Stuff I'm Up To

Technical Ramblings

Building a Debian Development Server — July 13, 2018

Building a Debian Development Server

When I setup a development system there are a few steps I follow to get everything working together.

The aim is to get everything installed to provide php and composer, node, nginx, mysql and Laravel as a base to build on.

Install Debian

I take the latest amd64 version using a network installable iso. This way if I use an older 9.1, 9.2, 9.3 version iso, being a netinst version I’ll end up with the latest in that series as it downloads from the net.

Mostly making a 50GB disk is more than enough, as it’s thin provisioned on a virtual, space isn’t really a concern. When it comes to partitioning I’ve learned to take the easy option and create one partition to mount all filesystems into it.

Capture1

As it’s a development platform I never install a desktop environment. I never need to use any GUI programs on the server. The only options I choose to install are the standard system utilities and the ssh server.

Capture2

Out of personal preference, once up and running I install sudo, zsh, curl and git.

# apt-get install sudo zsh curl git

Then I add my non-root user to the sudo group so I can stop using root and use my regular user account to ssh onto the dev server..

# usermod -aG sudo [user]

Setup OhMyZsh

I like using zsh and the OhMyZsh which is why I installed curl and git. So logon as your non-root user.

$ sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

Then I edit the ~/.zshrc file and change the theme to “bureau”.

Install PHP

Because we don’t want Apache2 installed you need to install php-fpm which won’t force an install of Apache.

$ sudo apt-get install php-fpm

It will include a load of other php components you need, but no Apache, so you can then choose to move on to Nginx or some other php service.

Add the Laravel php requirements

$ sudo apt-get install php-mbstring php-zip php-xml libpng-dev make gcc g++

The additional module libpng-dev is required for Laravel to build using NodeJS npm. Without libpng-dev, make, gcc and g++, under your Laravel project folder the call to $ npm i fails with errors like:

> pngquant-bin@4.0.0 postinstall /home/user/myproject/node_modules/pngquant-bin
> node lib/install.js
⚠ The `/home/user/myproject/node_modules/pngquant-bin/vendor/pngquant` binary doesn't seem to work correctly
⚠ pngquant pre-build test failed
ℹ compiling from source
✔ pngquant pre-build test passed successfully
✖ Error: pngquant failed to build, make sure that libpng-dev is installed
at Promise.all.then.arr (/home/user/myproject/node_modules/pngquant-bin/node_modules/bin-build/node_modules/execa/index.js:231:11)
at <anonymous>
at process._tickCallback (internal/process/next_tick.js:188:7)

Install MySQL

As you’ll need a database you’ll want to install MySQL. These days MySQL is installed from the MySQL site by downloading a .deb file which add the Oracle repositories. The version of MySQL in the Debian repositories is MariaDB, a fork of MySQL.

If you go for the Oracle version  you’ll probably need to ensure you use legacy authentication for now.

Include the php drivers as we install the server:

$ sudo apt-get install mysql-server php-mysql

To manage MariaDB using mysql you need to use sudo:

$ sudo mysql -u root
...
MariaDB [(none)]>

Install Composer

Go to your home folder and use the command line install from here: https://getcomposer.org/download/

You’ll end up with a file composer.phar. This is ok if you’re the only one going to use it but I like to put it in /usr/bin as just composer so it is available for everyone.

$ sudo cp ~/composer.phar /usr/bin/composer
$ sudo chmod 755 /usr/bin/composer

Install NodeJS

Install it using a package manager following the steps for Debian

https://nodejs.org/en/download/package-manager/

$ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -
$ sudo apt-get install -y nodejs

Then the first thing I do is update npm.

$ sudo npm i npm -g

Install Samba

Because not all development takes place on a Linux host this will allow us access to shares for Windows clients.

$ sudo install samba

Edit /etc/samba/smb.conf and make some simple changes.

workgroup=[NETBIOS DOMAIN NAME]

Then find [homes] and in that section change:

read only = no
create mask = 640
directory mask = 750

Create a password entry for your non-root user:

$ sudo smbpasswd -a [user]

Then restart Samba

$ sudo systemctl restart smbd

Then when you browse to the server from windows you should see and have access to your home folder eg. \\192.168.0.200\user

Installing Laravel

I prefer to install Laravel as a project using the Create Project method:

$ composer create-project --prefer-dist laravel/laravel [myproject]

This downloads all of the PHP composer prerequisites and delivers the project.

Once the project is created you can go into the folder [myproject] and check you can compile the assets using Node.

$ cd myproject
$ npm i

This will install all of the NodeJS prerequisites used for building/compiling your assets using the Laravel asset management tools – currently Laravel Mix (Based on Webpack). So with the Node modules installed you should be able to run prod and dev builds:

$ npm run dev
$ npm run prod

These should complete successfully.

You can then run Laravel’s built in development server to serve your project:

$ php artisan serve

But in reality this will fire up a pretty useless server listening on the IP address 127.0.0.1 on port 8000. So it’s only accessible from the development server.

As we’re going to need to access it from our client development machine we need to serve on the actual IP of the server. The easiest way of doing this is to serve it on every IPv4 interface on the server (you probably only have one, so it shouldn’t matter). To do this use:

$ php artisan serve --host=0.0.0.0

and if you want to specify the port you can use:

$ php artisan serve --host=0.0.0.0 --port=8001

Now you can access it from any client pointing your browser at http://192.168.0.200:8001 and begin exploring your Laravel project.

More Laravel

Of course serving a version of your project like this isn’t the only way to go. You should continue into dynamically building your assets using npm run watch and maybe even using tools like browserify to make changes happen at the browser end so you’re not building and refreshing all the time.

I also like to move away from a development web server and setup Nginx to handle serving my Laravel Project.

Further Reading

https://warlord0blog.wordpress.com/2017/03/01/ssh-logon-with-private-key/

https://warlord0blog.wordpress.com/2018/05/16/debian-stretch-ntp-time-sync/

https://warlord0blog.wordpress.com/2017/12/12/php7-0-microsoft-sql-driver-debian-stretch/

https://warlord0blog.wordpress.com/2017/03/01/installing-updating-webmin/

 

 

Advertisements
Project scoRPIon – Wake-on-WiFi — July 8, 2018

Project scoRPIon – Wake-on-WiFi

A friend setup his home systems to turn on his PC using Amazon Alexa and tasker to trigger a Raspberry Pi to operate a relay and effectively activate the power button.

What a wonderful idea!

I have a host of Raspberry Pi’s, but instead of Alexa I have chosen the Google Home (Assistant) for my voice control.

My PC is located upstairs from my router and connects using 802.11ac WiFi. Being WiFi that rules out using Wake-on-LAN, which I used to do. So using a RPI to trigger a relay is genius.

Continue reading

Node.js v8 on Raspberry Pi Zero — June 27, 2018

Node.js v8 on Raspberry Pi Zero

With Raspbian on my Zero I only get Node v4 in the repository. So How do I get a newer version of Node.js?

If I follow the standard Node instruction for installing from a repository I get:

$ curl -sL https://deb.nodesource.com/setup_8.x | sudo -E bash -

## Installing the NodeSource Node.js 8.x LTS Carbon repo...

## You appear to be running on ARMv6 hardware. Unfortunately this is not currently supported by the NodeSource Linux distributions. Please use the 'linux-armv6l' binary tarballs available directly from nodejs.org for Node.js 4 and later.

So it looks like I must download the tar.xz file.

Continue reading

Raspberry Pi Wifi at boot — June 26, 2018
Extreme – MLAG and VRRP — June 21, 2018
Nuclide — June 10, 2018
Emmet.io — June 7, 2018

Emmet.io

Why is it I only find stuff that would have been really useful, after it would have been really useful?

I’ve written plenty of html using handcrafted text. Started using atom to help with auto-completion and beautify. Then I run into Emmet.

Atom has this great plugin, and it’s available for many other editors, that makes html coding an absolute breeze. Many times I find myself creating html template sections repetitively repeating lines for navs, closing tags adding classes etc. Emmet can easily handle the repetitive html structure by tying in what would almost be the CSS shortcut of the structure and expanding it.

Once the plugin is installed into atom you can interactively enter a shortcut using ctrl+alt+enter which will bring up the interactive editor – probably the easiest starting point. Then type in the short cut in the CSS selector style eg.

#app-navbar.collapse.navbar-collapse>ul.navbar-nav.mr-auto>li.nav-item.dropdown*3>a.nav-link.dropdown-toggle>div.dropdown-menu>a.dropdown-item*5

And watch this magically create the beginnings of a Bootstrap nav menu with 3 drop down menus with 5 items on each menu – from one line of understandable code.

Very, very cool. Will take me some getting used to but should speed up the creation of large repetitive structures no end.

I’m already pretty excited about using it for Vue.js components too!

Find more details here: https://emmet.io/

Composer Require Specific Branch — June 4, 2018

Composer Require Specific Branch

I’m trying to test out a version of a SAML project that doesn’t include the now defunct php extension for mcrypt. Using composer require kept on grabbing the master branch, when I actually wanted the “remove_mcrypt” branch.

I found that using composer with the branch like this failed:

$ composer require "aacotroneo/laravel-saml2":"remove_mcrypt"

[UnexpectedValueException]
Could not parse version constraint remove_mcrypt: Invalid version string “remove_mcrypt”

Thanks to a stackoverflow post: https://stackoverflow.com/questions/33525885/composer-require-branch-name I was able to resolve it by correctly prefixing the branch with “dev-

$ composer require "aacotroneo/laravel-saml2":"dev-remove_mcrypt"
Exchange 2013 – Certificate Revocation — May 30, 2018

Exchange 2013 – Certificate Revocation

Using the Exchange Control Panel showed that the certificate being used whilst not expired and valid could not pass a revocation check.

I figured this would be because the server couldn’t get out on the internet to read the necessary CRL. But it wasn’t even trying to get online according to our corporate proxy logs.

The netsh proxy settings were correct, but obviously something wasn’t proxy aware.

The resolution goes back to a 2010 hack that calls Internet Explorer as the Local System account. Only thing is, this didn’t work on Windows 2012. It did however give me the necessary light bulb moment to resolve it.

http://blogs.technet.com/b/bshukla/archive/2012/04/30/certificate-revocation-checked-failed.aspx

By using the Sysinternals PsExec to launch a command prompt as the local system I could then run Iexplorer.exe and set the proxy for the Local System account.

https://specopssoft.com/blog/how-to-become-the-local-system-account-with-psexec/

C:\> psexec -s -i cmd.exe

and up pops a new cmd window that runs as Local System. Now call Iexplorer.exe in that new cmd window.

C:\> "C:\Program Files (x86)\Internet Explorer\iexplorer.exe"

and up pops IE for you to set the proxy as necessary. Give it 15 minutes or so and go back to check the Certificate status and now it shows as “Valid” – Job done!

 

Lidarr — May 23, 2018

Lidarr

Since trying out Headphones a few years ago I got frustrated with it in the first hour and ditched it and went back to manually downloading music. That was until I got pointed to Lidarr.

Lidarr is either a fork of, or certainly based on the excellent Sonarr project for downloading TV series.  Lidarr applies the same methodology and familiar interface to download music.

Continue reading

Debian Stretch NTP Time Sync — May 16, 2018

Debian Stretch NTP Time Sync

No more messing about with installing ntp. Just a simple edit of what ntp servers to use.

Internally my ntp fails and reports regularly in syslog:

May 16 14:07:05 testserver systemd-timesyncd[394]: Timed out waiting for reply from 134.0.16.1:123 (3.debian.pool.ntp.org).

Which isn’t surprising as we don’t allow internal services access to external services. So we need to tell the system what servers to use.

$ sudo vi /etc/systemd/timesyncd.conf

add in your own space separated list of servers:

NTP=192.168.1.55 192.168.1.108

Restart the timesyncd service daemon:

$ sudo systemctl restart systemd-timesyncd

And in syslog you’ll see:

May 16 14:17:01 testserver systemd[1]: Stopping Network Time Synchronization...
May 16 14:17:01 testserver systemd[1]: Stopped Network Time Synchronization.
May 16 14:17:01 testserver systemd[1]: Starting Network Time Synchronization...
May 16 14:17:01 testserver systemd[1]: Started Network Time Synchronization.
May 16 14:17:02 testserver systemd-timesyncd[10047]: Synchronized to time server 192.168.1.55:123 (192.168.1.55).
May 16 14:17:02 testserver systemd[9968]: Time has been changed
May 16 14:17:02 testserver systemd[1]: Time has been changed

 

Nginx and Keepalived — May 15, 2018

Nginx and Keepalived

I have a need to deploy a High Availability Load Balanced reverse proxy solution. We have a back end web service that requires resilience. To achieve this I’ve been looking at Nginx and Keepalived. The Nginx Plus product appears to contain high availability support – but we’re in the realms of zero budget and open source/community supported products.

The front end reverse proxy I’ll use is Nginx, but it could be anything. The clever part is going to be using keepalived to pass a single IP address between two servers.

Continue reading