Mastodon

Letsencrypt – Generating certificate and deploy on production server

I had a situation where I do not wanted to install all the libs required by LetsEncrypt on a production server.  For the mere fear of breaking the running apps.

I went on exploring how to setup a server to generate SSL certs with letsencrypt and deploy the generated certs on the production server.  Below I describe the steps with some do’s and don’t.

Continue reading Letsencrypt – Generating certificate and deploy on production server

Assign static ip to docker container

At the core, docker does not allow you to assign static ip to its containers.  You can do so but by defining your own private network.  Below tutorial does this:

First of all, you need to define your own network.  Something like below:

  docker network create --driver=bridge --subnet=172.10.0.0/16 --ip-range=172.10.1.0/24 --gateway=172.10.1.254 private

Next all is left is, pass below arguments to your run command.

  docker run --network=private  --ip 172.10.1.1 --name container_name container_to_launch

This way your container gets a static ip address which is 172.10.1.1 in this case.

View the available network using command

  docker network ls

 

[tweetthis]Assign static ip to docker container[/tweetthis]

 

 

Add new theme to roundcube in poste.io container

If you are running the mail server from poste.io, it comes with roundcube webmail interface.  I felt the default theme bit out of date and wanted to add my own theme.  This article provides the quick steps on how I did that.

  • Download a roundcube theme of your choice.
  • The theme will have two folders ‘skins‘ and ‘plugins
  • Copy the below folders to respective location
    • docker cp /var/log/temp/skins/ container:/opt/www/webmail/skins/
    • docker cp /var/log/temp/plugins/ container:/opt/www/webmail/plugins/
  • Now attach to your poste.io docker container
  • Once done, edit the file /opt/www/webmail/config/config.inc.php using vi and insert theme name following the README from the theme.
  • Restart your docker container and refresh to see the updated list of themes in your webclient.

Hope it will help someone.  [tweetthis display_mode=”box”]Add new theme to roundcube in poste.io container[/tweetthis]

nmtui – a nice tool to tweek network settings in centos

If you ever ran into an issue of having two network card and wanted to make one as primary, nmtui can be a handy tool.

Ideally defining GATEWAY to one of the network interfaces would solve the problem but this situation is ideal when one has static and other has dynamic IP or both have static IPs.  My situation was even complex when I had both the interfaces get its config via dhcp.  In this case I really cannot control which interface should have the GATEWAY defined and which not.

With the help of nmtui command, i could tweek the network interface settings where I selected the below option for all the interfaces accept the primary one:

Never use this network for default route

And that was it.  Hope it helps someone needy.  [tweetthis]nmtui – to tweek your network settings. [/tweetthis]

Increase QDE Momentics’s heap size in Ubuntu

Ever wondered increasing the -Xmx values in qde.ini does not increase the maximum heap size while launching the Momentics ide from the launcher icon?  This is because, all settings from qde.ini are simply ignored when it is launched via the app icon.

To really make your changes reflect, edit the file ~/.local/share/applications/momentics.desktop and make your changes there.  A simple restart of the ide will reflect the changes made.

Adding additional IP in Hetzner with vSphere

Though the Hetzner wiki 1, 2 gives good info on how to configure your additional ip on the server, one important info is worth mentioning is:

Hetzner assigns a MAC address to the newly assigned IP.  In the bridge mode, all you have to do is, assign this MAC address manually to your VM OS and set ip to be assigned using DHCP.  A simple restart of the network service will get you the new ip assigned and your guest os is ready to be reachable from the outside world.

LetsEncrypt and 301 redirect

I started using letsEncrypt for some time now for couple of my websites.  When you run letsencrypt to turn ssl on for your websites, it gives you the option to force redirect all websites to https.  Of course I opted for that.  After this, one of my wordpress hosted site broke with “too many 301 redirect errors“.  I kept on troubleshooting assuming issue with wordpress or its installed plugins.

Continue reading LetsEncrypt and 301 redirect

Unlocking ssh private key per shell session

When you have a password protected ssh private key, you need it to be unlocked every time you want to use the it for authentication purpose.  This leads to password prompts every time the private key is been used.  If you want this to be avoided for the current shell session then below combination of command will help you achieve that.

$ eval `ssh-agent -s`
$ ssh-add <absolute path to the private key>

Once added, until you logout from the current shell where the ssh-agent is running, you wont be prompted to unlock the private key again.

Very handy for a long running linux pc / server.

Bypass ssh key unlock prompt in mac os x

In Mac OS X, if you have a password protected ssh private key then every time you use this key to connect to a remote server, a password prompt will appear.  If you want to avoid this popup then pass the below option to ssh in the command line:

$ ssh -o AskPassGUI=no <serverToConnect>

If you dont want to mention this every time then you can also mention this in ssh_config file.