Gudasoft

Software development

Show menu Hide menu

Authorguda

HTTPS Connections counting

J November, 2018 /

Here is how one can setup a nginx to count the https connections made.

Preparation

Create a new folder

mkdir ~/docker_ssl_proxy
cd ~/docker_ssl_proxy

Put a dummy entry in your /etc/hosts file

127.0.0.1 YOURDOMAIN.com

Steps

First generate certificate

openssl req -subj '/CN=YOURDOMAIN.com' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365

create a new file something.conf with the following content

server {
  listen 4000 ssl;
  ssl_certificate /etc/nginx/conf.d/cert.pem;
  ssl_certificate_key /etc/nginx/conf.d/key.pem;

  # access_log /dev/stdout;
  access_log  /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;

  location / {
      return 200 'With style!';
      add_header Content-Type text/plain;
  }


}

Then run the docker with

docker run --rm -v `pwd`/logs:/var/log/nginx -v `pwd`:/etc/nginx/conf.d -p 4000:4000 nginx

Get the cacert

echo quit | openssl s_client -showcerts -servername server -connect YOURDOMAIN.com:4000 > cacert.pem
curl --cacert cacert.pem https://YOURDOMAIN.com:4000/ -d 'hello world'

And finally do some connections

go-wrk  -c=400 -t=8 -n=10000 -m="POST" -b='{"accountID":"1"}'  -i https://YOURDOMAIN.com:4000

 

Abbreviations lower our performance

J September, 2018 /

I don’t know why people started doing abbreviations, maybe in the past, the bytes were expensive. I suppose life was harsh and there was no enough food for all and the way they named their programs and variables is mirroring their life. Nowadays we have enough goods and time and free space everywhere and we still name our variables/etc. like we are at the dark ages.

My point is that when we are solving some problem is good to have all neurons of our brain to work solving the problem. If we have to decrypt variables, our project structure is not good, we haven’t used with our editor then we are putting bariers which block us of seeing the best solution because our brain is dedicating 5-10% of its power for nonsense.

I am not saying that we should use full sentences of naming the variables/methods/classes/packages/programs. Only that we do not need to spent time decrypting the abbreviation.

I would love to see an operating system where there is no hackish syndrome.

In the cloud

AWS give examples in their documentation with hackish. How it is possible AWS to have so high expectations for hiring developers and let them act as a woodcutter.

The load balancer names in AWS have a size limit in their names so you that you can have YOUR-APP-us-east-1-production load balancer. You have to name it Your-APP-us-east-1-prod.

At Home

My son is learning his computer language and yesterday he asked me what do the method Intn(n Int) – I can’t answer.

“Mom brg me sndwch!”

At Work

Here are some very popular examples

  • dev > development
  • prod > production
  • ctx, ctx > context vs
  • obj > object

Linux

Do you know why we write “mount” to mount some file system, and “umount” to unmount? Why?

The opposite command “mount” is not abbreviated to “mnt” or even “mt”. This inconsistency is crazy!

For RobotsFor Humans
lsblkblock-devices
mountunmount

Running chef test-kitchen with newer vagrant

J August, 2018 /

If you get

VBoxManage: error: The specified string / bytes buffer was to small. Specify a larger one and retry. (VERR_CFGM_NOT_ENOUGH_SPACE)

This means that the virtual machine needs a shorter name for the VM.

---
driver:
  name: vagrant
  customize:
    name: pdcsmb
    memory: 4144
    cpus: 4
  network:
    # - ["forwarded_port", {guest: 3000, host: 3000}]
    # - ["private_network", {ip: "192.168.33.33"}]

Bonus tip:

If you get

No live threads left. Deadlock?

Then remove all gems and reinstall chefdk.

Export database tables, fields comments as markup with Ruby on Rails

J August, 2018 /

When you have to export the comments from the database you can use this short snippet to get the schema as markup.

content = ""
database_name = "DATABASE_NAME"
ActiveRecord::Base.connection.tables.each do |table_name|
  content << "h5. #{table_name}\n"
  rows = ActiveRecord::Base.connection.execute("SELECT table_comment 
    FROM INFORMATION_SCHEMA.TABLES 
    WHERE table_schema='#{database_name}' 
        AND table_name='#{table_name}';");
  puts rows.to_a.inspect
  content << rows.to_a.first.first << "\n"

  rows = ActiveRecord::Base.connection.execute("select table_name, column_name, DATA_TYPE, column_comment from INFORMATION_SCHEMA.COLUMNS where 1 AND TABLE_SCHEMA='#{database_name}' AND TABLE_NAME = '#{table_name}'")
  rows.each(:as => :hash) do |row| 
    puts row.inspect
    j = [ row["column_name"], row["DATA_TYPE"], row["column_comment"] ]

    content << "|#{j.join('|')}|\n"
  end
end; ''
puts content

The output should be something like

Table name

table description

column name, type, description

….. the next table

Running chef kitchen with cookbook dependencies

J August, 2018 /

Berksfile

source 'https://supermarket.chef.io'

metadata

group :test do
  cookbook 'company_firewall', path: "../company_firewall"
  cookbook 'company_nginx', path: "../company_nginx"
  cookbook 'company', path: "../company"
  cookbook 'data-incoming', path: "../data-incoming"
  cookbook 'aws', path: "../aws"
end

metadata.rb

name             'data-listener'
maintainer       'Company'
maintainer_email 'sd@company.com'
license          'All rights reserved'
description      'Installs/Configures data-listener'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version          '0.2.32'

depends 'sysctl', '~> 1.0.5'
depends 'copany_firewall'
depends 'company_nginx'
depends 'aws'

 

Restrict /manage or /admin in Rails

J August, 2018 /

You can do it from the Ruby on Rails application or even better way is to do it where you define your infrastructure and configure your proxy/loadbalancer etc. to allow it.

constrains manage
  class Whitelist
    def matches?(request)
      vpn = IPAddr.new("10.1.0.0/16")
      return true if Rails.env.development? || vpn.include?(request.remote_ip)

      Rails.logger.info("Blocking access for #{request.remote_ip} to #{rifiniti_vpn}")
      false
    end
  end

  constraints Whitelist.new do
    namespace :manage do
	...protected
    end
  end

 

mdadm: Duplicate MD device names in conf file where found.

J August, 2018 /

remove the doublicate file from /etc/mdadm/mdadm.conf

cp mdadm.conf mdadm.conf.backup
grep -v "2 UUIDsomehing..." mdadm.conf.backup > mdadm.conf

Make sure the raid is up

mdadm --assemble --scan

Load the lvm volumes

lvm vgchange -ay
  • -a – activate
  • -y – complete

exit to try the changes

$(initramfs) exit

Now you system will boot

Making the changes permanent

Fix the /etc/mdadm/mdadm.conf file by removing the duplicate definition.

update-initramfs  -u -k all

If you are still in initramfs busybox

mkdir /target
mount /dev/md1 /target
mount -o bind /dev /target/dev
mount -o bind /proc /target/proc
mount -o bind /sys /target/sys
mount -o bind /dev/pts /target/dev/pts
chroot /target /bin/bash

Cheat

mdadm –detail /dev/md0 mdadm –detail /dev/md1

mdadm –detail –scan > /etc/mdadm/mdadm.conf

Stop an array & assemble array mdadm –stop /dev/md1

mdadm –assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1 mdadm –assemble /dev/md1 /dev/sda2 /dev/sdb2 /dev/sdc2 /dev/sdd2

 

38693387_2127079967530580_4018998239729549312_n (1)

Run kitchen with vaults

J September, 2017 /

Way of testing kitchen with vaults

608bhtga3m_5v2so6hi74_vc102292

suites:
  - name: default
    run_list:
      - recipe[....
    data_bags_path: ../../data_bags_test
    attributes:
      chef-vault:
        databag_fallback: true

copy your data_bags/ and decrypted vaults/ content in a new folder containing the merged content from both folders.

Do not forget to add data_bags_test folder in .git_ignore.

 

image from www.wannapik.com

Online conference software aka meetings

J May, 2017 /

If you want your developers and stuff to be happy please AVOID webex !

Webex is bad service

It has bad International connection. It doesn’t run on linux or unix and can’t be run in a browser. The IOS application is bad and doesn’t integrate with the links. The integration with the website and the calendars is bad. The website is slow and buggy and you can’t see the meeting on which you are invited. It is the worst of the software out there.

Zoom – It is like the webex. They look and feel the same one idea better, because it has client which can run in linux

Good one

https://www.bluejeans.com/ – works perfectly!

http://appear.in – free and great!

 

Sending a bunch of data to Zabbix with one request

J January, 2017 /

One can send a bunch of key => values to zabbix with the zabbix-trapper items.

Using this nice article  as a base I have packed everthing in a class so that you can use it:

Example usage:

values = {
  total_ram: 0,
  wrong_data_center: 0,
  linode_hosts: 0,
  missing_from_zabbix: 0,
  missing_from_graylog: 0,
}

zabbix_sender = ZabbixSender.new(Figaro['zabbix_server'])
zabbix_sender.message('super_druper_hostname', values)
require 'json'

class ZabbixSender

  def initialize zabbix_host
    @zabbix_host = zabbix_host
  end

  def message hostname, values
    values_with_host = with_host(hostname, values)

    params = {
      "request" => "sender data",
      "data" => values_with_host,
    }

    body = JSON.generate params
    data_length = body.bytesize
    data_header = "ZBXD\1".encode("ascii") + \
    [data_length].pack("i") + \
    "\x00\x00\x00\x00"
    data_to_send = data_header + body

    send data_to_send
  end

  private

  def with_host hostname, hash
    values = []

    hash.each_pair do |key, value|
      values << {
        key: key,
        value: value,
        host: hostname,
      }
    end
    values
  end

  def send data_to_send
    socket = TCPSocket.new(@zabbix_host, 10051)
    socket.write data_to_send.to_s
    response_header = socket.recv(5)
    if not response_header == "ZBXD\1"
      puts "response: #{response_header}"
      raise 'Got invalid response'
    end

    response_data_header = socket.recv(8)
    response_length = response_data_header[0,4].unpack("i")[0]
    response_raw = socket.recv(response_length)
    socket.close
    response = JSON.load(response_raw)
  end

end

 

Older posts Newer posts

Google analytics

© 2025 Gudasoft

Theme by Anders NorénUp ↑