Par un détour à Yoda

mardi, décembre 21 2021

Icinga2: monitor apache or nginx configuration

Icinga2 can check various things using nagios-style scripts.

It can also run specific commands, as far as they provide the required return code.

When dealing with automated upgrades or multiple users managing different parts of apache or nginx configuration files, it's best to check if the overall configuration is still correct.

Icinga2 can periodically checks for apache2ctl -t / nginx -t, and warns if anything is wrong.

It requires new commands. One for apache and one for nginx.

For apache2:

object CheckCommand "Apache check command" {
    import "plugin-check-command"
    command = "/usr/bin/sudo /usr/sbin/apache2ctl -t || exit 2"
}

For nginx:

object CheckCommand "Nginx check command" {
    import "plugin-check-command"
    command = "/usr/bin/sudo /usr/sbin/nginx -t || exit 2"
}

If using Icinga director, make sure to enable the "Render as string" option.

Sudo rules to allow icinga2 to run as root those commands, assuming icinga2 runs as nagios user:

nagios ALL=(root) NOPASSWD: /usr/sbin/apache2ctl -t
nagios ALL=(root) NOPASSWD: /usr/sbin/nginx -t

Once done, create a service on required hosts. If anything goes wrong, you'll know why !

icinga-apache-config-service.png, déc. 2021

apache configuration is not ok, déc. 2021

mardi, août 24 2021

icinga2: Config validation failed for staged cluster config sync in '/var/lib/icinga2/api/zones-stage/'

In an Icinga2 master + satellite + director setup, configuration are first pushed on every master and satellites, then the configuration is checked against the current configuration on each node. Sometimes, the satellite (or master) may yield the warning message : critical/ApiListener: Config […]

mercredi, décembre 4 2013

rsyncing two hard drives on two servers

The current situation: I have two servers at online.net. I have to transfer all the datas from one server to another.

Let's rsync all that.

dimanche, août 21 2011

Symfony2 and Doctrine: Print sql queries in a Command

For debugging purposes, it's sometimes usefull to print the queries executed by a Symfony2 Command. Here is my tiny piece of code to do it. protected function execute(InputInterface $input, OutputInterface $output) { // your code here // printing sql queries $logger = […]

vendredi, mai 20 2011

vmware 7.1.4 and linux-2.6.38

Since few kernels, vmware won't compile, or at least the vmnet driver won't compile. CC [M] /tmp/vmware-root/modules/vmnet-only/driver.o /tmp/vmware-root/modules/vmnet-only/driver.c: In function ‘VNetFileOpUnlockedIoctl’: /tmp/vmware-root/modules/vmnet-only/driver.c:1137: error: implicit declaration […]

samedi, mai 7 2011

[Symfony] Coupling sfDoctrineGuardPlugin and fail2ban

Recently I created a quite sensible application using symfony 1.4. As many people, I chose sfDoctrineGuardPlugin as authentication/password recovery/account managing system. But even with this piece of software, you are still vulnerable to bruteforce attacks.

I though of hacking sfDoctrineGuardPlugin's code to create some rules and attack detections. But those systems are quite tricky to create and calibrate. It must not be too aggressive nor too permissive. I wanted something that can bail out someone after $some tries in a $certain time. That implied that I would have to record every try with the current time, and calculate a ratio within which a user can login or not. I seemed simple, then it got too complicated.

samedi, février 26 2011

Configuration de Xen sur une machine dedibox

Le tableau Mon exemple se compose d'une machine Dedibox Pro R210. Il s'agit d'une machine avec un octo-proc Xeon L3426 à 1.87GHz. Ne vous laissez pas avoir par « si peu » de GigaHertz, ces machines n'ont rien à voir avec des processeurs milieu de gamme type i5/i7. Elle comporte 16Go de ram DDR ECC. […]

lundi, juillet 19 2010

Symfony - Doctrine: Use a fully UTF8 database

First, edit your config/databases.yml and add : [yml] all: doctrine: class: sfDoctrineDatabase param: dsn: mysql:socket=/var/run/mysqld/mysqld.sock;dbname=mydb username: mydb password: mypassword encoding: utf8 attributes: default_table_collate: utf8_unicode_ci default_table_charset: utf8 Then open […]

mardi, avril 6 2010

Doctrine: Howto bypass the SoftDelete behaviour

For one of my projects I have to check if a record already exists in my database, deleted or not. The preDqlSelect looks like this : /** * Implement preDqlSelect() hook and add the deleted flag to all queries for which this model * is being used in. * * @param Doctrine_Event $event * @return void */ […]

vendredi, mars 19 2010

Notify: New release of the aMSN plugin

A new release of the Notify plugin for aMSN is now available. You can download it on http://www.amsn-project.net/plugins.... Changelog: Fix UTF8 detection, thanks to bardo Version 1.5 […]

jeudi, février 4 2010

PHP bench: isset vs array_key_exists

I tested the rapidity of isset vs array_key_exists. I always thougt that array_key_exists would be the winner ... Here is my script : ┌─(yoda@ev5)(14:25:29) └─(~/var/www/test)-> cat isset_array-key-exists.php #!/usr/bin/php <?php define('N', "\n"); error_reporting(E_ALL | […]

PHP bench: count + for vs foreach vs while

I tested different loops. Here is my test script : ┌─(yoda@ev5)(14:32:05) └─(~/var/www/test)-> cat for_foreach_while.php #!/usr/bin/php <?php define('N', "\n"); error_reporting(E_ALL | E_NOTICE); $nbLoop = 10000; $testArray = array_fill(0, 500, 'toto'); $time = array(); […]

mercredi, février 3 2010

Symfony: Validate fields depending of another field (update 2010-02-23)

It's possible, when validating a form, to check if a field is correct dependently of an other field's value. First, in your configure method, after the declaration of your validators, add : $this->validatorSchema->setPostValidator( new sfValidatorCallback( array('callback' => array($this, […]

mercredi, janvier 20 2010

Symfony: change the default type of your primary keys

Hey, yes it's possible to change the default type of your primary keys with a simple configuration Open your config/databases.yml. It should looks like this : [yml] # You can find more information about this file on the symfony website: # http://www.symfony-project.org/reference/1_4/en/07-Databases […]

mercredi, décembre 2 2009

Symfony, tasks and return values

In symfony, it's possible to return a value in your execute() method. Let's create a test task : ┌─(yoda@box)(09:46:59) └─(~/var/www/test)-> ./symfony generate:task test >> task Creating "/home/yoda/var/www/test.../testTask.class.php" task file Adding a return value at the end of […]

lundi, novembre 30 2009

[Symfony] Overwrite a value in a form

It happen sometimes that you have to set/override a value within a form but without using a hidden field (that can be overridden) Here is a short solution to set the user id in the object we are going to save. Let's say that we have an object PersonnalData linked to the sfGuardUserProfile In your […]

[Symfony] Load an sql dump within a task

I recently had a problem when loading fixtures in my symfony project. I was loading cities, about 37 000 of them, and the doctrine:data-load was extremly slow (about 5 minutes). I finally found a solution to load an sql dump wihtin a task, using the doctrine/default connection. With this solution, I […]

mardi, août 4 2009

[PHP] Pensez à STDClass

Il arrive souvent qu'on ai besoin de retourner plusieurs informations distinctes dans une fonction ou une méthode. La plupart du temps, il suffit de retourner un tableau indexé de manière intelligente. class CSS { public function getDeclaration($pDeclaration) { list($key, $value) = explode(':', […]

mercredi, juillet 29 2009

Asus 1005HA-H and Debian

I recently recevied my new Asus eee1005HA-H bough on Materiel.net. Everything seemed fine as there was a Debian project supporting the eee-s. But unfortunately the current installer couldn't support networking devices.

samedi, juillet 11 2009

My first plugin for symfony

Hey, I just uploaded my first plugin for symfony ! This plugin is a simple wrapper for a jQuery Carousel found at http://sorgalla.com/projects/jcarousel/