markomedia - web development

Occasionally I find .svn directories in my old projects that are not in Subversion.  The quickest way to recursively remove them is to run the following command:

find . -name .svn -print0 | xargs -0 rm -rf

You need to cd into your project directory before running it.

You can also run the command to quickly disconnect your project from Subversion.

Couple of months ago I installed Tigase server on my laptop and it was working beautifully until this morning.  I’ve installed quite a few major OS updates on my laptop since then and I must’ve done something to upset Tigase.  I visited Tigase Website to download a fresh copy of the server and see what the command is to install it using console.  The Website seems to be in the middle of some sort of upgrade and many links appear to be broken.  Thanks to Google cached search results I managed to find what I wanted.

Here’s the magic command to install Tigase using consile installer:

java -jar nameOfTheDownloadedJarFile.jar -console

and follow the prompts. It’s pretty simple, but my brain refuses to memorise it.

By the way, I was getting the following error when I started the server:

etc/tigase.xml: line 1: syntax error near unexpected token `newline'
etc/tigase.xml: line 1: `<!--?xml version='1.0' encoding='UTF-8'?-->`
JAVA_HOME is not set.

tigase.xml is identical to the one on our staging server which works perfectly. And my JAVA_HOME is definitely set in tigase.conf. I’ve also noticed that Tigase likes to insert some whitespace in tigase.xml file upon every startup on a Mac. I’ve got the feeling that this is what’s causing the server to eventually barf. I could be wrong though.

UPDATE: Tigase Website, is back online and installation instructions can be found here.
You can download Tigase server from Tigase Website.

Marko

This is another one for my reference. I’ve had to generate a self-signed SSL certificate quite a few times and I’m sure I’ll do it again in future. First of all, self-signed SSL certificates provide the same level of security as any other commercial ones, such as Verisign certs. The 2 main differences are:

1. Self-signed certificates are free
2. Self-signed certificates are not recognised by web browsers by default. They need to be installed in browsers manually in order to be accepted by them. This is a 10 second job.

So, if I am setting up a staging web server or a subversion server on a secure domain, a self-signed SSL would be an obvious choice for me. There are a few ways you can generate your SSL certificates, but this is how I like to do it because it works for me on Mac and Linux.

Step 1: cd into my working directory

cd ~/Desktop/KeyGen

Step 2: Generate my key – a Triple-DES encrypted, 1024 bit RSA key

openssl genrsa -des3 -out server.key 1024

You’ll be asked to enter in a passphrase.

Step 3: Create a CSR (Certificate Signing Request)

openssl req -new -key server.key -out server.csr

You’ll be asked to enter in some basic information about your organisation such as, country, name, state, email etc… Here’s a sample output:

Country Name (2 letter code) [AU]: (enter your country code here)
State or Province Name (full name) [Some-State]: (Enter your state here)
Locality Name (eg, city) []: (enter your city here) Organization Name (eg, company) [Internet Widgits Pty Ltd]: (enter something here) Organizational Unit Name (eg, section) []: (enter something here)
Common Name (eg, YOUR name) []: (this is the important one)
Email Address []: (your e-mail address)

Step 4: Remove passphrase from my key. Note: I want to remove it because Apache web server will ask me to enter it in every time I restart the server. If you want to keep the passphrase, skip this step.

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

Step 5: Create a self-signed certificate using the key I just created. Note: “days -365″ will make the certificate valid for 1 year. You can easily make it valid for 10 years if you like. I’m sure you can figure out how to do that!

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

That’s it. Now all you need to do is make it work with Apache by enabling mod_ssl and adding the following in your virtual host:

SSLEngine On
SSLCertificateFile 'full_path'/server.crt
SSLCertificateKeyFile 'full_path'/server.key

I’m writing this one for my own reference because almost everything I do for work, is done through SSH port forwarding. If you’re not familiar with SSH port forwarding, you’ll have to read up on it elsewhere. And the reason why we use SSH port forwarding is because it is secure and powerful.

I generally set up my port forwards to run on my local computer on an arbitrary port and configure SSH to create a proxy connection to the normal port on a remote computer. Then I configure my application to connect to my local computer on the chosen arbitrary port.

For example, I would add the following in my hosts file:

sudo nano /etc/hosts
127.0.0.1 local1A.fwd
127.0.0.1 local1B.fwd
127.0.0.1 local1C.fwd

let’s say I want to forward my local requests on ports 6800, 6801, 6802 to remote servers on ports 3012, 3013, 3014. Start by modifying your ssh config:
nano .ssh/config
add the following:

host remote1A
hostname 111.111.111.111 #remote IP address goes here
user my_username #server username goes here
localforward local1A.fwd:6800 111.111.111.111:3012
 
host remote1B
hostname 111.111.111.111 #remote IP address goes here
user my_username #server username goes here
localforward local1B.fwd:6801 111.111.111.111:3013
 
host remote1C
hostname 111.111.111.111 #remote IP address goes here
user my_username #server username goes here
localforward local1C.fwd:6802 111.111.111.111:3014

You should now be able to ssh to remote machines:

ssh remote1A

and similarly for 1B and 1C.

Now, lets say you want to create another 3 local hosts and simultaneously port forward to another 3 remote machines via exact same port numbers. This is where you’ll run into problems, because you can only use one local port at a time on 127.0.0.1. The workaround it is to create secondary addresses to your loopback interface 127.0.0.2, 127.0.0.3 and so on. The command to add the secondary IP address is:

sudo ifconfig lo0 alias 127.0.0.2/32

Now you can add new set of hosts:

127.0.0.2 local2A.fwd
127.0.0.2 local2B.fwd
127.0.0.2 local2C.fwd

And use the same set of port numbers to tunnel through another set of remote servers:

host remote2A
hostname 222.222.222.222 #remote IP address goes here
user my_username #server username goes here
localforward local1A.fwd:6800 222.222.222.222:3012
 
host remote2B
hostname 222.222.222.222 #remote IP address goes here
user my_username #server username goes here
localforward local1B.fwd:6801 222.222.222.222:3013
 
host remote2C
hostname 222.222.222.222 #remote IP address goes here
user my_username #server username goes here
localforward local1C.fwd:6802 222.222.222.222:3014

Marko

Following my post on Snow Leopard Gotchas, I discovered another problem you might run into. SL comes with currently the latest version of PHP 5.3.0. However, not all PHP projects will play nice on v5.3.0. What you could do is:

1. build and configure an older version of PHP from source – e.g. 5.2.11
2. Install Entropy PHP (note: this will modify your SL Apache config files).
3. Or just be lazy and install MAMP (Macintosh, Apache, MySQL, PHP) in a few seconds.

I chose the last option for 5 reasons:
1. I’m lazy
2. Comes with PHP 4.4.9 & 5.2.10
3. It installs a complete package in one directory
4. It doesn’t mess with my existing apache config files
5. it’s easy to uninstall.

This is particularly useful for content editors who have phobia of terminal windows (I don’t blame them). Hopefully some developers will find this useful too.

After you’ve downloaded and installed MAMP, you’ll notice that the installer created /Applications/MAMP directory. Launch your MAMP Control Center, start your services and away you go.

By default, your Apache web server will run on port 8888. You can change this to port 80 in Preferences, but if you do that you will have to make sure that your OS X Web Sharing is stopped. You can stop it in System Preferences=>Sharing=>Web Sharing.

Normally your Apache virtual would be here:

/etc/apache2/users/*.conf or /etc/apache2/extra/httpd-vhosts.conf

MAMP keeps virtual hosts separately in:

/Applications/MAMP/Library/vhosts

If you ever want to uninstall MAMP, all you need to do is Trash /Applications/MAMP directory and you’re done. It’s simple and clean.
For more info see MAMP documentation.
Problems you may have with Entropy PHP

Entropy PHP will add a new config file in /etc/apache2/other and possibly modify your httpd.conf. If you’re having problems running PHP, there could be various symptoms. The one I was seeing in apache error logs was this one:
child pid 7563 exit signal Segmentation fault (11)

I’m not sure what this means exactly, but it happens when your Entropy config file:
/etc/apache2/other/+entropy-php.conf
tries to load the problematic php module:

LoadModule php5_module /usr/local/php5/libphp5.so

To solve this, I would recommend removing all Entropy stuff and go back to your native PHP 5.3.0. You could try removing, or backing up +entropy-php.conf and uncomment the following line in your httpd.conf

LoadModule php5_module libexec/apache2/libphp5.so

Also check that this file exists:

/etc/apache2/other/php5.conf

and that it contains

<IfModule php5_module>
	AddType application/x-httpd-php .php
	AddType application/x-httpd-php-source .phps
	DirectoryIndex index.html index.php
</IfModule>