Use the system-config-network command to configure the network.
References:
Deployment Script WIP
This is a work in progress…
#!/bin/sh
SOURCEPATH=’/var/git/working_copies/website/webroot/’
DESTPATH=’/var/www/website/webroot’
DESTUSER=’deploy’
LOGFILE=’/var/log/website_rsync.log’
SUBJECT=”website.com Prod Updated:from MANAGE01SRV”
EMAIL=”me@me.com”
EMAILCC=”me@me.com“
DESTPATH=’/var/www/website/webroot’
DESTUSER=’deploy’
LOGFILE=’/var/log/website_rsync.log’
SUBJECT=”website.com Prod Updated:from MANAGE01SRV”
EMAIL=”me@me.com”
EMAILCC=”me@me.com“
echo “Job started at: `/bin/date`” > $LOGFILE
for SERVER in web01 web02 web03 web04
if $SERVER = “web01” then NSSRV = “wb01”
else NSSRV = “wb02”
do
ssh nsroot@netscaler ‘disable server site01_$NSSRV’
ssh $DESTUSER@$SERVER service apache2 stop >> $LOGFILE
rsync -avc –delete –exclude=”.git” –exclude=”var/” –exclude=”.gitignore” –rsh=ssh $SOURCEPATH $DESTUSER@$SERVER:$DESTPATH 2>&1 >> $LOGFILE
ssh $DESTUSER@$SERVER rm -rf $DESTPATH/var/cache/*
ssh $DESTUSER@$SERVER /var/scripts/fixperms.sh >> $LOGFILE
ssh $DESTUSER@$SERVER service apache2 start >> $LOGFILE
ssh nsroot@netscaler ‘enable server site01_$NSSRV’
done
if $SERVER = “web01” then NSSRV = “wb01”
else NSSRV = “wb02”
do
ssh nsroot@netscaler ‘disable server site01_$NSSRV’
ssh $DESTUSER@$SERVER service apache2 stop >> $LOGFILE
rsync -avc –delete –exclude=”.git” –exclude=”var/” –exclude=”.gitignore” –rsh=ssh $SOURCEPATH $DESTUSER@$SERVER:$DESTPATH 2>&1 >> $LOGFILE
ssh $DESTUSER@$SERVER rm -rf $DESTPATH/var/cache/*
ssh $DESTUSER@$SERVER /var/scripts/fixperms.sh >> $LOGFILE
ssh $DESTUSER@$SERVER service apache2 start >> $LOGFILE
ssh nsroot@netscaler ‘enable server site01_$NSSRV’
done
echo “Job completed at: `/bin/date`” >> $LOGFILE
/usr/bin/mail -s “$SUBJECT” “$EMAIL” < $LOGFILE
Installing mod_security
sudo aptitude install libapache2-modsecurity
sudo mkdir /etc/apache2/modsecurity
sudo vi /etc/apache2/conf.d/modsecurity.conf
## /etc/init.d/apache2/conf.d/modsecurity.conf
Include modsecurity/*.conf
cd /etc/apache2/modsecurity/
sudo cp -R /usr/share/modsecurity-crs/base_rules/* .
sudo vi /etc/apache2/modsecurity/modsecurity_crs_20_protocol_violations.conf
Replace this line:
SecRule REQBODY_ERROR “!@eq 0” \
with this one:
SecRule REQBODY_PROCESSOR_ERROR “!@eq 0” \
sudo service apache2 restart
cat /var/log/apache2/error.log | grep modsecurity
Fix Network Iface on cloned ubuntu VM
Since the MAC address changes, the interface will not be configured, so
rm /etc/udev/rules.d/70-persistent-net.rules
How to reset file permissions on Magento base directory
These commands will reset the file permissions on the base Magento installation to the correct permissions:
-
find . -type f -exec chmod 644 {} \;
-
find . -type d -exec chmod 755 {} \;
-
chmod o+w var var/.htaccess app/etc
-
chmod 550 pear
-
chmod -R o+w media
Check Disk IO – Nagios
Quick steps to start checking disk i/o with nagios.
- wget –no-check-certificate https://trac.id.ethz.ch/projects/nagios_plugins/downloads/check_diskio-3.2.3.tar.gz
- tar -xzvf check_diskio-3.2.3.tar.gz
- cd check_diskio-3.2.3
- vi check_diskio
- change line 1 to #!/usr/bin/perl, save and exit.
- apt-get install libnagios-plugin-perl libarray-unique-perl libfile-slurp-perl liblist-moreutils-perl libnumber-format-perl libreadonly-perl
- cp check_diskio /usr/local/icinga/libexec/check_diskio.pl
- vi /usr/local/icinga/etc/nrpe.cfg
- add the following line: command[check_diskio]=/usr/local/icinga/libexec/check_diskio.pl -d /dev/dm-0 -w 200 -c 300
- killall nrpe
- /usr/local/icinga/bin/nrpe -n -c /usr/local/icinga/etc/nrpe.cfg -d to restart nrpe daemon.
- modify config accordingly on the server and restart icinga.
Test:
./check_diskio -d / -w 200 -c 300
Fix a broken svn repo
First.
svn propdelete svn:sync-lock --revprop -r 0 file:///path/to/repo
then do an svn sync
Fixing Permissions on a website
Directory Perms:
find /path/to/base/dir -type d -print0 | xargs -0 chmod 755
File Perms:
find /path/to/base/dir -type f -print0 | xargs -0 chmod 644
SNMP Configuration for linux hosts
Configuration
Move existing /etc/snmp/snmpd.conf configuration file to /etc/snmp/snmpd.conf.orig then
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.org
Create a new /etc/snmp/snmpd.conf file:
rocommunity public
syslocation “Ashburn colo”
syscontact ops@company.com
syslocation “Ashburn colo”
syscontact ops@company.com
Make snmpd use the newly created file and make it listen to all interfaces:
Edit /etc/default/snmpd
Change from:
# snmpd options (use syslog, close stdin/out/err).
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
To:
# snmpd options (use syslog, close stdin/out/err).
#SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf’
#SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1′
SNMPDOPTS=’-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf’
and restart snmpd
/etc/init.d/snmpd restart
How to duplicate an IIS7 configuration
Export IIS7 Config
TWEB is the Destination web server.
SWEB is the Source web server.
First, on TWEB make a backup copy of the files in C:\Windows\System32\inetsrv\config. I just created a subfolder called “bak” and copied them. This is very important. If you forget or skip this step because backups are for sissies, you will be re-installing IIS7 in step 4.
Second, copy the AppliationHost.config from SWEB into the C:\Windows\System32\inetsrv\config folder on TWEB. Also copy any application files like your c:\websites folder or whatever over to TWEB in the appropriate location if you haven’t already.
Third, on TWEB open both the new ApplicationHost.config and the backup ApplicationHost.config from step 1 and locate the <configProtectedData> node in the backup. Copy that node and replace it into the new config file.
Fourth, if you didn’t backup the existing config file, remove the IIS role and add it back, then start at step 1.