I’ve been running a Code Club at a school only a few miles away from where I work for 5 weeks now and I’ve been thoroughly enjoying it. Although it does a good job of challenging for ‘busiest hour’ of my week award each time.
As the children had already done some scratch (namely “Whack-a-Witch”) in year 5 we decided to jump straight into the Level 2 projects provided by Code Club. Starting with the Fish Chomp one which the children completed in the first two weeks without any major hiccups. We then moved onto the fruit machine, this provided a fair bit of amusement with the images changing too fast to be able to tell what they were and similar. The main parts the children found challenging were:
- The event broadcasting
- The large nested conditional statement at the end of the project (to determine if the player had won).
- Scoping of variables (using “For this sprite only” for some variables and “For all sprites” for others.)
About half the group advanced onto the “What’s that” project and faced some of the same complications.
If you’re using my bash script to create new nginx vhosts (with php-fpm support) you may also require an easy way to remove old vhosts you no longer need (along with all the configs associated with the vhost). I’ve put together this very simple bash script to automate the process:
# @author: Seb Dangerfield
# Created: 02/12/2012
# Modify the following to match your system
if [ -z $1 ]; then
echo "No domain name given"
# check the domain is valid!
if [[ "$DOMAIN" =~ $PATTERN ]]; then
DOMAIN=`echo $DOMAIN | tr '[A-Z]' '[a-z]'`
echo "Removing vhost for:" $DOMAIN
echo "invalid domain name"
echo "What is the username for this site?"
# Remove the user and their home directory
userdel -rf $USERNAME
# Delete the users group from the system
# Delete the virtual host config
rm -f $NGINX_CONFIG/$DOMAIN.conf
rm -f $NGINX_SITES_ENABLED/$DOMAIN.conf
# Delete the php-fpm config
rm -f $FPMCONF
echo -e "\nSite removed for $DOMAIN"
How to use it:
Please note that because it deletes the users home directory all users files will be deleted, so if you want to keep a copy of the files as a backup do this before running the script.
Simply copy the script from above into a new file called something like remove_php_site.sh. If your not using Debian/Ubuntu or have modified the default directories and users for PHP and Nginx then you will need to change the paths and Nginx user at the top of the script to match your system. You will need to change the permissions on the remove_php_site.sh file to make it executable (if it isn’t already):
chmod u+x remove_php_site.sh
Then run the remove_php_site.sh script passing to it the domain name as the only parameter.
It will then prompt you for the linux username used for this site and once that has been provided it will delete all the files related to that site and restart Nginx and PHP-FPM.
Please note this fix should also work on Fedora, CentOS and Redhat linux distros if you are seeing the NSS error -8023 when using CURL and PHP.
At work we came up against this odd error message from Amazon Web Services(AWS) SDK for PHP when using the SDK in a forked process on the AWS built AMI:
PHP Fatal error: Uncaught exception 'cURL_Exception' with message 'cURL resource: Resource id #50; cURL error: SSL connect error (cURL error code 35). See http://curl.haxx.se/libcurl/c/libcurl-errors.html for an explanation of error codes.' in /usr/share/pear/AWSSDKforPHP/lib/requestcore/requestcore.class.php:829
#0 /usr/share/pear/AWSSDKforPHP/sdk.class.php(1035): RequestCore->send_request()
#1 /usr/share/pear/AWSSDKforPHP/services/swf.class.php(1305): CFRuntime->authenticate('TerminateWorkfl...', Array)
#2 ....php(189): AmazonSWF->terminate_workflow_execution(Array)
#3 ....php(83): daemon->checkSWFExecutions()
#4 ....php(350): daemon->run()
thrown in /usr/share/pear/AWSSDKforPHP/lib/requestcore/requestcore.class.php on line 829
Now, cURL error 35 means “A problem occurred somewhere in the SSL/TLS handshake. You really want the error buffer and read the message there as it pinpoints the problem slightly more. Could be certificates (file formats, paths, permissions), passwords, and others.” which is a bit vague and didn’t really help. After setting the CURLOPT_VERBOSE flag in the AWS SDK for PHP we were able to see the real error message:
NSS error -8023
Using worker pools in PHP-FPM can allow you to easily separate out and isolate virtual hosts that make use of PHP. PHP-FPM allows you to run multiple pools of processes all spawned from the master one and each pool can run as a different user and/or group. Each pool can be further isolated by running in a chroot environment and by overriding the default php.ini values on a per pool basis.
Running PHP for each vhost under a different user/group can help to stop a vulnerability in one site potentially exposing another vhost, it can also stop one malicious owner of a vhost from been able to use PHP to access the files of another site owned by someone else on the same server (in a shared hosting environment).
The process of setting up the web server config and a new PHP-FPM pool for each new vhost on a server can become a rather time consuming and boring process. However as this process follows a fairly standard set of steps it can be easily scripted.
If you want a simple lightweight tool to monitor the network traffic in and out of your server vnstat might be just what you need. It keeps hourly, daily and monthly records and provides simple estimates of your expected use, it is also easy to link up to a web based frontend for fancy charts and reporting.
Installing and configuring vnstat is very simple, firstly install using your standard package manager, for example:
Then tell vnstat to create a database for the network interfaces you want to listen to (e.g. eth0):
That’s it, wait a few minutes then run vnstat to view a simple console display of the amount of traffic that has traveled though all the interfaces you’re monitoring:
eth0 since 01/22/12
rx: 177.59 MiB tx: 7.78 MiB total: 185.37 MiB
rx | tx | total | avg. rate
Jan '12 177.59 MiB | 7.78 MiB | 185.37 MiB | 0.59 kbit/s
estimated 183 MiB | 7 MiB | 190 MiB |
rx | tx | total | avg. rate
yesterday 12.53 MiB | 1.36 MiB | 13.89 MiB | 1.32 kbit/s
today 8.28 MiB | 127 KiB | 8.40 MiB | 0.88 kbit/s
estimated -- | -- | -- |
You can also get vnstat to dump its output in a programming friendly format (semicolon delimited):
If you do want a nicer looking interface or one that doesn’t require shell access have a look at: vnstat PHP frontend
If you need a bandwidth monitoring solution that records the utilization of individual protocols instead of just received and transmitted traffic then have a look at bandwidthd
This post should help you get a basic syslog server and client(s) up and running in a virtual environment, It will take you through the implementation of a reasonably secure (using rsyslog’s TLS authentication) yet flexible setup useful to most virtual based server architectures I will assume if you’re reading this that you know what syslog is and what it’s used for. (if not have a quick Google then come back)
Why Setup a Centralized Syslog Server
- For convenience – If you for instance have a large number of web servers and you need to diagnose a problem on one of them (maybe not sure which one) you only have to check in one place, if you wanted to compile some statistics from all of them or check if they had all successfully completed a software upgrade.
- For added security – If someone hacks into one of your servers they will probably try and cover their tracks by erasing any log records created by there presence, however if your logs are also sent to another (hardened) server then the logs will still be available to sysadmins.
- Another very useful reason which only really applies to virtual servers is to help retain the log files from a terminated server (e.g. shut-down due to decreased demand on your application).
As promised a few times now I have finally got round to modifying the code slightly to remove any Symfony dependencies (Although there might still be some).
This download has been created using version 0.5.0 of the Symfony plugin. An example PHP page “example.php” has been added under the web directory to show the required JS scripts and a quick example of creating a chart using it. More details can be found here: http://www.symfony-project.org/plugins/sdInteractiveChartPlugin