Auto renew let’s encrypt ssl

Cron job run at every first day of month

  1. 0 0 1 * * /bin/bash /path/to/cron/renew-letsencrypt-ssl.sh

Auto renew ssl bash scripts

  1. #!/bin/bash
  2.  
  3. # Config
  4. DOMAINS="domain1.com domain2.com"
  5. EMAIL="renew-notification@email.com"
  6.  
  7. # Stop nginx
  8. service nginx stop
  9.  
  10. # Update ssl certs
  11. for domain in $DOMAINS; do
  12.     echo "renew: $domain"
  13.  
  14.     /path/to/letsencrypt-auto certonly -a standalone -d $domain --server https://acme-v01.api.letsencrypt.org/directory --agree-dev-preview --renew
  15.  
  16.     if [ $? -ne 0 ]
  17.         then
  18.         ERRORLOG=`tail /var/log/letsencrypt/letsencrypt.log`
  19.         echo -e "The Lets Encrypt Cert has not been renewed! \n \n" $ERRORLOG | mail -s "Lets Encrypt Cert Alert" $EMAIL
  20.     fi
  21. done
  22.  
  23. # Start nginx
  24. service nginx start

ECC SSL 小記

## Create Private key with secp384r1 (or secp256v1)

  1. openssl ecparam -genkey -name secp384r1 -out domain.com.ecc.key

## Create CSR from private key and submit CSR to the ssl company

  1. openssl req -new -sha384 -key domain.com.ecc.key -out domain.com.ecc.csr

## Generate bundled cert and add to server

Download and unzip the certs.zip from email

  1. cat domain_com.crt domain_com.ca-bundle > domain.com.ecc.bundled.crt

React native 小記

## Installation

Install the requrements

  1. brew update
  2. brew install watchman
  3. brew install flow
  4.  
  5. npm install -g react-native-cli

Create project

  1. react-native init <PROJECT_NAME>

Install android sdk

  1. /Users/zeuxis/Documents/AndroidSDK/tools/android

Select install targets

  1.  > Tools
  2.  
  3.      > Android SDK Tools 24.3.4
  4.      > Android SDK Platform-tools 23.0.1
  5.      > Android SDK Build-tools 23.0.1
  6.  
  7.  > Android 6
  8.  
  9.      > SDK Platform 23 1
  10.      > Intel x86 Atom_64 System Image 23 4
  11.      > Intel x86 Atom System Image 23 4
  12.  
  13.  > Extra
  14.  
  15.      > Android Support Repository 20

## Run

Set android home path

  1. export ANDROID_HOME=/path/to/AndroidSDK

Run android app in device

  1. react-native run-android

Connect via USB and reverse tcp port

  1. /path/to/AndroidSDK/platform-tools/adb reverse tcp:8081 tcp:8081

Start packager (if the packager does not started)

  1. npm run start

If you want connect via Wifi

  1.  https://facebook.github.io/react-native/docs/running-on-device-android.html#configure-device-to-connect-to-the-dev-server-via-wi-fi

Let’s Encrypt 小記

## Download the client

  1. mkdir /path/to/directory
  2. cd /path/to/directory
  3. git clone https://github.com/letsencrypt/letsencrypt
  4. cd letsencrypt

## Stop nginx

  1. /root/scripts/nginx.sh stop

## Generate ssl certs

  1. ./letsencrypt-auto certonly -a standalone -d domain.com --server https://acme-v01.api.letsencrypt.org/directory --agree-dev-preview

## Enable ssl in nginx vhost

  1. Vim /usr/local/nginx/conf/domain.com.conf

## Content

  1.  server {
  2.      listen      80;
  3.      server_name domain.com;
  4.  
  5.      add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  6.  
  7.      if ($ssl_protocol = "") {
  8.          rewrite ^ https://domain.com$request_uri;
  9.      }
  10.  }
  11.  
  12.  server {
  13.      listen      443 ssl http2;
  14.      charset     utf-8;
  15.      server_name domain.com;
  16.      root        /path/to/domain.com/root;
  17.      index       index.html index.htm index.php;
  18.  
  19.      add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  20.  
  21.      ssl_certificate     /etc/letsencrypt/live/domain.com/fullchain.pem;
  22.      ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
  23.      ssl_session_cache   shared:SSL:50m;
  24.      ssl_session_timeout 5m;
  25.  
  26.      ssl_prefer_server_ciphers on;
  27.      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  28.  
  29.      ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
  30.  
  31.      resolver 8.8.8.8;
  32.      ssl_stapling on;
  33.  
  34.      location ~ \.php$ {
  35.          fastcgi_pass            127.0.0.1:9000;
  36.          fastcgi_index           index.php;
  37.          fastcgi_connect_timeout 300s;
  38.          fastcgi_read_timeout    300s;
  39.          fastcgi_param           SCRIPT_FILENAME  $document_root$fastcgi_script_name;
  40.          include                 fastcgi_params;
  41.      }
  42.  
  43.      location ~ /\.ht {
  44.          deny all;
  45.      }
  46.  
  47.      location ~ /.*\.db {
  48.          deny all;
  49.      }
  50.  }

## Test nginx configuation

  1. /root/scripts/nginx test

## Restart nginx

  1. /root/scripts/nginx start

NewRelic with MySQL Plugin

  1.  ## Install npi
  2.  
  3.  Document
  4.  
  5.      https://docs.newrelic.com/docs/plugins/plugins-new-relic/installing-plugins/installing-npi-compatible-plugin
  6.     
  7.  Debian / Ubuntu 32-bit
  8.  
  9.      LICENSE_KEY=<YOUR_KEY> bash -c "$(curl https://download.newrelic.com/npi/release/install-npi-linux-debian-x86.sh)"
  10.     
  11.  ## Install plugin (MySQL)
  12.  
  13.  Enter to npi
  14.  
  15.      cd /path/to/newrelic-npi
  16.     
  17.  Install
  18.  
  19.      ./npi install com.newrelic.plugins.mysql.instance
  20.     
  21.      Are you sure you want to continue? (y/n): y
  22.      Configure the plugin in a text editor before continuing? (y/n): y
  23.     
  24.          {
  25.              "agents": [
  26.                  {
  27.                    "name"    : "Localhost",
  28.                    "host"    : "localhost",
  29.                    "metrics" : "status,newrelic",
  30.                    "user"    : "<USERNAME>", // Create user by plugin/scripts/mysql_user.sql
  31.                    "passwd"  : "<PASSWORD>"  // Or using root if you think safe
  32.                  }
  33.              ]
  34.          }
  35.             
  36.     
  37.      Do you want to set this plugin as a background process? (y/n): y
  38.     
  39.  Check status
  40.  
  41.      /etc/init.d/newrelic_plugin_com.newrelic.plugins.mysql.instance status
  42.     
  43.  Start
  44.  
  45.      /etc/init.d/newrelic_plugin_com.newrelic.plugins.mysql.instance start
  46.     
  47.  Stop
  48.  
  49.      /etc/init.d/newrelic_plugin_com.newrelic.plugins.mysql.instance stop

NewRelic with Server and Laravel

  1.  ## newrelic servers
  2.  
  3.  Install
  4.  
  5.      echo deb http://apt.newrelic.com/debian/ newrelic non-free >> /etc/apt/sources.list.d/newrelic.list
  6.     
  7.      wget -O- https://download.newrelic.com/548C16BF.gpg | apt-key add -
  8.     
  9.      apt-get update
  10.      apt-get install newrelic-sysmond
  11.     
  12.      nrsysmond-config --set license_key=12XXXXXXXXXXXXXXXXXXXXXXX9c
  13.     
  14.      /etc/init.d/newrelic-sysmond start
  15.  
  16.  ## newrelic application (PHP)
  17.  
  18.  Make sure server already installed
  19.  
  20.      apt-get install newrelic-php5
  21.     
  22.      newrelic-install install
  23.     
  24.  ## server settings
  25.     
  26.  Nginx
  27.  
  28.      vim /etc/nginx/sites-enabled/default
  29.     
  30.          location ~ \.php$ {
  31.              fastcgi_split_path_info ^(.+\.php)(/.+)$;
  32.              fastcgi_pass unix:/var/run/php5-fpm.sock;
  33.              fastcgi_index index.php;
  34.              include fastcgi_params;
  35.             
  36.              # Add this
  37.              fastcgi_param PHP_VALUE "newrelic.appname=AppName";
  38.             
  39.              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  40.          }
  41.  
  42.  Project
  43.         
  44.      vim /path/to/laravel/project/bootstrap/start.php
  45.     
  46.          if (extension_loaded('newrelic')) {
  47.              newrelic_set_appname('YOUR APP NAME');
  48.          }
  49.         
  50.  Restart
  51.  
  52.      service nginx restart
  53.      service php5-fpm restart
  54.     
  55.  ## Reference
  56.  
  57.  - http://laravelista.com/how-to-install-new-relic-monitoring/

InnoDB: Failing assertion

Problem

InnoDB: Failing assertion: purge_sys->purge_trx_no <= purge_sys->rseg->last_trx_no

  1. ## Enter MySQL
  2. cd /root
  3.  
  4. ## Stop MySQL
  5. service mysql stop
  6.  
  7. ## Add configuration
  8. vim /etc/mysql/my.cnf
  9.  
  10.     [mysqld]
  11.     innodb_force_recovery = 4
  12.     
  13. ## Restart MySQL
  14. service mysql restart
  15.  
  16. ## Dump MySQL Data
  17. mysqldump -u root -p -A > dump.sql
  18.  
  19. ## Check which table is InnoDB
  20. mysql -uroot -p
  21.  
  22.     SELECT table_schema, table_name
  23.     FROM INFORMATION_SCHEMA.TABLES
  24.     WHERE engine = 'innodb';
  25.     
  26. ## Stop the MySQL again
  27. service mysql stop
  28.  
  29. ## Backup MySQL lib
  30. cp -Rf /var/lib/mysql /var/lib/mysql.bak
  31.  
  32. ## Drop the ib file
  33. rm /var/lib/mysql/ib*
  34.  
  35. ## Remove configuration
  36. vim /etc/mysql/my.cnf
  37.  
  38.     [mysqld]
  39.     # innodb_force_recovery = 4
  40.     
  41. ## Restart MySQL again
  42. service mysql restart
  43.  
  44. ## Restore the MySQL Data
  45. mysql -uroot -p < dump.sql
  46.  
  47. ## Try to restart MySQL ensure it is ok
  48. service mysql restart

Reference

– http://darkwizard-coding.blogspot.hk/2014/04/mysql-not-starting-corrupt-innodb.html

Vesta can not add additional FTP

執行 v-add-web-domain-ftp 出現錯誤

  1. /usr/local/vesta/bin/v-add-web-domain-ftp: line 21: /func/main.sh: No such file or directory
  2. /usr/local/vesta/bin/v-add-web-domain-ftp: line 22: /func/domain.sh: No such file or directory
  3. /usr/local/vesta/bin/v-add-web-domain-ftp: line 23: /conf/vesta.conf: No such file or directory
  4. /usr/local/vesta/bin/v-add-web-domain-ftp: line 34: check_args: command not found
  5. /usr/local/vesta/bin/v-add-web-domain-ftp: line 35: validate_format: command not found
  6. /usr/local/vesta/bin/v-add-web-domain-ftp: line 36: is_system_enabled: command not found
  7. /usr/local/vesta/bin/v-add-web-domain-ftp: line 37: is_object_valid: command not found
  8. /usr/local/vesta/bin/v-add-web-domain-ftp: line 38: is_object_unsuspended: command not found
  9. /usr/local/vesta/bin/v-add-web-domain-ftp: line 39: is_object_valid: command not found
  10. /usr/local/vesta/bin/v-add-web-domain-ftp: line 40: is_object_unsuspended: command not found
  11. Error: ftp user _ already exists
  12. /usr/local/vesta/bin/v-add-web-domain-ftp: line 44: log_event: command not found

解決方法 ($VESTA 重新設定為 /usr/local/vesta)

  1. source /etc/profile
  2. cd /usr/local/vesta/bin
  3. ./v-add-web-domain-ftp [username] [domain] [ftp_user] [ftp_password] [relateive_pah]

© 2016 不記程式

Theme by Anders NorenUp ↑

Fork me on GitHub