------------------------
Total time: : 2.746 sec.

PHP 7

--------------------------------------
| PHP BENCHMARK SCRIPT |
--------------------------------------
Start : 2015-09-20 01:24:55
Server : ubuntu-server@192.168.1.109
PHP version : 7.0.0RC3
Platform : Linux
--------------------------------------
test_math : 0.225 sec.
test_stringmanipulation : 0.338 sec.
test_loops : 0.224 sec.
test_ifelse : 0.267 sec.
--------------------------------------
Total time: : 1.054 sec.

Change loopback interface IP address

First of all – I know that is not a good idea, and the world will end if for some reason I want to change our beloved home address.
But for a second there, just think that there is situations when you need this.

In my case I wanted to test some different IP’s against database – and that is the easiest way to give myself any IP address I want, from any country I want, while running the script on the same machine.

Actually it is pretty straight forward solution – but everywhere on the internet when someone ask this a bunch of people are starting to suggest some other solutions – adding another interface, telling them they don’t need to do that etc.
Here is how to assign any IP address to the loopback interface in linux.

You will need root permissions, or just run the commands with sudo. Also this is tested on Ubuntu

For example we gonna use the IP address 46.10.11.185
First we need to change hosts file with:

sudo nano /etc/hosts

Just change your home(127.0.0.1) with 46.10.11.185 in the beginning of the file, so it is going to look something like this:

46.10.11.185 localhost
127.0.0.1 ivan-T430

Then just use ifconfig to change the lo interface IP address with:

sudo ifconfig lo 46.10.11.185

That’s all. Now your local web server will see you as the IP you want.

This is potentially dangerous, and might even make your system unstable.
Make sure you revert all changes and you put back the correct lo IP!

Count the visitors from the access log

Sometimes is handy to see what number of visitors you had on you site/server based on the access log – in this case Nginx access log. This will count every different IP, so a chunk of these visitors will be bots.


grep "\[13/Jul/2015" /var/log/nginx/access.log | cut -d" " -f1 | sort | uniq | wc -l

Another slightly different variation

cat access_log | awk '{print $1}' | sort | uniq -c | sort -n | tail