Let’s Encrypt is an incredible, FREE, service that allows you to get trusted SSL certificates for your website. The certs expire every 90-days but what is great is that there are a lot of tools for auto-renewing the certificate without you ever having to touch anything on your server… until that process breaks.
Case-in-point: If you are running a Drupal 7 and are using the Apache Rewrite module (you should be…) then the default .htaccess file supplied with Drupal 7 core will block all access to hidden folders. (folders that start with a “.”) This is a problem for Let’s Encrypt because the auto-renew process generates a temporary key file that gets placed in a hidden folder on your web server that the Let’s Encrypt system has to be able to reach publicly (on port 80) in order to validate your server and fulfill your renewal request. Thankfully, another member of the Drupal community has already written the rewrite condition rule that needs to be placed in your .htaccess file to allow access to just the hidden folder required by Let’s Encrypt.
I haven’t posted in ages due to being generally slammed with work but this little piece I threw together was too good to forget about so I wanted to put it down.
If you work with a larger owncloud deployment and have a lot of users and allow file sharing, you may be curious to occasionally take a look at how many shares there are, who owns them, who they are shared with. This isn’t easy to get from the Web GUI but via the command line and mysql it isn’t bad at all.
So, login to mysql on the command line and then use your owncloud database; ie. (if your db name is “owncloud”)
Then run the following:
select id, share_with, uid_owner, item_type, file_target from oc_share
INTO OUTFILE '/var/lib/mysql-files/shares.csv'
FIELDS TERMINATED BY ','
ENCLOSED BY '"'
LINES TERMINATED BY '\n';
Exit mysql command line and go to /var/lib/mysql-files and you will find a nicely formatted CSV file with a list of all shares and who they are shared with. The columns from left to right…
ID, Who it is shared with (one line per person/group), the person that owns the share, whether or not it is a file or folder, the name/location of the file/folder that is shared
I have decided to give Ubuntu 17.04 LTS Desktop a go. On a whim I installed it on a laptop I had lying about (being an IT person they tend to proliferate over a given period of time in my office… older units becoming doorstops, newer units lovely “Jenga” blocks and maybe the occasional Proxmox cluster…) Since this seems to be the final days of Unity (which I actually don’t mind as a Desktop all that much), I figured now was a good time to take another poke at it as a daily personal driver. I was happy to come across an option for full disk encryption during the install process and wanted to pass my few thoughts on it along. (more…)
I will keep this short and sweet. We have servers in our environment that have multiple IP addresses assigned to a single NIC. That’s normally just fine. However on occasion I will have very strange issues occur where essentially all networking appears to be working and yet web browsing won’t work. I can ping my default gateway, ping other systems in the same subnet, telnet out on port 80 and 443, etc, etc. But the network connectivity still behaves oddly. What’s the issue?
It all has to do with networking logic decisions made many years ago (I believe as far back as Windows Server 2000) by someone at Microsoft. (more…)