去年年中的時候架了一個 SmokePing 來監測某公司幾個服務的 Network Latency 問題,用 SmokePing 的原因是他支援數種協定,所以我可以一口氣拿來監測 DNS, SSH Daemon, RADIUS, Web, SMTP 等。而且 SmokePing 的架構頗模組化,只要稍加修改幾個 Perl Script 就可以很快的滿足我的需求。
不過既然已經隨時偵測網路服務,光是使用電子郵件通知也稍嫌不夠即時。於是起意做了簡訊通知功能,隨意找了幾個 SMS 服務供應商,決定拿便宜的 PCHOME 一元簡訊來頂著用。感謝 SnowFLY (飄然似雪) 做了 SMS PCHOME 的 Net-SMS-PChome Perl module,省了不少功夫。也因此半夜時常被簡訊吵醒。
不過 CPAN 上的版本是 2006 年,跟目前的 PCHOME 網頁不太相容,稍加修改後如
Continue reading
Here is my little script for `incremental’ dump svn revision trees. The script just check every svn repositories which located at /home/svn, and save it in /home/backup by versions.
#!/bin/sh
for dir in /home/svn/* ; do
name=$(basename ${dir})
version=$(svnlook youngest ${dir})
for ((r=1;r<${version};r++)) ; do
if [ ! -f "/home/backup/${name}-$r.gz" ] ; then
svnadmin dump ${dir} -r $r --incremental | \
gzip -9> /home/backup/${name}-$r.gz
fi
done
done
Have fun! This is a tip.
If you ever read my blog entry for setting up the Debian.org.tw, you probably already know that I love to use reverse proxy in the front of my web servers. This approach can solve the signal IP address for multiple Vservers problem, also it can provide web cache which reducing the server loading.
Since the proxy server (Squid) pass the http session to the real web servers, one of the problem is that my web servers always saw signal source IP address, which is the proxy’s IP address. Even through the proxy server still put the client’s IP in the `X-Forwarded-For’ http header, it’s still painful to retrieve the correct IP address from the head in every web application.
Thanks for Thomas Eibner, who wrote the reverse proxy add forward module for apache. The module simply check the IP address to see if it comes from the proxy server, if it is it will put the IP address in `X-Forwarded-Host’ or `X-Host’ to `Host’ header. So you don’t need to worry about the wrong IP address, and track the http requests more easily.
Debian package is ported by Piotr Roszatycki, but it’s still the old 0.5 version. Since the 0.6 is out, I filed a bugreport for remind him. For my etch servers, I back-ported the package with the last version. You can download it from my personal repository.
BTW, Piotr Roszatycki use yada for libapache2-mod-rpaf, who is also the maintainer of yada. After reading the yada’s script file `debian/packages’, I really feel like I went to my `good’ old days with RPM/specs. :p
一年一度的 Open Source Developers’ Conference in Taiwan 開放報名了,今年主題是「創新與實做」,會議時間是 4/12 到 4/13。地點在 中國文化大學推廣教育部博愛校區 – 大新館。根據經驗,只要一公開沒多久就爆滿了。所以想報名要快阿!
這兩日為了2.6 裡面的幾個核心的安全問題 (DSA-1494-2),包含 Multiple Memory Access Vulnerabilities 與影響 VServer 的 ‘/proc’ Local Memory Access Vulnerability 等,於是開始著手升級手上的一些伺服器。
由於許多伺服器都在機房中,大部分機器都沒有裝 HP Integrated Lights-Out 、 IBM RSA 或 Intelligent Platform Management Interface 之類的工具,遠端管理不易,萬一出了甚麼狀況只能去電請求機房人員協助處理。
最麻煩的是若是新核心開機失敗,還要拜託值班人員協助查看 console 錯誤訊息後,才能決定是否要換回原本的核心重新開機。比較簡單的作法是如果重新開機失敗,就請人按一下重開機鍵,自動載入舊版的核心即可。
過去有把各種密碼寫下存在某個密碼管理軟體中的習慣,隨著每日參訪的網站越來越多,已經無暇停下慢慢的剪下貼上密碼,於是乎密碼都直接擺在 Firefox 的 Password Manager. 使用 Firefox 的 master password 加上對主目錄的 AES 加密,倒是不擔心密碼洩漏。
