Skip to content

Instantly share code, notes, and snippets.

Avatar
💭
Taking a break from development projects to focus other things

James Deathe jdeathe

💭
Taking a break from development projects to focus other things
View GitHub Profile
@jdeathe
jdeathe / apache_maintenance_page.md
Last active Oct 9, 2021
Simple HTML Maintenance Page for Apache using rewrite_module
View apache_maintenance_page.md

Apache - Maintenance Page

  • Activate/Deactivate with a file.
  • Bypass with a custom request header.

With the following Apache Rewrite rule, temporarily redirect all traffic to a maintenance page when a file named maintenance exists at the same level as the DocumentRoot directory. i.e. if your DocumentRoot is /var/www/public_html/ then creating the file /var/www/maintenance would trigger Maintenance mode.

Use something like the ModHeader Chrome browser extension to bypass the maintenance page by setting a X-Maintenance request header with a value of tF0BOCn4z8HgG2Kw (replace this with your own unique passcode string).

Instructions

@jdeathe
jdeathe / make-local-cert.sh
Last active Aug 7, 2021
Generate a Root CA + Intermediate CA for local (internal) use on Mac OSX using cfssl and add the intermediate certificate to your keychain so it can be trusted by your local browser.
View make-local-cert.sh
#!/usr/bin/env bash
# REF: https://github.com/cloudflare/cfssl
# Change working directory
cd -- "$(
dirname "${0}"
)" || exit 1
readonly CA_ROOT_CERT_KEY="ca-root"
@jdeathe
jdeathe / openssl-self-signed-san-certificate.md
Last active May 21, 2021
How to generate a self-signed SAN SSL/TLS certificate using openssl
View openssl-self-signed-san-certificate.md

How to generate a self-signed SAN SSL/TLS certificate using openssl

Generating a self-signed certificate is a common taks and the command to generate one with openssl is well known and well documented. Generating a certificate that includes subjectAltName is not so straght forward however. The following example demonstrates how to generate a SAN certificate without making a permanent change to the openssl configuration.

Generate a list of all required DNS names, (Note: CN will be discarded).

$ export SAN="DNS:www.domain.localdomain,DNS:domain.localdomain"
@jdeathe
jdeathe / docker-cron-example.md
Last active May 21, 2021
How to install/run Cron in a Docker Container
View docker-cron-example.md

How to install/run Cron in a Docker Container

Example crontab entry for testing

  • Append a timestamp to the log file every minute /var/log/cron.
  • Append "tick" and "tock" in alternate minutes to /var/log/cron.
* * * * * /bin/date --rfc-3339=seconds >> /var/log/cron
*/2 * * * * /bin/echo 'tick' >> /var/log/cron
@jdeathe
jdeathe / cloud-config-docker-el7.yml
Last active Apr 6, 2021
Cloud-Init user-data to install Docker on CentOS-7
View cloud-config-docker-el7.yml
#cloud-config
---
timezone: "UTC"
write_files:
- path: "/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7"
permissions: "0644"
owner: "root:root"
content: |
-----BEGIN PGP PUBLIC KEY BLOCK-----
@jdeathe
jdeathe / php-cachetool-usage.md
Last active Apr 3, 2021
How to Clear PHP Opcache without Restarting PHP-FPM.
View php-cachetool-usage.md

PHP CacheTool - Manage cache in the CLI

Use CacheTool to view stats for and manage PHP's APC or Zend Opcache opcode cache.

Using CacheTool you can clear the PHP opcache without reloading PHP-FPM.

In this example, CacheTool is to be installed alongside a demonstration PHP-FPM Docker container.

Prerequisites

@jdeathe
jdeathe / debug-rsyslog-on-systemd-based-platforms.md
Last active Mar 23, 2021
Debug RSyslog on RHEL, CentOS, Oracle Linux (el7/el8 platform)
View debug-rsyslog-on-systemd-based-platforms.md
@jdeathe
jdeathe / centos-6-enable-mysql-query-cache.md
Created Aug 10, 2017
How to Enable MySQL Query Cache on CentOS-6
View centos-6-enable-mysql-query-cache.md

MySQL Query Cache

How to add a 32M query cache with an item limit of 1M.

Enable on a Running MySQL Server

NOTE: You might need to add '-p' to the following command if 'root'@'localhost' requires a password on your environment.

# mysql \
@jdeathe
jdeathe / grow-root.service
Last active Feb 22, 2021
CentOS-7 Systemd Unit File to Grow the Root LVM Disk on AWS EC2 Instances with an ext4 File System.
View grow-root.service
# To install:
# sudo cat grow-root.service > /etc/systemd/system/grow-root.service
# sudo systemctl daemon-reload
# sudo systemctl enable -f grow-root.service
#
# Start (auto disables after first successful expansion):
# sudo systemctl start grow-root.service
#
# Debugging:
# sudo systemctl status grow-root.service
@jdeathe
jdeathe / centos-wildcard-certbot.md
Last active Jul 8, 2020
Installation and Usage of Certbot on CentOS to Obtain a Let’s Encrypt Wildcard TLS/SSL Certificate.
View centos-wildcard-certbot.md

Requesting a Wildcard Certificate with Certbot on CentOS

To request a Let's Encrypt wildcard certificate there are the following prerequisites:

  • The client must support ACME v2 (i.e Certbot >= 0.22.0)
  • The DNS-01 challenge type must be used.
  • The --server option or configuration directive must be changed to the appropriate v2 endpoint.

Installation

Install certbot-auto