Free SSL Certbot

Certbot, It was Let’s Encrypt Client previously. Automatically enable HTTPS on your website with EFF’s Certbot, deploying Let’s Encrypt certificates.

Server Support

– Apache
– Nginx
– Haproxy
– Plesk

OS Support

– Web Hosting Service
– Debian 7 (wheezy)
– Debian 8 (jessie)
– Debian 9 (stretch)
– Debian testing/unstable
– Debian (other)
– Ubuntu 17.04 (zesty)
– Ubuntu 16.10 (yakkety)
– Ubuntu 16.04 (xenial)
– Ubuntu 14.04 (trusty)
– Ubuntu (other)
– Gentoo
– Arch Linux
– Fedora 24+
– CentOS 6
– RHEL 6
– CentOS/RHEL 7
– FreeBSD
– OpenBSD 5.9
– OpenBSD 6.0+
– OpenBSD (other)
– macOS
– Devuan Jessie 1.0
– Devuan (other)
– Other UNIX
– Non-UNIX

Install on Ubuntu 17.04 (zesty) Apache

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache

Get Started https://certbot.eff.org/#ubuntutzesty-apache

$ sudo certbot --apache

$ sudo certbot --apache certonly

Automating renewal

$ sudo certbot renew --dry-run

$ sudo crontab -e

30 1 * * * /usr/bin/certbot renew --quiet

It will run renewal command at 1:30 am, every day.

PHP Warning: PHP Startup: Unable to load dynamic library /usr/lib64/php/ modules/zip.so

CentOS 7 with PHP

# php --ini
PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/lib64/php/modules/zip.so’ – /usr/lib64/php/modules/zip.so: undefined symbol: php_pcre_exec in Unknown on line 0
Configuration File (php.ini) Path: /etc
Loaded Configuration File: /etc/php.ini
Scan for additional .ini files in: /etc/php.d
Additional .ini files parsed: /etc/php.d/10-opcache.ini,
/etc/php.d/20-bcmath.ini,
/etc/php.d/20-bz2.ini,
/etc/php.d/20-calendar.ini,
.
.
.

Install Apache, MySQL, PHP 5.6 on Centos 7

Solution

# yum install php-zip

# service httpd restart
Redirecting to /bin/systemctl restart httpd.service

PHP Check Loaded Modules

# php -m
[PHP Modules]
apc
apcu
bcmath
bz2
calendar
Core
ctype
curl
date
dom
ereg
exif
fileinfo
filter
ftp
gd
gettext
gmp
hash
iconv
igbinary
json
libxml
mbstring
mcrypt
memcache
memcached
mhash
mongo
msgpack
mysql
mysqli
mysqlnd
openssl
pcntl
pcre
PDO
pdo_mysql
pdo_pgsql
pdo_sqlite
pgsql
Phar
posix
readline
recode
redis
Reflection
session
shmop
SimpleXML
sockets
SPL
SQLite
sqlite3
standard
sysvmsg
sysvsem
sysvshm
tidy
tokenizer
wddx
xml
xmlreader
xmlwriter
xsl
Zend OPcache
zip
zlib

[Zend Modules]
Zend OPcache

PHP Check Loaded ini files
# php --ini

# php -v
PHP 5.6.31 (cli) (built: Jul 6 2017 08:06:11)
Copyright (c) 1997-2016 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.0.6-dev, Copyright (c) 1999-2016, by Zend Technologies

Install Apache, MySQL, PHP 5.6 on Centos 7

Install Apache

# yum update
# yum install httpd
# systemctl start httpd.service

Now Browser your Apache Server http://Server_IP_address/

Enable Apache to start at server boot

# systemctl enable httpd.service

Install Mariadb MySQL

# yum install mariadb-server mariadb
# systemctl start mariadb
# mysql_secure_installation

Enable MySQL to start at server boot

# systemctl enable mariadb.service

Install PHP 5.6

Install EPEL repository

# rpm -Uvh http://vault.centos.org/7.0.1406/extras/x86_64/Packages/epel-release-7-5.noarch.rpm

Note: Make sure you installed “epel-release-7-5.noarch.rpm” else google it for different location …. search on Google “index of” + epel-release-7-5.noarch.rpm

Install remi repository

# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm

Note: Make sure you installed “remi-release-7.rpm” else google it for different location

Enable remi

# yum --enablerepo=remi,remi-php56 install php php-common

Install php 5.6 on Centos 7

# yum --enablerepo=remi,remi-php56 install php-cli php-pear php-pdo php-mysql php-mysqlnd php-pgsql php-sqlite php-gd php-mbstring php-mcrypt php-xml php-simplexml php-curl php-zip

# systemctl restart httpd.service
# chown -R apache:apache /var/www/html/

# chmod -R 775 /var/www/

<?php phpinfo(); ?>

http://Server_IP_address/phpinfo.php

CentOS 7 + SELinux + Apache + PHP write/access permission

CentOS 7 have SELinux, it is security enhancement to Linux which allows users more control over access control.

SELinux make problem to access or write files or directories

– Can’t serve files on directory
– Can’t write to file

SELinux is blocking the read/write operations

# chcon -Rv --type=httpd_sys_rw_content_t /var/www/html/ (if you want to allow full web root)

# chcon -Rv --type=httpd_sys_rw_content_t /var/www/html/uploads/ (Or just uploads folder)

Ownership
# chown apache:apache -R /var/www/html/

Recursive File permissions
# find . -type f -exec chmod 0644 {} \;

Recursive Directory permissions
# find . -type d -exec chmod 0755 {} \;

Resursive SELinux serve files off Apache
# chcon -t httpd_sys_content_t /var/www/html/ -R

Allow write to specific directories
# chcon -t httpd_sys_rw_content_t /var/www/html/logs/ -R
# chcon -t httpd_sys_rw_content_t /var/www/html/uploads/ -R

httpd_sys_content_t – allow Apache to serve contents
httpd_sys_rw_content_t – allow Apache to write to those path.

Amazon DynamoDB Formatted JSON using JQ

Linux sed is useful tool to format and transform plain text. But sed is not so useful for structured data like JSON. JQ is a sed-like tool easily deal with JSON.

./jq

is a lightweight and flexible command-line JSON processor.

Install jq on OS X:
brew install jq

Install jq on Ubuntu:
apt-get install jq

Others:
https://stedolan.github.io/jq/download/

UserPoints.json data exported from Amazon DynamoDB

# AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXXX AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX /usr/local/bin/aws dynamodb scan –table-name UserPoints –region us-east-1 –output json > UserPoints.json

# jq “[.Items[] | { userId: .userId.S, CompanyCode: .CompanyCode.S, date: .date.S, points: .points.S, Id: .Id.S }]” UserPoints.json

It will output like this…

[
{
“userId”: “user1@gmail.com”,
“CompanyCode”: “ABC107”,
“date”: “2017/04/08”,
“point”: “16”,
“Id”: “1496238999”
},
{
“userId”: “user2@gmail.com”,
“CompanyCode”: “ABC107”,
“date”: “2017/02/07”,
“point”: “45”,
“Id”: “1496239218”
}
]

Bottle: Python Web Framework

I really like Bottle: Python Web Framework. Bottle is very simple, fast and powerful Python micro-framework. It is perfect for small web applications and rapid prototyping where you need simple/small API server.

Bottle is a fast, simple and lightweight WSGI micro web-framework for Python.

Installation

Install Bottle with pip install bottle or download the source package at PyPI.

Download and Install

Install the latest stable release (Bottle runs with Python 2.7 and 3.3+.)

#pip install bottle

Or

#easy_install -U bottle

Or

download bottle.py (unstable) into your project directory.

– app.py
– bottle.py

Example: “Hello World” (app.py)

from bottle import route, run

@route(‘/hello/:name’)
def index(name=’World’):
return ‘Hello %s!‘ % name

run(host=’localhost’, port=8080)

Bottle Python

Point your browser to http://localhost:8080/hello/sandeep

Links

https://github.com/bottlepy/bottle
https://raw.githubusercontent.com/bottlepy/bottle/master/bottle.py

Below find simple routing, template, static CDN, Ajax, redirect functions

Test URL for above bottle python code run on port 7800

# python bottle_example.py

http://localhost:7800/
http://localhost:7800/hello
http://localhost:7800/ajax
http://localhost:7800/redirect
http://localhost:7800/404
http://localhost:7800/upload
http://localhost:7800/tpl (“test” is text file on [Web-App-Root])
http://localhost:7800/static/god.jpg (“god.jpg” saved on [Web-App-Root])

FFMPEG make Video Lyrics using JPG MP3 SRT File

FFMPEG make Video Lyrics using JPG MP3 SRT File

Input Files

– Image (test.jpg)
– MP3 File (test.mp3)
– SRT Lyrics (test.srt)

FFMPEG Command

# ffmpeg -loop 1 -y -i test.jpg -i test.mp3 -vf subtitles=”f=test.srt:force_style=’FontName=Arial,FontSize=14″ -shortest test1.mp4

Output File: test1.mp4

SRT Lyrics Preview

1
00:00:00,330 --> 00:00:04,936
Hello Feifei. I didn't know you shopped at this supermarket too.

2
00:00:05,354 –> 00:00:12,303
Hi Finn. Usually I don’t. But it’s close to the office and I have to rush home to welcome an important guest.

3
00:00:13,378 –> 00:00:15,321
Who is it? Someone I know?

4
00:00:15,402 –> 00:00:29,763
No, it’s my landlady. She’s coming to collect some of her post and… well, I want to make her like me because next month, the contract on my flat is due to be renewed and she might want to increase the rent.

5
00:00:30,426 –> 00:00:34,919
Yeah, I see what you mean. So you’d better butter her up then!

6
00:00:35,450 –> 00:00:43,498
Butter? Oh, yes. But I’m a pretty bad cook. If I baked a cake it would probably be horrible!

7
00:00:44,474 –> 00:00:56,703
No. I don’t mean butter for a cake. In English, when you say you’ll ‘butter someone up’, you mean you’ll be especially nice to them in the hope they’ll do something good for you in return.

8
00:00:57,498 –> 00:01:08,424
Oh, I see. So I’ll be nice to her and pay her compliments so that she likes me and keeps the rent low. I’ll ‘butter her up’! But isn’t it a bit insincere?

9
00:01:09,522 –> 00:01:22,522
Well, it can have a negative connotation, yes. Let’s hear some examples of how to use ‘to butter someone up’ or ‘to butter up someone’, which is today’s expression in The English We Speak.

Amazon Simple Notification Service Command Lines

Install the AWS CLI Using the Bundled Installer

Download the AWS CLI Bundled Installer.

# curl “https://s3.amazonaws.com/aws-cli/awscli-bundle.zip” -o “awscli-bundle.zip”
# unzip awscli-bundle.zip
# chmod a+x ./awscli-bundle/install
# ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

Configure AWS CLI

# aws configure
AWS Access Key ID [None]: XXXXXXXXXXXXXXXXXXXXX
AWS Secret Access Key [None]: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Default region name [None]: us-east-1
Default output format [None]: json

# cat ~/.aws/credentials

[default]
aws_access_key_id=XXXXXXXXXXXXXXXXXXXXX
aws_secret_access_key=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

# cat ~/.aws/config

[default]
region=us-east-1
output=json

AWS SNS Common actions

– Create a communication channel to send messages and subscribe to notifications
– Create a platform application for mobile devices
– Subscribe an endpoint to a topic to receive messages published to that topic
– Publish a message to a topic or as a direct publish to a platform endpoint
– Publish a text message (SMS) to a phone number

Create AWS SNS Topic

# aws sns create-topic –name My-Blog
{
“TopicArn”: “arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog”
}

Now you can subscribe to Topic using these protocols

http, https, email, email-json, sms, sqs, application, lambda

check more here: http://docs.aws.amazon.com/cli/latest/reference/sns/subscribe.html

Subscribe to AWS SNS Topic by email

# aws sns subscribe –topic-arn arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog –protocol email –notification-endpoint email@domain.com
{
“SubscriptionArn”: “pending confirmation”
}

AWS SNS Confirm

After Subscription Confirmed it provide SubscriptionArn like arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog:4e2a8654-6b5d-43fe-bf14-2237c8c849f7

AWS SNS Pending Confirm

Subscribe to AWS SNS Topic by Mobile (SMS)

# aws sns subscribe –topic-arn arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog –protocol sms –notification-endpoint 919912345678
{
“SubscriptionArn”: “arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog:a0bb38ca-ece1-4adb-897b-5a21010889e9”
}

Publish message to Topic

# aws sns publish –topic-arn arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog –message “Welcome to My Blog!”
{
“MessageId”: “9f280eb4-b561-5d34-b8c3-5f3be74515b2”
}

AWS SNS Push Message

AWS SNS SMS

Unsubscribe to AWS SNS Topic

# aws sns unsubscribe –subscription-arn “arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog:4e2a8654-6b5d-43fe-bf14-2237c8c849f7”

You can find Available Commands for AWS SNS here
http://docs.aws.amazon.com/cli/latest/reference/sns/index.html#cli-aws-sns

Delete AWS SNS Topic

# aws sns delete-topic –topic-arn “arn:aws:sns:us-east-1:xxxxxxxxxxxx:My-Blog”

Uninstalling AWS CLI

# rm -rf /usr/local/aws
# rm /usr/local/bin/aws

Install the AWS Command Line Interface on Microsoft Windows
http://docs.aws.amazon.com/cli/latest/userguide/awscli-install-windows.html#install-msi-on-windows

Linux – Delete Files Or Directories Older Than x Days

First find files older than X Days

-mtime n => File was last modified n*24 hours ago.

-atime n => File was last accessed n*24 hours ago.

-ctime n => File status was last changed n*24 hours ago.

+n More than n.
n Exactly n.
-n Less than n.

# files modified greater than 24 hours ago
find /location/ -mtime +0

# files modified between now and 1 day ago
find /location/ -mtime 0

# files modified less than 1 day ago
find /location/ -mtime -1

# files modified between 24 and 48 hours ago
find /location/ -mtime 1

# files modified more than 48 hours ago
find /location/ -mtime +1

-type f => For Files
-type d => For Directories

Now delete all files modified time greater than 24 hours ago (keep today’s files)
# find /var/www/html/recorded/files/* -type f -mtime +0 -exec rm {} \;

Record Live Streaming Radio to MP3

Sometime you want to record Live Radio Stream to MP3 file, you can find many online linux tools for recording radio stream to server and then download to your local computer.

You can use Linux “wget” or “curl”

CURL

# curl -sS -o stream.mp3 –max-time 150 http://Radio-Server:Port/stream
Bitrate: 128 kb/s [it will make approx 2MB MP3 file]

# curl -sS -o stream.mp3 –max-time 150 http://Radio-Server:Port/stream
Bitrate: 64 kb/s [it will make approx 1MB MP3 file]

FFMPEG

# ffmpeg -y -i http://Radio-Server:Port/stream stream.mp3

# ffmpeg -i http://Radio-Server:Port/stream -t 00:00:40 -acodec copy stream.mp3
[It will record MP3 file stream.mp3 of duration of 40 sec with same Radio Stream Codec Info & Bitrate]

MPLAYER & LAME

# mplayer ‘http://Radio-Server:Port/stream’ -endpos ’00:01:00′ -vo null -ao pcm:waveheader:file=stream.wav &> /dev/null
# lame stream.wav stream.mp3 &> /dev/null

WGET

# wget -O stream.mp3 “http://Radio-Server:Port/stream”