Archive for November, 2015


If you’ve ever used a self signed SSL certificate, you’ll know that although the connection is secure, you don’t get the full green padlock in the browser. You’re about to fix that, and speed your website up at the same time.

The secret is to pump your DNS through Cloudflare! http://www.cloudflare.com. If you visit there and sign up, you can add your domain names and point them to your server. By setting up Cloudflare, your site will improve in speed due to cacheing, and be more secure from DDOS attacks.

The first step is to create your SSL certificate. Log in to your server, and run the following commands as the root user:

➜ mcleandigital openssl genrsa -out "/home/mcleandigital/ssl.key" 2048 
Generating RSA private key, 2048 bit long modulus
................................................................+++
...............................................+++
e is 65537 (0x10001)
➜ mcleandigital openssl req -new -key "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.csr" 
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Scotland
Locality Name (eg, city) []:Glasgow
Organization Name (eg, company) [Internet Widgits Pty Ltd]:McLean Digital Limited
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:*.mcleandigital.co.uk
Email Address []:derek@mcleandigital.co.uk

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:McLean Digital Limited
➜ mcleandigital openssl x509 -req -days 1095 -in "/home/mcleandigital/ssl.csr" -signkey "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.crt" 
Signature ok
subject=/C=GB/ST=Scotland/L=Glasgow/O=McLean Digital Limited/CN=*.mcleandigital.co.uk/emailAddress=derek@mcleandigital.co.uk
Getting Private key

The above output has generated the SSL certificate. Next step is to set your virtual hosts:

<VirtualHost *:80>
    ServerName mcleandigital.co.uk
    RedirectPermanent / https://mcleandigital.co.uk
</VirtualHost>

<VirtualHost *:443>
        ServerName mcleandigital.co.uk

        ServerAdmin webmaster@mcleandigital.co.uk
        DocumentRoot /var/www/mcleandigital.co.uk/public

        SSLEngine on
        SSLCertificateKeyFile /home/mcleandigital/ssl.key
        SSLCertificateFile /home/mcleandigital/ssl.crt

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <Directory "/var/www/mcleandigital.co.uk/">
                Options -Indexes +FollowSymLinks
                Order allow,deny
                Allow from all
                AllowOverride All
                Require all granted
        </Directory>
</VirtualHost>

The above configuration redirects all port 80 traffic to port 443. Now if you restart the server, you will be able to access your website securely, however, the green padlock is not showing. This is expected as usually you would pay for a certificate from a certificate authority (CA) .

Now the fun part. Sign in to cloudflare.com, and add your website.They give you instructions, and it’s pretty easy to setup.

If your site is hosted on a different server than your hosting company, you need to change the DNS on the domain name hosting provider to point to cloudflare, and not directly to your server. So a request will hit the domain company, which DNS sends to cloudflare, and the DNS on cloudflare points to the IP of your server.

Lastly, in cloudflare, click on the crypto tab, and set SSL to full. The great thing is, you get the cloudflare certificate presented to the end user, and our self signed certificate is hidden away behind cloudflare!

It turns out domain validated SSL’s will be free from December 3rd anyway (checkout https://letsencrypt.org/), however, this may still be the better option due to all the nice free features cloudflare offers! As always, have fun!

Advertisements

Installing Ansible

Ansible is a bit like puPHPet, in that it provisions Vagrant boxes etc. My latest project is using PPI Framework 2, and provisions with Ansible, so I had to get everything installed.

Essentially we just clone from the Github repo and install a few python things:

$ git clone git://github.com/ansible/ansible.git --recursive
$ cd ansible
$ source hacking/env-setup
$ sudo easy_install pip
$ sudo pip install paramiko PyYAML Jinja2 httplib2 six

And that should be you. Run ansible from the terminal in ay folder now and you should get all the available options etc. Have fun!

After composer requiring doctrine/migrations, you need to edit your cli-config.php. Here’s mine, with the new stuff added in bold.

<?php
use Doctrine\ORM\Tools\Console\ConsoleRunner;
use XYZ\XYZService;
use XYZ\Test\XYZTesting;

// This is just a dependency injection container
$container = XYZTesting::getContainer();

/* Edit these details to suit

$container['db.credentials'] = array(
    'driver' => 'pdo_mysql',
    'dbname' => 'twg',
    'user' => 'dbuser',
    'password' => '123',
];
 */

// this is just my service which returns the entitymanager (requires the DIC above)
$svc = new XYZService($container);
$em = $svc->getEntityManager();
$helperSet = ConsoleRunner::createHelperSet($em);

// Add Doctrine Migration commands
$cli = ConsoleRunner::createApplication($helperSet,[
    new \Doctrine\DBAL\Migrations\Tools\Console\Command\DiffCommand(),
    new \Doctrine\DBAL\Migrations\Tools\Console\Command\ExecuteCommand(),
    new \Doctrine\DBAL\Migrations\Tools\Console\Command\GenerateCommand(),
    new \Doctrine\DBAL\Migrations\Tools\Console\Command\MigrateCommand(),
    new \Doctrine\DBAL\Migrations\Tools\Console\Command\StatusCommand(),
    new \Doctrine\DBAL\Migrations\Tools\Console\Command\VersionCommand(),
]);

return $cli->run();

Note that I have removed the last line, return ConsoleRunner::createHelperSet($entityManager); and replaced it with return $cli->run(); Now if you type doctrine:

$ doctrine
Doctrine Command Line Interface version 2.5.1

Usage:
command [options] [arguments]

Options:
-h, --help            Display this help message
-q, --quiet           Do not output any message
-V, --version         Display this application version
--ansi            Force ANSI output
--no-ansi         Disable ANSI output
-n, --no-interaction  Do not ask any interactive question
-v|vv|vvv, --verbose  Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug

Available commands:
help                            Displays help for a command
list                            Lists commands
dbal
dbal:import                     Import SQL file(s) directly to Database.
dbal:run-sql                    Executes arbitrary SQL directly from the command line.
migrations
migrations:diff                 Generate a migration by comparing your current database to your mapping information.
migrations:execute              Execute a single migration version up or down manually.
migrations:generate             Generate a blank migration class.
migrations:migrate              Execute a migration to a specified version or the latest available version.
migrations:status               View the status of a set of migrations.
migrations:version              Manually add and delete migration versions from the version table.
orm
orm:clear-cache:metadata        Clear all metadata cache of the various cache drivers.
orm:clear-cache:query           Clear all query cache of the various cache drivers.
orm:clear-cache:result          Clear all result cache of the various cache drivers.
orm:convert-d1-schema           Converts Doctrine 1.X schema into a Doctrine 2.X schema.
orm:convert-mapping             Convert mapping information between supported formats.
orm:convert:d1-schema           Converts Doctrine 1.X schema into a Doctrine 2.X schema.
orm:convert:mapping             Convert mapping information between supported formats.
orm:ensure-production-settings  Verify that Doctrine is properly configured for a production environment.
orm:generate-entities           Generate entity classes and method stubs from your mapping information.
orm:generate-proxies            Generates proxy classes for entity classes.
orm:generate-repositories       Generate repository classes from your mapping information.
orm:generate:entities           Generate entity classes and method stubs from your mapping information.
orm:generate:proxies            Generates proxy classes for entity classes.
orm:generate:repositories       Generate repository classes from your mapping information.
orm:info                        Show basic information about all mapped entities
orm:mapping:describe            Display information about mapped objects
orm:run-dql                     Executes arbitrary DQL directly from the command line.
orm:schema-tool:create          Processes the schema and either create it directly on EntityManager Storage Connection or generate the SQL output.
orm:schema-tool:drop            Drop the complete database schema of EntityManager Storage Connection or generate the corresponding SQL output.
orm:schema-tool:update          Executes (or dumps) the SQL needed to update the database schema to match the current mapping metadata.
orm:validate-schema             Validate the mapping files.

Loads more commands! Now you can start migrating your database properly and safely 🙂 Have fun!

Update
After having run my migrations, it turns out it dumps the migration files in your doc root! After a bit of faffing about, I got the config working, so here is the full cli-config.php:

<?php

use Doctrine\DBAL\Migrations\Configuration\Configuration;
use Doctrine\DBAL\Migrations\Tools\Console\Command\DiffCommand;
use Doctrine\DBAL\Migrations\Tools\Console\Command\ExecuteCommand;
use Doctrine\DBAL\Migrations\Tools\Console\Command\GenerateCommand;
use Doctrine\DBAL\Migrations\Tools\Console\Command\MigrateCommand;
use Doctrine\DBAL\Migrations\Tools\Console\Command\StatusCommand;
use Doctrine\DBAL\Migrations\Tools\Console\Command\VersionCommand;
use Doctrine\ORM\Tools\Console\ConsoleRunner;
use XYZ\XYZService;
use XYZ\Test\XYZTesting;

$container = XYZTesting::getContainer();

/* Edit these details to suit

$container['db.credentials'] = array(
    'driver' => 'pdo_mysql',
    'dbname' => 'XYZ',
    'user' => 'dbuser',
    'password' => '123',
];
 */

// Fetch the entity Manager
$svc = new XYZService($container);
$em = $svc->getEntityManager();

// Create the helperset
$helperSet = ConsoleRunner::createHelperSet($em);

/** Migrations setup */

$configuration = new Configuration($em->getConnection());
$configuration->setMigrationsDirectory('migrations');

$diff = new DiffCommand();
$exec = new ExecuteCommand();
$gen = new GenerateCommand();
$migrate = new MigrateCommand();
$status = new StatusCommand();
$ver = new VersionCommand();

$diff->setMigrationConfiguration($configuration);


$cli = ConsoleRunner::createApplication($helperSet,[
    $diff, $exec, $gen, $migrate, $status, $ver
]);

return $cli->run();

So I woke up this morning to find my shiny new Solr install had corrupted a core 😐 and I was unable to create a one in the UI

05/11/2015, 12:33:45
	
WARN
	
Config
	
XML parse warning in "solrres:/solrconfig.xml",​ line 1616,​ column 86: Include operation failed,​ reverting to fallback. Resource error reading file as XML (href='solrconfig_extra.xml'). Reason: Can't find resource 'solrconfig_extra.xml' in classpath or '/opt/solr/solr-4.10.2/example/solr/collection1/conf'
05/11/2015, 12:33:46
	
WARN
	
SolrResourceLoader
	
Solr loaded a deprecated plugin/analysis class [solr.FloatField]. Please consult documentation how to replace it accordingly.
05/11/2015, 12:33:46
	
WARN
	
SolrResourceLoader
	
Solr loaded a deprecated plugin/analysis class [solr.DateField]. Please consult documentation how to replace it accordingly.
05/11/2015, 12:33:47
	
WARN
	
RequestHandlers
	
Multiple requestHandler registered to the same name: /update ignoring: org.apache.solr.handler.UpdateRequestHandler
05/11/2015, 12:33:47
	
WARN
	
RequestHandlers
	
Multiple requestHandler registered to the same name: /update/csv ignoring: org.apache.solr.handler.UpdateRequestHandler
05/11/2015, 12:33:47
	
WARN
	
RequestHandlers
	
Multiple requestHandler registered to the same name: /update/json ignoring: org.apache.solr.handler.UpdateRequestHandler
05/11/2015, 12:33:47
	
ERROR
	
CoreContainer
	
Error creating core [candi_policy]: Error opening new searcher

The way I solved it was to go into the cores folder (for me, /opt/solr/solr-4.10.2/example/solr), and move the core folder out of there. Then create a new folder with the name of your core, a data folder within that, and then also in there cp -R the conf folder from the corrupted core folder you moved out of there.

Then all you need to do is restart Solr, and you can now create a fresh core in the UI. Once you have that, reindex your documents, and you’re all set to go again!

Update: It happened again this morning. I think it’s because I exit my VM and vagrant halt, which usually shuts everything down gracefully. So make sure you run /opt/solr/solr-4.10.2/bin/solr stop (or equivalent) before shutting down your machine.

To open port 8983 up for example (replace IP as appropriate):
ssh -N -L localhost:8983:127.0.0.1:8983 vagrant@192.168.56.101 -i ~/Documents/srv/puphpet/files/dot/ssh/id_rsa

Then in your browser you can access http://localhost:8983/solr without issues! 😀