SyntaxHighlighter

Sunday, June 18, 2017

Forwarding Ports with IPTables

to use IPTables to forward ports...

iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

all this from http://richardfergie.com/redirect-port-80-to-a-different-port-using-iptables

and how to remove the routing

iptables -t nat --line-numbers -L
iptables -t nat -D PREROUTING [number]

Monday, March 13, 2017

Using the Docker Embedded DNS

this is an easy way I just discovered and am noting it here so I don't forget.

to leverage docker's embedded dns, you can setup a custom network and then each container can resolve to each other via the 'name' attribute.

for example;

1. docker network create internaldns
2. docker run --name rmq -p 15672:15672 --net=internaldns -d rabbitmq:management
3. docker run --name httpcontainer -p 8080:8080 --net=internaldns -d scbs/http-rmq

this gives you;
- ability to connect to the host network via bridge
- ability to have httpcontainer look up the rabbitmq container using the dns entry 'rmq'

i love weave.works and think weave net is particularly awesome, but if you're just doing dns lookup on 1 docker host, this seems pretty light and easy

Saturday, March 11, 2017

NativeScript WebView - Getting the HTML Content

If you're trying to get the content from a NativeScript WebView, try the following from StackOverflow

if (webView.ios) {
    var webHeader = webView.ios.stringByEvaluatingJavaScriptFromString("document.head.innerHTML").trim();
    console.log(webHeader);

    var webBody = webView.ios.stringByEvaluatingJavaScriptFromString("document.body.innerHTML").trim();
    console.log(webBody);

} else if (webView.android) {
    webTitle = webView.android.getTitle(); //getting the title title
    console.log(webTitle)
}

Wednesday, November 23, 2016

Docker on Ubuntu: http:///var/run/docker.sock/v1.18/containers/json: dial unix /var/run/docker.sock: permission denied

after installing 1.12.3 on Ubuntu 16.04, the permission denied issue came up.  after trying the docker group settings without any luck, the only thing left was to actually chmod the socket.

chmod 777 /var/run/docker.sock

and everything works

probably not the wisest thing to do and you can try chmod'ing with more restrictions, but after hours of google and frustration, it works.

Wednesday, November 2, 2016

Get the Guest IP Address for a VM in VMWare Fusion

Great little trick from here...

/Applications/VMware\ Fusion.app/Contents/Library vmrun getGuestIPAddress [location of your VM's .vmx]


Saturday, October 22, 2016

Jenkins on Docker - Admin Password

try this from the comments on hub.docker.com --> full credit to sidmalani

docker exec -it jenkins_test cat /var/jenkins_home/secrets/initialAdminPassword

Sunday, October 16, 2016

Eclipse Che and localhost

Eclipse Che and localhost

when running eclipse che locally, you may have troubles starting up the various agents, etc. unless you export the correct IP address.

so, to make sure it all works smoothly;
- export CHE_HOST_IP=[your ip]
or
- CHE_HOST_IP=[your ip] che start

Tuesday, August 23, 2016

nginx ubuntu and letsencrypt.org and name.com

recently i needed to setup a secure domain on an EC2 instance (need to use the Google Maps Javascript API and it requires HTTPS domains).   the application architecture was;
  • angularjs (front-end)
  • NodeJS (front-end server) http://:3000
  • spring-boot (data server) http://:8080
to get this working on EC2, nginx was added to help act as a HTTPS terminator and router for the NodeJS instance.  

domain routing --> name.com

this is not a permanent solution, just a demo, so I used and A record at name.com to point to my Elastic IP address.  the trick here is to add 2 A records; [blank].example.com --> [elastic IP] and *.example.com --> [elastic IP].  this needs to be done to support https://letsencrypt.org

letsencrypt.org

the steps to follow (on ubuntu) are
  1. sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
  2. sudo apt-get install nginx
  3. sudo vi /etc/nginx/sites-available/default
  4. add     location ~/.well-known { allow all; }
  5. sudo ./letsencrypt-auto certonly -a webroot --webroot-path=/usr/share/nginx/html -d example.com -d www.example.com
  6. (go through the on screen prompts)
  7. sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
  8. add ssl to the nginx default
  9. add redirect on port 80 to 443 (HTTP 301)
below is an example of the nginx default file

server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;

    server_name sexample.com www.example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    add_header Strict-Transport-Security max-age=15768000;

    location ~ /.well-known {
        allow all;
    }

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

Sunday, July 17, 2016

nodejs expressjs http-proxy and the hanging POST

here's one i came across recently with using http-proxy and expressjs.  using the body-parser seems to mess with the way the object is sent to the backend (in this case, Spring Data REST).  to resolve this, on the proxy part, i had to remove all the body-parser listeners (thanks to this issue solution https://github.com/nodejitsu/node-http-proxy/issues/180#issuecomment-215773710)

a very quick and simple solution, although maybe not optimal, it works.