hey there,
today I was unable to log into my private irc server. Really strange, since I changed nothing, the server was still running and all. Also my screen session seemed to have vanished.
After I asked another user I heard I was still in the channel... somehow my screen session was off the radar but still running, so I could not connect to it. Also since in this session I already was logged into the irc server, I could not log in again.
Well, killing the session and opening a new one was easy, but had I not asked my friend I could have been debugging for days without ever getting the idea I would still be logged in from somewhere.
So, every detail matters, even a "crashed" screen session :D
2012-06-28
2012-06-03
backup script (NO, not data-backups, small configuration file backups)
Hello again,
after some time finally something usefull for more of you: a small bash script that came out of configuration work. The scenario is, you want to test a new configuration file, but want to backup the old or standard one. Sometimes it's a hole directory you want to exchange. And ofter some testing one has a couple of backup files, all with different names and naming conventions, somtimes maybe a date, sometimes a tag...
So I wrote the following script. Probably most admins do something like this and probably there are already a quadrillion tools out there, that do this or can do this. But I like to have a simple command that does exactly what I want without the need to supply the same options everytime, that I can't remember. So if you have a tool already, just make an alias. But here's the script, for everyone who wants to use it:
#!/bin/bash
# put it here for example: /usr/local/bin/bak.sh
# don't forget to chmod 755 it
if [[ (($# -ne 1) && ($# -ne 2)) || ($1 == "-h") ]]; then
echo "usage: bak.sh <file or dir> <optional tag>"
echo "files will just be copied"
echo "directories will be archieved as .tgz"
exit
fi
APPEND="bak-`date +'%Y-%M-%d_%H%M%S'`"
if [ $# -eq 2 ]; then
APPEND="${APPEND}-${2}"
fi
if [ -d $1 ]; then
APPEND="${APPEND}.tgz"
echo "backing up ${1} to ${1}.${APPEND}"
tar czf $1.$APPEND $1
else
echo "backing up $1 to ${1}.${APPEND}"
cp -p $1 $1.$APPEND
fi
after some time finally something usefull for more of you: a small bash script that came out of configuration work. The scenario is, you want to test a new configuration file, but want to backup the old or standard one. Sometimes it's a hole directory you want to exchange. And ofter some testing one has a couple of backup files, all with different names and naming conventions, somtimes maybe a date, sometimes a tag...
So I wrote the following script. Probably most admins do something like this and probably there are already a quadrillion tools out there, that do this or can do this. But I like to have a simple command that does exactly what I want without the need to supply the same options everytime, that I can't remember. So if you have a tool already, just make an alias. But here's the script, for everyone who wants to use it:
#!/bin/bash
# put it here for example: /usr/local/bin/bak.sh
# don't forget to chmod 755 it
if [[ (($# -ne 1) && ($# -ne 2)) || ($1 == "-h") ]]; then
echo "usage: bak.sh <file or dir> <optional tag>"
echo "files will just be copied"
echo "directories will be archieved as .tgz"
exit
fi
APPEND="bak-`date +'%Y-%M-%d_%H%M%S'`"
if [ $# -eq 2 ]; then
APPEND="${APPEND}-${2}"
fi
if [ -d $1 ]; then
APPEND="${APPEND}.tgz"
echo "backing up ${1} to ${1}.${APPEND}"
tar czf $1.$APPEND $1
else
echo "backing up $1 to ${1}.${APPEND}"
cp -p $1 $1.$APPEND
fi
SSL Rant
GAAAAAAAAHHHH I HATE SSL
Well, I mean, I cannot live without ssl. Well I mean, I cannot live without encryption. And SSL is the de-facto standard encryption on the internet.
Since I moved to a new server because the old ones uptime rarely gets beyond 24 hours these days, i had to reconfigure some services. Apache was easy, copy the config, everybody's happy.
Mail wasn't that easy, I wanted to have virtual domains. So I had to bake myself a new little setup from ground up. postfix + courier-imap was working before, so I decided to base it on that.
But when I was testing connectivity I noticed SSL warnings. these typical "your certificate is BROKEN" in your face warnings, that would make everybody besides myself check for new viruses on their pc while making sure the abort button is not some evil "sell your soul here" button.
I don't reaaaaaally need to get rid of the warning but I wanted to do it right. It seems I used cacert certificates before. They are really nice, but aren't really compatible with anyone who doesn't go to keysigning parties or at least knows what that is. So I took my already working StartCom SSL certificate, that I use for apache and mumble, pointed the config file to it and then screamed and shed tears of blood for the next couple of hours.
Because supplying your own certificate isn't enough. No, you have get the right combination of internmediate certificates, root certificates, your own public one and your private key. And just as a side note: EVERY program does is differently! So went to the internets and looked, which files I had to cat together four courier-imap, but instead of the gaping abyss of result-less google searches I got about 10 different possiblilites, which certificates to cat together. Also, there is the ascii-style .pem format and the .crt format. Or .crt formats. Because some .crts look exactly like .pems and some are binary garbage. And people are just throwing them together in files and one never knows, if the time they did this, a .crt had a .pem format or not.
Oh, did I mention? The order in which you pack these little freaky buggers together make a difference. Sometimes.
So.
What I want to say. To every body who writes config parsers and ssl apis. PLEASE make this easier. make one option for every kind of file. Try to look up intermediate certificates your self, so we don't have to supply them. To the SSL providers: provide these intermediate certificates!
And for all the lost courier-imap - configurating people out there:
TLS_CERTFILE -> make this point to a file that includes your public and private certificate (.pem)
TLS_TRUSTCERTS -> make this point to a file that includes first the intermediate certificate, then the root certificate (if that order make a differnce - I don't know, I don't care anymore)
Well, I mean, I cannot live without ssl. Well I mean, I cannot live without encryption. And SSL is the de-facto standard encryption on the internet.
Since I moved to a new server because the old ones uptime rarely gets beyond 24 hours these days, i had to reconfigure some services. Apache was easy, copy the config, everybody's happy.
Mail wasn't that easy, I wanted to have virtual domains. So I had to bake myself a new little setup from ground up. postfix + courier-imap was working before, so I decided to base it on that.
But when I was testing connectivity I noticed SSL warnings. these typical "your certificate is BROKEN" in your face warnings, that would make everybody besides myself check for new viruses on their pc while making sure the abort button is not some evil "sell your soul here" button.
I don't reaaaaaally need to get rid of the warning but I wanted to do it right. It seems I used cacert certificates before. They are really nice, but aren't really compatible with anyone who doesn't go to keysigning parties or at least knows what that is. So I took my already working StartCom SSL certificate, that I use for apache and mumble, pointed the config file to it and then screamed and shed tears of blood for the next couple of hours.
Because supplying your own certificate isn't enough. No, you have get the right combination of internmediate certificates, root certificates, your own public one and your private key. And just as a side note: EVERY program does is differently! So went to the internets and looked, which files I had to cat together four courier-imap, but instead of the gaping abyss of result-less google searches I got about 10 different possiblilites, which certificates to cat together. Also, there is the ascii-style .pem format and the .crt format. Or .crt formats. Because some .crts look exactly like .pems and some are binary garbage. And people are just throwing them together in files and one never knows, if the time they did this, a .crt had a .pem format or not.
Oh, did I mention? The order in which you pack these little freaky buggers together make a difference. Sometimes.
So.
What I want to say. To every body who writes config parsers and ssl apis. PLEASE make this easier. make one option for every kind of file. Try to look up intermediate certificates your self, so we don't have to supply them. To the SSL providers: provide these intermediate certificates!
And for all the lost courier-imap - configurating people out there:
TLS_CERTFILE -> make this point to a file that includes your public and private certificate (.pem)
TLS_TRUSTCERTS -> make this point to a file that includes first the intermediate certificate, then the root certificate (if that order make a differnce - I don't know, I don't care anymore)
Subscribe to:
Posts (Atom)