Expat-IT Tech Bits




Search this site:


/ (289)
  Admin/ (123)
    Apache/ (10)
      HTTPS-SSL/ (4)
      PHP/ (3)
      performance/ (2)
    Cherokee/ (1)
    LAN/ (4)
    LVM/ (6)
    Monitoring/ (2)
      munin/ (2)
    SSH/ (6)
    SSL/ (1)
    Samba/ (1)
    VPN-options/ (7)
      OpenVPN/ (1)
      SSH-Proxy/ (3)
      Tinc/ (1)
      sshuttle/ (1)
    backups/ (17)
      SpiderOak/ (1)
      backuppc/ (5)
      dirvish/ (1)
      misc/ (6)
      rdiff-backup/ (1)
      rsync/ (1)
      unison/ (2)
    commandLine/ (24)
      files/ (8)
      misc/ (10)
      network/ (6)
    crontab/ (1)
    databases/ (15)
      MSSQL/ (2)
      MySQL/ (8)
      Oracle/ (3)
      PostgreSQL/ (1)
    dynamicDNS/ (2)
    email/ (11)
      Dovecot/ (1)
      deliverability/ (1)
      misc/ (1)
      postfix/ (7)
      puppet/ (1)
    iptables/ (3)
    tripwire/ (1)
    virtualization/ (9)
      VMware/ (1)
      virtualBox/ (8)
  Coding/ (14)
    bash/ (1)
    gdb/ (1)
    git/ (3)
    php/ (5)
    python/ (4)
      Django/ (2)
  Education/ (1)
  Hosting/ (27)
    Amazon/ (18)
      EBS/ (3)
      EC2/ (10)
      S3/ (1)
      commandline/ (4)
    Godaddy/ (2)
    NearlyFreeSpeech/ (3)
    Rackspace/ (1)
    vpslink/ (3)
  Linux/ (31)
    Android/ (1)
    Awesome/ (3)
    CPUfreq/ (1)
    China/ (2)
    Debian/ (8)
      APT/ (3)
      WPA/ (1)
    audio/ (1)
    encryption/ (3)
    fonts/ (1)
    misc/ (6)
    remoteDesktop/ (1)
    router-bridge/ (3)
  SW/ (45)
    Micro$soft/ (1)
    browser/ (2)
      Chrome/ (1)
      Firefox/ (1)
    business/ (28)
      Drupal/ (9)
      KnowledgeTree/ (6)
      Redmine/ (2)
      SugarCRM/ (7)
      WebERP/ (2)
      WordPress/ (1)
      eGroupware/ (1)
    chat/ (1)
    email/ (1)
    fileSharing/ (2)
      btsync/ (1)
      mldonkey/ (1)
    graphics/ (2)
    research/ (2)
    website/ (6)
      blog/ (6)
        blosxom/ (3)
        rss2email/ (1)
        webgen/ (1)
  Security/ (15)
    IMchat/ (2)
    circumvention/ (2)
    cryptoCurrency/ (1)
    e-mail/ (4)
    greatFirewall/ (1)
    hacking/ (1)
    password/ (1)
    privacy/ (2)
    skype/ (1)
  Services/ (1)
    fileSharing/ (1)
  TechWriting/ (1)
  xHW/ (14)
    Lenovo/ (1)
    Motorola_A1200/ (2)
    Thinkpad_600e/ (1)
    Thinkpad_a21m/ (3)
    Thinkpad_i1300/ (1)
    Thinkpad_x24/ (1)
    USB_audio/ (1)
    scanner/ (1)
    wirelessCards/ (2)
  xLife/ (17)
    China/ (9)
      Beijing/ (5)
        OpenSource/ (3)
    Expatriation/ (1)
    Vietnam/ (7)


  • 2019/06
  • 2016/07
  • 2016/05
  • 2016/02
  • 2016/01
  • 2015/12
  • 2015/11
  • 2015/06
  • 2015/01
  • 2014/12
  • 2014/11
  • 2014/10
  • 2014/09
  • 2014/07
  • 2014/04
  • 2014/02
  • 2014/01
  • 2013/12
  • 2013/10
  • 2013/08
  • 2013/07
  • 2013/06
  • 2013/05
  • 2013/04
  • 2013/02
  • 2013/01
  • 2012/12
  • 2012/10
  • 2012/09
  • 2012/08
  • 2012/07
  • 2012/06
  • 2012/05
  • 2012/04
  • 2012/03
  • 2012/01
  • 2011/12
  • 2011/11
  • 2011/10
  • 2011/09
  • 2011/08
  • 2011/07
  • 2011/06
  • 2011/05
  • 2011/04
  • 2011/02
  • 2010/12
  • 2010/11
  • 2010/10
  • 2010/09
  • 2010/08
  • 2010/07
  • 2010/06
  • 2010/05
  • 2010/04
  • 2010/03
  • 2010/02
  • 2010/01
  • 2009/12
  • 2009/11
  • 2009/10
  • 2009/09
  • 2009/08
  • 2009/07
  • 2009/06
  • 2009/05
  • 2009/04
  • 2009/03
  • 2009/02
  • 2009/01
  • 2008/12
  • 2008/11
  • 2008/10
  • 2008/09
  • Subscribe XML RSS Feed

    Creative Commons License
    This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

    This site has no ads. To help with hosting, crypto donations are accepted:
    Bitcoin: 1JErV8ga9UY7wE8Bbf1KYsA5bkdh8n1Bxc
    Zcash: zcLYqtXYFEWHFtEfM6wg5eCV8frxWtZYkT8WyxvevzNC6SBgmqPS3tkg6nBarmzRzWYAurgs4ThkpkD5QgiSwxqoB7xrCxs

    Mon, 30 Mar 2009

    /SW/business/SugarCRM: SugarCRM Installation

    Download latest Open Source version from: http://www.sugarforge.org/, then install it:

    unzip SugarCE-5.2.0c.zip
    chown -R www-data:www-data SugarCE-Full-5.2.0c/
    ln -s SugarCE-Full-5.2.0c/ sugarcrm

    (Installation docs can be found at https://www.sugarcrm.com/crm/support/documentation.)

    Now invoke the installation wizard by pointing your browser at install.php, for instance:


    and step through to the "Custom Install" point where the database is setup.

    Database Name: apps_sugarcrm
    Host Name: localhost
    Database Administrator Username: root
    Database Admin Password: mysql root password
    Sugar Database Username: apps_sugarcrm
    Sugar Database User Password: vsc apps mysql password

    Next screen is "Site Configuration": select a meaningful unique System Name, and record the admin password.

    posted at: 23:34 | path: /SW/business/SugarCRM | permanent link to this entry

    /Hosting/Amazon/EBS: Amazon Backups: Snapshotting EBS to S3

    Amazon "Compute Cloud" services are setup such that storage for a running server is kept on an EBS ("Elastic Block Storage") volume mounted on the server. Long-term, offsite (geographic redundancy across multiple data centers) storage is kept in S3. There is a function to snapshot an EBS volume into S3.

    List the volumes associated with your account:


    This will also show what volumes are mounted on which servers. Stop the services running on the server that might be writing to the EBS (databases in particular, if you wish to have a usable backup):

    /etc/init.d/apache2 stop
    /etc/init.d/mysql stop
    Create a snapshot:
    ec2-create-snapshot vol-3159bd58
    Check status of snapshot:
    SNAPSHOT snap-e309e38a vol-3159bd58 completed
    Restart services:
    /etc/init.d/mysql start
    /etc/init.d/apache2 start

    To restore file(s) from one of the backup snapshots, simply create a new volume from the chosen snapshot. Attach it to instance of your running server. Mount the volume temporarily on the server and grab your files. Then unmount the volume, detach it, and delete it. A process that takes only a couple minutes, especially if you use the extremely convenient Firefox ElasticFox plugin[1][2].

    [1] http://developer.amazonwebservices.com/connect/entry.jspa?externalID=609
    [2] http://s3.amazonaws.com/ec2-downloads/elasticfox.xpi

    posted at: 02:33 | path: /Hosting/Amazon/EBS | permanent link to this entry

    Fri, 27 Mar 2009

    /Coding/git: Basic Tutorial: Use Git to Manage Your Source Code

    Git[1] is a program used for distributed Source Code Management (SCM) whose popularity is increasing rapidly. Git seems to be becoming the de facto standard among Debian[2] people, for instance. The first link is to kernel.org, the home of the Linux kernel, because Git was originally created[3] by Linus Torvalds for the Linux kernel development.

    Install git command line tools (Debian and derivatives):

    apt-get install git-core

    (Note that there is a legacy "git" package which has nothing to do with "git" the SCM software....)

    You only need to know a few simple command lines[4][5] to get an astonishing amount of function out of git, and therefore git can be usefully applied to even simple scenarios like bug fixing someone else's software and submitting patches upstream. This last is the example I will work through and demonstrate here, while trying to be more verbose then [4] & [5].

    First, download and unpack your source code. Then cd into the base directory of the source code, and initialize git by running the following:

    git init

    This will create a .git subdirectory which will contain git's repository (starting point plus history of changes you make to the code). Now if you do

    git status

    you will see a long list of "Untracked files", ie. the repository is currently empty. Lets add everything you just unpacked to the repository:

    git add .
    git commit

    Note the "." after "git add". Its the "." that specifies "everything" under the current directory. "git commit" will prompt you for a commit message, just type "Initial commit" and exit the editor. If you check the status again with "git status" you should see zero untracked changes. Now type

    git log

    and you will see the record of your initial commit. Now build your unmodified source code (Debian[6]?) just to make sure there is nothing wrong with it.

    After the build successfully completes, "git status" will show a long list of changes even though you made no change to the source. Time to introduce .gitignore. Create a (hidden) file called ".gitignore" in your source directory root, and place the following on the first line: "*.o". If you run "git status" again you will discover that all *.o (object files) have vanished from the listing. The object of using .gitignore is to get rid / not track all the build noise, and *.o files definitely qualify. I am going to submit patches upstream, so I am pretty sure the contents of the debian directory are not something I want to track, and have also added a "debian*" line to .gitignore.

    Now "git add ." and "git commit" again to get a clean git slate before beginning to make source changes.

    Make your first source changes ("git status" should list the changed files). Build, install, and test the software. Let's say this was a partial change that solves part of the problem, but not the whole problem. This probably qualifies for another commit. "git add" the changed files, then "git commit". You can make several change / test / commit iterations, so that "git log" provides a detailed account of what you did. If they do not conflict with other commits, any individual commit can also be backed out.

    Should you ever mess up and want to restore your last commit:

    git-reset --hard HEAD

    should do the trick, and wipe out all changes since the last commit.

    When it comes time to submit your patch upstream, git can also generate the patch for you:

    git diff HEAD^ HEAD

    will generate a diff between your very last commit, and the one that preceded it.

    [1] http://www.kernel.org/pub/software/scm/git/docs/
    [2] http://www.debian.org/
    [3] http://en.wikipedia.org/wiki/Git_(software)
    [4] http://www.kernel.org/pub/software/scm/git/docs/everyday.html
    [5] http://git.or.cz/gitwiki/QuickStart
    [6] http://blog.langex.net/index.cgi/Linux/Debian/How-to-modify-source.html

    posted at: 02:12 | path: /Coding/git | permanent link to this entry

    Thu, 26 Mar 2009

    /Hosting/Godaddy: Godaddy's Domain Forwarding is Broken

    (Godaddy Incident ID #5828327, should anyone care....)

    I do not host any sites at Godaddy[2], but for quite some time now I have used them as a Domain registrar and sometimes DNS service.

    "Sometimes" DNS because I have had more then one occasion to conclude their DNS does not work very well, particularly the domain forwarding. The most recent evidence is a sub-domain that is forwarded to the same server as the domain and another sub-domain. The domain and the other sub-domain work perfectly. For no apparent reason this latest sub-domain "sorta" works: depending on where in the world you are located, you might see the website, or you might get a timeout. When presented with traceroutes from multiple locations, even within the USA, that do timeout, Godaddy technical support drags its feet and repeats, and I paraphrase: "everything works on our network, the rest of the world is broken, go fix the rest of the world".

    I conclude that Godaddy does not make much money from customers that only use their domain registration service, and they do not really care very much whether their DNS works for sites hosted elsewhere. Perhaps it is even deliberately broken? It is a wee bit suspicious and improbable that forwarding the main domain and the first sub-domain just works, and all other sub-domains thereafter seem to be subtly sabotaged.

    Godaddy tech support do respond to their e-mails in a timely manner, I will give them that. But at this point I would emphatically *not* recommend them as a registrar, or much else, for that matter. There are too many other options out there, and some of them[1] are considerable cheaper, too.

    [1] https://www.nearlyfreespeech.net/
    [2] http://www.godaddy.com/

    posted at: 08:25 | path: /Hosting/Godaddy | permanent link to this entry

    Sat, 14 Mar 2009

    /Admin/Apache/HTTPS-SSL: Turn on SSL in Apache

    Turn on the SSL module:

    cd /etc/apache2/mods-enabled/
    ln -s ../mods-available/ssl.conf .
    ln -s ../mods-available/ssl.load .
    /etc/init.d/apache2 restart

    In Debian, /etc/apache2/mods-enabled/ports.conf should already have logic to listen on the default port 443 if the SSL module is loaded.

    Now create a self-signed certificate (tinyca is a nice simple GUI that will do the job....) Just enter minimal information, and export the newly generated cert and key to files, being careful to set the expiration date nice and long, and export the key WITHOUT a password (otherwise you will have to provide a password every time apache is restarted).

    Copy the exported certificate files to your server, into directory /etc/apache2/ssl. Now create an SSL block in the Apache Virtual Host where you would like SSL. The *:80 block will respond to normal http requests, and the *:443 block will respond to https (SSL) requests:

    <VirtualHost *:80> DocumentRoot /var/www/webroot ServerName subdomain.domain.com ServerAlias subdomain.domain.com ServerAdmin webmaster@domain.com CustomLog /var/log/apache2/access.log combined </VirtualHost> NameVirtualHost *:443 <VirtualHost *:443> DocumentRoot /var/www/webroot ServerName subdomain.domain.com ServerAlias subdomain.domain.com ServerAdmin webmaster@domain.com CustomLog /var/log/apache2/access.log combined SSLEngine on SSLCertificateFile /etc/apache2/ssl/cert.pem SSLCertificateKeyFile /etc/apache2/ssl/key.pem </VirtualHost>

    I am not sure why the 443 block requires a NameVirtualHost line and the 80 block does not. Interestingly enough, this[2] says "Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol", which might have something to do with it? But despite this[3] I currently HAVE got name-based virtual hosting working on SSL, unless there is something I do not understand here.

    Here is a useful reference[1], in addition to the installed apache docs.

    [1] http://www.debian-administration.org/articles/349
    [2] http://httpd.apache.org/docs/2.2/vhosts/name-based.html
    [3] http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts

    posted at: 02:01 | path: /Admin/Apache/HTTPS-SSL | permanent link to this entry

    Fri, 13 Mar 2009

    /Services/fileSharing: Web Services Which Enable the Sharing of Large Files

    Among SpiderOak's other charms[1] is the capacity for sharing large files. All that is required is, in the SpiderOak client, to create a special link that points to the files that you are offering for download, and then send that link to file recipients.

    The Big Send[2] is another service that may be simpler and quicker (requiring neither account creation nor the download of software) for sending files that are less then 100M.

    [1] http://blog.langex.net/index.cgi/Admin/backups/SpiderOak/
    [2] https://www.thebigsend.com/

    posted at: 09:09 | path: /Services/fileSharing | permanent link to this entry

    Wed, 11 Mar 2009

    /Linux/Awesome: Awesome Window Manager Upgrade Breakage

    March 2009: location and contents of the $HOME config file have changed. Awesome now looks in ~/.config/awesome/rc.lua instead of ~/.awesomerc, and very little of the documentation seems to reflect this fact. On the bright side, for those of us who do not have a "Windows" key, it is now much easier to reassign the "Default modkey" to something else. To do so, make a local copy of config file:

    cp /etc/xdg/awesome/rc.lua ~/.config/awesome/rc.lua

    Then edit ~/.config/awesome/rc.lua:

    modkey = "Mod1"

    Mod1 is the Alt key, which is what you now must use for almost all keyboard shortcuts.

    As of early 2009, Awesome upgrades over-write /usr/share/xsessions/awesome.desktop without asking, causing my status bar clock to disappear and my screen locker to not get started. Keep a backup copy and manually restore this file after each upgrade.

    posted at: 09:23 | path: /Linux/Awesome | permanent link to this entry

    /Linux/Awesome: Autostarting Applications in Awesome

    It would seem I have discovered a hole in the Linux OS: there is no generalized method for autostarting applications upon login. KDE and Gnome each have their own, and if you use one of the other window managers some have something built-in, others (awesome?) apparently do not.

    This is my latest attempt to get a screen locker (xautolock / xtrlock) and a status bar clock going in my setup, borrowed from here[1]. In ~/.xinitrc I have put the following:

    #!/bin/sh ~/bin/better-awesome-clock & xautolock -time 10 -locker xtrlock -corners 00+0 -cornerdelay 0 & exec /usr/bin/awesome

    And I have modified /usr/share/xsessions/awesome.desktop as follows, such that the "Exec" line invokes .xinitrc rather then invoking awesome directly:

    [Desktop Entry] Encoding=UTF-8 Name=Awesome Comment=Awesome window manager Exec=/home/userid/.xinitrc Icon=awesome.xpm Type=Application
    And finally, for the record, this is the contents of ~/bin/better-awesome-clock (borrowed from where I do not recall):
    #!/bin/sh # while true do if [ -S ~/.awesome_ctl.0 ]; then while true do # See 'man date' to see the possible replacements for the % fields. echo "0 widget_tell mystatusbar clock text " " `date +\"%a, %b %d %I:%M %p\"`" echo "" # an empty line flushes data inside awesome sleep 1 done | awesome-client else sleep 1 fi done

    [1] http://urukrama.wordpress.com/2008/07/10/first-steps-with-awesome-window-manager/

    posted at: 09:10 | path: /Linux/Awesome | permanent link to this entry

    Sat, 07 Mar 2009

    /Coding/php: Coding Conventions

    This[1] is, I think, an excellent and concise summary of PHP coding conventions, both for readability and for reducing load on the server. This is the first time I have heard of the advisability of avoiding double quotes, for instance.

    [1] http://www.weberp.org/ContributingtowebERP

    posted at: 00:54 | path: /Coding/php | permanent link to this entry