Redirecting Apache HTTP to HTTPS

Now that everyone can enjoy and use free SSL certificates from Let’s Encrypt, let’s all encrypt!

To forward HTTP requests to secure HTTPS, there are multiple options.

If you’re using some kind of panel to edit Apache configuration (like ISPConfig) that does not allow to edit the virtual host for HTTP separate from the virtual host for HTTPS, you can use this configuration in both configuration containers:

RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

If you’re able to edit the virtual host for HTTP separately, Apache recommends using “Redirect”: http://httpd.apache.org/docs/current/rewrite/avoid.html#redirect

<VirtualHost *:80>
    ServerName www.example.com
    Redirect "/" "https://www.example.com/"
</VirtualHost>

<VirtualHost *:443>
    ServerName www.example.com
    # ... SSL configuration goes here
</VirtualHost>

By the way: if you’re using ISPConfig, I can recommend installing the Let’s Encrypt plugin from https://github.com/alexalouit/ISPConfig-letsencrypt. The plugin will be included into the upcoming new version of ISPConfig >3.1.

Posted in Hosting, Linux, Tools, Uncategorized

Restore trashed mails from dovecot maildir

To remove the “T”rashed flag from mails in a maildir, the files need to be renamed.

rename 's/(.+),ST$/$1,S/' ./**/*
rename 's/(.+),RST$/$1,RS/' ./**/*
rename 's/(.+),STab$/$1,Sab/' ./**/*
find . -type f -regex '.*,\(ST\|RST\|STa\|STb\|STab\)' -exec echo `echo {}` \;

I have also created a script which can be executed in the Maildir, searching for files and renaming the files: https://gist.github.com/mattanja/1367bc04750dd105317f

Posted in Dovecot, Linux

AngularJS ng-options syntax

I keep forgetting the correct syntax for ng-options in angular dropdowns. The documentation can be found here: https://docs.angularjs.org/api/ng/directive/ngOptions

The syntax used in the documentation is a bit confusing:

select as label for value in array

A concrete example for the syntax would look like this:

item.Id as item.Name for item in itemSource

I hope this helps myself and maybe someone else as well…

Posted in Code snippets, Javascript, Uncategorized

Running ASP.NET vnext on Ubuntu Linux

After reading a lot about ASP.NET vNext I finally found an hour to give it a try. I only got as far as running the first sample webs, but it’s very nice to see it work.

There where some steps I had to take to get it up and running:

https://github.com/aspnet/home is a good starting point. Starting with the command to install the basic kvm script I already got kvm and was almost able to restore packages.

curl -sSL https://raw.githubusercontent.com/aspnet/Home/master/kvminstall.sh | sh &amp;&amp; source ~/.kre/kvm/kvm.sh

The next step was to install Mono from http://www.mono-project.com/docs/getting-started/install/linux/#debian-ubuntu-and-derivatives:

sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
echo "deb http://download.mono-project.com/repo/debian wheezy main" | sudo tee /etc/apt/sources.list.d/mono-xamarin.list
apt-get update
apt-get install mono-complete

Next I cloned the aspnet Home samples:

git clone --depth=1 https://github.com/aspnet/Home.git aspnet.Home
cd aspnet.Home/samples/HelloMvc/

Ready to go!

kpm restore

[…]
System.IO.IOException: The authentication or decryption has failed. —> Mono.Security.Protocol.Tls.TlsException
homer-doh

Some NuGet packages failed to restore because the certificate didn’t seem to be validated on my system. After some searching I found this helpful page:
http://www.ganshani.com/blog/2014/12/shell-script-to-setup-net-on-linux/

Executed this scripts (with some manual approvals in between!):

sudo certmgr -ssl -m https://go.microsoft.com
sudo certmgr -ssl -m https://nugetgallery.blob.core.windows.net
sudo certmgr -ssl -m https://nuget.org
sudo certmgr -ssl -m https://www.myget.org/F/aspnetvnext/

Another

kpm restore

later, all packages restored perfectly.

Run the web:

k kestrel

– next error, null reference: https://github.com/aspnet/KestrelHttpServer/issues/29

Again the ganshani.com page helped with the script:

wget http://dist.libuv.org/dist/v1.0.0-rc1/libuv-v1.0.0-rc1.tar.gz 
tar -xvf libuv-v1.0.0-rc1.tar.gz
cd libuv-v1.0.0-rc1/
./gyp_uv.py -f make -Duv_library=shared_library
make -C out
sudo cp out/Debug/lib.target/libuv.so /usr/lib/libuv.so.1.0.0-rc1
sudo ln -s libuv.so.1.0.0-rc1 /usr/lib/libuv.so.1

So maybe things would have been faster using the setup script from Punit Ganshani in the first place, which can also be found on github: https://github.com/punitganshani/ganshani/blob/master/Samples/ASPNET5.0_SampleForLinux/SetupDotNetOnLinux.sh

In the end, this was what I saw: aspnet-linux

Next: Using http://www.omnisharp.net/ to edit the project in Sublime…

Posted in Uncategorized

Sublime Text customization settings

Here’s a backup of my custom settings for my favorite text-editor Sublime.

Default (Windows).sublime-keymap

[
	// Add 7 to toggle_comment command for German keyboard handling
	{ "keys": ["ctrl+shift+7"], "command": "toggle_comment", "args": { "block": true } },
]

Preferences.sublime-settings

{
	"ignored_packages":
	[
		"Vintage",
	],
	"word_wrap": "false"
}
Posted in Uncategorized

automysqlbackup – Backup databases on server

The easiest way that I have found for an advanced backup of all databases on a web hosting server was using the automysqlbackup tool.

By default the tool creates backups with automatic daily, weekly and monthly rotation. The backup files are being compressed and will be placed into your configured backup folder. Email notifications and a lot of additional options can be configured.
Of course the backup folder would then have to be backed up onto some other medium like a tape or remote servers.

automysqlbackup can be installed by cloning my fork from https://github.com/mattanja/automysqlbackup or downloading the original files from http://sourceforge.net/projects/automysqlbackup/

git clone git@github.com:mattanja/automysqlbackup.git

After cloning, simply run the setup script:

cd automysqlbackup
./install.sh

The executable script will be placed in /usr/local/bin/automysqlbackup using the default settings. The default configuration will be placed in /etc/automysqlbackup.

Next, update your server configuration in /etc/automysqlbackup/automysqlbackup.conf and/or /etc/automysqlbackup/myserver.conf – details can be found in the projects README file.

A run script is provided in /etc/automysqlbackup/run which can be used to setup a daily cronjob with the example-cron-file located in the same directory.

# cat example-cron-file
# Put this file into /etc/cron.d and adjust to your needs.
# Run the mysql backup scripts every morning at 4.30 h:
30 4 * * * root /etc/automysqlbackup/run

With this simple setup you’ll have a very advanced backup of all MySQL databases on your server within minutes. Thank you “wipe_out“.

Posted in Hosting, Linux

Must-have software tools

Spotify, Sublime, Cmder

Spotify, Sublime, Cmder

I’m starting to build my list of software that is the first to install on a new system:

Multi-platform:

Windows:

  • Cmder – finally a really nice console for Windows with almost everything I’m used to from Linux, includes git command line and tab auto-complete (with ending slash 😛 )
  • (Clover – tabbed windows explorer – I’m experiencing some issues with clover and currently don’t use it)
  • Greenshot – advanced screenshot creation and editing
  • Microsoft Visual Studio (C# web development)
  • Ditto (Clipboard Manager)
  • KatMouse (scroll in inactive window)
  • 7-zip

Linux:

The obvious (for completeness sake) and then some…

Software development stuff

Also a lot is going on in the browser I guess. These are some of the most important web tools I use every day:

Posted in Tools

Don’t use magic numbers

Quick note to start a new category on this blog: Good practices/Training

Everyone who doesn’t know what a “Magic number” in coding is, please quickly read this: http://stackoverflow.com/questions/47882/what-is-a-magic-number-and-why-is-it-bad

In some rare cases it might be allowed to use magic numbers (like 0/1 or in a circles calculation you may use 90/180/270/360 if it is clear why it’s being used). But in all other cases you have to explain such numbers – and the best way to do that is naming a variable or constant.

Example:

double angle = currentAngle + (angleSize / 3);

Why is this divided by 3?

angle = currentAngle + (angleSize / 3.5);

Why is this divided by 3.5?

The very least you can do here is add a comment with a short explanation.

Posted in Good practices/Training

OpenWRT on TP-Link TL-WDR4900

My wifi connections at home have been really slow using a really old AVM Fritz!Box, so I decided to upgrade to a TL-WDR4900. (The only thing still missing is 802.11 ac but the cheapest router providing that would be the Asus RT-AC66U AC1750 for twice the price of the TL-WDR4900, so that wasn’t worth it for me.)

http://wiki.openwrt.org/toh/tp-link/tl-wdr4900

I’m only writing this blog post because I found it really hard to get the right information on how to install OpenWRT – the wiki entry only scared me away because it doesn’t mention the simple method. The simple method is: Download firmware, upgrade, configure, done. (I can only speak for the v1 variant though.)

In this directory you’ve got to select the right binary: http://downloads.openwrt.org/snapshots/trunk/mpc85xx/

And this is the right binary: openwrt-mpc85xx-generic-tl-wdr4900-v1-squashfs-factory.bin

After upgrading the firmware, the most simple way is to telnet to your machine:

telnet 192.168.0.1

Install luci http://wiki.openwrt.org/doc/howto/luci.essentials

Configure your router from http://192.168.0.1

Update (2014-11-24):
To allow multiple outgoing VPN PPTP connections, the package “kmod-gre” is needed (“Generic Routing Encapsulation support”).

opkg install kmod-gre

Posted in Uncategorized

Groupware options for small companies or organizations

(tbd – work in progress… Advice welcome…)

Over the last weeks and months I’ve had multiple people asking for advice about groupware software. For me that is still kind of an open issue and I’m not sure what the best answer would be. These are the options I know and would consider using at this point in time (in Germany):

  • Google Apps – expensive, not everybody wants their data hosted at Google
  • Zimbra OS – on some virtual server
  • OpenXchange (I never understood the licensing/pricing options there)
  • 1&1 MailXchange – hosted OpenXchange service, pricing ok
  • Microsoft Exchange (too expensive for small business)
  • atmail – looks promising, haven’t tried yet

The following list contains the requirements that I would put on such a system:

  • Mailbox for each user with delegation mailbox options
  • Calendar
  • Contacts
  • Mobile sync for Mail, Calendar & Contacts on Android & iPhone, preferably without having to install additional apps
  • Web-mail user interface with Google Mail as a reference “gold standard” – keyboard shortcuts and labels are the killer features of Google Mail for me

Additionally these requirements need to be met regarding server-side and administration:

  • “Domain-level” administration of mailboxes and permissions
  • Automated online backup possible

Actually these two points are the major constraints of Zimbras Open-Source edition which I have been using for some years now. Besides these limitations, Zimbra OS also lacks support for mobile devices (except for IMAP), which is another deal breaker. zextras may help with all of these and I will try it out as soon as I’ll have time for that.

Other options and comments welcome…

Posted in Groupware, Linux


profile for mattanja at Stack Overflow, Q&A for professional and enthusiast programmers