Permalinks are broken (not anymore-ish)

Just a quick post to let you now that permalinks are currently broken, most likely because NginX and WP-SuperCache are being funny. And, since I am about to start my exam period, they are going to keep being funny for a while, until I have some time to figure where I derped the config.

In the meantime, the https version should work just fine (good ol’ Apache never lets you down)

I’ll try to fix it as soon as I’m done with the exams, see you then!

Update: After more hours than I’d care to admit fighting with Nginx and WP-SuperCache, I’m just setting a redirect to https, or I’ll end up headbutting my keyboard. And, to be honest, using https by default is not a bad idea.

My “drugs” of choice

So, I’ve made this blog. That’s nice, but what do you know about me? Why am I writing about debian, tomcat and minecraft?

I though I’ll give you, dear reader, a little information about myself, and about the software that I use on a daily basis (and I think that speaks volumes about me). So…

I use Debian Testing for my personal laptop, a Lenovo Z500. I have dual boot with Windows 8.1, mostly for gaming, and mostly unused, since the games I’m playing lately are available on Linux (to be honest, I mostly play minecraft :-P). I choose Gnome-Shell as desktop environment, and Bumblebee for the dual graphics cards support.

For web browsing, I use mostly Iceweasel, with a couple of add-ons, like firebug and AdBlockPlus. I also have Chromium, so I can test a different web browser whenever I’m doing web development. I have Calibre to manage the ebooks in my Kindle, Gedit for text editing, and Latexila and LibreOffice to edit complex documents (Although, If you are planning on sending me any document, please read this first!). I use Inkscape and Gimp for image editing, and Openshot for video editing, and I watch those videos (and many more!) in vlc.

At my workplace, I also have Debian, but with KDE. In that PC, I use Eclipse and maven for java development, Pycharm and Kate for python, Kile for latex, and Vim for pretty much every other thing. I also use git and github for version control. Finally, I use Apache, Apache Tomcat, MariaDB, and some of its modules (like mod_wsgi) for the deployment of most of our work, on a couple of Ubuntu virtual servers.

This blog is hosted on a VPS running CentOS 7, using nginx, Apache, php and MariaDB, as well as WordPress. My minecraft server is hosted in a different VPS with Debian stable.

Finally, I have a fairphone running android (I considered CyanogenMod, but I’ve put that on hold).

And I think that sums it up pretty well. What do you think? 😉

PD: Also, coffee. Lots of the stuff.

Using pahimar’s forgecraft script on a minecraft server

I play minecraft. A lot. And so, some time ago I decided to setup a server on a VPS to play modded with some friends, and when looking on setting up the server, I came across with Pahimar’s Forgecraft script. Okay, less “came across” and more “hear about in a stream”. But eitherway, let’s get going.

Prerequisites

You will need a debian-like server with java installed, as well as a copy of the minecraft server, either moded or vanilla

 

Installing the init script

So, the init script looks something like this:

(Due to the script beeing rather large, I’ve moved it to github: https://gist.github.com/amardomingo/a509ba6fca844922b808 )

You will need to change the relevant variables in the header. Set the username to run the server jar, the folder where the server lives,  the backups folder and the java home to your java installation.

Then, just save the script in /etc/init.d/ and enable it:

root@host:~# update-rc.d minecraft defaults

 
And you are good to go.

Setting the check server

As you may have notice, in Pahimar’s repo there is a java class called “CheckServer”. This class is responsible for keeping tabs on the server, and restarting it, in the case it would not respond to any command. So, in the previous init script, you should have set the CHECKSERVER variable to where the java class is. Build it, and it’s done:

root@host:/opt/minecraft/monitor/CheckServer#javac CheckServer.java

 

Setting up the backups

Finally, the script includes a backup method using rdiff-backup. Just add the command to the crontab, with whatever frecuency you want the backups. I chose 1 hour:

# Minecraft backups every hour
0 * * * * /etc/init.d/mc170 backup >>/opt/minecraft/backup.log 2>&1

 

Food for though

  •  There are a lot of Java Options there. For a normal minecraft server It should suffice with just the memory options.
  • The CheckServer script may work better in other language, like python or bash, where you don’t need to compile it.

Deploying Apache Solr 4 on Tomcat 8

For the last week or so, I’ve been struggling with the deployment of Apache Solr on an existing Tomcat 7 installation. That instance of tomcat was running LMF, which proved to be incompatible with Solr. So, I needed a fresh Tomcat installation, and I decided to go with Tomcat 8. So, let’s get going:

Prerequisites and considerations:

I’ve donde this on a Debian-like system, but this should be pretty similar in other platforms. I’m assuming there is already an instance of Apache 2 running, with mod_rewrite, mod_ssl, mod_proxy and mod_ proxy_html, as well as Tomcat 8 up and running, with it’s own user. I’ll assume tomcat lives in /opt/tomcat8

Warning: I’m NOT an expert with Tomcat not solr, so I’m keeping the deployment simple. You may want to toy around with the locations, libraries and so.

Deploying solr on tomcat:

Once you have decided where you want Solr to live, download the tgz from their site, and unpack them. I usually install them on /opt, although a more standard approach will imply using /usr/local, or something similar. So:

root@host:~# cd /opt
root@host:/opt# wget http://apache.rediris.es/lucene/solr/4.10.2/solr-4.10.2.tgz
root@host:/opt# tar xvf solr-4.10.2.tgz
root@host:/opt# mv solr-4.10.2 solr

Keep in mind, Rediris was the best mirror for me, you should use whatever is best for you.

First, you will need to copy some libraries into the tomcat installation:

root@host:/opt# cp solr/example/lib/ext/* /opt/tomcat8/lib

Now, in the solr folder there should be a .war inside the dist folder. That’s the war you need to deploy in tomcat. For convenience, I’ve renamed that war simply to solr.war. Now, create the file conf/Catalina/localhost/solr.xml in your favourite text editor:

<?xml version='1.0' encoding='utf-8'?>
<Context docBase="/opt/solr/dist/solr.war " debug="0" crossContext="true">
    <Environment name="solr/home" type="java.lang.String" value="/opt/solr/example/solr" override="true"/>
</Context>

Make sure the /opt/solr folder is accesible for the tomcat user:

root@host:/opt# chown -R tomcat8:tomcat solr

And restart tomcat.

With this, you should be able to point a browser to host:8080/solr, and access the solr interface. Now, let’s make it a little bit more secure, shall we?

Limiting access to localhost:

To limit the access for localhost, edit the conf/Catalina/localhost/solr.xml and add a RemoteHostValve:

<?xml version='1.0' encoding='utf-8'?>
<Context docBase="/opt/tomcat8/webapps/solr.war " debug="0" crossContext="true">
    <Environment name="solr/home" type="java.lang.String" value="/opt/solr/example/solr" override="true"/>
    <Valve className="org.apache.catalina.valves.RemoteHostValve" allow="0:0:0:0:0:0:0:1|::1|127\.0\.0\.1|localhost|host"/>
</Context>

Once you restart tomcat, you should NOT be able to access the solr interface from any remote host.

Accessing the solr manager through Apache:

We want solr to only be accessible from the host, but we also want to access the manager remotely. So, we will use Apache for that. First, add a Redirect to the standard virtual host, to make sure all connections use HTTPS:

    Redirect /solr https://host/solr

Now, in the ssl virtualhost, we want to setup a proxy using Apache auth. In this example, we are using mod_auth_external, but a basic authentication system should work as well:

    RewriteRule ^/solr$ /solr/ [R]
    ProxyPass /solr/ http://localhost:8080/solr/
    ProxyPassReverse /solr/ http://localhost:8080/solr/
    
    <Location /solr>
        Authtype Basic
        AuthBasicProvider external
        AuthExternal pwauth_auth
        AuthName "Solr server"
        AuthzUnixgroup on
        AuthzUnixgroupAuthoritative off
        Require group admin
    </Location>

(change the 8080 port for whatever port your tomcat uses)
Reload the Apache config, and you should be good to go 🙂

Food for thought

  • Tomcat has it’s own user-control capabilities. Will it be better to use those?
  • For simplicity, we are using the solr “example” installation. A production deployment should be careful to use only what it needs.
  • Since I am running this on the same machine with self-signed certificates, I don’t use https between tomcat and Apache, although it will provably be better from a security point of view.

Fell free to share your opinion about this on the comments!

First post!

As the title states, this is the first post in this blog. So, a little bit of background.

I’m a Spanish engineering student, at the “Universidad PolitĂŠnica de Madrid”, and I’m currently finishing my telecommunications engineering degree, and working on my master’s thesis, at the Intelligent Systems Group.

I’m setting up this blog for an online class about Free Software, and to do so I’ve chosen to host it in a VPS running CentOS 7, as well as NginX, Apache and MariaDB. (It’s been more difficult than expected!). I have also chosen to write in English rather than Spanish mostly to try to polish my writing skills, specially since I’ll be writing my master’s thesis soon™.

Anyway, I hope you like the blog. I’ll probably be playing around with the theme, the plugins, and so on.

Read you around!