chirale

IT and beyond

After a failed restart of the nginx server, you can get this error typing journalctl -xe: nginx: [emerg] open() “/usr/share/nginx/off” failed (13: Permission denied) [SOLVED] This is caused by a misconfiguration of nginx.conf or a conf inside the /etc/nginx/conf.d/ directory where there’s something like: This is the wrong way to disable logs. Nginx is actually …

Continue reading

mdadm is the utility to check and report failures on RAID disks. The usual way this Linux application send its message is a plain old e-mail. In this howto you’ll find the instruction to use an external mail server with mdadm. First, replace sendmail with an external email account. After you’ve configured and tested msmtp …

Continue reading

To use an external SMTP for all system e-mails, you have to install these: Where msmtp-mta transform the external reference in the sendmail command usable by any application using sendmail. In this way you haven’t to install and configure Postfix since you’ll rely on an external SMTP service. Create the config file for msmtp This …

Continue reading

With the General Data Protection Regulation (GDPR) enforced by European Union logs have to be cleaned regularly to delete IP addresses and other information about visitors. This can be interpreted as a way to protect an emerging and discussed right, the right to be forgotten. This new regulation is impacting every automated log system out …

Continue reading

If you get the “Failed to start Authorization manager” while booting a Linux OS (e.g. CentOS) most likely you’ve a SELinux misconfiguration. The main issue is that if you’ve restarted the system, you cannot login since OpenSSH service is not running. If you’ve a virtual server, even the console shipped by your provider is stuck …

Continue reading

Certificates renewal can be difficult to automate leading to errors that will mark the website as “Insecure”. Before continue, ensure you haven’t the /etc/cron.d/certbot file launching: If a crontab appear, you already have an automatic renew enabled via a certbot plugin like nginx or apache (the preferred method) and you shouldn’t do nothing. The following …

Continue reading

In the past it was difficult to get MySQL working on virtualenv without using system packages. Now you can have a real separated environment with simple steps: Follow this guide to install virtualenv using this command: This command will install a new virtualenv inside a new directory myproject created by the command itself. Activate virtualenv: …

Continue reading

HTTPS, encrypt via SSL / TLS

Here how you can get free SSL cerificates using Let’s Encrypt. Forget about the expire of certificates using the auto-renewal script. A complete reference to install a Let’s Encrypt certificate is this Digital Ocean’s howto. Here there’s a quick guide based on it, plus some additional suggestions. Here we go! The following code download the …

Continue reading