PHPNews

Creating a User in Ansible

Making users in Linux isn't necessarily as simple as making a username, and giving it a password. There are a few considerations you need to know about! Knowing these will make creating new users in Ansible easier. First, some Linux distributions have the adduser command, wihch is a shortcut (with sensible …

Continue reading »

Written by Servers for Hackers - - Aggregated on Tuesday December 5, 2017


How Ansible Vault Works

A typical Ansible setup will involve needing some sort of secret to fully setup a server or application. Common types of "secret" include passwords, SSH keys, SSL certificates, API tokens and anything else you don't want the public to see. Since it's common to store Ansible configurations in version control, we need …

Continue reading »

Written by Servers for Hackers - - Aggregated on Friday November 24, 2017


LetsEncrypt with HAProxy

LetsEncrypt with HAProxy This is a video from the Scaling Laravel course's Load Balancing module. Part of what I wanted to cover was how to use SSL certificates with a HAProxy load balancer. LetsEncrypt (certbot) is great for this, since we can get a free and trusted SSL certificate. Since we're using LetsEncrypt …

Continue reading »

Written by Servers for Hackers - - Aggregated on Thursday November 2, 2017


An Ansible2 Tutorial

Note : This is an update from the original Ansible article ! This one has been updated for Ansible 2, with some improvements in how I install/run Ansible. Ansible is a configuration management and provisioning tool, similar to Chef, Puppet or Salt. I've found it to be one of the simplest and the easiest to get …

Continue reading »

Written by Servers for Hackers - - Aggregated on Wednesday August 16, 2017


Building an Nginx Image

We cover how I built the Nginx image we used in our Docker setup. Note that the video, as usual, is more comprehensive than these notes! The Dockerfile We use a Dockerfile to define a base image, and the steps to take to use that base image and create our image from it. We can then use that built image and …

Continue reading »

Written by Servers for Hackers - - Aggregated on Saturday August 12, 2017


Building a PHP Image

We cover how I built the PHP image we used in our Docker setup. Note that the video, as usual, is more comprehensive than these notes! The Dockerfile We use a Dockerfile to define a base image, and the steps to take to use that base image and create our image from it. We can then use that built image and …

Continue reading »

Written by Servers for Hackers - - Aggregated on Saturday August 12, 2017


Development Workflow with Docker

We cover how to make running complex Docker commands quickly and easily. We saw how we could use docker-compose to easily get a dev environment up and running. However, we had to run some commands that get pretty long. For example: docker run -it --rm \ -v $(pwd)/application:/opt \ -w /opt \ …

Continue reading »

Written by Servers for Hackers - - Aggregated on Saturday August 12, 2017


When Localhost isn't the Local Host

We cover a small gotcha that could waste your time. tl;dr If your code (e.g. php/php-fpm) is executed on a separate container as your web server (e.g. nginx), then pinging localhost as an HTTP request wont' work, because there's no web server listening for HTTP requests within your code (php) container! Use …

Continue reading »

Written by Servers for Hackers - - Aggregated on Saturday August 12, 2017


Hosting Web Apps

We talk about the three main moving parts of hosting a web application: 1. The web server (e.g. Nginx, Apache) 2. The application gateway (e.g. php-fpm, gunicorn) 3. The application (your code) These three pieces are required, but the application gateway isn't often talked about. We'll discuss these parts …

Continue reading »

Written by Servers for Hackers - - Aggregated on Monday May 8, 2017


Linux Permissions

Permissions are confusing, and it's hard to find proper information on them (no need to `chmod 0777` anything). We'll cover how all of this works. ## Ownership We have three "actors" that can perform operations on a file or directory: * users * groups * other Files (including symlinks and unix sockets), …

Continue reading »

Written by Servers for Hackers - - Aggregated on Monday May 8, 2017


Getting Around Your Server

We explore the system a bit and see what common commands you might want to use. Commands we cover: * `pwd`: print working directory (the current directory you are in) * `cd` - move working directory * `cd ~` or `cd` - Move to current user home directory * `cd -` Go to the previous directory you were …

Continue reading »

Written by Servers for Hackers - - Aggregated on Monday May 8, 2017


Creating Users and SSH Security

Our goals in this video are: 1. Create a user 2. Setup key-based login for the user 3. Disallow root user login ## Create a User Let's create a new user and then setup some security. 1. New User ```bash # login first sudo adduser fideloper # Create password # Skip extra field # Set Y to save the …

Continue reading »

Written by Servers for Hackers - - Aggregated on Monday May 8, 2017


Configuring SSH Locally

We can make logging in over SSH much easier for ourselves. Here we're going to edit a config file on our **local machines**. Let's make our lives a little easier by using our local workstation's `~/.ssh/config` file: 1. On Mac, tell it to use the keychain so we don't have to remember passwords (Unless used in …

Continue reading »

Written by Servers for Hackers - - Aggregated on Monday May 8, 2017


Logging Into Your Server

When we spin up a server, we'll usually have two ways to log into it, both over SSH (vs being hard-wired, e.g. plugging a keyboard into a physical machine, or emulating that): 1. Password based authentication 2. Key based authentication Most providers let you choose either (Linode, Digital Ocean). Some enforce …

Continue reading »

Written by Servers for Hackers - - Aggregated on Monday May 8, 2017


What We'll Cover

## Super High Level 1. Security 2. Permissions 3. Web Server Setup & Applications ## A Few Details 1. SSH 2. Users 3. Basic command line 4. Permissions 5. Nginx 6. Firewalls 7. PHP-FPM 8. Permissions with PHP apps I'll also add some quick videos to fill-in a few details as I go!

Continue reading »

Written by Servers for Hackers - - Aggregated on Wednesday May 3, 2017


Logging Into Your Server

When we spin up a server, we'll usually have two ways to log into it, both over SSH (vs being hard-wired, e.g. plugging a keyboard into a physical machine, or emulating that): 1. Password based authentication 2. Key based authentication Most providers let you choose either (Linode, Digital Ocean). Some enforce …

Continue reading »

Written by Servers for Hackers - - Aggregated on Tuesday May 2, 2017


Finish Getting CI Working in Jenkins

I know I'm going to need to install/setup the following to get my Dockerized application working within Jenkins: 1. The `aws` command line tool, to grab files from S3 (needed in my build for staging/production `.env` files) 2. An instance of Docker private registry, which the build script uploads to after building …

Continue reading »

Written by Servers for Hackers - - Aggregated on Tuesday May 2, 2017


Installing Jenkins

## 1. Install Jenkins We'll login using my local AWS-generated ssh key: ```bash ssh -i ~/.ssh/fideloperllc.pem ubuntu@ ``` Then we start installing: ```bash # Install some Basics: sudo apt-get update sudo apt-get install -y vim curl wget tmux unzip htop ntp software-properties-common # Install …

Continue reading »

Written by Servers for Hackers - - Aggregated on Tuesday May 2, 2017