Blog

Bienvenue...

...sur mon blog, j'utilise ce site pour noter les petites choses qui me sont utiles, que ça soit informatique ou autre :)

Il y a 6 years 5 months

Install socat, i.e. with centos :

  sudo yum install socat

Create a user config file ~/.ssh/config :

Host host-git
  ProxyCommand  socat - PROXY:<proxy ip/host>:%h:%p,proxyport=<proxy port>

Change permission on this new file :

chmod 600 ~/.ssh/config

Then for GIT, you can then edit git's config file <REPO>/.git/config and modify remote section

[remote "origin"]
        #url = https://user-git@host-git/chemin-du-repo.git
        url = ssh://user-git@host-git/chemin-du-repo.git

...or if you do not already have a remote origin add it :

git remote add origin ssh://user-git@host-git/chemin-du-repo.git

and then push your modifications :

git push -u origin master
Il y a 9 years 2 months

I was trying to "yum update" on a VM when I had a "proxy : connection refused" message

*grmbl* then connecting to the proxy's VM, I saw that the / FS was 100% full

I then executed a

du -hs *

on / to see that most space was used by /var/log/maillog (2.2Go)...

I flushed the file with an "echo > /var/log/maillog" then I saw plenty of messages when postfix managed to write in the file...

I changed postfix's conf (/etc/postfix/main.cf) as he was trying to use ipv6 :

inet_protocols = all

changed to

inet_protocols = ipv4

Then reload the service, and the file goes on filling with messages like "blocked to avoid spam", so I checked the mail queue :

postqueue -p

+38000 messages queued... *gni*, many bullshit messages where in here, so I went for a erasement :

mailq | tail -n +2 | awk 'BEGIN { RS = "" } / kagoun@gmail\.com$/ { print $1 }' | tr -d '*!' | postsuper -d -

Et voilà !!

Il y a 9 years 7 months

Found this page on Plex Support website

I wanted to improve Plex Refresh mecanism which is not really working, especially when you've just put a new subtitle file for the film you want to see it NOW...

There is command line support (named 'Plex Media Scanner'), but the file is named with multiple space, and it's not really linux friendly ;) So I decided to make small shortcuts, to have those commands usable easily

sudo touch /usr/local/bin/plexmediascanner.sh
sudo chmod +x /usr/local/bin/plexmediascanner.sh
sudo vi /usr/local/bin/plexmediascanner.sh
 
#!/bin/sh
PLEX_RUNNABLE="`which Plex\ Media\ Scanner`"
sudo LD_LIBRARY_PATH=${LD_LIBRARY_PATH} -u plex "${PLEX_RUNNABLE}" $@

You can also create one for the server :

sudo touch /usr/local/bin/plexmediaserver.sh
sudo chmod +x /usr/local/bin/plexmediaserver.sh
sudo vi /usr/local/bin/plexmediaserver.sh
 
#!/bin/sh
PLEX_RUNNABLE="`which Plex\ Media\ Server`"
sudo LD_LIBRARY_PATH=${LD_LIBRARY_PATH} -u plex "${PLEX_RUNNABLE}" $@

I've also created a small script to have Plex variables online (into profile.d to make things clean) :

sudo touch /etc/profile.d/plex.sh
sudo chmod +x /etc/profile.d/plex.sh
sudo vi /etc/profile.d/plex.sh
 
#!/bin/sh
#set the Plex homedir
PLEX_PATH=/usr/lib/plexmediaserver
#add Plex homedir to libpath
export LD_LIBRARY_PATH=${PLEX_PATH}
#add Plex homedir to PATH
pathmunge ${PLEX_PATH}

Then you have to edit SUDO config file to allow a simple user to execute the command, or restart Plex service without password, which is done by launching visudo :

Defaults    env_keep += "LD_LIBRARY_PATH"
Defaults    env_keep += "PLEX_PATH"
[...]
%agroup      ALL=(ALL)       NOPASSWD: /usr/lib/plexmediaserver/Plex\ Media\ Scanner
%agroup      ALL=(ALL)       NOPASSWD: /sbin/service plexmediaserver*

That's all folks... :D any comments are welcome !

Il y a 9 years 7 months

Since there's been many vulnerabilities lately, I've decided to take a look to my (HTTP)SSL configurations

So I found some website about generating secure configuration, and infos about multiple parameters you need to known, which means what...

I've also searched for a RSA certificate generation tutorial I found here (attached to this blog note)

When everything is tuned, you can then test your grade with SSLLabs which seems to me to be a good tool :)

Il y a 9 years 9 months

Could not start apache2 on a specific port ? (running centos or selinux enabled os) ?

Check that the port is authorized :

semanage port -l | grep -w http_port_t

If not you've got to authorize it :

semanage port -a -t http_port_t -p tcp <PORT>

If semanage is not installed :

yum -y install policycoreutils-python

cf. : ici

Pages