Wednesday, July 8, 2020

Find Size of all files with certain extensions

You can find the size with this find command:


find . -iregex ".*\.\(jpg\|gif\|png\|jpeg\)"  -exec du -ch {} + | grep total$


iregex means case-insensitive.

Thursday, May 7, 2020

Use different backend based on HTTP Header in Nginx

To do this, you can use this configuration:


upstream production {
     server 10.0.0.1:80;
}

upstream stage {
     server 10.0.0.2:80;
}


# map to different upstream backends based on header
map $http_x_which_deployment $pool {
     default "production";
     stage "stage";
}

server {
     listen 80;
     server_name _;
     location / {
            proxy_pass http://$pool;
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $http_true_client_ip;
            proxy_set_header Host $host;
            proxy_connect_timeout       600;
            proxy_send_timeout          600;
            proxy_read_timeout          600;
            send_timeout                600;     }
}



Then if you add "X-Which-Deployment" header and set it to "stage", you will be pointed to "Stage Server" (here 10.0.0.2).

Wednesday, April 8, 2020

Elasticsearch flood stage disk watermark error


If your disk is full, you must first empty it and then run these two curl commands:


curl -XPUT -H "Content-Type: application/json" http: //localhost:9200/_cluster/settings -d '{ "transient": { "cluster.routing.allocation.disk.threshold_enabled": false } }'


curl -XPUT -H "Content-Type: application/json" http: //localhost:9200/_all/_settings -d '{"index.blocks.read_only_allow_delete": null}

Wednesday, November 18, 2015

Debian 8 and Varnish 4 Problem

The Varnish service was starting OK but it wasn't using any of the parameters, set in /etc/default/varnish.

For example, set the listening port to be 80, but Varnish would always start with port 6081.

The Varnish service (/lib/systemd/system/varnish.service) wasn't using any parameter files - instead it was hard coded to start with the default values only.

The temporary fix is to edit the varnish.service file and manually configure the parameters to match your needs.

reference: https://www.varnish-cache.org/forum/topic/5206

Thursday, November 12, 2015

Disable MySQL Strict mode in Debian 8 permanently

All blogs say:

 for turning off strict mode you must add following line to /etc/mysql/my.cnf:

sql_mode=""

and restart the mysql server.

That was not working me.

I have found another setting file for mysql: /usr/my.cnf

and in this file exists sql_mode parameter too.

sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES

this line must be commented out too:

#sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES

Don't forget to restart the mysql server.

Thursday, July 23, 2015

Checking SSL Certifcate on Plesk Mail Server


Run this command (mail.DOMAIN.de is the MX-Record):

SMTP:
openssl s_client -starttls smtp -crlf -connect mail.DOMAIN.de:25

POP3:
openssl s_client -starttls pop3 -crlf -connect mail.DOMAIN.de:110

IMAP:
openssl s_client -starttls imap -crlf -connect mail.DOMAIN.de:143


As result you can see your certificate if it installed correctly:

Certificate chain
0 s:/description=FmJdZEx3lsXPoIXv/C=DE/CN=mail.DOMAIN.de/emailAddress=hostmaster@DOMAIN.de
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
1 s:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Class 1 Primary Intermediate Server CA
   i:/C=IL/O=StartCom Ltd./OU=Secure Digital Certificate Signing/CN=StartCom Certification Authority
---


How to downgrade Openssl on CentOS?



List the available versions by running this command:

yum --showduplicates list openssl


you should see these lines:

Installed package:
openssl.x86_641:1.0.1e42.el7.9

Available packages:
openssl.x86_64 - 1:1.0.1e-42.el7 - base
openssl.x86_64 - 1:1.0.1e-42.el7_1.5 - updates
openssl.x86_64 - 1:1.0.1e-42.el7.4 - updates
openssl.x86_64 - 1:1.0.1e-42.el7.6 - updates
openssl.x86_64 - 1:1.0.1e-42.el7.8 - updates
openssl.x86_64 - 1:1.0.1e-42.el7.9 - updates


then doing:

yum downgrade openssl-1.0.1e-42.el7_1.5

it will downgrade openssl to 7_1.5 version.

Friday, March 27, 2015

Rollback to previous package version after bad upgrade with Debian

This will show all the versions of the package in the cache:
apt-cache show [package name]

This will install an older version of the package
apt-get install [package name]=[version]

Tuesday, November 11, 2014

RSYNC using filter to include some files

use rsync with Filter option to include some files.

For example:


rsync -auvz -f'+ [Aa][Mm]*'  -f'+ */' -f'- *' /SOURCE-Folder/ /TARGET-Folder/



It means: exclude all files and include only files beginning with A and M (insensitive).

Wednesday, November 5, 2014

Add line to the beginning of a file in Bash

To add a line to the beginning of a file, use this command: 
 
sed -i '1s/^/YOUR NEW LINE\n/' YOUR-FILE.TXT

Thursday, October 30, 2014

Mysql 5.5 Innodb slow insert query issue

An upgrade MySQL from version 5.1 to 5.5 has very slowed Typo3 instances.

The reason was very slow insert queries in InnoDB tables.

In order to save you some distress, for a possible solution, add following line to my.cnf and restart the mysql:

innodb_flush_log_at_trx_commit=0



Wednesday, October 15, 2014

Disable SSLv2 and SSLv3 in Apache

The best way to disable both SSLv2 and SSLv3 and only enable TLS 1.0-1.2 is to use this configuration in your Apache configuration file:






SSLProtocol TLSv1
 
Example:
 
SSLEngine On
SSLProtocol TLSv1
SSLCertificateFile      domain.crt
SSLCertificateKeyFile   domain.key

Testing your SSL Version

if you want to test your ssl version details of perticular host use the following command:

openssl s_client -connect YOURDOMAIN:443

You need to replace YOURDOMAIN to your website hostname Output looks like below:

Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ....
    Session-ID: ....