How to know if Ubuntu needs rebooted
I like to keep my servers up to date with the latest security patches, but I hate rebooting them unless I have to. So after doing apt-get update and apt-get upgrade, how do you know if your server should be rebooted?
The solution is the /var/run/reboot-required file. If the file is there, a reboot is required. If it isn’t, then you don’t need to reboot. Pretty simple.
You can do some neat things using bash. For example, you can reboot only if a reboot is required:
[ -f /var/run/reboot-required ] || shutdown -r now
This will check if the file exists, and if it doesn’t, it will reboot.
You can also do the entire update/reboot in one shot:
apt-get update && apt-get -fy upgrade && [ -f /var/run/reboot-required ] && shutdown -r now
I like to keep that in a bash script I can run during a maintenance window, and that way I don’t forget to reboot if it is needed.
Read MoreWhy does CTRL+S freeze your PuTTY screen?
tl;dr – If you hit CTRL+S in PuTTY, your screen will freeze. Anything you type will still be sent to the server. Press CTRL+Q to unfreeze your screen.
Imagine you are an old laser printer. You have something like 128 KB of memory. You print a max of 8 pages per minute. Someone decides to print the man page for gcc.
You are doing the best you can, cranking out pages and pages of obscure options and arguments. Your 128 KB of memory is quickly filling up. What do you do? You use flow control to send an XOFF to the computer. This message tells the computer that, for whatever reason, you need it to stop sending data. You print a few pages, you free up some memory, so you send XON to the computer. This message tells the computer that you are ready for it to start sending data again. This cycle repeats itself until you’ve received the full document from the computer.
These XOFF and XON controls are built-in to PuTTY, too. And they can be super useful. Imagine you are tailing a log file, and you catch a glimpse of an error message. Hit CTRL+S to send XOFF and the screen will freeze for you. When you are done, hit CTRL+Q to send XON and the screen will unfreeze. Yay!
It is important to keep in mind that XOFF only stops transmissions coming FROM the server. If you hit CTRL+S and start bashing the keyboard, all those keystrokes are going to make it to the server.
Another caveat is that you’ll lose any screen updates between hitting CTRL+S and CTRL+Q. This isn’t a DVR. You can’t go forward and backward. Hitting CTRL+Q goes back to “live TV” so to speak.
If you don’t care for this feature, you can easily disable it. Simply add the following to ~/.bashrc:
stty ixany
stty ixoff -ixon
The first line will let any character restart output, just in case the server receives an XOFF somehow. The second line enables the sending of start and stop characters, but disables XON/XOFF flow control. Realistically stty -ixon should be good enough, but the other bits provide some extra safety against unexpected screen freezes.
Debugging bash scripts
I use a lot of bash scripts to automate my server tasks. They are quick and easy to write, and work across multiple distributions with little to no modification.
Debugging bash scripts is easy. If your bash script is named awesome_script, then you would do something like this:
bash -x awesome_script
In addition to running the script, it will output every command the script runs along with the result of that command. No modifications to your script are needed.
Read MoreCloud servers, VPS servers, Ubuntu, and nginx
I’ve always used bare metal servers running Apache HTTP on CentOS. I’ve always run nearly my entire business off of a single server. Every couple years I’ll order a new one, move everything over, and call it a day.
But the world is changing. Bare metal prices are going up while cloud and VPS server prices are going down. Ubuntu has surpassed CentOS for market share. nginx is second only to Apache for market share of active sites. It was time for me to change, too.
Over the past few months I’ve been moving everything I have over to cloud and VPS servers, Ubuntu, and nginx. The result has been phenomenal!
Fake Mail Generator
I started with my Fake Mail Generator server. I had a single huge VPS at Linode running CentOS and Apache HTTP. I love Linode. Their servers are affordable, reliable, and their support is great. They also offer discounts for paying annually.
I split this single server into four separate VPS servers: a frontend web server, two mail servers, and a database server. I used Ubuntu on all of the servers and switched to nginx. It was amazing! I’m using a fraction of the RAM and CPU I was using before, even though my traffic has increased dramatically since the server move.
Even better, the four VPS servers cost me less than I was paying for a single huge server. Part of this is because Linode gives you less for your money as you order larger servers (e.g., four 2GB servers gives you more CPU than one 8GB server) so I was able to get more for my money by splitting into multiple servers, but the biggest difference was nginx. It is serving millions of pageviews per month with only 1GB of RAM. There is no way Apache HTTP could do that. nginx made it possible to buy less powerful servers and get the same amount of work done.
Everything else
I’ve been hosting everything else, including the high traffic Fake Name Generator, on a single bare metal server at SoftLayer. I love SoftLayer, too. I started with The Planet many years ago, which got merged with SoftLayer, which recently got purchased by IBM. So my servers have been passed around a bit, but the quality of service has always remained high.
Unfortunately, SoftLayer’s bare metal servers have been going up in price. I tried switching to a less expensive company and had a horrible experience, so I decided I wanted to stay with SoftLayer. I’ve been fretting over what to do for months when I received a coupon for up to $500 off my first month of cloud servers at SoftLayer. With nothing to lose, I gave it a shot.
SoftLayer cloud servers have all-inclusive pricing. You don’t have to pay extra for bandwidth, IP addresses, DNS, etc. You get everything you need to have a fully functional, publicly accessible server for one monthly fee. I like that a lot.
I decided to move MySQL to its own cloud server, so I’ve ended up with a database server and an “everything else” server. I chose local disks (which I’ve read are RAID 10) for better performance. I was able to reduce my number of CPU cores and total RAM, again thanks to nginx. If you aren’t using nginx, you really are missing out. Not only does it perform better, but it is easier to configure and use. I’ll never willingly use Apache HTTP again.
For heavy tasks, performance is noticeably slower compared to my bare metal server but this is to be expected. My bare metal server had RAID 1 SSDs, 12GB of RAM, and 16 blazing fast Intel Xeon CPU cores. There is no way a cloud server is going to come close to matching that performance.
But I’ve learned that I don’t really need it to. My webpages still load fast, backups finish in a reasonable amount of time, and I’m saving money by paying only for the resources I actually need.
Why not Amazon Web Services?
AWS EC2 servers are a terrible option for most companies. There, I said it.
The real benefit to AWS is automation and the ability to quickly scale. If you aren’t automating and you don’t need to scale, then you don’t need AWS and you are probably throwing your money away and complicating your life by buying into the AWS ecosystem.
AWS also has some reliability issues. Yes, you can get around these by deploying bunches of servers and load balancers and whatever, but that is a huge extra cost (and complexity)Â that most companies don’t need.
So I don’t use AWS. I’ve been happily running everything off of a single server for over a decade with 99.9% uptime.
Read MoreUse QR codes to save paper backups of your private keys
I love QR codes. They make it incredibly easy to get chunks of text from paper to computer (or phone or whatever).
One of the ways I like to use them is to store offline, paper backups of my server private keys. A private key can be thousands of case-sensitive characters long. Nobody wants to type that in by hand. By creating a QR code, I can print it off and store it in my safe in case I need it.
But QR codes are awful!
Although I love QR codes, using them isn’t always pleasant. Most marketers suck at using QR codes: they randomly place them on products without context, link them to non-mobile websites or just their company homepage, or print them ultra tiny while including massive amounts of data.
This doesn’t mean QR codes suck, it just means people use them poorly. Blame the users, not the technology.
Private key backups
The first step is to create your private key. I like long 4096 bit keys, and I tend to create them using the PuTTY Key Generator. Use whatever you want. Doesn’t really matter.
Next, you need some QR code generating software. You could do this online but then you are giving your private key to a random stranger on the internet. I use QR-Code Studio, not because it is particularly awesome but because it was the first easy-to-use, free QR code software I stumbled upon.
Paste the text of your key into the input box in QR-Code Studio. Change the width/height to something large like 8 inches (the software will likely scale this down a bit).
You can optionally add a caption. I like to add the filename of the original key above the QR code.
Export the barcode to a PNG and print it. Get your phone out and make sure you can scan it. One of the most important rules of backups is to make sure your backup actually works.
An example key in PuTTY’s ppk format.
Why not a thumb drive, Dropbox, CD, etc?
My private keys are literally the keys to my business. They get me into everything that matters. I don’t want anyone having access to my keys but me, and I absolutely must have a backup.
Your files at Dropbox are not absolutely private and secure, even more so if you use third-party apps. Thumb drives and CDs have limited lifespans (as short as 1.9 years in some tests) and it is hard to know when they will fail. If my house burns down my external hard drive isn’t going to do me any good.
So that brings us to paper. I print on quality paper using a black and white laser printer. I’ve been unable to find any authoritative source to tell me how long laser prints will last. I suspect decades is a conservative estimate, especially stored in a fireproof safe.
Read MoreEnabling mouse support in Vim
Hopefully you are using newer equipment than this…
If you’ve ever logged into a server using an ssh client (like PuTTY), then you’ve probably used Vim. This infinitely customizable text editor typically runs within a keyboard-only shell, and thus only lets you use the keyboard (unless you are running something like gVim). You use the arrow keys to move the cursor around and a slew of keyboard shortcuts to insert, move, delete, or otherwise manipulate the text.
If you are a Linux user I just told you a bunch of stuff you already know. But did you know that Vim has mouse support? You just have to turn it on. Open Vim and enter this command:
:set mouse=a
You’ll now have mouse support until you exit Vim and load it up again. To make the change permanent, edit your .vimrc file (typically at ~/.vimrc) and add set mouse=a to the end of the file.
So how do you use the mouse in Vim? What benefits will you get? There are a few things you need to know:
- Copying text: You may be in the habit of highlighting text and having it put on your system’s clipboard. This won’t work anymore. When you click and drag to highlight text, you’ll be put into Visual mode, an amazingly powerful part of Vim that many people never use. I highly recommend learning more about Visual mode, but if you want the original behavior you can hold shift while selecting text.
- Placing the cursor: Instead of having to use the arrow keys to move your cursor, you can now just click wherever you want it to be. Huge time saver.
- Scrolling: Yup, you can scroll with the mouse wheel now. No more hitting page down a hundred times in a giant file. Just scroll that wheel to get to wherever you want in your file.
After a few days of reaping the many benefits of Douglas Engelbart’s wonderful little invention, you may be asking yourself: Why isn’t mouse support turned on by default?! I’m not really sure. I did a bit of searching but couldn’t find a definitive answer. If you figure it out, please let me know!
Read More