by ·1 Comment

TL;DR

  1. curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > ~/getssl ; chmod 700 ~/getssl
  2. ~/getssl -c site.com
  3. openssl genrsa 4096 > ~/.getssl/account.key
  4. openssl dhparam -out ~/.getssl/dhparam.pem 4096
  5. echo "CA=\"https://acme-v02.api.letsencrypt.org/directory\"
    ACCOUNT_EMAIL=\"your@email.com\"
    ACCOUNT_KEY_LENGTH=4096
    ACCOUNT_KEY=\"/root/.getssl/account.key\"
    PRIVATE_KEY_ALG="rsa"
    ACL=('/var/www/site.com/.well-known/acme-challenge')
    RELOAD_CMD=\"service apache2 restart\"
    " > ~/.getssl/site.com/getssl.cfg
  6. Apache configuration:

    SSLEngine on

    SSLCertificateFile /root/.getssl/site.com/site.com.crt
    SSLCertificateKeyFile /root/.getssl/site.com/site.com.key
    SSLCertificateChainFile /root/.getssl/site.com/chain.crt

    SSLOpenSSLConfCmd DHParameters “/root/.getssl/dhparam.pem”

    header set Strict-Transport-Security “max-age=31536000;”
    header set Content-Security-Policy-Report-Only “default-src https:; script-src https: ‘unsafe-eval’ ‘unsafe-inline’; style-src https: ‘unsafe-inline’; img-src https: data:; font-src https: data:; report-uri /csp-report”

  7. -OR- NGINX configuration:

    ssl on;

    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
    ssl_session_cache shared:SSL:50m;
    ssl_prefer_server_ciphers on;

    ssl_dhparam /root/.getssl/dhparam.pem;

    ssl_certificate /root/.getssl/site.com/chain.crt;
    ssl_certificate_key /root/.getssl/site.com/site.com.key;

    add_header Strict-Transport-Security “max-age=31536000;”;
    add_header Content-Security-Policy-Report-Only “default-src https:; script-src https: ‘unsafe-eval’ ‘unsafe-inline’; style-src https: ‘unsafe-inline’; img-src https: data:; font-src https: data:; report-uri /csp-report”;

  8. ~/getssl site.com

In cron (crontab -e) (Why?):
23 5 * * * /root/getssl -u -a -q
Continue reading

Share Button

by ·1 Comment

Files

git add . — adds everything to index
git commit -am "Comment" — makes commit of all changes with specific comment. (New files are NOT auto added!)
git checkout -- path/to/file — undoes uncommitted changes to specific file
git checkout -- . — same as above for full repository
git diff-tree --no-commit-id --name-only -r abcdef — lists names of files for a specific commit
git log -p filename — lists changes history for specific filename (provide . filename to see changes for whole project)
git diff — lists unstaged changes
git diff --cached — lists staged changes
git reset path/to/file — removes file from “Changes to be committed”
git clean -f — removes all unstaged files
git checkout changes -- /php/code.php — retrieves /php/code.php file from changes branch

Branches

git checkout -b new-branch — creates new branch with name “new-branch” and switches to it
git merge master — merges into current branch from branch with name “master”. Optional --no-commit can be passed in order not to commit after merge (In case you need some more changes for example)
git log new-branch..master — lists all commits on branch “master” which are not in branch “new-branch”
git branch -d branch-name — deletes branch

Remotes

git remote add another git@localhost:/git/repo.git — creates new another remote
git remote rm origin — removes origin remote
git remote rename origin new-origin — renames origin remote to new-origin
git remote set-url origin git@localhost:/git/repo.git — changes url associated with origin remote

Stashes

git stash list — list all stashes
git stash — stashes uncommitted changes
git stash save "Stash message" — stashes uncommitted changes with specific message
git stash save --keep-index "Stash not indexed" — same as above, but will only stash not added to index changes (Changes not staged for commit)
git stash pop — applies stashed changes (And removes stash state from stash list)
git stash apply — same as above, but doesn’t remove stash state from stash list
git stash clear — clear all stash states from stash list
git stash drop stash@\{0\} — deletes stash with stash@{0} name (From git stash list). Don’t forget to escape curly brackets!
git stash show -p stash@\{0\} — describes stash changes (Output similar to git diff)

Config

git config --list — list all config values
git config config-key value — sets “value” as value for config key “config-key”
git config --unset config-key — deletes config key “config-key” and its value
git --edit — edit config as text document
--global option can be used for all config commands in order to access global config (Not current repository only)

Share Button

by ·0 Comments

Users & groups

cat /etc/passwd – list system users
cat /etc/group – list system user groups
useradd user – create new user
passwd user – edit user password (Skip username to edit your own password)
usermod -g group user – changes user’s primary group
usermod -a -G group user – add existing user to secondary group

Archives

tar -zcf archive.tar.gz dir1/ dir2/subdir file.txt – create new archive with name archive.tar.gz, include dir1/, dir2/subdir, file.txt directories & files
tar -xf archive.tar.gz -C extract/to/dir – extract files from archive.tar.gz to extract/to/dir (Omit destination path & -C option to extract to same directory)

zip

zip -r archive.zip dir1/ dir/subdir file.txt – create new archive with name archive.zip, include dir1/, dir2/subdir, file.txt directories & files
unzip archive.zip -d extract/to/dir – extract files from archive.zip to extract/to/dir (Omit destination path & -d option to extract to same directory)

Software

dpkg --list | grep php – list installed packages, optionally filter by name with grep
apt-cache search kde – search for packages available to install
apt-get install firefox – install package
apt-get remove --purge skype – uninstall package and all of its configuration files (To retain configuration files, skip --purge option)
apt-get autoremove – remove all orphaned, not used packages (Packages, which were used as components for other packages, now all removed)

Hardware

lsblk – list all devices (Including CD-Roms, USB flashes etc.) and mount points (If mounted)
mount /dev/sdb /mnt – mounts /dev/sdb/ device to /mnt path (Path must exist)
umount /dev/sdb – unmounts device

Processes

ps aux | grep nginx – list all running processes, optionally filter by name (Process name, command will be filtered) with grep
kill 123 – kill process with PID 123 (PID can be retrieved with ps aux)
pkill nginx – kill process by name

Mysql

mysqldump --host=localhost --user=db_user --password=db_password db_name | gzip > db.sql.gz – creates dump of db_name database, logging in with provided credentials and gzips it to db.sql.gz file
zcat db.sql.gz | mysql --host=localhost --user=db_user --password=db_password db_name – imports gzipped database dump to db_name database

Share Button

by ·8 Comments

Написал небольшой класс для работы с API сервиса allpositions.ru.

Пример использования

Для работы необходим XMLRPC клиент с https://github.com/gggeek/phpxmlrpc (Прямая ссылка на xmlrpc.inc)

get_project($projectID);


if ($project === null) {//При ошибке любая функция возвращает null
    echo 'API error occured: ' . $api->lastError();//Возвращает последнее сообщение ошибки
} else {
    echo 'Project name: "' . $project['name'] . '"';
}

Описание функций и возвращаемых значений можно найти на странице справки API http://allpositions.ru/help/api/

Для подключения через Composer, добавьте в require:
"xf3/allpositionsru": "dev-master"

Проект на github

Скачать .zip архив

Share Button

by ·0 Comments

Very common situation when you have some long-running Php script that exceeds Php’s max_execution_time directive. The easiest way to overcome this limit is to increase it’s value:

In your .php script file:



Or in php.ini file:


max_execution_time=300;300 seconds


Note that in later example this limit will be used for EVERY script.


But the problem is that not always you have access to php.ini file (E.g. when using shared hosting) or overwriting of max_execution_time is not allowed for scripts.


In this case, possible solution is to divide script execution into parts limited by time execution (Like you can limit query results in MySql with help of LIMIT 20, 30 or similar).


I wrote a small class which makes code division a very simple thing.

Continue reading 


Share Button