X Marks the Spot

random commentary on life, the universe, and anything

September 3, 2017
by puhfu
0 comments

Open source projects have the craziest names – Wazuh

Decided I was unhappy with the unsupported, very old school visualization OSSEC-WUI. It’s been unsupported for a while. There must be something new out there.

Lo an behold. Wazuh open source host and endpoint security

Great documentation:
Migrating OSSEC manager installed from packages
Install Wazuh server with RPM packages

In general, the step-by-step instructions are clear and explicit. I had do some steps manually though.

1. Created the wazuh.repo repository file /etc/yum.repos.d/wazuh.repo

[wazuh_repo]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=CentOS-$releasever - Wazuh
baseurl=https://packages.wazuh.com/yum/el/$releasever/$basearch
protect=1

2. For NodeJS install, had to add ‘sudo’ in order for bash to run correctly

$ curl --silent --location https://rpm.nodesource.com/setup_6.x | sudo bash -

3. And I need Python 2.7. Python 2.6 is installed already for yum, but Wazuh wants 2.8.

$ yum install -y centos-release-scl
$ yum install -y python27

4. Also had to create the elastic.repo repository file /etc/yum.repos.d/elastic.repo

[elastic-5.x]
name=Elastic repository for 5.x packages
baseurl=https://artifacts.elastic.co/packages/5.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

But uh oh. I can’t run elasticsearch. Not enough memory. Hm.

So far, I have installed:

wazuh-manager
wazuh-api
filebeat
elastisearch

Hm. Maybe it’s time to admit that I’m overpaying for hosting with Rackspace – well, overpaying for what I need.

Time for another rabbit hole.

September 2, 2017
by puhfu
0 comments

Idle hands are the devil’s workshop (Prov 16:27)

or How I spent the Saturday of Labor Day weekend.

Because it was so hot outside, I decided to do some server maintenance.

1. Used yum and the @ius repository to install Apache 2.4. I heard that 2.4 does memory management better.
2. Discovered that I broke something and WP would not load correctly (PHP module dependency)
3. Decided that the differences between 2.2 and 2.4 were not sufficient for me to spend time making 2.4 work
4. Uninstalled apache 2.4 using yum
5. Tried to install apache 2.2 using yum and watched it fail.
6. Learned yum clean all and how to find the name of a package yum list installed and remove the ones that didn’t get erased cleanly with the uninstall
7. Finally reinstalled apache 2.2
8. Installed PHP 7 because why not
9. Decided to add my instagram feed to the main X marks the spot page so mucked with my child theme and discovered that it is no longer supported (but I like it and I can read CSS so NBD I guess)
10. Discovered that my CSS is very rusty. Thank goodness for backups.
11. Decided to figure out my social media cross posting.

Twitter –> Facebook app –> Facebook post (set Only Me so that I don’t spam with my conference/HIT tweeting)
Instagram –> IFTTT –> Twitter
Instagram –> IFTTT –> Tumblr (I have a tumblr?)
Instagram –> WP widget –> WP
WP –> WP plugin –> Twitter (selective by post)
Twitter –> WP widget –> WP

I show my insta and twitter on the main WP page (right columns, see #9/10 above)
But I am old so I use FB instead of instagram. How do I get my Facebook to cross-post to WordPress? There are many WP plugins to do the opposite.

Facebook simple text post –> IFTTT –> WP post ** WORKS **
Facebook link post –> IFTTT –> WP photo post ** DOESN’T WORK **

Well let me rephrase, cross posting FB link post to WP photo post works, but for some reason, the IFTT applet runs multiple times, resulting in multiple WP posts.

Troubleshooting that will be left to another day.

October 6, 2015
by puhfu
0 comments

CPR for an old MacBook Air

Once upon a time, I picked up a 2nd generation (2,1) MacBook Air (Late 2008), 1.6 GHz Intel Core 2 Duo, 2GB RAM, 120GB HD, NVIDIA GeForce 9400M 256MB, and was thrilled with how small it was. 3 lbs woo!

MacBook Air

It ran 10.5 briskly. Then I made the mistake of upgrading to 10.6 and that’s when I pretty much stopped using it. It was dog slow and I was too lazy to downgrade back to 10.5. But recently, while cleaning out my old technology boneyard, I thought I’d give it another go at being useful. Always good to have a laptop around the house when you need to do something like remote desktop spy on your kids to make sure that they’re not on tumblr or playing CS:GO http://blog.counter-strike.net/. If CPR can be made as easy as 2 steps …

I picked up an OWC SSD replacement (Mercury Aura Pro MBA) and whew! It’s snappy. Upgraded to 10.7 and still snappy. 10.8? Snappy. 10.9? Less snappy, but definitely usable. So I’m pretty annoyed at myself for waiting so long to get on the SSD bandwagon, although I’ll be the first to admit that it was because I didn’t want to pay for something that wasn’t really working cost related. This is a 7 year old machine after all. I wonder how well it’ll do with Yosemite or El Capitan?

October 4, 2015
by puhfu
0 comments

Finding the right collaboration tools (part 2) or can you declare task management bankruptcy?

It seems like every couple of years, without fail, I go through a time management/project management/collaboration tools reboot. In the dark days, it was merely shifting from one paper layout and project tracking system to another: Dayrunner to Day-Timer to Franklin Planner to Levenger Circa. My favorite was a Julie Morgenstern 2-page-per-day layout sold by Franklin Planner.
Julie Morgenstern planner format
There was a two-year period of sheer planner nirvana when Franklin dumped this planner format and Levenger picked it up for their Circa line. I really like the Circa line. I like the tactile feel of paper, especially when you get a good pen and good thick paper. Writing helps me to remember better than typing (I’m old that way). I really liked the layout. But I was always forgetting the planner in my office or car or at home and inevitably either I spent time copying from paper scraps and post-its into the planner, or had a planner-based collection of paper scraps and post-its. In any case, my hand was forced when Levenger dropped the Morgenstern planner format. (It’s still available at http://www.juliemorgenstern.com/books/balancedlifeplanner/oct-dec2015).

It was only a couple years ago where I felt that technology has emerged/converged to the point that I could get rid of the planner (with regret). I switched the family over to iCloud for calendar sharing, began using Omnifocus for task management on both laptop and iOS devices (iPhone, iPad), and added Evernote for knowledge and high-level project management and Dropbox for data and document hoarding. These worked fine for me, but really were inadequate for collaborative projects and there was always the issue of syncing between Omnifocus, which is an outstanding task manager, but is NOT a project management solution, and Evernote. It was better than before, where I had to mine paper in order to sync up everything, but I still had multiple repositories of data to reconcile (calendar/email/Omnifocus/Evernote/Dropbox).

The need that was met at that time was focused on me – my work, solo projects, and academic collaborations (papers, book) that I could muscle through with the tools at hand. But I wanted more. I wanted to find a solid collaboration tool that would allow my colleagues to sync with me across the different types of work that I do. And I wanted to pay as little as possible. From a technology perspective, it had to be multi-platform – web and mobile app for sure, but also a desktop/laptop client for those off-line periods.

A couple years ago, I went looking for a web-based collaboration tool based upon the following ideal requirements:

  1. Dashboard/Overview – an effective presentation of all projects
  2. Project Workspaces – well-designed spaces to organize data, tasks, etc for a single project
  3. Email integration – for reminders, status reports
  4. Document management, w/ integration to Google Docs, Dropbox, Box
  5. Task management, w/ integration with Omnifocus
  6. Calendar/event notification, w/ integration with Google Calendar, iCal
  7. Knowledge management – such as a wiki

For collaboration tools, I looked at:

  • Basecamp – which is still widely used, and pricing is still $20/month for 10 active projects, unlimited users, but as I’m the only user for the majority of the time, it seemed like overkill.
  • TeamLab Office which is now ONLYOFFICE – (why the ALL CAPS, bruh?) It has morphed into more of a productivity suite solution which is not what I wanted.
  • Teambox which is now Redbooth – which has also held firm on pricing, for $5/user/month, unlimited projects, Google Drive, Dropbox, and Evernote integration, and the workflow best matches what I want.
  • Feng Office – which amazingly enough has kept its name AND the same crappy UI
  • OpenAtrium – which is built on Drupal 7 (which I like), but is buggy to install, too much work to manage, and as it runs on Drupal, turns out to be even more of a resource hog than normal Drupal on the leetle server that I use for personal stuff (rackspace hosted, 512M RAM virtual server). I’m already using WordPress, so running 2 CMS seems rather silly and excessive. In any case, I have tried iterations of this from 0.7 through the current 2.4 code release because I do love me my Drupal. Same same. So sad.

I wound up running the at-the-time available, but unsupported Teambox 3 code, using Ruby on Rails. It was easy to bring up, but while the fun+tinkering:sysadmin work ratio was very high, so was the time required:sysadmin work ratio. I had better (higher reward:time expended ratio) things to do with my time. I abandoned it.

For a couple years, I have muddled through using a combination of:

  1. Whiteboards for dashboards and overviews
  2. Evernote notebooks for knowledge management and rudimentary project workspaces
  3. Dropbox for file sharing
  4. Omnifocus for task management
  5. email email email

Not terribly integrated, but survivable as I had to significantly trim the breadth of my work in order to focus on our Cerner EHR implementation and roll-out. However, we are (finally) coming to the end of the go-live cycle and many of those long dormant (i.e. ignored) projects and papers are starting to emerge out of cryo. My work teams have also expanded in number and breadth and I need a way to track and manage that as well.

I had to declare email bankruptcy to start the year fresh. It seemed like a good time to look at collaboration tools again.

Next post: I find Trello (think pinterest for projects) and bitrix24 which is a collaboration package which is free for fewer than 12 users, with unlimited projects. Do we have a winner?

July 23, 2015
by puhfu
0 comments

WordPress, permalinks, and 404 errors

One of the things that has been on my WordPress to-do list has been changing from Default (http://localhost/?/p=123) permalinks to more SEO-friendly ones (http://localhost/sexy-permalink) for a couple of academic websites that I support.

WordPress is normally so ridiculously simple to use, even self-hosted, but getting this change to work took a fair amount of Google spelunking.

The Rackspace CentOS 6 virtual server that I am running this particular site on uses apache VirtualHosts to map each WordPress site to a separate directory. 

# site1.org
<VirtualHost 12.34.56.78:80>
     DocumentRoot /var/www/html/site1
     ServerName site1.org
</VirtualHost>

# site2.org
<VirtualHost 12.34.56.78:80>
     DocumentRoot /var/www/html/site2
     ServerName site2.org
</VirtualHost>

Things that didn’t work for me but should be tried:

  1. Deactivating plugins (to avoid WP conflicts)
  2. Verifying that apache has loaded mod_rewrite (it was)
  3. Verifying that the root directory for the WordPress instance had a .htaccess file (it did)
  4. Verifying that .htaccess has something like this: (it did) 
    <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteBase /
 RewriteRule ^index\.php$ - [L]
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule . /index.php [L]
</IfModule>

Note: I also ran into the problem of this code disappearing (apparently) randomly from .htaccess. Turns out that when changing Permalinks from Default to posts (or any other permalink setting actually), WordPress tries to modify the .htaccess file. Because my permissions were set 644 (rw-r–r–) and WordPress runs as the owner, when toggling modes back and forth (on/off), WordPress was editing/re-editing the file. Setting permissions to 444 (r–r–r–) fixed that.

What worked:

The sub-directory in which WP was installed had the right .htaccess, but httpd.conf was not allowing apache to use that file. Specifically AllowOverride was not set to All.

Since I’m using CentOS, my httpd.conf file is in /etc/httpd/conf/. Using vi, I searched for anywhere AllowOverride was set:

# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

This is good. I want my root directory to be locked down. It’s the next section that is the one I want. 

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/html">

#
# Possible values for the Options directive are "None", "All",
# or any combination of:
#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
    Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   Options FileInfo AuthConfig Limit
#
    AllowOverride None

#
# Controls who can get stuff from this server.
#
    Order allow,deny
    Allow from all

</Directory>

Again, this is fine. Now I need to add exceptions for the specific directories. 

#
# allow .htaccess files for wordpress directories
#
<Directory "/var/www/html/site1">
    AllowOverride All
</Directory>

Yay.

Reference that helped:
Setting Up Pretty Permalinks in WordPress Using htaccess and mod_rewrite on Linux (CentOS 6)