Having recently moved a server from one machine to another - I wanted a simpler firewall to deal with than directly playing with iptables.
So I googled, found and installed UFW - I'm using debian so I used this wiki link
I opened just the ports I wanted and made sure that the default was to deny.
All seemed fine - until I found that all my docker ports were directly available over the net. I don't want this - these are supposed to be proxied behind https.
This is due to the fact that docker...Read full article
It's often quite useful to know what running process is holding a port open. Doing this on linux has long been an easy case of running netstat with the -p option which shows the PID and name for each socket - for example:
# netstat -lnp | grep :80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 14897/nginx.conf ...
But the mac version of netstat doesn't support this option. I recently came across this post on stackoverflow that points out that you can use lsof...Read full article
I use my macs for development. That means that there's a lot of things running and I usually have a lot of heavy apps open. So I quite often hit the error "Too many open files". On linux - this is fixed using sysctl - but on later OSX/macOS it is done using launchd. Earlier OSX versions could use a /etc/launchd.conf file - but - for the latest versions I've found that this post from basho docs for riak works fine.
I've recently been struggling with my mac laptop not having any disk space left. Each time I've deleted whatever large files I had in Download or any other out of date stuff - thinking that I was just being a heavy disk user.
But - it kept happening - so I actually dug into it with du.
It turns out I had gigabytes and gigabytes in
So I deleted all images and containers - but this file didn't get any smaller...Read full article
I switched to this a long time back from rvm - with rvm I was having a number of issues with library versions of iconv, xml etc that rbenv didn't seem to have.
Yesterday I heard about chruby - which does not rely on shimmed binaries - it simply changes the environment (PATH etc) to point to the ruby you want. This seems a lot simpler/cleaner conceptually.
Since ruby-build is written alongside...Read full article
DataGrip (and the other jetbrains apps) were refusing to connect to heroku postgresql databases even though the connection was correct.
Turns out that you must have SSL enabled but can't validate the certificate.
Add the following properties to the datasource advanced settings:
Or to the url
Read full article
I occasionally see that games using game center for data sync etc stop being able to log in. If I head to the settings app > game center - it can't open the page for the game center settings.
This was originally a problem in iOS 9.0, thought to be fixed in iOS 9.1 but still being experienced (my last was in iOS 9.2.1).
The trick is to sign out of game center then back in - but how to do so when you can't open the settings?
The solution at the end of this article on appletoolbox.com worked for...Read full article
Homebrew postgresql updated from 9.4.x to 9.5.x today.
This meant that after update it wouldn't start because the database needed upgrading.
I started with this article - which in summary would be:
launchctl unload ~/Library/LaunchAgents/homebrew.mxcl.postgresql.plist brew update && brew upgrade postgresql
initdb /usr/local/var/postgres9.5 -E utf8
Read full article
pg_upgrade \ -d /usr/local/var/postgres \ -D /usr/local/var/postgres9.5 \...
One of my switches died recently - an 8 port unmanaged gigabit switch.
I thought that this time I'd get one that supports link aggregation (the synology NAS behind it could use it) and settled for Cisco's SG200-08 - since I could get that by the next day.
It's a managed switch (first time for me) and it works fine.
Only one thing that wasn't expected - it appears that nearly all of Cisco's SG200 range support SNMP (some might need a firmware update) but not this one. It even has a different...Read full article
Preparing for migration from debian wheezy to debian jessie and one of the packages I use is no longer supported.
Denyhosts is something that I used to block incoming ssh attacks (it adds IP addresses to /etc/hosts.deny). But it is not available in Jessie. The security team had the following comments:
So - time to look at fail2ban.