Here you are!
# yum install httpd-tools
install free-ssl-cert (Let’s Encrypt) to nginx on amazon linux
StandardSTEP0 refer to
https://letsencrypt.jp/docs/using.html#installation
STEP1 install client
# cd /usr/local git clone https://github.com/certbot/certbot
STEP2 install ssl cert
# /usr/local/certbot/certbot-auto certonly --debug --webroot \ > -d hoge.example.mydns.jp \ > --webroot-path /usr/share/nginx/html Version: 1.1-20080819 Version: 1.1-20080819 IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/hoge.example.mydns.jp/fullchain.pem. Your cert will expire on 2016-10-05. To obtain a new or tweaked version of this certificate in the future, simply run certbot-auto again. To non-interactively renew *all* of your certificates, run "certbot-auto renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le # ls -l /etc/letsencrypt/live/hoge.example.mydns.jp cert.pem -> ../../archive/hoge.example.mydns.jp/cert1.pem chain.pem -> ../../archive/hoge.example.mydns.jp/chain1.pem fullchain.pem -> ../../archive/hoge.example.mydns.jp/fullchain1.pem privkey.pem -> ../../archive/hoge.example.mydns.jp/privkey1.pem
STEP3 setting nginx
# vi /etc/nginx/nginx.conf
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80;
return 302 https://$host$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/hoge.example.mydns.jp/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hoge.example.mydns.jp/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /usr/share/nginx/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
}
STEP4 restart nginx
# /etc/rc.d/init.d/nginx restart
OTHER
SSL Cert on Let’s Encrypt expires 90 days.
You can update cert by command “certbot renew” .
basic auth for nginx & amon2
Standardnginx setting
Set “proxy_set_header X-Forwarded-User $remote_user;” in nginx.conf
#user nobody;
worker_processes 1;
error_log logs/error.log;
#error_log logs/error.log notice;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
server {
listen 8080;
server_name localhost;
location / {
proxy_pass http://127.0.0.1:5000;
auth_basic "MEMBER ONLY";
auth_basic_user_file /home/endo/dev/htpasswd;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-User $remote_user; ## HERE!!
}
}
}
You can get $remote_user from “HTTP_X_FORWARDED_USER”
Context object of Amon2 has HTTP_X_FORWARDED_USER.
sub get_login_user {
my ($self,$c) = @_; # "$c" is context object of amon2.
my $user_id = $c->req->{env}->{HTTP_X_FORWARDED_USER};
return Splats::Model::User->new($c,$user_id);
}
check installed many modules by Module::Load for perl
Standard
#!/usr/local/bin/perl
use strict;
use Module::Load;
main();
sub main {
my @load_classes = qw/Apache::DBI Apache2::Reload Archive::Tar
Archive::Zip Crypt::Eksblowfish::Bcrypt Crypt::SSLeay
Date::Format DBI DBD::mysql DBD::ODBC
DBD::Oracle DBD::Pg Encode::HanExtra IO::Socket::SSL
JSON::XS List::Util::XS LWP::UserAgent Mail::IMAPClient
IO::Socket::SSL ModPerl::Util Net::DNS
Net::LDAP Template Template::Stash::XS
Text::CSV_XS Time::HiRes Time::Piece XML::LibXML
XML::LibXSLT XML::Parser YAML::XS/;
for my $load_class (@load_classes) {
eval { Module::Load::load $load_class };
if ($@) {
print STDERR "NOT INSTALLED $load_class \n";
}
}
}
1;
↓
$ ./chk_cpan_modules.pl NOT INSTALLED DBD::Oracle NOT INSTALLED DBD::Pg
jQuery Templates -> JsRender/JsViews
StandardI was using jQuery Templates ( jquery.tmpl.js ),
but the project stoped , and successor project has been started
( JsRender/JsViews ).
https://github.com/BorisMoore/jquery-tmpl
https://www.jsviews.com/
Detailed usage of the JsRender is in http://www.jsviews.com .
But you can use easily in the following of such code .
<br />{{: user}} さんが
{{: time}} に追加
<div class="msg_body">【LOG LEVEL: {{: level}}】{{: msg}}</div>
<div class="msg_body">{{: msg}}</div>
{{: user}} さんが
{{: time}} に追加
<a href="/static/js/jquery-1.12.1.min.js">/static/js/jquery-1.12.1.min.js</a>
<a href="/static/js/jsrender.min.js">/static/js/jsrender.min.js</a>
post_add_load_memo: function( data ){
var tmpl_log = $.templates('#msg_log_tmpl');
var tmpl_memo = $.templates('#msg_memo_tmpl');
for (var i=0; i<data.recent_logs.length; i++ ){
var recent_log = data.recent_logs[i];
var html_tr = '';
if( recent_log['level'] == 'MEMO'){
html_tr = tmpl_memo.render( recent_log );
} else {
html_tr = tmpl_log.render( recent_log );
}
$('#msg_list tbody').prepend(html_tr);
}
p_util.hide_loading();
},
installing cakephp 2.8.3
Standard
following cakephp3, I install cakephp2.
but unlike cakephp3, cakephp2 only unzip ( or un-tar ) the file.
reference url
http://book.cakephp.org/2.0/ja/installation.html
http://book.cakephp.org/2.0/en/installation.html
cakephp-2.8.3
cd /home/endo/dev/ wget https://github.com/cakephp/cakephp/archive/2.8.3.tar.gz tar -zxvf 2.8.3.tar.gz cd cakephp-2.8.3
edit apache’s httpd.conf
$ vi /home/endo/local/apache22/conf/httpd.conf <Directory "/home/endo/dev/cakephp-2.8.3/app/webroot"> AllowOverride All Order allow,deny Allow from all </Directory> Alias /cakephp /home/endo/dev/cakephp-2.8.3/app/webroot
And you can access to “http://cent6.a5.jp:8081/cakephp/”.
Routing table exists in “/dev/cakephp-2.8.3/app/Config/routes.php”.
installing php 5.6 + openssl 1.0.2 + cakephp 3.2
Standardreference url
http://book.cakephp.org/3.0/ja/installation.html
http://book.cakephp.org/3.0/en/installation.html
openssl 1.0.2
I had installed no-shared openssl to my centos before , so I re-installed shared openssl.
$ wget https://www.openssl.org/source/openssl-1.0.2g.tar.gz $ tar -zxvf openssl-1.0.2g.tar.gz $ cd openssl-1.0.2g $ less INSTALL $ ./config --prefix=/usr/local/openssl_1.0.2 shared $ make $ make test $ su # make install
ICU – International Components for Unicode
INTL php module that cakephp3 needs, needs icu.
$ wget http://download.icu-project.org/files/icu4c/57.1/icu4c-57_1-src.tgz $ tar -zxvf icu4c-57_1-src.tgz $ cd icu/source $ ./configure $ make $ make check $ su # make install
php 5.6.21
- NOTICE 1 CAKEPHP3 needs ” –enable-intl “.
- NOTICE 2 I had 14 failed tests , but I executed “make install”.
$ wget http://jp2.php.net/get/php-5.6.21.tar.gz/from/this/mirror $ mv mirror php-5.6.21.tar.gz $ tar -zxvf php-5.6.21.tar.gz $ cd php-5.6.21.tar.gz $ ./configure \ --with-apxs2=/home/endo/local/apache22/bin/apxs \ --enable-mbstring \ --with-mysql=/usr/local/mysql \ --with-mysqli=/usr/local/mysql/bin/mysql_config \ --with-pdo-mysql=/usr/local/mysql \ --with-openssl=/usr/local/openssl_1.0.2 \ --enable-intl $ make $ make test : ===================================================================== TEST RESULT SUMMARY --------------------------------------------------------------------- Exts skipped : 46 Exts tested : 33 --------------------------------------------------------------------- Number of tests : 13815 10408 Tests skipped : 3407 ( 24.7%) -------- Tests warned : 9 ( 0.1%) ( 0.1%) Tests failed : 14 ( 0.1%) ( 0.1%) Expected fail : 39 ( 0.3%) ( 0.4%) Tests passed : 10346 ( 74.9%) ( 99.4%) --------------------------------------------------------------------- Time taken : 597 seconds ===================================================================== : ===================================================================== FAILED TEST SUMMARY --------------------------------------------------------------------- Bug #62046 mysqli@mysqlnd can't iterate over stored sets after call to mysqli_stmt_reset() [ext/mysqli/tests/bug62046.phpt] Bug #66043 (Segfault calling bind_param() on mysqli) [ext/mysqli/tests/bug66043.phpt] API vs. SQL LAST_INSERT_ID() [ext/mysqli/tests/mysqli_last_insert_id.phpt] Persistent connections and mysqli.max_links [ext/mysqli/tests/mysqli_pconn_max_links.phpt] mysqli iterators [ext/mysqli/tests/mysqli_query_iterators.phpt] mysqli_release_savepoint() [ext/mysqli/tests/mysqli_release_savepoint.phpt] mysqli_store_result() [ext/mysqli/tests/mysqli_store_result_buffered_c.phpt] Bug #65538: SSL context "cafile" disallows URL stream wrappers [ext/openssl/tests/bug65538_002.phpt] Bug #70389 (PDO constructor changes unrelated variables) [ext/pdo_mysql/tests/bug70389.phpt] Bug #61411 (PDO Segfaults with PERSISTENT == TRUE && EMULATE_PREPARES == FALSE) [ext/pdo_mysql/tests/bug_61411.phpt] MySQL PDO->__construct(), PDO::MYSQL_ATTR_MAX_BUFFER_SIZE [ext/pdo_mysql/tests/pdo_mysql_attr_max_buffer_size.phpt] PDO::ATTR_ORACLE_NULLS [ext/pdo_mysql/tests/pdo_mysql_attr_oracle_nulls.phpt] MySQL PDO->exec(), affected rows [ext/pdo_mysql/tests/pdo_mysql_exec.phpt] file_get_contents() test using offset parameter out of range [ext/standard/tests/file/file_get_contents_error001.phpt] ===================================================================== : $ su # make install # cp php.ini-development /usr/local/lib/php.ini
php package manager : Composer
According to cakephp3 document , Composer manage “cakephp3”.
$ cd /home/endo/dev $ curl -s https://getcomposer.org/installer | /usr/local/bin/php All settings correct for using Composer Downloading 1.0.3... Composer successfully installed to: /home/endo/dev/composer.phar Use it: php composer.phar
Make new cakephp3
$ cd /home/endo/dev $ /usr/local/bin/php composer.phar create-project --prefer-dist cakephp/app test_cake $ test_cake/bin/cake server -H cent6.a5.jp -p 5673 ACCESS TO http://cent6.a5.jp:5673
Routing table exists in APP_ROOT/config/routes.php
other
Php without intl displays error below, when you make cakephp3 project.
$ /usr/local/bin/php composer.phar create-project --prefer-dist cakephp/app my_app_name Installing cakephp/app (3.2.6) - Installing cakephp/app (3.2.6) Downloading: 100% Created project in my_app_name Loading composer repositories with package information Updating dependencies (including require-dev) Your requirements could not be resolved to an installable set of packages. Problem 1 - cakephp/cakephp 3.2.8 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.7 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.6 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.5 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.4 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.3 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.2 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.1 requires ext-intl * -> the requested PHP extension intl is missing from your system. - cakephp/cakephp 3.2.0 requires ext-intl * -> the requested PHP extension intl is missing from your system. - Installation request for cakephp/cakephp ~3.2 -> satisfiable by cakephp/cakephp[3.2.0, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8]. To enable extensions, verify that they are enabled in those .ini files: - /usr/local/lib/php.ini You can also run `php --ini` inside terminal to see which files are used by PHP in CLI mode. : $
RaspbianMirrors can download raspbian os faster than “www.raspberrypi.org”
Standardsubstitute of sleep() by javascript:setTimeout()
Standard
(function() {
var directionsService = new google.maps.DirectionsService();
var SLEEP_CALC_DIST = 500; //msec. google map apiでroute計算する実行間隔
var CalcDist = function() {};
CalcDist.prototype = {
startCalcDists: function(){
$('#calcResult').val(''); //結果欄のclear
//スタート地点の座標
this.start_lon_lat =
[ $('#start_lon').val(), $('#start_lat').val() ];
//ゴール地点の座標
this.goals_str = $('#goal_lon_lat').val().split("\n");
this.calcDists(0);
},
calcDists: function(i){
var goal_lon_lat = this.goals_str[i].split("\t");
if(goal_lon_lat.length < 2){
return false;
}
this.calcDist(new google.maps.LatLng( this.start_lon_lat[0],
this.start_lon_lat[1]),
new google.maps.LatLng( goal_lon_lat[0],
goal_lon_lat[1]) );
var this_obj = this;
setTimeout( function(param_i) { //////// HERE!!
this_obj.calcDists(param_i); //////// HERE!!
}, SLEEP_CALC_DIST, i+1); //////// HERE!!
},
calcDist: function(start_lon_lat, goal_lon_lat){
//google map apiによる経路探索
directionsService.route(
{origin: start_lon_lat,
destination: goal_lon_lat,
travelMode: google.maps.DirectionsTravelMode.DRIVING,
unitSystem:
google.maps.DirectionsUnitSystem.METRIC, //m表示
optimizeWaypoints: true,//最適化された最短距離にする
avoidHighways: true, //true=高速道路を使用しない
avoidTolls: true //true=有料道路を使用しない
},
function(result, status) {
//google map apiからOKが返ってきたら、結果欄に表示
if (status == google.maps.DirectionsStatus.OK) {
//google map apiは複数のルートを返しますが
//「optimizeWaypoints: true」により
//最初が最短経路のはず...
var distance =
result.routes[0].legs[0].distance.value;
var end_location =
String( result.routes[0].legs[0].end_location );
var match_result = end_location.match(/([\d\.]+)/g);
var caltResultStr =
[match_result[0],
match_result[1],
distance].join("\t");
$('#calcResult').val(
$('#calcResult').val()+ caltResultStr+"\n");
}
});
}
};
window.calcDist = new CalcDist();
})();
can’t fuzzy search to openldap attribue that is configured “EQUA LITY=caseExactIA5Match” ?
StandardEmail address can be fuzzy search , but equipSerialNo can’t .
$ /usr/local/openldap/bin/ldapsearch -x -h ??.??.??.?? \ -D "cn=Manager,dc=sso,dc=example,dc=com" -w ???????? \ -b "ou=People,dc=sso,dc=example,dc=com" \ "mail=*example*"
$ /usr/local/openldap/bin/ldapsearch -x -h ??.??.??.?? \ -D "cn=Manager,dc=sso,dc=example,dc=com" -w ???????? \ -b "ou=People,dc=sso,dc=example,dc=com" \ "equipSerialNo=*SA*"
ldapsearch commands show configuration on openldap, I think caseExactIA5Match affects fuzzy search.
maybe …
/usr/local/openldap/bin/ldapsearch -x -h ??.??.??.?? \
-D "cn=config" -w ???????? \
-b 'olcDatabase={2}bdb,cn=config'
$ /usr/local/openldap/bin/ldapsearch -x -h ??.??.??.?? \ -D "cn=config" -w ???????? \ -b 'cn=config' '(objectClass=olcSchemaConfig)'
end0tknr's kipple 