Summer Nights

Let's make the world a better place using digital technologies!

Setting up pre-existing ssh key in Mac

    • cd ~
    • mkdir .ssh; chmod 700 ~/.ssh
    • Copy your keys as and id_rsa (or add them to existing files)
    • chmod 600 ~/.ssh/id_rsa
    • chmod 644 ~/.ssh/
Continue Reading
Continue Reading

Solr:8 using Docker on Ubuntu 19.10 and Dovecot 2.3.x

This has become really simple using dockers and the newer versions since I wrote the old guide on this subject some time ago.

Get and run dockered version of solr like this:

docker pull solr

Then create a folder where solr will save config and data files. This will serve as a host mounted folder for the container. For example:

mkdir /var/solr

Change the owner to solr for this:

chown 8983:8983 /var/solrd

Now run the solr through this command line:

docker run -v "/var/solrd:/var/solr" -p YOUR_SOLR_PORT:8983 --name mysolr solr:8 solr-precreate dovecot

Once solr is running, the host directory will be filled with default config files for the dovecot core. We need to go in there and follow the steps on this page. More specifically:

Delete both managed-schema and solrconfig.xml under /var/solrd/data/dovecot/conf folder.
Copy solr-config-7.7.0.xml and solr-schema-7.7.0.xml to the above folder as solrconfig.xml and schema.xml. Ensure proper filer owner (see above).
Stop the docker image: docker stop mysolr
Restart the docker image to have the changes take effect:

docker start mysolr

That’s it. The dovecot configuration remains as I described in one of my previous posts here.

Continue Reading

iTunes on Windows Doesn’t Play Tracks / Keeps Skipping

There are several solutions that are proposed:

  1. De-Authorize / Authroize your PC
  2. Sign-Out / Sign-In into your iTunes
  3. De-Authroize All PC / Authorize your PC
  4. Remove and clean install iTunes

None of the above worked for me. What worked was described here.

Essentially you need to open %programdata% and under Apple Computer/iTunes folder, delete SC Info and adi folders.

That’d be all.

Continue Reading

Securing Confluence with Letsencrypt Certificate

The whole proess can be summarized as:

  1. Create an entry in the apache site configuration file.
  2. Get a new Letsencrypt certificate for the subdomain.
  3. Update Tomcat server.xml with appropriate connector information.

As the first step, create an entry in the sites-enabled folder in the appropriate sites file:

<VirtualHost *:443>
        DocumentRoot /var/www/
        ProxyPreserveHost On 
        ProxyPass /.well-known !
        ProxyPass /
        ProxyPassReverse /

        Include   /etc/path-to/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/path-to/letsencrypt/live/
 SSLCertificateKeyFile /etc/path-to/letsencrypt/live/

Now create a new certificate by using following commands:

First list all the existing certificates:

certbot certificates

Now expand the certificates by adding the new subdomain (

certbot --expand -d,,

Now edit confluence conf file, normally found to be here:

emacs /opt/atlassian/confluence/conf/server.xml

And comment/uncomment appropriate connector, updating:

scheme="https" secure="true" proxyName="" proxyPort="443"/>

That’s all. Restart apache and confluence and you should be able to access a secure confluencce with the added benefit that the certificate will be auto-renewed alongwith other certificates via certbot cron job.

Continue Reading

Useful Docker Commands

  • docker pull image_name
  • docker create ….. (create container from image)
  • docker run …. (create container and run from image)
  • docker ps -a (list all container, including stopped)
  • docker inspect container_name (provide information on the container)
  • docker images (list all images)
  • docker rm container_name (delete container)
  • docker start container_name (start/resume container)
  • docker stop container_name  (stop container)
  • docker rmi image_name (delete image)
  • docker exec -it container_name bash (connect to running conatiner_name container and jump to a bash shell)

Continue Reading

Fixing Unwanted Linux System Suspend Caused by gdm / lightdm

After upgrading to a newer Ubuntu, I found myself facing automatic system suspend events (look at /var/log/syslog) every 20 or 30 minutes. Here is how to fix them:

sudo -H -u lightdm dbus-launch --exit-with-session dbus-launch gsettings set com.canonical.unity-greeter idle-timeout 0

sudo -H -u lightdm dbus-launch --exit-with-session dbus-launch gsettings set org.gnome.settings-daemon.plugins.power lid-close-ac-action nothing

sudo -H -u lightdm dbus-launch --exit-with-session dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout 0

sudo -H -u lightdm dbus-launch --exit-with-session dbus-launch gsettings set org.gnome.settings-daemon.plugins.power time-low 0


You might want to look at the power settings first which can be shown by:

sudo -H -u lightdm dbus-launch --exit-with-session gsettings list-recursively org.gnome.settings-daemon.plugins.power

If needed, login to the lightdm user by:

su lightdm -s /bin/bash


Continue Reading

Replacing Hard Disk on Linux Server and Expanding Partitions

Not frequently but once in a while you would need to replace your “troubling” hard disk with a new shiny one. In order to keep all your mapping intact, you would like to use the same UUIDs and even the partition map. But as the new hard disk is generally a larger size, it makes sense to expand the main partition to the end of the drive. So here are some commands to do this job.

First make a copy of the existing partition table:

sfdisk -d /dev/sda > sda.dump

Now shutdown the computer, remove the old disk, and install the new disk. After booting, copy the partition table to the new disk.

sfdisk /dev/sda < sda.dump

Now open parted and expand the last partition through the end of the available space

parted /dev/sda
..print (to see the table)
..resizepart (use the end figure from the table to expand to the end)

Format the newly created partitions.

mkfs.ext4 /dev/sda1
mkfs.ext4 /dev/sda2

Everything should be alright now but if needed, you can also manually apply the UUIDs.

tune2fs /dev/sda1 -U xxxxe50b-89d4-xxxx-8d8e-e6c4d547xxxx
tune2fs /dev/sda2 -U xxxxae63-xxxx-4054-b55d-b52f751xxxxx

Continue Reading

Simple URL Monitor and Mobile Push Notifications using Pushover

Often we would like to monitor the online status of one or more websites or urls in order to be able to fix any issues as soon as a problem arises. I created the following simple mechanism to probe a list of url’s and send push notifications in case of an error.

#!/usr/bin/env python3

# Script to check url health and send push notifications using pushover servrice
# License: MIT License 
# Date: 20180213, 12:06 CET

import urllib.request
import http.client, urllib
import sys
sitelist = {
  'http://site1url/' : 'site1 label',
  'http://site2url/' : 'site2 label', }
for x in sitelist:
  statuslive = 0
    url = urllib.request.urlopen(x)
    code = url.getcode()
    if (code == 200):
      statuslive = 1
    statuslive = 0
  if (statuslive == 0):
    conn = http.client.HTTPSConnection("")
    conn.request("POST", "/1/messages.json", urllib.parse.urlencode({
    "token": "your application token",
    "user": "your user key", "
    message": "Site down: " + sitelist[x], }), { "Content-type": "application/x-www-form-urlencoded" })

Ideally, you would run this script on a different server than the site you would like to monitor. A account will be needed to get your token and key. In addition, you would need to install the pushover app on your iOS or Android device to get the notifications.

Tested and works great for a simple URL monitoring and getting notifications about website crashes, etc.!

You need to add this script as a cronjob using crontab tool and run it on regular intervals (e.g., every 5 minutes) to check the urls.

Continue Reading

Managing Repeat Offender in OSSEC

In ossec.conf:


where 60, 120, 1440 indicate minutes banned after first, second, and third offense. Adapt these values to your taste.

Continue Reading