I was looking at backup task running on my desk and saw that it’s spending a lot of time on ~/.local/share/zeitgeist directory. I checked and it had 4.6GB: du -sh ~/.local/share/zeitgeist/* 118M activity.sqlite 44M activity.sqlite.bck 32K activity.sqlite-shm 4,4G activity.sqlite-wal 311M fts.index WTF? Fortunately I found here external link that I could easily delete some of this: zeitgeist-daemon --quit Now check that it’s not running: ...
There are many possible real life cases and not all optimization technics will be suitable for you but I hope it will be a good starting place. Also you shouldn’t copy paste examples with faith that they will make your server fly 😃 You have to support your decisions with excessive tests and help of monitoring system (ex. Grafana ). Cache static and dynamic content Setting caching static and dynamic content strategy may offload your server from additional load from repetitive downloads of same, rarely updated files. This will make your site to load faster for frequent visitors. ...
Sometime you need to make quick and dirty image backup of VM running on XenServer and this post is about such case 😃 List machines: xl list Name ID Mem VCPUs State Time(s) Domain-0 0 4066 8 r----- 3526567.3 webfront1.example.com 1 4096 4 r----- 3186487.2 webfront2.example.com 2 2048 2 -b---- 920408.2 Now you may export one: xe vm-export vm=webfront1.example.com filename=/srv/backup/webfront.xva Export succeeded You may also use uuid for that - list machines with xe vm-list (best with less) and then: ...
Sometimes deployment process or other heavy task may cause some Nagios checks to rise below normal levels and bother admin1. If this is expected and you want to add downtime on host/service during this task you may use this script: #!/bin/bash function die { echo $1; exit 1; } if [[ $# -eq 0 ]] ; then die "Give hostname and time in minutes as parameter!" fi if [[ $# -eq 1 ]] ; then MINUTES=15 else MINUTES=$2 fi HOST=$1 NAGURL=http://nagios.example.com/nagios/cgi-bin/cmd.cgi USER=nagiosuser PASS=nagiospassword SERVICENAME=someservice COMMENT="Deploying new code" export MINUTES echo "Scheduling downtime on $HOST for $MINUTES minutes..." # The following is urlencoded already STARTDATE=`date "+%d-%m-%Y %H:%M:%S"` # This gives us the date/time X minutes from now ENDDATE=`date "+%d-%m-%Y %H:%M:%S" -d "$MINUTES min"` curl --silent --show-error \ --data cmd_typ=56 \ --data cmd_mod=2 \ --data host=$HOST \ --data-urlencode "service=$SERVICENAME" \ --data-urlencode "com_data=$COMMENT" \ --data trigger=0 \ --data-urlencode "start_time=$STARTDATE" \ --data-urlencode "end_time=$ENDDATE" \ --data fixed=1 \ --data hours=2 \ --data minutes=0 \ --data btnSubmit=Commit \ --insecure \ $NAGURL -u "$USER:$PASS"| grep -q "Your command request was successfully submitted to Nagios for processing." || die "Failed to con tact nagios"; echo Scheduled downtime on nagios from $STARTDATE to $ENDDATE Threat this script as template with some tips: ...
Now when you have CollectD and InfluxDB installed you may configure Grafana 😃 First configure repo with current Grafana version (select your distro): curl https://packagecloud.io/gpg.key | sudo apt-key add - deb https://packagecloud.io/grafana/testing/debian/ wheezy main Now install package (on wheezy I needed to install apt-transport-https to allow installation of packages from repo via HTTPS): apt-get update apt-get install -y apt-transport-https apt-get install -y grafana By default Grafana will use sqlite database to keep information about users, etc: ...
I wanted/needed some statistics on few my machines. I saw earlier grafana and was impressed so this was starting point. Then I started reading about graphite, carbon and whisper, and then… I found InfluxDB. Project is young but looks promising. Let’s start! On project page there is no info about repo but it’s available, configure it: curl -sL https://repos.influxdata.com/influxdb.key | apt-key add - echo "deb https://repos.influxdata.com/debian wheezy stable" > /etc/apt.sources.list.d/influxdb.conf for Ubuntu use url like (of course selecting your version): ...
I wanted/needed some statistics on few my machines. I saw earlier grafana and was impressed so this was starting point. Then I started reading about graphite, carbon and whisper, and then… I found InfluxDB. Project is young but looks promising. Installation of collectd is easy on Debian because packages are in default repo. One problem is that packages may be old, ex. on wheezy it version 5.1. But in backports/backports-sloppy you may find current 5.5, so enable backports first: ...
From the first moment I heard about Let’s Encrypt I liked it and wanted to use it as fast as possible. But the more I read how they want to implement it, the more I dislike it. Current project with automatic configuration is not what I want to use at all. I have many very complicated configs and I do not trust such tools enough to use them. I like UNIX’s single purpose principle, tools should do one thing and do it well - nothing more. ...
Lately I had a lot of brute force attacks on my WordPress blog. I used basic auth to /wp-admin part in nginx configuration to block this and as a better solution I wan’t to block source IPs at all on firewall. To do this, place this filter code in /etc/fail2ban/filter.d/wp-login.conf: # WordPress brute force wp-login.php filter: # # Block IPs trying to authenticate in WordPress blog # # Matches e.g. # 178.218.54.109 - - [31/Dec/2015:10:39:34 +0100] "POST /wp-login.php HTTP/1.1" 401 188 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" # [Definition] failregex = ^<HOST> .* "POST /wp-login.php ignoreregex = Then edit your /etc/fail2ban/jail.local and add: ...
I have some Ansible roles to configure my vps, Raspberry Pi, etc. I like to test them before I broke something on my real, not clustered machines - I use Vagrant for that. But with it I had one problem - in playbooks I define hosts as groups of severs ex. web for my vps: Example Ansible playbook - hosts: web gather_facts: True sudo: True ... But testing machine wasn’t in this group and when I run vagrant I could only see: ...