├── .DS_Store
├── .gitconfig
├── .github
    ├── semantic.yml
    └── workflows
    │   └── commitlint.yml
├── .tmux.conf
├── .zshrc
├── Init_script_(LSB)_compatibility_checks.sh
├── README.md
├── all_chroot_losetup-lukshome.sh
├── ceph.conf
├── cephaio.sh
├── corosync.conf.sh
├── deploy-juju-lxc.sh
├── fastcgi-wrapper
├── firewalling
├── garbd
├── haproxy-hot-reconfiguration.sh
├── iterm-profile.itermcolors
├── keys
├── my.cnf
├── mysqld_multi.sh
├── mysqld_multi_init.sh
├── name-of-archive.tar.gz
├── nginx.conf
├── perl-fcgi
├── php-fpm.conf
├── php.ini
├── pidof.sh
├── proftpd.conf
├── purgeance.sh
├── reset-mysql-root-passwd.sh
├── sshd_config
├── sync-usblive.sh
├── tls.conf
├── tmux.conf
├── uquick
├── varnish
├── vimrc
├── website.conf
├── website.vcl
├── www.conf
└── xcache.ini


/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/leseb/Scripts/6763bccb34a99c2f7fd58016375fc59923123c21/.DS_Store


--------------------------------------------------------------------------------
/.gitconfig:
--------------------------------------------------------------------------------
 1 | [user]
 2 | 	name = Sébastien Han
 3 | 	email = seb@redhat.com
 4 | 	signingkey = /Users/leseb/.ssh/id_rsa
 5 | [push]
 6 | 	default = simple
 7 | 	autoSetupRemote = true
 8 | [color]
 9 |    ui = auto
10 | [color "diff"]
11 |    whitespace = red reverse bold
12 |    meta = white blue
13 | [alias]
14 |       lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)%Creset' --abbrev-commit
15 |       wdiff = diff --word-diff
16 |       staged = diff --staged
17 |       prom = pull --rebase origin master
18 |       pr = !"pr() { git fetch origin pull/$1/head:pr-$1; }; pr"
19 | 	fpush = push
20 | [http]
21 | 	sslVerify = true
22 | [commit]
23 |   verbose = true
24 | 	cleanup = scissors
25 | 	gpgSign = true
26 | [core]
27 | 	editor = /usr/bin/vim
28 | 	excludesfile = /Users/leseb/.gitignore_global
29 | [rerere]
30 | 	enabled = true
31 | [help]
32 | 	autocorrect = immediate
33 | [diff]
34 | 	algorithm = histogram
35 | 	colorMoved = default
36 | [gpg]
37 | 	format = ssh
38 | 


--------------------------------------------------------------------------------
/.github/semantic.yml:
--------------------------------------------------------------------------------
 1 | # Always validate the PR title AND all the commits
 2 | titleAndCommits: true
 3 | # By default types specified in commitizen/conventional-commit-types is used.
 4 | # See: https://github.com/commitizen/conventional-commit-types/blob/v2.2.0/index.json
 5 | # You can override the valid types
 6 | types:
 7 |   - feat
 8 |   - fix
 9 |   - docs
10 |   - style
11 |   - refactor
12 |   - perf
13 |   - test
14 |   - build
15 |   - ci
16 |   - chore
17 |   - revert
18 | 


--------------------------------------------------------------------------------
/.github/workflows/commitlint.yml:
--------------------------------------------------------------------------------
 1 | name: Commitlint
 2 | on: [pull_request]
 3 | 
 4 | jobs:
 5 |   lint:
 6 |     runs-on: ubuntu-latest
 7 |     env:
 8 |       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 9 |     steps:
10 |       - uses: actions/checkout@v2
11 |         with:
12 |           fetch-depth: 0
13 |       - uses: wagoid/commitlint-github-action@v1
14 | 


--------------------------------------------------------------------------------
/.tmux.conf:
--------------------------------------------------------------------------------
 1 | # ~/.tmux.conf
 2 | 
 3 | # Use Q as prefix magic key
 4 | unbind C-b
 5 | set -g prefix C-q
 6 | 
 7 | # Detach with 'D' instead of 'd'
 8 | bind-key D detach
 9 | 
10 | # No automatic rename
11 | set-option -g allow-rename off
12 | set-window-option -g automatic-rename off # don't rename window with shell name (+ iTerm)
13 | set-option -g history-limit 10000 # increase scrollback buffer size
14 | 
15 | # More colors!
16 | set -g default-terminal "screen-256color"
17 | 
18 | # super useful when using "grouped sessions" and multi-monitor setup
19 | setw -g aggressive-resize on
20 | 
21 | # re-number windows when exiting one
22 | set-option -g renumber-windows on
23 | 
24 | # Status bar
25 | set -g status-right-length 80
26 | set -g status-right "#(/usr/local/bin/tmux-online) #[fg=brightmagenta]| #(/usr/local/bin/battery -p -t)#[fg=brightmagenta]| #(osx-cpu) #[fg=brightmagenta]| #[fg=green][%d.%m.%y] #[fg=brightmagenta]| #[fg=green][%H:%M] "
27 | set -g status-fg white
28 | set -g status-bg colour234
29 | set -g status-left ' 💩  '
30 | 
31 | # Window status
32 | set -g window-status-activity-attr bold
33 | set -g pane-border-fg colour245
34 | set -g pane-active-border-fg brightcyan
35 | set -g message-fg colour16
36 | set -g message-bg colour221
37 | set -g window-status-current-format "#[bg=brightmagenta]#[fg=colour8] #F #I:#[fg=colour234,bg=brightcyan]#[fg=black,bg=brightcyan,noreverse] #W #[fg=brightcyan,bg=colour234]"
38 | set -g status-interval 5
39 | setw -g window-status-format "#[fg=brightcyan]#I#[fg=white]:#W"
40 | 
41 | # Reload tmux config
42 | bind r source-file ~/.tmux.conf
43 | 
44 | # Move windows
45 | bind . command-prompt -p "Move window to position:" "move-window -t '%%'"
46 | 
47 | # Don't kill the pane with ctrlk D
48 | set-environment -g 'IGNOREEOF' 2
49 | 
50 | # Sync panes!
51 | bind o setw synchronize-panes on
52 | bind O setw synchronize-panes off
53 | 
54 | # Preserve current path for split and new windows
55 | bind-key c new-window -c "#{pane_current_path}"
56 | bind-key % split-window -h -c "#{pane_current_path}"
57 | bind-key '"' split-window -v -c "#{pane_current_path}"
58 | 
59 | # Vim key mode
60 | setw -g mode-keys vi
61 | 
62 | # Resize pane with the mouse, but you lose copy/paste...
63 | # set -g mouse on
64 | 
65 | # enable pbcopy/pbpaste on tmux
66 | set-option -g default-command "reattach-to-user-namespace -l zsh"
67 | 
68 | # List of plugins
69 | # Supports `github_username/repo` or full git repo URLs
70 | set -g @tpm_plugins '              \
71 |   tmux-plugins/tpm                 \
72 |   tmux-plugins/tmux-resurrect    \
73 |   tmux-plugins/tmux-continuum    \
74 |   tmux-plugins/tmux-sidebar    \
75 | '
76 | 
77 | # Auto resurrect me!
78 | set -g @continuum-restore 'on'
79 | set -g @continuum-save-interval '30'
80 | 
81 | # Resurrect me!
82 | set -g @resurrect-capture-pane-contents 'on'
83 | set -g @resurrect-save-bash-history 'on'
84 | set -g @resurrect-save 'S'
85 | set -g @resurrect-restore 'R'
86 | 
87 | # Initializes TMUX plugin manager.
88 | # Keep this line at the very bottom of tmux.conf.
89 | run-shell '~/.tmux/plugins/tpm/tpm'
90 | 


--------------------------------------------------------------------------------
/.zshrc:
--------------------------------------------------------------------------------
  1 | export LC_ALL=en_US.UTF-8
  2 | 
  3 | # Initn starship
  4 | eval "$(starship init zsh)"
  5 | 
  6 | # Activate brew
  7 | eval "$(/opt/homebrew/bin/brew shellenv)"
  8 | 
  9 | # Set the directory we want to store zinit and plugins
 10 | ZINIT_HOME="${XDG_DATA_HOME:-${HOME}/.local/share}/zinit/zinit.git"
 11 | 
 12 | # Download Zinit, if it's not there yet
 13 | if [ ! -d "$ZINIT_HOME" ]; then
 14 |    mkdir -p "$(dirname $ZINIT_HOME)"
 15 |    git clone https://github.com/zdharma-continuum/zinit.git "$ZINIT_HOME"
 16 | fi
 17 | 
 18 | # Source/Load zinit
 19 | source "${ZINIT_HOME}/zinit.zsh"
 20 | 
 21 | # Add in zsh plugins
 22 | zinit light zsh-users/zsh-syntax-highlighting
 23 | zinit light zsh-users/zsh-completions
 24 | zinit light zsh-users/zsh-autosuggestions
 25 | zinit light Aloxaf/fzf-tab
 26 | 
 27 | # Completion styling
 28 | zstyle ':completion:*' matcher-list 'm:{a-z}={A-Za-z}'
 29 | zstyle ':completion:*' list-colors "${(s.:.)LS_COLORS}"
 30 | zstyle ':completion:*' menu no
 31 | zstyle ':fzf-tab:complete:cd:*' fzf-preview 'ls --color $realpath'
 32 | 
 33 | # Accept auto-suugestion with esp (currently remapped with capslock)
 34 | bindkey '^[' autosuggest-accept
 35 | 
 36 | # Load completions
 37 | autoload -Uz compinit
 38 | compinit
 39 | 
 40 | # If you come from bash you might have to change your $PATH.
 41 | export PATH="$(brew --prefix)/opt/gnu-sed/libexec/gnubin:$PATH"
 42 | 
 43 | # Treat comments pasted into the command line as comments, not code.
 44 | setopt INTERACTIVE_COMMENTS
 45 | 
 46 | # History
 47 | HISTSIZE=5000
 48 | HISTFILE=~/.zsh_history
 49 | SAVEHIST=$HISTSIZE
 50 | HISTDUP=erase
 51 | setopt appendhistory
 52 | setopt sharehistory
 53 | setopt hist_ignore_space
 54 | setopt hist_ignore_all_dups
 55 | setopt hist_save_no_dups
 56 | setopt hist_ignore_dups
 57 | setopt hist_find_no_dups
 58 | 
 59 | # Don't treat non-executable files in your $path as commands. This makes sure
 60 | # they don't show up as command completions. Settinig this option can impact
 61 | # performance on older systems, but should not be a problem on modern ones.
 62 | setopt HASH_EXECUTABLES_ONLY
 63 | 
 64 | # Enable ** and *** as shortcuts for **/* and ***/*, respectively.
 65 | # https://zsh.sourceforge.io/Doc/Release/Expansion.html#Recursive-Globbing
 66 | setopt GLOB_STAR_SHORT
 67 | 
 68 | # Alias
 69 | alias ls='ls --color=auto'
 70 | alias ll='ls -la'
 71 | alias key="cat ~/.ssh/id_rsa.pub | pbcopy"
 72 | alias gs="git status"
 73 | alias myip="curl icanhazip.com"
 74 | alias cg="cd $(git rev-parse --show-toplevel &> /dev/null)"
 75 | alias ggrep='git grep'
 76 | alias pasteonline="curl -F 'sprunge=<-' http://sprunge.us"
 77 | alias ss="ssh leseb@tarox"
 78 | alias gc="git commit -s"
 79 | alias gwip="git add -A && git commit -m wip"
 80 | 
 81 | function rr {
 82 |   branch=main
 83 |   if ! git ls-remote --exit-code --heads upstream main; then
 84 |     branch=master
 85 |   fi
 86 | 
 87 |   git fetch --all
 88 |   git pull upstream "$branch" --rebase
 89 | }
 90 | 
 91 | # Functions
 92 | # function gg - Pushes the current branch to the remote, and copies the commits to the clipboard so
 93 | # that they can be pasted into the PR description. TODO: use "gh" to create the PR? But that would
 94 | # overwrite the PR template, which is not ideal.
 95 | function gg {
 96 |   git_push=$(git push -f)
 97 | 
 98 |   # If the push failed, likely the pre-push hook failed
 99 |   if [[ $? -ne 0 ]]; then
100 |     echo "$git_push"
101 |     return 1
102 |   fi
103 | 
104 |   echo "$git_push"
105 | 
106 |   # If the branch is up-to-date, exit
107 |   if [[ "$git_push" == *"Everything up-to-date"* ]]; then
108 |     return 0
109 |   fi
110 | 
111 |   # Format the PR description - only if this is the first time pushing the branch
112 |   branch=main
113 |   if ! git ls-remote --exit-code --heads upstream main; then
114 |     branch=master
115 |   fi
116 |   {
117 |     git log --reverse --oneline upstream/"$branch"..HEAD
118 |     echo
119 |     git log --reverse upstream/"$branch"..HEAD
120 |   } | pbcopy
121 |   # Solution without 'gh' - https://stackoverflow.com/questions/60172766/
122 |   #gh pr view --web
123 | }
124 | 
125 | # Shell integrations
126 | source <(fzf --zsh)
127 | 


--------------------------------------------------------------------------------
/Init_script_(LSB)_compatibility_checks.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | ## Main
 4 | 
 5 | echo "Please select a service to check:"
 6 | read TMP_DAEMON
 7 | DAEMON="/etc/init.d/$TMP_DAEMON"
 8 | if [ -f $DAEMON ]; then
 9 | 	if [[ `$DAEMON status > /dev/null; echo $?` -eq 3 ]]; then
10 |         #check_daemon $TMP_DAEMON
11 | 		$DAEMON start /dev/null
12 | 		CODE=$(echo $?)
13 | 		if [ $CODE -eq 0 ]; then
14 | 			echo -e "START facility in STOPPED state \033[32m[OK]\033[0m"
15 | 		else
16 | 			echo -e "START facility in STOPPED state \033[31m[FAILED]\033[0m, returned $CODE and should return 0"
17 | 		fi
18 | 		$DAEMON status > /dev/null
19 | 			CODE=$(echo $?)
20 |             if [ $CODE -eq 0 ]; then
21 |             	echo -e "STATUS facility in RUNNING state \033[32m[OK]\033[0m"
22 |             else
23 |                 echo -e "STATUS facility in RUNNING state \033[31m[FAILED]\033[0m, returned $CODE and should return 0"
24 |             fi
25 |             $DAEMON start > /dev/null
26 |             CODE=$(echo $?)
27 |             if [ $CODE -eq 0 ]; then
28 |             	echo -e "START facility in RUNNING state \033[32m[OK]\033[0m"
29 |             else
30 |                 echo -e "START facility in RUNNING state \033[31m[FAILED]\033[0m, returned $CODE and should return 0"
31 |             fi
32 |             $DAEMON stop > /dev/null
33 |             CODE=$(echo $?)
34 |             if [ $CODE -eq 0 ]; then
35 |             	echo -e "STOP facility in RUNNING state \033[32m[OK]\033[0m"
36 |             else
37 |                 echo -e "STOP facility in RUNNING state \033[31m[FAILED]\033[0m, returned $CODE and should return 0"
38 |             fi
39 |             $DAEMON status > /dev/null
40 |             CODE=$(echo $?)
41 |             if [ $CODE -eq 3 ]; then
42 |             	echo -e "STATUS facility in STOPPED state \033[32m[OK]\033[0m"
43 |             else
44 |                 echo -e "STATUS facility in STOPPED state \033[31m[FAILED]\033[0m, returned $CODE and should return 3"
45 |             fi
46 |             $DAEMON stop > /dev/null
47 |             CODE=$(echo $?)
48 |             if [ $CODE -eq 0 ]; then
49 |             	echo -e "STOP facility in STOPPED state \033[32m[OK]\033[0m"
50 |             else
51 |                 echo -e "STOP facility in STOPPED state \033[31m[FAILED]\033[0m, returned $CODE and should return 0"
52 |             fi
53 |             $DAEMON status > /dev/null
54 |             CODE=$(echo $?)
55 |             if [ $CODE -eq 3 ]; then
56 |             	echo -e "STATUS facility in FAILED state \033[32m[OK]\033[0m"
57 |             else
58 |                 echo -e "STATUS facility in FAILED state \033[31m[FAILED]\033[0m, returned $CODE and should return an other code than 3"
59 |             fi
60 | 	else
61 | 		echo "The daemon must be stop, please stop it first and relaunch the script..."
62 | 		exit 1 
63 | 	fi
64 | else
65 | 	echo "The daemon does not exist, please provide a valid daemon name and relaunch the script."
66 | 	exit 1
67 | fi
68 | 
69 | echo
70 | echo "For more information, visit the official page: http://www.linux-ha.org/wiki/LSB_Resource_Agents"
71 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Just a bunch of scripts and config files!
2 | 


--------------------------------------------------------------------------------
/all_chroot_losetup-lukshome.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | 
  3 | # This hook was based and adapted from:
  4 | # http://lists.debian.org/debian-live/2009/04/msg00186.html
  5 | # ---------------------------------------------------------
  6 | #
  7 | #
  8 | # NOTE 1: this was not tested with persistent boot option,
  9 | # but it seems logic that persistent and lukshome can't
 10 | # coexist as boot options (because of snapshots and others), so lukshome
 11 | # won't be executed if any persistent option is given on boot.
 12 | #
 13 | # NOTE 2: if using an USB key, it will eventualy end up failing someday.
 14 | # You should backup the encrypted disk image file itself (luks-home.img) to
 15 | # prevent loosing your data.
 16 | #
 17 | # This hook will create 3 files:
 18 | #
 19 | # /usr/local/sbin/create-lukshome-file.sh
 20 | #	script to create an disk file image (luks-home.img) with a
 21 | #	LUKS encrypted ext2 filesystem inside to be placed in a
 22 | #	partition labeled lukshome.
 23 | #
 24 | # /usr/local/sbin/lukshome.sh
 25 | #	detects a partition with lukshome label, updates fstab and crypttab so
 26 | #	the encrypted file is mounted later in a loopback device (/dev/loopX).
 27 | #	It also changes /etc/init.d/umountfs so the encrypted home is correctly
 28 | #	umounted.
 29 | #
 30 | # /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home
 31 | #	a live-initramfs hook to execute lukshome.sh script
 32 | #	in initrd.
 33 | #
 34 | #
 35 | # HOWTO lukshome
 36 | # --------------
 37 | #
 38 | # First build your live system with this hook inside config/chroot_local-hooks/.
 39 | # If you have an existing live-build build directory with a previous live
 40 | # build, you might have to run
 41 | #
 42 | #	lh_clean
 43 | #	lh_clean --stage
 44 | #
 45 | # to make sure this hook is included in the live system. Then (re)build your
 46 | # live system.
 47 | #
 48 | #	lh_build
 49 | #
 50 | # After booting your (re)built live system, setup the encrypted losetup
 51 | # filesystem to be used as /home using the instructions present in the
 52 | # create-lukshome-file.sh script.
 53 | #
 54 | # Reboot and now use the "lukshome" boot option to mount the encrypted /home,
 55 | # like when using "persistent" boot option with a home-rw file in some partition.
 56 | #
 57 | 
 58 | 
 59 | # install needed packages (in case apt recommends are off)
 60 | # make sure that cryptsetup is installed
 61 | echo "I: checking for cryptsetup."
 62 | if [ ! -x /sbin/cryptsetup ]
 63 | then
 64 | 	echo "I: installing cryptsetup."
 65 | 	DEBIAN_FRONTEND="dialog" apt-get install --yes --force-yes -y cryptsetup
 66 | fi
 67 | 
 68 | 
 69 | echo "I: to see how to use lukshome hook run create-lukshome-file.sh as root."
 70 | echo "I: creating script /usr/local/sbin/create-lukshome-file.sh"
 71 | cat > /usr/local/sbin/create-lukshome-file.sh << 'EOF'
 72 | #!/bin/sh
 73 | 
 74 | # This script will create an encrypted filesystem in a file to
 75 | # be used as /home in a live system built with Debian Live Helper with
 76 | # this hook in config/chroot_local-hooks/.
 77 | #
 78 | # The lukshome boot option will do the following:
 79 | #	- search for a partition with label 'lukshome'
 80 | #	  (btw, you can't use the live system partition itself)
 81 | #	- mount the partition as /luks-home in the live system
 82 | #	- open /luks-home/luks-home.img file as a loopback device (/dev/loop)
 83 | #	- open the loopback device with cryptsetup
 84 | #	- mount the encrypted filesystem as /home
 85 | #
 86 | # This script will only create the luks-home.img file. Next are details of how
 87 | # to use this script.
 88 | #
 89 | # CAUTION! THIS CAN WIPE YOUR DATA, backup first!
 90 | # Be sure to understand what you will do, or you can end up
 91 | # wiping disks or partitions you don't want to!
 92 | #
 93 | # Login as root:
 94 | #	$ sudo -i
 95 | #
 96 | # Create a mountpoint (don't use /mnt, it will be used by this script):
 97 | #	# mkdir /media/target
 98 | #
 99 | # !!! ***  Skip the next line if you don't want to wipe a partition  *** !!!
100 | # !!! * Just change the partition label to 'lukshome' (without quotes) * !!!
101 | # Create an ext2 filesystem in a partition with 'lukshome' label:
102 | #	# mkfs.ext2 -L lukshome /dev/the_partition_to_be_used
103 | #
104 | # Mount the partition and cd into it:
105 | #	# mount /dev/the_partition_to_be_used /media/target
106 | #	# cd /media/target
107 | #
108 | # Create the encrypted file:
109 | #	# create-lukshome-file.sh
110 | #
111 | # The script is located in /usr/local/sbin/, so it's in root $PATH.
112 | # It will copy the directories in /home/* into the file.
113 | # Now return to $HOME to be able to umount the target partition:
114 | #	# cd
115 | #
116 | # Umount the target partition:
117 | #	# umount /media/target
118 | #
119 | # Reboot and use the "lukshome" boot option to mount the encrypted /home,
120 | # like in using "persistent" boot option with a home-rw file in some partition.
121 | #
122 | # To use another partition label use the following boot options:
123 | #	lukshome lukspart=partition_label
124 | #
125 | # If you want to use another filename instead of luks-home.img, rename (mv)
126 | # the file and use the following boot options:
127 | #	lukshome luksfile=filename
128 | #
129 | # Both boot options can be used at the same time, but always with lukshome:
130 | #	lukshome lukspart=partition_label luksfile=filename
131 | #
132 | # By default, if just the lukshome boot option is used, the script will
133 | # search for a partition labeled 'lukshome' and a file named 'luks-home.img'.
134 | #
135 | # Press Shift-PgUp/Shift-PgDn to scrool the instructions on the screen.
136 | 
137 | 
138 | # check if root/sudo
139 | if [ "${USER}" != "root" ]
140 | then
141 | 	echo " ** Please run this script as root or with sudo."
142 | 	exit 1
143 | fi
144 | 
145 | # check if /mnt is available and empty
146 | mount | grep "/mnt" > /dev/null
147 | MNT_IS_MOUNTED=${?}
148 | if [ "${MNT_IS_MOUNTED}" == 0 ]
149 | then
150 | 	echo "** ERROR: /mnt is mounted at the moment. Please umount it to use this script."
151 | 	exit 1
152 | fi
153 | if [ "$(ls -A /mnt)" ]
154 | then
155 | 	echo "** ERROR: /mnt is not empty. An empty /mnt is needed to use this script."
156 | 	exit 1
157 | fi
158 | 
159 | # check if /dev/mapper/luks-home is available
160 | if [ -f /dev/mapper/luks-home ]
161 | then
162 | 	echo "** ERROR: /dev/mapper/luks-home is being used at the moment. Please run «cryptsetup remove luks-home» to use this script."
163 | 	exit 1
164 | fi
165 | 
166 | 
167 | # show instructions
168 | echo ""
169 | echo "** Instructions to use create-lukshome-file.sh (this script):"
170 | sed -n '2,64p' /usr/local/sbin/create-lukshome-file.sh | sed 's/^.//'
171 | echo ""
172 | 
173 | 
174 | # proceed?
175 | echo "** Do you want to proceed with this script? (y/N)"
176 | read CONFIRM
177 | 
178 | case "${CONFIRM}" in
179 | 	y*|Y*)
180 | 		echo ""
181 | 	;;
182 | 	*)
183 | 		exit 0
184 | 	;;
185 | esac
186 | 
187 | 
188 | # create file
189 | echo ""
190 | echo "** Please type the size of the file disk image."
191 | echo "Size of the file in MB: "
192 | read FILE_SIZE
193 | 
194 | echo ""
195 | echo "** Creating file luks-home.img."
196 | echo "** Filling file image with /dev/urandom output. It will take some time."
197 | echo "(Edit this script to use /dev/random. It's known to be more secure but "
198 | echo "it will take a *very* long time to complete."
199 | dd if=/dev/urandom of=luks-home.img bs=1M count=${FILE_SIZE}
200 | # To use /dev/random comment the line above and uncomment the next line
201 | #dd if=/dev/random of=luks-home.img ibs=128 obs=128 count=$((8192*${FILE_SIZE}))
202 | # You might have to increase kernel entropy by moving the mouse, typing keyboard,
203 | # make the computer read the disk or use network connections.
204 | echo "** Done."
205 | echo ""
206 | 
207 | # losetup
208 | FREE_LOSETUP=$(losetup -f)
209 | echo "** Using ${FREE_LOSETUP} to open luks-home.img"
210 | losetup ${FREE_LOSETUP} ./luks-home.img
211 | echo "** Done."
212 | echo ""
213 | 
214 | # cryptsetup
215 | echo "** Running cryptsetup."
216 | echo ""
217 | echo "** luksFormat"
218 | cryptsetup luksFormat ${FREE_LOSETUP}
219 | EXIT_CODE=${?}
220 | if [ "${EXIT_CODE}" != 0 ]
221 | then
222 | 	echo "** ERROR: Error while trying to format disk file image."
223 | 	losetup -d ${FREE_LOSETUP}
224 | 	exit 1
225 | fi
226 | echo ""
227 | 
228 | echo "** luksOpen"
229 | cryptsetup luksOpen ${FREE_LOSETUP} luks-home
230 | EXIT_CODE=${?}
231 | if [ "${EXIT_CODE}" != 0 ]
232 | then
233 | 	echo "** ERROR: Error while trying to open LUKS file image."
234 | 	losetup -d ${FREE_LOSETUP}
235 | 	exit 1
236 | fi
237 | echo ""
238 | 
239 | # format encrypted filesystem
240 | echo "** Now formating /dev/mapper/luks-home"
241 | mkfs.ext2 /dev/mapper/luks-home
242 | EXIT_CODE=${?}
243 | if [ "${EXIT_CODE}" != 0 ]
244 | then
245 | 	echo "** ERROR: Error while trying to format LUKS file."
246 | 	cryptsetup remove luks-home
247 | 	losetup -d ${FREE_LOSETUP}
248 | 	exit 1
249 | fi
250 | echo ""
251 | 
252 | # mount in /mnt
253 | echo "** Now mounting luks-home.img in /mnt"
254 | mount /dev/mapper/luks-home /mnt
255 | EXIT_CODE=${?}
256 | if [ "${EXIT_CODE}" != 0 ]
257 | then
258 | 	echo "** ERROR: Error while trying to mount LUKS file in /mnt."
259 | 	umount /mnt
260 | 	cryptsetup remove luks-home
261 | 	losetup -d ${FREE_LOSETUP}
262 | 	exit 1
263 | fi
264 | echo ""
265 | 
266 | # copy files
267 | HOME_DIR="/home/*"
268 | 
269 | echo "** Copying ${HOME_DIR}."
270 | cp -rav ${HOME_DIR} /mnt
271 | EXIT_CODE=${?}
272 | if [ "${EXIT_CODE}" != 0 ]
273 | then
274 | 	echo "** ERROR: Error while trying to copy files to /mnt."
275 | 	umount /mnt
276 | 	cryptsetup remove luks-home
277 | 	losetup -d ${FREE_LOSETUP}
278 | 	exit 1
279 | fi
280 | echo "** Done."
281 | echo ""
282 | 
283 | echo "** All done."
284 | echo "** Closing losetup, cryptsetup and mounted /mnt."
285 | # umount and close
286 | umount /mnt
287 | cryptsetup remove luks-home
288 | losetup -d ${FREE_LOSETUP}
289 | echo "** The disk file image luks-home.img is done and ready. Move it into a partition"
290 | echo "** with 'lukshome' as label and reboot with lukshome boot option to use it."
291 | echo ""
292 | 
293 | EOF
294 | 
295 | chmod 0755 /usr/local/sbin/create-lukshome-file.sh
296 | 
297 | 
298 | 
299 | echo "I: creating script /usr/local/sbin/lukshome.sh"
300 | cat > /usr/local/sbin/lukshome.sh << 'EOF'
301 | #!/bin/sh
302 | 
303 | # this script is to be executed by a hook in live-initramfs. It searches
304 | # for a partition with 'lukshome' label, mounts it as /luks-home, then opens an
305 | # encrypted disk image file called luks-home.img as a loopback device, opens it
306 | # with cryptsetup and finally mounts the present filesystem as /home.
307 | # It also changes /etc/init.d/umountfs to umount the lukshome partition
308 | #  (/luks-home) and clear the loopback device on shutdown.
309 | 
310 | # functions taken from live-helpers
311 | . /usr/share/initramfs-tools/scripts/live-helpers
312 | 
313 | # set default values
314 | LUKSPART="lukshome"
315 | LUKSFILE="luks-home.img"
316 | 
317 | # get boot option lukshome - adapted from live-helpers
318 | for ARGUMENT in $(cat /proc/cmdline)
319 | do
320 | 	case "${ARGUMENT}" in
321 | 		lukshome)
322 | 			LUKSHOME=1
323 | 			;;
324 | 		luksfile=*)
325 | 			LUKSFILE="${ARGUMENT#luksfile=}"
326 | 			LUKSHOME=1
327 | 			;;
328 | 		lukspart=*)
329 | 			LUKSPART="${ARGUMENT#lukspart=}"
330 | 			LUKSHOME=1
331 | 			;;
332 | 
333 | 	esac
334 | done
335 | 
336 | # search for a partition labeled "lukshome" or $LUKSPART
337 | for sysblock in $(echo /sys/block/* | tr ' ' '\n' | grep -v loop | grep -v ram | grep -v fd)
338 | do
339 | 	for dev in $(subdevices "${sysblock}")
340 | 	do
341 | 		devname=$(sys2dev "${dev}")
342 | 		# find partition name and filesystem type
343 | 		if [ "$(/lib/udev/vol_id -l ${devname} 2>/dev/null)" = "${LUKSPART}" ]
344 | 		then
345 | 			# found one partition with correct label
346 | 			CRYPTHOME="${devname}"
347 | 			# don't search further
348 | 			break
349 | 		fi
350 | 	done
351 | 	# if already found, don't search further
352 | 	if [ -n "${CRYPTHOME}" ]
353 | 	then
354 | 		break
355 | 	fi
356 | done
357 | 
358 | # if no partition found, exit
359 | if [ -z "${CRYPTHOME}" ]
360 | then
361 | 	echo "Could not find any partition with ${LUKSPART} label. "
362 | 	echo "Proceeding with no encrypted /home."
363 | 	exit 0
364 | fi
365 | 
366 | # mount partition where file container is
367 | echo "Mounting /luks-home with ${CRYPTHOME}."
368 | mkdir -p /luks-home
369 | mount -t $(get_fstype "${CRYPTHOME}") "${CRYPTHOME}" /luks-home
370 | 
371 | # mount losetup encrypted file
372 | FREE_LOOP="$(/sbin/losetup -f)"
373 | echo "Opening file /luks-home/${LUKSFILE} in ${FREE_LOOP}."
374 | 
375 | if [ -f /luks-home/"${LUKSFILE}" ]
376 | then
377 | 	/sbin/losetup ${FREE_LOOP} /luks-home/"${LUKSFILE}"
378 | 
379 | 	echo "Adding ${FREE_LOOP} home to /etc/crypttab and setting it as /home in /etc/fstab."
380 | 
381 | 	# update crypttab
382 | 	echo "home	${FREE_LOOP}	none	luks,check,timeout" >> /etc/crypttab
383 | 
384 | 	# update fstab
385 | 	echo "/dev/mapper/home	/home	ext2	defaults,noatime	0	0" >> /etc/fstab
386 | else
387 | 	echo "Did not found any file named ${LUKSFILE} in ${CRYPTHOME}!"
388 | 	echo "Proceeding with no encrypted /home."
389 | 	sleep 2
390 | 	umount -r /luks-home
391 | 	exit 0
392 | fi
393 | 
394 | # changes to /etc/init.d/umountfs to make /luks-home being umounted on shutdown
395 | sed -i 's/[\t]do_stop/CHANGE_HERE/' /etc/init.d/umountfs
396 | sed -i 's|CHANGE_HERE|	\
397 | 	# added by lukshome hook -  umount \/luks-home to prevent busy device on shutdown \
398 | 	LOOP_LUKSHOME=$(losetup -a \| grep luks-home \|cut -c 1-10) \
399 | 	if [ -n ${LOOP_LUKSHOME} ] \
400 | 	then \
401 | 		umount -r -d \/home \
402 | 		cryptsetup remove home \
403 | 		losetup -d ${LOOP_LUKSHOME} \
404 | 		umount -r \/luks-home \
405 | 	fi \
406 | \
407 | 	do_stop \
408 | |' /etc/init.d/umountfs
409 | 
410 | EOF
411 | 
412 | chmod 0755 /usr/local/sbin/lukshome.sh
413 | 
414 | 
415 | 
416 | # scripts/live-bottom/13live_luks_home, right after 12fstab
417 | echo "I: creating /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home"
418 | 
419 | cat > /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home << 'EOF'
420 | #!/bin/sh
421 | 
422 | #set -e
423 | 
424 | # initramfs-tools header
425 | 
426 | PREREQ=""
427 | 
428 | prereqs()
429 | {
430 | 	echo "${PREREQ}"
431 | }
432 | 
433 | case "${1}" in
434 | 	prereqs)
435 | 		prereqs
436 | 		exit 0
437 | 		;;
438 | esac
439 | 
440 | . /scripts/live-functions
441 | 
442 | # live-initramfs hook to use an disk image file with encrypted filesystem as /home.
443 | 
444 | log_begin_msg "Executing losetup-lukshome"
445 | 
446 | # get boot option lukshome - adapted from live-helpers
447 | for ARGUMENT in $(cat /proc/cmdline)
448 | do
449 | 	case "${ARGUMENT}" in
450 | 		lukshome)
451 | 			LUKSHOME=1
452 | 			;;
453 | 		luksfile=*)
454 | 			LUKSFILE="${ARGUMENT#luksfile=}"
455 | 			LUKSHOME=1
456 | 			;;
457 | 		lukspart=*)
458 | 			LUKSPART="${ARGUMENT#lukspart=}"
459 | 			LUKSHOME=1
460 | 			;;
461 | 
462 | 	esac
463 | done
464 | 
465 | # don't use persistent* and lukshome
466 | if [ -n "${PERSISTENT}" ] && [  -n "${LUKSHOME}" ]
467 | then
468 | 	echo "You should not use persistent and lukshome at the same time."
469 | 	echo "Skipping lukshome. Persistent medium, if any, will be used instead."
470 | 	log_end_msg
471 | 	exit 0
472 | fi
473 | 
474 | # if no lukshome boot option, exit
475 | if [ -z "${LUKSHOME}" ]
476 | then
477 | 	log_end_msg
478 | 	exit 0
479 | fi
480 | 
481 | log_begin_msg "Executing lukshome.sh script."
482 | 
483 | mount -o bind /sys /root/sys
484 | mount -o bind /proc /root/proc
485 | mount -o bind /dev /root/dev
486 | 
487 | # lukshome.sh detects lukshome partition and file location, mounts it
488 | # and opens the file and then updates fstab and crypttab to use it as /home.
489 | chroot /root /usr/local/sbin/lukshome.sh
490 | 
491 | umount /root/sys
492 | umount /root/proc
493 | umount /root/dev
494 | 
495 | # delete the lukshome.sh script, not needed anymore
496 | # rm -f /root/usr/local/sbin/lukshome.sh
497 | 
498 | log_end_msg
499 | 
500 | EOF
501 | 
502 | chmod 0755 /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home
503 | 
504 | 
505 | 
506 | echo "I: update-initramfs to include 13live_luks_home."
507 | # if you already have installed the update-initramfs.sh hook, you can remove
508 | # this.
509 | 
510 | for KERNEL in /boot/vmlinuz-*
511 | do
512 | 	VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')"
513 | 
514 | 	update-initramfs -k ${VERSION} -t -u
515 | done
516 | 


--------------------------------------------------------------------------------
/ceph.conf:
--------------------------------------------------------------------------------
 1 | ; Ceph conf file!
 2 | ; use semi-colon to put a comment!
 3 | 
 4 | [global]
 5 |     ; enable/disable the auth (disable by default)
 6 |     auth supported = none
 7 |     ;keyring = /etc/ceph/keyring.admin
 8 |     log file = /var/log/ceph/$name.log
 9 | 
10 | ;[mds]
11 |     ;keyring = /etc/ceph/keyring.$name
12 | ;[mds.0]
13 |     ;host = ceph01
14 | 
15 | [osd]
16 |     osd data = /srv/ceph/osd$id
17 |     osd journal = /journals/osd$id/journal
18 |     osd journal size = 2048
19 |     osd class dir = /usr/lib/rados-classes
20 | 
21 |     ;keyring = /etc/ceph/keyring.$name
22 | 
23 |     ;working with ext4
24 |     ;filestore xattr use omap = true
25 | 
26 |     ;solve rbd data corruption, disable by default since 0.48 but good to remember
27 |     filestore fiemap = false
28 | 
29 |     ;run the journal on a tmpfs, disable direct I/O
30 |     journal dio = false
31 | 
32 |     ;debug filestore = 20
33 | 
34 |     ; performance
35 |     osd op threads = 24
36 |     osd disk threads = 24
37 |     filestore op threads = 6
38 |     filestore queue max ops = 24
39 | 
40 |     ; Y U NO DISABLE THIS OPTION BY DEFAULT?
41 |     filestore_flusher = false
42 | 
43 |     ;networking
44 |     cluster network = 192.168.0.0/24
45 |     public network = 10.19.0.0/23
46 | 
47 | [osd.0]
48 |     host = ceph4
49 |     devs = /dev/sdb
50 |     cluster addr = 192.168.0.4
51 |     public addr = 10.19.0.183:6801
52 | [osd.1]
53 |     host = ceph4
54 |     devs = /dev/sdc
55 |     cluster addr = 192.168.0.4
56 |     public addr = 10.19.0.183:6802
57 | [osd.2]
58 |     host = ceph4
59 |     devs = /dev/sdd
60 |     cluster addr = 192.168.0.4
61 |     public addr = 10.19.0.183:6803
62 | [osd.3]
63 |     host = ceph5
64 |     devs = /dev/sdb
65 |     cluster addr = 192.168.0.5
66 |     public addr = 10.19.0.182:6801
67 | 
68 | [mon]
69 |     mon data = /srv/ceph/mon$id
70 |     ; change the default pool size
71 |     ;osd pool default size = 3
72 | [mon.0]
73 |     host = ceph4
74 |     mon addr = 10.19.0.183:6789
75 | [mon.2]
76 |     host = ceph05
77 |     mon addr = 10.19.0.182:6789


--------------------------------------------------------------------------------
/cephaio.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | git clone https://github.com/ceph/ceph-ansible.git
 4 | sed -i '' 's/fsid: /fsid: 4a158d27-f750-41d5-9e7f-26ce4c9d2d45 /' ceph-ansible/group_vars/all
 5 | sed -i '' 's/monitor_secret: /monitor_secret: AQAWqilTCDh7CBAAawXt6kyTgLFCxSvJhTEmuw== /' ceph-ansible/group_vars/mons
 6 | 
 7 | cat > Vagrantfile << EOF
 8 | VAGRANTFILE_API_VERSION = "2"
 9 | 
10 | Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
11 |   config.vm.box = "precise64"
12 |   config.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-i386-vagrant-disk1.box"
13 |   config.vm.define :cephaio do |cephaio|
14 |     cephaio.vm.network :private_network, ip: "192.168.0.2"
15 |     cephaio.vm.host_name = "cephaio"
16 |     (0..2).each do |d|
17 |       cephaio.vm.provider :virtualbox do |vb|
18 |         vb.customize [ "createhd", "--filename", "disk-#{d}", "--size", "1000" ]
19 |         vb.customize [ "storageattach", :id, "--storagectl", "SATA Controller", "--port", 3+d, "--device", 0, "--type", "hdd", "--medium", "disk-#{d}.vdi" ]
20 |         vb.customize [ "modifyvm", :id, "--memory", "512" ]
21 |       end
22 |     end
23 |     config.vm.provision "ansible" do |ansible|
24 |       ansible.playbook = "ceph-ansible/site.yml"
25 |       ansible.groups = {
26 |         "mons" => ["cephaio"],
27 |         "osds" => ["cephaio"],
28 |         "mdss" => ["cephaio"],
29 |         "rgws" => ["cephaio"]
30 |       }
31 |     end
32 |   end
33 | end
34 | EOF
35 | vagrant up
36 | 


--------------------------------------------------------------------------------
/corosync.conf.sh:
--------------------------------------------------------------------------------
  1 | # This is heavily influenced by the corosync.conf man page (based on the original
  2 | # openais.conf man page). It endevours to make some of the explanations more
  3 | # accessible to beginners and to create a working configuration file with all
  4 | # options inline and explained. Please note that errors in this file are mine; 
  5 | # *NOT* of the Corosync or OpenAIS communities in general.
  6 |  
  7 | # To Do:
  8 | # - Better explain the 'logging { logger { } }' subdirective.
  9 | # - Explain the 'event { }' directive.
 10 | #
 11 | # Core ideas needing further explanation:
 12 | # - Totem protocol
 13 | # - Forming a new configuration
 14 | # - token
 15 | # - representative (see the 'hold' variable)
 16 | # - membership protocol
 17 | # - The math behind 'token_retransmit', 'hold' and 'send_join'.
 18 | # - What is the 'merge' default?
 19 | # - Is there a functional difference between "processor" and "node"? Ie: is a
 20 | #   "processor" a specific core in a CPU?
 21 |  
 22 | # In Corosync, this option can be set to define a compatibility level to run at.
 23 | # Currently, the only two values are 'whitetank' and 'none'. The default is
 24 | # 'whitetank', which tells corosync to run compatible with OpenAIS 0.80.x. This
 25 | # will slow things down a bit, but will allow you to run corosync using old
 26 | # openais.conf files.
 27 | compatibility: whitetank
 28 |  
 29 | # Totem Protocol options.
 30 | # Be sure to understand and test the effects of changing values in this 'totem'
 31 | # directive. Generally speaking, the defaults (outside of the 'interface'
 32 | # directive) are sane and usable.
 33 | totem {
 34 | 	# This is the version number of this configuration file's format.
 35 | 	# Unlike 'cluster.conf's 'config_version', this value *does not*
 36 | 	# change. Further, it must always be set to '2'.
 37 | 	version: 2
 38 |  
 39 | 	# When set to 'on', data will be encrypted using sober128 and that
 40 | 	# HMAC/SHA1 is used for authentication. This adds a 36 byes header to
 41 | 	# all totem messages. When enabled, this accounts for 75% of the CPU
 42 | 	# usage used by the aisexec. Further, it will substantially increase
 43 | 	# the CPU requirements of your nodes and will reduce transfer speeds
 44 | 	# a non-trivial amount. For this reason, only enable this when you
 45 | 	# are using an unsecure network and be sure to test to see how much
 46 | 	# overhead it encures so that you can increase hardware resources if
 47 | 	# needed. Please see 'man corosync.conf' for two specific examples of
 48 | 	# performance trade-offs seen when enabling this. The default is 'on'.
 49 | 	secauth: off
 50 |  
 51 | 	# When 'secauth' is 'off', this variable is ignored. When 'secauth' is
 52 | 	# 'on', this defined how many threads may be used for encypting and
 53 | 	# sending multicast messages. A value of '0' disabled multiple threads.
 54 | 	# This is most useful on non-SMP machines. (MADI: why?)
 55 | 	threads: 0
 56 |  
 57 | 	# This is a 32-bit value identifying this node when joining the CLM.
 58 | 	# When using IPv4 addresses, this is an optional argument. When not
 59 | 	# specified, the 'bindnetaddr' IP address specified in the 'interface'
 60 | 	# directive with the 'ringnumber' '0' is used to generate this value.
 61 | 	# However, if the IP address is IPv6, this mechanism can not be used
 62 | 	# and you must manually specify a 'nodeid'. A 'nodeid' of '0' is
 63 | 	# reserved and must not be used.
 64 | 	#nodeid: 10
 65 |  
 66 | 	# This defined the size of the maximum transfer unit in bytes. The
 67 | 	# default is 1500. If you want to use jumbo frames, frames larger than
 68 | 	# 1500, *all* devices in your network *must* also support jumbo frames
 69 | 	# and all hosts must also have their MTU set to the same size defined
 70 | 	# below.
 71 | 	# NOTE 1: Some hardware that claims to support jumbo frames (aka: large
 72 | 	# frames) are actually limited to a max of 4500 or 9000 bytes. If you
 73 | 	# find the network frequently reconfigures when using multicast, you
 74 | 	# probably have hardware that isn't supporting your frame size.
 75 | 	# NOTE 2; Linux adds 18 bytes to the packets generated by totem, so if
 76 | 	# you are having trouble, drop the size of your frames to n-18. For
 77 | 	# example, if you want to use 9000, set this to 8982.
 78 | 	# NOTE 3: The man page describes a scenario where increasing the frame
 79 | 	# size to 9000 (8982) increased throughput from 30MB/s to 60MB/s.
 80 | 	net_mtu: 1500
 81 |  
 82 | 	# This defines what Virtual Synchrony Filter type is used to identify a
 83 | 	# primary component. The prefered and default option is 'ykd' dynamic
 84 | 	# linear voting. This consumes a lot of memory on clusters larger than
 85 | 	# 32 nodes though. If you want to use more than 32 nodes, please see
 86 | 	# the man page for details. If you set this to 'none', then AMF 
 87 | 	# (Availability Management Framework) and DLCK (Distributed LoCKing)
 88 | 	# are not safe to use. Leave this as 'ykd' unless you are sure you need
 89 | 	# to change it.
 90 | 	# Valid options; ykd, none
 91 | 	vfstype: ykd
 92 |  
 93 | 	# This is the number of milliseconds that totem will wait before
 94 | 	# declaring a token to be lost. Once a token loss is declared, the
 95 | 	# configuration will be reformed, which usually takes an additional
 96 | 	# 50 milliseconds. The default is 1000 (1 second).
 97 | 	# MADI: Define 'reforming a new configuration'.
 98 | 	token: 1000
 99 |  
100 | 	# This is the number of times that a token will be retransmitted before
101 | 	# a new configuration is formed. When set, 'token_retransmit' and
102 | 	# 'hold' will automatically be calculated using this and the 'token'
103 | 	# value. The default is '4'.
104 | 	retransmits_before_loss: 4
105 |  
106 | 	# This is the number of milliseconds between re-send attempts when a
107 | 	# token isn't received as expected. In general, do not set this as
108 | 	# corosync will automatically calculate this based on the 'token' value
109 | 	# divided by the 'retransmits_before_loss'. In generaly, this should
110 | 	# be less than the resulting number. For example, with a token of
111 | 	# '1000' divided by the 'retransmits_before_loss' value of '4', the
112 | 	# result is '250', but because this needs to be somewhat less, '238'
113 | 	# is used instead.
114 | 	#token_retransmit: 238
115 |  
116 | 	# This is the number of milliseconds that a token should be held by the
117 | 	# representative when the protocol is under low utilization. This is
118 | 	# automatically calculated using the 'token' and
119 | 	# 'retransmits_before_loss' variables and should not be set ot altered
120 | 	# without fully understanding how this will effect corosync.
121 | 	#hold: 180
122 |  
123 | 	# This tells corosync how long to wait, in milliseconds, for join
124 | 	# messages in the membership protocol.
125 | 	join: 100
126 |  
127 | 	# This variable is a type of flood control that tells a node how long
128 | 	# to wait before sending a join message. Specifically, a node will wait
129 | 	# between '0' and this value before sending to help prevent flooding
130 | 	# the network with join messages on large rings. With clusters under 32
131 | 	# nodes, leave this set to it's default of '0'. With 128 nodes, a value
132 | 	# of '80' milliseconds is sane.
133 | 	send_join: 0
134 |  
135 | 	# This is the timeout in milliseconds that corosync will wait for
136 | 	# consensus to be achieved before starting a new round of membership
137 | 	# configuration. The default is '200'.
138 | 	consensus: 200
139 |  
140 | 	# This is the amount of time, in milliseconds, that corosync will wait
141 | 	# before checking if an interface is back up after it has gone down.
142 | 	# The default is '1000'.
143 | 	downcheck: 1000
144 |  
145 | 	# This constant is the number of times that the token can be passed
146 | 	# without any expected messages before a new configuration is formed.
147 | 	# The default is '50'.
148 | 	fail_to_recv_const: 50
149 |  
150 | 	# When multicast traffic stops, this tells corosync how long, in
151 | 	# milliseconds, to wait before checking for a partition. The default is
152 | 	# '200'.
153 | 	merge: 200
154 |  
155 | 	# This constant defines how many times the token can be passed without
156 | 	# and multicast traffic before the 'merge' detection timeout starts.
157 | 	# The default is '30'.
158 | 	seqno_unchanged_const: 30
159 |  
160 | 	# This constant sets the number of messages that a given node may send
161 | 	# on one pass of the token. If all nodes perform equally well, this can
162 | 	# be set to a high number, like 300. However, if your cluster has a
163 | 	# large number of nodes, this could induce latency. If you have 16 or
164 | 	# more nodes, you should set this to the default of '50'. If, however,
165 | 	# one or more nodes are slower than the rest, this should be set to no
166 | 	# more than 256000/netmtu (ie: 256000/9000 = 28.4, so '25' is good).
167 | 	# This will avoid overflowing the kernel's transmit buffers. Should
168 | 	# this happen, there will be retransmit notices in the notification log
169 | 	# file and performance will suffer.
170 | 	window_size: 300
171 |  
172 | 	# MADI: How is this different from 'window_size'?
173 | 	# This constant sets the maximum number of messages that may be sent by
174 | 	# node on receipt of the of the token. This is limited to 256000/netmtu
175 | 	# (ie: 256000/9000 = 28.4, so '25' is good). This is to prevent
176 | 	# overflowing the kernel's transmit buffers. The default is 17.
177 | 	max_messages: 25
178 |  
179 | 	### Redundant Ring Protocol options are below. These are ignored if
180 | 	### only one 'interface' directive is defined.
181 |  
182 | 	# This is used to control how the Redundant Ring Protocol is used. If
183 | 	# you only have one 'interface' directive, the default is 'none'. If
184 | 	# you have two, then please set 'active' or 'passive'. The trade off
185 | 	# is that, when the network is degraded, 'active' provides lower
186 | 	# latency from transmit to delivery and 'passive' may nearly double the
187 | 	# speed of the totem protocol when not CPU bound.
188 | 	# Valid options: none, active, passive.
189 | 	rrp_mode: passive
190 |  
191 | 	# The next three variables are relevant depending on which mode 
192 | 	# 'rrp_mode' is set to. Both modes use 'rrp_problem_count_threshold'
193 | 	# but only 'active' uses 'rrp_problem_count_timeout' and 
194 | 	# 'rrp_token_expired_timeout'.
195 | 	# 
196 | 	# - In 'active' mode:
197 | 	# If a token doesn't arrive in 'rrp_token_expired_timeout' milliseconds
198 | 	# an internal counter called 'problem_count' is incremented by 1. If a
199 | 	# token arrives within 'rrp_problem_count_timeout' however, the
200 | 	# internal decreases by '1'. If the internal counter equals or exceeds
201 | 	# the 'rrp_problem_count_threshold' at any time, the effected interface
202 | 	# will be flagged as faulty and it will no longer be used.
203 | 	# 
204 | 	# - In 'passive' mode:
205 | 	# The two interfaces have internal counters called 'token_recv_count'
206 | 	# and 'mcast_recv_count' that are incremented by 1 each time a token
207 | 	# or multicast message is received, respectively. These counts for each
208 | 	# interface is counted and if the counts should differ by more than
209 | 	# 'rrp_problem_count_threshold', then the interface with the lower
210 | 	# count is flagged as faulty and it will no longer be used.
211 | 	# 
212 | 	# If an interface is flagged as faulty, an administrator will need to
213 | 	# manually re-enable it.
214 |  
215 | 	# The default problem count timeout is '1000' milliseconds.
216 | 	rrp_problem_count_timeout: 1000
217 |  
218 | 	# The default problem count threshold is '20'.
219 | 	rrp_problem_count_threshold: 20
220 |  
221 | 	# This is the time in milliseconds to wait before incrementing the
222 | 	# internal problem counter. Normally, this variable is automatically
223 | 	# calculated by corosync and, thus, should not be defined here without
224 | 	# fully understanding the effects of doing so.
225 | 	# 
226 | 	# In short; The should always be at least 'rrp_problem_count_timeout'
227 | 	# minus 50 milliseconds with the result being divided by 
228 | 	# 'rrp_problem_count_threshold' or else a reconfiguration can occur.
229 | 	# Using the default values then, the default is (1000 - 50)/20=47.5,
230 | 	# rounded down to '47'.
231 | 	#rrp_token_expired_timeout: 47
232 |  
233 | 	### Below here are the optional Heartbeat Mechanism options.
234 |  
235 | 	# Setting this to a non-0 value switches from token passing to network
236 | 	# heartbeat as the failure detection mechanism. This reduces the time
237 | 	# needed to detect a failure, but increases the chance that a fault
238 | 	# will be declared when none exists. The reason for this is that 
239 | 	# heartbeat uses the network and, if the network is lossy, heartbeat
240 | 	# packets could be lost. To that end, this setting tells corosync how
241 | 	# many heartbeat failures are allowed before a fault is declared. This
242 | 	# should only be used on networks where improved fault response time is
243 | 	# needed *and* the network is fast and reliable. The default is '0',
244 | 	# thus disabling this feature.
245 | 	#heartbeat_failures_allowed: 0
246 |  
247 | 	# This is the approximate delay on between transmitting and receiving
248 | 	# of heartbeat packets on your network. This should be determined by
249 | 	# the network engineer. Do not adjust this setting without fully
250 | 	# understanding the impact of your change. The default is '50'.
251 | 	max_network_delay: 50
252 |  
253 | 	### Below here are the 'interface' directive(s).
254 |  
255 | 	# At least one 'interface' directive is required within the 'totem'
256 | 	# directive. When two are specified, the one with 'ringnumber' of '0'
257 | 	# is the primary ring and the second with 'ringnumber' of '1' is the
258 | 	# backup ring.
259 | 	interface {
260 | 		# Increment the ring number for each 'interface' directive.
261 | 		ringnumber:  0
262 |  
263 | 		# This must match the subnet of this interface. The final octal
264 | 		# must be '0'. In this case, this directive will bind to the
265 | 		# interface on the 192.168.1.0/24 subnet, so this should be set
266 | 		# to '192.168.1.0'. This can be an IPv6 address, however, you
267 | 		# will be required to set the 'nodeid' in the 'totem' directive
268 | 		# above. Further, there will be no automatic interface
269 | 		# selection within a specified subnet as there is with IPv4.
270 | 		# In this case, the primary ring will be on the interface with
271 | 		# IPs on the 10.0.0.0/24 network (ie: eth1).
272 | 		bindnetaddr: 10.0.0.0
273 |  
274 | 		# This is the multicast address used by Corosync. Avoid the
275 | 		# '224.0.0.0/8' range as that is used for configuration. If you
276 | 		# use an IPv6 address, be sure to specify a 'nodeid' in the 
277 | 		# 'totem' directive above.
278 | 		mcastaddr:   226.94.1.1
279 |  
280 | 		# This is the UDP port used with the multicast address above.
281 | 		mcastport:   5405
282 | 	}
283 |  
284 | 	# This is a second optional, redundant interface directive. If you use
285 | 	# two 'interface' directives, be sure to review the four 'rrp_*'
286 | 	# variables.
287 | 	# Note that two is the maximum number of interface directives.
288 | 	interface {
289 | 		# Increment the ring number for each 'interface' directive.
290 | 		ringnumber:  1
291 | 		# In this case, the backup ring will be on the interface with
292 | 		# IPs on storage network's 10.0.1.0/24 network (ie: eth1).
293 | 		bindnetaddr: 10.0.1.0
294 | 		# MADI: Does this have to be different? How much different?
295 | 		#       Can I just use a different port?
296 | 		mcastaddr:   227.94.1.2
297 | 		# MADI: If this is different, can 'mcastaddr' be the same?
298 | 		mcastport:   5405
299 | 	}
300 | }
301 |  
302 | # This directive controls how Corosync logs it's messages. All variables here
303 | # are optional.
304 | logging {
305 | 	# Setting this to 'on' will replace the logger name in the log entries
306 | 	# with the file and line generating the log entry. The default is
307 | 	# 'off'.
308 | 	fileline: off
309 |  
310 | 	# This controls whether a timestamp is recorded in the log files.
311 | 	# Valid options are 'off' and 'on', with 'off' being the default.
312 | 	timestamp: on
313 |  
314 | 	# This control whether the function name generating the log entry is
315 | 	# recorded or not. Valid options are 'off' and 'on', with 'off' being
316 | 	# the default.
317 | 	function_name: off
318 |  
319 | 	# These three options control where log messages are sent. Logs can be
320 | 	# sent to two or all three. The three options are: 'to_logfile',
321 | 	# 'to_syslog' and 'to_stderr'. All three can either be 'yes' or 'no'.
322 | 	# When set to 'yes', logs are sent to the relative destination. The
323 | 	# default is to write to the syslog and to stderr.
324 |  
325 | 	# This directs output to a file. If set to 'yes', you must set a
326 | 	# 'logfile' argument below. Default is 'no'.
327 | 	to_logfile: yes
328 |  
329 | 	# Default is 'yes'.
330 | 	to_syslog: yes
331 |  
332 | 	# Default is 'yes'.
333 | 	to_stderr: no
334 |  
335 | 	# When 'to_logfile: yes' is set, this is required. It is the full path
336 | 	# and file name to write the logs to.
337 | 	logfile: /var/log/corosync.log
338 |  
339 | 	# Setting this to 'on', the default, generates a lot of debug messages
340 | 	# in the log. It is generally not advised unless you are tracing a
341 | 	# specific bug.
342 | 	debug: off
343 |  
344 | 	# When writing to syslog, this sets the syslog facility to use. Valid
345 | 	# options are:
346 | 	# daemon, local0, local1, local2, local3, local4, local5, local6 and
347 | 	# local7
348 | 	# The default is 'daemon'.
349 | 	syslog_facility: daemon
350 |  
351 | 	# This is an optional directive that controls detailed logging
352 | 	# features. Generally, this is only needed by developers.
353 | 	#logger_subsys {
354 | 		# This specifies the identity logging being specified.
355 | 		# MADI: What?
356 | 		#ident: ?
357 |  
358 | 		# This enables or disables debug log messages for the component
359 | 		# identified above. The default is 'off'.
360 | 		#debug: off
361 |  
362 | 		# This specifies which tags should be logged for this
363 | 		# component. This is only valid when debug is enabled above.
364 | 		# Multiple tags are specified with a pipe (|) as the logical
365 | 		# OR seperator. The default is 'none'.
366 | 		#tags: enter|return|trace1|trace2
367 | 	#}
368 | }
369 |  
370 | # This must exist and be set to disabled if you have openais installed. It's
371 | # safe to include it regardless. AMF is not currently supported.
372 | amf {
373 |         mode: disabled
374 | }


--------------------------------------------------------------------------------
/deploy-juju-lxc.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | echo "Dependencies installation"
 4 | sudo apt-get update && sudo apt-get install libvirt-bin lxc apt-cacher-ng libzookeeper-java zookeeper juju
 5 | if [ $? -eq 1 ] ; then
 6 |         echo "Create a SSH key pair"
 7 |         ssh-keygen -t rsa
 8 |         juju bootstrap 2&1 > /dev/null
 9 | 
10 |         echo "Generate your environment"
11 |         cat > ~/.juju/environement.yaml << EOF
12 |         environments:
13 |                 sample:
14 |                 type: local
15 |                 control-bucket: juju-a14dfae3830142d9ac23c499395c2785999
16 |                 admin-secret: 6608267bbd6b447b8c90934167b2a294999
17 |                 default-series: oneiric
18 |                 juju-origin: distro
19 |                 data-dir: /home/jorge/whatever
20 |         EOF
21 |         echo "Bootstrapping your environement"
22 |         juju bootstrap
23 |         if [ $? -eq 1 ] ; then
24 |                 echo "Deploying Wordpress"
25 |                 juju deploy --repository=/usr/share/doc/juju/exampless local:mysql
26 |                 juju deploy --repository=/usr/share/doc/juju/examples/ local:wordpress
27 |                 juju add-relation wordpress mysql
28 |                 juju expose wordpress
29 |                 if [ $? -eq 1 ] ; then
30 |                         IP_PUBLIC=$(juju status | grep public-address | sed -n '2p' | awk '{print $2}')
31 |                         if [[ ${IP_PUBLIC} ~= (null) ]] ; then
32 |                                 echo "LXC container error, please reboot your machine and re-launch the script."
33 |                         else
34 |                                 echo -e "Installation finished.$\nConfigure your Wordpress here http://$IP_PUBLIC "
35 |                         fi
36 |                 fi
37 |         fi
38 | fi


--------------------------------------------------------------------------------
/fastcgi-wrapper:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/perl
 2 | 
 3 | use FCGI;
 4 | use Socket;
 5 | use POSIX qw(setsid);
 6 | 
 7 | require 'syscall.ph';
 8 | 
 9 | &daemonize;
10 | 
11 | #this keeps the program alive or something after exec'ing perl scripts
12 | END() { } BEGIN() { }
13 | *CORE::GLOBAL::exit = sub { die "fakeexit\nrc=".shift()."\n"; }; 
14 | eval q{exit}; 
15 | if ($@) { 
16 | 	exit unless $@ =~ /^fakeexit/; 
17 | };
18 | 
19 | &main;
20 | 
21 | sub daemonize() {
22 |     chdir '/'                 or die "Can't chdir to /: $!";
23 |     defined(my $pid = fork)   or die "Can't fork: $!";
24 |     exit if $pid;
25 |     setsid                    or die "Can't start a new session: $!";
26 |     umask 0;
27 | }
28 | 
29 | sub main {
30 |         $socket = FCGI::OpenSocket( "127.0.0.1:8999", 10 ); #use IP sockets
31 |         $request = FCGI::Request( \*STDIN, \*STDOUT, \*STDERR, \%req_params, $socket );
32 |         if ($request) { request_loop()};
33 |             FCGI::CloseSocket( $socket );
34 | }
35 | 
36 | sub request_loop {
37 |         while( $request->Accept() >= 0 ) {
38 |             
39 |            #processing any STDIN input from WebServer (for CGI-POST actions)
40 |            $stdin_passthrough ='';
41 |            $req_len = 0 + $req_params{'CONTENT_LENGTH'};
42 |            if (($req_params{'REQUEST_METHOD'} eq 'POST') && ($req_len != 0) ){ 
43 |                 my $bytes_read = 0;
44 |                 while ($bytes_read < $req_len) {
45 |                         my $data = '';
46 |                         my $bytes = read(STDIN, $data, ($req_len - $bytes_read));
47 |                         last if ($bytes == 0 || !defined($bytes));
48 |                         $stdin_passthrough .= $data;
49 |                         $bytes_read += $bytes;
50 |                 }
51 |             }
52 | 
53 |             #running the cgi app
54 |             if ( (-x $req_params{SCRIPT_FILENAME}) &&  #can I execute this?
55 |                  (-s $req_params{SCRIPT_FILENAME}) &&  #Is this file empty?
56 |                  (-r $req_params{SCRIPT_FILENAME})     #can I read this file?
57 |             ){
58 | 		pipe(CHILD_RD, PARENT_WR);
59 | 		my $pid = open(KID_TO_READ, "-|");
60 | 		unless(defined($pid)) {
61 | 			print("Content-type: text/plain\r\n\r\n");
62 |                         print "Error: CGI app returned no output - ";
63 |                         print "Executing $req_params{SCRIPT_FILENAME} failed !\n";
64 | 			next;
65 | 		}
66 | 		if ($pid > 0) {
67 | 			close(CHILD_RD);
68 | 			print PARENT_WR $stdin_passthrough;
69 | 			close(PARENT_WR);
70 | 
71 | 			while(my $s = <KID_TO_READ>) { print $s; }
72 | 			close KID_TO_READ;
73 | 			waitpid($pid, 0);
74 | 		} else {
75 | 	                foreach $key ( keys %req_params){
76 |         	           $ENV{$key} = $req_params{$key};
77 |                 	}
78 |         	        # cd to the script's local directory
79 | 	                if ($req_params{SCRIPT_FILENAME} =~ /^(.*)\/[^\/]+$/) {
80 |                         	chdir $1;
81 |                 	}
82 | 
83 | 			close(PARENT_WR);
84 | 			close(STDIN);
85 | 			#fcntl(CHILD_RD, F_DUPFD, 0);
86 | 			syscall(&SYS_dup2, fileno(CHILD_RD), 0);
87 | 			#open(STDIN, "<&CHILD_RD");
88 | 			exec($req_params{SCRIPT_FILENAME});
89 | 			die("exec failed");
90 | 		}
91 |             } 
92 |             else {
93 |                 print("Content-type: text/plain\r\n\r\n");
94 |                 print "Error: No such CGI app - $req_params{SCRIPT_FILENAME} may not ";
95 |                 print "exist or is not executable by this process.\n";
96 |             }
97 | 
98 |         }
99 | }


--------------------------------------------------------------------------------
/firewalling:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | ### BEGIN INIT INFO
 4 | # Provides: Firewalling rules
 5 | # Required-Start:
 6 | # Required-Stop:
 7 | # Default-Start: 2 3 4 5
 8 | # Default-Stop: 0 1 6
 9 | # Short-Description: deploy iptables on boot
10 | # Description:
11 | ### END INIT INFO
12 | 
13 | IPTABLE=/sbin/iptables
14 | 
15 | IP_GRANTED=XXX.XXX.XXX.XXX
16 | 
17 | # Vider les tables actuelles
18 | $IPTABLE -t filter -F
19 | 
20 | # Vider les règles personnelles
21 | $IPTABLE -t filter -X
22 | 
23 | # Interdire toute connexion entrante et sortante
24 | $IPTABLE -t filter -P INPUT DROP
25 | $IPTABLE -t filter -P FORWARD DROP
26 | $IPTABLE -t filter -P OUTPUT DROP
27 | 
28 | # Ne pas casser les connexions etablies
29 | $IPTABLE -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
30 | $IPTABLE -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
31 | 
32 | # Autoriser loopback
33 | $IPTABLE -t filter -A INPUT -i lo -j ACCEPT
34 | $IPTABLE -t filter -A OUTPUT -o lo -j ACCEPT
35 | 
36 | # ICMP (Ping)
37 | $IPTABLE -t filter -A INPUT -p icmp -j ACCEPT
38 | $IPTABLE -t filter -A OUTPUT -p icmp -j ACCEPT
39 | 
40 | # DNS In/Out
41 | $IPTABLE -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
42 | $IPTABLE -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
43 | $IPTABLE -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
44 | $IPTABLE -t filter -A INPUT -p udp --dport 53 -j ACCEPT
45 | 
46 | # NTP Out
47 | $IPTABLE -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
48 | 
49 | # HTTP + HTTPS Out
50 | $IPTABLE -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
51 | $IPTABLE -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
52 | 
53 | # HTTP + HTTPS In
54 | $IPTABLE -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
55 | $IPTABLE -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
56 | $IPTABLE -t filter -A INPUT -p tcp --dport 8443 -j ACCEPT
57 | 
58 | # FTP Out
59 | $IPTABLE -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
60 | 
61 | # FTP In
62 | $IPTABLE -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
63 | $IPTABLE -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
64 | 
65 | # FTP passive mode
66 | $IPTABLE -t filter -A INPUT -i eth0 -m state --state NEW -p tcp --dport 60000:61000 -j ACCEPT
67 | 
68 | # SVN
69 | $IPTABLES -t filter -A OUTPUT -p tcp --dport 3690 -j ACCEPT
70 | 
71 | # MySQL Query Browser
72 | $IPTBLES -t filter -A INPUT -p tcp --dport 3306 -j ACCEPT
73 | 
74 | # White list SSH
75 | $IPTABLE -N SSH_WHITELIST
76 | $IPTABLE -A SSH_WHITELIST -s $IP_GRANTED -m recent --remove --name SSH -j ACCEPT
77 | 
78 | $IPTABLE -A INPUT -p tcp --dport 5643 -m state --state NEW -m recent --set --name SSH
79 | $IPTABLE -A INPUT -p tcp --dport 5643 -m state --state NEW -j SSH_WHITELIST
80 | 
81 | 


--------------------------------------------------------------------------------
/garbd:
--------------------------------------------------------------------------------
  1 | #!/bin/sh
  2 | #
  3 | #
  4 | # GARBD (Galera Arbitrator)
  5 | #
  6 | # Description:  
  7 | #
  8 | # Authors:      Sébastien Han
  9 | #
 10 | # Support:      codership-team@googlegroups.com
 11 | # License:      Apache Software License (ASL) 2.0
 12 | #
 13 | #
 14 | # See usage() function below for more details ...
 15 | #
 16 | # OCF instance parameters:
 17 | #   OCF_RESKEY_binary
 18 | #   OCF_RESKEY_gcomm_url
 19 | #   OCF_RESKEY_donor_port
 20 | #   OCF_RESKEY_cluster_name
 21 | #   OCF_RESKEY_pid
 22 | #   OCF_RESKEY_additional_parameters
 23 | #######################################################################
 24 | # Initialization:
 25 | 
 26 | : ${OCF_FUNCTIONS_DIR=${OCF_ROOT}/lib/heartbeat}
 27 | . ${OCF_FUNCTIONS_DIR}/ocf-shellfuncs
 28 | 
 29 | #######################################################################
 30 | 
 31 | # Fill in some defaults if no values are specified
 32 | 
 33 | OCF_RESKEY_binary_default="garbd"
 34 | OCF_RESKEY_user_default="garbd"
 35 | OCF_RESKEY_pid_default="$HA_RSCTMP/$OCF_RESOURCE_INSTANCE.pid"
 36 | OCF_RESKEY_donor_port="4567"
 37 | 
 38 | : ${OCF_RESKEY_binary=${OCF_RESKEY_binary_default}}
 39 | : ${OCF_RESKEY_user=${OCF_RESKEY_user_default}}
 40 | : ${OCF_RESKEY_pid=${OCF_RESKEY_pid_default}}
 41 | : ${OCF_RESKEY_donor_port=${OCF_RESKEY_donor_port_default}}
 42 | 
 43 | #######################################################################
 44 | 
 45 | usage() {
 46 |     cat <<UEND
 47 |         usage: $0 (start|stop|validate-all|meta-data|status|monitor)
 48 | 
 49 |         $0 manages a Galera arbitrator (garbd) process as an HA resource 
 50 | 
 51 |         The 'start' operation starts the garbd service.
 52 |         The 'stop' operation stops the garbd service.
 53 |         The 'validate-all' operation reports whether the parameters are valid
 54 |         The 'meta-data' operation reports this RA's meta-data information
 55 |         The 'status' operation reports whether the garbd service is running
 56 |         The 'monitor' operation reports whether the garbd service seems to be working
 57 | 
 58 | UEND
 59 | }
 60 | 
 61 | meta_data() {
 62 |     cat <<END
 63 | <?xml version="1.0"?>
 64 | <!DOCTYPE resource-agent SYSTEM "ra-api-1.dtd">
 65 | <resource-agent name="garbd">
 66 | <version>1.0</version>
 67 | 
 68 | <longdesc lang="en">
 69 | Resource agent for the Galera arbitrator (garbd). http://www.codership.com/wiki/doku.php?id=galera_arbitrator.
 70 | </longdesc>
 71 | <shortdesc lang="en">Manages the Galera arbitrator Service (garbd)</shortdesc>
 72 | <parameters>
 73 | 
 74 | <parameter name="binary" unique="0" required="0">
 75 | <longdesc lang="en">
 76 | Location of the Galera arbitrator binary (garbd)
 77 | </longdesc>
 78 | <shortdesc lang="en">Galera arbitrator binary (garbd)</shortdesc>
 79 | <content type="string" default="${OCF_RESKEY_binary_default}" />
 80 | </parameter>
 81 | 
 82 | <parameter name="user" unique="0" required="1">
 83 | <longdesc lang="en">
 84 | User running Galera arbitrator (garbd) service
 85 | </longdesc>
 86 | <shortdesc lang="en">Galera arbitrator (garbd) user</shortdesc>
 87 | <content type="string" default="${OCF_RESKEY_user_default}" />
 88 | </parameter>
 89 | 
 90 | <parameter name="pid" unique="0" required="0">
 91 | <longdesc lang="en">
 92 | The pid file to use for this Galera arbitrator (garbd) process
 93 | </longdesc>
 94 | <shortdesc lang="en">Galera arbitrator (garbd) pid file</shortdesc>
 95 | <content type="integer" default="${OCF_RESKEY_pid_default}" />
 96 | </parameter>
 97 | 
 98 | <parameter name="donor_port" unique="0" required="1">                                                                                                                                                              
 99 | <longdesc lang="en">                                                                                                                                                                                                      
100 | The listening port number of the donor node.                                                                                                                                    
101 | </longdesc>                                                                                                                                                                                                               
102 | <shortdesc lang="en">Donor listenning port</shortdesc>                                                                                                                                                                      
103 | <content type="integer" default="${OCF_RESKEY_donor_port_default}" />                                                                                                                                              
104 | </parameter>  
105 | 
106 | <parameter name="gcomm_url" unique="0" required="1">                                                                                                                                                              
107 | <longdesc lang="en">                                                                                                                                                                                                      
108 | The gcomm url, ip address of a node member of the cluster                                                                                                                                       
109 | </longdesc>                                                                                                                                                                                                               
110 | <shortdesc lang="en">Donor URL</shortdesc>                                                                                                                                                                      
111 | <content type="string" default="${OCF_RESKEY_gcomm_url_default}" />                                                                                                                                              
112 | </parameter>  
113 | 
114 | <parameter name="cluster_name" unique="0" required="1">                                                                                                                                                              
115 | <longdesc lang="en">                                                                                                                                                                                                      
116 | The name of your galera cluster. SHOW VARIABLES LIKE 'wsrep_cluster_name'; to find out the cluster name.                                                                                                                                 
117 | </longdesc>                                                                                                                                                                                                               
118 | <shortdesc lang="en">Galera cluster name</shortdesc>                                                                                                                                                                      
119 | <content type="string" />                                                                                                                                              
120 | </parameter> 
121 | 
122 | <parameter name="additional_parameters" unique="0" required="0">
123 | <longdesc lang="en">
124 | Additional parameters to pass on to the Galera arbitrator (garbd)
125 | </longdesc>
126 | <shortdesc lang="en">Additional parameters for the Galera arbitrator</shortdesc>
127 | <content type="string" />
128 | </parameter>
129 | 
130 | </parameters>
131 | 
132 | <actions>
133 | <action name="start" timeout="20" />
134 | <action name="stop" timeout="20" />
135 | <action name="status" timeout="20" />
136 | <action name="monitor" timeout="30" interval="20" />
137 | <action name="validate-all" timeout="5" />
138 | <action name="meta-data" timeout="5" />
139 | </actions>
140 | </resource-agent>
141 | END
142 | }
143 | 
144 | #######################################################################
145 | # Functions invoked by resource manager actions
146 | 
147 | garbd_check_port() {
148 | # This function has been taken from the squid RA and improved a bit
149 | # The length of the integer must be 4
150 | # Examples of valid port: "1080", "0080"
151 | # Examples of invalid port: "1080bad", "0", "0000", ""
152 | 
153 |     local int
154 |     local cnt
155 |     
156 |     int="$1"
157 |     cnt=${#int}
158 |     echo $int |egrep -qx '[0-9]+(:[0-9]+)?(,[0-9]+(:[0-9]+)?)*'
159 | 
160 |     if [ $? -ne 0 ] || [ $cnt -ne 4 ]; then
161 |         ocf_log err "Invalid port number: $1"
162 |         exit $OCF_ERR_CONFIGURED
163 |     fi
164 | }
165 | 
166 | garbd_validate() {
167 |     local rc
168 | 
169 |     check_binary $OCF_RESKEY_binary
170 |     check_binary netstat
171 |     garbd_check_port $OCF_RESKEY_donor_port
172 |     
173 |     # A config file on shared storage that is not available
174 |     # during probes is OK.
175 |     if [ ! -f $OCF_RESKEY_config ]; then
176 |         if ! ocf_is_probe; then
177 |             ocf_log err "Config $OCF_RESKEY_config doesn't exist"
178 |             return $OCF_ERR_INSTALLED
179 |         fi
180 |         ocf_log_warn "Config $OCF_RESKEY_config not available during a probe"
181 |     fi
182 | 
183 |     getent passwd $OCF_RESKEY_user >/dev/null 2>&1
184 |     rc=$?
185 |     if [ $rc -ne 0 ]; then
186 |         ocf_log err "User $OCF_RESKEY_user doesn't exist"
187 |         return $OCF_ERR_INSTALLED
188 |     fi
189 | 
190 |     true
191 | }
192 | 
193 | garbd_status() {
194 |     local pid
195 |     local rc
196 | 
197 |     if [ ! -f $OCF_RESKEY_pid ]; then
198 |         ocf_log info "Galera arbitrator (garbd) is not running"
199 |         return $OCF_NOT_RUNNING
200 |     else
201 |         pid=`cat $OCF_RESKEY_pid`
202 |     fi
203 | 
204 |     ocf_run -warn kill -s 0 $pid
205 |     rc=$?
206 |     if [ $rc -eq 0 ]; then
207 |         return $OCF_SUCCESS
208 |     else
209 |         ocf_log info "Old PID file found, but Galera arbitrator (garbd) is not running"
210 |         return $OCF_NOT_RUNNING
211 |     fi
212 | }
213 | 
214 | garbd_monitor() {
215 |     local rc
216 |     local pid
217 |     local garbd_co_check
218 | 
219 |     garbd_status
220 |     rc=$?
221 | 
222 |     # If status returned anything but success, return that immediately
223 |     if [ $rc -ne $OCF_SUCCESS ]; then
224 |         return $rc
225 |     fi
226 | 
227 |     # Check the connections according to the PID.
228 |     # We are sure to hit the garbd process and not other process
229 |     pid=`cat $OCF_RESKEY_pid`
230 |     garbd_co_check=`netstat -punt | grep -s "$OCF_RESKEY_donor_port" | grep -s "$pid" | grep -qs "ESTABLISHED"`
231 |     rc=$?
232 |     if [ $rc -ne 0 ]; then
233 |         ocf_log err "Galera arbitrator is not connected to the database server: $rc"
234 |         return $OCF_NOT_RUNNING
235 |     fi
236 | 
237 |     ocf_log debug "Galera arbitrator (garbd) monitor succeeded"
238 |     return $OCF_SUCCESS
239 | }
240 | 
241 | garbd_start() {
242 |     local rc
243 | 
244 |     garbd_status
245 |     rc=$?
246 |     if [ $rc -eq $OCF_SUCCESS ]; then
247 |         ocf_log info "Galera arbitrator (garbd) already running"
248 |         return $OCF_SUCCESS
249 |     fi
250 | 
251 |     # run the actual garbd daemon. Don't use ocf_run as we're sending the tool's output
252 |     # straight to /dev/null anyway and using ocf_run would break stdout-redirection here.
253 |     su ${OCF_RESKEY_user} -s /bin/sh -c "${OCF_RESKEY_binary} -a gcomm://$OCF_RESKEY_gcomm_url:$OCF_RESKEY_donor_port -g $OCF_RESKEY_cluster_name \
254 |        $OCF_RESKEY_additional_parameters"' >> /dev/null 2>&1 & echo $!' > $OCF_RESKEY_pid
255 | 
256 |     # Spin waiting for the server to come up.
257 |     while true; do
258 |     garbd_monitor
259 |     rc=$?
260 |     [ $rc -eq $OCF_SUCCESS ] && break
261 |     if [ $rc -ne $OCF_NOT_RUNNING ]; then
262 |         ocf_log err "Galera arbitrator (garbd) start failed"
263 |         exit $OCF_ERR_GENERIC
264 |     fi
265 |     sleep 1
266 |     done
267 | 
268 |     ocf_log info "Galera arbitrator (garbd) started"
269 |     return $OCF_SUCCESS
270 | }
271 | 
272 | garbd_stop() {
273 |     local rc
274 |     local pid
275 | 
276 |     garbd_status
277 |     rc=$?
278 |     if [ $rc -eq $OCF_NOT_RUNNING ]; then
279 |         ocf_log info "Galera arbitrator (garbd) already stopped"
280 |         return $OCF_SUCCESS
281 |     fi
282 | 
283 |     # Try SIGTERM
284 |     pid=`cat $OCF_RESKEY_pid`
285 |     ocf_run kill -s TERM $pid
286 |     rc=$?
287 |     if [ $rc -ne 0 ]; then
288 |         ocf_log err "Galera arbitrator (garbd) couldn't be stopped"
289 |         exit $OCF_ERR_GENERIC
290 |     fi
291 | 
292 |     # stop waiting
293 |     shutdown_timeout=15
294 |     if [ -n "$OCF_RESKEY_CRM_meta_timeout" ]; then
295 |         shutdown_timeout=$((($OCF_RESKEY_CRM_meta_timeout/1000)-5))
296 |     fi
297 |     count=0
298 |     while [ $count -lt $shutdown_timeout ]; do
299 |         garbd_status
300 |         rc=$?
301 |         if [ $rc -eq $OCF_NOT_RUNNING ]; then
302 |             break
303 |         fi
304 |         count=`expr $count + 1`
305 |         sleep 1
306 |         ocf_log debug "Galera arbitrator (garbd) still hasn't stopped yet. Waiting ..."
307 |     done
308 | 
309 |     garbd_status
310 |     rc=$?
311 |     if [ $rc -ne $OCF_NOT_RUNNING ]; then
312 |         # SIGTERM didn't help either, try SIGKILL
313 |         ocf_log info "Galera arbitrator (garbd) failed to stop after ${shutdown_timeout}s \
314 |           using SIGTERM. Trying SIGKILL ..."
315 |         ocf_run kill -s KILL $pid
316 |     fi
317 | 
318 |     ocf_log info "Galera arbitrator (garbd) stopped"
319 | 
320 |     rm -f $OCF_RESKEY_pid
321 | 
322 |     return $OCF_SUCCESS
323 | }
324 | 
325 | #######################################################################
326 | 
327 | case "$1" in
328 |   meta-data)    meta_data
329 |                 exit $OCF_SUCCESS;;
330 |   usage|help)   usage
331 |                 exit $OCF_SUCCESS;;
332 | esac
333 | 
334 | # Anything except meta-data and help must pass validation
335 | garbd_validate || exit $?
336 | 
337 | # What kind of method was invoked?
338 | case "$1" in
339 |   start)        garbd_start;;
340 |   stop)         garbd_stop;;
341 |   status)       garbd_status;;
342 |   monitor)      garbd_monitor;;
343 |   validate-all) ;;
344 |   *)            usage
345 |                 exit $OCF_ERR_UNIMPLEMENTED;;
346 | esac
347 | 
348 | 


--------------------------------------------------------------------------------
/haproxy-hot-reconfiguration.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | #A hot reconfiguration script would look like this :
 3 | #Extract from http://haproxy.1wt.eu/download/1.3/doc/architecture.txt
 4 | 
 5 | # save previous state
 6 | mv /etc/haproxy/config /etc/haproxy/config.old
 7 | mv /var/run/haproxy.pid /var/run/haproxy.pid.old
 8 | 
 9 | mv /etc/haproxy/config.new /etc/haproxy/config
10 | kill -TTOU $(cat /var/run/haproxy.pid.old)
11 | if haproxy -p /var/run/haproxy.pid -f /etc/haproxy/config; then
12 |     echo "New instance successfully loaded, stopping previous one."
13 |     kill -USR1 $(cat /var/run/haproxy.pid.old)
14 |     rm -f /var/run/haproxy.pid.old
15 |     exit 1
16 | else
17 |     echo "New instance failed to start, resuming previous one."
18 |     kill -TTIN $(cat /var/run/haproxy.pid.old)
19 |     rm -f /var/run/haproxy.pid
20 |     mv /var/run/haproxy.pid.old /var/run/haproxy.pid
21 |     mv /etc/haproxy/config /etc/haproxy/config.new
22 |     mv /etc/haproxy/config.old /etc/haproxy/config
23 |     exit 0
24 | fi


--------------------------------------------------------------------------------
/iterm-profile.itermcolors:
--------------------------------------------------------------------------------
  1 | {
  2 |   "Ansi 1 Color" : {
  3 |     "Red Component" : 0.7972375154495239,
  4 |     "Color Space" : "Calibrated",
  5 |     "Blue Component" : 0.455497682094574,
  6 |     "Alpha Component" : 1,
  7 |     "Green Component" : 0.2763094305992126
  8 |   },
  9 |   "Tags" : [
 10 | 
 11 |   ],
 12 |   "Ansi 12 Color" : {
 13 |     "Red Component" : 0.2512461245059967,
 14 |     "Color Space" : "Calibrated",
 15 |     "Blue Component" : 0.8057833909988403,
 16 |     "Alpha Component" : 1,
 17 |     "Green Component" : 0.5136294364929199
 18 |   },
 19 |   "Scrollback With Status Bar" : false,
 20 |   "Use Non-ASCII Font" : false,
 21 |   "Bold Color" : {
 22 |     "Red Component" : 0.7154937982559204,
 23 |     "Color Space" : "Calibrated",
 24 |     "Blue Component" : 0.7138569951057434,
 25 |     "Alpha Component" : 1,
 26 |     "Green Component" : 0.328096330165863
 27 |   },
 28 |   "Right Option Key Sends" : 0,
 29 |   "Normal Font" : "Monaco 14",
 30 |   "Set Local Environment Vars" : true,
 31 |   "Rows" : 25,
 32 |   "Default Bookmark" : "No",
 33 |   "Custom Directory" : "No",
 34 |   "Blend" : 0.4470703125,
 35 |   "Ansi 3 Color" : {
 36 |     "Red Component" : 0.6311700344085693,
 37 |     "Color Space" : "Calibrated",
 38 |     "Blue Component" : 0.09130461513996124,
 39 |     "Alpha Component" : 1,
 40 |     "Green Component" : 0.5194652080535889
 41 |   },
 42 |   "Cursor Guide Color" : {
 43 |     "Red Component" : 0.6499999761581421,
 44 |     "Color Space" : "Calibrated",
 45 |     "Blue Component" : 1,
 46 |     "Alpha Component" : 0.25,
 47 |     "Green Component" : 0.9100000262260437
 48 |   },
 49 |   "Non-ASCII Anti Aliased" : true,
 50 |   "Use Bright Bold" : true,
 51 |   "Ansi 10 Color" : {
 52 |     "Red Component" : 0.5876278877258301,
 53 |     "Color Space" : "Calibrated",
 54 |     "Blue Component" : 0.1923319697380066,
 55 |     "Alpha Component" : 1,
 56 |     "Green Component" : 0.9135921597480774
 57 |   },
 58 |   "Ambiguous Double Width" : false,
 59 |   "Jobs to Ignore" : [
 60 |     "rlogin",
 61 |     "ssh",
 62 |     "slogin",
 63 |     "telnet"
 64 |   ],
 65 |   "Ansi 15 Color" : {
 66 |     "Red Component" : 0.8756618499755859,
 67 |     "Color Space" : "Calibrated",
 68 |     "Blue Component" : 0.8756504654884338,
 69 |     "Alpha Component" : 1,
 70 |     "Green Component" : 0.8756355047225952
 71 |   },
 72 |   "Foreground Color" : {
 73 |     "Red Component" : 0.637904167175293,
 74 |     "Color Space" : "Calibrated",
 75 |     "Blue Component" : 0.6378958225250244,
 76 |     "Alpha Component" : 1,
 77 |     "Green Component" : 0.6378850340843201
 78 |   },
 79 |   "Working Directory" : "\/Users\/leseb",
 80 |   "Blinking Cursor" : true,
 81 |   "Disable Window Resizing" : true,
 82 |   "Sync Title" : false,
 83 |   "Prompt Before Closing 2" : false,
 84 |   "BM Growl" : false,
 85 |   "Command" : "",
 86 |   "Description" : "Default",
 87 |   "Mouse Reporting" : true,
 88 |   "Screen" : -1,
 89 |   "Selection Color" : {
 90 |     "Red Component" : 0.2908839285373688,
 91 |     "Color Space" : "Calibrated",
 92 |     "Blue Component" : 0.4024268686771393,
 93 |     "Alpha Component" : 1,
 94 |     "Green Component" : 0.2271198928356171
 95 |   },
 96 |   "Only The Default BG Color Uses Transparency" : true,
 97 |   "Columns" : 80,
 98 |   "Idle Code" : 0,
 99 |   "Ansi 13 Color" : {
100 |     "Red Component" : 0.8255509734153748,
101 |     "Color Space" : "Calibrated",
102 |     "Blue Component" : 0.8345927596092224,
103 |     "Alpha Component" : 1,
104 |     "Green Component" : 0.3463708460330963
105 |   },
106 |   "Custom Command" : "No",
107 |   "ASCII Anti Aliased" : true,
108 |   "Non Ascii Font" : "Monaco 12",
109 |   "Vertical Spacing" : 1,
110 |   "Use Bold Font" : true,
111 |   "Option Key Sends" : 0,
112 |   "Selected Text Color" : {
113 |     "Red Component" : 0.637904167175293,
114 |     "Color Space" : "Calibrated",
115 |     "Blue Component" : 0.6378958225250244,
116 |     "Alpha Component" : 1,
117 |     "Green Component" : 0.6378850340843201
118 |   },
119 |   "Background Color" : {
120 |     "Red Component" : 0.1118306964635849,
121 |     "Color Space" : "Calibrated",
122 |     "Blue Component" : 0.1118292510509491,
123 |     "Alpha Component" : 1,
124 |     "Green Component" : 0.1118273735046387
125 |   },
126 |   "Character Encoding" : 4,
127 |   "Ansi 11 Color" : {
128 |     "Red Component" : 0.90836501121521,
129 |     "Color Space" : "Calibrated",
130 |     "Blue Component" : 0.05979310348629951,
131 |     "Alpha Component" : 1,
132 |     "Green Component" : 0.6204894185066223
133 |   },
134 |   "Use Italic Font" : true,
135 |   "Unlimited Scrollback" : false,
136 |   "Keyboard Map" : {
137 |     "0xf700-0x260000" : {
138 |       "Action" : 10,
139 |       "Text" : "[1;6A"
140 |     },
141 |     "0x37-0x40000" : {
142 |       "Action" : 11,
143 |       "Text" : "0x1f"
144 |     },
145 |     "0x32-0x40000" : {
146 |       "Action" : 11,
147 |       "Text" : "0x00"
148 |     },
149 |     "0xf709-0x20000" : {
150 |       "Action" : 10,
151 |       "Text" : "[17;2~"
152 |     },
153 |     "0xf70c-0x20000" : {
154 |       "Action" : 10,
155 |       "Text" : "[20;2~"
156 |     },
157 |     "0xf729-0x20000" : {
158 |       "Action" : 10,
159 |       "Text" : "[1;2H"
160 |     },
161 |     "0xf72b-0x40000" : {
162 |       "Action" : 10,
163 |       "Text" : "[1;5F"
164 |     },
165 |     "0xf705-0x20000" : {
166 |       "Action" : 10,
167 |       "Text" : "[1;2Q"
168 |     },
169 |     "0xf703-0x260000" : {
170 |       "Action" : 10,
171 |       "Text" : "[1;6C"
172 |     },
173 |     "0xf700-0x220000" : {
174 |       "Action" : 10,
175 |       "Text" : "[1;2A"
176 |     },
177 |     "0xf701-0x280000" : {
178 |       "Action" : 11,
179 |       "Text" : "0x1b 0x1b 0x5b 0x42"
180 |     },
181 |     "0x38-0x40000" : {
182 |       "Action" : 11,
183 |       "Text" : "0x7f"
184 |     },
185 |     "0x33-0x40000" : {
186 |       "Action" : 11,
187 |       "Text" : "0x1b"
188 |     },
189 |     "0xf703-0x220000" : {
190 |       "Action" : 10,
191 |       "Text" : "[1;2C"
192 |     },
193 |     "0xf701-0x240000" : {
194 |       "Action" : 10,
195 |       "Text" : "[1;5B"
196 |     },
197 |     "0xf70d-0x20000" : {
198 |       "Action" : 10,
199 |       "Text" : "[21;2~"
200 |     },
201 |     "0xf702-0x260000" : {
202 |       "Action" : 10,
203 |       "Text" : "[1;6D"
204 |     },
205 |     "0xf729-0x40000" : {
206 |       "Action" : 10,
207 |       "Text" : "[1;5H"
208 |     },
209 |     "0xf706-0x20000" : {
210 |       "Action" : 10,
211 |       "Text" : "[1;2R"
212 |     },
213 |     "0x34-0x40000" : {
214 |       "Action" : 11,
215 |       "Text" : "0x1c"
216 |     },
217 |     "0xf700-0x280000" : {
218 |       "Action" : 11,
219 |       "Text" : "0x1b 0x1b 0x5b 0x41"
220 |     },
221 |     "0x2d-0x40000" : {
222 |       "Action" : 11,
223 |       "Text" : "0x1f"
224 |     },
225 |     "0xf70e-0x20000" : {
226 |       "Action" : 10,
227 |       "Text" : "[23;2~"
228 |     },
229 |     "0xf702-0x220000" : {
230 |       "Action" : 10,
231 |       "Text" : "[1;2D"
232 |     },
233 |     "0xf703-0x280000" : {
234 |       "Action" : 11,
235 |       "Text" : "0x1b 0x1b 0x5b 0x43"
236 |     },
237 |     "0xf700-0x240000" : {
238 |       "Action" : 10,
239 |       "Text" : "[1;5A"
240 |     },
241 |     "0xf707-0x20000" : {
242 |       "Action" : 10,
243 |       "Text" : "[1;2S"
244 |     },
245 |     "0xf70a-0x20000" : {
246 |       "Action" : 10,
247 |       "Text" : "[18;2~"
248 |     },
249 |     "0x35-0x40000" : {
250 |       "Action" : 11,
251 |       "Text" : "0x1d"
252 |     },
253 |     "0xf70f-0x20000" : {
254 |       "Action" : 10,
255 |       "Text" : "[24;2~"
256 |     },
257 |     "0xf703-0x240000" : {
258 |       "Action" : 10,
259 |       "Text" : "[1;5C"
260 |     },
261 |     "0xf701-0x260000" : {
262 |       "Action" : 10,
263 |       "Text" : "[1;6B"
264 |     },
265 |     "0xf702-0x280000" : {
266 |       "Action" : 11,
267 |       "Text" : "0x1b 0x1b 0x5b 0x44"
268 |     },
269 |     "0xf72b-0x20000" : {
270 |       "Action" : 10,
271 |       "Text" : "[1;2F"
272 |     },
273 |     "0x36-0x40000" : {
274 |       "Action" : 11,
275 |       "Text" : "0x1e"
276 |     },
277 |     "0xf708-0x20000" : {
278 |       "Action" : 10,
279 |       "Text" : "[15;2~"
280 |     },
281 |     "0xf701-0x220000" : {
282 |       "Action" : 10,
283 |       "Text" : "[1;2B"
284 |     },
285 |     "0xf70b-0x20000" : {
286 |       "Action" : 10,
287 |       "Text" : "[19;2~"
288 |     },
289 |     "0xf702-0x240000" : {
290 |       "Action" : 10,
291 |       "Text" : "[1;5D"
292 |     },
293 |     "0xf704-0x20000" : {
294 |       "Action" : 10,
295 |       "Text" : "[1;2P"
296 |     }
297 |   },
298 |   "Window Type" : 0,
299 |   "Blur Radius" : 3.331069711538462,
300 |   "Cursor Type" : 2,
301 |   "Blur" : true,
302 |   "Badge Color" : {
303 |     "Red Component" : 1,
304 |     "Color Space" : "Calibrated",
305 |     "Blue Component" : 0,
306 |     "Alpha Component" : 0.5,
307 |     "Green Component" : 0
308 |   },
309 |   "Scrollback Lines" : 0,
310 |   "Send Code When Idle" : false,
311 |   "Close Sessions On End" : true,
312 |   "Terminal Type" : "xterm-256color",
313 |   "Visual Bell" : false,
314 |   "Flashing Bell" : false,
315 |   "Scrollback in Alternate Screen" : true,
316 |   "Silence Bell" : true,
317 |   "Ansi 14 Color" : {
318 |     "Red Component" : 0.1335754245519638,
319 |     "Color Space" : "Calibrated",
320 |     "Blue Component" : 0.7317965626716614,
321 |     "Alpha Component" : 1,
322 |     "Green Component" : 0.6693194508552551
323 |   },
324 |   "Background Image Is Tiled" : false,
325 |   "Name" : "Default",
326 |   "Cursor Text Color" : {
327 |     "Red Component" : 0.1206406205892563,
328 |     "Color Space" : "Calibrated",
329 |     "Blue Component" : 0.1352888643741608,
330 |     "Alpha Component" : 1,
331 |     "Green Component" : 0.1261827498674393
332 |   },
333 |   "Shortcut" : "",
334 |   "Cursor Color" : {
335 |     "Red Component" : 0.8631139397621155,
336 |     "Color Space" : "Calibrated",
337 |     "Blue Component" : 0.835193932056427,
338 |     "Alpha Component" : 1,
339 |     "Green Component" : 0.8395447731018066
340 |   },
341 |   "Ansi 0 Color" : {
342 |     "Red Component" : 0.1206406205892563,
343 |     "Color Space" : "Calibrated",
344 |     "Blue Component" : 0.1352888643741608,
345 |     "Alpha Component" : 1,
346 |     "Green Component" : 0.1261827498674393
347 |   },
348 |   "Transparency" : 0,
349 |   "Horizontal Spacing" : 1,
350 |   "Guid" : "4D62CEC6-5A05-4CFA-84C2-E5E3BDB2F1C3",
351 |   "Ansi 4 Color" : {
352 |     "Red Component" : 0.3851242065429688,
353 |     "Color Space" : "Calibrated",
354 |     "Blue Component" : 0.8246632814407349,
355 |     "Alpha Component" : 1,
356 |     "Green Component" : 0.479374885559082
357 |   },
358 |   "Ansi 5 Color" : {
359 |     "Red Component" : 0.5702612400054932,
360 |     "Color Space" : "Calibrated",
361 |     "Blue Component" : 0.615382194519043,
362 |     "Alpha Component" : 1,
363 |     "Green Component" : 0.2600854635238647
364 |   },
365 |   "Ansi 6 Color" : {
366 |     "Red Component" : 0.1461882293224335,
367 |     "Color Space" : "Calibrated",
368 |     "Blue Component" : 0.6196068525314331,
369 |     "Alpha Component" : 1,
370 |     "Green Component" : 0.5675624012947083
371 |   },
372 |   "Ansi 7 Color" : {
373 |     "Red Component" : 0.7555909156799316,
374 |     "Color Space" : "Calibrated",
375 |     "Blue Component" : 0.7555811405181885,
376 |     "Alpha Component" : 1,
377 |     "Green Component" : 0.7555683851242065
378 |   },
379 |   "Ansi 8 Color" : {
380 |     "Red Component" : 0.3342651128768921,
381 |     "Color Space" : "Calibrated",
382 |     "Blue Component" : 0.4105445444583893,
383 |     "Alpha Component" : 1,
384 |     "Green Component" : 0.3708627820014954
385 |   },
386 |   "Ansi 9 Color" : {
387 |     "Red Component" : 0.9874106049537659,
388 |     "Color Space" : "Calibrated",
389 |     "Blue Component" : 0.4560599327087402,
390 |     "Alpha Component" : 1,
391 |     "Green Component" : 0.2661901116371155
392 |   },
393 |   "Ansi 2 Color" : {
394 |     "Red Component" : 0.4562573432922363,
395 |     "Color Space" : "Calibrated",
396 |     "Blue Component" : 0.3611704409122467,
397 |     "Alpha Component" : 1,
398 |     "Green Component" : 0.8340924978256226
399 |   },
400 |   "Link Color" : {
401 |     "Red Component" : 0.1459556072950363,
402 |     "Color Space" : "Calibrated",
403 |     "Blue Component" : 0.6203047633171082,
404 |     "Alpha Component" : 1,
405 |     "Green Component" : 0.5677337646484375
406 |   }
407 | }
408 | 


--------------------------------------------------------------------------------
/keys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/leseb/Scripts/6763bccb34a99c2f7fd58016375fc59923123c21/keys


--------------------------------------------------------------------------------
/my.cnf:
--------------------------------------------------------------------------------
  1 | #
  2 | # The MySQL database server configuration file.
  3 | #
  4 | # You can copy this to one of:
  5 | # - "/etc/mysql/my.cnf" to set global options,
  6 | # - "~/.my.cnf" to set user-specific options.
  7 | # 
  8 | # One can use all long options that the program supports.
  9 | # Run program with --help to get a list of available options and with
 10 | # --print-defaults to see which it would actually understand and use.
 11 | #
 12 | # For explanations see
 13 | # http://dev.mysql.com/doc/mysql/en/server-system-variables.html
 14 | 
 15 | # This will be passed to all mysql clients
 16 | # It has been reported that passwords should be enclosed with ticks/quotes
 17 | # escpecially if they contain "#" chars...
 18 | # Remember to edit /etc/mysql/debian.cnf when changing the socket location.
 19 | [client]
 20 | port		= 3306
 21 | socket		= /var/run/mysqld/mysqld.sock
 22 | 
 23 | # Here is entries for some specific programs
 24 | # The following values assume you have at least 32M ram
 25 | 
 26 | # This was formally known as [safe_mysqld]. Both versions are currently parsed.
 27 | [mysqld_safe]
 28 | socket		= /var/run/mysqld/mysqld.sock
 29 | nice		= 0
 30 | 
 31 | [mysqld]
 32 | #
 33 | # * Basic Settings
 34 | #
 35 | user		= mysql
 36 | pid-file	= /var/run/mysqld/mysqld.pid
 37 | socket		= /var/run/mysqld/mysqld.sock
 38 | port		= 3306
 39 | basedir		= /usr
 40 | datadir		= /var/lib/mysql
 41 | tmpdir		= /tmp
 42 | language	= /usr/share/mysql/english
 43 | skip-external-locking
 44 | safe-show-database
 45 | 
 46 | # Option added
 47 | #
 48 | #skip-networking
 49 | innodb_buffer_pool_size = 1G
 50 | 
 51 | #
 52 | # Instead of skip-networking the default is now to listen only on
 53 | # localhost which is more compatible and is not less secure.
 54 | bind-address		= 50.57.47.119
 55 | #bind-address = 127.0.0.1
 56 | #
 57 | # * Fine Tuning
 58 | #
 59 | key_buffer		= 8M #ori=25
 60 | max_allowed_packet	= 8M #ori=16
 61 | thread_stack		= 128K #ori=192
 62 | thread_cache_size       = 8
 63 | # This replaces the startup script and checks MyISAM tables if needed
 64 | # the first time they are touched
 65 | myisam-recover         = BACKUP
 66 | #max_connections        = 100
 67 | table_cache            = 512 #ori=64
 68 | #thread_concurrency     = 10
 69 | #
 70 | # * Query Cache Configuration
 71 | #
 72 | # ori 1M
 73 | query_cache_limit	= 192M
 74 | # ori 16
 75 | query_cache_size        = 128M
 76 | #
 77 | # * Logging and Replication
 78 | #
 79 | # Both location gets rotated by the cronjob.
 80 | # Be aware that this log type is a performance killer.
 81 | # As of 5.1 you can enable the log at runtime!
 82 | #general_log_file        = /var/log/mysql/mysql.log
 83 | #general_log             = 1
 84 | #
 85 | # Error logging goes to syslog due to /etc/mysql/conf.d/mysqld_safe_syslog.cnf.
 86 | #
 87 | # Here you can see queries with especially long duration
 88 | #log_slow_queries	= /var/log/mysql/mysql-slow.log
 89 | #long_query_time = 2
 90 | #log-queries-not-using-indexes
 91 | #
 92 | # The following can be used as easy to replay backup logs or for replication.
 93 | # note: if you are setting up a replication slave, see README.Debian about
 94 | #       other settings you may need to change.
 95 | #server-id		= 1
 96 | #log_bin			= /var/log/mysql/mysql-bin.log
 97 | expire_logs_days	= 10
 98 | max_binlog_size         = 100M
 99 | #binlog_do_db		= include_database_name
100 | #binlog_ignore_db	= include_database_name
101 | #
102 | # * InnoDB
103 | #
104 | # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
105 | # Read the manual for more InnoDB related options. There are many!
106 | #
107 | # * InnoDB plugin
108 | # As of MySQL 5.1.38, the InnoDB plugin from Oracle is included in the MySQL source code.
109 | # It has many improvements and better performances than the built-in InnoDB storage engine.
110 | # Please read http://www.innodb.com/products/innodb_plugin/ for more information.
111 | # Uncommenting the two following lines to use the InnoDB plugin.
112 | #ignore_builtin_innodb
113 | #plugin-load=innodb=ha_innodb_plugin.so
114 | innodb_lock_wait_timeout = 500
115 | #innodb_buffer_pool_size = 2G
116 | 
117 | #
118 | # * Multiple plugins
119 | # If you want to load multiple plugins at the same time, you have to put them on a single
120 | # plugin-load line. MySQL does not support several plugin-load directives and always keep the 
121 | # last read. Then if you want, for example, use the Pinba storage engine while having the
122 | # the InnoDB plugin loaded, you should uncomment the following line
123 | #plugin-load=innodb=ha_innodb_plugin.so;libpinba_engine.so
124 | #
125 | # * Security Features
126 | #
127 | # Read the manual, too, if you want chroot!
128 | # chroot = /var/lib/mysql/
129 | #
130 | # For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
131 | #
132 | # ssl-ca=/etc/mysql/cacert.pem
133 | # ssl-cert=/etc/mysql/server-cert.pem
134 | # ssl-key=/etc/mysql/server-key.pem
135 | 
136 | 
137 | 
138 | [mysqldump]
139 | quick
140 | quote-names
141 | max_allowed_packet	= 16M
142 | 
143 | [mysql]
144 | #no-auto-rehash	# faster start of mysql but no tab completition
145 | 
146 | [isamchk]
147 | key_buffer		= 16M
148 | 
149 | #
150 | # * IMPORTANT: Additional settings that can override those from this file!
151 | #   The files must end with '.cnf', otherwise they'll be ignored.
152 | #
153 | !includedir /etc/mysql/conf.d/
154 | 


--------------------------------------------------------------------------------
/mysqld_multi.sh:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/perl
  2 | 
  3 | use Getopt::Long;
  4 | use POSIX qw(strftime getcwd);
  5 | 
  6 | $|=1;
  7 | $VER="2.16";
  8 | 
  9 | my @defaults_options;   #  Leading --no-defaults, --defaults-file, etc.
 10 | 
 11 | $opt_example       = 0;
 12 | $opt_help          = 0;
 13 | $opt_log           = undef();
 14 | $opt_mysqladmin    = "@bindir@/mysqladmin";
 15 | $opt_mysqld        = "@libexecdir@/mysqld";
 16 | $opt_no_log        = 0;
 17 | $opt_password      = undef();
 18 | $opt_tcp_ip        = 0;
 19 | $opt_user          = "root";
 20 | $opt_version       = 0;
 21 | $opt_silent        = 0;
 22 | $opt_verbose       = 0;
 23 | 
 24 | my $my_print_defaults_exists= 1;
 25 | my $logdir= undef();
 26 | 
 27 | my ($mysqld, $mysqladmin, $groupids, $homedir, $my_progname);
 28 | 
 29 | $homedir = $ENV{HOME};
 30 | $my_progname = $0;
 31 | $my_progname =~ s/.*[\/]//;
 32 | 
 33 | main();
 34 | 
 35 | ####
 36 | #### main sub routine
 37 | ####
 38 | 
 39 | sub main
 40 | {
 41 |   my $flag_exit= 0;
 42 | 
 43 |   if (!defined(my_which(my_print_defaults)))
 44 |   {
 45 |     # We can't throw out yet, since --version, --help, or --example may
 46 |     # have been given
 47 |     print "WARNING: my_print_defaults command not found.\n";
 48 |     print "Please make sure you have this command available and\n";
 49 |     print "in your path. The command is available from the latest\n";
 50 |     print "MySQL distribution.\n";
 51 |     $my_print_defaults_exists= 0;
 52 |   }
 53 | 
 54 |   # Remove leading defaults options from @ARGV
 55 |   while (@ARGV > 0)
 56 |   {
 57 |     last unless $ARGV[0] =~
 58 |       /^--(?:no-defaults$|(?:defaults-file|defaults-extra-file)=)/;
 59 |     push @defaults_options, (shift @ARGV);
 60 |   }
 61 | 
 62 |   foreach (@defaults_options)
 63 |   {
 64 |     $_ = quote_shell_word($_);
 65 |   }
 66 | 
 67 |   # Add [mysqld_multi] options to front of @ARGV, ready for GetOptions()
 68 |   unshift @ARGV, defaults_for_group('mysqld_multi');
 69 | 
 70 |   # We've already handled --no-defaults, --defaults-file, etc.
 71 |   if (!GetOptions("help", "example", "version", "mysqld=s", "mysqladmin=s",
 72 |                   "user=s", "password=s", "log=s", "no-log",
 73 |                   "tcp-ip",  "silent", "verbose"))
 74 |   {
 75 |     $flag_exit= 1;
 76 |   }
 77 |   usage() if ($opt_help);
 78 | 
 79 |   if ($opt_verbose && $opt_silent)
 80 |   {
 81 |     print "Both --verbose and --silent have been given. Some of the warnings ";
 82 |     print "will be disabled\nand some will be enabled.\n\n";
 83 |   }
 84 | 
 85 |   init_log() if (!defined($opt_log));
 86 |   $groupids = $ARGV[1];
 87 |   if ($opt_version)
 88 |   {
 89 |     print "$my_progname version $VER by Jani Tolonen\n";
 90 |     exit(0);
 91 |   }
 92 |   example() if ($opt_example);
 93 |   if ($flag_exit)
 94 |   {
 95 |     print "Error with an option, see $my_progname --help for more info.\n";
 96 |     exit(1);
 97 |   }
 98 |   if (!defined(my_which(my_print_defaults)))
 99 |   {
100 |     print "ABORT: Can't find command 'my_print_defaults'.\n";
101 |     print "This command is available from the latest MySQL\n";
102 |     print "distribution. Please make sure you have the command\n";
103 |     print "in your PATH.\n";
104 |     exit(1);
105 |   }
106 |   usage() if (!defined($ARGV[0]) ||
107 | 	      (!($ARGV[0] =~ m/^start$/i) &&
108 | 	       !($ARGV[0] =~ m/^stop$/i) &&
109 | 	       !($ARGV[0] =~ m/^report$/i)));
110 | 
111 |   if (!$opt_no_log)
112 |   {
113 |     w2log("$my_progname log file version $VER; run: ",
114 | 	  "$opt_log", 1, 0);
115 |   }
116 |   else
117 |   {
118 |     print "$my_progname log file version $VER; run: ";
119 |     print strftime "%a %b %e %H:%M:%S %Y", localtime;
120 |     print "\n";
121 |   }
122 |   if ($ARGV[0] =~ m/^start$/i)
123 |   {
124 |     if (!defined(($mysqld= my_which($opt_mysqld))) && $opt_verbose)
125 |     {
126 |       print "WARNING: Couldn't find the default mysqld binary.\n";
127 |       print "Tried: $opt_mysqld\n";
128 |       print "This is OK, if you are using option \"mysqld=...\" in ";
129 |       print "groups [mysqldN] separately for each.\n\n";
130 |     }
131 |     start_mysqlds();
132 |   }
133 |   else
134 |   {
135 |     if (!defined(($mysqladmin= my_which($opt_mysqladmin))) && $opt_verbose)
136 |     {
137 |       print "WARNING: Couldn't find the default mysqladmin binary.\n";
138 |       print "Tried: $opt_mysqladmin\n";
139 |       print "This is OK, if you are using option \"mysqladmin=...\" in ";
140 |       print "groups [mysqldN] separately for each.\n\n";
141 |     }
142 |     if ($ARGV[0] =~ m/^report$/i)
143 |     {
144 |       report_mysqlds();
145 |     }
146 |     else
147 |     {
148 |       stop_mysqlds();
149 |     }
150 |   }
151 | }
152 | 
153 | #
154 | # Quote word for shell
155 | #
156 | 
157 | sub quote_shell_word
158 | {
159 |   my ($option)= @_;
160 | 
161 |   $option =~ s!([^\w=./-])!\\$1!g;
162 |   return $option;
163 | }
164 | 
165 | sub defaults_for_group
166 | {
167 |   my ($group) = @_;
168 | 
169 |   return () unless $my_print_defaults_exists;
170 | 
171 |   my $com= join ' ', 'my_print_defaults', @defaults_options, $group;
172 |   my @defaults = `$com`;
173 |   chomp @defaults;
174 |   return @defaults;
175 | }
176 | 
177 | ####
178 | #### Init log file. Check for appropriate place for log file, in the following
179 | #### order:  my_print_defaults mysqld datadir, @datadir@
180 | ####
181 | 
182 | sub init_log
183 | {
184 |   foreach my $opt (defaults_for_group('mysqld'))
185 |   {
186 |     if ($opt =~ m/^--datadir=(.*)/ && -d "$1" && -w "$1")
187 |     {
188 |       $logdir= $1;
189 |     }
190 |   }
191 |   if (!defined($logdir))
192 |   {
193 |     $logdir= "@datadir@" if (-d "@datadir@" && -w "@datadir@");
194 |   }
195 |   if (!defined($logdir))
196 |   {
197 |     # Log file was not specified and we could not log to a standard place,
198 |     # so log file be disabled for now.
199 |     if (!$opt_silent)
200 |     {
201 |       print "WARNING: Log file disabled. Maybe directory or file isn't writable?\n";
202 |     }
203 |     $opt_no_log= 1;
204 |   }
205 |   else
206 |   {
207 |     $opt_log= "$logdir/mysqld_multi.log";
208 |   }
209 | }
210 | 
211 | ####
212 | #### Report living and not running MySQL servers
213 | ####
214 | 
215 | sub report_mysqlds
216 | {
217 |   my (@groups, $com, $i, @options, $pec);
218 | 
219 |   print "Reporting MySQL servers\n";
220 |   if (!$opt_no_log)
221 |   {
222 |     w2log("\nReporting MySQL servers","$opt_log",0,0);
223 |   }
224 |   @groups = &find_groups($groupids);
225 |   for ($i = 0; defined($groups[$i]); $i++)
226 |   {
227 |     $com= get_mysqladmin_options($i, @groups);
228 |     $com.= " ping >> /dev/null 2>&1";
229 |     system($com);
230 |     $pec = $? >> 8;
231 |     if ($pec)
232 |     {
233 |       print "MySQL server from group: $groups[$i] is not running\n";
234 |       if (!$opt_no_log)
235 |       {
236 | 	w2log("MySQL server from group: $groups[$i] is not running",
237 | 	      "$opt_log", 0, 0);
238 |       }
239 |     }
240 |     else
241 |     {
242 |       print "MySQL server from group: $groups[$i] is running\n";
243 |       if (!$opt_no_log)
244 |       {
245 | 	w2log("MySQL server from group: $groups[$i] is running",
246 | 	      "$opt_log", 0, 0);
247 |       }
248 |     }
249 |   }
250 |   if (!$i)
251 |   {
252 |     print "No groups to be reported (check your GNRs)\n";
253 |     if (!$opt_no_log)
254 |     {
255 |       w2log("No groups to be reported (check your GNRs)", "$opt_log", 0, 0);
256 |     }
257 |   }
258 | }
259 | 
260 | ####
261 | #### start multiple servers
262 | ####
263 | 
264 | sub start_mysqlds()
265 | {
266 |   my (@groups, $com, $tmp, $i, @options, $j, $mysqld_found, $info_sent);
267 | 
268 |   if (!$opt_no_log)
269 |   {
270 |     w2log("\nStarting MySQL servers\n","$opt_log",0,0);
271 |   }
272 |   else
273 |   {
274 |     print "\nStarting MySQL servers\n";
275 |   }
276 |   @groups = &find_groups($groupids);
277 |   for ($i = 0; defined($groups[$i]); $i++)
278 |   {
279 |     @options = defaults_for_group($groups[$i]);
280 | 
281 |     $basedir_found= 0; # The default
282 |     $mysqld_found= 1; # The default
283 |     $mysqld_found= 0 if (!length($mysqld));
284 |     $com= "$mysqld";
285 |     for ($j = 0, $tmp= ""; defined($options[$j]); $j++)
286 |     {
287 |       if ("--mysqladmin=" eq substr($options[$j], 0, 13))
288 |       {
289 | 	# catch this and ignore
290 |       }
291 |       elsif ("--mysqld=" eq substr($options[$j], 0, 9))
292 |       {
293 | 	$options[$j]=~ s/\-\-mysqld\=//;
294 | 	$com= $options[$j];
295 |         $mysqld_found= 1;
296 |       }
297 |       elsif ("--basedir=" eq substr($options[$j], 0, 10))
298 |       {
299 |         $basedir= $options[$j];
300 |         $basedir =~ s/^--basedir=//;
301 |         $basedir_found= 1;
302 |         $options[$j]= quote_shell_word($options[$j]);
303 |         $tmp.= " $options[$j]";
304 |       }
305 |       else
306 |       {
307 | 	$options[$j]= quote_shell_word($options[$j]);
308 | 	$tmp.= " $options[$j]";
309 |       }
310 |     }
311 |     if ($opt_verbose && $com =~ m/\/(safe_mysqld|mysqld_safe)$/ && !$info_sent)
312 |     {
313 |       print "WARNING: $1 is being used to start mysqld. In this case you ";
314 |       print "may need to pass\n\"ledir=...\" under groups [mysqldN] to ";
315 |       print "$1 in order to find the actual mysqld binary.\n";
316 |       print "ledir (library executable directory) should be the path to the ";
317 |       print "wanted mysqld binary.\n\n";
318 |       $info_sent= 1;
319 |     }
320 |     $com.= $tmp;
321 |     $com.= " >> $opt_log 2>&1" if (!$opt_no_log);
322 |     $com.= " &";
323 |     if (!$mysqld_found)
324 |     {
325 |       print "\n";
326 |       print "FATAL ERROR: Tried to start mysqld under group [$groups[$i]], ";
327 |       print "but no mysqld binary was found.\n";
328 |       print "Please add \"mysqld=...\" in group [mysqld_multi], or add it to ";
329 |       print "group [$groups[$i]] separately.\n";
330 |       exit(1);
331 |     }
332 |     if ($basedir_found)
333 |     {
334 |       $curdir=getcwd();
335 |       chdir($basedir) or die "Can't change to datadir $basedir";
336 |     }
337 |     system($com);
338 |     if ($basedir_found)
339 |     {
340 |       chdir($curdir) or die "Can't change back to original dir $curdir";
341 |     }
342 |   }
343 |   if (!$i && !$opt_no_log)
344 |   {
345 |     w2log("No MySQL servers to be started (check your GNRs)",
346 | 	  "$opt_log", 0, 0);
347 |   }
348 | }
349 | 
350 | ####
351 | #### stop multiple servers
352 | ####
353 | 
354 | sub stop_mysqlds()
355 | {
356 |   my (@groups, $com, $i, @options);
357 | 
358 |   if (!$opt_no_log)
359 |   {
360 |     w2log("\nStopping MySQL servers\n","$opt_log",0,0);
361 |   }
362 |   else
363 |   {
364 |     print "\nStopping MySQL servers\n";
365 |   }
366 |   @groups = &find_groups($groupids);
367 |   for ($i = 0; defined($groups[$i]); $i++)
368 |   {
369 |     $com= get_mysqladmin_options($i, @groups);
370 |     $com.= " shutdown";
371 |     $com.= " >> $opt_log 2>&1" if (!$opt_no_log);
372 |     $com.= " &";
373 |     system($com);
374 |   }
375 |   if (!$i && !$opt_no_log)
376 |   {
377 |     w2log("No MySQL servers to be stopped (check your GNRs)",
378 | 	  "$opt_log", 0, 0);
379 |   }
380 | }
381 | 
382 | ####
383 | #### Sub function for mysqladmin option parsing
384 | ####
385 | 
386 | sub get_mysqladmin_options
387 | {
388 |   my ($i, @groups)= @_;
389 |   my ($mysqladmin_found, $com, $tmp, $j);
390 | 
391 |   @options = defaults_for_group($groups[$i]);
392 | 
393 |   $mysqladmin_found= 1; # The default
394 |   $mysqladmin_found= 0 if (!length($mysqladmin));
395 |   $com = "$mysqladmin";
396 |   $tmp = " -u $opt_user";
397 |   if (defined($opt_password)) {
398 |     my $pw= $opt_password;
399 |     # Protect single quotes in password
400 |     $pw =~ s/'/'"'"'/g;
401 |     $tmp.= " -p'$pw'";
402 |   }
403 |   $tmp.= $opt_tcp_ip ? " -h 127.0.0.1" : "";
404 |   for ($j = 0; defined($options[$j]); $j++)
405 |   {
406 |     if ("--mysqladmin=" eq substr($options[$j], 0, 13))
407 |     {
408 |       $options[$j]=~ s/\-\-mysqladmin\=//;
409 |       $com= $options[$j];
410 |       $mysqladmin_found= 1;
411 |     }
412 |     elsif ((($options[$j] =~ m/^(\-\-socket\=)(.*)$/) && !$opt_tcp_ip) ||
413 | 	   ($options[$j] =~ m/^(\-\-port\=)(.*)$/))
414 |     {
415 |       $tmp.= " $options[$j]";
416 |     }
417 |   }
418 |   if (!$mysqladmin_found)
419 |   {
420 |     print "\n";
421 |     print "FATAL ERROR: Tried to use mysqladmin in group [$groups[$i]], ";
422 |     print "but no mysqladmin binary was found.\n";
423 |     print "Please add \"mysqladmin=...\" in group [mysqld_multi], or ";
424 |     print "in group [$groups[$i]].\n";
425 |     exit(1);
426 |   }
427 |   $com.= $tmp;
428 |   return $com;
429 | }
430 | 
431 | # Return a list of option files which can be opened.  Similar, but not
432 | # identical, to behavior of my_search_option_files()
433 | sub list_defaults_files
434 | {
435 |   my %opt;
436 |   foreach (@defaults_options)
437 |   {
438 |     return () if /^--no-defaults$/;
439 |     $opt{$1} = $2 if /^--defaults-(extra-file|file)=(.*)$/;
440 |   }
441 | 
442 |   return ($opt{file}) if exists $opt{file};
443 | 
444 |   my %seen;  # Don't list the same file more than once
445 |   return grep { defined $_ and not $seen{$_}++ and -f $_ and -r $_ }
446 |               ('/etc/my.cnf',
447 |                '/etc/mysql/my.cnf',
448 |                '@sysconfdir@/my.cnf',
449 |                ($ENV{MYSQL_HOME} ? "$ENV{MYSQL_HOME}/my.cnf" : undef),
450 |                $opt{'extra-file'},
451 |                ($ENV{HOME} ? "$ENV{HOME}/.my.cnf" : undef));
452 | }
453 | 
454 | 
455 | # Takes a specification of GNRs (see --help), and returns a list of matching
456 | # groups which actually are mentioned in a relevant config file
457 | sub find_groups
458 | {
459 |   my ($raw_gids) = @_;
460 | 
461 |   my %gids;
462 |   my @groups;
463 | 
464 |   if (defined($raw_gids))
465 |   {
466 |     # Make a hash of the wanted group ids
467 |     foreach my $raw_gid (split ',', $raw_gids)
468 |     {
469 |       # Match 123 or 123-456
470 |       my ($start, $end) = ($raw_gid =~ /^\s*(\d+)(?:\s*-\s*(\d+))?\s*$/);
471 |       $end = $start if not defined $end;
472 |       if (not defined $start or $end < $start or $start < 0)
473 |       {
474 |         print "ABORT: Bad GNR: $raw_gid; see $my_progname --help\n";
475 |         exit(1);
476 |       }
477 | 
478 |       foreach my $i ($start .. $end)
479 |       {
480 |         # Use $i + 0 to normalize numbers (002 + 0 -> 2)
481 |         $gids{$i + 0}= 1;
482 |       }
483 |     }
484 |   }
485 | 
486 |   my @defaults_files = list_defaults_files();
487 |   #warn "@{[sort keys %gids]} -> @defaults_files\n";
488 |   foreach my $file (@defaults_files)
489 |   {
490 |     next unless open CONF, "< $file";
491 | 
492 |     while (<CONF>)
493 |     {
494 |       if (/^\s*\[\s*(mysqld)(\d+)\s*\]\s*$/)
495 |       {
496 |         #warn "Found a group: $1$2\n";
497 |         # Use $2 + 0 to normalize numbers (002 + 0 -> 2)
498 |         if (not defined($raw_gids) or $gids{$2 + 0})
499 |         {
500 |           push @groups, "$1$2";
501 |         }
502 |       }
503 |     }
504 | 
505 |     close CONF;
506 |   }
507 |   return @groups;
508 | }
509 | 
510 | ####
511 | #### w2log: Write to a logfile.
512 | #### 1.arg: append to the log file (given string, or from a file. if a file,
513 | ####        file will be read from $opt_logdir)
514 | #### 2.arg: logfile -name (w2log assumes that the logfile is in $opt_logdir).
515 | #### 3.arg. 0 | 1, if true, print current date to the logfile. 3. arg will
516 | ####        be ignored, if 1. arg is a file.
517 | #### 4.arg. 0 | 1, if true, first argument is a file, else a string
518 | ####
519 | 
520 | sub w2log
521 | {
522 |   my ($msg, $file, $date_flag, $is_file)= @_;
523 |   my (@data);
524 | 
525 |   open (LOGFILE, ">>$opt_log")
526 |     or die "FATAL: w2log: Couldn't open log file: $opt_log\n";
527 | 
528 |   if ($is_file)
529 |   {
530 |     open (FROMFILE, "<$msg") && (@data=<FROMFILE>) &&
531 |       close(FROMFILE)
532 | 	or die "FATAL: w2log: Couldn't open file: $msg\n";
533 |     foreach my $line (@data)
534 |     {
535 |       print LOGFILE "$line";
536 |     }
537 |   }
538 |   else
539 |   {
540 |     print LOGFILE "$msg";
541 |     print LOGFILE strftime "%a %b %e %H:%M:%S %Y", localtime if ($date_flag);
542 |     print LOGFILE "\n";
543 |   }
544 |   close (LOGFILE);
545 |   return;
546 | }
547 | 
548 | ####
549 | #### my_which is used, because we can't assume that every system has the
550 | #### which -command. my_which can take only one argument at a time.
551 | #### Return values: requested system command with the first found path,
552 | #### or undefined, if not found.
553 | ####
554 | 
555 | sub my_which
556 | {
557 |   my ($command) = @_;
558 |   my (@paths, $path);
559 | 
560 |   return $command if (-f $command && -x $command);
561 |   @paths = split(':', $ENV{'PATH'});
562 |   foreach $path (@paths)
563 |   {
564 |     $path .= "/$command";
565 |     return $path if (-f $path && -x $path);
566 |   }
567 |   return undef();
568 | }
569 | 
570 | 
571 | ####
572 | #### example
573 | ####
574 | 
575 | sub example
576 | {
577 |   print <<EOF;
578 | # This is an example of a my.cnf file for $my_progname.
579 | # Usually this file is located in home dir ~/.my.cnf or /etc/my.cnf
580 | #
581 | # SOME IMPORTANT NOTES FOLLOW:
582 | #
583 | # 1.COMMON USER
584 | #
585 | #   Make sure that the MySQL user, who is stopping the mysqld services, has
586 | #   the same password to all MySQL servers being accessed by $my_progname.
587 | #   This user needs to have the 'Shutdown_priv' -privilege, but for security
588 | #   reasons should have no other privileges. It is advised that you create a
589 | #   common 'multi_admin' user for all MySQL servers being controlled by
590 | #   $my_progname. Here is an example how to do it:
591 | #
592 | #   GRANT SHUTDOWN ON *.* TO multi_admin\@localhost IDENTIFIED BY 'password'
593 | #
594 | #   You will need to apply the above to all MySQL servers that are being
595 | #   controlled by $my_progname. 'multi_admin' will shutdown the servers
596 | #   using 'mysqladmin' -binary, when '$my_progname stop' is being called.
597 | #
598 | # 2.PID-FILE
599 | #
600 | #   If you are using mysqld_safe to start mysqld, make sure that every
601 | #   MySQL server has a separate pid-file. In order to use mysqld_safe
602 | #   via $my_progname, you need to use two options:
603 | #
604 | #   mysqld=/path/to/mysqld_safe
605 | #   ledir=/path/to/mysqld-binary/
606 | #
607 | #   ledir (library executable directory), is an option that only mysqld_safe
608 | #   accepts, so you will get an error if you try to pass it to mysqld directly.
609 | #   For this reason you might want to use the above options within [mysqld#]
610 | #   group directly.
611 | #
612 | # 3.DATA DIRECTORY
613 | #
614 | #   It is NOT advised to run many MySQL servers within the same data directory.
615 | #   You can do so, but please make sure to understand and deal with the
616 | #   underlying caveats. In short they are:
617 | #   - Speed penalty
618 | #   - Risk of table/data corruption
619 | #   - Data synchronising problems between the running servers
620 | #   - Heavily media (disk) bound
621 | #   - Relies on the system (external) file locking
622 | #   - Is not applicable with all table types. (Such as InnoDB)
623 | #     Trying so will end up with undesirable results.
624 | #
625 | # 4.TCP/IP Port
626 | #
627 | #   Every server requires one and it must be unique.
628 | #
629 | # 5.[mysqld#] Groups
630 | #
631 | #   In the example below the first and the fifth mysqld group was
632 | #   intentionally left out. You may have 'gaps' in the config file. This
633 | #   gives you more flexibility.
634 | #
635 | # 6.MySQL Server User
636 | #
637 | #   You can pass the user=... option inside [mysqld#] groups. This
638 | #   can be very handy in some cases, but then you need to run $my_progname
639 | #   as UNIX root.
640 | #
641 | # 7.A Start-up Manage Script for $my_progname
642 | #
643 | #   In the recent MySQL distributions you can find a file called
644 | #   mysqld_multi.server.sh. It is a wrapper for $my_progname. This can
645 | #   be used to start and stop multiple servers during boot and shutdown.
646 | #
647 | #   You can place the file in /etc/init.d/mysqld_multi.server.sh and
648 | #   make the needed symbolic links to it from various run levels
649 | #   (as per Linux/Unix standard). You may even replace the
650 | #   /etc/init.d/mysql.server script with it.
651 | #
652 | #   Before using, you must create a my.cnf file either in @sysconfdir@/my.cnf
653 | #   or /root/.my.cnf and add the [mysqld_multi] and [mysqld#] groups.
654 | #
655 | #   The script can be found from support-files/mysqld_multi.server.sh
656 | #   in MySQL distribution. (Verify the script before using)
657 | #
658 | 
659 | [mysqld_multi]
660 | mysqld     = @bindir@/mysqld_safe
661 | mysqladmin = @bindir@/mysqladmin
662 | user       = multi_admin
663 | password   = my_password
664 | 
665 | [mysqld2]
666 | socket     = /tmp/mysql.sock2
667 | port       = 3307
668 | pid-file   = @localstatedir@2/hostname.pid2
669 | datadir    = @localstatedir@2
670 | language   = @datadir@/mysql/english
671 | user       = unix_user1
672 | 
673 | [mysqld3]
674 | mysqld     = /path/to/mysqld_safe
675 | ledir      = /path/to/mysqld-binary/
676 | mysqladmin = /path/to/mysqladmin
677 | socket     = /tmp/mysql.sock3
678 | port       = 3308
679 | pid-file   = @localstatedir@3/hostname.pid3
680 | datadir    = @localstatedir@3
681 | language   = @datadir@/mysql/swedish
682 | user       = unix_user2
683 | 
684 | [mysqld4]
685 | socket     = /tmp/mysql.sock4
686 | port       = 3309
687 | pid-file   = @localstatedir@4/hostname.pid4
688 | datadir    = @localstatedir@4
689 | language   = @datadir@/mysql/estonia
690 | user       = unix_user3
691 |  
692 | [mysqld6]
693 | socket     = /tmp/mysql.sock6
694 | port       = 3311
695 | pid-file   = @localstatedir@6/hostname.pid6
696 | datadir    = @localstatedir@6
697 | language   = @datadir@/mysql/japanese
698 | user       = unix_user4
699 | EOF
700 |   exit(0);
701 | }
702 | 
703 | ####
704 | #### usage
705 | ####
706 | 
707 | sub usage
708 | {
709 |   print <<EOF;
710 | $my_progname version $VER by Jani Tolonen
711 | 
712 | Description:
713 | $my_progname can be used to start, or stop any number of separate
714 | mysqld processes running in different TCP/IP ports and UNIX sockets.
715 | 
716 | $my_progname can read group [mysqld_multi] from my.cnf file. You may
717 | want to put options mysqld=... and mysqladmin=... there.  Since
718 | version 2.10 these options can also be given under groups [mysqld#],
719 | which gives more control over different versions.  One can have the
720 | default mysqld and mysqladmin under group [mysqld_multi], but this is
721 | not mandatory. Please note that if mysqld or mysqladmin is missing
722 | from both [mysqld_multi] and [mysqld#], a group that is tried to be
723 | used, $my_progname will abort with an error.
724 | 
725 | $my_progname will search for groups named [mysqld#] from my.cnf (or
726 | the given --defaults-extra-file=...), where '#' can be any positive 
727 | integer starting from 1. These groups should be the same as the regular
728 | [mysqld] group, but with those port, socket and any other options
729 | that are to be used with each separate mysqld process. The number
730 | in the group name has another function; it can be used for starting,
731 | stopping, or reporting any specific mysqld server.
732 | 
733 | Usage: $my_progname [OPTIONS] {start|stop|report} [GNR,GNR,GNR...]
734 | or     $my_progname [OPTIONS] {start|stop|report} [GNR-GNR,GNR,GNR-GNR,...]
735 | 
736 | The GNR means the group number. You can start, stop or report any GNR,
737 | or several of them at the same time. (See --example) The GNRs list can
738 | be comma separated or a dash combined. The latter means that all the
739 | GNRs between GNR1-GNR2 will be affected. Without GNR argument all the
740 | groups found will either be started, stopped, or reported. Note that
741 | syntax for specifying GNRs must appear without spaces.
742 | 
743 | Options:
744 | 
745 | These options must be given before any others:
746 | --no-defaults      Do not read any defaults file
747 | --defaults-file=...  Read only this configuration file, do not read the
748 |                    standard system-wide and user-specific files
749 | --defaults-extra-file=...  Read this configuration file in addition to the
750 |                    standard system-wide and user-specific files
751 | Using:  @{[join ' ', @defaults_options]}
752 | 
753 | --example          Give an example of a config file with extra information.
754 | --help             Print this help and exit.
755 | --log=...          Log file. Full path to and the name for the log file. NOTE:
756 |                    If the file exists, everything will be appended.
757 |                    Using: $opt_log
758 | --mysqladmin=...   mysqladmin binary to be used for a server shutdown.
759 |                    Since version 2.10 this can be given within groups [mysqld#]
760 |                    Using: $mysqladmin
761 | --mysqld=...       mysqld binary to be used. Note that you can give mysqld_safe
762 |                    to this option also. The options are passed to mysqld. Just
763 |                    make sure you have mysqld in your PATH or fix mysqld_safe.
764 |                    Using: $mysqld
765 |                    Please note: Since mysqld_multi version 2.3 you can also
766 |                    give this option inside groups [mysqld#] in ~/.my.cnf,
767 |                    where '#' stands for an integer (number) of the group in
768 |                    question. This will be recognised as a special option and
769 |                    will not be passed to the mysqld. This will allow one to
770 |                    start different mysqld versions with mysqld_multi.
771 | --no-log           Print to stdout instead of the log file. By default the log
772 |                    file is turned on.
773 | --password=...     Password for mysqladmin user.
774 | --silent           Disable warnings.
775 | --tcp-ip           Connect to the MySQL server(s) via the TCP/IP port instead
776 |                    of the UNIX socket. This affects stopping and reporting.
777 |                    If a socket file is missing, the server may still be
778 |                    running, but can be accessed only via the TCP/IP port.
779 |                    By default connecting is done via the UNIX socket.
780 | --user=...         mysqladmin user. Using: $opt_user
781 | --verbose          Be more verbose.
782 | --version          Print the version number and exit.
783 | EOF
784 |   exit(0);
785 | }


--------------------------------------------------------------------------------
/mysqld_multi_init.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | #
 3 | # A simple startup script for mysqld_multi by Tim Smith and Jani Tolonen.
 4 | # This script assumes that my.cnf file exists either in /etc/my.cnf or
 5 | # /root/.my.cnf and has groups [mysqld_multi] and [mysqldN]. See the
 6 | # mysqld_multi documentation for detailed instructions.
 7 | #
 8 | # This script can be used as /etc/init.d/mysql.server
 9 | #
10 | # Comments to support chkconfig on RedHat Linux
11 | # chkconfig: 2345 64 36
12 | # description: A very fast and reliable SQL database engine.
13 | #
14 | # Version 1.0
15 | #
16 | 
17 | ### BEGIN INIT INFO
18 | # Provides: mysqld_multi
19 | # Required-Start: $local_fs $network $remote_fs
20 | # Should-Start: ypbind nscd ldap ntpd xntpd
21 | # Required-Stop: $local_fs $network $remote_fs
22 | # Default-Start:  2 3 4 5
23 | # Default-Stop: 0 1 6
24 | # Short-Description: start and stop multiple MySQL daemons
25 | # Description: MySQL is a very fast and reliable SQL database engine.
26 | ### END INIT INFO
27 | 
28 | bindir=/usr/bin
29 | 
30 | if test -x $bindir/mysqld_multi
31 | then
32 |  mysqld_multi="$bindir/mysqld_multi";
33 | else
34 |  echo "Can't execute $bindir/mysqld_multi";
35 |  exit;
36 | fi
37 | 
38 | case "$1" in
39 |    'start' )
40 |        "$mysqld_multi" start $2
41 |        ;;
42 |    'stop' )
43 |        "$mysqld_multi" stop $2
44 |        ;;
45 |    'report' )
46 |        "$mysqld_multi" report $2
47 |        ;;
48 |    'restart' )
49 |        "$mysqld_multi" stop $2
50 |        "$mysqld_multi" start $2
51 |        ;;
52 |    *)
53 |        echo "Usage: $0 {start|stop|report|restart}" >&2
54 |        ;;
55 | esac


--------------------------------------------------------------------------------
/name-of-archive.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/leseb/Scripts/6763bccb34a99c2f7fd58016375fc59923123c21/name-of-archive.tar.gz


--------------------------------------------------------------------------------
/nginx.conf:
--------------------------------------------------------------------------------
 1 | user   www-data;
 2 | worker_processes  4; # core number
 3 | #error_log         /var/log/nginx/error.log debug;
 4 | error_log	  /var/log/nginx/error.log;
 5 | pid               /var/run/nginx.pid;
 6 | 
 7 | events {
 8 | 	worker_connections  4096;
 9 | }
10 | 
11 | http {
12 | 	include       /etc/nginx/mime.types;
13 | 	default_type  application/octet-stream;
14 | 	
15 | 	# Logs
16 | 	log_format  main  '$remote_addr - $remote_user [$time_local] "$request "'
17 |         	'$status $body_bytes_sent "$http_referer" '
18 |                 '"$http_user_agent" "$http_x_forwarded_for"';
19 |     	access_log  /var/log/nginx/access.log  main;
20 |    	sendfile        on;
21 | 	
22 | 	# TCP optimisation
23 | 	tcp_nodelay on; 
24 | 	tcp_nopush on;
25 | 
26 |     	autoindex off;
27 |     	map $scheme $fastcgi_https { ## Detect when HTTPS is used
28 |         	default off;
29 |         	https on;
30 |     	}
31 | 
32 | 	# Timeout
33 | 	#client_header_timeout 240;
34 | 	#client_body_timeout 240;
35 | 	#fastcgi_read_timeout 240;
36 | 	#keepalive_timeout  3;
37 | 	
38 | 	# Size Limits & Buffer Overflows
39 |   	client_body_buffer_size  1K;
40 |  	client_header_buffer_size 1k;
41 |   	client_max_body_size 1M;
42 | 	large_client_header_buffers 2 1k;
43 | 	
44 | 	# Timeouts, this conf prevent php-fpm cpu overload, a little...
45 |   	client_body_timeout   10;
46 |   	client_header_timeout 10;
47 |   	keepalive_timeout     5 5;
48 |   	send_timeout          10;
49 | 	
50 | 	# Enable keepalive in order to improve First Byte Time
51 | 	keepalive_requests    10;
52 | 
53 | 	# Compression
54 |     	gzip  on;
55 | 	gzip_min_length  1000;
56 |     	gzip_buffers      16 8k;
57 | 	gzip_comp_level 6;
58 |     	gzip_types      text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/jpeg;
59 | 	gzip_disable     "MSIE [1-6]\.";
60 | 
61 | 	# Pre-compression
62 | 	gzip_static on;
63 | 	gzip_http_version   1.1;
64 | 	gzip_proxied        expired no-cache no-store private auth;
65 | 	gzip_vary           on;	
66 | 
67 |     	# Load config files from the /etc/nginx/conf.d directory
68 |     	include /etc/nginx/conf.d/*.conf;
69 | 
70 | }
71 | 
72 | 


--------------------------------------------------------------------------------
/perl-fcgi:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | PERL_SCRIPT=/usr/bin/fastcgi-wrapper.pl
 3 | FASTCGI_USER=www-data
 4 | RETVAL=0
 5 | case "$1" in
 6 |     start)
 7 |       su - $FASTCGI_USER -c $PERL_SCRIPT
 8 |       RETVAL=$?
 9 |   ;;
10 |     stop)
11 |       killall -9 fastcgi-wrapper.pl
12 |       RETVAL=$?
13 |   ;;
14 |     restart)
15 |       killall -9 fastcgi-wrapper.pl
16 |       su - $FASTCGI_USER -c $PERL_SCRIPT
17 |       RETVAL=$?
18 |   ;;
19 |     *)
20 |       echo "Usage: perl-fastcgi {start|stop|restart}"
21 |       exit 1
22 |   ;;
23 | esac      
24 | exit $RETVAL


--------------------------------------------------------------------------------
/php-fpm.conf:
--------------------------------------------------------------------------------
 1 | ;;;;;;;;;;;;;;;;;;;;;
 2 | ; FPM Configuration ;
 3 | ;;;;;;;;;;;;;;;;;;;;;
 4 | 
 5 | ; All relative paths in this configuration file are relative to PHP's install
 6 | ; prefix (/usr). This prefix can be dynamicaly changed by using the
 7 | ; '-p' argument from the command line.
 8 | 
 9 | ; Include one or more files. If glob(3) exists, it is used to include a bunch of
10 | ; files from a glob(3) pattern. This directive can be used everywhere in the
11 | ; file.
12 | ; Relative path can also be used. They will be prefixed by:
13 | ;  - the global prefix if it's been set (-p arguement)
14 | ;  - /usr otherwise
15 | ;include=/etc/php5/fpm/*.conf
16 | 
17 | ;;;;;;;;;;;;;;;;;;
18 | ; Global Options ;
19 | ;;;;;;;;;;;;;;;;;;
20 | 
21 | [global]
22 | ; Pid file
23 | ; Note: the default prefix is /var
24 | ; Default Value: none
25 | pid = /var/run/php5-fpm.pid
26 | 
27 | ; Error log file
28 | ; Note: the default prefix is /var
29 | ; Default Value: log/php-fpm.log
30 | error_log = /var/log/php5-fpm/php5-fpm.log
31 | 
32 | ; Log level
33 | ; Possible Values: alert, error, warning, notice, debug
34 | ; Default Value: notice
35 | ;log_level = debug
36 | 
37 | ; If this number of child processes exit with SIGSEGV or SIGBUS within the time
38 | ; interval set by emergency_restart_interval then FPM will restart. A value
39 | ; of '0' means 'Off'.
40 | ; Default Value: 0
41 | emergency_restart_threshold = 5
42 | 
43 | ; Interval of time used by emergency_restart_interval to determine when 
44 | ; a graceful restart will be initiated.  This can be useful to work around
45 | ; accidental corruptions in an accelerator's shared memory.
46 | ; Available Units: s(econds), m(inutes), h(ours), or d(ays)
47 | ; Default Unit: seconds
48 | ; Default Value: 0
49 | emergency_restart_interval = 2
50 | 
51 | ; Time limit for child processes to wait for a reaction on signals from master.
52 | ; Available units: s(econds), m(inutes), h(ours), or d(ays)
53 | ; Default Unit: seconds
54 | ; Default Value: 0
55 | process_control_timeout = 2
56 | 
57 | ; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
58 | ; Default Value: yes
59 | daemonize = yes
60 |  
61 | ; Set open file descriptor rlimit for the master process.
62 | ; Default Value: system defined value
63 | ;rlimit_files = 1024
64 |  
65 | ; Set max core size rlimit for the master process.
66 | ; Possible Values: 'unlimited' or an integer greater or equal to 0
67 | ; Default Value: system defined value
68 | ;rlimit_core = 0
69 | 
70 | ;;;;;;;;;;;;;;;;;;;;
71 | ; Pool Definitions ; 
72 | ;;;;;;;;;;;;;;;;;;;;
73 | 
74 | ; Multiple pools of child processes may be started with different listening
75 | ; ports and different management options.  The name of the pool will be
76 | ; used in logs and stats. There is no limitation on the number of pools which
77 | ; FPM can handle. Your system will tell you anyway :)
78 | 
79 | ; To configure the pools it is recommended to have one .conf file per
80 | ; pool in the following directory:
81 | include=/etc/php5/fpm/pool.d/*.conf
82 | 
83 | 


--------------------------------------------------------------------------------
/pidof.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | ps axc|awk "{if (\$5==\"$1\") print \$1}";
3 | 
4 | 
5 | 


--------------------------------------------------------------------------------
/proftpd.conf:
--------------------------------------------------------------------------------
 1 | LoadModule mod_tls.c
 2 | #ServerType standalone
 3 | UseIPv6                         off
 4 | ServerName                      "FTP Server"
 5 | PassivePorts 60000 61000
 6 | MaxInstances                    50
 7 | MaxClients                      40
 8 | MaxClientsPerHost               20
 9 | Umask                           137  027
10 | UseReverseDNS off
11 | IdentLookups off
12 | #DefaultRoot                  ~ ftp-users
13 | DefaultRoot     /var/www/vhosts/nginx-magento/  ftp-webadmin-users
14 | RequireValidShell            off
15 | UseFtpUsers                  off
16 | ServerIdent                  on       "FTP Server Ready"
17 | AccessGrantMsg                        "Hi, welcome  %u on the Misstang ftp server!"
18 | # Allow RESUME (REST command)
19 | AllowStoreRestart on
20 | AllowOverwrite on
21 | 
22 | TraceLog /var/log/proftpd/trace.log
23 | 
24 | # Enable FTPS
25 | Include /etc/proftpd/tls.conf
26 | 
27 | <Limit LOGIN>
28 |         AllowGroup ftp-webadmin-users
29 |         DenyAll
30 | </Limit>
31 | 


--------------------------------------------------------------------------------
/purgeance.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | sudo chown leseb /tmp/purgeance.txt
 3 | #ps aux | grep VLC | sed -n '1p' | grep VLC.app
 4 | 
 5 | x=$(ps aux | grep VLC.app | wc -l | awk '{print $1}')
 6 | if [ $x -eq 1 ] ; then
 7 | 	purge
 8 | 	if [ $? -eq 0 ] ; then
 9 | 		sudo echo "`date` purge success" >> /tmp/purgeance.txt
10 | 	fi
11 | else
12 | 	sudo echo "`date` vlc est ouvert !" >> /tmp/purgeance.txt
13 | fi
14 | 


--------------------------------------------------------------------------------
/reset-mysql-root-passwd.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 |  
 3 | DISTRO=$(lsb_release -i | awk '{print $3}')
 4 |  
 5 | function reset_root_mysql {
 6 |         killall -15 mysqld
 7 |         read -s -p 'Enter a new root password: ' MYSQL_ROOT_PASSWORD
 8 |         echo "UPDATE mysql.user SET Password=PASSWORD('$MYSQL_ROOT_PASSWORD') WHERE User='root';" | mysqld --bootstrap
 9 | }
10 |  
11 | if [[ ! ${DISTRO} =~ (Ubuntu) ]]; then
12 |         reset_root_mysql
13 |         service mysql start
14 | else
15 |         reset_root_mysql
16 | fi


--------------------------------------------------------------------------------
/sshd_config:
--------------------------------------------------------------------------------
 1 | ## Hardening ssh conf Leseb
 2 | # Port
 3 | Port 22 
 4 | 
 5 | # Protocol to use
 6 | Protocol 2
 7 | 
 8 | #ListenAddress votre_ip
 9 | 
10 | # Automatically disconnect session due to inactivity (5min)
11 | ClientAliveInterval 300
12 | ClientAliveCountMax 0
13 | 
14 | # Restrict SSH access to user groups
15 | AllowGroups ssh-users
16 | 
17 | # KeyBit Lenght
18 | ServerKeyBits 1024
19 | 
20 | # Enable a warning banner
21 | Banner /etc/issue
22 | 
23 | # Disable empty passwords
24 | PermitEmptyPasswords no
25 | 
26 | # Disable root ssh login
27 | PermitRootLogin no
28 | 
29 | # No not allow users to set environment options
30 | PermitUserEnvironment no
31 | 
32 | # Disable key authentification
33 | PubkeyAuthentication yes
34 | 
35 | # Ignore SSH can emulate the behavior of the obsolete rsh command, just disable insecure access via RSH
36 | IgnoreRhosts yes
37 | 
38 | # Enable password authentification
39 | PasswordAuthentication no
40 | 
41 | # Disable host-based authentication
42 | HostbasedAuthentication no
43 | 
44 | # Pam + ssh
45 | UsePAM yes
46 | 
47 | # Enable tunneling compression 
48 | Compression yes
49 | 
50 | # Hardening
51 | AllowTcpForwarding no
52 | X11Forwarding no
53 | 
54 | # Check file permission (ssh keys, know hosts...)
55 | StrictModes yes
56 | 
57 | # Use only approved Ciphers in Counter mode
58 | Ciphers aes128-ctr,aes192-ctr,aes256-ctr


--------------------------------------------------------------------------------
/sync-usblive.sh:
--------------------------------------------------------------------------------
  1 | #! /bin/bash
  2 | 
  3 | ######################################################################################
  4 | # Script de gestion de connexion et sauvegarde du /home de la clef sur le poste fixe #
  5 | ######################################################################################
  6 | 
  7 | 
  8 | #------------------------------------------------------------------------------------#
  9 | # Fonction pour la barre de progression
 10 | #------------------------------------------------------------------------------------#
 11 | 
 12 | afficheTaille () {
 13 | 
 14 | taille=$(sed '/\./! s/^.*$/&.00/' <<< $1)
 15 | i=1
 16 | while [[ ${#taille} -ge 7 ]]; do
 17 | 	taille=$(bc <<< "scale=2;$taille/1024")
 18 | 	((i =1))
 19 | done
 20 | case $i in
 21 | 	1) taille =" octets" ;;
 22 | 	2) taille =" Ko" ;;
 23 | 	3) taille =" Mo" ;;
 24 | 	4) taille =" Go" ;;
 25 | esac
 26 | echo $taille
 27 | }
 28 | 
 29 | #-------------------------------------------------------------------------------------#
 30 | # Déclaration des variables
 31 | #-------------------------------------------------------------------------------------#
 32 | 
 33 | # Paramètres d'identification de la clef
 34 | DEVTYPE="usb"
 35 | ID_SERIAL_SHORT="A500000000026452"
 36 | KEY_SYNC=/dev/LiveUSB2
 37 | USERNAME="leseb" # Indispensable pour l'affichage des fenêtres Zenity
 38 | 
 39 | # Répertoire destination, de montage de LiveUSB2, du montage du volume crypté,de l'emplacement du home crypté, de backup du .img
 40 | DEST_DIR=/home/leseb/udevsync/
 41 | MONT_POINT=/home/leseb/MOUNT/
 42 | CRYPT_MOUNT=/home/leseb/CRYPT/
 43 | CONTENEUR=/home/leseb/MOUNT/luks-home.img
 44 | BKP_CONT=/home/leseb/Backup_IMG/
 45 | 
 46 | # Fichiers de log horodatés
 47 | BKP_DATE=`date +"%Y-%m-%d_%H-%M"`
 48 | LOG_FILE=/tmp/Logs_Sync/sdBackup_${BKP_DATE}.log
 49 | RSYNC_ERR=/tmp/rsync.err
 50 | 
 51 | #------------------------------------------------------------------------------------#
 52 | # Algo
 53 | #------------------------------------------------------------------------------------#
 54 | 
 55 | # Initialisation du fichier de log
 56 | echo "Backup du $BKP_DATE" > $LOG_FILE
 57 | echo "Début à `date '%H:%M:%S'`" >> $LOG_FILE
 58 | 
 59 | # Action à l'insertion de la clef
 60 | if [ "$ID_FS_TYPE" = "ext2" ] ; then # Variable de UDev pour l'insertion de clef
 61 | 	# Montage de la partition contenant le volume crypté
 62 | 	mount $KEY_SYNC $MONT_POINT
 63 | 	# Demande de synchronisation
 64 | 	su - ${USERNAME} -c "DISPLAY=:0.0 zenity --question --title='Bienvenue' --text='Clef montée. \nVoulez-vous synchroniser le <b>/home</b> de la clef ?'"
 65 | 	if [ "$?" = 0 ]; then # Si on clique sur "Valider"
 66 | 		if [ -f $CONTENEUR ] ; then # vérifie si le volume crypté existe
 67 | 			# Cherche un loop libre
 68 | 			loop=$(losetup -f)
 69 | 			/sbin/losetup $loop $CONTENEUR
 70 | 			# Ouverture du conteneur et saisie de mot de passe
 71 | 			mdp=$(su - ${USERNAME} -c "DISPLAY=:0.0 zenity --entry \
 72 | 			--title='Ouverture du conteneur chiffré' \
 73 | 			--text='Entrez le mot de passe pour ouvrir le volume chiffré' \
 74 | 			--hide-text")
 75 | 			# On envoie le mot de passe dans la commande
 76 | 			echo $mdp|/sbin/cryptsetup luksOpen $loop LUKS
 77 | 			# On monte le contenu du volume chiffré dans un dossier
 78 | 			mount -o loop /dev/mapper/LUKS $CRYPT_MOUNT
 79 | 			# Synchronisation avec barre de progression
 80 | 			echo "0" > nb
 81 | 			DEBUT=$(date %s)
 82 | 			rsync -av --delete --update --perms --owner --ignore-errors --force --progress $CRYPT_MOUNT/ $DEST_DIR/ 2>>$RSYNC_ERR | sed '
 83 | 			/to-check=/! {
 84 | 			/^sending/ {d;q;}
 85 | 			/\/$/
 86 | 			{d;q;}
 87 | 			/^sent/
 88 | 			{s/^.*$/echo "&" \>\/tmp\/rapport\.txt/e;d;q;};
 89 | 			/^total/ {s/^.*$/echo "&" \>\>\/tmp\/rapport\.txt/e;d;q;};
 90 | 			/^.\{43\}/ {s/\(^.\{20\}\).*\(.\{20\}$\)/echo \$\(\(\$\(cat nb\) 1\)\) \> nb; echo "\1\[...\]\2" \>\/tmp\/svgrd_sed\.txt/e;d;q;};
 91 | 			/^.\{43\}/! {s/^.*$/echo \$\(\(\$\(cat nb\) 1\)\) \> nb; echo "&" \>\/tmp\/svgrd_sed\.txt/e;d;q;};
 92 | 			}
 93 | 			/to-check=/ {
 94 | 			s/.*=\(.*\)\/\(.*\))/echo "#`echo "scale=2;\(\2-\1\)\*100\/\2" | bc | cut -d\. -f1`% (\$\(\(\2 - \1\)\) fichiers sur \2\) > \$\(cat \/tmp\/svgrd_sed\.txt\)"\; echo "scale=2;\(\2-\1\)\*100\/\2" | bc/e
 95 | 			}
 96 | 			' | su - ${USERNAME} -c "DISPLAY=:0.0 zenity --progress --width=580 --title='Synchronisation' --text='Initialisation de la sauvegarde...' --percentage=0 --auto-close"
 97 | 			FIN=$(date %s)
 98 | 			TEMPS=$(($FIN-$DEBUT))
 99 | 			TP_HEU=$(sed 's/^.$/0&/' <<< $(($TEMPS/3600)))
100 | 			TP_TMP=$(($TEMPS%3600))
101 | 			TP_MIN=$(sed 's/^.$/0&/' <<< $(($TP_TMP/60)))
102 | 			TP_SEC=$(sed 's/^.$/0&/' <<< $(($TP_TMP%60)))
103 | 			TP=$(echo "$TP_HEU:$TP_MIN:$TP_SEC")
104 | 			# Vérifie la sortie de rsync
105 | 			ERR=$(cat $RSYNC_ERR)
106 | 			ERR=$(cat $RSYNC_ERR)
107 | 			if [[ ${#ERR} -ne 0 ]]; then
108 | 				su - ${USERNAME} -c "DISPLAY=:0.0 zenity --error --title='Erreur de copie' --text='Problème lors de la sauvegarde du répertoire <b>$MOUNT_POINT</b>.\n\n<b><span color='red'>$ERR</span></b>.'"
109 | 				rm $RSYNC_ERR
110 | 			else
111 | 				NB_FICH=$(cat nb)
112 | 				ENVOI=$(afficheTaille $(cat /tmp/rapport.txt | grep sent | cut -d' ' -f2))
113 | 				VITESS=$(afficheTaille $(cat /tmp/rapport.txt | grep sent | cut -d' ' -f9))
114 | 				su - ${USERNAME} -c "DISPLAY=:0.0 zenity --info --title='Terminé' --text='Sauvegarde du répertoire\n<b>$CRYPT_MOUNT</b> effectuée avec succès.\n$NB_FICH fichiers synchronisés\nTemps:\t$TP\nTransfert:\t$V"
115 | 				rm nb
116 | 			fi
117 | 
118 | 			# Précaution de backup du volume chiffré
119 | 			cp $CONTENEUR $BKP_CONT
120 | 			su - ${USERNAME} -c "DISPLAY=:0.0 zenity --info --title='Backup' --text='Le backup du luks-home.img a été effectué'"
121 | 		else
122 | 			su - ${USERNAME} -c "DISPLAY=:0.0 zenity --error \
123 | 			--title='Erreur' \
124 | 			--text='Aucun volume crypté trouvé !'"
125 | 		fi
126 | 	fi
127 | fi
128 | 
129 | if [ "$ACTION" = "remove" ] ; then # Variable de UDev
130 | 	# Démonter le volume crypté
131 | 	umount $CRYPT_MOUNT
132 | 	# Fermer le volume crypté
133 | 	/sbin/cryptsetup luksClose LUKS
134 | 	# Libérer le loop
135 | 	/sbin/losetup -d $loop
136 | 	# Démontage de la clef
137 | 	umount -f $KEY_SYNC >> $LOG_FILE
138 | 	su - ${USERNAME} -c "DISPLAY=:0.0 zenity --info --title='Au revoir' --text='Clef démontée avec succès.'"
139 | fi
140 | #------------------------------------------------------------------------------------#
141 | # EOF
142 | #------------------------------------------------------------------------------------#
143 | 
144 | 


--------------------------------------------------------------------------------
/tls.conf:
--------------------------------------------------------------------------------
 1 | <IfModule mod_tls.c>
 2 | TLSEngine                  on
 3 | TLSLog                     /var/log/proftpd/tls.log
 4 | TLSProtocol                SSLv23
 5 | TLSOptions                 NoCertRequest
 6 | TLSRSACertificateFile      /etc/proftpd/ssl/proftpd.cert.pem
 7 | TLSRSACertificateKeyFile   /etc/proftpd/ssl/proftpd.key.pem
 8 | TLSVerifyClient            off
 9 | TLSRequired                on
10 | </IfModule>
11 | 


--------------------------------------------------------------------------------
/tmux.conf:
--------------------------------------------------------------------------------
 1 | # ~/.tmux.conf
 2 | 
 3 | # Use Q as prefix magic key
 4 | unbind C-b
 5 | set -g prefix C-q
 6 | 
 7 | set-option -g allow-rename off
 8 | set-window-option -g automatic-rename off # don't rename window with shell name (+ iTerm)
 9 | set-option -g history-limit 10000 # increase scrollback buffer size
10 | 
11 | # More colors!
12 | set -g default-terminal "screen-256color"
13 | 
14 | # super useful when using "grouped sessions" and multi-monitor setup
15 | setw -g aggressive-resize on
16 | 
17 | # Status bar
18 | set -g status-right-length 80
19 | set -g status-right "#(/usr/local/bin/tmux-online) #(/usr/local/bin/battery -p -t)  #(osx-cpu) | #[fg=cyan]%d-%m | #[fg=green]%H:%M | #[fg=brightcyan]#(tmux-spotify-info) "
20 | set -g status-fg white
21 | set -g status-bg colour234
22 | set -g window-status-activity-attr bold
23 | set -g pane-border-fg colour245
24 | set -g pane-active-border-fg brightcyan
25 | set -g message-fg colour16
26 | set -g message-bg colour221
27 | set -g window-status-current-format "#[bg=brightmagenta]#[fg=colour8] #F #I #[fg=colour234,bg=brightcyan]#[fg=black,bg=brightcyan,noreverse] #W #[fg=brightcyan,bg=colour234]"
28 | set -g status-interval 5
29 | setw -g window-status-format "#[fg=magenta]#[bg=black]#I #[fg=white]#W"
30 | set-option -g status-left '#[fg=blue,bg=black] 💩  '
31 | 
32 | # Reload tmux config
33 | bind r source-file ~/.tmux.conf
34 | 
35 | # Move windows
36 | bind . command-prompt -p "Move window to position:" "move-window -t '%%'"
37 | 
38 | # Don't kill the pane with ctrlk D
39 | set-environment -g 'IGNOREEOF' 2
40 | 
41 | # Sync panes!
42 | bind o setw synchronize-panes on
43 | bind O setw synchronize-panes off
44 | 
45 | # Preserve current path for split and new windows
46 | bind-key c new-window -c "#{pane_current_path}"
47 | bind-key % split-window -h -c "#{pane_current_path}"
48 | bind-key '"' split-window -v -c "#{pane_current_path}"
49 | 
50 | # Vim key mode
51 | setw -g mode-keys vi
52 | 
53 | # Resize pane with the mouse, but you lose copy/paste...
54 | # set -g mouse on
55 | 
56 | # List of plugins
57 | # Supports `github_username/repo` or full git repo URLs
58 | set -g @tpm_plugins '              \
59 |   tmux-plugins/tpm                 \
60 |   tmux-plugins/tmux-resurrect    \
61 |   tmux-plugins/tmux-continuum    \
62 |   tmux-plugins/tmux-sidebar    \
63 | '
64 | 
65 | # Auto resurrect me!
66 | set -g @continuum-restore 'on'
67 | set -g @continuum-save-interval '30'
68 | 
69 | # Resurrect me!
70 | set -g @resurrect-capture-pane-contents 'on'
71 | set -g @resurrect-save-bash-history 'on'
72 | set -g @resurrect-save 'S'
73 | set -g @resurrect-restore 'R'
74 | 
75 | # Initializes TMUX plugin manager.
76 | # Keep this line at the very bottom of tmux.conf.
77 | run-shell '~/.tmux/plugins/tpm/tpm'
78 | 


--------------------------------------------------------------------------------
/uquick:
--------------------------------------------------------------------------------
 1 | # Ubuntu Server Quick Install
 2 | # by Dustin Kirkland <kirkland@ubuntu.com>
 3 | #  * Documentation: http://bit.ly/uquick-doc 
 4 | 
 5 | d-i	debian-installer/locale	string en_US.UTF-8
 6 | d-i	debian-installer/splash boolean false
 7 | d-i	console-setup/ask_detect	boolean false
 8 | d-i	console-setup/layoutcode	string us
 9 | d-i	console-setup/variantcode	string 
10 | d-i netcfg/choose_interface select auto
11 | d-i	netcfg/get_nameservers	string 
12 | d-i	netcfg/get_ipaddress	string 
13 | d-i	netcfg/get_netmask	string 255.255.255.0
14 | d-i	netcfg/get_gateway	string 
15 | d-i	netcfg/confirm_static	boolean true
16 | d-i	clock-setup/utc	boolean true
17 | d-i 	partman-auto/method string regular
18 | d-i 	partman-lvm/device_remove_lvm boolean true
19 | d-i 	partman-lvm/confirm boolean true
20 | d-i 	partman/confirm_write_new_label boolean true
21 | d-i 	partman/choose_partition        select Finish partitioning and write changes to disk
22 | d-i 	partman/confirm boolean true
23 | d-i 	partman/confirm_nooverwrite boolean true
24 | d-i 	partman/default_filesystem string ext3
25 | d-i 	clock-setup/utc boolean true
26 | d-i	clock-setup/ntp	boolean true
27 | d-i	clock-setup/ntp-server	string ntp.ubuntu.com
28 | d-i	base-installer/kernel/image	string linux-server
29 | d-i	passwd/root-login	boolean false
30 | d-i	passwd/make-user	boolean true
31 | d-i	passwd/user-fullname	string ubuntu
32 | d-i	passwd/username	string ubuntu
33 | d-i	passwd/user-password-crypted	password $6$.1eHH0iY$ArGzKX2YeQ3G6U.mlOO3A.NaL22Ewgz8Fi4qqz.Ns7EMKjEJRIW2Pm/TikDptZpuu7I92frytmk5YeL.9fRY4.
34 | d-i	passwd/user-uid	string 
35 | d-i	user-setup/allow-password-weak	boolean false
36 | d-i	user-setup/encrypt-home	boolean false
37 | d-i	passwd/user-default-groups	string adm cdrom dialout lpadmin plugdev sambashare
38 | d-i	apt-setup/services-select	multiselect security
39 | d-i	apt-setup/security_host	string security.ubuntu.com
40 | d-i	apt-setup/security_path	string /ubuntu
41 | d-i	debian-installer/allow_unauthenticated	string false
42 | d-i	pkgsel/upgrade	select safe-upgrade
43 | d-i	pkgsel/language-packs	multiselect 
44 | d-i	pkgsel/update-policy	select none
45 | d-i	pkgsel/updatedb	boolean true
46 | d-i	grub-installer/skip	boolean false
47 | d-i	lilo-installer/skip	boolean false
48 | d-i	grub-installer/only_debian	boolean true
49 | d-i	grub-installer/with_other_os	boolean true
50 | d-i	finish-install/keep-consoles	boolean false
51 | d-i	finish-install/reboot_in_progress	note 
52 | d-i	cdrom-detect/eject	boolean true
53 | d-i	debian-installer/exit/halt	boolean false
54 | d-i	debian-installer/exit/poweroff	boolean false
55 | d-i	pkgsel/include string byobu vim openssh-server
56 | byobu	byobu/launch-by-default boolean true
57 | 


--------------------------------------------------------------------------------
/varnish:
--------------------------------------------------------------------------------
 1 | START=yes
 2 | NFILES=131072
 3 | MEMLOCK=82000
 4 | INSTANCE=$(uname -n)
 5 | DAEMON_OPTS="-a :80 \
 6 |         -T localhost:6082
 7 |         -p thread_pool_add_delay=2
 8 |         -p thread_pools=4
 9 |         -p thread_pool_min=200
10 |         -p thread_pool_max=4000
11 |         -p session_linger=100
12 |         -f /etc/varnish/manabey.vcl
13 |         -S /etc/varnish/secret
14 | 	-s malloc,2G"
15 | 
16 | #-s malloc,3G"
17 | #-s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
18 | 


--------------------------------------------------------------------------------
/vimrc:
--------------------------------------------------------------------------------
  1 | " Use Vim settings, rather then Vi settings (much better!).
  2 | " This must be first, because it changes other options as a side effect.
  3 | set nocompatible
  4 | 
  5 | " TODO: this may not be in the correct place. It is intended to allow overriding <Leader>.
  6 | " source ~/.vimrc.before if it exists.
  7 | if filereadable(expand("~/.vimrc.before"))
  8 |   source ~/.vimrc.before
  9 | endif
 10 | 
 11 | " =============== Pathogen Initialization ===============
 12 | " This loads all the plugins in ~/.vim/bundle
 13 | " Use tpope's pathogen plugin to manage all other plugins
 14 | 
 15 | 
 16 | " ================ General Config ====================
 17 | 
 18 | "set number                      "Line numbers are good
 19 | set backspace=indent,eol,start  "Allow backspace in insert mode
 20 | set history=1000                "Store lots of :cmdline history
 21 | set showcmd                     "Show incomplete cmds down the bottom
 22 | set showmode                    "Show current mode down the bottom
 23 | set gcr=a:blinkon0              "Disable cursor blink
 24 | set visualbell                  "No sounds
 25 | set autoread                    "Reload files changed outside vim
 26 | 
 27 | " This makes vim act like all other editors, buffers can
 28 | " exist in the background without being in a window.
 29 | " http://items.sjbach.com/319/configuring-vim-right
 30 | set hidden
 31 | 
 32 | "turn on syntax highlighting
 33 | syntax on
 34 | 
 35 | " ================ Search Settings  =================
 36 | 
 37 | set incsearch        "Find the next match as we type the search
 38 | set hlsearch         "Hilight searches by default
 39 | set viminfo='100,f1  "Save up to 100 marks, enable capital marks
 40 | 
 41 | " ================ Turn Off Swap Files ==============
 42 | 
 43 | set noswapfile
 44 | set nobackup
 45 | set nowb
 46 | 
 47 | " ================ Persistent Undo ==================
 48 | " Keep undo history across sessions, by storing in file.
 49 | " Only works all the time.
 50 | 
 51 | silent !mkdir ~/.vim/backups > /dev/null 2>&1
 52 | set undodir=~/.vim/backups
 53 | set undofile
 54 | 
 55 | " ================ Indentation ======================
 56 | 
 57 | set autoindent
 58 | set smartindent
 59 | set smarttab
 60 | set shiftwidth=2
 61 | set softtabstop=2
 62 | set tabstop=2
 63 | set expandtab
 64 | 
 65 | filetype plugin on
 66 | filetype indent on
 67 | 
 68 | " Display tabs and trailing spaces visually
 69 | "set list listchars=tab:\ \ ,trail:·
 70 | 
 71 | set nowrap       "Don't wrap lines
 72 | set linebreak    "Wrap lines at convenient points
 73 | 
 74 | " ================ Folds ============================
 75 | 
 76 | set foldmethod=indent   "fold based on indent
 77 | set foldnestmax=3       "deepest fold is 3 levels
 78 | set nofoldenable        "dont fold by default
 79 | 
 80 | " ================ Completion =======================
 81 | 
 82 | set wildmode=list:longest
 83 | set wildmenu                "enable ctrl-n and ctrl-p to scroll thru matches
 84 | set wildignore=*.o,*.obj,*~ "stuff to ignore when tab completing
 85 | set wildignore+=*vim/backups*
 86 | set wildignore+=*sass-cache*
 87 | set wildignore+=*DS_Store*
 88 | set wildignore+=vendor/rails/**
 89 | set wildignore+=vendor/cache/**
 90 | set wildignore+=*.gem
 91 | set wildignore+=log/**
 92 | set wildignore+=tmp/**
 93 | set wildignore+=*.png,*.jpg,*.gif
 94 | 
 95 | "
 96 | 
 97 | " ================ Scrolling ========================
 98 | 
 99 | set scrolloff=8         "Start scrolling when we're 8 lines away from margins
100 | set sidescrolloff=15
101 | set sidescroll=1
102 | 
103 | "set tw=79
104 | "set colorcolumn=79
105 | 
106 | " ================ Mouse Scrolling ========================
107 | 
108 | ":set mouse=nicr
109 | 
110 | " ================ White spaces ========================
111 | "
112 | highlight ExtraWhitespace ctermbg=red guibg=red
113 | match ExtraWhitespace /\s\+$/
114 | autocmd BufWinEnter * match ExtraWhitespace /\s\+$/
115 | autocmd InsertEnter * match ExtraWhitespace /\s\+\%#\@<!$/
116 | autocmd InsertLeave * match ExtraWhitespace /\s\+$/
117 | autocmd BufWinLeave * call clearmatches()
118 | 
119 | " Uncomment the following to have Vim jump to the last position when
120 | " " reopening a file
121 | if has("autocmd")
122 |    au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif
123 | endif
124 | 


--------------------------------------------------------------------------------
/website.conf:
--------------------------------------------------------------------------------
  1 | server {
  2 |         listen 8080;
  3 |         server_name website.com;
  4 |         rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www
  5 | }
  6 | 
  7 | server {
  8 |         listen 8080 default;
  9 | ## SSL directives might go here
 10 | 	#listen 443 default ssl;
 11 | 	#ssl_certificate	/etc/nginx/conf.d/misstang_combined.crt;
 12 | 	#ssl_certificate_key	/etc/nginx/conf.d/www.misstang.com.key;
 13 |         
 14 | 	## Domain is here twice so server_name_in_redirect will favour the www
 15 |         server_name www.website.com;
 16 |         root /var/www/vhosts/nginx-magento;
 17 | 	
 18 |         location / {
 19 |                 index index.php index.html; ## Allow a static html file to be shown first
 20 |                 try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler
 21 |                 expires 30d; ## Assume all files are cachable
 22 |         }
 23 | 
 24 | 	# Prevent robots	
 25 | 	#location = /robots.txt {
 26 |      		#log_not_found  off;		
 27 | 	#}
 28 | 
 29 |         # These locations would be hidden by .htaccess normally
 30 |                 location /app/                { deny all; }
 31 |                 location /includes/           { deny all; }
 32 |                 location /lib/                { deny all; }
 33 |                 location /media/downloadable/ { deny all; }
 34 |                 location /pkginfo/            { deny all; }
 35 |                 location /report/config.xml   { deny all; }
 36 |                 location /var/                { deny all; }
 37 | 	
 38 | 	# Add Expires headers
 39 | 	#location ~* "^.+\.(jpe?g|gif|css|png|js|ico|pdf|zip|tar|t?gz|mp3|wav|swf)$" {
 40 |     		#expires    max;
 41 |     		#add_header Cache-Control public;
 42 |   	#}
 43 | 
 44 |         location /var/export/ { ## Allow admins only to view export folder
 45 |                 auth_basic           "Restricted"; ## Message shown in login window
 46 |                 auth_basic_user_file htpasswd; ## See /etc/nginx/htpasswd
 47 |                 autoindex            on;
 48 |         }
 49 | 
 50 |         location  /. { ## Disable .htaccess and other hidden files
 51 |                 return 404;
 52 |         }
 53 | 
 54 |         location @handler { ## Magento uses a common front handler
 55 |                 rewrite / /index.php;
 56 |         }
 57 | 
 58 |         location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
 59 |                 rewrite ^(.*.php)/ $1 last;
 60 |         }
 61 | 
 62 |         location ~ .php$ { ## Execute PHP scripts
 63 |                 if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
 64 | 
 65 |                 expires        off; ## Do not cache dynamic content
 66 |                 fastcgi_pass   127.0.0.1:9000;
 67 |                 fastcgi_param  HTTPS $fastcgi_https;
 68 |                 fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
 69 |                 fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
 70 |                 fastcgi_param  MAGE_RUN_TYPE store;
 71 |                 include        fastcgi_params; ## See /etc/nginx/fastcgi_params
 72 |         }
 73 | 
 74 | 	location ~ ^/cgi-bin/.*\.cgi$ { ## Execute CGI scripts
 75 |                 gzip off;
 76 |                 fastcgi_pass  127.0.0.1:8999;
 77 |                 fastcgi_index index.pl ;
 78 |                 fastcgi_param  SCRIPT_FILENAME /usr/lib$fastcgi_script_name;
 79 |                 include fastcgi_params;
 80 |    	}
 81 | 
 82 | 	location ~ ^/phpmyadmin/ {
 83 |                root   /usr/share/phpmyadmin;
 84 |                index  index.php;
 85 |                ccess_log off;
 86 |                #error_log off;
 87 |                charset utf-8;
 88 | 	}
 89 | 
 90 | 	# Awstats
 91 | 	#location ~ ^/awstats/ {
 92 |                #root   /data/webroot/awstats;
 93 |                #index  index.html;
 94 |                #access_log off;
 95 |                #error_log off;
 96 |                #charset utf-8;
 97 | 	#}
 98 | 
 99 | 	# Memcached
100 |         #location ~* ^.+\.(jpg|jpeg|gif|css|png|js|xml)$ {
101 |                 #expires         30d;
102 |                 #access_log      off;
103 |                 #set             $memcached_key $uri;
104 |                 #memcached_pass  127.0.0.1:11211;
105 |         #}
106 | 
107 | 	# Prevent hotlinking
108 | 	location ~* ^.+\.(jpg|jpeg|gif)$ {
109 |         	valid_referers none blocked *.website.com www.website.com;
110 |        		if ($invalid_referer) {
111 | 		return 444; }
112 | 	}
113 | 	
114 | 	# Show resum stats
115 | 	location /nginx_status {
116 | 		#auth_basic           "Restricted"; ## Message shown in login window
117 |                 #auth_basic_user_file htpasswd; ## See /etc/nginx/htpasswd
118 |         	stub_status on;
119 |         	access_log off;
120 | 		allow 127.0.0.1;
121 | 		deny all;
122 | 	}
123 | 	
124 | 	# Munin	
125 | 	location ~ ^/www {
126 |         	root                    /var/cache/munin/;
127 |         	index                   index.html;
128 | 		auth_basic           "Restricted"; ## Message shown in login window
129 |                 auth_basic_user_file htpasswd; ## See /etc/nginx/htpasswd
130 |     	}
131 | 
132 | 	# PHP-FPM status
133 | 	location = /status {
134 |  		fastcgi_pass    127.0.0.1:9000;
135 |  		fastcgi_index   index.php;
136 |  		fastcgi_param   SCRIPT_FILENAME  /var/www/default/www/html$fastcgi_script_name;
137 |  		include         fastcgi_params;
138 | 		access_log off;
139 |                 allow 127.0.0.1;
140 |                 deny all;
141 | 	}
142 | 	
143 | 	# Fooman Speeder
144 | 	#rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
145 |     	#rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
146 | 
147 |     	#location /lib/minify/ {
148 |         #allow all;
149 |     	#}
150 | }
151 | 


--------------------------------------------------------------------------------
/website.vcl:
--------------------------------------------------------------------------------
  1 | # This is a basic VCL configuration file for varnish.  See the vcl(7)
  2 | # man page for details on VCL syntax and semantics.
  3 | # 
  4 | # Default backend definition.  Set this to point to your content
  5 | # server.
  6 | # 
  7 |  backend default {
  8 |      .host = "127.0.0.1";
  9 |      .port = "8080"; # Nginx Address
 10 |  }
 11 | 
 12 | acl trusted {
 13 |     "127.0.0.1";
 14 |     # Add other ips that are allowed to purge cache
 15 | }
 16 | 
 17 | # 
 18 | # http://www.varnish-cache.org/docs/2.1/tutorial/vcl.html#vcl-recv
 19 | # @param req    Request object
 20 | sub vcl_recv {
 21 |     if (req.http.x-forwarded-for) {
 22 |         set req.http.X-Forwarded-For = req.http.X-Forwarded-For ", " client.ip;
 23 |     }
 24 |     else {
 25 |         set req.http.X-Forwarded-For = client.ip;
 26 |     }
 27 |     
 28 |     if (req.request == "PURGE") {
 29 |         # Allow requests from trusted IPs to purge the cache
 30 |         if (!client.ip ~ trusted) {
 31 |            error 405 "Not allowed.";
 32 |         }
 33 |         purge("req.url ~ " req.url);
 34 |         error 200 "Ok"; #We don't go to backend 
 35 |         #return(lookup); # @see vcl_hit
 36 |     }
 37 |     
 38 |     if (req.request != "GET" &&
 39 |        req.request != "HEAD" &&
 40 |        req.request != "PUT" &&
 41 |        req.request != "POST" &&
 42 |        req.request != "TRACE" &&
 43 |        req.request != "OPTIONS" &&
 44 |        req.request != "DELETE") {
 45 |          /* Non-RFC2616 or CONNECT which is weird. */
 46 |          return (pipe);
 47 |     }
 48 | 
 49 |      # Cache only GET or HEAD requests
 50 |      if (req.request != "GET" && req.request != "HEAD") {
 51 |          /* We only deal with GET and HEAD by default */
 52 |          return (pass);
 53 |      }
 54 | 
 55 |     # parse accept encoding rulesets to normalize
 56 |     if (req.http.Accept-Encoding) {
 57 |         if (req.http.Accept-Encoding ~ "gzip") {
 58 |             set req.http.Accept-Encoding = "gzip";
 59 |         } elsif (req.http.Accept-Encoding ~ "deflate") {
 60 |             set req.http.Accept-Encoding = "deflate";
 61 |         } else {
 62 |             # unkown algorithm
 63 |             remove req.http.Accept-Encoding;
 64 |         }
 65 |     }
 66 | 
 67 |      # Rules for static files
 68 |      if (req.url ~ "\.(jpeg|jpg|png|gif|ico|swf|js|css|gz|rar|txt|bzip|pdf)(\?.*|)$") {
 69 |         set req.http.staticmarker = "1";
 70 |         unset req.http.Cookie;
 71 | 
 72 |         return (lookup);
 73 |     }
 74 | 
 75 |     # Don't cache pages for Magento Admin
 76 |     if (req.url ~ "^/(index.php/)?admin") {
 77 |         return(pass);
 78 |     }
 79 | 
 80 |     # Dont't cache nginx_status
 81 |     if (req.url ~ "^/(nginx_status)") {
 82 |         return(pass);
 83 |     }
 84 | 
 85 |     # Dont't cache Munin web page
 86 |     if (req.url ~ "^/(www)") {
 87 |         return(pass);
 88 |     }
 89 | 
 90 |     # Don't cache checkout/customer pages, product compare
 91 |     if (req.url ~ "^/(index.php/)?(checkout|customer|catalog/product_compare|wishlist)") {
 92 |         return(pass);
 93 |     }
 94 | 
 95 |     # Don't cache till session end
 96 |     if (req.http.cookie ~ "nocache_stable") {
 97 |         return(pass);
 98 |     }
 99 | 
100 |     # Unique identifier witch tell Varnish use cache or not
101 |     if (req.http.cookie ~ "nocache") {
102 |         return(pass);
103 |     }
104 | 
105 |     # Remove cookie 
106 |     unset req.http.Cookie;
107 |     set req.http.magicmarker = "1"; #Instruct varnish to remove cache headers received from backend
108 |     return(lookup);
109 |  }
110 | 
111 | 
112 | sub vcl_pipe {
113 | #     # Note that only the first request to the backend will have
114 | #     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
115 | #     # have it set for all requests, make sure to have:
116 | #     # set req.http.connection = "close";
117 | #     # here.  It is not set by default as it might break some broken web
118 | #     # applications, like IIS with NTLM authentication.
119 |      return (pipe);
120 | }
121 |  
122 | #sub vcl_pass {
123 | #     return (pass);
124 | #}
125 |  
126 | #sub vcl_hash {
127 | #     set req.hash += req.url;
128 | #     if (req.http.host) {
129 | #         set req.hash += req.http.host;
130 | #     } else {
131 | #         set req.hash += server.ip;
132 | #     }
133 | #     return (hash);
134 | # }
135 | 
136 | 
137 | # Called after a cache lookup if the req. document was found in the cache.
138 | sub vcl_hit {
139 |     if (req.request == "PURGE") {
140 |         purge_url(req.url);
141 |         error 200 "Purged";
142 |     }
143 |     
144 |     if (!obj.cacheable) {
145 |         return (pass);
146 |     }
147 |     return (deliver);
148 | }
149 | 
150 | # Called after a cache lookup and odc was not found in cache.
151 | sub vcl_miss {
152 |     if (req.request == "PURGE"){
153 |         error 404 "Not in cache";
154 |     }
155 |     return (fetch);
156 | }
157 | 
158 | # Called after document was retreived from backend
159 | # @var req      Request object.
160 | # @var beresp   Backend response (contains HTTP headers from backend)
161 | sub vcl_fetch {
162 |     set req.grace = 30s;
163 | 
164 |     # Current response should not be cached
165 |     if(beresp.http.Set-Cookie ~ "nocache=1") {
166 |         return (deliver);
167 |     }
168 | 
169 |     # Flag set when we want to delete cache headers received from backend
170 |     if (req.http.magicmarker){
171 |         unset beresp.http.magicmarker;
172 |         unset beresp.http.Cache-Control;
173 |         unset beresp.http.Expires;
174 |         unset beresp.http.Pragma;
175 |         unset beresp.http.Cache;
176 |         unset beresp.http.Server;
177 |         unset beresp.http.Set-Cookie;
178 |         unset beresp.http.Age;
179 |         
180 |         # default ttl for pages
181 |         set beresp.ttl = 1d;
182 |     }
183 |     if (req.http.staticmarker) {
184 |         set beresp.ttl = 30d; # static file cache expires in 30 days
185 |         unset beresp.http.staticmarker;
186 |         unset beresp.http.ETag; # Removes Etag in case we have multiple frontends
187 |     }
188 | 
189 |     return (deliver);
190 | }
191 | 
192 | # Called after a cached document is delivered to the client.
193 | sub vcl_deliver {
194 |     if (obj.hits > 0) {
195 |         set resp.http.X-Cache = "HIT ("obj.hits")";
196 |     } else {
197 |         set resp.http.X-Cache = "MISS";
198 |         #    set resp.http.X-Cache-Hash = obj.http.hash;
199 |     }
200 |     return (deliver);
201 | }
202 | # 
203 | # sub vcl_error {
204 | #     set obj.http.Content-Type = "text/html; charset=utf-8";
205 | #     synthetic {"
206 | # <?xml version="1.0" encoding="utf-8"?>
207 | # <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
208 | #  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
209 | # <html>
210 | #   <head>
211 | #     <title>"} obj.status " " obj.response {"</title>
212 | #   </head>
213 | #   <body>
214 | #     <h1>Error "} obj.status " " obj.response {"</h1>
215 | #     <p>"} obj.response {"</p>
216 | #     <h3>Guru Meditation:</h3>
217 | #     <p>XID: "} req.xid {"</p>
218 | #     <hr>
219 | #     <address>
220 | #        <a href="http://www.varnish-cache.org/">Varnish cache server</a>
221 | #     </address>
222 | #   </body>
223 | # </html>
224 | # "};
225 | #     return (deliver);
226 | # }
227 | 
228 | 


--------------------------------------------------------------------------------
/www.conf:
--------------------------------------------------------------------------------
  1 | ; Start a new pool named 'www'.
  2 | ; the variable $pool can we used in any directive and will be replaced by the
  3 | ; pool name ('www' here)
  4 | [www]
  5 | 
  6 | ; Per pool prefix
  7 | ; It only applies on the following directives:
  8 | ; - 'slowlog'
  9 | ; - 'listen' (unixsocket)
 10 | ; - 'chroot'
 11 | ; - 'chdir'
 12 | ; - 'php_values'
 13 | ; - 'php_admin_values'
 14 | ; When not set, the global prefix (or /usr) applies instead.
 15 | ; Note: This directive can also be relative to the global prefix.
 16 | ; Default Value: none
 17 | ;prefix = /path/to/pools/$pool
 18 | 
 19 | ; The address on which to accept FastCGI requests.
 20 | ; Valid syntaxes are:
 21 | ;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
 22 | ;                            a specific port;
 23 | ;   'port'                 - to listen on a TCP socket to all addresses on a
 24 | ;                            specific port;
 25 | ;   '/path/to/unix/socket' - to listen on a unix socket.
 26 | ; Note: This value is mandatory.
 27 | listen = 127.0.0.1:9000
 28 | 
 29 | ; Set listen(2) backlog. A value of '-1' means unlimited.
 30 | ; Default Value: 128 (-1 on FreeBSD and OpenBSD)
 31 | ;listen.backlog = -1
 32 |  
 33 | ; List of ipv4 addresses of FastCGI clients which are allowed to connect.
 34 | ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
 35 | ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
 36 | ; must be separated by a comma. If this value is left blank, connections will be
 37 | ; accepted from any ip address.
 38 | ; Default Value: any
 39 | ;listen.allowed_clients = 127.0.0.1
 40 | 
 41 | ; Set permissions for unix socket, if one is used. In Linux, read/write
 42 | ; permissions must be set in order to allow connections from a web server. Many
 43 | ; BSD-derived systems allow connections regardless of permissions. 
 44 | ; Default Values: user and group are set as the running user
 45 | ;                 mode is set to 0666
 46 | ;listen.owner = www-data
 47 | ;listen.group = www-data
 48 | ;listen.mode = 0666
 49 | 
 50 | ; Unix user/group of processes
 51 | ; Note: The user is mandatory. If the group is not set, the default user's group
 52 | ;       will be used.
 53 | user = www-data
 54 | group = www-data
 55 | 
 56 | ; Choose how the process manager will control the number of child processes.
 57 | ; Possible Values:
 58 | ;   static  - a fixed number (pm.max_children) of child processes;
 59 | ;   dynamic - the number of child processes are set dynamically based on the
 60 | ;             following directives:
 61 | ;             pm.max_children      - the maximum number of children that can
 62 | ;                                    be alive at the same time.
 63 | ;             pm.start_servers     - the number of children created on startup.
 64 | ;             pm.min_spare_servers - the minimum number of children in 'idle'
 65 | ;                                    state (waiting to process). If the number
 66 | ;                                    of 'idle' processes is less than this
 67 | ;                                    number then some children will be created.
 68 | ;             pm.max_spare_servers - the maximum number of children in 'idle'
 69 | ;                                    state (waiting to process). If the number
 70 | ;                                    of 'idle' processes is greater than this
 71 | ;                                    number then some children will be killed.
 72 | ; Note: This value is mandatory.
 73 | pm = dynamic
 74 | 
 75 | ; The number of child processes to be created when pm is set to 'static' and the
 76 | ; maximum number of child processes to be created when pm is set to 'dynamic'.
 77 | ; This value sets the limit on the number of simultaneous requests that will be
 78 | ; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
 79 | ; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
 80 | ; CGI.
 81 | ; Note: Used when pm is set to either 'static' or 'dynamic'
 82 | ; Note: This value is mandatory.
 83 | pm.max_children = 50
 84 | 
 85 | ; The number of child processes created on startup.
 86 | ; Note: Used only when pm is set to 'dynamic'
 87 | ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
 88 | pm.start_servers = 20
 89 | 
 90 | ; The desired minimum number of idle server processes.
 91 | ; Note: Used only when pm is set to 'dynamic'
 92 | ; Note: Mandatory when pm is set to 'dynamic'
 93 | pm.min_spare_servers = 5
 94 | 
 95 | ; The desired maximum number of idle server processes.
 96 | ; Note: Used only when pm is set to 'dynamic'
 97 | ; Note: Mandatory when pm is set to 'dynamic'
 98 | pm.max_spare_servers = 35
 99 |  
100 | ; The number of requests each child process should execute before respawning.
101 | ; This can be useful to work around memory leaks in 3rd party libraries. For
102 | ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
103 | ; Default Value: 0
104 | pm.max_requests = 500
105 | 
106 | ; The URI to view the FPM status page. If this value is not set, no URI will be
107 | ; recognized as a status page. By default, the status page shows the following
108 | ; information:
109 | ;   accepted conn        - the number of request accepted by the pool;
110 | ;   pool                 - the name of the pool;
111 | ;   process manager      - static or dynamic;
112 | ;   idle processes       - the number of idle processes;
113 | ;   active processes     - the number of active processes;
114 | ;   total processes      - the number of idle + active processes.
115 | ;   max children reached - number of times, the process limit has been reached,
116 | ;                          when pm tries to start more children (works only for
117 | ;                          pm 'dynamic')
118 | ; The values of 'idle processes', 'active processes' and 'total processes' are
119 | ; updated each second. The value of 'accepted conn' is updated in real time.
120 | ; Example output:
121 | ;   accepted conn:        12073
122 | ;   pool:                 www
123 | ;   process manager:      static
124 | ;   idle processes:       35
125 | ;   active processes:     65
126 | ;   total processes:      100
127 | ;   max children reached: 1
128 | ; By default the status page output is formatted as text/plain. Passing either
129 | ; 'html', 'xml' or 'json' as a query string will return the corresponding output
130 | ; syntax. Example:
131 | ;   http://www.foo.bar/status
132 | ;   http://www.foo.bar/status?json
133 | ;   http://www.foo.bar/status?html
134 | ;   http://www.foo.bar/status?xml
135 | ; Note: The value must start with a leading slash (/). The value can be
136 | ;       anything, but it may not be a good idea to use the .php extension or it
137 | ;       may conflict with a real PHP file.
138 | ; Default Value: not set 
139 | pm.status_path = /status
140 |  
141 | ; The ping URI to call the monitoring page of FPM. If this value is not set, no
142 | ; URI will be recognized as a ping page. This could be used to test from outside
143 | ; that FPM is alive and responding, or to
144 | ; - create a graph of FPM availability (rrd or such);
145 | ; - remove a server from a group if it is not responding (load balancing);
146 | ; - trigger alerts for the operating team (24/7).
147 | ; Note: The value must start with a leading slash (/). The value can be
148 | ;       anything, but it may not be a good idea to use the .php extension or it
149 | ;       may conflict with a real PHP file.
150 | ; Default Value: not set
151 | ;ping.path = /ping
152 | 
153 | ; This directive may be used to customize the response of a ping request. The
154 | ; response is formatted as text/plain with a 200 response code.
155 | ; Default Value: pong
156 | ;ping.response = pong
157 | 
158 | ; The access log file
159 | ; Default: not set
160 | access.log = /var/log/php5-fpm/$pool.access.log
161 | 
162 | ; The access log format.
163 | ; The following syntax is allowed
164 | ;  %%: the '%' character
165 | ;  %C: %CPU used by the request
166 | ;      it can accept the following format:
167 | ;      - %{user}C for user CPU only
168 | ;      - %{system}C for system CPU only
169 | ;      - %{total}C  for user + system CPU (default)
170 | ;  %d: time taken to serve the request
171 | ;      it can accept the following format:
172 | ;      - %{seconds}d (default)
173 | ;      - %{miliseconds}d
174 | ;      - %{mili}d
175 | ;      - %{microseconds}d
176 | ;      - %{micro}d
177 | ;  %e: an environment variable (same as $_ENV or $_SERVER)
178 | ;      it must be associated with embraces to specify the name of the env
179 | ;      variable. Some exemples:
180 | ;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
181 | ;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
182 | ;  %f: script filename
183 | ;  %l: content-length of the request (for POST request only)
184 | ;  %m: request method
185 | ;  %M: peak of memory allocated by PHP
186 | ;      it can accept the following format:
187 | ;      - %{bytes}M (default)
188 | ;      - %{kilobytes}M
189 | ;      - %{kilo}M
190 | ;      - %{megabytes}M
191 | ;      - %{mega}M
192 | ;  %n: pool name
193 | ;  %o: ouput header
194 | ;      it must be associated with embraces to specify the name of the header:
195 | ;      - %{Content-Type}o
196 | ;      - %{X-Powered-By}o
197 | ;      - %{Transfert-Encoding}o
198 | ;      - ....
199 | ;  %p: PID of the child that serviced the request
200 | ;  %P: PID of the parent of the child that serviced the request
201 | ;  %q: the query string 
202 | ;  %Q: the '?' character if query string exists
203 | ;  %r: the request URI (without the query string, see %q and %Q)
204 | ;  %R: remote IP address
205 | ;  %s: status (response code)
206 | ;  %t: server time the request was received
207 | ;      it can accept a strftime(3) format:
208 | ;      %d/%b/%Y:%H:%M:%S %z (default)
209 | ;  %T: time the log has been written (the request has finished)
210 | ;      it can accept a strftime(3) format:
211 | ;      %d/%b/%Y:%H:%M:%S %z (default)
212 | ;  %u: remote user
213 | ;
214 | ; Default: "%R - %u %t \"%m %r\" %s"
215 | access.format = %R - %u %t "%m %r%Q%q" %s %f %{mili}d %{kilo}M %C%%
216 |  
217 | ; The timeout for serving a single request after which the worker process will
218 | ; be killed. This option should be used when the 'max_execution_time' ini option
219 | ; does not stop script execution for some reason. A value of '0' means 'off'.
220 | ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
221 | ; Default Value: 0
222 | ###################################################################################################
223 | ###################################################################################################
224 | ###################################################################################################
225 | request_terminate_timeout = 240s
226 |  
227 | ; The timeout for serving a single request after which a PHP backtrace will be
228 | ; dumped to the 'slowlog' file. A value of '0s' means 'off'.
229 | ; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
230 | ; Default Value: 0
231 | request_slowlog_timeout = 5s
232 |  
233 | ; The log file for slow requests
234 | ; Default Value: not set
235 | ; Note: slowlog is mandatory if request_slowlog_timeout is set
236 | slowlog = /var/log/php5-fpm/$pool.log.slow
237 |  
238 | ; Set open file descriptor rlimit.
239 | ; Default Value: system defined value
240 | ;rlimit_files = 1024
241 |  
242 | ; Set max core size rlimit.
243 | ; Possible Values: 'unlimited' or an integer greater or equal to 0
244 | ; Default Value: system defined value
245 | ;rlimit_core = 0
246 |  
247 | ; Chroot to this directory at the start. This value must be defined as an
248 | ; absolute path. When this value is not set, chroot is not used.
249 | ; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
250 | ; of its subdirectories. If the pool prefix is not set, the global prefix
251 | ; will be used instead.
252 | ; Note: chrooting is a great security feature and should be used whenever 
253 | ;       possible. However, all PHP paths will be relative to the chroot
254 | ;       (error_log, sessions.save_path, ...).
255 | ; Default Value: not set
256 | ;chroot = 
257 |  
258 | ; Chdir to this directory at the start.
259 | ; Note: relative path can be used.
260 | ; Default Value: current directory or / when chroot
261 | chdir = /
262 |  
263 | ; Redirect worker stdout and stderr into main error log. If not set, stdout and
264 | ; stderr will be redirected to /dev/null according to FastCGI specs.
265 | ; Note: on highloaded environement, this can cause some delay in the page
266 | ; process time (several ms).
267 | ; Default Value: no
268 | ;catch_workers_output = yes
269 |  
270 | ; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
271 | ; the current environment.
272 | ; Default Value: clean env
273 | ;env[HOSTNAME] = $HOSTNAME
274 | ;env[PATH] = /usr/local/bin:/usr/bin:/bin
275 | ;env[TMP] = /tmp
276 | ;env[TMPDIR] = /tmp
277 | ;env[TEMP] = /tmp
278 | 
279 | ; Additional php.ini defines, specific to this pool of workers. These settings
280 | ; overwrite the values previously defined in the php.ini. The directives are the
281 | ; same as the PHP SAPI:
282 | ;   php_value/php_flag             - you can set classic ini defines which can
283 | ;                                    be overwritten from PHP call 'ini_set'. 
284 | ;   php_admin_value/php_admin_flag - these directives won't be overwritten by
285 | ;                                     PHP call 'ini_set'
286 | ; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
287 | 
288 | ; Defining 'extension' will load the corresponding shared extension from
289 | ; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
290 | ; overwrite previously defined php.ini values, but will append the new value
291 | ; instead.
292 | 
293 | ; Note: path INI options can be relative and will be expanded with the prefix
294 | ; (pool, global or /usr)
295 | 
296 | ; Default Value: nothing is defined by default except the values in php.ini and
297 | ;                specified at startup with the -d argument
298 | ;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
299 | ;php_flag[display_errors] = off
300 | ;php_admin_value[error_log] = /var/log/fpm-php.www.log
301 | ;php_admin_flag[log_errors] = on
302 | ;php_admin_value[memory_limit] = 32M
303 | 


--------------------------------------------------------------------------------
/xcache.ini:
--------------------------------------------------------------------------------
 1 | [xcache.admin]
 2 | extension = xcache.so
 3 | # Pour que le plugin Munin puisse graffer l'activité on active la console d'admin
 4 | xcache.admin.user = "user"
 5 | xcache.admin.pass = "ea227598196be437de0d1cebae93a48b"
 6 | ;xcache.test = On
 7 | ;xcache.admin.enable_auth = On
 8 | [xcache]
 9 | xcache.shm_scheme =        "mmap"
10 | xcache.size  =                64M
11 | xcache.count =                 5 # nb de processeurs +1
12 | xcache.slots =                8K
13 | xcache.ttl   =                 0
14 | xcache.gc_interval =           0
15 | xcache.var_size  =            64M
16 | xcache.var_count =             1
17 | xcache.var_slots =            8K
18 | xcache.var_ttl   =             0
19 | xcache.var_maxttl   =          0
20 | xcache.var_gc_interval =     300
21 | xcache.test =                Off
22 | xcache.readonly_protection = Off
23 | xcache.mmap_path =    "/dev/zero"
24 | xcache.coredump_directory =   ""
25 | xcache.cacher =               On
26 | xcache.stat   =               On
27 | xcache.optimizer =            On
28 | [xcache.coverager]
29 | xcache.coverager =          Off
30 | xcache.coveragedump_directory = ""
31 | 
32 | 


--------------------------------------------------------------------------------