One day you received a keypair is shared by your colleagues and you would like to check where is it correct or not

The private key contains a series of numbers. Two of those numbers form the “public key”, the others are part of your “private key”. The “public key” bits are also embedded in your Certificate (we get them from your CSR). To check that the public key in your cert matches the public portion of your private key, you need to view the cert and the key and compare the numbers. To view the Certificate and the key run the commands:

$ openssl x509 -noout -text -in server.crt
$ openssl rsa -noout -text -in server.key

more »

Check MySQL config syntax

| July 20th, 2015

We need to check syntax and optional of Mysql before apply on server so use this command for it

[[email protected] mysql]# mysqld --help  --defaults-file=/etc/my.cnf | more
2015-07-20 17:09:42 0 [ERROR] mysqld: option '--skip-host-cache' cannot take an argument
2015-07-20 17:09:42 0 [ERROR] Aborting

in some cases, we would like to have dedicated php-fpm server to serve LB php processes.

PHP-FPM Configuration
Modify the listen line:

listen =

Modify the listen.allowed_clients line to allow your load balancer or Nginx server:

listen.allowed_clients =

more »

Here is some command to test your puppet syntax

# "bundle exec rake spec" <= check whole puppet script
# "bundle exec rake spec SPEC_OPTS=-fd" <= with debug mode
# "bundle exec rake syntax" <= check syntax
# "bundle exec rspec spec/hosts/server_spec.rb" <= check puppet script on specific host

In this article, , let us review how to generate private key file (server.key), certificate signing request file (server.csr) and webserver certificate file (server.crt) that can be used on nginx server.

Step One — Create the SSL Certificate

We can start off by creating a directory that will be used to hold all of our SSL information. We should create this under the Nginx configuration directory:

# sudo mkdir /etc/nginx/ssl

Now that we have a location to place our files, we can create the SSL key and certificate files in one motion by typing:

# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt

more »

There are many way to get memcache statistics

$ echo stats | nc localhost 11211

or useful command

Usage: memcached-tool <host[:port]> [mode]

       memcached-tool display    # shows slabs
       memcached-tool            # same.  (default is display)
       memcached-tool stats      # shows general stats
       memcached-tool dump       # dumps keys and values

more »

We can test to parse your log file before implement it on your server to test syntax, etc.

For example, we have log format as below

Nov 26 09:41:22 webserver8 2013/11/26 09:41:13 [warn] 2787#0: *39595376 a client request body is buffered to a temporary file /var/lib/nginx/body/0000251155, client:, server:, request: "POST /some_request.php HTTP/1.1", host: "", referrer: ""

more »

Here is example config of gitolite to denied the access of specific group to specific branch.

My config, that is working now:

@gatekeepers = ustimenko
@developers  = ustimenko user1 user2
@deployers   = puppet

@project     = repo1
@project     = cakephp

repo @project
    RW+                 = @gatekeepers
    R   master develop  = @developers
    -   master develop  = @developers
    RW+                 = @developers
    R                   = @deployers

more »

These are more compact and versatile forms of Hamish’s answer. They handle any mixture of upper and lower case letters:

read -r -p "Are you sure? [y/N] " response
case $response in

more »

ADD a route

sudo route add -net gw netmask dev eth1

DELETE a route

sudo route del -net gw netmask dev eth1