iix-notes

Alternatives for external storage

I’ve been looking to buy some kind of external storage for a while now, and this page is pretty much my scratch-page for collecting data. Requirements: Hardware (requirements) Space for 4-6 3.5" HDDs Quiet enough to be unnoticeable from a few meters away Should be around the same size as the hard drives put together (with some space in between of course) Gigabit ethernet Hardware (nice to have) Possibility of mounting 2....

Backup docker postgresql data with crontab

# m h dom mon dow command # SQL Backup (daily) 15 1 * * * docker exec -t iixnotes_database_1 pg_dumpall -U postgres | gzip > /media/stor/backup/iix-notes.daily.psql.gz # SQL Backup (weekly) 15 1 * * 0 docker exec -t iixnotes_database_1 pg_dumpall -U postgres | gzip > /media/stor/backup/iix-notes.weekly.psql.gz # SQL Backup (monthly) 15 1 1 * * docker exec -t iixnotes_database_1 pg_dumpall -U postgres | gzip > /media/stor/backup/iix-notes.monthly.psql.gz

Nginx: HTTP redirect to HTTPS

server { listen *:80; server_name _; return 301 https://$host$request_uri; }

Nginx: HTTPS proxy pass to HTTP @ localhost

server { listen *:443; server_name iix.se; ssl on; ssl_certificate /etc/letsencrypt/live/iix.se/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/iix.se/privkey.pem; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://127.0.0.1; proxy_read_timeout 90; } }

Systemd: docker-compose system configuration

Description=iix-notes @ iix.se docker Requires=docker.service After=docker.service [Service] WorkingDirectory=/srv/iix-notes ExecStart=/usr/local/bin/docker-compose up ExecStop=/usr/local/bin/docker-compose down [Install] WantedBy=multi-user.target

Systemd: Creating a generic non-forking service

# /etc/systemd/system/spark-backend.service Description=iix.se java spark backend After=network.target [Service] WorkingDirectory=/srv/spark-backend User=www-data Group=www-data ExecStart=/srv/spark-backend/bin/spark-backend [Install] WantedBy=multi-user.target

Let's encrypt crontab with nginx service

Crontab for renewal # m h dom mon dow command 15 3 * * * certbot renew --quiet --no-self-upgrade --pre-hook "systemctl stop nginx.service" --post-hook "systemctl start nginx.service" Docker alternative Note that if you run certbot in docker, you cannot use the –pre-hook and –post-hook as the other services cannot be changed through the docker container. Instead, you should create a script file, where you run the –pre-hook before the command and –post-hook afterwards...

Nginx: connect() failed while connecting to upstream

Spam in error.log: 2017/05/07 16:51:50 [error] 30504#0: *7089 connect() failed (111: Connection refused) while connecting to upstream, client: 169.54.244.93, server: iix.se, request: "GET / HTTP/1.1", upstream: "http://[::1]:8001/", host: "phoenix.iix.se" In your nginx configuration, replace hostnames with ip-addresses

Rolling up sequence numbers

Find sequences: \c database_name \ds For each, run: SELECT setval('your_table_id_seq', (SELECT MAX(id) FROM your_table));

Simple reverse proxy with socat

Open local port 5901 to be reached from anyone by connecting to localhost:8080 socat TCP4-LISTEN:8080,fork TCP4:localhost:5901