Fixing repo issue with CentOS Stream 8 Docker container

Until CentoOS rolls out official CentOS Stream 9 docker container, if you create use centos:latest as tag then you will end up getting centos stream 8 container.

This container as broken repo info and therefore when you perform dnf update or yum update, it gives an error. Below commands fixes the broken repo links – 

sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
dnf update -y

This fixes and broken repo links and makes updates or installation of new packages possible.

Cloudflare and ssh

If you are using Cloudflare as firewall for content delivery then please note that Cloudflare only proxies http/https traffic. i.e., it would be impossible to reach your server through any other service like ssh/ftp/sftp etc.

If you need to connect to your origin using another protocol (SSH, FTP, SMTP, etc.) you need to do so using a record that does not have Cloudflare enabled in the DNS settings (grey cloud) or by connecting directly to the origin server’s IP address.

For example, if your domain is example.com, connect to server using a grey url like

$ ssh user@ssh.example.com

where ssh.example.com is an A record pointing to same ip as example.com.

Android Studio QuickSheet

Quick sheet for Android Studio
COMMAND EXPLAINATION
Shift Twice Search everywhere
CTRL+E / Command+E Recently opened files
CTRL+Shift+A / Command+Shift+A Find action
CTRL+ALT+SHIFT+N / Command+Option+O Search by Symbol Name
ALT+Insert / Command+N Generate Code
CTRL+O / Command+O Override Methods
CTRL+Y / Command+Backspace Delete Line at Cursor
CTRL+Space / Command+Space Basic Code Completion
CTRL+ALT+L / Command+Option+L Reformat Code
CTRL+Shift+UP/DOWN / Command+Shift+UP/DOWN Move the whole line up or down

If any of your favorite shortcut is missed and want to be included, please mention in the comments section. 

Wildcard SSL cert using letsencrypt and acme.sh

Earlier I published an article on generating wildcard ssl certs using certbot-auto

With the latest update of letsencrypt, auto-renew became a challenge as letsencrypt wanted to authenticate that you still own the domain by creating a TXT record in your domain.  After a series of discussion on my issue about “how to renew the certificate automatically“, I came to know that its no more possible without writing an authenticator script.  The authenticator script would allow an API access to my domain so that TXT records can be created automatically and allow domain verification for certbot-auto to proceed.  

My issue was even bigger.  My domains were parked at Godaddy, DigitalOcean, CloudFlare, Google etc.  i.e., I need to give API access to all these domain hosts.  Therefore a different authenticator script for each.  This was really getting challenging. 

From the discussion at community thread, I came across An ACME Shell script.   The interesting feature this script had was DNS alias mode.   Using this mode, I can create a CNAME record at all my domains hosted at various hosts and point them to one domain hosted at CloudFlare.  What the script will do is, using the Domain Alias mode, it will create TXT records in my alias domain which is parked at CloudFlare and verify my domain ownership.  Now it needs only one authenticator script to validate all my domain and that is of CloudFlare.  Thank you for this input to letsencrypt community forum. 

Here I describe the steps how I achieved this using ACME Shell script.  I love docker.  So used the ACME’s docker to generate the cert.  

Start with creating the ACME’s docker:

$ docker run -itd -v "$(pwd)/out":/acme.sh --net=host --name=acme.sh neilpang/acme.sh daemon

This will start your container with name acme.sh.  Next step is to get an API key for your account at CloudFlare.  Follow the link to achieve the same.  Once you have the API key, you need to modify the pre-supplied authenticator scrip with your CloudFlare’s credentials.  As the container is build with alpine, it has very basic features.  So editing the authenticator scrip was not very easy.  I used sed to perform this job.  

$ docker exec acme.sh sed -i.bak 's/#CF_Email="xxxx@sss.com"/CF_Email="your-cloudflare-account-email-address"/' /root/.acme.sh/dnsapi/dns_cf.sh  
$ docker exec acme.sh sed -i.bak 's/#CF_Key="sdfsdfsdfljlbjkljlkjsdfoiwje"/CF_Key="your-cloudflare-api-key"/' /root/.acme.sh/dnsapi/dns_cf.sh

Do not forget to substitute your-cloudflare-account-email-address and your-cloudflare-api-key with your own credentials before running the next command.  Once done, the one last command will generate the wild card cert for you.

$ docker exec acme.sh --issue -d *.domain.com --challenge-alias domain-parked-at-cloudflare.com --dns dns_cf

Here the dns_cf tells the script to use authenticator script for CloudFlare. 

That’s all.  If all is fine then you should have your new wildcard cert placed in your ./out directory.  Deploy the cert on your webserver and restart.  

My next post will be on how I auto-renewed the certs so that they don’t expire. 

Earn free ArtByte Coins

With all the hype around digital / crypto coins, a new comer will find it difficult to understand where to start with.  To understand things / terminologies around crypto coins like wallet, address, mining, ArtByte will be a good place to start with.  So lets learn how to earn some free crypto coins.  ArtBytes in this case.

ArtByte(formerly AppleByte) was created to support artists around the world.   Artists can receive and spend (cash in) artbytes, just as you would cash-in airline mileage points or credit card bonus points. This provides real financial support for their careers. Additionally artists gain increased exposure (at no cost) on ArtByte’s social media and forum.

To get started, follow the link ArtByte – Get Started.  There are mainly three ways in which you can get ArtBytes.

  • Claim for free
  • Mine using cpu
  • Buy with one of the crypto exchanges

In this article, I will explain how you can Claim free ArtBytes.

How to claim?

Its a two step process.

  1. Signup for an online wallet and create an address
  2. Claim 5 ArtBytes once every 24 hours.

Step 1: Online Wallet

To receive claimed ArtBytes, first of all, you need an address where the ArtBytes can be sent to.  Just like you have a bank account where someone can send the money to.  You can create the address either using an online wallet or by installing the ArtByte app.  The easiest is using an online wallet.   Once you have signed up and logged in, in the receive menu, you will see your wallet address.  Note this down.

Step 2: claim free ArtBytes

Now go to link quickstart.  Signup and login with your credentials.  Once logged in, at the bottom of the page, you will see a form to enter your wallet address and claim free ArtBytes (Submit button).  When the website has a heavy load, you might not see this form.  Please retry after some time.   In the worst case, you might end up retrying couple of times.  Enter the wallet address which you copied above and submit.  Congratulations..  You have earned your first digital / crypto currency.  Go back to your online wallet and check.  Within few minutes, you should see 5 ArtBytes debited to your wallet.

Come back tomorrow to claim another 5 ArtBytes.  You can earn once every 24 hours.

Welcome to the crypto currency world.  Hope you have enjoyed your first experience.

If you liked the article, feel free to show your appreciation by sending some ArtBytes to AL6KFjsz2NkrzsothgbUeSSjaRrwZiemhk.

[tweetthis display_mode=”box”]How to earn free ArtBytes (crypto coins)[/tweetthis]