mount point XYZ is itself on a OSXFUSE volume

If you use SSHFS on MacOS and the end point stops responding or crashes, you need to do new SSHFS connection – but to do that, you need to either restart your mac or umount the old connection first.

I use sshfs to access data on my vmware ( Ubuntu ) – if that restarts, or crashes – I end up with error message mount_osxfusefs: mount point /Users/jan/site-sshfs is itself on a OSXFUSE volume

sshfs root@vmware:/srv/www/site/public_html/ /Users/jan/site-sshfs -oauto_cache,reconnect,defer_permissions,noappledouble,negative_vncache,volname=Site_VMware
mount_osxfusefs: mount point /Users/jan/site-sshfs is itself on a OSXFUSE volume

To fix this, do mount:

jan:~ jan$ mount
/dev/disk1 on / (hfs, local, journaled)
devfs on /dev (devfs, local, nobrowse)
map -hosts on /net (autofs, nosuid, automounted, nobrowse)
map auto_home on /home (autofs, automounted, nobrowse)
root@vmware:/srv/www/site/public_html/ on /Users/jan/site-sshfs (osxfusefs, nodev, nosuid, synchronous, mounted by jan)

Look at the last line – that’s the connection we need to break.
Therefore, do:

jan:~ jan$ umount root@vmware:/srv/www/site/public_html/

That’s it! Now you can create new sshfs link.

Find out ‘open files’ limit for apache user

You need to find out under which user your apache deamon runs.
You can do this by

root@ljstudio:/# cat /etc/httpd/conf/httpd.conf | grep "User"

And then:

root@ljstudio:/# su - apache -c 'ulimit -aHS' -s '/bin/bash'
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 257402
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 1024
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 10240
cpu time               (seconds, -t) unlimited
max user processes              (-u) 1024
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

‘apache’ is usually used on CentOS, while on Ubuntu it’s expected to use www-data user instead.

Rebuild software RAID1 after disk failure – cent os

If you are running a server 24/7, there’s a good chance that after few years one of the hard drives will fail.
What that happens, you’ll be glad to have data stored in RAID, but you probably won’t know how to repair it.
Here’s how I did it:

1and1 dedicated server example

rescue:~# cat /proc/mdstat
md1 : active raid1 sda1[2] sdb1[1]
      4194240 blocks [2/1] [_U]
      
md3 : active raid1 sda3[2] sdb3[1]
      1947222016 blocks [2/1] [_U]
      
unused devices: 

The important part is [2/1] [_U] – this clearly tells us that one out of two drives is not in the raid any more.
Correct status is [2/2] [UU] and that’s what we need to see at the end of this article.
To correct this, we need to:

  1. Find which drive is the new one
  2. Recreate partition table on it
  3. Put it into the raid
  4. Wait for the RAID to rebuild( could take several hours, depends on disk size )
  5. Add GRUB

Find the broken drive

When 1and1 told me they have replaced a drive, I didn’t know which one.

rescue:~# lsblk 
NAME            MAJ:MIN RM  SIZE RO TYPE  MOUNTPOINT
sda               8:0    0  1.8T  0 disk  
sdb               8:16   0  1.8T  0 disk  
|-sdb1            8:17   0    4G  0 part  
| `-md1           9:1    0    4G  0 raid1 /mnt/md1
|-sdb2            8:18   0    2G  0 part  
`-sdb3            8:19   0  1.8T  0 part  
  `-md3           9:3    0  1.8T  0 raid1 
    |-vg00-usr  253:0    0    4G  0 lvm   
    |-vg00-var  253:1    0  904G  0 lvm   
    `-vg00-home 253:2    0    4G  0 lvm   

This output tells us that it’s sda that has been replaced. It has no partition table and therefore no data on it. This is very important to know.

Re-create partition table

sfdisk -d /dev/sdb | sfdisk /dev/sda

This will recreate the exactly same partition table on disk /dev/sda as we have on /dev/sdb right now.
That’s why it was importat to find out which disk has failed – if you do this the other way around, you loose all your data.

sfdisk -d /path/to/working/disk | sfdisk /path/to/new/disk

Extend RAID

Following part is rather complicated – using cat /proc/mdstat command above, you’ll see that I have 2 raid partitions.
md1 : active raid1 sda1[2] sdb1[1]
md3 : active raid1 sda3[2] sdb3[1]

Partition md1 made out of partitions sda1 from 1st drive (/dev/sda ) and partition sdb1 from 2nd drive ( /dev/sdb ).
And same for md3 which is made out of 2 identical partitions, sda3 and sdb3.

And since it’s /dev/sda that needs to be plugged in, these are the commands:

mdadm --manage /dev/md1 --add /dev/sda1
mdadm --manage /dev/md3 --add /dev/sda3

You can read this as “add /dev/sda1/ partition into /dev/md1 raid and add /dev/sda3 partition into /dev/md3 raid”

Wait for it..

Now if you look at mdstat again, you should see the array is being rebuilt – basically data from /dev/sdb drive is being copied to /dev/sda drive ( which is the point of RAID1 ).

rescue:~# cat /proc/mdstat
md1 : active raid1 sda1[2] sdb1[1]
      4194240 blocks [2/1] [_U]
      [=====>...............]  recovery = 25.0% (1050112/4194240) finish=0.4min speed=116679K/sec
      
md3 : active raid1 sda3[2] sdb3[1]
      1947222016 blocks [2/1] [_U]
      	resync=DELAYED
      
unused devices: 

GRUB

This step is optional – it really depends on where you had your GRUB installed. If you even had one..
Best way to find out is to simply restart the machine and see if CentOS boots. If it does, you’re done.
If it doesn’t, you need to tell the server where to look for operating system on its hard drives.
This was my case – GRUB was installed on /dev/sda so I ended with none.

You need to mount the drive with operating system ( CentOS in my case located on the smaller partition – /dev/md1 )

rescue:~# mount /dev/md1 /mnt

Chroot into it – that way you will be doing changes directly to the CentOS and not to the rescue linux you are currently on.

rescue:~# chroot /mnt

And finally, install GRUB on both drives ( that way, even if /dev/sda fails again, we will still be able to boot from /dev/sdb ).

rescue:~# grub
grub> device (hd0) /dev/sda 
grub> root (hd0,0)
grub> setup (hd0)
grub> device (hd1) /dev/sdb
grub> root (hd1,0)
grub> setup (hd1)

Don’t worry about data loss – if you get the drives names and paths right (2nd step) there really isn’t anything to break.

Source
https://www.howtoforge.com/replacing_hard_disks_in_a_raid1_array#-how-do-i-tell-if-a-hard-disk-has-failed

Free SSL certificate – how to

Two words – Let’s encrypt!
Assuming you already have Ubuntu LAMP set up, you just need to install Certbot to manage your SSL certificates.

Installation of Certbot – SSL manager

wget https://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto
./certbot-auto --help

.. you should get some meaningful output.
Now that you have a way to manage your certificates, it’s time to get one!.

Usage

Assuming you have virtual hosts set up, such as example.com, and you are using Apache, just run following command:

./certbot-auto --apache -d example.com

You need to be in the directory where you’ve extracted certbot.
You can do multiple domains at once

./certbot-auto --apache -d example.com -d nocookies.example.com

How it works

Certbot will obtain new certificate from https://letsencrypt.org, detect vhost configuration on your Apache and will create copy of that config with SSL enabled.

You can find certificates in directory

/etc/letsencrypt/live/phpsolved.com/

If you ran the command first time, you’ll be asked to provide your email address and accept terms and conditions.
You also need to renew the certificate every 90 days – you can do that by issuing following command:

certbot renew

If you want certificate for both non-www and www version of your domain ( for redirect ) you need to specify both at once, e.g.:

./certbot-auto --apache -d example.com -d www.example.com

If you do 2 commands, it won’t work properly.
This is wrong:

./certbot-auto --apache -d example.com
./certbot-auto --apache -d www.example.com

Unlike other certificates, such as StartSSL, this one actually works. If you use StartSSL, you won’t get ‘green icon’ in all browsers, see https://bugzilla.mozilla.org/show_bug.cgi?id=994033.

Sources:
https://github.com/certbot/certbot
https://letsencrypt.org/getting-started/

Compress and unpack directory in Ubuntu using TAR

2 commands using tar in command line.

To compress using tar

.. directory www/ into tar package, use:

tar -zcf www.tar.gz www/

To unpack using tar

.. package www.tar.gz into current directory, use:

tar -zxf www.tar.gz

If you wish to specify a directory where to extract the package, you need to create the folder first and then unpack using the -C parameter

mkdir ~/package/
tar -zxf www.tar.gz -C ~/package/

You can add -v parameter to show verbose output.

Source: http://www.cyberciti.biz/faq/how-do-i-compress-a-whole-linux-or-unix-directory/