Latest Entries »

DATE

“Seriously, I can’t get anything done in this office thanks to their draconian proxy configuration, everything is blocked!”

Sound familiar? If you are a web developer, you need unrestricted access, right? So let’s sort that out. I’m assuming you have a linux web server that isn’t locked down outwith the network that you can putty into.

Open Putty! Choose SSH > Tunnels. Add a dynamic port 7777 (or whatever) (ignore the 10139, that’s my debugger port) and save the settings.

putty

Now go into Chrome settings, click advanced, Change Proxy Settings, LAN Settings, Advanced.
Then in Socks, enter localhost and your port (7777).

chrome

You can now browse every web site again!😀

Need IRC too? same deal. I use Pidgin. Open Pidgin, then click the Accounts menu, Manage Accounts, click on your account, click modify, click Proxy, choose SOCKS5 as the proxy type, then enter localhost and 7777, as below:

pidgin

You are now on IRC again!

Now, Git. All that is required to get git working is to add the socks5 proxy:

git config --global http.proxy 'socks5://127.0.0.1:7777'

And now you can clone repositories with no problem!

UPDATE:
Okay, I finally got everything unrestricted in the CLI too, by using a piece of software called ProxyCap. Check it out:

proxy

proxy2

 connection works

Just a quick note here, if you are running out of space on your Linux machine and need to find the files taking up the most room, try this command!

du -hsx * | sort -rh | head -10

3.9G    logs
85M     vendor
79M     utils
71M     sales
43M     products
27M     src
23M     classes
15M     images
14M     forms
12M     yui

Now that my VM is completely configured through puPHPet’s puphpet/files/exec-once shell scripts, I had to change PHP settings for the legacy 5.3 install. At first I echoed the setting out and concatenated it onto the end of the string, however the setting was already uncommented above.

The answer is to use sed to find and replace the line of text, like this!

cat /etc/php.ini | sed -e "s/short_open_tag = Off/short_open_tag = On/" >> /etc/php.ini

As you readers probably know, I can’t stand XAMPP and MAMP, being two steaming piles of crap, and have long advocated that you set up VirtualBox & Vagrant, then head over to http://www.puphpet.com, fill in the forms to configure your VM,  generate the config.yaml, and then unzip it and run ‘vagrant up’ to install it. Brilliant so far.

Yesterday I had a total downer of a day, trying to run an old legacy PHP 5.3 app. PuPHPet doesn’t have the EOL PHP 5.3, so at first I settled as a one off for MAMP, but it was slow and horrible.

Then I thought, wait! If I don’t configure Apache or PHP in puphpet, I could get a box up and install 5.3 myself. That’s when I discovered the awesomeness of the puphpet/files folder.

The only thing I used in there was the ssh keys. But there are empty folders waiting for .sh files (shell scripts) to be dropped in.

So for this box, I created exec-once/install-stuff.sh which contained the following:

#!/bin/bash
yum -y install httpd php
yum -y install php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml

Then upon running vagrant provision, it not only looked for changes in config.yaml, but it checks for changes in these files too!

I then made set-vhosts.sh, and import-database.sh, which look like these:

#!/bin/bash
echo "
===========================================
Adding vhosts to /etc/httpd/conf/httpd.conf
===========================================
"
echo "
<VirtualHost *:80>

   DocumentRoot /var/www/fife/web
   ServerName fife
   ErrorLog /var/www/fife/log/error.log

   <Directory "/var/www/fife">
      Options -Indexes +FollowSymLinks
      Order allow,deny
      Allow from all
      AllowOverride All
  </Directory>

</VirtualHost>
" >> /etc/httpd/conf/httpd.conf

And …

#!/bin/bash
mysql -u root --password=123 --database=fortdev < /var/www/fife/data/sql_scripts/symf_fortdev.sql

I take it by now you get the idea! So now you can totally destroy your VM, and put any customisations in these shell scripts, so your full setup can be back up in 5 minutes flat with a vagrant up and vagrant provision!!!

You can then also start thinking about using puPHPet for deploying your setup to your production server:-) There’s a vagrant plugin called Vagrant Managed Servers, which will take care of that for you. https://github.com/tknerr/vagrant-managed-servers . I haven’t looked at it yet, but of course you can expect a blog post on it here when I figure it all out!!

Git tree view in CLI

Easy. Create an alias:

git config --global alias.tree "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset%n' --abbrev-commit --date=relative —branches”

then just run

git tree

Screen Shot 2016-02-09 at 15.49.21

cat ~/.ssh/id_rsa.pub | ssh user@host ‘cat >> .ssh/authorized_keys’

fix puphpet bind error

The bind command `bindfs --perms=u=rwX:g=rwX:o=rD --user=www-data --group=www-data /mnt/vagrant-vflsf_hshd6x5eenjw /var/www` failed to run!

I still don’t know exactly why it’s happening, it’s like deprecation warnings or something! I am using too new a version of something.

Until I do know for certain, this is what I do to fix it:

sudo bindfs --perms=u=rwX:g=rwX:o=rD --force-user=www-data --force-group=www-data /mnt/vagrant-vflsf_hshd6x5eenjw -o nonempty /var/www

 

Source: Using LetsEncrypt to get a free SSL Certificate (on VestaCP)

This is real easy, but i keep forgetting which option to use!

If you have separated some of your code into a composer vendor package, and are currently using it in a project, it can be annoying if you need to update it. First you need to open that project up, make your changes, commit, push, wait for tests to pass on travis etc, tag a new version (depending), update packagist if it hasn’t automatically already, and then you can go back into composer and update.

So to save that hassle, composer has the –prefer-source option (–prefer-dist is the one that confused me). This puts the .git folder in your vendor package folder, allowing you to edit, commit, and push from there. Much better.

If you already have the package installed, just delete it. If you haven’t installed it yet, just require it. Both with the –prefer-source option.

composer require delboy1978uk/user --prefer-source
// or
composer update delboy1978uk/user --prefer-source

Replacing my own package above with the one you need, of course. Have fun!Screen Shot 2016-01-14 at 20.26.55

If you’ve ever used a self signed SSL certificate, you’ll know that although the connection is secure, you don’t get the full green padlock in the browser. You’re about to fix that, and speed your website up at the same time.

The secret is to pump your DNS through Cloudflare! http://www.cloudflare.com. If you visit there and sign up, you can add your domain names and point them to your server. By setting up Cloudflare, your site will improve in speed due to cacheing, and be more secure from DDOS attacks.

The first step is to create your SSL certificate. Log in to your server, and run the following commands as the root user:

➜ mcleandigital openssl genrsa -out "/home/mcleandigital/ssl.key" 2048 
Generating RSA private key, 2048 bit long modulus
................................................................+++
...............................................+++
e is 65537 (0x10001)
➜ mcleandigital openssl req -new -key "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.csr" 
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Scotland
Locality Name (eg, city) []:Glasgow
Organization Name (eg, company) [Internet Widgits Pty Ltd]:McLean Digital Limited
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:*.mcleandigital.co.uk
Email Address []:derek@mcleandigital.co.uk

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:McLean Digital Limited
➜ mcleandigital openssl x509 -req -days 1095 -in "/home/mcleandigital/ssl.csr" -signkey "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.crt" 
Signature ok
subject=/C=GB/ST=Scotland/L=Glasgow/O=McLean Digital Limited/CN=*.mcleandigital.co.uk/emailAddress=derek@mcleandigital.co.uk
Getting Private key

The above output has generated the SSL certificate. Next step is to set your virtual hosts:

<VirtualHost *:80>
    ServerName mcleandigital.co.uk
    RedirectPermanent / https://mcleandigital.co.uk
</VirtualHost>

<VirtualHost *:443>
        ServerName mcleandigital.co.uk

        ServerAdmin webmaster@mcleandigital.co.uk
        DocumentRoot /var/www/mcleandigital.co.uk/public

        SSLEngine on
        SSLCertificateKeyFile /home/mcleandigital/ssl.key
        SSLCertificateFile /home/mcleandigital/ssl.crt

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <Directory "/var/www/mcleandigital.co.uk/">
                Options -Indexes +FollowSymLinks
                Order allow,deny
                Allow from all
                AllowOverride All
                Require all granted
        </Directory>
</VirtualHost>

The above configuration redirects all port 80 traffic to port 443. Now if you restart the server, you will be able to access your website securely, however, the green padlock is not showing. This is expected as usually you would pay for a certificate from a certificate authority (CA) .

Now the fun part. Sign in to cloudflare.com, and add your website.They give you instructions, and it’s pretty easy to setup.

If your site is hosted on a different server than your hosting company, you need to change the DNS on the domain name hosting provider to point to cloudflare, and not directly to your server. So a request will hit the domain company, which DNS sends to cloudflare, and the DNS on cloudflare points to the IP of your server.

Lastly, in cloudflare, click on the crypto tab, and set SSL to full. The great thing is, you get the cloudflare certificate presented to the end user, and our self signed certificate is hidden away behind cloudflare!

It turns out domain validated SSL’s will be free from December 3rd anyway (checkout https://letsencrypt.org/), however, this may still be the better option due to all the nice free features cloudflare offers! As always, have fun!

Follow

Get every new post delivered to your Inbox.

Join 28 other followers