tag:blogger.com,1999:blog-57374322024-03-18T20:56:47.288-07:00Ross Campbell IIII work at VetterSoftware.com - posts about stuff that may or may not be related to my workRosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.comBlogger26125tag:blogger.com,1999:blog-5737432.post-49250338934406320802015-03-04T17:41:00.002-08:002015-08-10T10:05:24.152-07:00HOWTO: Test php7 on Ubuntu 14.04 LAMP stackSo, you've heard php7 is going to be fast... you've heard it's not going to be released until late this year... and you'd really like to TEST it out with a test copy of an existing LAMP stack running on Ubuntu 14.04 now versus waiting until November or December or until the release of Ubuntu 16.04?<br />
<br />
Yeah, that's what I was thinking. I figured there would be a ppa and packages, but I didn't find any... UPDATE: August 10th, 2015 - there is a PPA now -- you should try it first. <a href="https://launchpad.net/~ondrej/+archive/ubuntu/php-7.0">https://launchpad.net/~ondrej/+archive/ubuntu/php-7.0</a><br />
<br />
[historical content]... So... with a little help from: <a href="http://www.zimuel.it/install-php-7/">http://www.zimuel.it/install-php-7/</a> , I managed to refine a test process so that it is relatively easy and quick and works with apache.<br />
<br />
Before you start... you may want to look at what has been or quickly will be deprecated in php7 and start getting your code in gear. <span style="background-color: white; color: #222222; font-family: arial, sans-serif, 'Segoe UI Emoji', 'Segoe UI Symbol', Symbola, EmojiSymbols; font-size: x-small;"><a href="https://wiki.php.net/rfc/remove_deprecated_functionality_in_php7">https://wiki.php.net/rfc/remove_deprecated_functionality_in_php7</a></span><br />
<br />
<h4>
GIANT DISCLAIMER:</h4>
<br />
This is a gross hack. You'd be silly to do this on any production server. Do this on a throw-away VM, just for testing. My recipe below OVERWRITES the system php -- because I wanted a quick and dirty hack to keep as many settings the same as possible. If you don't have the ability to clone a vm or build a new test LAMP stack in a few minutes... do not proceed. You shouldn't be reading any further. Here be dragons!<br />
<br />
OK... so you're still with me? You understand this is an EXPERIMENT... good.<br />
<br />
Build a test Ubuntu 14.04 LAMP stack.<br />
I'm *ASSUMING* you have some workload already that you want to test with php7 and that you're running Ubuntu 14.04 and your LAMP stack is already running.<br />
<br />
All we're going to do is:<br />
<ul>
<li>Add missing packages required to build php7 from latest source</li>
<li>Overwrite php5 with php7</li>
<li>Disable php5 in apache</li>
<li>Make existing Apache work with libphp7.so</li>
<li>restart apache and hope it worked</li>
<li>do some testing on our own</li>
</ul>
<br />
<br />
Add build dependencies for php5 -- this is probably a good idea and MAY pull in most if not all of the packages below.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">sudo apt-get build-dep php5</span><br />
<br />
Add missing requisite packages:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">sudo apt-get install build-essential libt1-dev bison libbz2-dev libjpeg62-dev libpng12-dev libfreetype6-dev libgmp3-dev libmcrypt-dev libmysqlclient-dev libpspell-dev librecode-dev apache2-dev git</span><br />
<br />
Symlink the gmp.h file into /usr/include/ so the makefile can find it. I tried explicitly specifying the path in configure and it didn't work, so... unless you know why, just make this symlink<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/include/gmp.h</span><br />
<br />
Check out the latest php source code<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">mkdir $HOME/php7</span><br />
<span style="font-family: Courier New, Courier, monospace;">cd $HOME/php7</span><br />
<span style="font-family: Courier New, Courier, monospace;">git clone https://git.php.net/repository/php-src.git</span><br />
<br />
Change into the source directory and run buildconf<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">cd php-src</span><br />
<span style="font-family: Courier New, Courier, monospace;">./buildconf</span><br />
<br />
Configure php7 source code<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">./configure \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --prefix=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-config-file-path=/etc/php7/apache2 \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-config-file-scan-dir=/etc/php7/apache2/conf.d \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-mbstring \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-zip \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-bcmath \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-pcntl \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-ftp \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-exif \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-calendar \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-sysvmsg \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-sysvsem \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-sysvshm \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-wddx \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-curl \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-mcrypt \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-iconv \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-gmp=/usr/include/x86_64-linux-gnu \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-pspell \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-gd \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-jpeg-dir=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-png-dir=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-zlib-dir=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-xpm-dir=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-freetype-dir=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-gd-native-ttf \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-gd-jis-conv \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-openssl \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-pdo-mysql=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-gettext=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-zlib=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-bz2=/bin \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-recode=/usr \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-mysqli=/usr/bin/mysql_config \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --with-apxs2 \</span><br />
<span style="font-family: Courier New, Courier, monospace;"> --enable-dtrace</span><br />
<br />
NOTE: As of March 4th code, I had to remove the following line from configure above:<br />
<span style="font-family: 'Courier New', Courier, monospace;"> --with-mysql=/usr \</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><br /></span>
<span style="font-family: Times, Times New Roman, serif;">NOTE: As of August 6th, I had to remove the following line from the configure above:</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"> --with-t1lib=/usr \</span><br />
<br />
Build the code - now would be a good time for a cup of coffee.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">make</span><br />
<br />
Might as well run the tests, I got two errors that seemed safe to ignore out of over 10K tests. I chose not to email the dev list.<br />
<br />
** Mar 5th, 2015 - UPDATE - after <a href="https://twitter.com/LGnome/status/573290482349916160">this code update</a> ... there are a lot of failing tests that will need to be removed. #FIXME This update and removal of the mysql code broke my app on March 5th - looks like we're using ext/mysql - time to dig into code and use mysqli <a href="http://www.saotn.org/migrate-php-mysql-mysqli/">http://www.saotn.org/migrate-php-mysql-mysqli/</a><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">make test</span><br />
<br />
Install php7 -AGAIN.... if you type the command below, you're overwriting your php-5.5.9 install and should ubuntu php packages be updated in the future and upgraded, you might be unhappy. We're just trying to do a quick test of php7... remember?<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">make install</span><br />
<br />
Now... In case your app specificially calls out php5 binary as /usr/bin/php5, let's force php apps to use the new php...<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">cd /usr/bin</span><br />
<span style="font-family: Courier New, Courier, monospace;">mv php5 php5.orig</span><br />
<span style="font-family: Courier New, Courier, monospace;">mv phpize5 phpize5.orig</span><br />
<span style="font-family: Courier New, Courier, monospace;">mv php-config5 php-config5.orig</span><br />
<span style="font-family: Courier New, Courier, monospace;">ln -s php php5</span><br />
<span style="font-family: Courier New, Courier, monospace;">ln -s phpize phpize5</span><br />
<span style="font-family: Courier New, Courier, monospace;">ln -s php-config php-config5</span><br />
<br />
We need a php7.conf file. Assuming your LAMP stack already worked with php5, path of least resistance is to copy existing one to new name.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">cp /etc/apache2/mods-enabled/php5.conf /etc/apache2/mods-enabled/php7.conf</span><br />
<br />
Disable php5 in apache - we can't have php5 and php7 enabled - then restart apache<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">a2dismod php5</span><br />
<span style="font-family: Courier New, Courier, monospace;">/etc/init.d/apache2 restart</span><br />
<br />
Create /etc/php7 directory by making a symlink to /etc/php5 - not clear if this is required - I just did it since I'd already hacked up so much of the php install already.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">cd /etc/ && ln -s php5 php7</span><br />
<br />
<h4>
Check to see if this worked..</h4>
<br />
From commandline:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"># php --version</span><br />
<span style="font-family: Courier New, Courier, monospace;">PHP 7.0.0-dev (cli) (built: Mar 4 2015 20:49:17)</span><br />
<span style="font-family: Courier New, Courier, monospace;">Copyright (c) 1997-2015 The PHP Group</span><br />
<span style="font-family: Courier New, Courier, monospace;">Zend Engine v3.0.0-dev, Copyright (c) 1998-2015 Zend Technologies</span><br />
<br />
From Apache webserver:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">tail -200 /var/log/apache2/error.log</span><br />
<span style="font-family: Courier New, Courier, monospace;">[Wed Mar 04 21:28:21.603995 2015] [mpm_prefork:notice] [pid 20692] AH00163: Apache/2.4.7 (Ubuntu) PHP/7.0.0-dev OpenSSL/1.0.1f configured -- resuming normal operations</span><br />
<br />
Success! (or... if not, maybe you need to do some debugging)<br />
<br />
Now what?<br />
<br />
You can do whatever you want. I chose to do an application benchmark, some manual QA testing of my app, and I wrote a blog post.<br />
<br />
* opcache is now working once I updated the --with-config* statements above.<br />
<br />
Just remember - when you're done testing and playing, destroy this test environment before a php package update overwrites everything. This was just for some quick tests, remember?Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-74077276383390727152014-08-01T22:28:00.003-07:002014-08-01T22:28:32.491-07:00Boot an unbootable Ubuntu Linux system with chrootHow to recover an unbootable Linux system. This is mostly documentation for me since I KNOW I will needs this again.<br />
<br />
Situation:<br />
<br />
1) You have a somewhat unique Linux system and your system does not successfully complete the upgrade process,<br />
2) You made some critical updates to system configuration or boot files and now the compuiter won't boot.<br />
<br />
Here's what to do: Materials: 2GB USB stick for boot device. Optional: Reasonably large USB drive for data recovery if needed<br />
<br />
Make a bootable USB stick or DVD of the latest Ubuntu as described <a href="http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-ubuntu">here</a><br />
<br />
Boot your troubled system from an alternate boot device - namely the USB stick. If your computer doesn't support boot from USB and you need a DVD, you can make one and boot from it, but it is significantly slower.<br />
<br />
Choose: 'Try Ubuntu', and you should have a mostly fully functioning Ubuntu system that has already mounted any other block devices visible to the system<br />
<br />
Find mounted devices with: mount |grep dev - find your other boot partition - it's probably something like /dev/sda1 or /dev/sda2.<br />
<br />
Assuming it's /dev/sda2, do this to create a chroot environment with networking out of your problematic partition that won't otherwise boot:<br />
<br />
<pre class="bbcode_code" style="height: 168px;">sudo mount /dev/sda2 /mnt/chroot/
sudo mount -o bind /proc /mnt/chroot/pro1
sudo mount -o bind /dev /mnt/chroot/dev
sudo mount -o bind /dev/pts /mnt/chroot/dev/pts
sudo mount -o bind /sys /mnt/chroot/sys
sudo cp /etc/resolv.conf /mnt/chroot/etc/resolve.conf
sudo chroot /mnt/chroot /bin/bash</pre>
The one modification to this that I had to make in my Ubuntu 13.10 --> 14.04 mess image was that I had to move the /mnt/chroot/etc/resolv.conf manually to another file and then copy over a simple text file for resolv.conf<br />
<br />
Open another terminal window - one for USB booted OS, one for chrooted OS.<br />
In the USB window, enter 'xhost +' to allow displaying GUI apps from the chroot environment running as root.<br />
<br />
Now, in chroot window, edit or fix whatever you know is broken if you just broke it. If you're in the middle of an upgrade, try to continue it.<br />
<br />
sudo apt-get update<br />
sudo apt-get dist-upgrade<br />
<br />
If there are any errors, try 'sudo apt-get dist-upgrade -f'<br />
Watch the updates, and any interactive prompts that come up.<br />
<br />
When it completes, or fails...<br />
<br />
sudo apt-get update <--- again<br />
synaptic & <--- use GUI to resolve as many of the upgrade dependencies as possible<br />
<br />
shut down USB booted OS. Remove USB. Boot system normally. Cross fingers.Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-12688792446778462332014-07-30T11:04:00.000-07:002014-07-30T11:04:39.654-07:00Linux users - Upgrade skype to 4.3 nowI've recently found that skype for Linux versions prior to 4.3 are having problems with chat, and other things that made using skype between my Ubuntu desktop, Macbook, and my iPhone make me scratch my head and wonder what's wrong with linux Skype. It almost felt like something of a skype split brain problem. Anyway... if you use Linux, you probably want to/ need to upgrade to Skype 4.3 or greater and you're going to need to do it manually.<br />
<br />
Background: Linux users have been trained over many years to just be thankful that Skype for Linux EXISTS, that Microsoft didn't kill the port, and that an occasional update for Linux still gets pushed out. Somehow... over time... someone produces proper 3rd party packages with proper dependency tracking and puts them in a repository, and life has been mostly good.<br />
<br />
<br />
I run Ubuntu, and I've gotten used to installing Skype from the partner repository as described here in the official <a href="https://help.ubuntu.com/community/Skype">Ubuntu Skype guide</a>.<br />
<br />
To install the latest version of Skype, I agree with the recommendations <a href="http://ubuntuhandbook.org/index.php/2014/06/skype-4-3-install-in-ubuntu-1404/">here</a>:<br />
<br />
<ol>
<li>If skype is not already installed, install the packaged version of skype from the Canonical partners repository to get proper dependencies installed first</li>
<li>uninstall skype</li>
<li>download and install the new skype from skype.com</li>
</ol>
<br />
The 4.3 version has solved my Skype 'split brain' problems, random weirdness, and issues with Skype chat. Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-43662679750201569452014-07-18T12:51:00.000-07:002014-07-18T14:04:19.450-07:00HOWTO: Enable SSL, notifications, and auto-updates in Phabricator installPhabricator on Ubuntu 14.04 - post-install server configuration: SSL, notifications, auto-update, auto-start<br />
<br />
I searched around for agile development and code review tools and was very pleasantly surprised with <a href="http://phabricator.org/">Phabricator</a>. Used heavily at Facebook, it's got just about everything a development team could want or need.<br />
<br />
I followed <a href="http://99percentcomplete.com/linux/installing-phabricator-ubuntu/">this setup guide</a> to get up and running quickly. Nothing I've added below is particularly complex or difficult. I did deviate from this guide in two areas:<br />
<br />
<ol>
<li>I used Ubuntu 14.04 -- it's solid. No reason to use 12.04 for this.</li>
<li>I did NOT install phpMyAdmin -- It's a nice tool, but it's also one of the most popular attack vectors for internet facing servers. I don't need it, so I follow the rule of occam's razor - "Everything should be as simple as possible - and no simpler"</li>
</ol>
<br />
Follow above guide and you've got a default phabricator instance up and running. Cool, Huh?<br />
<br />
Here's what I think is missing from the above guide:<br />
<br />
<h3>
Enable SSL and force all traffic to SSL</h3>
If you have a wildcard SSL cert... you probably want to use it to protect sites containing your source code. If you don't have an SSL certificate, you might want consider getting one.<br />
<br />
<b>Deploy your ssl certs in the OS instance:</b><br />
<span style="font-family: Courier New, Courier, monospace;">mkdir -p /etc/nginx/ssl</span><br />
copy <span style="font-family: Courier New, Courier, monospace;">yoursite.com.crt</span> and <span style="font-family: Courier New, Courier, monospace;">yoursite.com.key</span> to <span style="font-family: Courier New, Courier, monospace;">/etc/nginx/ssl</span><br />
<br />
<h4>
Update nginx webserver config</h4>
edit <span style="font-family: Courier New, Courier, monospace;">/etc/nginx/sites-enabled/phabricator</span><br />
<br />
<b>Add a section that rewrites port 80 (http) traffic to port 443 (https) at the top:</b><br />
<span style="font-family: Courier New, Courier, monospace;">server {</span><br />
<span style="font-family: Courier New, Courier, monospace;"> root /opt/phabricator/phabricator/webroot;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> location / {</span><br />
<span style="font-family: Courier New, Courier, monospace;"> rewrite ^ https://$http_host$request_uri? permanent;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> }</span><br />
<span style="font-family: Courier New, Courier, monospace;">}</span><br />
<br />
<b>Add or Modify the second, original server secton below to be rules for our new default port 443 server to look like this:</b><br />
<span style="font-family: Courier New, Courier, monospace;">server {</span><br />
<span style="font-family: Courier New, Courier, monospace;"> set $fqdn phabricator.vettersoftware.com;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> set $phabWebRoot /opt/phabricator/phabricator/webroot;</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> listen 443 ssl;</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> server_name $fqdn;</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;"> root $phabWebRoot;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> ssl on;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> ssl_certificate /etc/nginx/ssl/yoursite.com.crt;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> ssl_certificate_key /etc/nginx/ssl/yoursite.com.key;</span><br />
<span style="font-family: Courier New, Courier, monospace;"> ssl_session_timeout 30m;</span><br />
<span style="font-family: Courier New, Courier, monospace;"><br /></span>
<span style="font-family: Courier New, Courier, monospace;">...</span><br />
<div>
<br /></div>
<b>Update the internal phabricator settings for base-uri</b><br />
<br />
<span style="font-family: Courier New, Courier, monospace;">/opt/phabricator/phabricator/bin/config set phabricator.base-uri 'https://phabricator.yoursite.com/'</span><br />
<br />
<b>Restart nginx</b><br />
<span style="font-family: Courier New, Courier, monospace;">service nginx restart</span><br />
<br />
<br />
<h3>
Enable Phabricator's aphlict notifications</h3>
See: https://secure.phabricator.com/book/phabricator/article/notifications/<br />
<br />
<b>Install pre-requestites for aphlict</b><br />
<span style="font-family: Courier New, Courier, monospace;">sudo apt-get install nodejs</span><br />
<br />
<b>Set notification config option</b><br />
<span style="font-family: Courier New, Courier, monospace;">/opt/phabricator/phabricator/bin/config set notification.enabled true</span><br />
<br />
<b>Start notification service</b><br />
<span style="font-family: Courier New, Courier, monospace;">/opt/phabricator/phabricator/bin/aphlict start</span><br />
<br />
<h3>
Start all services on instance boot</h3>
This is not included in the guide I used. It's not complex. I include it here in hopes it helps others who haven't been building UNIX systems for decades.<br />
<br />
edit <span style="font-family: Courier New, Courier, monospace;">/etc/rc.local</span> and add the following lines:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">#start phabricator daemons</span><br />
<span style="font-family: Courier New, Courier, monospace;">/opt/phabricator/phabricator/bin/phd start</span><br />
<span style="font-family: Courier New, Courier, monospace;">#start aphlict notification server</span><br />
<span style="font-family: Courier New, Courier, monospace;">/opt/phabricator/phabricator/bin/aphlict start</span><br />
<br />
<h3>
Automate phabricator upgrades</h3>
Phabricator code gets updated frequently. You want those new features and bug fixes, right? You believe in continuous integration, right? Right!<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">cd /opt/phabricator</span><br />
<span style="font-family: 'Courier New', Courier, monospace;">wget http://www.phabricator.com/rsrc/install/update_phabricator.sh</span><br />
<span style="font-family: Courier New, Courier, monospace;">chmod a+x update_phabricator.sh</span><br />
<br />
<b>edit <span style="font-family: Courier New, Courier, monospace;">/opt/phabricator/update_phabricator.sh</span></b><br />
<br />
change line 14: ROOT=`pwd` to:<br />
<span style="font-family: Courier New, Courier, monospace;">ROOT='/opt/phabricator'</span><br />
<br />
change all references to <span style="font-family: Courier New, Courier, monospace;">/etc/init.d/httpd</span> to <span style="font-family: Courier New, Courier, monospace;">/etc/init.d/nginx</span> since we're using nginx<br />
uncomment the notification server stop and start lines<br />
<br />
Add '--force' option and end of '<span style="font-family: Courier New, Courier, monospace;">$ROOT/phabricator/bin/storage upgrade</span>' line so it looks like this"<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">$ROOT/phabricator/bin/storage upgrade --force</span><br />
<br />
save<br />
<br />
Test the upgrade script.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">./update_phabricator.sh</span><br />
<br />
Add cronjob to run upgrade script weekly.<br />
<br />
<span style="font-family: Courier New, Courier, monospace;">crontab -e</span><br />
<br />
add following lines, season to taste, and save:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"># update phabricator every Saturday at 9:35AM</span><br />
<span style="font-family: Courier New, Courier, monospace;">35 9 * * Sat /opt/phabricator/update_phabricator.sh</span><br />
<br />
<br />
You're done!Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-33650956645668015342014-07-17T16:16:00.000-07:002014-07-17T18:58:13.284-07:00HOWTO: Configure Gitlab 7 Omnibus install on Ubuntu to use SSL<a href="https://about.gitlab.com/">Gitlab</a> is a great tool for managing source code. Gitlab's <a href="https://about.gitlab.com/downloads/">omnibus install</a> on Ubuntu is great too -- an easy install, and a clearly documented, simple upgrade path. I wanted to <a href="https://github.com/gitlabhq/gitlabhq/blob/master/doc/install/installation.md">make gitlab use SSL</a>, but I found the documentation for what I thought was the most common install to be sparse, outdated, and confusing. (Then again, I've found many things about SSL certificates in general to be poorly documented and confusing... maybe it's just me)<br />
<br />
This guide assumes that you have a running gitlab instance on Linux installed via above Gitlab omnibus install. It is also assumed that you already have either a specific SSL certificate for your site (ex: gitlab-foo.yourdomain.com) or wildcard SSL certificates for your site (ex: *.yourdomain.com).<br />
<br />
Below is a summary of what I did to convert my Gitlab instance to use SSL. I hope this is helpful to others:<br />
<br />
My server: Ubuntu 12.04 x64 HVM - running in Amazon Web services on a C3.Large instance. At the time I installed this, there were some issues that prevented me from deploying Ubuntu 14.04, but I expect everything below should work exactly the same for Ubuntu 14.04<br />
<br />
<h3>
Put your ssl certificates on gitlab server</h3>
<span style="font-family: Courier New, Courier, monospace;">mkdir -p /etc/nginx/ssl</span><br />
<br />
put your ssl certificates in this directory as:<br />
<span style="font-family: Courier New, Courier, monospace;">server.crt</span> <-- public key<br />
<span style="font-family: Courier New, Courier, monospace;">server.key</span> <-- private key in .pem format (first line contains something like BEGIN ___ PRIVATE KEY = .pem format)<br />
<br />
<h3>
<b>Edit gitlab.rb template config file</b></h3>
edit <span style="font-family: Courier New, Courier, monospace;">/etc/gitlab/gitlab.rb</span> and add or modify following lines:<br />
<br />
<span style="font-family: Courier New, Courier, monospace;"> external_url 'https://your.domain.com'</span><br />
<span style="font-family: Courier New, Courier, monospace;"> nginx['redirect_http_to_https'] = true</span><br />
<span style="font-family: Courier New, Courier, monospace;"> nginx['ssl_certificate'] = "/etc/nginx/ssl/server.crt"</span><br />
<span style="font-family: Courier New, Courier, monospace;"> nginx['ssl_certificate_key'] = "/etc/nginx/ssl/server.key"</span><br />
<br />
<h3>
Edit gitlab.yml config file</h3>
edit <span style="font-family: Courier New, Courier, monospace;">/var/opt/gitlab/gitlab-rails/etc/gitlab.yml</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;"> port: 443</span><br />
<span style="font-family: Courier New, Courier, monospace;"> https=true</span><br />
<br />
<h3>
Edit gitlab-shell/config.yml</h3>
edit <span style="font-family: Courier New, Courier, monospace;">/var/opt/gitlab/gitlab-shell/config.yml</span><br />
<br />
<span style="font-family: Courier New, Courier, monospace;"> ca_file: /etc/nginx/ssl/server.crt </span><br />
<span style="font-family: Courier New, Courier, monospace;"> ca_path: /etc/nginx/ssl</span><br />
<span style="font-family: Courier New, Courier, monospace;"> gitlab_url: "https://127.0.0.1:8080"</span><br />
<br />
<h3>
Reconfigure with chef and restart</h3>
<span style="font-family: Courier New, Courier, monospace;">sudo gitlab-ctl reconfigure</span><br />
<span style="font-family: Courier New, Courier, monospace;">sudo gitlab-ctl restart</span><br />
<br />
.... and that should do it!Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com4tag:blogger.com,1999:blog-5737432.post-61220890048923405042014-07-17T15:25:00.002-07:002014-07-17T15:25:55.012-07:00Long time, no blog...Hello, there blog. It's been a few years... I have 2 kids now and changed jobs. Maybe I'll start posting more here again.Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-47824394010906937322008-01-26T19:49:00.001-08:002008-01-26T19:49:55.703-08:00Dinner with Jeff & Pearl<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUTtkWRV6t-VD6p6eo49eKayufkDTxzKGu-JPlD2enfPb-ThM6kzKZ9IH98BsoX6DwAzwZjkYd3g8J2-dPX9Ts-SJi7Y8-OsfvD45fB62EuFZVEbBXKLef8w_GH_pk5eq_5H1_/s1600-h/photo-795705.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUTtkWRV6t-VD6p6eo49eKayufkDTxzKGu-JPlD2enfPb-ThM6kzKZ9IH98BsoX6DwAzwZjkYd3g8J2-dPX9Ts-SJi7Y8-OsfvD45fB62EuFZVEbBXKLef8w_GH_pk5eq_5H1_/s320/photo-795705.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5159998599683605394" /></a></p>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-22324866398801482032007-12-08T16:31:00.001-08:002007-12-08T16:31:46.903-08:00General Lee in Burlingame?<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikDiONB3IPkeu2nUzy3XUlUWnE4tnDLYOAXxOLqitYykhkfSL75tB62yVhFbSdl-6z7GQhLpmXWDyrbrsYOKOGjD942fV1i956Pq52yrSHp6-dLPsH8ZVC6pzz_ITtXsHlMF3U/s1600-h/photo-706905.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikDiONB3IPkeu2nUzy3XUlUWnE4tnDLYOAXxOLqitYykhkfSL75tB62yVhFbSdl-6z7GQhLpmXWDyrbrsYOKOGjD942fV1i956Pq52yrSHp6-dLPsH8ZVC6pzz_ITtXsHlMF3U/s320/photo-706905.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5141764367510540450" /></a></p>Yeeeee Haaaw!Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-6031303605099588322007-10-30T18:43:00.001-07:002007-10-30T18:43:52.105-07:00Driving and blogging<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFKDByKtXXYVJ1QrgOTYC8kIHdcJcZcwV_xySKFCg77b5BtSPm4ucvy34C26qevcXAgJFghcVpvGZWhVWqDmoIsy1l0wQbxJoVXLF2VxDSFW4meRhUEmwudoOMknESnrCUef7p/s1600-h/photo-732108.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFKDByKtXXYVJ1QrgOTYC8kIHdcJcZcwV_xySKFCg77b5BtSPm4ucvy34C26qevcXAgJFghcVpvGZWhVWqDmoIsy1l0wQbxJoVXLF2VxDSFW4meRhUEmwudoOMknESnrCUef7p/s320/photo-732108.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5127310623835333362" /></a></p>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-369285347168688042007-10-28T17:03:00.001-07:002007-10-28T17:03:18.723-07:00Sunday afternoon<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiy8Rm27cK9S4AcaB2BtGLtoOWu9lpqk8ASpVkyZ4Wii4tqsC571WF6AT67e9Y-4D-kdFxk1w5dL0V-FVkfNr9nUvab-8monDeeVNesrBmxAQauIuln8WRJWJ0DiVvbo24lN1is/s1600-h/photo-798724.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiy8Rm27cK9S4AcaB2BtGLtoOWu9lpqk8ASpVkyZ4Wii4tqsC571WF6AT67e9Y-4D-kdFxk1w5dL0V-FVkfNr9nUvab-8monDeeVNesrBmxAQauIuln8WRJWJ0DiVvbo24lN1is/s320/photo-798724.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5126542541948887778" /></a></p>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-48965125762018134282007-10-26T20:01:00.000-07:002007-10-26T20:02:01.889-07:00Beer Friday Halloween <p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzUjGI4CfmXNyP8wtI5T9IX4W6jYeKJi7ZJgWl86piDqTafQo6fBmfCwqyuB0KRm_Vo31d8gn6LW8nl2JRsuymkKFRqu5shYlRpokfRRRXoFrgKeN4NKqzQ6u__DbFRG0GbfA9/s1600-h/photo-721890.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzUjGI4CfmXNyP8wtI5T9IX4W6jYeKJi7ZJgWl86piDqTafQo6fBmfCwqyuB0KRm_Vo31d8gn6LW8nl2JRsuymkKFRqu5shYlRpokfRRRXoFrgKeN4NKqzQ6u__DbFRG0GbfA9/s320/photo-721890.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5125846426534453970" /></a></p>Sgt. DawnyaRosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-8170915535078652152007-10-26T18:27:00.000-07:002007-10-26T18:29:23.958-07:00Welcoming committee<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg858QKHYXnFTWhmkOCfM8AKGlvKCtTfBsFsd0v9B0zNrR1_mFKF0ensEGNp6BYxeprTUuyhHo83YrFSyo1JsCnaKPmUe39KW_Wber-RPtGX7KbuwQBRPpTjMGnpsZkNk3DwXZZ/s1600-h/photo-763961.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg858QKHYXnFTWhmkOCfM8AKGlvKCtTfBsFsd0v9B0zNrR1_mFKF0ensEGNp6BYxeprTUuyhHo83YrFSyo1JsCnaKPmUe39KW_Wber-RPtGX7KbuwQBRPpTjMGnpsZkNk3DwXZZ/s320/photo-763961.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5125822555106222786" /></a></p>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-5631937368923413532007-10-17T18:30:00.001-07:002007-10-17T18:30:40.958-07:00Cheers!<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBz5zUm5Xrj4xmizEyiehJhk1sYRUxp6NoID0eLyVP0OSH3ZiE_BmVrxwHOwSJZdvfd2Ih9e9DkVnnBi5Qh10_FcyMzt41bszFONzP8nVk2qzgiMXiqO6v1gNQ9l7OSOWj0wse/s1600-h/photo-740960.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBz5zUm5Xrj4xmizEyiehJhk1sYRUxp6NoID0eLyVP0OSH3ZiE_BmVrxwHOwSJZdvfd2Ih9e9DkVnnBi5Qh10_FcyMzt41bszFONzP8nVk2qzgiMXiqO6v1gNQ9l7OSOWj0wse/s320/photo-740960.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5122483117398750466" /></a></p>Watered down drinks at TGI Fridays with Chris. Good times.Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-54383392336181271832007-10-17T08:35:00.001-07:002007-10-17T08:35:22.698-07:00Pot of gold in my backyard?<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjURVuk9-XeLj9acroSxajWXVTmh1C2OwMIn13tNQpJXPtDb-3CUGzZvPCfteJxbtksAZO2-vJfnWee-VVS_eGWcajF6jVXYgPcwg4dFL0QPqjMtz32EAxdd_7FG_uYMwiyVU_s/s1600-h/photo-722701.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjURVuk9-XeLj9acroSxajWXVTmh1C2OwMIn13tNQpJXPtDb-3CUGzZvPCfteJxbtksAZO2-vJfnWee-VVS_eGWcajF6jVXYgPcwg4dFL0QPqjMtz32EAxdd_7FG_uYMwiyVU_s/s320/photo-722701.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5122329709756871922" /></a></p>Rainbow on Cordilleras Rd. In Emerald Hills. Ginger and Ross are about <br>to get wet...Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-23057079923909446252007-10-14T12:28:00.000-07:002007-10-15T08:28:22.660-07:00Shadow and dog<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDKLETdm1GVXjLbpy6U7rzpgsNaO5tWqbFtjqwh37niAuG2C0iSA4nScTjWdB_msnteo9dn2Qk1MH9M1mXa7ybAERPR6Q5E6zFUX7u54tOTu0BTxXNDPyyYpYm16qeX_ZwdIp3/s1600-h/photo-702666.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDKLETdm1GVXjLbpy6U7rzpgsNaO5tWqbFtjqwh37niAuG2C0iSA4nScTjWdB_msnteo9dn2Qk1MH9M1mXa7ybAERPR6Q5E6zFUX7u54tOTu0BTxXNDPyyYpYm16qeX_ZwdIp3/s320/photo-702666.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5121585735521858786" /></a></p>My shadow taking Ginger for a walk along a trail in Redwood ShoresRosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-17194795822570119282007-10-13T00:18:00.001-07:002007-10-13T06:14:48.524-07:00How to moblog<p class="mobile-photo"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggQx5PcgBZPTAxXFzZp3aaAVNhfeM28McaFoPZwQuRoIgugch7HBjD7pU9x5CGuDGmmL-IfOqluEQXjAySJY9D-9lCGNTjlwoXVWeQzepw1vnfqwe04FFRqOsMHxPpluhL5JZD/s1600-h/photo-706267.jpg"><img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEggQx5PcgBZPTAxXFzZp3aaAVNhfeM28McaFoPZwQuRoIgugch7HBjD7pU9x5CGuDGmmL-IfOqluEQXjAySJY9D-9lCGNTjlwoXVWeQzepw1vnfqwe04FFRqOsMHxPpluhL5JZD/s320/photo-706267.jpg" border="0" alt="" id="BLOGGER_PHOTO_ID_5120717307941599010" /></a></p>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1114234277337365532005-04-22T22:31:00.000-07:002005-04-22T22:31:17.336-07:00<a href='http://photos1.blogger.com/img/61/2018/640/IMG_8779.jpg'><img border='0' style='border:1px solid #000000; margin:2px' src='http://photos1.blogger.com/img/61/2018/320/IMG_8779.jpg'></a><br />Dawnya and a goat that couldn't get enough attention at the Live Desert in Palm Springs <a href='http://www.hello.com/' target='ext'><img src='http://photos1.blogger.com/pbh.gif' alt='Posted by Hello' border='0' style='border:0px;padding:0px;background:transparent;' align='absmiddle'></a>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1097569702032909092004-10-12T01:28:00.000-07:002004-10-12T01:28:22.033-07:00<a href='http://photos1.blogger.com/img/61/2018/640/IMG_7984.jpg'><img border='0' style='border:1px solid #000000; margin:2px' src='http://photos1.blogger.com/img/61/2018/320/IMG_7984.jpg'></a><br />Peter and Juliette Alau <a href='http://www.hello.com/' target='ext'><img src='http://photos1.blogger.com/pbh.gif' alt='Posted by Hello' border='0' style='border:0px;padding:0px;background:transparent;' align='absmiddle'></a>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1097569314730307412004-10-12T01:21:00.000-07:002004-10-12T01:21:54.730-07:00<a href='http://photos1.blogger.com/img/61/2018/640/IMG_7922.jpg'><img border='0' style='border:1px solid #000000; margin:2px' src='http://photos1.blogger.com/img/61/2018/320/IMG_7922.jpg'></a><br />Here I am in Hawaii with a praying mantis in my hair after it just walked up my face. <a href='http://www.hello.com/' target='ext'><img src='http://photos1.blogger.com/pbh.gif' alt='Posted by Hello' border='0' style='border:0px;padding:0px;background:transparent;' align='absmiddle'></a>Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1083084338657919622004-04-27T09:42:00.000-07:002008-01-18T17:31:56.392-08:00Dawnya's headed off to Thailand in 40 hours!My <a href="http://dawnya.shorturl.com">wife</a> is just about to start her amazing trip to Thailand! I helped her set up her own <a href="http://dawnya.blogspot.com">blog</a> which she's free to use or not use, but at least this gives her a way to communicate with everyone back home, and a way to capture what's going on while she travels. I'm so jealous -- I want my 2 hour massages.Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1081282052028575042004-04-06T13:07:00.000-07:002008-01-18T17:31:56.397-08:00Sustainable CommunitiesGreat <a href="http://solutions.synearth.net/2004/04/05">article</a> on man living within nature, not conquering it. I don't want my children to 'live an existence disconnected with nature'.
<br />Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1064337517860872882003-09-23T10:18:00.000-07:002008-01-18T17:31:56.403-08:00Underwater Digital camera part two<a href="http://store.yahoo.com/discountsonline/olczo50meefd.html">Olympus C-5050 Zoom 5.0 Megapixel Effective Digital Camera</a>
<br />
<br />Dawnya found this...
<br />
<br />http://www.ikelite.com/web_pages/olymp_c50.html
<br />http://www.ikelite.com/web_pages/oly_5050.html
<br />Here is the ikelite housing info
<br />camera info on c-5050
<br />http://store.yahoo.com/discountsonline/olczo50meefd.html
<br />camera info on c-50
<br />http://store.yahoo.com/discountsonline/olczo50meuld.html
<br />Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1063303682644469172003-09-11T11:08:00.000-07:002008-01-18T17:31:56.408-08:00Underwater Cameras and housingsHere's a <a href="http://www.adorama.com/catalog.tpl?op=details&sid=10630721517294322&sku=IK394444">strobe arm</a> for a <a href="http://www.adorama.com/refby.tpl?refby=brate&sku=IK613150">housing</a> for the Olympus 5050 - looks reasonably priced and full of features...Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1063228271626411452003-09-10T14:11:00.000-07:002008-01-18T17:31:56.414-08:00<a href="http://wedding10.weddingchannel.com/pwp/gui/pwp.asp?pwp_view=0&wauid=201973678">Your Wedding Website</a> - I'm getting married!Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0tag:blogger.com,1999:blog-5737432.post-1063138151090400572003-09-09T13:09:00.000-07:002008-01-18T17:31:56.419-08:00What is the right blog tool? I've been doing some research recently to determine what tool I want to invest time and energy into. Up until the google toolbar popped up an orange box with a "b" in the middle, I was nearly certain that I would use something based on MovableType for blogging.
<br />
<br />Now, I'm not sure. The one thing I am sure about is that content creation should be quick and easy. I want to be able to send email from anywhere and have it imported into my blog. I also want an online photo gallery, and I want to dink around in the ugly html formatting when I get really bored.
<br />
<br />For now, I really don't have time to investigate this much, as wedding plans are taking my free cycles, but I have been able to verify that moving blog databases around is feasable, so any brilliant content that I may generate will be able to follow me around which is ultimately the important part.
<br />
<br />user's data should be just like their address book and pda - upgrading or switching a PDA imports all of your entries. Did I mention that I'm crazy about my new PDA? Tungsten|T2...Rosshttp://www.blogger.com/profile/14174108577993495622noreply@blogger.com0