Sunday, June 12, 2016

Open Source Webservices


Version Control
Gitlab - https://about.gitlab.com/
Phabricator - http://phabricator.org/

Ticket Management (kanban)
Gitlab Kanban Board - http://kanban.leanlabs.io/
Taiga - https://taiga.io/
Kanboard - https://kanboard.net/

Group Chat
Mattermost - mattermost.org/
Rocket.Chat - https://rocket.chat/
Let's Chat - http://sdelements.github.io/lets-chat/
Friends - http://moose-team.github.io/friends/
Zulip - https://www.zulip.org/

   Compare: https://blog.okturtles.com/2015/11/five-open-source-slack-alternatives/

Amazon S3 Compatible Alternatives
Minio - https://www.minio.io/
Red Hat Ceph - http://ceph.com/ 

   More: https://www.quora.com/Is-there-open-source-software-that-implements-Amazon-S3-plug-compatible-storage




Friday, March 04, 2016

Make Unix Password Hash

mkpasswd --method=SHA-512

Webservices


Email Spam Checker
http://www.mail-tester.com/

Git Hosting
Gitlab - https://about.gitlab.com/ (open source)
Phabricator - http://phabricator.org/ (open source)

Group Chat
Mattermost - http://www.mattermost.org/ (open source)
Slack - http://www.json-generator.com/
HipChat - https://www.hipchat.com/

Javascript Editor
jsfiddle https://jsfiddle.net/
Codepen - http://codepen.io/
jsbin - https://jsbin.com/ (open source)

JSON Generator
http://www.json-generator.com/

Online IDE
Cloudnine - https://c9.io/ (open source)

HTML/CS/JS Cleanup
http://www.dirtymarkup.com/

SSL Certificate Checker
https://www.ssllabs.com/ssltest

SSL Check Intermediate Certificate Chain
https://www.sslshopper.com/ssl-checker.html

Python/Django Storage Backend Notes

Inspired by:
https://django-storages.readthedocs.org/en/latest/backends/amazon-S3.html#storage

Interacting directly with storage backend
from django.conf import settings
from django.core.files.storage import get_storage_class
STORAGE_CLASS_STRING = getattr(settings, "MY_STORAGE_CLASS",  \
        settings.DEFAULT_FILE_STORAGE)
sc = get_storage_class(STORAGE_CLASS_STRING)
s = sc()
s.url("jjj-test/JOE.jpg")
# '/media/jjj-test/JOE.jpg'
s.path("jjj-test/JOE.jpg")
# u'/home/jjasinski/Sites/mysite/htdocs/media/jjj-test/JOE.jpg'
s.exists("jjj-test/JOE.jpg")
# False
f = s.open("jjj-test/JOE.jpg", 'w')
f.write("joe test")
f.close()
s.exists("jjj-test/JOE.jpg")
# True
s.delete("jjj-test/JOE.jpg")
s.exists("jjj-test/JOE.jpg")
# False

Interacting with a Model's storage
from django.core.files.base import ContentFile
obj = MyModel()
obj.photo.save('django_test.txt', ContentFile('content'))
obj.photo.size
obj.photo.read()
obj.delete()

Wednesday, December 09, 2015

Django: staticfiles

Locate static file location in codebase:

>>> from django.contrib.staticfiles.finders import find

>>> find("img/logo.png", all=True)
[u'/sites/static_in_pro/our_static/img/logo.png']

>>> find("img/logo.png",)
u'/sites/static_in_pro/our_static/img/logo.png'

Monday, December 07, 2015

LetsEncrypt with HAProxy or Nginx


At this time, LetsEncrypt is in public beta, but I suspect that it will continue to evolve. 

# all commands must be done as root
sudo su

# Download the letsencrypt repo 
git clone https://github.com/letsencrypt/letsencrypt.git /top/letsencrypt/

# change to the desired keys directory.  All commands following are relative to this dir.
cd /jaz/sites/common/etc/keys/

# Generate a 4096 bit ssl private key
openssl genrsa 4096 > jazstudios.com.key

# Generate the certificate signing request.  The following allows lets you specify a SAN (Subject Alternative Name) which allows www and non-www versions of the same domain.  The output needs to be in "der" format. 

openssl req -new -sha256 \
    -key joejasinski.com.key \
    -subj "/C=US/ST=IL/L=Chicago/O=Jazstudios/OU=Information Technology/CN=www.joejasinski.com" \
    -reqexts SAN \
    -outform der \
    -config <(cat /etc/ssl/openssl.cnf \
        <(printf "[SAN]\nsubjectAltName=DNS:joejasinski.com,DNS:www.joejasinski.com")) \
    -out joejasinski.com.csr

# execute the letsencrypt command.  This will prompt you through a few actions.  The most important is that you will need to stop any server running on port 80 and run the python script that they provide in the output.  This will serve up a specific secret file at a specific location, allowing letsencrypt to authenticate the server.  (You could also host the secret file with your webserver)

/opt/letsencrypt/letsencrypt-auto --email example@gmail.com --text \
    --authenticator manual \
    --work-dir /tmp/work/ \
    --config-dir /tmp/config/ \
    --logs-dir /tmp/logs/ auth \
    --cert-path /tmp/certs/ \
    --chain-path /tmp/chains/ \
    --csr joejasinski.com.csr

# --text = use the text based 'wizard' installer instead of an ncurses one
# --authenticator manual = the admin must manually host the verification file
# --csr = path to the previously generated csr file


# The command that it will have you run looks something like this:

mkdir -p /tmp/letsencrypt/public_html/.well-known/acme-challenge
cd /tmp/letsencrypt/public_html
printf "%s" asdfkjasfdasfdasfdasfdasdf > .well-known/acme-challenge/asdfasdfasfd
# run only once per server:
$(command -v python2 || command -v python2.7 || command -v python2.6) -c \
"import BaseHTTPServer, SimpleHTTPServer; \
s = BaseHTTPServer.HTTPServer(('', 80), SimpleHTTPServer.SimpleHTTPRequestHandler); \
s.serve_forever()"

# The output of the of the letsencrypt-auto command will be a file called 0000_chain.pem.  This file contains the host certificate and the intermediate certificate.  It will look something like this.  

-----BEGIN CERTIFICATE-----
       Host certificate contents
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
       letsencrypt intermediate certificate
-----END CERTIFICATE-----


# Unrelated, but a good idea: generate a dhparam used for perfect forward security 

openssl dhparam -out dhparam.pem 4096

For hosting with Nginx, this file can be set to the ssl_certificate parameter. The ssl_certificate_key setting would be set to the location of the key file.

For hosting with HAProxy, you want to modify the file so it looks something like this:

-----BEGIN CERTIFICATE-----
       Host certificate contents
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
       Private key contents
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
       letsencrypt intermediate certificate
-----END CERTIFICATE-----
-----BEGIN DH PARAMETERS-----
       contents of dhparam.pem
-----END DH PARAMETERS-----

Friday, November 13, 2015

Dig Commands


Look up A record example.com as seen by 8.8.8.8 nameserver
dig @8.8.8.8 exampe.com

Show the MX record for a yahoo domain
dig yahoo.com MX

Show the TTL for a given domain
dig imagescape.com TTL

Show the TXT record for an yahoo domain
dig yahoo.com TXT

Show only the answer
dig yahoo.com +nocomments +noquestion +noauthority +noadditional +nostats

All Records
dig @8.8.8.8 imagescape.com ANY +noall +answer

Reverse Lookup
dig -x 198.178.132.10

Nice output that looks like the domain record
dig @ns.imagescape.com imagescape.com any +multiline +noall +answer

Find the authoritative nameserver for a domain:
dig -t ns imagescape.com +short

Find the SOA of the domain:
dig joejasinski.com soa +noall +answer


Common Options:
  +short  = show only the results
  +[no]comments = show/hide the comments
  +[no]question = show/hide the question section
  +[no]authority = show/hide the authority section
  +[no]stats = show/hide the stats section
  +[no]answer = show/hide the answer section
  +[no]all = show/hide everything


https://neverendingsecurity.wordpress.com/2015/04/13/dig-commands-cheatsheet/
https://www.madboa.com/geek/dig/

Nice article:
http://anouar.adlani.com/2011/12/useful-dig-command-to-troubleshot-your-domains.html



Monday, November 02, 2015

Python Email Send


Simple email test from python

import smtplib
from email.mime.text import MIMEText
f = "no-reply@example.com"
t = "joe@example.com"
s = smtplib.SMTP('localhost')
msg = MIMEText("this is a test")
msg["Subject"] = "This is a test - ignore"
msg["To"] = t
msg["From"] = f
s.sendmail(f, [t], msg.as_string())

Sunday, August 23, 2015

Docker Gitlab

1) Create the following file
vim run_gitlab.sh

CONTAINER_NAME="gitlab_server"
GITLAB_DATA_DIR="`pwd`/gitlab/"
GITLAB_SSH_PORT="2222"
GITLAB_HTTP_PORT="8080"
GITLAB_HTTPS_PORT="8443"

docker rm ${CONTAINER_NAME}
sudo docker run --detach \
    --publish ${GITLAB_HTTPS_PORT}:443 \
    --publish ${GITLAB_HTTP_PORT}:8000 \
    --publish ${GITLAB_SSH_PORT}:22 \
    --name ${CONTAINER_NAME} \
    --restart always \
    --volume ${GITLAB_DATA_DIR}config:/etc/gitlab \
    --volume ${GITLAB_DATA_DIR}logs:/var/log/gitlab \
    --volume ${GITLAB_DATA_DIR}gitlab/data:/var/opt/gitlab \
    gitlab/gitlab-ce:latest

2) Run to create the initial directories
   sudo ./run_gitlab.sh 

3) Configure: modify the following settings

    sudo vim gitlab/config/gitlab.rb 

         external_url 'http://localhost:8000'
         gitlab_rails['gitlab_ssh_host'] = 'localhost'
         gitlab_rails['gitlab_shell_ssh_port'] = 2222

4) Restart docker

    sudo docker restart gitlab_server

5) Visit http://localhost:8080 and login with

    root 5iveL!fe


Source:
https://gitlab.com/gitlab-org/gitlab-ce/tree/master/docker

Autostart:
https://docs.docker.com/articles/host_integration/