Thursday, 16 July 2015

PDF join files and replace strings using pdftk

pdftk *.pdf cat output combined.pdf

You can try to modify content of your PDF as follows
  1. Uncompress the text streams of PDF
    pdftk file.pdf output uncompressed.pdf uncompress
  2. Use sed to replace your text with another
    sed -e "s/ORIGINALSTRING/NEWSTRING/g" <uncompressed.pdf >modified.pdf
  3. If this attempt was successful, re-compress the PDF with pdftk
    pdftk modified.pdf output recompressed.pdf compress


Saturday, 20 June 2015

eth1 connection of two servers in Debian

In order of connect two Debian servers  to comminucate through eth1 connect them using ethernet cable and use these settings in /etc/network/interfaces


auto eth1
iface eth1 inet static
        mtu 9000


auto eth1
iface eth1 inet static
        mtu 9000

Wednesday, 17 June 2015

Useful commands to analyse access.log

Include and exclude strings in search term:

grep -F "google"  /var/log/nginx/access.log | grep -v ""  > google.txt

Get unique IPs:

awk '{print $1}' google.txt|sort -u

Or in a single line:

grep -F "google"  /var/log/nginx/access.log > googl.txt && awk '{print $1}' google.txt|sort -u


Convert list of IPs to unique IP blocks for nginx deny:

sed -i -e   's/$/;/' file.txt && sed -i -e   's/[0-9]\?[0-9]\?[0-9];$/0\/24;/' file.txt &&  sed -i -e   's/^/deny /' file.txt | sort -u

Add 'deny' to the begining of each line of a file:

 sed -i -e   's/^/deny /' file.txt

Add ';' at the end of each line of a file:

sed -i -e   's/$/;/' file.txt
Now convert IPs to 24 blocks:

 sed -i -e   's/\.*;/.0\/24;/' file.txt

Perpare deny list in one line:

sed -i -e   's/$/;/' file.txt && sed -i -e   's/[0-9]\?[0-9]\?[0-9];$/0\/24;/' file.txt &&  sed -i -e   's/^/deny /' file.txt

Wednesday, 27 May 2015

Deploy django on debian 7 with uwsgi and mariadb - complete guide

In local virtualven
pip freeze > requirement.txt

on Server

apt-get install nginx
apt-get install mysql-server

apt-get install python-pip

apt-get install python-virtualenv
apt-get install python-dev

apt-get install memcached
apt-get install python-memcache

locale-gen en_US en_US.UTF-8
dpkg-reconfigure locals


apt-get install git-core


adduser bob
su bob

virtualenv ~/.djenv
source ~/.djenv/bin/activate

pip install requirement.txt

pip install python-memcached

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON mydb.* TO 'myuser'@'localhost.localdomain' IDENTIFIED BY 'password';

To solve
Error loading MySQLdb module: No module named MySQLdb

sudo apt-get install build-essential python-dev

apt-get install libmariadbclient-dev

***Note installing  libmysqlclient-dev causes 'EnvironmentError: mysql_config not found'

pip install MySQL-python

Activate virtualenv. Then

Error: decoder jpeg not available

apt-get install libjpeg-dev
pip install -I pillow

Oh collation to utf8, otherwise you may get your non-western charachters converted to ?????

  for t in $(mysql --user=root --password=mydbpasswd  --database= mydb -e "show tables";);
       echo "Altering" $t;
       mysql --user=root --password=mydbpasswd --database= mydb -e "ALTER TABLE $t CONVERT TO CHARACTER SET utf8 COLLATE utf8_unicode_ci;";

Extra (for cache and messaging:

- How to install redis (latest version)

- How to install Celery

uwsgi installation (this could be a pain in the backside, but not with this help!)

Basic uwsgi intallation and configuration

Install uwsgi

pip install uwsgi

Basic test

Create a file called
def application(env, start_response):
    start_response('200 OK', [('Content-Type','text/html')])
    return "Hello World"
uwsgi --http :8000 --wsgi-file
The options mean:
http :8000
use protocol http, port 8000
load the specified file
This should serve a hello world message directly to the browser on port 8000. Visit:
to check.

Test your Django project

Now we want uwsgi to do the same thing, but to run a Django site instead of the module.
But first, make sure that your project actually works! Now you need to be in your Django project directory.
python runserver
Now run it using uwsgi:
uwsgi --http :8000 --chdir /path/to/your/project --module project.wsgi --virtualenv /path/to/virtualenv
The options mean:
chdir /path/to/your/project
use your Django project directory as a base
module project.wsgi
i.e. the Python wsgi module in your project
virtualenv /path/to/virtualenv
the virtualenv
There is an alternative to using the --module option, by referring instead to the wsgi file:
wsgi-file /path/to/your/project/project/
i.e. the system file path to the file
Point your browser at the server; if the site appears, it means uwsgi can serve your Django application from your virtualenv. Media/static files may not be served properly, but don't worry about that.
Now normally we won't have the browser speaking directly to uwsgi: nginx will be the go-between.

Basic nginx

Install nginx

The version of Nginx from Debian stable is rather old. We'll install from backports.
sudo pico /etc/apt/sources.list     # edit the sources list
# backports
deb squeeze-backports main
sudo apt-get -t squeeze-backports install nginx # install nginx
sudo /etc/init.d/nginx start    # start nginx
And now check that the server is serving by visiting it in a web browser on port 80 - you should get a message from nginx: "Welcome to nginx!"

Configure nginx for your site

Check that your nginx has installed a file at /etc/nginx/uwsgi_params. If not, copy to your directory, because nginx will need it. Easiest way to get it:
Create a file called nginx.conf, and put this in it:
# nginx.conf
upstream django {
    # connect to this socket
    # server unix:///tmp/uwsgi.sock;    # for a file socket
    server;      # for a web port socket

server {
    # the port your site will be served on
    listen      8000;
    # the domain name it will serve for
    server_name;   # substitute your machine's IP address or FQDN
    charset     utf-8;

    #Max upload size
    client_max_body_size 75M;   # adjust to taste

    # Django media
    location /media  {
                alias /path/to/your/project/project/media;      # your Django project's media files

        location /static {
                alias /path/to/your/project/project/static;     # your Django project's static files

    # Finally, send all non-media requests to the Django server.
    location / {
        uwsgi_pass  django;
        include     /etc/nginx/uwsgi_params; # or the uwsgi_params you installed manually
Symlink to this file from /etc/nginx/sites-enabled so nginx can see it:
sudo ln -s ~/path/to/your/project/nginx.conf /etc/nginx/sites-enabled/

Basic nginx test

Restart nginx:
sudo /etc/init.d/nginx restart
Check that media files are being served correctly:
Add an image called media.png to the /path/to/your/project/project/media directory
If this works, you'll know at least that nginx is serving files correctly.

nginx and uwsgi and

Let's get nginx to speak to the hello world application.
uwsgi --socket :8001 --wsgi-file
This is nearly the same as before, except now we are not using http between uwsgi and nginx, but the (much more efficient) uwsgi protocol, and we're doing it on port 8001. nginx meanwhile will pass what it finds on that port to port 8000. Visit:
to check.
Meanwhile, you can try to have a look at the uswgi output at:
but quite probably, it won't work because your browser speaks http, not uwsgi.

Using sockets instead of ports

It's better to use Unix sockets than ports - there's less overhead.
Edit nginx.conf.
server unix:///tmp/uwsgi.sock;
comment out
and restart nginx.
Runs uwsgi again:
uwsgi --socket /tmp/uwsgi.sock --wsgi-file
Try in the browser.

If that doesn't work

Check your nginx error log(/var/log/nginx/error.log). If you see something like:
connect() to unix:///path/to/your/project/uwsgi.sock failed (13: Permission denied)
then probably you need to manage the permissions on the socket (especially if you are using a file not in /tmp as suggested).
uwsgi --socket /tmp/uwsgi.sock --wsgi-file --chmod-socket=644 # 666 permissions (very permissive)
uwsgi --socket /tmp/uwsgi.sock --wsgi-file --chmod-socket=664 # 664 permissions (more sensible)
You may also have to add your user to nginx's group (probably www-data), or vice-versa, so that nginx can read and write to your socket properly.

Running the Django application with uswgi and nginx

Let's run our Django application:
uwsgi --socket /tmp/uwsgi.sock --chdir /path/to/your/project --module project.wsgi --virtualenv /path/to/virtualenv --chmod-socket=664
Now uwsgi and nginx should be serving up your Django application.

a uwsgi .ini file for our Django application

Deactivate your virtualenv:
and install uwsgi system-wide:
sudo pip install uwsgi
We can put the same options that we used with uwsgi into a file, and then ask uwsgi to run with that file:
# django.ini file

# master
master                  = true

# maximum number of processes
processes               = 10

# the socket (use the full path to be safe)
socket          = /tmp/uwsgi.sock

# with appropriate permissions - *may* be needed
# chmod-socket    = 664

# the base directory
chdir           = /path/to/your/project

# Django's wsgi file
module          = project.wsgi

# the virtualenv
home            = /path/to/virtualenv

# clear environment on exit
vacuum          = true
And run uswgi using the file:
uwsgi --ini django.ini
--ini django.ini
use the specified .ini file

Test emperor mode

uwsgi can run in 'emperor' mode. In this mode it keeps an eye on a directory of uwsgi config files, and spawns instances ('vassals') for each one it finds.
Whenever a config file is amended, the emperor will automatically restart the vassal.
# create a directory for the vassals
sudo mkdir /etc/uwsgi
sudo mkdir /etc/uwsgi/vassals
# symlink from the default config directory to your config file
sudo ln -s /path/to/your/project/django.ini /etc/uwsgi/vassals/

# run the emperor as root
sudo uwsgi --emperor /etc/uwsgi/vassals --uid www-data --gid www-data --master
The options mean:
emperor /etc/uwsgi/vassals
look there for vassals (config files)
uid www-data
run as www-data once we've started
gid www-data
run as www-data once we've started
Check the site; it should be running.

Make uwsgi startup when the system boots

The last step is to make it all happen automatically at system startup time.
Edit /etc/rc.local and add:
/usr/local/bin/uwsgi --emperor /etc/uwsgi/vassals --uid www-data --gid www-data --master
before the line "exit 0".
And that should be it!


Tuesday, 26 May 2015

a working my.cnf for Mariadb

# The MySQL database server configuration file.

port = 3306
socket = /var/run/mysqld/mysqld.sock

socket = /var/run/mysqld/mysqld.sock
nice = 0


user = mysql
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address =

# * Fine Tuning
key_buffer = 128M
max_allowed_packet = 64M
thread_stack = 192K
thread_cache_size       = 64
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover         = BACKUP
max_connections        = 1000

interactive_timeout= 1
wait_timeout= 1

#log-slow-queries = /var/log/mysql/slow_query.log
#long_query_time = 10
#log_queries_not_using_indexes = 1

table_cache            = 6048
thread_concurrency     = 22

join_buffer_size = 8M
sort_buffer_size = 32M
max_heap_table_size = 4412M
max_connect_errors = 10
tmp_table_size = 4412M

#*** MyISAM Specific options
key_buffer_size = 32M
read_buffer_size = 4M
read_rnd_buffer_size = 8M

myisam_sort_buffer_size = 128M
#myisam_max_sort_file_size = 10G
#myisam_max_extra_sort_file_size = 10G

#finally added
table_definition_cache = 2048

#default-storage-engine = innodb
innodb_buffer_pool_size = 25000M
innodb_log_file_size = 1500M
innodb_flush_method = O_DIRECT #O_DSYNC
innodb_file_per_table = 1
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 4M
innodb_additional_mem_pool_size = 20M

# num cpu's/cores *2 is a good base line for innodb_thread_concurrency
innodb_thread_concurrency = 16

# * Query Cache Configuration
query_cache_limit = 2M
query_cache_size  = 256M
query_cache_min_res_unit = 1k

# * Logging and Replication
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
# As of 5.1 you can enable the log at runtime!
#general_log_file        = /var/log/mysql/mysql.log
#general_log             = 1

log_error                = /var/log/mysql/error.log

#server-id = 1
#log_bin = /var/log/mysql/mysql-bin.log
#binlog_do_db = shahbin

#expire_logs_days = 10
#max_binlog_size         = 100M

max_allowed_packet = 16M

#no-auto-rehash # faster start of mysql but no tab completition

key_buffer = 16M

!includedir /etc/mysql/conf.d/

Thursday, 22 January 2015

Send email from your own domain using Zoho and Gmail

Gone the days that Google allowed people to send email as using their gmail account for free. Now you need to buy on of Google app products to do so.
But worry not and don't rush to buy a personalized email solution for your domain!  You still can do that with a little help from Zoho and in  this excellent post in which , Dimitrios Savvopoulos explains how to do that flawlessly. 

We will use a combination of Zoho Mail and Gmail.

Before proceeding with the Zoho setup, we have to own or create a Gmail account. When ready, proceed with creating a Zoho account:


Zoho setup

At the moment of this writing, Zoho offers free email for up to 10 Users, using a custom domain. Visit the zoho registration page and go for the free option:

Then enter your domain name and your personal details:
The zoho account is almost now complete:
Now click "Proceed to verify domain ownership". To verify your domain I suggest adding a TXT record in your DNS settings. Select TXT Method:
Follow the given instructions to add the TXT record to your dns settings. When ready, click the verify button.
Awesome! Now add a user for your email and skip the groups setting. Then, go to the MX Records page. Click "Proceed to Point MX".
You will now have to enter the following mx records to your dns. Also remove all other existing mx records.
We skip the steps about email migration and mobile access. Click "Proceed to Access ZohoMail".
Now, go to your mail inbox and go to the settings. Then select Email forwarding and POP/IMAP and apply the following settings:
As you can see, we are forwarding all our emails to our gmail account. We also delete the copies from the zoho inbox to prevent exceeding the space limit. Since gmail has a bigger size limit, this would be the first one to reach the limit, but we don't want that.
Then we disable the POP Access and enable the IMAP Access.


Gmail settings

We want to use gmail only as a storage medium, therefore we have to configure it to send mail as our domain email.
Open gmail and go to the settings, and then to accounts and import. Select "Add another email address you own" and enter your name and your domain email.
Next, we enter the smtp settings of our zoho account:
And finally, confirm your email address.
If you enabled forwarding from zoho mail already, the confirmation email should be received in your gmail inbox.

Tuesday, 20 January 2015

Simple bash command to convert all tables in a mysql database to utf8

  for t in $(mysql --user=root --password=admin  --database=DBNAME -e "show tables";);
       echo "Altering" $t;
       mysql --user=root --password=admin --database=DBNAME -e "ALTER TABLE $t CONVERT TO CHARACTER SET utf8 COLLATE utf8_unicode_ci;";

Friday, 16 January 2015

Install celery with rabbitmq on Django


After a lot of headaches at lost I found a great video  tutorial by Mike Hibbert on how to install rabbitmq with celery and setup Django to use it . It worked like a charm on Django 1.7 1.8 running on Ubuntu . The server OS is Debian 9.

First install celery on machine (no on virtualhost):

root@vps:~# apt-get  install rabbitmq-server

Then define rabitmq user, password and vhost and set permissions:

root@vps:~# rabbitmqctl add_user djuser djpass

root@vps:~# rabbitmqctl add_vhost /djangovhost

root@vps:~# rabbitmqctl set_permissions -p /djangovhost djuser ".*" ".*" ".*"

Restart the rabbitmq server:

root@vps:~# /etc/init.d/rabbitmq-server stop
[ ok ] Stopping message broker: rabbitmq-server.
root@vps:~# /etc/init.d/rabbitmq-server start
[ ok ] Starting message broker: rabbitmq-server.
Install celery on django virtualenv:

(.djenv)root@vps:/root$ pip install celery  

also add these lines to

#Celery configs
BROKER_VHOST = "/djangovhost"
BROKER_USER = "djuser"
Make a celery execution script:

nano /path/to/django/

Add this script:



# App instance to use

# Where to chdir at start.

# Extra command-line arguments to the worker
CELERYD_OPTS="--time-limit=300 --concurrency=1"

# %n will be replaced with the first part of the nodename.

# Workers should run as an unprivileged user.
#   You need to create this user manually (or you can choose
#   a user/group combination that already exists (e.g., nobody).

# If enabled pid and log directories will be created if missing,
# and owned by the userid/group configured.

export SECRET_KEY="somesecretstring"


Now you need to deamonize the script using systemd

nano /etc/systemd/system/celery.service

Description=Celery  Daemon
User= john
Group= www-data
# Configures the time to wait before service is stopped forcefully.


systemctl enable celery

systemctl start celery

check the status

systemctl status celery

The result should be like:

● celery.service - Celery  Daemon
   Loaded: loaded (/etc/systemd/system/celery.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Thu 2019-08-01 22:30:32 CDT; 33min ago
  Process: 28796 ExecStart=/path/to/django/ (code=exited, status=0/SUCCESS)
 Main PID: 28796 (code=exited, status=0/SUCCESS)

Make sure that the daemon is started

Note: if the damon is not started, you may need to: chomod o+x

Now check if celery is actually handling the queue;

celery -A myapp worker -l info

(.djenv)john@server$ celery -A myapp worker -l info
