Sysadmin

How to redirect a URL fragment – hashtag in the URL

If you have address similar to http://host/#/blah, only ‘host’ is sent to the webserver – #/blah is only handled in the browser. This is called a fragment identifier.

You can get around it by adding javascript to the page(s) you want to redirect as follows, changing up the catch-all for specifics:

var redirectFragment = window.location.hash.replace(/^#/,”);
if ( ” !== redirectFragment ) {
window.location = ‘http://www.google.com’;
}

iPhone

iOS 10(.1) Yalu B3 Jailbreak Workarounds

Semi-Tethered Reboot Steps

  1. Hard reboot (vol down + power) or any reboot event happens
  2. Relaunch mach_portal
  3. Cydia should work again now!

No LTE/Mobile Data

  1. Ensure that mTerminal is installed
  2. su <enter> your password (default is alpine)
  3. Type following commands:
    1. chmod 777 /var
    2. chmod 777 /var/mobile
    3. chmod 777 /var/mobile/Library
    4. chmod 777 /var/mobile/Library/Preferences
  4. Reboot and then perform Semi-Tethered Reboot Steps again to activate jailbreak.

Installing TetherMe

Cydia tries to restart SpringBoard and will crash. It’s a known bug with Substrate and this version of iOS/Yalu jailbreak

  1. Install TetherMe via Cydia (this will require a SpringBoard reboot)
  2. Since the Cydia SpringBoard reboot isn’t working with this jailbreak, restart springboard the following way:
    1. Launch mTerminal (install via Cydia if needed)
    2. su <enter> your password (default is alpine)
    3. killall SpringBoard (this will cause a reboot)
    4. Run through the Semi-Tethered Reboot steps above to activate jailbreak again. Remember that you MUST do this EVERY time you crash or reboot.
  3. You will need to TEMPORARILY activate substrate to use TetherMe
    1. su <enter> your password (default is alpine)
    2. /etc/rc.d/substrate
    3. Close terminal
  4. Reinstall TetherMe via Cydia but DO NOT RESTART SPRINGBOARD, EXIT OUT OF CYDIA
  5. In Settings, you should see TetherMe in your list and will be able to enable Personal Hotspot now.
  6. You’ll likely have to do this every time you hard reboot. It sucks, but it works..

Screen Shot 2017-03-09 at 6.18.22 AM

 

Linux

Terminator Keyboard Shortcuts

Shortcuts:
Ctrl-Shift-E: will split the view vertically.

Ctrl-Shift-O: will split the view horizontally.

Ctrl-Shift-P: will focus be active on the previous view.

Ctrl-Shift-N: will focus be active on the next view.

Ctrl-Shift-W: will close the view where the focus is on.

Ctrl-Shift-Q: will exit terminator.

Update:
Ctrl-Shift-X: will focus active window and  enlarge it

Sysadmin

MySQL Query Table Sizes

Return a table with the table sizes in descending order of the selected database. Run this from mysql console. It will let you compare actual table size versus disk size (before you optimize table to reclaim space).

SELECT 
     table_schema as `Database`, 
     table_name AS `Table`, 
     round(((data_length + index_length) / 1024 / 1024), 2) `Size in MB` 
FROM information_schema.TABLES 
ORDER BY (data_length + index_length) DESC;
Linux, Storage

GlusterFS Fuse Hanging on CentOS 7

Having strange GlusterFS hanging when using the native FUSE client on CentOS? This was a bit of a bitch, actually. It was hard to reproduce. Eventually, the only semi-regular way to repro it was to create lots of small files from multiple servers at the same time.

The Behavior

It would still be mounted but hang. The only indication of things being a problem would be a console hang when trying to df or use the filesystem.

The kern.log also shows that there’s long waits waiting for either the application running on top, or the fuse client itself.

Note: I was actually able to make the NFS client hang, but we don’t want to use the NFS client due to losing the graceful failover features etc. Performance has been reported to be an issue with the fuse client, but I was able to tune this pretty well. I don’t want to go into that here.

The Solution

The base CentOS 7 kernel is pretty old. I mean, it’s still updated, but it’s still 3.10.0-327.10.1 as of June 2016. Instead of compiling our own kernel, I grabbed the RPMs from Elrepo (http://elrepo.org/tiki/tiki-index.php).

Installed this, after many days of troubleshooting, testing, and tuning, this solved the issue. No more lock-ups or fop STAT / LOCK issues.

I didn’t want to go main-line 4.6 kernel, so I opted for the 4.5.4-1 stable kernel. You should also be aware these are VMs running under VMware.

Here’s a quick hacked together Ansible playbook to handle the upgrade and verification for you via yum.

Versions

  • Glusterfs Server – 3.7.11-1 (April 18 2016)
  • Glusterfs Fuse Client – 3.7.11-1
  • Old kernel 3.1.0-327.10.1.el7
  • New kernel 4.5.4-1.el7.elrepo

– hosts: all
sudo: true
vars:
kernel_version: “4.5.4-1.el7.elrepo”

tasks:
– name: Read Kernel Version
command: ‘uname -r’
register: result

– name: Has kernel upgrade already completed
fail: msg=”Kernel version already {{ kernel_version }}”
when: “‘{{ kernel_version }}’ in result.stdout”

– name: Uninstall Existing Kernel Packages
yum: pkg={{item}} state=absent disable_gpg_check=yes
with_items:
– kernel-headers
– kernel-tools
– kernel-tools-libs

– name: Install Existing Kernel Packages
yum: pkg={{item}} update_cache=yes state=installed disable_gpg_check=yes
with_items:
– kernel-ml-{{ kernel_version }}
– kernel-ml-devel-{{ kernel_version }}
– kernel-ml-headers-{{ kernel_version }}
– kernel-ml-tools-{{ kernel_version }}
– kernel-ml-tools-libs-{{ kernel_version }}
– kernel-ml-tools-libs-devel-{{ kernel_version }}

– name: Set Boot Time Option for Kernel
command: “grub2-set-default 0”

– name: Change grub2 configs
command: “grub2-mkconfig -o /boot/grub2/grub.cfg”

– name: Read Kernel Version
command: ‘uname -r’
register: result
ignore_errors: True

– name: Print Kernel Version
debug: var=result.stdout_lines

– name: Restart server
sudo: true
command: “{{ item }}”
async: 0
poll: 0
with_items:
– “shutdown -r +1″
ignore_errors: true

– name: Wait for server to reboot
wait_for: >
host={{ inventory_hostname }}
port=20848
state=started
delay=90
timeout={{ 5 * 60 }}
delegate_to: localhost

– name: Read Kernel Version
command: ‘uname -r’
register: result
ignore_errors: True

– name: Print Kernel Version
debug: var=result.stdout_lines

– name: Did kernel upgrade fail
fail: msg=”Kernel does not match {{ kernel_version }} actual kernel is result.stdout”
when: “‘{{ kernel_version }}’ not in result.stdout”

Linux, Sysadmin

SIMPLFIED: Your own mail server (Postfix, Dovecot, SpamAssasin, ClamAV, Roundcube, SSL, Admin Panel)

The Stack

I was about to do the usual dance of setting up a mail system comprising of:

  • Postfix (outbound)
  • Dovecot (inbound – pop and imap)
  • MySQL (MariaDB for mailboxes etc.)
  • SpamAssassin (anti-spam)
  • ClamAV (anti-virus)
  • Roundcube (webmail)
  • Nginx (for the webmail)
  • SSL keys for everything
  • DNS – DKIM/SPF/etc
  • Fail2ban
  • IPTables firewall additions

It’s pretty intense setting all this up, so it’s recommended that you build using a configuration management tool like Ansible.

I took a look to see if there was a more modern way to do all this..

Enter iRedmail

iRedmail is an open source package that installs/configures all of the above and an administration panel iRedAdmin! The panel allows for user and domain administration but the pro version is what handles aliases and so on. It’s very expensive an unnecessary. You can make the same changes via the DB with one liners. If you have a server like Jenkins, you could easily push-button automate this. If/when I do, I’ll update this post.

You still need to add all the DNS entries (SPF, DKIM, etc) and sort out your SSL certs, plus integration with a smarthost (like Sendgrid).

Go here: http://www.iredmail.org/ and follow the instructions for your OS. It’s really *that* easy. It will even install the database server for you. 🙂

Add SendGrid (or another smart host / relay service) support

Postfix: /etc/postfix/main.cf

However, the local AV instance expects an unencrypted connection, so you need to account for this. Remember to restart the service after the config change with (debian/ubuntu) /etc/init.d/postfix restart.

# Sendgrid smarthost
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = static:USERNAME:PASSWORD
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = encrypt
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587

Postfix: /etc/postfix/master.cf

Amavisd integration.
smtp-amavis unix – – – – 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
-o smtp_tls_security_level=none

127.0.0.1:10025 inet n – – – – smtpd
-o content_filter=
-o mynetworks_style=host
-o mynetworks=127.0.0.0/8
-o local_recipient_maps=
-o relay_recipient_maps=

< snip >