dl

David Lundgren

Web Developer & Systems Administrator

Allow NFS through OS X High Sierra firewall for Host-Only networks

I recently upgraded to High Sierra, and as a security conscious individual, I then enabled the system firewall by visiting System Preferences > Security & Privacy > Firewall, and clicking Turn on the Firewall. This is a great way for users to begin protecting their computer when connected to random networks. However, this falls short when you are a developer and using NFS to share code in your host-only networks.

Continue reading

Large file upload size issues

Lately I’ve been working on a project to help share my virtualbox vagrant’s privately. This is a very simple clone of the vagrant-cloud API that interacts with Packer & Vagrant. As part of this process, Packer uploads the artifacts it creates, and this became a problem in my dev environment. Between Nginx & Apache there are a few differences in how file uploads are configured, both defaults and in general.

Continue reading

The allure of static proxies

Several weeks ago I started playing with Laravel. Primarily because several colleagues are using it, and have suggested that I take a look at it. During my time reviewing how to build a view template I came across references to Html, Form, View and other static calls. Initially I was not impressed due to the use of so many static calls. I have come to an understanding about how static calls in certain circumstances can actually enhance code readability.

Continue reading

Ansible “Authentication or permission failure.”

I recently upgraded some servers, and on reboot I ran into the peculiar condition where I received the following warning:

fatal: [user] => Authentication or permission failure. In some cases, you
 may have been able to authenticate and did not have permissions on the remote
 directory. Consider changing the remote temp path in ansible.cfg to a path
 rooted in "/tmp". Failed command was: mkdir -p
 $HOME/.ansible/tmp/ansible-tmp-1401973086.25-185293296215162 && echo
 $HOME/.ansible/tmp/ansible-tmp-1401973086.25-185293296215162, exited with
 result 1

I followed the instructions I found on Changing Ansible Temporary Directory, as it has worked for many others. I had to turn on verbose logging but I still couldn’t see the issue. After running the command manually I got the following error

mkdir: cannot create directory '.ansible': Disk quota exceeded`

Basically, when I restarted my servers the grpquota and usrquota commands in /etc/fstab took effect. I’m not sure why they were on as we have restarted these servers on other occasions and they were not there. While I have these servers scheduled for a restart, to remove the quotas, and add noatime, I’ve simply turned off the quotas using quotaoff /

Cleaning up Ansible task formatting

I’ve been using Ansible for the last several years, and I’ve used YAML just as long. Yet a lot of playbooks and tasks for Ansible are often horribly formatted. This causes anger within me, so I want to let others know, that there is a better way.

“Use the YAML, Ansible Writers”

YAML may not be as expressive as other formats, however, as authors of roles and tasks for Ansible we can do better at formatting so that they are readable.

Example of hard to read
[sourcecode language=”plain”]

– name: download file
get_url: url=https://raw.githubusercontent.com/some/path/some.file dest=/usr/local/share/some.file

– name: update permissions
file: path=/usr/local/share/some.file mode="0644"
[/sourcecode]

Example of a more readable version of the above.

[sourcecode language=”plain”]

– name: download file
get_url:
url: https://raw.githubusercontent.com/some/path/some.file
dest: /usr/local/share/some.file

– name: update permissions
file:
path: /usr/local/share/some.file
mode: "0644"
[/sourcecode]

It’s easier to change change /usr/local/share/some.file into "{{ download_file_dest }}" because you don’t have parse the entire line and scroll over in your HEAD!

Could not generate DH keypair on “Add composer dependency” in PhpStorm

If you are like me and you run an older version of OS X, Mavericks in my case, it means that you may run into the problem with PhpStorm that you can’t use composer. It seems like you are stuck in this rut. Well, I’m going to put this here mainly for my own memory, and in the hopes that it brings someone else luck in getting PhpStorm working correctly.

https://youtrack.jetbrains.com/issue/WI-27354#comment=27-999854

pure-authd external script failing

I have a PHP script handling authentication for pure-authd, and the problem is that it fails. After a reboot it is still failing. If I log in, restart it manually and monitor the log files, it works. As soon as I log out it fails!

I’ve come to the conclusion that pure-authd doesn’t properly daemonize, and detach from the controlling terminal. PHP was actually using fsockopen to another server and it stopped being able to use DNS because I logged out of the shell.

I ended up switching to the IP of the server. While this is not the ideal solution, it works because internally the IP is a reserved DHCP address for the server, and we shouldn’t be updating the server any time soon.

Updating your shell paths on OS X

By David Lundgren | Reply | Tags: ,

Because I forget that ~/bin isn’t on my path, I am placing this here because I also search the internet all the time. Hopefully I’ll remember I put this here:

echo "export PATH=$PATH:~/bin" >> ~/.profile

Leaving the LPi Development Team

It’s never easy leaving a great team. The last three years have been full of growth for me, both mentally and professionally. In those years I have been given the chance to integrate Phing as our deployment automation tool, learn more about coffee (thanks Eric!) and begin the path of mentoring without being completely condescending. I’ve worked on projects that handled geo-spatial searching in MySQL [FYI: you want to use this UDF for distance calculations as it is order of magnitudes faster], to those that help manage church websites. Those who know me, would have asked why I chose to work at LPi given it’s religious affiliations, it’s about the code, and the chance to work on stuff that a large group of people will actually use!

I will miss the team, but by embracing the changes in our life we learn to move forward. IT is full of change anyway, staying static means certain death. Some LPi competitors are learning this the hard way, and I still look forward to seeing them either being acquired or leaving LPi’s market.

Next Page »