Category: Servers


As you readers probably know, I can’t stand XAMPP and MAMP, being two steaming piles of crap, and have long advocated that you set up VirtualBox & Vagrant, then head over to http://www.puphpet.com, fill in the forms to configure your VM,  generate the config.yaml, and then unzip it and run ‘vagrant up’ to install it. Brilliant so far.

Yesterday I had a total downer of a day, trying to run an old legacy PHP 5.3 app. PuPHPet doesn’t have the EOL PHP 5.3, so at first I settled as a one off for MAMP, but it was slow and horrible.

Then I thought, wait! If I don’t configure Apache or PHP in puphpet, I could get a box up and install 5.3 myself. That’s when I discovered the awesomeness of the puphpet/files folder.

The only thing I used in there was the ssh keys. But there are empty folders waiting for .sh files (shell scripts) to be dropped in.

So for this box, I created exec-once/install-stuff.sh which contained the following:

#!/bin/bash
yum -y install httpd php
yum -y install php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml

Then upon running vagrant provision, it not only looked for changes in config.yaml, but it checks for changes in these files too!

I then made set-vhosts.sh, and import-database.sh, which look like these:

#!/bin/bash
echo "
===========================================
Adding vhosts to /etc/httpd/conf/httpd.conf
===========================================
"
echo "
<VirtualHost *:80>

   DocumentRoot /var/www/fife/web
   ServerName fife
   ErrorLog /var/www/fife/log/error.log

   <Directory "/var/www/fife">
      Options -Indexes +FollowSymLinks
      Order allow,deny
      Allow from all
      AllowOverride All
  </Directory>

</VirtualHost>
" >> /etc/httpd/conf/httpd.conf

And …

#!/bin/bash
mysql -u root --password=123 --database=fortdev < /var/www/fife/data/sql_scripts/symf_fortdev.sql

I take it by now you get the idea! So now you can totally destroy your VM, and put any customisations in these shell scripts, so your full setup can be back up in 5 minutes flat with a vagrant up and vagrant provision!!!

You can then also start thinking about using puPHPet for deploying your setup to your production server 🙂 There’s a vagrant plugin called Vagrant Managed Servers, which will take care of that for you. https://github.com/tknerr/vagrant-managed-servers . I haven’t looked at it yet, but of course you can expect a blog post on it here when I figure it all out!!

Git tree view in CLI

Easy. Create an alias:

git config --global alias.tree "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset%n' --abbrev-commit --date=relative —branches”

then just run

git tree

Screen Shot 2016-02-09 at 15.49.21

cat ~/.ssh/id_rsa.pub | ssh user@host ‘cat >> .ssh/authorized_keys’

If you’ve ever used a self signed SSL certificate, you’ll know that although the connection is secure, you don’t get the full green padlock in the browser. You’re about to fix that, and speed your website up at the same time.

The secret is to pump your DNS through Cloudflare! http://www.cloudflare.com. If you visit there and sign up, you can add your domain names and point them to your server. By setting up Cloudflare, your site will improve in speed due to cacheing, and be more secure from DDOS attacks.

The first step is to create your SSL certificate. Log in to your server, and run the following commands as the root user:

➜ mcleandigital openssl genrsa -out "/home/mcleandigital/ssl.key" 2048 
Generating RSA private key, 2048 bit long modulus
................................................................+++
...............................................+++
e is 65537 (0x10001)
➜ mcleandigital openssl req -new -key "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.csr" 
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:GB
State or Province Name (full name) [Some-State]:Scotland
Locality Name (eg, city) []:Glasgow
Organization Name (eg, company) [Internet Widgits Pty Ltd]:McLean Digital Limited
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:*.mcleandigital.co.uk
Email Address []:derek@mcleandigital.co.uk

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:McLean Digital Limited
➜ mcleandigital openssl x509 -req -days 1095 -in "/home/mcleandigital/ssl.csr" -signkey "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.crt" 
Signature ok
subject=/C=GB/ST=Scotland/L=Glasgow/O=McLean Digital Limited/CN=*.mcleandigital.co.uk/emailAddress=derek@mcleandigital.co.uk
Getting Private key

The above output has generated the SSL certificate. Next step is to set your virtual hosts:

<VirtualHost *:80>
    ServerName mcleandigital.co.uk
    RedirectPermanent / https://mcleandigital.co.uk
</VirtualHost>

<VirtualHost *:443>
        ServerName mcleandigital.co.uk

        ServerAdmin webmaster@mcleandigital.co.uk
        DocumentRoot /var/www/mcleandigital.co.uk/public

        SSLEngine on
        SSLCertificateKeyFile /home/mcleandigital/ssl.key
        SSLCertificateFile /home/mcleandigital/ssl.crt

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        <Directory "/var/www/mcleandigital.co.uk/">
                Options -Indexes +FollowSymLinks
                Order allow,deny
                Allow from all
                AllowOverride All
                Require all granted
        </Directory>
</VirtualHost>

The above configuration redirects all port 80 traffic to port 443. Now if you restart the server, you will be able to access your website securely, however, the green padlock is not showing. This is expected as usually you would pay for a certificate from a certificate authority (CA) .

Now the fun part. Sign in to cloudflare.com, and add your website.They give you instructions, and it’s pretty easy to setup.

If your site is hosted on a different server than your hosting company, you need to change the DNS on the domain name hosting provider to point to cloudflare, and not directly to your server. So a request will hit the domain company, which DNS sends to cloudflare, and the DNS on cloudflare points to the IP of your server.

Lastly, in cloudflare, click on the crypto tab, and set SSL to full. The great thing is, you get the cloudflare certificate presented to the end user, and our self signed certificate is hidden away behind cloudflare!

It turns out domain validated SSL’s will be free from December 3rd anyway (checkout https://letsencrypt.org/), however, this may still be the better option due to all the nice free features cloudflare offers! As always, have fun!

I’m making some Apache redirects from an old domain to a new domain. I need the old domains blog posts to redirect to the new domain. So I need the WordPress permalinks.

In MySQL, you can say the following to get your permalinks.

SELECT wpp.post_title, wpp.guid,wpp.post_date,
CONCAT(wpo_su.option_value,
REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(
    wpo.option_value,'%year%', date_format(wpp.post_date,'%Y'))
    ,'%monthnum%',date_format(wpp.post_date,'%m'))
    ,'%day%',date_format(wpp.post_date,'%d'))
    ,'%postname%',wpp.post_name )
    ,'%category%',wpc.slug )
    ,'%post_id%', wpp.id)
) as permalink
FROM wp_posts wpp
INNER JOIN wp_options wpo ON wpo.option_name='permalink_structure'
INNER JOIN wp_options wpo_su ON wpo_su.option_name='siteurl'
INNER JOIN (
    SELECT wtr.object_id ID, max(wpt.slug) slug
    FROM wp_term_relationships wtr
    INNER JOIN wp_term_taxonomy wtt ON wtt.term_taxonomy_id=wtr.term_taxonomy_id AND wtt.taxonomy='category'
    INNER JOIN wp_terms wpt on wpt.term_id=wtt.term_id
    GROUP BY  wtr.object_id
) wpc ON wpc.ID=wpp.ID
WHERE wpp.post_type = 'post'
AND wpp.post_status = 'publish'
ORDER BY wpp.post_date DESC

If you aren’t using the built in php server for development, and like me you are using a vagrant box configured by puPHPet, this will save you a lot of wasted time wondering why you get 401s and 403s when you aren’t expecting them.

In your vhost section , under the setenv option, we add a new setenvif option:

setenvif:           
     - 'Authorization "(.*)" HTTP_AUTHORIZATION=$1'

Without this option, the Authorization header is being stripped! Run vagrant provision, and suddenly everything should be working correctly. Now get on with building that API!

This is remarkably simple! First, BACK UP YOUR DB.

Backed up? Good. You dont need to back your web files up if they are being mounted from a shared folder.

Open your puPHPet config.yml, scroll down to the php section, and change version from ’55’ to ’56’, and save it.

Next, type vagrant destroy, to remove the old stuff, and then vagrant up, which will re-initialise the server with your shiny new PHP version!

Updating a forked GitHub Repo

At the PHPNW 2014 conference, they had a ‘Hackathon’, where everyone got together and started hacking away at projects. I had a shot at the JoindIn website.

Anyway, I forked the repositories so I could work on my own branch. Now though, my fork is outdated, and needs updating. So in order to remedy this, we add another remote.

From your local machine’s cloned repo, you simply say:

git remote add upstream https://github.com/joindin/joindin-web2.git
git checkout master
git pull upstream master
git push origin master

Thanks to Derick Rethans of XDebug fame for this info 😀

So I pushed my changes to the production repository, only to discover that Memcache wasn’t installed on the server at work (a cPanel installation running over CentOS(6 i think)). Time to install it then!

in the terminal, get memcached installed. Nice n easy.

sudo yum install memcached

Then launch it!

memcached -d -u nobody -m 512 -p 11211 127.0.0.1

Then install memcache PHP extension. You do this in cPanels WHM. Search module installers in WHM

In Find a PHP Pecl, type memcache, and get it installed! You may or may not have to restart apache, but go to a phpinfo() and you should now see it running on your system!

See my previous post for how to use memcache in your PHP 🙂

Learn all the Git features

Ok, so maybe you can commit, push, pull, branch, and maybe have even set up some post-hookery! But Git has lots more I haven’t even touched yet!

This looks really nice, so I thought I’d share it with you all! Check it out!

http://pcottle.github.io/learnGitBranching/