tag:blogger.com,1999:blog-30271134799260315562024-03-28T20:29:41.636-07:00One Q, One AJohn Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.comBlogger79125tag:blogger.com,1999:blog-3027113479926031556.post-26046225974211560482016-12-02T15:58:00.004-08:002017-01-06T09:36:27.682-08:00How Do I Make a JSON Pretty Printer App Using PHP for Development/Debugging Use as a Coder?Ya'll know you don't wanna be posting your app's JSON responses, which may include sensitive information, to some third party website which could easily or accidentally log this info... think, decrypted passwords might be in your response, API keys, the name of your app. Lot's of stuff ain't nobody but you should see. So here, make your own JSON PRETTY PRINTER using PHP and RUN IT LOCALLY on your comp. Yea boi! Get it!
<pre class="brush:php;"><?php
$str = <<<'EOT'
{"name_first":"John"}
EOT;
echo json_encode(json_decode($str), JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES);
</pre>
^ Save the file. Name it something such as json-pretty-printer.php and then run it on the command line by typing 'php' then the path to your script. Hit enter. Boom.John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com37tag:blogger.com,1999:blog-3027113479926031556.post-19004009139301012532016-01-30T13:47:00.000-08:002016-01-30T13:47:03.309-08:00How to fork a project and then later on pull in the latest changes made to the source repo?<a href="http://scholarslab.org/research-and-development/forking-fetching-pushing-pulling/">http://scholarslab.org/research-and-development/forking-fetching-pushing-pulling/</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com7tag:blogger.com,1999:blog-3027113479926031556.post-57140313963734036202016-01-27T10:24:00.002-08:002016-01-27T10:24:53.054-08:00How can I search the entire (unix) file system for files whose name contains a specific substring?<pre class="brush:bash;"># To list files whose name contains "yoursearchterm"
find / -name "*yoursearchterm*" -print
</pre>
Swap the "/" with a more specific path to limit your search. Add "-maxdepth 1" after the path and before "-name" to limit your search to a single directory.<br />
<br />
Credit: <a href="http://stackoverflow.com/a/11329078">http://stackoverflow.com/a/11329078</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-16656716177408463132015-07-17T09:31:00.000-07:002015-07-17T09:31:25.074-07:00How to link your Mac's standard php location (/usr/bin/php) to a specific version somewhere else in the file system.To map your Mac's standard php location to a specific version somewhere else in the file system, run the following command:
<pre class="brush:bash;">
sudo ln -s /Applications/MAMP/bin/php/php5.5.3/bin/php /usr/bin/php
</pre>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-20998347835912746032015-04-15T12:24:00.001-07:002015-04-15T12:26:37.274-07:00How Do I Configure iTunes to Store iOS Device Backups on an External Hard Drive?Sadly, this is done via Terminal rather than iTunes.
<pre class="brush:bash;">ln -s /Volumes/1TB\ Fantom/iOSDeviceBackups/Backup /Users/johnerck/Library/Application\ Support/MobileSync/
</pre>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgknUs6Em_DTB1y6VDixu1Iq25r1XmeZtFF9zoB3ntHoAfy00sRo2qozFFvwmkZNMRb5zke0kxflMkXLFhtcZ4tPVkbl2O-y9_buDTSKzxtyrPXnvnSX-oobBDqu-qYcgdKEBjmMLL8SJ8/s1600/MobileSync.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgknUs6Em_DTB1y6VDixu1Iq25r1XmeZtFF9zoB3ntHoAfy00sRo2qozFFvwmkZNMRb5zke0kxflMkXLFhtcZ4tPVkbl2O-y9_buDTSKzxtyrPXnvnSX-oobBDqu-qYcgdKEBjmMLL8SJ8/s1600/MobileSync.png" height="64" width="640" /></a></div>
John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com3tag:blogger.com,1999:blog-3027113479926031556.post-90929423578196917302014-12-15T11:40:00.000-08:002014-12-17T07:28:19.357-08:00Thoughts on setting up a CentOS 7 box<pre class="brush:bash;">
# VARIABLES:
# my_ip_address: 23.253.55.25
# my_first_not_root_user: admin
# my_ssh_port: 4972
# my_bitbucket_project_1_owner_username: abovemarket
# my_bitbucket_project_1_name: logs.abovemarket.com
# my_bitbucket_project_2_owner_username: abovemarket
# my_bitbucket_project_2_name: new.abovemarket.com
# my_server_admin_email_address: john.erck@abovemarket.com
# my_local_path_to_wildcard_crt: ~/Business/Above\ Market/SSL/STAR_abovemarket_com/STAR_abovemarket_com.crt
# my_local_path_to_wildcard_ca_bundle: ~/Business/Above\ Market/SSL/STAR_abovemarket_com/STAR_abovemarket_com.ca-bundle
# my_local_path_to_wildcard_pem: ~/Business/Above\ Market/SSL/STAR_abovemarket_com.pem
# my_local_path_to_wildcard_key: ~/Business/Above\ Market/SSL/STAR_abovemarket_com.key
# my_remote_filename_for_wildcard_crt: STAR_abovemarket_com.crt
# my_remote_filename_for_ca_bundle: STAR_abovemarket_com.ca-bundle
# my_remote_filename_for_pem: STAR_abovemarket_com.pem
# my_remote_filename_for_key: STAR_abovemarket_com.key
# Create new CentOS 7 box, then:
ssh root@my_ip_address
passwd
useradd my_first_not_root_user
passwd my_first_not_root_user
visudo # Add "my_first_not_root_user ALL=(ALL) ALL" after "root"
nano /etc/ssh/sshd_config # Update "Port" to my_ssh_port
systemctl restart sshd.service
vim myfirewall
# myfirewall TEMPLATE TEXT OPEN
#!/bin/bash
#
# iptables example configuration script
#
# Flush all current rules from iptables
#
iptables -F
#
#  Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT
# 
#
#  Accepts all established inbound connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# 
# 
#  Allows all outbound traffic
#  You can modify this to only allow certain traffic
iptables -A OUTPUT -j ACCEPT
# 
# 
# Allows HTTP and HTTPS connections from anywhere (the normal ports for websites)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# 
# 
#  Allows SSH connections
#
# THE -dport NUMBER IS THE SAME ONE YOU SET UP IN THE SSHD_CONFIG FILE
#
iptables -A INPUT -p tcp -m state --state NEW --dport my_ssh_port -j ACCEPT
# 
# 
# Allow ping
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
# 
# 
# log iptables denied calls
iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
# 
# 
# Reject all other inbound - default deny unless explicitly allowed policy
iptables -A INPUT -j REJECT
iptables -A FORWARD -j REJECT
#
#
# Save settings
#
/sbin/service iptables save
#
# List rules
#
iptables -L -v
#
# myfirewall TEMPLATE TEXT CLOSE
chmod +x myfirewall
./myfirewall
yum update
yum install httpd # Apache
yum install mysql # For release purposes needed on app server
yum install php php-mysql # The mother ship
yum install php-gd # Needed for app server image processing functions to work
yum install git
yum install mod_ssl openssl
systemctl enable httpd.service # So that it will automatically start after a reboot
exit
scp -P my_ssh_port ~/.ssh/id_rsa.pub root@my_ip_address:my_machine_id_rsa.pub
ssh -p my_ssh_port root@my_ip_address
cat my_machine_id_rsa.pub >> ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
restorecon -Rv ~/.ssh # Ensure the correct SELinux contexts are set
exit
scp -P my_ssh_port ~/.ssh/id_rsa.pub admin@my_ip_address:my_machine_id_rsa.pub
ssh -p my_ssh_port admin@my_ip_address
cat my_machine_id_rsa.pub >> ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
restorecon -Rv ~/.ssh # Ensure the correct SELinux contexts are set
ssh-keygen -t rsa -C "my_server_admin_email_address"
cat /home/my_first_not_root_user/.ssh/id_rsa.pub
# Then, go to: https://bitbucket.org/my_bitbucket_project_1_owner_username/my_bitbucket_project_1_name/admin/deploy-keys
# and add the key as "my_first_not_root_user@my_ip_address"
# Then, go to: https://bitbucket.org/my_bitbucket_project_2_owner_username/my_bitbucket_project_2_name/admin/deploy-keys
# and add the key as "my_first_not_root_user@my_ip_address"
exit
# Copy your SSL certificate file and the certificate bundle file to your Apache server.
# You should already have a key file on the server from when you generated your certificate
# request. If not, transfer that too.
scp -P my_ssh_port my_local_path_to_wildcard_crt root@my_ip_address:my_remote_filename_for_wildcard_crt
scp -P my_ssh_port my_local_path_to_wildcard_ca_bundle root@my_ip_address:my_remote_filename_for_ca_bundle
scp -P my_ssh_port my_local_path_to_wildcard_pem root@my_ip_address:my_remote_filename_for_pem
scp -P my_ssh_port my_local_path_to_wildcard_key root@my_ip_address:my_remote_filename_for_key
ssh -p my_ssh_port root@my_ip_address
mv my_remote_filename_for_wildcard_crt /etc/pki/tls/certs/my_remote_filename_for_wildcard_crt
mv my_remote_filename_for_ca_bundle /etc/pki/tls/certs/my_remote_filename_for_ca_bundle
mv my_remote_filename_for_pem /etc/pki/tls/private/my_remote_filename_for_pem
mv my_remote_filename_for_key /etc/pki/tls/private/my_remote_filename_for_key
vim +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf
# Update file like so:
SSLCertificateFile /etc/pki/tls/certs/my_remote_filename_for_wildcard_crt
SSLCertificateKeyFile /etc/pki/tls/private/my_remote_filename_for_key
SSLCACertificateFile /etc/pki/tls/certs/my_remote_filename_for_ca_bundle
systemctl restart httpd.service
mkdir -p /home/admin/my_bitbucket_project_1_name
mkdir -p /home/admin/my_bitbucket_project_2_name
chown -R my_first_not_root_user:my_first_not_root_user /home/admin/my_bitbucket_project_1_name
chown -R my_first_not_root_user:my_first_not_root_user /home/admin/my_bitbucket_project_2_name
su my_first_not_root_user
cd /home/admin/my_bitbucket_project_1_name
git clone git@bitbucket.org:my_bitbucket_project_1_owner_username/my_bitbucket_project_1_name.git .
cd /home/admin/my_bitbucket_project_2_name
git clone git@bitbucket.org:my_bitbucket_project_2_owner_username/my_bitbucket_project_2_name.git .
exit
mkdir /etc/httpd/sites-available
mkdir /etc/httpd/sites-enabled
vim /etc/httpd/conf/httpd.conf
# Add the following line to the end of the file:
IncludeOptional sites-enabled/*.conf
vim /etc/httpd/sites-available/my_bitbucket_project_1_name.conf
# Add the following text:
<VirtualHost *:80>
ServerName www.my_bitbucket_project_1_name
ServerAlias my_bitbucket_project_1_name
DocumentRoot /home/admin/my_bitbucket_project_1_name/www
ErrorLog /home/admin/my_bitbucket_project_1_name_error.log
CustomLog /home/admin/my_bitbucket_project_1_name_requests.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName www.my_bitbucket_project_1_name
ServerAlias my_bitbucket_project_1_name
DocumentRoot /home/admin/my_bitbucket_project_1_name/www
ErrorLog /home/admin/my_bitbucket_project_1_name_error.log
CustomLog /home/admin/my_bitbucket_project_1_name_requests.log combined
</VirtualHost>
vim /etc/httpd/sites-available/my_bitbucket_project_2_name.conf
# Add the following text:
<VirtualHost *:80>
ServerName www.my_bitbucket_project_2_name
ServerAlias my_bitbucket_project_2_name
DocumentRoot /home/admin/my_bitbucket_project_2_name/www
ErrorLog /home/admin/my_bitbucket_project_2_name_error.log
CustomLog /home/admin/my_bitbucket_project_2_name_requests.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName www.my_bitbucket_project_2_name
ServerAlias my_bitbucket_project_2_name
DocumentRoot /home/admin/my_bitbucket_project_2_name/www
ErrorLog /home/admin/my_bitbucket_project_2_name_error.log
CustomLog /home/admin/my_bitbucket_project_2_name_requests.log combined
</VirtualHost>
ln -s /etc/httpd/sites-available/my_bitbucket_project_1_name.conf /etc/httpd/sites-enabled/my_bitbucket_project_1_name.conf
ln -s /etc/httpd/sites-available/my_bitbucket_project_2_name.conf /etc/httpd/sites-enabled/my_bitbucket_project_2_name.conf
apachectl restart
# Make sure you've mapped your DNS records to point to my_ip_address for each of
# the project names/domains you setup.
# Boom, you're done.
</pre>
John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com33tag:blogger.com,1999:blog-3027113479926031556.post-13877686324571201092014-10-09T17:51:00.001-07:002014-10-09T17:51:02.598-07:00How does one go about creating a softlink?<pre class="brush:bash;">
ln -s ~/Dropbox/secure/project/_development.yaml clitools/_development.yaml
ln -s ~/Dropbox/secure/project/_local.yaml clitools/_local.yaml
ln -s ~/Dropbox/secure/project/_production.yaml clitools/_production.yaml
ln -s ~/Dropbox/secure/project/_release.yaml clitools/_release.yaml
</pre>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com2tag:blogger.com,1999:blog-3027113479926031556.post-40606360251857702552014-09-22T13:41:00.002-07:002014-09-22T13:41:35.380-07:00What's the best blog for teaching a person how to setup a push notification server to talk to APNS via PHP?<a href="https://blog.serverdensity.com/how-to-build-an-apple-push-notification-provider-server-tutorial/">https://blog.serverdensity.com/how-to-build-an-apple-push-notification-provider-server-tutorial/</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-75600321862499307752014-06-22T19:37:00.002-07:002014-06-22T19:37:58.526-07:00What's the best blog post in the world for teaching you the ways of iOS's autolayout, storyboards, and scroll views that contain many subviews that, by default, don't have their own intrinsic content size?BOOM! IN YO FACE! <a href="http://codehappily.wordpress.com/2013/11/14/ios-how-to-use-uiscrollview-with-autolayout-pure-autolayout-approach-multiple-smaller-views/">http://codehappily.wordpress.com/2013/11/14/ios-how-to-use-uiscrollview-with-autolayout-pure-autolayout-approach-multiple-smaller-views/</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-7676108651323476412014-04-26T11:18:00.000-07:002014-05-14T17:22:52.408-07:00What should I do after ordering a CentOS 6.5 server?Okay, so I know how to do this on a Debian 7 box. However, I've never done server setup on a CentOS machine, until now. Here's a post I did on how to setup a Debian 7 box: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-next-generation.html">http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-next-generation.html</a>. This post is based on that one. I'm following the other post as a conceptual guide and using this one to capture my translation process.<br />
<br />
ssh root@youripaddress<br />
<br />
Changing the root user's password was the same between Debian and CentOS:<br />
passwd<br />
<br />
Instead of "adduser admin" it was "useradd youruser". In CentOS you need to follow "useradd youruser" with "passwd youruser" Reference: <a href="https://www.centos.org/docs/5/html/5.1/Deployment_Guide/s2-users-add.html">https://www.centos.org/docs/5/html/5.1/Deployment_Guide/s2-users-add.html</a> Also note this is a decent article too: <a href="https://www.digitalocean.com/community/articles/initial-server-setup-with-centos-6">https://www.digitalocean.com/community/articles/initial-server-setup-with-centos-6</a><br />
<br />
visudo process was the same between Debian and CentOS (i.e. making youruser have sudo privileges):<br />
<div class="p1">
youruser ALL=(ALL) ALL</div>
<br />
Updating the ssh port number was the same between Debian and CentOS. However, Debian has PasswordAuthentication commented out (set to no) while CentOS defaults to PasswordAuthentication yes.<br />
<br />
vim /etc/ssh/sshd_config<br />
"Update your port number to something unique such as 7919" Save the file (ZZ).<br />
<br />
How to restart the ssh service varied slightly: <a href="http://www.cyberciti.biz/faq/howto-restart-ssh/">http://www.cyberciti.biz/faq/howto-restart-ssh/</a>. The CentOS way is: /etc/init.d/sshd restart<br />
<br />
In terms of how to configure iptables. Things were different. I implemented the same rules but the steps were as follows (inspired by <a href="http://wiki.centos.org/HowTos/Network/IPTables">http://wiki.centos.org/HowTos/Network/IPTables</a>):<br />
<br />
<ol>
<li>I logged in as the root user</li>
<li>I created a file called myfirewall and gave it the execute bit: chmod +x myfirewall</li>
<li>vim myfirewall and copy and paste (<i>with ssh port edits that sync with /etc/ssh/sshd_config edits</i>) the following text into it and then save and close: <a href="http://oneqonea.blogspot.com/2014/04/myfirewall-file.html">http://oneqonea.blogspot.com/2014/04/myfirewall-file.html</a></li>
<li>As the root user run: ./myfirewall Then, boom. You're locked and loaded.</li>
<ol>
<li>Clears rules then resets them. This executes the iptables init script, which runs /sbin/iptables-save and writes the current iptables configuration to /etc/sysconfig/iptables. Upon reboot, the iptables init script reapplies the rules saved in /etc/sysconfig/iptables by using the /sbin/iptables-restore command.</li>
</ol>
</ol>
<div>
If you're still logged in as root, instead of "aptidude update" run "yum update" (add sudo if you're not root). Reference: <a href="https://www.centos.org/forums/viewtopic.php?t=39652">https://www.centos.org/forums/viewtopic.php?t=39652</a></div>
<div>
<br />
Okay so the next steps vary slightly depending on whether or not we're setting up an app/web server or a database server. App/web gets apache and php. Database gets mysql.<br />
<br /></div>
<div>
Here's good article for getting Apache, PHP, and MySQL installed: <a href="https://www.digitalocean.com/community/articles/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-6">https://www.digitalocean.com/community/articles/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-6</a>. Install the right software given the type of machine you're setting up. Note that if you're setting up an app server that runs an app that connects to a mysql database, that you'll need to install mysql on the app server even if you're connecting to a remote mysql database (for release purposes).<br />
<br />
App server command brief:<br />
yum install httpd # Already installed<br />
yum install mysql # For release purposes needed on app server<br />
yum install php php-mysql # The mother ship<br />
yum install php-gd # Needed for app server image processing functions to work<br />
<br />
Note, after you install MySQL run: service mysqld start</div>
<div>
<br /></div>
<div>
By default PHP Version 5.3.3 is installed. I need newer than that. I followed this tutorial: <a href="http://webees.me/how-to-install-php-5-4-and-mysql-5-5-in-centos-6-4-via-yum/">http://webees.me/how-to-install-php-5-4-and-mysql-5-5-in-centos-6-4-via-yum/</a></div>
<div>
<br />
By default MySQL Server Version 5.1.73 is installed. I need newer than that. I followed this tutorial: <a href="http://webees.me/how-to-install-php-5-4-and-mysql-5-5-in-centos-6-4-via-yum/">http://webees.me/how-to-install-php-5-4-and-mysql-5-5-in-centos-6-4-via-yum/</a> (my app requires 5.5 or higher for utf8 character reasons).<br />
<br />
Okay, so if you're setting up a server that uses PHP's imagecreatefromjpeg function then you need gd. Since the php we just installed doesn't have gd we run the following command to add it:<br />
<br />
yum --enablerepo=epel,remi,rpmforge install gd gd-devel php-gd<br />
/etc/init.d/httpd restart<br />
<br /></div>
<div>
After doing all that I setup ssh keys (and optionally turn password access off) for both machines. I followed this tutorial: <a href="http://wiki.centos.org/HowTos/Network/SecuringSSH#head-9c5717fe7f9bb26332c9d67571200f8c1e4324bc">http://wiki.centos.org/HowTos/Network/SecuringSSH#head-9c5717fe7f9bb26332c9d67571200f8c1e4324bc</a><br />
<br />
Then I installed git via: yum install git<br />
<br />
Then I create a key-pair on the server:<br />
ssh-keygen -t rsa -C "your_email@example.com"<br />
<br />
Save in default location and skip the passphrase.<br />
<br />
Now add your id_rsa.pub file content to Bitbucket as a deploy key: <a href="https://bitbucket.org/acctowner/projectname/admin/deploy-keys">https://bitbucket.org/acctowner/projectname/admin/deploy-keys</a>. I like to label my key using machine IP address. To get key:<br />
<br />
cat ~/.ssh/id_rsa.pub<br />
<br />
After doing that I git cloned project source files from their Bitbucket home to a folder within admin's home directory:<br />
<br />
git clone git@bitbucket.org:acctowner/projectname.git<br />
<br />
Then I installed a wild card ssl cert by loading the .crt and .key files to the remote machine like so: <a href="http://wiki.centos.org/HowTos/Https">http://wiki.centos.org/HowTos/Https</a>. Note that I skipped part three and didn't do anything special with virtual hosts. Command recap:<br />
<div class="p1">
$ sudo yum install mod_ssl openssl</div>
<div class="p1">
$ exit</div>
<div class="p1">
$ scp -P 1234 ~/your/cert/on/your/comp/STAR_domain_com/STAR_domain_com.crt root@youripaddress:STAR_domain_com.crt</div>
<div class="p1">
$ scp -P 1234 ~/your/cert/on/your/comp/STAR_domain_com/STAR_domain_com.key root@youripaddress:STAR_domain_com.key</div>
<div class="p1">
$ ssh -p 1234 root@youripaddress</div>
<div class="p1">
$ mv STAR_domain_com.crt /etc/pki/tls/certs/STAR_domain_com.crt</div>
<div class="p1">
$ mv STAR_domain_com.key /etc/pki/tls/private/STAR_domain_com.key</div>
<div class="p1">
$ vim +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf # Update certificate paths</div>
<div class="p1">
$ /etc/init.d/httpd restart</div>
<br />
Now on to setting up the apache hosting environment:<br />
sudo vim /etc/httpd/conf/httpd.conf<br />
<br />
#DocumentRoot "/var/www/html"<br />
DocumentRoot "/home/youruser/yourproject/www"<br />
<br />
#<Directory "/var/www/html"><br />
<Directory "/home/youruser/yourproject/www"><br />
<br />
# For CodeIgniter, faster than .htaccess file<br />
RewriteEngine On<br />
RewriteBase /<br />
RewriteCond %{REQUEST_FILENAME} !-f<br />
RewriteCond %{REQUEST_FILENAME} !-d<br />
RewriteRule ^(.*)$ index.php?/$1 [L]<br />
<br />
sudo /etc/init.d/httpd restart<br />
<br />
You will experience a 403 Forbidden error on refresh.<br />
<br />
I found the steps I needed to follow here: <a href="https://drupal.org/node/244924">https://drupal.org/node/244924</a><br />
$ cd /home/youruser/yourproject<br />
$ sudo chown -R youruser:apache .<br />
$ sudo find . -type d -exec chmod u=rwx,g=rx,o= '{}' \;<br />
$ sudo find . -type f -exec chmod u=rw,g=r,o= '{}' \;<br />
$ sudo chmod 711 /home/youruser<br />
<br />
Then 770 the dirs you need apache to be able to write to (temp, runtime, logs, etc).<br />
<br />
chmod 770 yourproject/application/logs/<br />
To enable CodeIgniter app to be able to write files to the app's default log dir.<br />
<br />
chmod 770 yourproject/application/runtime<br />
chmod 770 yourproject/application/runtime/img<br />
chmod 770 yourproject/www/images/local_cdn<br />
A reminder for myself to enable app specific write dirs.<br />
<br />
sudo vim /etc/php.ini<br />
<br />
Then update php's memory limit from its default of 128M to something bigger like so:<br />
sudo vim /etc/php.ini<br />
;memory_limit = 128M<br />
;<br />
;johnerck says: free -m prints "Mem: free 6290" so I figure we can alloc 4000MB<br />
memory_limit = 4000M<br />
<br />
; Maximum allowed size for uploaded files.<br />
; http://php.net/upload-max-filesize<br />
;upload_max_filesize = 2M<br />
upload_max_filesize = 100M<br />
<br />
; http://php.net/post-max-size<br />
;post_max_size = 8M<br />
post_max_size = 100M<br />
<br />
;error_log = php_errors.log<br />
error_log = /home/youruser/php_error.log<br />
<br />
Save the file (ZZ).<br />
<br />
Now create the log file we just referenced in our php.ini edits:<br />
vim /home/youruser/php_error.log<br />
/*Add some content such as "php_error.log" and save (ZZ)*/<br />
Make sure the log file just created is 664 and "sudo chown youruser:apache php_error.log"<br />
<br />
sudo /etc/init.d/httpd restart<br />
<br />
Ok, we are for sure linked in with php errors!! It's been tested!! For example, if there is a syntax error in your php code, such as a missing semicolon, php will log the error to /home/youruser/php_error.log. You can tail -f /home/youruser/php_error.log and then refresh the browser on a page with a known missing semicolon and you will see the error write to the terminal (and filesystem). This is great.<br />
<br />
If you're hosting a CodeIgniter app like I am then you'll want to check the following:<br />
Make sure $config['log_threshold'] is >= 1 (so that it does actually log to the file system).<br />
<br />
Note that in addition to the php error logs we just finished setting up, Apache also has an error log that can be viewed here: sudo cat /var/log/httpd/error_log<br />
<br />
Next I needed to setup clitools and deploy with secure config file to fix the following error message from our API codebase: "The application environment is not set correctly.". I installed clitools, filled out the _*.yaml files and then ran a clitools/releaseto production.<br />
<br />
I then needed to get the database server further setup:<br />
<a href="http://www.rackspace.com/knowledge_center/article/installing-mysql-server-on-centos">http://www.rackspace.com/knowledge_center/article/installing-mysql-server-on-centos</a><br />
<br />
Where they were doing "'demouser'@'localhost'" I was doing "'myuser'@'%'" so it can access remotely. I like this guy's recommendation regarding performance and iptables: <a href="http://www.noelherrick.com/blog/creating-users-granting-permissions-in-mysql">http://www.noelherrick.com/blog/creating-users-granting-permissions-in-mysql</a><br />
<br />
For a simple localhost setup you'll likely run the following commands in this order:<br />
<br />
<div class="p1">
mysql -uroot -p</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
SELECT User, Host, Password FROM mysql.user; -- Shows current state</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
CREATE DATABASE demodb;</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
INSERT INTO mysql.user (User,Host,Password) VALUES('demodbuser','localhost',PASSWORD('yourfancypassword'));</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
FLUSH PRIVILEGES;</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
SELECT User, Host, Password FROM mysql.user; -- Shows current state</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
GRANT ALL PRIVILEGES ON demodb.* to demodbuser@localhost;</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
FLUSH PRIVILEGES;</div>
<div class="p1">
<br /></div>
<div class="p1">
</div>
<div class="p1">
SHOW GRANTS FOR 'demodbuser'@'localhost'; -- Shows current state</div>
<div class="p1">
<br /></div>
Now I'm going to see if I can get the two boxes to talk to each other over the SoftLayer private network. Okay, yup, they're talking.</div>
John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-56605155507933100442014-04-26T10:18:00.001-07:002014-04-26T12:26:36.107-07:00What does my default CentOS iptables firewall file look like?CentOS myfirewall template file:
<br />
<pre class="brush:bash;">#!/bin/bash
#
# iptables example configuration script
#
# Flush all current rules from iptables
#
iptables -F
#
# Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT
#
#
# Accepts all established inbound connections
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
#
# Allows all outbound traffic
# You can modify this to only allow certain traffic
iptables -A OUTPUT -j ACCEPT
#
#
# Allows HTTP and HTTPS connections from anywhere (the normal ports for websites)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
#
#
# Allows SSH connections
#
# THE -dport NUMBER IS THE SAME ONE YOU SET UP IN THE SSHD_CONFIG FILE
#
iptables -A INPUT -p tcp -m state --state NEW --dport 7921 -j ACCEPT
#
#
# Allow ping
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
#
#
# log iptables denied calls
iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
#
#
# Reject all other inbound - default deny unless explicitly allowed policy
iptables -A INPUT -j REJECT
iptables -A FORWARD -j REJECT
#
#
# Save settings
#
/sbin/service iptables save
#
# List rules
#
iptables -L -v
#
</pre>
John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-44062828998314959332014-02-21T10:03:00.000-08:002014-02-21T10:03:07.961-08:00What's the best tutorial online for learning how to create a custom color swatch set in Photoshop CC?<a href="http://www.photoshopessentials.com/basics/custom-swatches/" target="_blank">http://www.photoshopessentials.com/basics/custom-swatches/</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-62290209045539061592014-01-08T20:51:00.000-08:002014-01-08T20:51:27.209-08:00How to delete outdated provisioning profiles from Xcode 5You can delete the files directly from <i>~/Library/MobileDevice/Provisioning Profiles</i><br />
<br />
Open finder, ⌘-Shift-G, and paste in the above path. Restart Xcode afterward.John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-86662493260191732822014-01-08T12:48:00.000-08:002014-01-08T12:48:27.928-08:00UIScrollView and Autolayout DemystifiedJust finished reading and implementing the described examples in the following link:<br />
<br />
<a href="http://www.apeth.com/iOSBook/ch20.html" target="_blank">Chapter 20. Scroll Views</a><br />
<br />
I was very impressed with this thorough yet easy to read description of how scroll views work.John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-86513625515809950912013-12-12T08:41:00.001-08:002013-12-12T08:53:46.556-08:00Objective C, JSON APIs and a few details worth noting...Types that can be returned by JSON API:<br />
<br />
<ul>
<li>string</li>
<li>number</li>
<li>boolean</li>
<li>null</li>
</ul>
<br />
When parsing JSON with Objective C's NSJSONSerialization class we get the following conversions:<br />
<br />
<ul>
<li>string (NSString)</li>
<li>number (NSNumber)</li>
<li>boolean (NSNumber*)</li>
<li>null (NSNull*)</li>
</ul>
<br />
*Note that boolean to NSNumber will NSLog itself as __NSCFBoolean. What?! We just noted above that booleans get parsed as NSNumbers!! Okay, settle, it all does make sense with a little further explanation; __NSCFBoolean is a private class that is used in the NSNumber class cluster. Don't concern yourself with it. Understand that JSON response fields containing a boolean will get parsed as an NSNumber and that to check the parsed value for its meaning (i.e. true/false) you can NOT do <i>if (myBoolean)</i> or <i>if (!myBoolean)</i>. Instead, you need to check <i>if ([myBoolean boolValue])</i> or <i>if (![myBoolean boolValue])</i> respectively.<br />
<br />
*Note that null to NSNull is different than what you might hope for (null to nil). If you send a message to NSNull that it doesn't understand (this is easy to do if you're working with an optional string field), NSNull will crash your app (as opposed to just returning nil). Yikes!<br />
<br />
So, how does it all add up? Well, from my experience as a PHP programmer, API developer, and iOS client creator... I'd break it down like this:<br />
<br />
Strings, numbers, booleans, and nulls all serve a purpose on the server (both the backend database and API application layer (PHP)). For example, null means a value that hasn't yet been defined. We write queries using null, do special application logic based on it (i.e. send an email where we otherwise wouldn't, etc). It's true that in some cases the null value might even be important to the client, and if so, could be passed on through. However, from my experience, it rarely is. With Objective C being a strongly typed language and the risk of crashing being very real, I've found that I like writing APIs that simplify their output to just strings. 99% of the time, even when receiving a number from the API, I am getting it so I can display it in the UI (i.e. I need it as a string). Therefore the simplicity of working with an all strings API is wonderful and also helps avoid app crashes. I even like to switch my boolean values to strings and just use yes or no. I like the way it reads and keeps the entire API as strings only.<br />
<br />
It's all about style. For me, I've found simplifying my API output makes for an easier to use JSON API for my iOS apps.John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-4098416662935481122013-09-25T13:09:00.003-07:002013-09-25T13:09:46.563-07:00What's the best way to debug auto layout constraints in iOS?<a href="http://blog.safaribooksonline.com/2012/10/31/tip-ambiguous-auto-layouts-in-ios-6/">http://blog.safaribooksonline.com/2012/10/31/tip-ambiguous-auto-layouts-in-ios-6/</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-69225739509194844442013-09-07T09:08:00.000-07:002013-09-07T09:08:10.499-07:00How can I get certain domain names to resolve locally using Mac OS X?By default, all domain names will be looked up via online DNS servers. To resolve locally, we need to override this behavior. We do this by editing our /etc/hosts file. Open it (you'll be prompted for your password). In order to get a certain domain name, say example.com, to resolve locally, add a line that looks like this:
<pre class="brush:bash;">127.0.0.1 examplesite.com</pre>
The 127.0.0.1 means localhost. examplesite.com should be replaced with your domain name. Upon saving the document, changes will be made live immediately. There is no need to flush cache or anything of that sort. Happy coding locally!John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-571935358498534212013-05-06T20:16:00.000-07:002013-05-06T20:16:50.931-07:00How do I determine the version of Apache installed on a Debian based Linux machine?Run the following command:
<pre class="brush:bash;">sudo apachectl -V</pre>
Which will print something similar to:
<pre class="brush:bash;">Server version: Apache/2.2.16 (Debian)
Server built: Mar 3 2013 12:09:44
Server's Module Magic Number: 20051115:24
Server loaded: APR 1.4.2, APR-Util 1.3.9
Compiled using: APR 1.4.2, APR-Util 1.3.9
Architecture: 64-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"
</pre>
John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-38925943595642326192013-05-01T13:23:00.000-07:002013-05-17T16:40:28.927-07:00How do I create a Facebook web app using CodeIgniter?First things first, this tutorial assumes you have the following setup:<br />
<ul>
<li>A <a href="http://www.apple.com/mac/" target="_blank">Mac</a></li>
<li>A <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-next-generation.html" target="_blank">remote server running Debian 6.06 (Squeeze)</a></li>
<li>A <a href="https://www.facebook.com/" target="_blank">Facebook account</a></li>
<li>And a copy of <a href="http://www.mamp.info/en/mamp-pro/" target="_blank">MAMP Pro</a> running on your local machine</li>
</ul>
<div>
Okay, first we need to create a Facebook app. Go here: <a href="https://developers.facebook.com/apps?ref=bookmarks&count=0&fb_source=bookmark_apps&fb_bmpos=6_0" target="_blank">https://developers.facebook.com/apps?ref=bookmarks&count=0&fb_source=bookmark_apps&fb_bmpos=6_0</a> (and for the record, yes, I think that's a totally weird looking URL). Then, click the "Create New App" button as shown in the following screenshot:</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaePOOyiGcZbOSGJ5gD63k0ThMBNecLbchb9_XI5x5RhkAF0D_AI_UadHby_4B-75iNkcqDH0qTAspNoE5MjWSNXckSRNVUv-gkDLaQqJjS8fV4Ks_0psEGs4xKWQ-6yDMkHabJRx3uh8/s1600/FacebookCreateNewApp.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaePOOyiGcZbOSGJ5gD63k0ThMBNecLbchb9_XI5x5RhkAF0D_AI_UadHby_4B-75iNkcqDH0qTAspNoE5MjWSNXckSRNVUv-gkDLaQqJjS8fV4Ks_0psEGs4xKWQ-6yDMkHabJRx3uh8/s640/FacebookCreateNewApp.png" width="640" /></a></div>
<div>
Next, name your app and then click the "Continue" button:</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZyvdObKbD4sZMHdVxpn0pflZpzRtf3vgxVwCcnpmEMebRfrd0vOmdpb5RELKcUQkrwUOKMRYSOOAnajpzq7P3fgO62YvN1dMDGU3vTXT8WgUjYKOJO_Cl1585vv5icySruTpuwDil6jc/s1600/FBCreateNewApp-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZyvdObKbD4sZMHdVxpn0pflZpzRtf3vgxVwCcnpmEMebRfrd0vOmdpb5RELKcUQkrwUOKMRYSOOAnajpzq7P3fgO62YvN1dMDGU3vTXT8WgUjYKOJO_Cl1585vv5icySruTpuwDil6jc/s640/FBCreateNewApp-1.png" width="640" /></a></div>
Next, pass through the security check:</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHMLGvc9YeWs6ejkL3SaqjiyjzXehIJ8gEy4Rdjc7jqwF_lo2zC9UutujQ2EbFm014oC6CYt2yweOve7sYFLpVKMKOr399k_Rh2SweD7YezZVGjWzMizSLSMp_dQlRMYNT9Z30vHyoLzA/s1600/FBImageToText-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHMLGvc9YeWs6ejkL3SaqjiyjzXehIJ8gEy4Rdjc7jqwF_lo2zC9UutujQ2EbFm014oC6CYt2yweOve7sYFLpVKMKOr399k_Rh2SweD7YezZVGjWzMizSLSMp_dQlRMYNT9Z30vHyoLzA/s640/FBImageToText-1.png" width="640" /></a></div>
Great. Now fill out the rest of your application's profile as shown in this screenshot:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4gjiJOZihyphenhyphenaR8QusVhp4EfEFXowUk1UtaJEImKjo58zY401WTLmSZ6o05Wvyx-RyRw8NFRidd9JDtn5SxXSkeev_5oJy12xVQ0oCmQD1UEEZg_0imxILLvCYSOQq_A7EKIVSxQKXMe8U/s1600/FBWebsiteWithFacebookLogin-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4gjiJOZihyphenhyphenaR8QusVhp4EfEFXowUk1UtaJEImKjo58zY401WTLmSZ6o05Wvyx-RyRw8NFRidd9JDtn5SxXSkeev_5oJy12xVQ0oCmQD1UEEZg_0imxILLvCYSOQq_A7EKIVSxQKXMe8U/s640/FBWebsiteWithFacebookLogin-1.png" width="640" /></a></div>
After clicking "Save Change" you'll see the following success message:<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsDymsPHE6teGWFU9pVHofk4dy_OUdklGmFvW8uX5eaH7IdicU8dzyZuhJkw10aVVynH3guf2HFPbYkuYfwrjHUC-QHVsmU4NNr-3byoJ8fyUjuZnLREPFKFgxdPZXMWBrSx1DzIDD_-8/s1600/success-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsDymsPHE6teGWFU9pVHofk4dy_OUdklGmFvW8uX5eaH7IdicU8dzyZuhJkw10aVVynH3guf2HFPbYkuYfwrjHUC-QHVsmU4NNr-3byoJ8fyUjuZnLREPFKFgxdPZXMWBrSx1DzIDD_-8/s640/success-1.png" width="640" /></a></div>
<br />
Okay, now download the latest version of <a href="http://ellislab.com/codeigniter" target="_blank">CodeIgniter</a>:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcDjwsWmCxFszorXDmYV0wlBuG0-FxYOSQR54-lH2eH9pd80-SKqrmFjcWA3QwPDJjGdKXxtmY8Lbb9IVE0wMXTNbsqwfn0llGqCk10txBt6WTJwV7AfRgbaXDhPuVmIwSDhQdnViefic/s1600/ci.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcDjwsWmCxFszorXDmYV0wlBuG0-FxYOSQR54-lH2eH9pd80-SKqrmFjcWA3QwPDJjGdKXxtmY8Lbb9IVE0wMXTNbsqwfn0llGqCk10txBt6WTJwV7AfRgbaXDhPuVmIwSDhQdnViefic/s640/ci.png" width="640" /></a></div>
Then unzip your download:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeC7kRJX-1s4FNBqVI6X2Kblo5ecXeNYAHMogr745UWNUHWeZAf5XVDTSU4TJ6nfd-MdnqzaayHdo2Hskg304v304IkJyIMEdPx9vywhFgsdq-JLSee268u6CUnUp7SHcuXpz-4JRgCqk/s1600/unzip.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeC7kRJX-1s4FNBqVI6X2Kblo5ecXeNYAHMogr745UWNUHWeZAf5XVDTSU4TJ6nfd-MdnqzaayHdo2Hskg304v304IkJyIMEdPx9vywhFgsdq-JLSee268u6CUnUp7SHcuXpz-4JRgCqk/s640/unzip.png" width="640" /></a></div>
Then add your own web root dir named "www" and rename your CI parent folder to your app's domain name:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF21GDr-f3J-PsnJfIes_3h0hhvkLfq80cBwowQaOvNLKQswFATZgiz77xfYBhkz38monjwVLVzc1PPGxxBsQrrzgiAd8ooqSrnWylZvpH2GqXyvr7KbcHDTEyz4KfoE-eopVCv1vj8OM/s1600/UpdateCI.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="284" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhF21GDr-f3J-PsnJfIes_3h0hhvkLfq80cBwowQaOvNLKQswFATZgiz77xfYBhkz38monjwVLVzc1PPGxxBsQrrzgiAd8ooqSrnWylZvpH2GqXyvr7KbcHDTEyz4KfoE-eopVCv1vj8OM/s640/UpdateCI.png" width="640" /></a></div>
Move the folder to your home directory:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoqNgPR0iKk7FS6m7MDfQA7NuThdRIUUiUsz2xGq6NqS5mKWIvYRhwVBU3_7-P0KXpb3BA_02hcadb1QyLujz9JxkTOwLaHzY_SxhhKgCjPZX8wdO2CzCiq8bSXdvf2lBuVQmahWOtC_o/s1600/mv-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoqNgPR0iKk7FS6m7MDfQA7NuThdRIUUiUsz2xGq6NqS5mKWIvYRhwVBU3_7-P0KXpb3BA_02hcadb1QyLujz9JxkTOwLaHzY_SxhhKgCjPZX8wdO2CzCiq8bSXdvf2lBuVQmahWOtC_o/s640/mv-1.png" width="640" /></a></div>
<br />
Okay, now spin up a new web server:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVTMTAqj-Qzp9yTIaP3Y931WGh8E8RRrPdtN6wlUTTWjv-q4LPcrs5vuf4LS_Lzj0uISz-gYJQcRUCzgADEE-3dZUPSf_BguGdcJIHjIqWmHHuWdZUQS31xE4lBr-BkRtE_Q-PGHPTT20/s1600/Cloud+Servers+-+Rackspace.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="194" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVTMTAqj-Qzp9yTIaP3Y931WGh8E8RRrPdtN6wlUTTWjv-q4LPcrs5vuf4LS_Lzj0uISz-gYJQcRUCzgADEE-3dZUPSf_BguGdcJIHjIqWmHHuWdZUQS31xE4lBr-BkRtE_Q-PGHPTT20/s640/Cloud+Servers+-+Rackspace.png" width="640" /></a></div>
<br />
<br />
Next, config your DNS:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh57IQnDWMv6c_z3g3h9pajzN2n0-8ZcoHaRTsGm4GtwfQL30lhfQK9uRe4LIE96nY_MUvdtTD08CDMCsx9O0u2fNlJfssEk54YacEe_Tjtchyet1XpkvXeF_q_P6a25ft7yXniKT2Ksng/s1600/dns.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh57IQnDWMv6c_z3g3h9pajzN2n0-8ZcoHaRTsGm4GtwfQL30lhfQK9uRe4LIE96nY_MUvdtTD08CDMCsx9O0u2fNlJfssEk54YacEe_Tjtchyet1XpkvXeF_q_P6a25ft7yXniKT2Ksng/s640/dns.png" width="640" /></a></div>
Now open up Terminal and cd into your project directory.<br />
<pre class="brush:bash;">cd ~/fbciexample.abovemarket.com</pre>
Now run the following command:
<br />
<pre class="brush:bash;">git init</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Initialized empty Git repository in /Users/johnerck/fbciexample.abovemarket.com/.git/</pre>
Next, add clitools for release management. If you don't already have clitools on your local machine, run the following
command to git clone it to your home directory:
<br />
<pre class="brush:bash;">git clone git@bitbucket.org:abovemarket/clitools.org.git ~/clitools.org</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Cloning into '/Users/johnerck/clitools.org'...
remote: Counting objects: 132, done.
remote: Compressing objects: 100% (112/112), done.
remote: Total 132 (delta 41), reused 0 (delta 0)
Receiving objects: 100% (132/132), 256.54 KiB, done.
Resolving deltas: 100% (41/41), done.</pre>
Okay, after running that command, run this next:
<br />
<pre class="brush:bash;">php ~/clitools.org/clitools/installto.php ~/fbciexample.abovemarket.com/clitools</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Success: You've successfully installed clitools to ~/fbciexample.abovemarket.com/clitools/</pre>
Okay, now it's time to create both our local and remote databases:
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSnSv_ZnVMHsS-qsWxmzRJcTMe-XRNKFH_Hv86vi0JBWVO-eijqC-cXyBN2zUoYTWvP6QqRJomkDYksUWRAgrrw3_rC5xpztYGLJyhAMAUVFWix4nGIPtyEZfmyOrlMTKD-kimcy3CKJI/s1600/MAMP.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSnSv_ZnVMHsS-qsWxmzRJcTMe-XRNKFH_Hv86vi0JBWVO-eijqC-cXyBN2zUoYTWvP6QqRJomkDYksUWRAgrrw3_rC5xpztYGLJyhAMAUVFWix4nGIPtyEZfmyOrlMTKD-kimcy3CKJI/s640/MAMP.png" width="640" /></a></div>
After walking through the process pictured above twice (once locally, and once on your remote production machine), open the following two files:
<br />
<pre class="brush:bash;">open ~/fbciexample.abovemarket.com/clitools/_env.php
open ~/fbciexample.abovemarket.com/clitools/_release.php</pre>
Add your database credentials as illustrated:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3HRCkkzuI8drC9akd3BypZtAl0vPUpS6tSbQ5WDYhYJUlAIAALSsjx1SiwhowuL8c0abqB64BH5YjGBvkzLrymgBkItmVVDOPt58cC8066sztd97aOwlTjw1jyCrQqgvSBZIaePmKuR0/s1600/clitools_env_release_overview.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3HRCkkzuI8drC9akd3BypZtAl0vPUpS6tSbQ5WDYhYJUlAIAALSsjx1SiwhowuL8c0abqB64BH5YjGBvkzLrymgBkItmVVDOPt58cC8066sztd97aOwlTjw1jyCrQqgvSBZIaePmKuR0/s640/clitools_env_release_overview.png" width="640" /></a></div>
<br />
The rest of this post is going to assume you have an empty database setup in both your local and remote environments and that you've properly filled out your _env.php and _release.php files.<br />
<br />
We'll continue to use clitools throughout this tutorial but now is a good time to mention that you can read more about clitools at <a href="http://clitools.org/">clitools.org</a>.<br />
<br />
Ok, back to the task at hand. Your local database should look like this:
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggU9Q2R-feVCG6_znnTsWcU7BTeW8f7INmhWMjBxswaFAGfKujRF4Jjc9Z9SYGtIKJ6WyLuqkvVTOfj2KY-JbC6Ue1kksPPrP2g38OekEanitlA5TdaURVmtjPIphxjdt8dMV_9jy5kKw/s1600/before-1-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggU9Q2R-feVCG6_znnTsWcU7BTeW8f7INmhWMjBxswaFAGfKujRF4Jjc9Z9SYGtIKJ6WyLuqkvVTOfj2KY-JbC6Ue1kksPPrP2g38OekEanitlA5TdaURVmtjPIphxjdt8dMV_9jy5kKw/s640/before-1-1.png" width="640" /></a></div>
Now again, on your local machine, run the following command:
<br />
<pre class="brush:bash;">php ~/fbciexample.abovemarket.com/clitools/uschema.php</pre>
After running that command you should see the following output:
<br />
<pre class="brush:bash;">mysql -h localhost -u fbciexample -p********** fbciexample < ~/fbciexample.abovemarket.com/clitools/changes/schema/1.sql
Success: Your database is up to date (at 1.sql)
Files Applied:
~/fbciexample.abovemarket.com/clitools/changes/schema/1.sql</pre>
Now, if you refresh your database page it should look like this:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-_c1wkSPDXPTieorIDPd-U3jEIr8br4RnVxpjk-FnFN0y2XCiNmFH1aftBZrt4qNK0jUMZuIbYd5eZsRVHUvzHhJWXp3woEJouxYbPoWAzNmGKI8330qqMiLsLFoeoYOqN8kKypgZIPM/s1600/after-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-_c1wkSPDXPTieorIDPd-U3jEIr8br4RnVxpjk-FnFN0y2XCiNmFH1aftBZrt4qNK0jUMZuIbYd5eZsRVHUvzHhJWXp3woEJouxYbPoWAzNmGKI8330qqMiLsLFoeoYOqN8kKypgZIPM/s640/after-1.png" width="640" /></a></div>
If you click into the version table you'll see:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCwGlzFP2L9YVLBNELA2NPvmgLbPWsR7kKH7CBUKlN8fji_tuwLLeQ3Do7HPsuZ3mXGnA1A4BYLbgDsmfepo_qBuCfC3ac5j25KTgGAekfEf4qK-Yxw0jQbS_Bq8P80LRXxv2BfzaE9Ug/s1600/howclitoolsuschemaworks.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCwGlzFP2L9YVLBNELA2NPvmgLbPWsR7kKH7CBUKlN8fji_tuwLLeQ3Do7HPsuZ3mXGnA1A4BYLbgDsmfepo_qBuCfC3ac5j25KTgGAekfEf4qK-Yxw0jQbS_Bq8P80LRXxv2BfzaE9Ug/s640/howclitoolsuschemaworks.png" width="640" /></a></div>
<br />
Next, create a BitBucket (or GitHub) project repo:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgU8fuiH7j2hyphenhyphenNPyKCZURYA8JSW69ykR4HUzRuVoMzeYzovFkG35UqSzVSxyxrscJAXVaWw0eTovFX9rkpUb2nJnaoIt0nhINFM6Np5_fIDsg4MIFJcMCXPJrJ1hQ6Xfn-fSZGq-wlmCUY/s1600/bb.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgU8fuiH7j2hyphenhyphenNPyKCZURYA8JSW69ykR4HUzRuVoMzeYzovFkG35UqSzVSxyxrscJAXVaWw0eTovFX9rkpUb2nJnaoIt0nhINFM6Np5_fIDsg4MIFJcMCXPJrJ1hQ6Xfn-fSZGq-wlmCUY/s640/bb.png" width="640" /></a></div>
Next, on your local machine, go to the root of your project dir via the following command:
<br />
<pre class="brush:bash;">cd ~/fbciexample.abovemarket.com</pre>
Okay, now run the following commands:
<br />
<pre class="brush:bash;">git remote add origin ssh://git@bitbucket.org/abovemarket/fbciexample.abovemarket.com.git</pre>
<pre class="brush:bash;">git add .</pre>
<pre class="brush:bash;">git commit -m 'Initial commit'</pre>
Now open your .git/config file:
<br />
<pre class="brush:bash;">nano .git/config</pre>
Add the following lines to the end (make sure you indent using one tab rather than 4 spaces):<br />
<pre class="brush:bash;">[branch "master"]
remote = origin
merge = refs/heads/master</pre>
Save the file. Push your changes:
<br />
<pre class="brush:bash;">git push -u origin --all</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Counting objects: 410, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (394/394), done.
Writing objects: 100% (410/410), 2.17 MiB | 3.96 MiB/s, done.
Total 410 (delta 127), reused 0 (delta 0)
remote: bb/acl: johnerck is allowed. accepted payload.
To ssh://git@bitbucket.org/abovemarket/fbciexample.abovemarket.com.git
* [new branch] master -> master
Branch master set up to track remote branch master from origin.</pre>
Great. Now ssh into your remote machine:
<br />
<pre class="brush:bash;">ssh -p your_port you@your_ip_address</pre>
Remember that if you run into trouble here, it may be because you have MAMP turned on and so whatever domain you're using is resolving to localhost rather than hitting the net.<br />
<br />
Now that you're on your remote machine, run the following command:
<br />
<pre class="brush:bash;">git clone git@bitbucket.org:abovemarket/fbciexample.abovemarket.com</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Cloning into fbciexample.abovemarket.com...
remote: Counting objects: 410, done.
remote: Compressing objects: 100% (267/267), done.
remote: Total 410 (delta 127), reused 410 (delta 127)
Receiving objects: 100% (410/410), 2.17 MiB, done.
Resolving deltas: 100% (127/127), done.</pre>
The directory created when you get cloned the project needs to match apache's web root. If you're interested in knowing how to set up vhosts, checkout a post I did awhile back on that topic: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html">http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html</a><br />
<br />
This tutorial assumes you have your remote apache server environment set up properly. You can exit your remote machine:
<br />
<pre class="brush:bash;">exit</pre>
Okay, now it's time to release our app!<br />
<br />
You can run a git status just to see where we're at right now.
<br />
<pre class="brush:bash;">git status</pre>
It should output:
<br />
<pre class="brush:bash;"># On branch master
nothing to commit (working directory clean)</pre>
Okay, great. Since our current branch is "clean", we know we can release. Since we're on the "master" branch, we know we're about to release master (this is the nature of clitools).<br />
<br />
Run the following command:
<br />
<pre class="brush:bash;">php clitools/releaseto.php production</pre>
clitools will tell you what it's doing while it runs. The last line should say:
<br />
<pre class="brush:bash;">Local status: You've successfully released your project from master to production (v00.001.000)</pre>
clitools just did a number of things for us. A quick review would include:
<br />
<ul>
<li>Created a new release branch (rb00.001)</li>
<li>Created a new release tag from that branch (v00.001.000)</li>
<li>Ssh'd into our remote machine and checked out git tag v00.001.000</li>
<li>Triggered clitools/uschema.php (updated the target machine's database)</li>
<li>Triggered clitools/udata.php (php file that's available to be run on release if need be)</li>
<li>Updated clitools/version.php's file content with v00.001.000</li>
<li>Version stamped each change file applied (if target was "production")</li>
<li>Version stamped a copy of udata's source file (regardless of target environment but only if udata's source file was not empty)</li>
<li>Printed a success message to our screen and pushed the release branch to origin so the rest of our team can be in the loop!</li>
</ul>
Now access your fbciexample.abovemarket.com:<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh27V-sTrm_EfaQs2Q5-hw7pn2mj3Tu0gVOPOGvCc-_9vdBankQMZYIvbY_aoavnM-A5SMloBlIOza6thZS50l3Vcd_BMM8rsqOKfIIwNqqck0h0gsIRn-sHvuUJIiL9-dQGtgSKK896Ps/s1600/remote.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh27V-sTrm_EfaQs2Q5-hw7pn2mj3Tu0gVOPOGvCc-_9vdBankQMZYIvbY_aoavnM-A5SMloBlIOza6thZS50l3Vcd_BMM8rsqOKfIIwNqqck0h0gsIRn-sHvuUJIiL9-dQGtgSKK896Ps/s640/remote.png" width="640" /></a>
On your local machine, run the following command:
<br />
<pre class="brush:bash;">open ~/fbciexample.abovemarket.com/www/index.php</pre>
Add the following lines of php code to the top of the file after the opening php tag:
<br />
<pre class="brush:php;">require_once dirname(__FILE__) . '/../clitools/_env.php';
date_default_timezone_set('UTC'); // So we can call new DateTime();</pre>
Where the file says:
<br />
<pre class="brush:php;">define('ENVIRONMENT', 'development');</pre>
Replace it with:
<br />
<pre class="brush:php;">$ci_environment_translation = CLITOOLS__ENVIRONMENT === 'local' ? 'development' : CLITOOLS__ENVIRONMENT;
define('ENVIRONMENT', $ci_environment_translation);</pre>
If you want errors to get logged in production, switch production's error_reporting from error_reporting(0); to:
<pre class="brush:php;">error_reporting(E_ALL);</pre>
Now set $system_path and $application_folder like so:
<br />
<pre class="brush:php;">$system_path = CLITOOLS__CI_SYSTEM_PATH;
$application_folder = CLITOOLS__CI_APPLICATION_FOLDER;</pre>
Now open your clitools/_env.php file:
<br />
<pre class="brush:bash;">open ~/fbciexample.abovemarket.com/clitools/_env.php</pre>
Add the following lines to your _env.php file (but translated for YOUR local machine of course):
<br />
<pre class="brush:php;">define('CLITOOLS__CI_SYSTEM_PATH', '/Users/johnerck/fbciexample.abovemarket.com/system');
define('CLITOOLS__CI_APPLICATION_FOLDER', '/Users/johnerck/fbciexample.abovemarket.com/application');</pre>
Now open your clitools/_release.php file:
<br />
<pre class="brush:bash;">open ~/fbciexample.abovemarket.com/clitools/_release.php</pre>
Add the following lines to your _release.php file's $content var (but translated for YOUR remote machine of course):
<br />
<pre class="brush:php;">"define('CLITOOLS__CI_SYSTEM_PATH', '/home/admin/fbciexample.abovemarket.com/system');
define('CLITOOLS__CI_APPLICATION_FOLDER', '/home/admin/fbciexample.abovemarket.com/application');"</pre>
Now run:
<br />
<pre class="brush:bash;">git status</pre>
<pre class="brush:bash;">git add .</pre>
<pre class="brush:bash;">git commit -m 'Updated some environment related settings (i.e. fixed bug in app)'</pre>
<pre class="brush:bash;">git push</pre>
<pre class="brush:bash;">php clitools/releaseto.php production</pre>
clitools will tell you what it's doing while it runs. The last line should say:
<br />
<pre class="brush:bash;">Local status: You've successfully released your project from master to production (v00.002.000)</pre>
Now access your fbciexample.abovemarket.com
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKaAeXi08TN-bVFo-QJikLdIsbtdPRoaR9_94X129jN6fGPviZ3v457DHUX9KeNB-Usdskrl0bzdmXoEXWrwkrdL3K_uboJbLVeiboV6EcZf61tW2Gels-UtCBGZ-XDpKAYTBS8dD7_rg/s1600/CodeIgniterOnFire.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKaAeXi08TN-bVFo-QJikLdIsbtdPRoaR9_94X129jN6fGPviZ3v457DHUX9KeNB-Usdskrl0bzdmXoEXWrwkrdL3K_uboJbLVeiboV6EcZf61tW2Gels-UtCBGZ-XDpKAYTBS8dD7_rg/s640/CodeIgniterOnFire.png" width="640" /></a></div>
Congrats! You're on fire!<br />
<br />
Want pretty URLs? Me too. Add the following .htaccess file in www/:
<pre class="brush:bash;">RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]</pre>
Then
<pre class="brush:bash;">open application/config/config.php</pre>
and update to:
<pre class="brush:php;">$config['index_page'] = ''; // Was previously 'index.php'</pre>
That's all for now. At a future date I'll extend this post to show you how to install Sparks (SolidSess to be exact). That's where FB comes into the mix too! Later!John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-86515023658924787212013-04-27T22:17:00.000-07:002013-05-07T04:34:06.253-07:00How do I set up Apache virtual hosts on a Debian based Linux machine and configure to support HTTPS?Preliminary quick note, if you haven't enabled ssh keys between your local machine and your remote machine, I recommend that you do. I just posted a how to on this you can check out here: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-ssh-keys-and-turn-off_27.html">http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-ssh-keys-and-turn-off_27.html</a><br />
<br />
Okay, now on to virtual host configuration! Connect to your remote machine (hopefully via ssh keys!):
<br />
<pre class="brush:bash;">ssh -p your_port you@your_ip_address</pre>
Then run the following command:
<br />
<pre class="brush:bash;">sudo mkdir -p /etc/apache2/ssl/your_site.com</pre>
Then run the following command:
<br />
<pre class="brush:bash;">sudo openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/your_site.com/apache.pem -keyout /etc/apache2/ssl/your_site.com/apache.pem</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Generating a 1024 bit RSA private key
..++++++
...........................++++++
writing new private key to '/etc/apache2/ssl/your_site.com/apache.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: # your input here...
State or Province Name (full name) [Some-State]: # your input here...
Locality Name (eg, city) []: # your input here...
Organization Name (eg, company) [Internet Widgits Pty Ltd]: # your input here...
Organizational Unit Name (eg, section) []: # your input here...
Common Name (eg, YOUR name) []: # your input here...
Email Address []: # your input here...
</pre>
Now enable ssl within apache:
<br />
<pre class="brush:bash;">sudo a2enmod ssl</pre>
You'll see the following output:
<br />
<pre class="brush:bash;">Enabling module ssl.
See /usr/share/doc/apache2.2-common/README.Debian.gz on how to configure SSL and create self-signed certificates.
Run '/etc/init.d/apache2 restart' to activate new configuration!</pre>
We don't need to restart apache at the moment as we still have work to do! Also note, you can open and read the file they recommend and get apache config info straight from the horse's mouth too if you want! Here's a blog post that shows you the content of that file: <a href="http://oneqonea.blogspot.com/2013/04/whats-best-place-to-look-for-how-to.html">http://oneqonea.blogspot.com/2013/04/whats-best-place-to-look-for-how-to.html</a><br />
<br />
While we're at it let's enable apache's mod_rewrite too:
<br />
<pre class="brush:bash;">sudo a2enmod rewrite</pre>
Again, it's not necessary to restart your server at this time.<br />
<br />
Next we're going to set up our virtual hosts. Run the following command:
<br />
<pre class="brush:bash;">sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/your_site.com</pre>
Then run:
<br />
<pre class="brush:bash;">sudo nano /etc/apache2/sites-available/your_site.com</pre>
Update it with your site's info (and set "AllowOverride" to "All" to enable .htaccess files):
<br />
<pre class="brush:bash;"><VirtualHost *:80>
ServerAdmin admin@your_site.com
ServerName your_site.com
ServerAlias www.your_site.com
DocumentRoot /home/admin/your_site.com/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/admin/your_site.com/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /access.log combined
</VirtualHost></pre>
Also, be sure to add ServerName your_site.com and ServerAlias www.your_site.com after the ServerAdmin line (so you'll be in a position to host multiple https sites on a single machine).<br />
<br />
Now, we need to create almost the exact same thing in the same file but wrap the config settings in <VirtualHost *:443> rather than <VirtualHost *:80>, to do this easily, run the following series of commands:<br />
<pre class="brush:bash;">su root</pre>
Then run the following TWO commands as root (we're appending to the new file so we want to run the same command twice):
<br />
<pre class="brush:bash;">cat /etc/apache2/sites-available/your_site.com >> /etc/apache2/sites-available/new_temp
cat /etc/apache2/sites-available/your_site.com >> /etc/apache2/sites-available/new_temp</pre>
Then exit from root:
<br />
<pre class="brush:bash;">exit</pre>
Then replace your old file:
<br />
<pre class="brush:bash;">sudo mv /etc/apache2/sites-available/new_temp /etc/apache2/sites-available/your_site.com</pre>
Now open your file for editing:
<br />
<pre class="brush:bash;">sudo nano /etc/apache2/sites-available/your_site.com</pre>
Scroll down to the second instance of <VirtualHost *:80> and replace it with:
<br />
<pre class="brush:bash;"><VirtualHost *:443></pre>
Now add the following two lines within your :443 settings block:
<br />
<pre class="brush:bash;">SSLEngine on
SSLCertificateFile /etc/apache2/ssl/your_site.com/apache.pem</pre>
Next, you need to create your website's document root. I do this by running a git clone. If you don't have git installed on your server or you haven't yet linked your machine with your BitBucket/GitHub account, checkout the following post before continuing (it's easy): <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-install-git-and-link-my-linux.html">http://oneqonea.blogspot.com/2013/04/how-do-i-install-git-and-link-my-linux.html</a><br />
<br />
Okay cool, you're back. After checking out that post you should now have your project cloned to your remote machine (i.e. the document root dir referenced in our vhost config file now points to a directory that exists).<br />
<br />
Next, we need to edit our ports.conf file:
<br />
<pre class="brush:bash;">sudo nano /etc/apache2/ports.conf</pre>
Add the following line as depicted in the following image:
<br />
<pre class="brush:bash;">NameVirtualHost *:443</pre>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWyio733tcDSSX5kiWizdkCeeSvtfvyq_rbE3ZeqLn9hcOLzF46lXP_lBpf36wUUjysKcj-X-WyzS_hvluAubFP5mC5hoIA_Ut2EHWgoFkPMZpvGS_3j6XiBu_qyRdyvGzQVkmJNoQXXU/s1600/AddNameVirtualHostLine.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="272" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWyio733tcDSSX5kiWizdkCeeSvtfvyq_rbE3ZeqLn9hcOLzF46lXP_lBpf36wUUjysKcj-X-WyzS_hvluAubFP5mC5hoIA_Ut2EHWgoFkPMZpvGS_3j6XiBu_qyRdyvGzQVkmJNoQXXU/s640/AddNameVirtualHostLine.png" width="640" /></a></div>
Now is a good time to double check and make sure "your_site.com" points to "your_ip_address" at the DNS level. Once you've double checked that all we need to do is enable our site, disable default, and restart apache:
<br />
<pre class="brush:bash;">sudo a2ensite your_site.com</pre>
Output will tell you to run a follow up command. You don't need to at this time. Next run:
<br />
<pre class="brush:bash;">sudo a2dissite default</pre>
Now restart apache (as opposed to reload):
<br />
<pre class="brush:bash;">sudo /etc/init.d/apache2 restart</pre>
Badda bing, badda boom! You're up and running with a secure site! Now let's test it!<br />
<br />
Put a "test" info.php file inside your project's web root:
<br />
<pre class="brush:bash;">echo '<?php phpinfo();' > your_site.com/www/info.php</pre>
Now access your_site.com/info.php via http first and https second. The following screenshots show what you should see!<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQh713NxoNAGJgMUyzcETVq-CXCVK0xQKnf_329OkGXDgV4HfsHJbTxZ6EMLRYp4yM1O5tYt319gIf0nteJMmo0js-XNrhCH4FlmEPxm2ltqgSiKDayc8JqgovRNhyphenhyphend7NjdIxeOf6V_5E/s1600/infophphttp.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQh713NxoNAGJgMUyzcETVq-CXCVK0xQKnf_329OkGXDgV4HfsHJbTxZ6EMLRYp4yM1O5tYt319gIf0nteJMmo0js-XNrhCH4FlmEPxm2ltqgSiKDayc8JqgovRNhyphenhyphend7NjdIxeOf6V_5E/s640/infophphttp.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHpJT2EPzdQaXY_r9t-mcQ_bnO3WfNZsm3vkLTCDQo3jY-k_r_sdECteNwIAka26vtbAWwXLskzHl4bPcKPGb8lg3tWp6pAagVPr-wm3S_sQFplxyHW5IpFvBzmMShvqXJBMSwrywD1ts/s1600/infophphttps1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHpJT2EPzdQaXY_r9t-mcQ_bnO3WfNZsm3vkLTCDQo3jY-k_r_sdECteNwIAka26vtbAWwXLskzHl4bPcKPGb8lg3tWp6pAagVPr-wm3S_sQFplxyHW5IpFvBzmMShvqXJBMSwrywD1ts/s640/infophphttps1.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ0RlC35sI0v2o4NRkkzrg2_faNfYGjt_7K0zOtgQlJ8Gmj-7HQXA-iMsPIg_A5rSPc-FHoAqe-bwFdE3Cy5UQFTZsOgGRurFdddZWrkepzwzs83KmuKb5vZii7PPzB6lcnh500Xya0k8/s1600/infophphttps2-1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ0RlC35sI0v2o4NRkkzrg2_faNfYGjt_7K0zOtgQlJ8Gmj-7HQXA-iMsPIg_A5rSPc-FHoAqe-bwFdE3Cy5UQFTZsOgGRurFdddZWrkepzwzs83KmuKb5vZii7PPzB6lcnh500Xya0k8/s640/infophphttps2-1.png" width="640" /></a></div>
<br />
If your screens look like my screens then you rock! Let's wrap up by removing our test file:
<br />
<pre class="brush:bash;">rm your_site.com/www/info.php</pre>
After doing that you're done! You can exit your remote machine.
<br />
<pre class="brush:bash;">exit</pre>
Congrats!<br />
<br />
In a future post we'll be looking at how to add a release management library I wrote called clitools to a CodeIgniter project and doing your first release to your new machine! Stay tuned!John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-28839191906364733172013-04-27T20:56:00.000-07:002013-04-28T09:03:47.348-07:00How do I install git and link my Linux machine to my BitBucket/GitHub account?To start things off, connect to your remote machine:
<br />
<pre class="brush:bash;">ssh -p your_port you@your_ip_address</pre>
Now, see if you already have git installed:
<br />
<pre class="brush:bash;">which git</pre>
If your machine has git installed you'll see its path printed to your screen. Else, you'll need to install it:
<br />
<pre class="brush:bash;">sudo aptitude install git</pre>
You'll be prompted regarding incoming file size. Enter "yes". Now run:
<br />
<pre class="brush:bash;">which git</pre>
You'll see the program's path printed to your screen:
<br />
<pre class="brush:bash;">/usr/bin/git</pre>
Now we need to check and see if you have an ssh key pair on your machine or if we need to create one. To start off, we need to examine your remote machine. Run the following command:
<br />
<pre class="brush:bash;">cat ~/.ssh/id_rsa.pub</pre>
If the above command prints "No such file or directory", then you'll need to generate an ssh key pair before continuing. If the previous command printed a bunch of funny looking letters and numbers, then you already have an ssh key pair on your local machine that we can make use of!<br />
<br />
Okay, so if your machine doesn't already have an ssh key pair on file, we can easily create one. Enter the following command:
<br />
<pre class="brush:bash;">ssh-keygen -t rsa -C "your_email@your_domain.com"</pre>
You'll be prompted with the following:
<br />
<pre class="brush:bash;">Enter file in which to save the key (/Users/you/.ssh/id_rsa):</pre>
Just press enter and "~/.ssh/id_rsa" will be used (which is what we want).<br />
<br />
Next, you'll be prompted with the following:
<br />
<pre class="brush:bash;">Enter passphrase (empty for no passphrase):</pre>
Press enter twice to generate a key pair without a passphrase.<br />
<br />
Now, at this point, everybody should have an "~/.ssh/id_rsa.pub" file on their remote machine. Next, log in to your BitBucket or GitHub account.<br />
<br />
For BitBucket follow these steps:
<br />
<ul>
<li>Step 1) Go to <a href="https://bitbucket.org/account/user/abovemarket/ssh-keys/">https://bitbucket.org/account/user/abovemarket/ssh-keys/</a></li>
<li>Step 2) Click "Add key" as shown in the following screenshot:</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQiOaHDgrSYWJFVqxGK-EOhp54S7nd3zJvgvd28JNTWqRuPp3GF_4jwkSpcynHEOLvFasI2eZIdE65fcXQ1Yi6rAfW0jhyg2ij2qXXP2RRzBR0u5jkvt8e-g9OQ245Sj53uwei2H3kr6o/s1600/HowToAddSSHKeyToBitBucket1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQiOaHDgrSYWJFVqxGK-EOhp54S7nd3zJvgvd28JNTWqRuPp3GF_4jwkSpcynHEOLvFasI2eZIdE65fcXQ1Yi6rAfW0jhyg2ij2qXXP2RRzBR0u5jkvt8e-g9OQ245Sj53uwei2H3kr6o/s640/HowToAddSSHKeyToBitBucket1.png" width="640" /></a></div>
<br />
<ul>
<li>
Step 3) Print your machine's id_rsa.pub file content on the command line so you can manually copy it into memory:
<pre class="brush:bash;">cat ~/.ssh/id_rsa.pub</pre>
After copying it, without getting a single extra character accidentally added, paste it into your BitBucket account as shown in the following screenshot:
</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinxr0n89ptyFoJe7-JmwIbgSIcuCcQBWAwJbgOgJRocVXKb-baAUOuBeY1cBoDW1FylGOUaE_YLSC4LNWBsbrwuA5E31Q4sSfDcOl6kl5UWXKK6bkGHhsX07G3becfHSV7p6ryFe0D-Jo/s1600/HowToAddSSHKeyToBitBucket2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEinxr0n89ptyFoJe7-JmwIbgSIcuCcQBWAwJbgOgJRocVXKb-baAUOuBeY1cBoDW1FylGOUaE_YLSC4LNWBsbrwuA5E31Q4sSfDcOl6kl5UWXKK6bkGHhsX07G3becfHSV7p6ryFe0D-Jo/s640/HowToAddSSHKeyToBitBucket2.png" width="640" /></a></div>
<br />
<br />
For GitHub follow these steps:
<br />
<ul>
<li>Step 1) Go to <a href="https://github.com/settings/ssh/">https://github.com/settings/ssh/</a></li>
<li>Step 2) Click "Add SSH key" as shown in the following screenshot:</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDusWG6QjhpXnnFASg4o1Zp_vgUGjyze9IOmOO-me9RKX-Pv3eNQGKdby3oJEem8sq2LdO5ydkOKLpP5nVA2hMqTgnfgKZEZilN-lLdb-znKOmP3aX7x760OAkAFfxpb9v4_aGwPkcbug/s1600/HowToAddSSHKeyToGitHub1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDusWG6QjhpXnnFASg4o1Zp_vgUGjyze9IOmOO-me9RKX-Pv3eNQGKdby3oJEem8sq2LdO5ydkOKLpP5nVA2hMqTgnfgKZEZilN-lLdb-znKOmP3aX7x760OAkAFfxpb9v4_aGwPkcbug/s640/HowToAddSSHKeyToGitHub1.png" width="640" /></a></div>
<br />
<ul>
<li>
Step 3) Print your machine's id_rsa.pub file content on the command line so you can manually copy it into memory:
<pre class="brush:bash;">cat ~/.ssh/id_rsa.pub</pre>
After copying it, without getting a single extra character accidentally added, paste it into your GitHub account as shown in the following screenshot:
</li>
</ul>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe9UPkVSxnN2afHAmQ5e6MUcdlP3CNoolj0SCMcsfjjMtZkanx9cqoWm3e1nPp0VAWhrlsp_Bo1Vt9RJC0pNJkleqFyEn6zXgWcNYnOc73Rq41492Tb5JKE9ScAaY1fffimDZ9z88_vyM/s1600/HowToAddSSHKeyToGitHub2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe9UPkVSxnN2afHAmQ5e6MUcdlP3CNoolj0SCMcsfjjMtZkanx9cqoWm3e1nPp0VAWhrlsp_Bo1Vt9RJC0pNJkleqFyEn6zXgWcNYnOc73Rq41492Tb5JKE9ScAaY1fffimDZ9z88_vyM/s640/HowToAddSSHKeyToGitHub2.png" width="640" /></a></div>
Next, config git to use your BitBucket/GitHub email address:
<pre class="brush:bash;">git config --global user.name "Your Full Name Here"</pre>
<pre class="brush:bash;">git config --global user.email your_repo_email@your_domain.com</pre>
Now, clone your project!<br />
<br />
For BitBucket:
<pre class="brush:bash;">git clone git@bitbucket.org:your_username/your_project.git your_domain.com</pre>
For GitHub:
<pre class="brush:bash;">git clone git@github.com:your_username/your_project.git your_domain.com</pre>
In either case, you'll be prompted about "The authenticity of host...", enter "yes".<br />
<br />
Boom! You're done! Way to go!<br />
<br />
Lastly, if you're coming from my post titled, "How do I set up Apache virtual hosts on a Debian based Linux machine and configure to support HTTPS?", you can get back to it here: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html">http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com2tag:blogger.com,1999:blog-3027113479926031556.post-83069425774033622922013-04-27T18:07:00.002-07:002013-04-27T18:07:35.738-07:00What's the best place to look for how to manage an Apache2 server running on a Debian-based Linux box?If you don't already have apache2 installed on your machine, run the following command:
<pre class="brush:bash;">sudo aptitude install apache2</pre>
Then run:
<pre class="brush:bash;">sudo gunzip /usr/share/doc/apache2.2-common/README.Debian.gz</pre>
Followed up by:
<pre class="brush:bash;">cat /usr/share/doc/apache2.2-common/README.Debian</pre>
Which will print 399 lines of very helpful information:
<pre class="brush:bash;">Contents
========
Apache2 Configuration under Debian GNU/Linux
Files and Directories in /etc/apache2
Tools
Using mod_disk_cache
SSL
Enabling SSL
Creating self-signed certificates
SSL workaround for MSIE
Suexec
Documentation
Upgrades
Common Problems
Apache2 Configuration under Debian GNU/Linux
============================================
Debian's default Apache2 installation attempts to make adding and
removing modules, virtual hosts, and extra configuration directives as
flexible as possible, in order to make automating the changes and
administering the server as easy as possible.
Please be aware that this layout is quite different from the standard
Apache configuration. Due to the use of environment variables, apache2
needs to be started/stopped with /etc/init.d/apache2 or apache2ctl.
Calling /usr/bin/apache2 directly will not work with the default
configuration. To call apache2 with specific command line arguments,
just call apache2ctl with the same arguments.
Files and Directories in /etc/apache2:
-------------------------------------
apache2.conf
This is the main configuration file.
envvars
This contains environment variables that may be used in the
configuration. Some settings, like user and pid file, need to
go in here so that other scripts can use them. It can also
be used to change some default settings used by apache2ctl.
Here is also the default LANG=C setting that can be changed
to a different language.
conf.d/
Files in this directory are included by this line in
apache2.conf:
# Include generic snippets of statements
Include /etc/apache2/conf.d
This is a good place to add additional configuration
directives. Packages should not use configuration
files that start with 'local-' or end with '.local'.
The local administrator can use these filenames to make
sure that there are no conflicts with files provided by
packages.
If the local administrator is not comfortable with packages
activating their config files by default, it is possible
to change the 'Include /etc/apache2/conf.d/' in apache2.conf
into 'Include /etc/apache2/conf.d.enabled/' and create that
directory. He can then put symlinks to the files in conf.d
which he wants to enable into conf.d.enabled.
httpd.conf
Empty file.
magic
Patterns for mod_mime_magic. This is not compatible with the format
used by current versions of the file/libmagic packages.
mods-available/
This directory contains a series of .load and .conf files.
The .load files contain the Apache configuration directive
necessary to load the module in question. The respective
.conf files contain configuration directives necessary to
utilize the module in question.
mods-enabled/
To actually enable a module for Apache2, it is necessary to
create a symlink in this directory to the .load (and .conf, if
it exists) files associated with the module in
mods-available/. For example:
cgi.load -> /etc/apache2/mods-available/cgi.load
ports.conf
Configuration directives for which ports and IP addresses to
listen to.
sites-available/
Like mods-available/, except it contains configuration
directives for different virtual hosts that might be used with
apache2. Note that the hostname doesn't have to correspond
exactly with the filename. 'default' is the default host.
sites-enabled/
Similar in functionality to mods-enabled/, sites-enabled
contains symlinks to sites in sites-available/ that the
admnistrator wishes to enable.
Apache uses the first VirtualHost that matches the IP/Port
as default for named virtual hosts. Therefore the 'default'
site is linked to '000-default' so that it will be read first.
Example:
dedasys -> /etc/apache2/sites-available/dedasys
The Include directive ignores files with names that
- do not begin with a letter or number
- contain a character that is neither letter nor number nor _-.
- contain .dpkg
Other files
-----------
For historical reasons, the pid file is in /var/run/apache2.pid and not in
/var/run/apache2/apache2.pid.
Tools
-----
a2enmod and a2dismod are available for enabling and disabling modules utilizing
the above configuration system.
a2ensite and a2dissite do essentially the same thing as the above tools, but
for sites rather than modules.
apxs2 -a/-A is modified to use a2enmod to activate newly installed modules.
Using mod_disk_cache
====================
To ensure that the disk cache does not grow indefinitely, htcacheclean is
started when mod_disk_cache is enabled. Both daemon and cron (daily) mode
are supported. The configuration (run mode, cache size, ...) is in
/etc/default/apache2 .
Normally, htcacheclean is automatically started and stopped by
/etc/init.d/apache2. However, if you change the state of mod_disk_cache or the
configuration of htcacheclean while apache2 is running, you may need to
manually start/stop htcacheclean with "/etc/init.d/apache2 start-htcacheclean"
or "/etc/init.d/apache2 stop-htcacheclean".
SSL
===
Enabling SSL
------------
To enable SSL, type (as user root):
a2ensite default-ssl
a2enmod ssl
If you want to use self-signed certificates, you should install the ssl-cert
package (see below). Otherwise, just adjust the SSLCertificateFile and
SSLCertificateKeyFile directives in /etc/apache2/sites-available/default-ssl to
point to your SSL certificate. Then restart apache:
/etc/init.d/apache2 restart
The SSL key file should only be readable by root, the certificate file may be
globally readable. These files are read by the Apache parent process which runs
as root. Therefore it is not necessary to make the files readable by the
www-data user.
Creating self-signed certificates
---------------------------------
If you install the ssl-cert package, a self-signed certificate will be
automatically created using the hostname currently configured on your computer.
You can recreate that certificate (e.g. after you have changed /etc/hosts or
DNS to give the correct hostname) as user root with:
make-ssl-cert generate-default-snakeoil --force-overwrite
To create more certificates with different host names, you can use
make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /path/to/cert-file.crt
This will ask you for the hostname and place both SSL key and certificate in
the file /path/to/cert-file.crt . Use this file with the SSLCertificateFile
directive in the Apache config (you don't need the SSLCertificateKeyFile in
this case as it also contains the key). The file /path/to/cert-file.crt should
only be readable by root. A good directory to use for the additional
certificates/keys is /etc/ssl/private .
SSL workaround for MSIE
-----------------------
The SSL workaround for MS Internet Explorer needs to be added to your SSL
VirtualHost section (it was previously in ssl.conf but caused keepalive to be
disabled even for non-SSL connections):
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
The default SSL virtual host in /etc/apache2/sites-available/default-ssl
already contains this workaround.
Suexec
======
Debian ships two version of the suexec helper program required by mod_suexec.
It is not installed by default, to avoid possible security issues. The package
apache2-suexec contains the standard version that works only with document root
/var/www, userdir suffix public_html, and Apache run user www-data. The package
apache2-suexec-custom contains a customizable version, that can be configured
with a config file to use different settings (like /srv/www as document root).
For more information see the suexec(8) man page in the apache2-suexec-custom
package.
Since apache2-suexec-custom has received less testing and might be slightly
slower, apache2-suexec is the recommended version unless you need the features
from apache2-suexec-custom.
Documentation
=============
The full Apache 2 documentation can be found on the web at
http://httpd.apache.org/docs/2.2/
or, if you have installed the apache2-doc package, in
/usr/share/doc/apache2-doc/manual/
or at
http://localhost/manual/
There is also a wiki that contains useful information:
http://wiki.apache.org/httpd/
Some hints about securing Apache 2 on Debian are available at
http://wiki.debian.org/Apache/Hardening
Upgrades
========
Changes in the Apache packages that require manual configuration adjustments
are announced in NEWS.Debian. Installing the apt-listchanges package is
recommended. It will display the relevant NEWS.Debian sections before
upgrades.
Multiple instances
==================
There is some support for running multiple instances of Apache2 on the same
machine. See /usr/share/doc/apache2.2-common/README.multiple-instances for more
information.
Common Problems
===============
1) Error message "Could not reliably determine the server's fully qualified
domain name, using 127.0.0.1 for ServerName" during start
This can usually be ignored but it means that Apache httpd was unable to obtain
a fully-qualified hostname by doing a reverse lookup on your server's IP
address. You may want to add the fully-qualified hostname to /etc/hosts .
An alternative is to specify "ServerName 127.0.0.1" in the global server
context of the configuration, e.g. in /etc/apache2/conf.d/servername.local .
2) Error message "mod_rewrite: could not create rewrite_log_lock"
This probably means that there are some stale SYSV semaphores around. This
usually happens after apache2 has been killed with kill -9 (SIGKILL). You can
clean up the semaphores with:
ipcs -s | grep www-data | awk ' { print $2 } ' | xargs ipcrm sem
3) Message "NameVirtualHost *:80 has no VirtualHosts" in error log
Probably the VirtualHost definitions have not been adjusted after the
NameVirtualHost directive was changed in ports.conf.
See /usr/share/doc/apache2.2-common/NEWS.Debian.gz
4) Message "File does not exist: /etc/apache2/htdocs" in error log
In most cases this means that no matching VirtualHost definition could be
found for an incoming request. Check that the target IP address/port and the
name in the Host: header of the request actually match one of the virtual
hosts.
5) Message "Couldn't create pollset in child; check user or system limits" in
error log
On Linux kernels since 2.6.27.8, the value in
/proc/sys/fs/epoll/max_user_instances
needs to be larger than
for prefork/itk MPM: 2 * MaxClients
for worker/event MPM: MaxClients + MaxClients/ThreadsPerChild
It can be set on boot by adding a line like
fs.epoll.max_user_instances=1024
to /etc/sysctl.conf.
There are several other error messages related to creating a pollset that can
appear for the same reason.
On the other hand, errors about to adding to a pollset are related to the
setting fs.epoll.max_user_watches. On most systems, max_user_watches should be
high enough by default.
6) Message "Server should be SSL-aware but has no certificate configured" in
error log
Since 2.2.12, Apache is stricter about certain misconfigurations concerning
name based SSL virtual hosts. See NEWS.Debian.gz for more details.
7) Apache does not pass Authorization header to CGI scripts
This is intentional to avoid security holes. If you really want to change it,
you can use mod_rewrite:
RewriteCond %{HTTP:Authorization} (.*)
RewriteRule . - [env=HTTP_AUTHORIZATION:%1]
8) mod_dav is behaving strangely
In general, if you use mod_dav_fs, you need to disable multiviews and script
execution for that directory. For example:
<Directory /var/www/dav>
Dav on
Options -MultiViews -ExecCGI
SetHandler none
<IfModule mod_php5.c>
php_admin_value engine Off
</IfModule>
</Directory>
9) Message "apache2: bad user name " when starting apache2
directly
Use apache2ctl (it accepts all options of apache2).
10) Apache is using a lot of memory and is not freeing it even when idle
By default, Apache will not give back unused memory but keep it around for
later use.
* Tune StartServers, MaxRequestsPerChild, MinSpareThreads/MinSpareServers,
MaxSpareThreads/MaxSpareServers in /etc/apache2/apache2.conf
* If you are really starved for memory, try adding 'MaxMemFree 4' to your
Apache configuration. This will reduce Apache's performance.
Because of the way Apache's memory allocator interacts with glibc's malloc,
higher values of MaxMemFree don't have much effect.
11) A PUT with mod_dav_fs fails with "Unable to PUT new contents for /...
[403, #0]" even if Apache has permission to write the file.
Apache also needs write permission to the directory containing the file, in
order to replace it atomically.
12) How to increase the ulimit for the max number of open files?
Add the following line to /etc/apache2/envvars:
APACHE_ULIMIT_MAX_FILES='ulimit -n 65536'</pre>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-421053387106055812013-04-27T14:21:00.000-07:002013-04-28T13:38:47.450-07:00How do I set up ssh keys and turn off password access on my new Linux box?To start off, we need to examine your local machine. Run the following command:
<pre class="brush:bash;">cat ~/.ssh/id_rsa.pub</pre>
If the above command prints "No such file or directory", then you'll need to generate an ssh key pair before continuing. If the previous command printed a bunch of funny looking letters and numbers, then you already have an ssh key pair on your local machine that we can make use of!<br />
<br />
Okay, so if your machine doesn't already have an ssh key pair on file, we can easily create one. Enter the following command:
<pre class="brush:bash;">ssh-keygen -t rsa -C "your_email@example.com"</pre>
You'll be prompted with the following:
<pre class="brush:bash;">Enter file in which to save the key (/Users/you/.ssh/id_rsa):</pre>
Just press enter and "~/.ssh/id_rsa" will be used (which is what we want).<br />
<br />
Next, you'll be prompted with the following:
<pre class="brush:bash;">Enter passphrase (empty for no passphrase):</pre>
Press enter twice to generate a key pair without a passphrase.<br />
<br />
Now, at this point, everybody should have an "~/.ssh/id_rsa.pub" file on their local machine. Next, connect to your remote machine using your password:
<pre class="brush:bash;">ssh -p your_port you@your_ip_address</pre>
Then, run the following command (to ensure you have an ".ssh" dir on file):
<pre class="brush:bash;">mkdir -p ~/.ssh</pre>
Now exit and return to your local machine:
<pre class="brush:bash;">exit</pre>
Next, copy your public key to your remote machine:
<pre class="brush:bash;">scp -P your_ssh_port ~/.ssh/id_rsa.pub your_user@your_ip_address:~/incoming_public_key.pub</pre>
Next, connect to your remote machine via username and password:
<pre class="brush:bash;">ssh -p your_port you@your_ip_address</pre>
Next, enter the following command:
<pre class="brush:bash;">cat ~/incoming_public_key.pub >> ~/.ssh/authorized_keys</pre>
Then remove the source file:
<pre class="brush:bash;">rm ~/incoming_public_key.pub</pre>
Now, exit your remote machine:
<pre class="brush:bash;">exit</pre>
SSH keys have now been set up! Now, with a single command you're into your remote machine:
<pre class="brush:bash;">ssh -p your_ssh_port you@your_ip_address</pre>
Boom! Time to disallow password-based ssh connections.<br />
<br />
K, starting from within your remote machine, run the following command:
<pre class="brush:bash;">sudo nano /etc/ssh/sshd_config</pre>
Then, scroll down to the section that looks like this:
<pre class="brush:bash;"># Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes</pre>
and switch it to this:
<pre class="brush:bash;"># Change to no to disable tunnelled clear text passwords
PasswordAuthentication no</pre>
Save the file. Now restart the ssh daemon:
<pre class="brush:bash;">sudo /etc/init.d/ssh restart</pre>
Boom. We're done, ssh key pair connections only! <i>Before exiting the remote machine</i> you can validate this yourself if you'd like by walking through the following process:
<ul>
<li>Step 0) <b>Make sure you have an open connection to your remote machine.</b></li>
<li>Step 1) Open a new Terminal window.</li>
<li>Step 2) Run the following command on your remote machine:</li>
</ul>
<pre class="brush:bash;">mv ~/.ssh/authorized_keys ~/.ssh/authorized_keys_mimic_no_machines_authed</pre>
<ul>
<li>Step 3) In your other Terminal window (local machine), try to ssh into your machine:</li>
</ul>
<pre class="brush:bash;">ssh -p your_ssh_port you@your_ip_address</pre>
You'll see the following output:
<pre class="brush:bash;">Permission denied (publickey).</pre>
Boom! Now das wassup!<br />
<br />
If you're interested in what's going on process-wise, here's the skinny:
By moving the location of the "authorized_keys" file on the remote machine we're mimicking your local
machine not having a "machine to machine ssh key connection" with your remote box. Therefore,
when we run the above ssh command, ssh first tries to connect using your machine's local ssh key pair,
but gets denied because the public key counterpart is "not on file" on our remote machine (remember that
we moved the "authorized_keys" file to "authorized_keys_mimic_no_machines_authed" to create this scenario).
Next, ssh looks to use a password picked up from the command line and gets rejected on that due to our latest
sshd config update! Woo hoo! At this point you can test connecting with your root user too if you'd like and
you'll see that not even root can log in to the remote machine! Now you see why I said, "<b>Make sure you have
an open connection to your remote machine.</b>" in "Step 0" above. Let's put things back now.
Run the following command on your remote machine:
<pre class="brush:bash;">mv ~/.ssh/authorized_keys_mimic_no_machines_authed ~/.ssh/authorized_keys</pre>
Now, from your other Terminal window, you can run:
<pre class="brush:bash;">ssh -p your_ssh_port you@your_ip_address</pre>
And boom you'll be good to go.<br />
<br />
Now das wassup! You're done! You can even exit your remote machine if you want!
<pre class="brush:bash;">exit</pre>
Lastly, if you're coming from my "How do I set up Apache virtual hosts on a Debian based Linux machine and configure to support HTTPS?" post, you can get back to it here: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html">http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-73822297522781661842013-04-21T15:27:00.000-07:002013-07-06T16:28:18.144-07:00How do I install the latest versions of Apache, MySQL, and PHP on a Debian based Linux machine?What up! So you want to know how to install the latest versions of Apache, MySQL, and PHP on a Debian based Linux machine? Sweet. Me too.<br />
<br />
If you need help getting a Debian based Linux machine online, check out a post I did the other day titled: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-next-generation.html">How do I set up a Next Generation Rackspace Cloud Server running Debian 7 (Wheezy)?</a><br />
<br />
Okay, slap yourself in the face real quick. It's time to get started!<br />
<br />
SSH into your machine.<br />
<br />
Then walk through the following post: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-install-mysql-client-mysql.html">How do I install mysql-client, mysql-server, and libmysqlclient-dev on a Next Generation Rackspace Cloud Server running Debian 7 (Wheezy)?</a> Note that you can skip the libmysqlclient-dev piece.<br />
<br />
Great. You're back. Okay, now run the following command:
<br />
<pre class="brush:bash;">sudo aptitude install apache2</pre>
You'll be prompted to "ok" the amount of space that will be used after unpacking the archives. Enter "yes" to proceed.<br />
<br />
Apache's default document root is <i>/var/www</i> on Debian, and the configuration file is <i>/etc/apache2/apache2.conf</i>. Additional configurations are stored in subdirectories of the <i>/etc/apache2</i> directory such as <i>/etc/apache2/mods-enabled</i> (for Apache modules), <i>/etc/apache2/sites-enabled</i> (for virtual hosts), and <i>/etc/apache2/conf.d</i>.<br />
<br />
If you enter your server's IP address into your browser, you'll see that we're on fire!
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh85_lm8eY5ydLlM9Bl-084sqkXo9SRU4ZQpzvxtqIKggxKkpNA_59msqVLYKlQ1aQA4jDcB57A__nHuz80O56w4L61KmfRBRtNr3c1GPrV2Z3qWHBIkUcM9NEIQQv7UCfWQj4eiLUkcdA/s1600/default_web_page.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh85_lm8eY5ydLlM9Bl-084sqkXo9SRU4ZQpzvxtqIKggxKkpNA_59msqVLYKlQ1aQA4jDcB57A__nHuz80O56w4L61KmfRBRtNr3c1GPrV2Z3qWHBIkUcM9NEIQQv7UCfWQj4eiLUkcdA/s640/default_web_page.png" width="640" /></a></div>
Okay, now on to installing php:
<br />
<pre class="brush:bash;">sudo aptitude install php5</pre>
PHP 5.4 will be installed. If you're setting up a Debian 6.0 (Squeeze) box and require php 5.4 (like I used to) then splash some hot coffee in your face because we've got an extra couple of steps to perform!<br />
<br />
Run the following command:
<br />
<pre class="brush:bash;">sudo nano /etc/apt/sources.list</pre>
Add the following lines to the end of the file:
<br />
<pre class="brush:bash;"># http://www.dotdeb.org/instructions/ (but only for php54)
deb http://packages.dotdeb.org squeeze-php54 all
deb-src http://packages.dotdeb.org squeeze-php54 all
</pre>
Now save the file. Next, run the following two commands:
<br />
<pre class="brush:bash;">wget http://www.dotdeb.org/dotdeb.gpg
cat dotdeb.gpg | sudo apt-key add -</pre>
After doing that, we can now update our list of available packages via the following command:
<br />
<pre class="brush:bash;">sudo aptitude update</pre>
Ok, now we can install php 5.4 via the following command:
<br />
<pre class="brush:bash;">sudo aptitude install php5</pre>
Boom goes the dynamite! We can verify our install by running the following command:
<br />
<pre class="brush:bash;">php -v</pre>
Which will output:
<br />
<pre class="brush:bash;">PHP 5.4.14-1~dotdeb.1 (cli) (built: Apr 21 2013 05:21:34)
Copyright (c) 1997-2013 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies</pre>
Okay, sweet! Now that we have php installed we can put a dot php file in apache's default document root (<i>/var/www</i>), restart apache, and then test our new setup. To begin, run the following command:
<br />
<pre class="brush:bash;">sudo nano /var/www/info.php</pre>
Then enter:
<br />
<pre class="brush:php;"><?php
phpinfo();</pre>
Save the file. Now restart apache (since we haven't done so yet since installing php) via the following command:
<br />
<pre class="brush:bash;">sudo /etc/init.d/apache2 restart</pre>
Now access your new info.php page. You'll see the following:
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgW_XdyAbHU5IyjNG2Sl8e_kVx3lpDJtrSlj_Bnf4O4ACG26qtBh7ROLgpMzS6p5nQfJ18NewSt6vZbXhcmA-vrC7pYpB1Kdzb9Gk9xFtQNjODlOgk8YJ28nl8n4Y_ucZTci7exPdr7SGM/s1600/php_info.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgW_XdyAbHU5IyjNG2Sl8e_kVx3lpDJtrSlj_Bnf4O4ACG26qtBh7ROLgpMzS6p5nQfJ18NewSt6vZbXhcmA-vrC7pYpB1Kdzb9Gk9xFtQNjODlOgk8YJ28nl8n4Y_ucZTci7exPdr7SGM/s640/php_info.png" width="640" /></a></div>
You'll see we now have php working via the "Apache 2.0 Handler" (see "Server API" line). If you do a search for "mysql" you'll see that "mysql" is nowhere to be found! We'll need to fix that (as well as install other useful php modules). To see your options, run the following command:
<br />
<pre class="brush:bash;">aptitude search php5</pre>
I recommend installing php5-mysql, php5-curl, php5-gd, php-pear, php5-imagick, php5-imap, php5-mcrypt, php5-memcache, php5-sqlite, php5-tidy, php5-xmlrpc, and php5-xsl via the following command:
<br />
<pre class="brush:bash;">sudo aptitude install php5-mysql php5-curl php5-gd php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-sqlite php5-tidy php5-xmlrpc php5-xsl</pre>
Okay sweet. Now we're talking! Revisit your info.php page (aptitude will have already restarted apache for you), do a search for "mysql" and then revel in your success! You are on fire!
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj57PQbIIjxQKFB3HbMG3uINUXhCcVkzWXIfrkp4ZVbq7sv6hGHVlDnL-TQC3amWdHl1fce9In9_7ZE1rh5iWG7uO5J9hKnzw-MRPHTPLKQwvGXyd7yZmb-n_CSgYksnA4hkJ6-YRyeUmc/s1600/php_info_with_mysql.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj57PQbIIjxQKFB3HbMG3uINUXhCcVkzWXIfrkp4ZVbq7sv6hGHVlDnL-TQC3amWdHl1fce9In9_7ZE1rh5iWG7uO5J9hKnzw-MRPHTPLKQwvGXyd7yZmb-n_CSgYksnA4hkJ6-YRyeUmc/s640/php_info_with_mysql.png" width="640" /></a></div>
Okay, now if you're anything like me you'd like a web interface to your remote database. PHPMyAdmin has you covered... but only if we install it! Get started with the following command:
<br />
<pre class="brush:bash;">sudo aptitude install phpmyadmin</pre>
As usual you'll be prompted about incoming file size. Enter "yes" when prompted. Next, you'll be presented with the following package configuration screen:
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBdAgkWECWTgx10dUDVqwCVBcotDkC6nk0jAjbQoLpU7CRRaMrP0g0RjmQXTTFVsk0A-MbtpuIIdv3EYQkH_7DZrJ6FoXkLeeVBiWeq4tv8jfEo9m-Iuu0IPGtqAIZcy6ipPhlZFH5PgU/s1600/phpmyadmin_package_config_screen_1.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBdAgkWECWTgx10dUDVqwCVBcotDkC6nk0jAjbQoLpU7CRRaMrP0g0RjmQXTTFVsk0A-MbtpuIIdv3EYQkH_7DZrJ6FoXkLeeVBiWeq4tv8jfEo9m-Iuu0IPGtqAIZcy6ipPhlZFH5PgU/s640/phpmyadmin_package_config_screen_1.png" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
Select "apache2". You'll then be prompted with a second package configuration screen:<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiza2OV-wUXx041yrM9T1OQviOiUIF7GmLNj9qaapR0lB4kQF0jJPpeU_MxPlwAGK2woPaazxKADv63o_7LaWHCi3Sh-bqVc97VO3RTTo-PrCT-XVKkqiSo6bmgrwpHC7gnzj-98Jya0Wc/s1600/phpmyadmin_package_config_screen_2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiza2OV-wUXx041yrM9T1OQviOiUIF7GmLNj9qaapR0lB4kQF0jJPpeU_MxPlwAGK2woPaazxKADv63o_7LaWHCi3Sh-bqVc97VO3RTTo-PrCT-XVKkqiSo6bmgrwpHC7gnzj-98Jya0Wc/s640/phpmyadmin_package_config_screen_2.png" width="640" /></a></div>
<br />
Select "No". And boom! You've got PHPMyAdmin installed! Not! There's actually one more step. To see for yourself visit your /phpmyadmin page and observe the 404!<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwvUS7isewNIoS8KNQHd9lmRcwYXaOpxqVQG6RpX4PinUg21uJ8-poGqXAXJ7KrK01PH6KiOp7txfKUgFBFSxu_tQgthpZlvEBaLskIqgYqy_yj4Nkl2CNsqvdZA4k8ZOyAxCVof2UUaY/s1600/phpmyadmin_not_found.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwvUS7isewNIoS8KNQHd9lmRcwYXaOpxqVQG6RpX4PinUg21uJ8-poGqXAXJ7KrK01PH6KiOp7txfKUgFBFSxu_tQgthpZlvEBaLskIqgYqy_yj4Nkl2CNsqvdZA4k8ZOyAxCVof2UUaY/s640/phpmyadmin_not_found.png" width="640" /></a></div>
To fix this. Run the following command:
<br />
<pre class="brush:bash;">sudo nano /etc/apache2/conf.d/phpmyadmin.conf</pre>
Then add the following line to the file:
<br />
<pre class="brush:bash;">Include /etc/phpmyadmin/apache.conf</pre>
Save the file. Then, restart apache via the following command:
<br />
<pre class="brush:bash;">sudo /etc/init.d/apache2 restart</pre>
Now revisit your /phpmyadmin page and observe your awesomeness!
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkpJm32GJ0uWrE8OszWBidU0-ffIxRq2ElMC0A5Ke0tdI2SvBfXvhEqkDj4aA2q7aC1cvmPFmhOtmQ3hfauF4xYN7AgRoUtvyj5KFSiHojcFcQbAKix3D8SOfxfEIMbN5eEvdcarLviTM/s1600/phpmyadmin_now_working.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkpJm32GJ0uWrE8OszWBidU0-ffIxRq2ElMC0A5Ke0tdI2SvBfXvhEqkDj4aA2q7aC1cvmPFmhOtmQ3hfauF4xYN7AgRoUtvyj5KFSiHojcFcQbAKix3D8SOfxfEIMbN5eEvdcarLviTM/s640/phpmyadmin_now_working.png" width="640" /></a></div>
Now that we've got our system set up properly we can remove our info.php file via the following command:
<pre class="brush:bash;">sudo rm /var/www/info.php</pre>
Now das wassup! Congrats, you're done! You successfully installed the latest versions of Apache, MySQL, and PHP.<br />
<br />
If you're interested in getting your Apache hosting environment set up you should check out a post I wrote the other day titled: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-set-up-apache-virtual-hosts-on.html">How do I set up Apache virtual hosts on a Debian based Linux machine and configure to support HTTPS?</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0tag:blogger.com,1999:blog-3027113479926031556.post-7908177624427703462013-04-20T18:15:00.000-07:002013-07-06T16:20:45.779-07:00How do I install mysql-client, mysql-server, and libmysqlclient-dev on a Next Generation Rackspace Cloud Server running Debian 7 (Wheezy)?First things first, there are a lot of MySQL packages available for install. If you want to see a list, run the following command:
<br />
<pre class="brush:bash;">aptitude search mysql</pre>
In this blog post we'll be installing mysql-client, mysql-server, and libmysqlclient-dev. Each is described as follows:<br />
<br />
<b>mysql-client:</b><br />
MySQL database client (metapackage depending on the latest version)<br />
<br />
<b>mysql-server:</b><br />
MySQL database server (metapackage depending on the latest version)<br />
<br />
<b>libmysqlclient-dev:</b><br />
MySQL database development files<br />
<br />
To get started, run the following command:
<br />
<pre class="brush:bash;">sudo aptitude install mysql-client</pre>
You'll be prompted for your password. Enter it. You'll then be prompted to "ok" the amount of space that will be used after unpacking the archives. Enter "yes" to proceed.<br />
<br />
Next, run the following command:
<br />
<pre class="brush:bash;">sudo aptitude install mysql-server</pre>
Again, you'll get prompted regarding disk space. Enter "yes". Next, you'll be presented with a blue package configuration screen prompting you to enter a password for the root mysql user (twice). Enter something insane. Here's what the package configuration screen will look like:<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg30Kq1gVeWnrMmXxqhlGvI5UaRRJ2aqPL66cADPOqnDxRb_Rcf-0LYaOPzc5Ju43mSHDMPKRWVW67BRFUvzjIiBfEnM0uz0wDLbolaooE1icUrNCgtOnu-Snq_Lyr3SuSDX81CdCoZwDk/s1600/package_configuration_screen.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="356" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg30Kq1gVeWnrMmXxqhlGvI5UaRRJ2aqPL66cADPOqnDxRb_Rcf-0LYaOPzc5Ju43mSHDMPKRWVW67BRFUvzjIiBfEnM0uz0wDLbolaooE1icUrNCgtOnu-Snq_Lyr3SuSDX81CdCoZwDk/s640/package_configuration_screen.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">mysql-server package configuration screen (for setting root user password)</td></tr>
</tbody></table>
After entering your totally insane root user password the installation process will continue on and then wrap itself up.<br />
<br />
Next, if you're interested in prepping your machine for master/slave replication, run the following command:
<br />
<pre class="brush:bash;">sudo aptitude install libmysqlclient-dev</pre>
Again, you'll get prompted regarding disk space. Enter "yes". Next, you'll be throwing yourself a frickin' party because you're done! Congrats!<br />
<br />
In a future post we'll be looking at how to set up MySQL master/slave replication (hence the reason I've added the libmysqlclient-dev section above)! Brace yo self foo!<br />
<br />
Lastly, if you came to this page from my "How to install the latest versions of Apache, MySQL, and PHP" post and want to get back, or you're interested in installing Apache and/or PHP as a next step in setting up your server, click here: <a href="http://oneqonea.blogspot.com/2013/04/how-do-i-install-latest-versions-of.html">http://oneqonea.blogspot.com/2013/04/how-do-i-install-latest-versions-of.html</a>John Erckhttp://www.blogger.com/profile/10973107236990206651noreply@blogger.com0