Toolbelt

Nginx, Node, MySQL on VPS

This is a writeup to setup full node stack on a VPS instance. The min memory requirement for the VM is 256M, but ideally should be 512M or higher. I'm currently using VPS instances from www.ramnode.com. It describes how to setup a VPS (virtual private server) to run Nginx, Node.js and MySQL on CentOS 6.x. Here's a quick overview of how to secure a VPS (virtual private server) running CentOS 6.x and configure it. Secure the server Setup iptables Setup MySQL Setup Nginx Setup Node.js SECURE THE SERVER passwd root useradd myuser passwd myuser visudo Add line: myuser    ALL=(ALL)    ALL mkdir ~/.ssh cat id_rsa.pub >> ~/.ssh/authorized_keys chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys vi /etc/ssh/sshd_config PermitRootLogin no PasswordAuthentication no sudo…

Node.js and JavaScript

Continuation Passing Style (CPS) Functions can take a callback and invoke upon their return value. As a programming style developer should think that a function is never allowed to return to the caller, instead it passes on control to the callback function passed as an argument to it. This provides and effective technique for non-blocking programming. In functional programming, you pass functions around as data, shuffle them around and execute them when needed. Closure JavaScript provides function level scoping instead of block level scoping Define a function inside an outer function, where inner function has access to variables defined in the outer function. Commonly used in conjunction with anonymous functions Avoid using 'this' with closure. The outer function may be a function impl…

Configure Sendmail

Configuring an email server to not get flagged as spam sender is no small feat, but these small tweaks will help your email server cross the hump. It's not a complete configuration guide for sendmail but a collection of few healthy tweaks that should put your email server in better light when viewed by Google, Microsoft, Yahoo and others. Overview: Setup STARTTLS for sendmail Setup DKIM for sendmail Add SPF record in DNS Add reverse DNS lookup Setup STARTTLS for sendmail STARTTLS is the SMTP command to "Start Transport Layer Security" i.e. to turn on SSL. It it used when authenticating senders. Install CA certs Download revoke.crl Disable TLS for local clients Configure and compile sendmail.mc Restart sendmail service # install certs on server su root cd /etc/ssl/certs wget http://www…

Ghost.js on CentOS

Ghost.js is clean blogging only software with minimalistic design aesthetics and responsive web design. It comes with pretty decent functionality out of the box and its themes can be extended easily using handlebars. The bhira.net blog is running on Ghost.js and I wrote this post as a recollection of the steps I followed in setting up this server. This post describes how to setup Ghost.js blogging software on a CentOS server. These instructions are meant for a production server and will use MySQL for storage and run nodejs using pm2 (process manager for Node). Nginx is used as a proxy server for nodejs. Here are the main steps: Setup MySQL Setup Nginx Setup nodejs Setup ghost.js Setup pm2 Setup theme SETUP MYSQL Install Remi repository for CentOS 6 which depends on Fedora EPEL repository…

Nginx, PHP on VPS

This is an update to the original post for setting up Apache, PHP on CentOS. Last year has been great and there is an abundance of vendors providing VPS on the cheap. My goto website for checking the latest on VPS vendors is www.lowendbox.com. For this post I went with a tiny 128MB VPS from www.ramnode.com. This server setup is for Cent OS 6.x with Nginx + PHP-FPM + MySQL. It describes how to setup a VPS (virtual private server) to run Nginx, PHP and MySQL on CentOS. The VPS uses a tiny amount of memory (total server memory is 128MB) and is running on CentOS 6.x. The intent is to setup a fully functional server that has been secured using iptables and configured to use Nginx, PHP-FPM and MySQL for production. It uses CentOS services to manage all the applications and is configured to use l…

SSL on Nginx

This post is an attempt to document end-to-end the process of getting and installing SSL certificate on nginx server. The actual installation is pretty straight forward, its the getting the certificate part which usually trips most first time users. In this post I'm specifically referring to the filenames as used by Comodo SSL Certificate, but in the past I've used PositiveSSL certificate which is also issued by Comodo but has a slightly different trust chain. In general, shorter trust chains are better and will result in better performance. For a cheap certificate that cost $9/year PositiveSSL has a short trust chain of depth 3, that's hard to beat. Main steps for installing SSL on Nginx: Generate CSR Purchase SSL certificate from a vendor Receive approver email Approve SSL certific…

IPTables for CentOS

Whenever you get a new RedHat or CentOS instance you want to secure it by setting up firewall rules using the builtin in iptables. If you spinoff an Amazon EC2 instance then you'd be doing the equivalent using Security Groups, which are a slightly higher level concept but essentially performs the same function. If running a VPS on barebones CentOS, iptables is the easiest option. Word of Caution: Its easy to lock yourself out of the system if you make a mistake when configuring iptables. I prefer writing all the rules in a script file, double checking the commands to make sure I'm not closing SSH on port 22. Also, its a good idea to remain logged in the current SSH shell after executing iptables rules and then attempt to login in a new SSH shell to ensure you still have access to the s…

Nameserver on CentOS

This post describes how to setup a nameserver on CentOS. The setup is intended to service DNS (domain name system) queries for this server itself. The nameserver is generic and can be used to provide DNS lookup for other websites as well, but the original intention of the post was to setup a fully contained server which services its own DNS queries. Since this original post I’ve started using Amazon Route53 which provides a highly available and scalable Domain Name System (DNS) web service. SETUP NAMESERVER yum list bind-* yum install bind-chroot.x86_64 (if needed) cp /usr/share/doc/bind-/sample/etc/named. /var/named/chroot/etc cp /usr/share/doc/bind-/sample/var/named/named. /var/named/chroot/var/named chown -R named:named /var/named vi /etc/resolv.conf vi /var/named/chroot/et…

Nice Fonts

Collection of nice UI fonts that I've used in apps: Raleway Source Sans Pro Roboto Lato…

Apache, PHP on VPS

This post describes how to setup a VPS (virtual private server) to run Apache, PHP and MySQL on CentOS. Usually I configure only the LAMP stack on dev servers, but I had to go through some additional configuration when setting up a production web server with Apache + MySQL + PHP5 on CentOS 5.8 running on VPS. VPS servers are pretty cheap and the best way is to start with a bare bones server running CentOS 5.8 and then you can configure only the things you need. This gives you complete control on what runs on the server, but then you need to setup DNS nameserver and iptables firewall. This VPS instance uses a tiny amount of memory (total server memory is 128MB) and is running on CentOS 5.8. The intent is to setup a fully functional server that runs DNS nameserver, is secured using iptabl…

Git CheatSheet

CheatSheet for git commands: # clone a github repository git clone https://github.com/baldeephira/casper-slidr.git # changed files in working dir git status # show the change log git log # stage all current changes for next commit git add . # stage <file> for next commit git add -p <file> # commit previously staged files git commit -m "my msg" # stage current changes then commit (excludes new files) git commit -a # push commited changes to origin master git push # only fetch changes from remote git fetch # merge changes from origin git merge # fetch from remote and merge git pull # create a new branch 'abc' git branch abc # switch to using branch 'abc' git checkout abc # overwrite local changes and remove all local changes git fetch origin git reset --hard origin/master…

MySQL CheatSheet

Here is the list of some commonly used MySQL commands. It comes in handy when creating databases and troubleshooting issues related to character set and collation. # connect to database mysql -u user -p -h host database # check connections and processes show variables like '%conn%'; show status like '%conn%'; show processlist; # check character-set and collation show variables like '%character%'; show variables like '%collat%'; show table status where name = 'MY_TABLE'; show full columns from 'MY_TABLE'; # database and character sets alter database MY_DATABASE character set utf8 collate utf8_unicode_ci; alter table MY_TABLE character set utf8 collate utf8_unicode_ci; create database MY_DATABASE default character set = 'utf8' default collate = 'utf8_unicode_ci'; # create new t…

Mac OS Commands

Here's a cheatsheet of some commonly used Mac OS commands. There are too many to list all of them, these just scratch the surface. #MD5 HASH: md5 -s "my string value" #BG PROCESS: your-command > dump.out 2>&1 & #SYMBOLIC LINK: ln -s /path/to/source target #CURL: curl -I http://google.com curl -L -v http://google.com > dump.out 2>&1 curl -x www-proxy.us.abc.com:80 http://google.com #ZIP and TAR: zip -r archive.zip folder1 folder2 unzip -l archive.zip tar -zcvf archive.tar.gz folder1 folder2 tar -ztvf archive.tar.gz tar -zxvf archive.tar.gz #REFACTOR: find . -type f -name "*Controller.php" -print0 xargs -0 sed -i 's/string1/string2/g' #GREP: grep -r -i --exclude='*\.svn*' "string1" . #FIND: find . -type f -name '.DS_Store' -delete rm -rf `find . -type d…

Perforce Commands

Here is a list of commonly used Perforce commands when dealing with branches. They are by no means comprehensive, but are intended as a quick reminder. #Merge from mainline to branch p4 info p4 integrate -b branch_name p4 submit #Merge from branch to mainline p4 info p4 integrate -b branch_name -r p4 integrate -b branch_name -r @=12345 #Integrate from one branch to another p4 integrate //abc/main/...@2012/04/21 //abc/releases/r1/... #Backout Changelist 1000 p4 info p4 sync @999 p4 edit //depot/file1 //depot/file2 //depot/file3 p4 sync p4 resolve -ay p4 submit…

Tomcat JVM Debugging

A quick summary of tips & tricks when debugging a webapp running in Tomcat. These come in handy if you're running into memory issues and want to track down memory leaks. Run JSTAT with gc option every 300s: cd saas_prod/java/bin jps jstat -gc Bootstrappid 300s >> nodejstat.log jps and jstat executables are in java bin dir jps command displays pid named "Bootstrap" jstat command will sample java memory every 300s Run TOP in batch mode with 300s delay period: ps -ef | grep java top -b -d 300 -p javapid >> nodetop.log Find the pid for tomcat java process The -b option runs top in batch mode The -d option sets the sample delay time to every 300s The -p option uses the specified pid Opening Tomcat Debug Port at 9191: Edit catalina.sh file under tomcat/bin Edit JAVAOPT variable to add these…

CSS3 and HTML5

HTML5 support is picking up in browsers, Safari and Chrome are definitely ahead of the pack with good support for CSS3 features like gradients, border-radius, transitions. Firefox4 is not bad either, just waiting for it to graduate from beta to production. I haven't played too much with IE9, one of the problems I have with IE9 is that it overwrites my existing IE8 installation. I decided to update this website (original site written in custom PHP) to use CSS3 features and see how they work out in different browsers. I'm trying not to put any CSS hacks so this website will not render in its entirety on older browsers. Some of CSS3 features explored: CSS3 border radius CSS3 gradients CSS3 transitions Scalable Vector Graphics (SVG) CSS3 border-radius features that is supported decently well…