`setfont t` is the internet’s next rickroll.Posted at 6:33pm on Sun 26 Aug 2012
Just lost a 24-port switch, NIC, and video card to lightning because Time Warner told me twice to stop surge protecting my coax cable.Posted at 4:04pm on Sun 26 Aug 2012
“Contributors are awesome. If you're thinking about contributing, that means you're thinking about being awesome.” (http://t.co/56XCgXZV)Posted at 9:19pm on Sun 19 Aug 2012
Every once in a while I have to set up in rather quick fashion a new, GUI-less CentOS server for hosting services, databases, web sites, what have you. Here’s a quick and dirty (and extremely basic) list of things you’ll want to perform on a clean installation to get it situated. It’s also a great starting point if you’re creating an instance on any virtualized cloud service that allows you to create snapshots, which you can then deploy at a moment’s notice into a new instance. Since CentOS is essentially Red Hat Enterprise Linux, these steps also work wonderfully with RHEL.
Set the time zone by linking the /etc/localtime to the zone file. In my case, most of my servers operate in the US Central time zone, so I’ve picked CST6CDT:
ln -fs /usr/share/zoneinfo/CST6CDT /etc/localtime
Make sure all packages on the server are totally updated, and install some basic packages for time synchronization, socket and route testing, DNS testing, and of course vim (my personal favorite; you no doubt have yours as well) to edit a few configuration files below:
yum update yum install ntp traceroute telnet bind-utils vim-enhanced
Next, for a little bit of security, and so logwatch doesn’t email you a huge list of failed SSH attempts every morning (and someone doesn’t by rare chance gain access to your server), change sshd’s listening port number–I usually pick something obnoxious, far, far away from 22. (Obviously this doesn’t fully prevent someone from finding this port by scanning every possible port, but it helps a little bit.)
vim /etc/ssh/sshd_config Port NEWPORTNUMBER
Then reload sshd’s configuration immediately. This will not disconnect you since your session is already open as an already-running process on the system separate from the master daemon.
service sshd reload
Remember to update your iptables rules with the new port number you chose above. You might want to restrict ssh based on IP address, but below for simplicity sake I simply open the off-the-wall port number.
vim /etc/sysconfig/iptables *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport NEWPORTNUMBER -j ACCEPT COMMIT
Be sure to restart iptables so that the change goes into effect immediately. This will not disconnect you, either, as your connection falls under the ESTABLISHED state–and thus the first ACCEPT rule in the list.
service iptables restart
Next, disable SELINUX and turn it off, if currently active, as it tends to be a major pain in the ass for any server admin who knows how to manage things properly:
vim /etc/selinux/config SELINUX=disabled setenforce 0
Change the machine’s hostname and default search domains for the DNS resolver–especially helpful if you deploy an army of servers with names that fall under the same domain name:
vim /etc/sysconfig/network HOSTNAME=my.full.host.domainname.com vim /etc/resolv.conf search domainname.com domain domainname.com
Reboot to make sure everything comes back up as intended–this is especially important if SELINUX was previously enabled on your server, as it could have funky effects on the availability of running services until a reboot:
Once the server’s back up, make sure the time zone settings stuck by checking the date and time:
It will take the newly installed NTPD a while to figure out how much clock lag you tend to have, so if you’re impatient, use
ntpdate with a reliable time source (I tend to use
ntpdate time.apple.com when in a rush) if you want to synchronize immediately. Just be sure and stop ntpd while you do this, then fire it back up, otherwise
ntpdate will complain.
Everything should be just peachy now, and ready to either create a snapshot for a barebones, baseline image, or begin installing packages specific to the duties of this machine.
Following a bunch of really funny people on Twitter helps get me through the day sometimes. Other times, tired hashtag memes like #oneletteroffmovies often go on for way too long. The longer it goes on, the less funny it is, yet more people want to get involved. While there’s really nothing wrong with that, it just gets old when all 175 of the folks you follow jump on the bandwagon.
The latest version of Tweetie for Mac has a nice, sorta-undocumented feature that causes it to completely omit any tweets that contain specific terms that you specify. This is done on the command line thusly:
defaults write com.atebits.tweetie-mac filterTerms -array-add #hashtagabuse
Occasionally, hashtag memes pop up a few times a day, so typing that for each one that overtakes your tweet stream gets a little tedious. That’s why I wrote a bash script to pull the current trending topics list from Twitter and subsequently tell Tweetie to filter out any hashtags that appear on that list.
Here is that script.
#!/bin/bash TRENDING_HASHTAGS=`curl -s http://search.twitter.com/trends.json | jsonpretty | sed -e 's/ *"name": "#\([^"]*\)",/#\1/g' | grep '^#'` for i in $TRENDING_HASHTAGS do LOCAL_MATCHES=`defaults read com.atebits.tweetie-mac filterTerms | grep -ci "\"$i\""` if [ "0" == "$LOCAL_MATCHES" ] then echo Adding filter for $i defaults write com.atebits.tweetie-mac filterTerms -array-add \"$i\" fi done
You’ll see output if something is added to the filter list:
brian@moonbus:~/bin$ ./killhashtags Adding filter for #FamousHoodQuotes Adding filter for #MusicMonday Adding filter for #mm Adding filter for #worldsthinnestbooks Adding filter for #goodtimes
Bash is quite flexible, so feel free to tweak to your liking in case you want to see #FF / #FollowFriday tweets, or any other hashtags that may trend regularly. If you’re as much of a hashtag abuse crusader as I am, you might put this into a cron job.
There does not appear to be any kind of AppleScript command to tell Tweetie to reload the filter list, so you must restart Tweetie for changes to the filter list to take effect.
Also, I have no idea if
jsonpretty comes bundled with every Mac, or if it’s something that gets installed with Xcode. I have Xcode on all of my Macs, so I can’t verify if it comes standard. Worst case scenario is you download and compile it yourself (quite simple), or suggest a better sed/grep manipulation on line 2 so that jsonpretty is not necessary.