A better Jira init.d script for Redhat/CentOS

Posted by on April 15, 2010 · 5 Comments 

I wrote a bit better init.d script for Jira for Redhat/CentOS

The first thing you want to do is create a sysconfig file. Below is the filename

/etc/sysconfig/jira

The file has the following contents in it

#
# The user Jira runs as
#
JIRA_USER=jira

#
# The home directory of Jira
#
JIRA_HOME=/opt/jira/current

Now create the init.d script

/etc/init.d/jira

It has the following contents in it.

#!/bin/sh
#
# JIRA startup script
#
# chkconfig: 2345 80 05
# description: JIRA

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/jira ]; then
    . /etc/sysconfig/jira
fi

prog=jira
RETVAL=0

start() {
        echo -n $"Starting $prog: "
        /bin/su -m $JIRA_USER -c "cd $JIRA_HOME/logs && $JIRA_HOME/bin/startup.sh &> /dev/null"
        RETVAL=$?
        if [ $RETVAL = 0 ]
        then
                echo $! > /var/run/jira.pid
                echo_success
        else
                echo_failure
        fi

        echo

        return $RETVAL
}

stop() {
        echo -n $"Stopping $prog: "
        /bin/su -m $JIRA_USER -c "$JIRA_HOME/bin/shutdown.sh &> /dev/null"
        RETVAL=$?
        if [ $RETVAL = 0 ]
        then
                rm -f /var/run/jira.pid
                echo_success
        else
                echo_failure
        fi
        echo

        return $RETVAL
}

case "$1" in
        start)
                start
                ;;
        stop)
                stop
                ;;
        restart)
                stop
                sleep 5
                start
                ;;
        *)
                echo $"Usage: /etc/init.d/$prog {start|restart|stop}"
                exit 1
                ;;
esac

exit $RETVAL

Now make permissions correct

chmod +x /etc/init.d/jira

Now you can chkconfig it

chkconfig jira on

This will make it look a bit more Redhat/CentOS like.

Filed under Sys Admin · Tagged with , , , ,

Nginx proxy timeout fix

Posted by on March 23, 2010 · Leave a Comment 

This is something that is an easy fix. Nginx is a great web server not only for your primary site but for a proxy as well since it is made to serve a lot of requests very fast.

So it is as simple as this


location / {
  proxy_pass https://staging;
  proxy_read_timeout 500;
  proxy_next_upstream error;
  break;
}

The key lines are proxy_read_timeout and proxy_next_upstream.

Filed under Sys Admin · Tagged with , ,

Remove Leading 0′s in Bash

Posted by on March 12, 2010 · 2 Comments 

So you have a var you want to remove leading 0′s on.. well do the follwing

mzupan@mzupan-desktop:~$ var=00014
mzupan@mzupan-desktop:~$ let var=”10#$var”
mzupan@mzupan-desktop:~$ echo $var
14
mzupan@mzupan-desktop:~$

Filed under Sys Admin · Tagged with , ,

Install puppet-dashboard on RedHat/CentOS 5

Posted by on March 11, 2010 · 28 Comments 

If you have a puppet network in place you will want to use puppet-dashboard. It is a fairly new project and still has some misssing pieces but overall a good way to tell the health of your puppet network. The thing I really like about it is that you can see when the last check in time is for a client and if it had any errors or warnings during its runs so you can fix them.

The big issue is that out of the box its a bit hard to get running on Redhat/CentOS. No worries I spent some time to make it work and passing it on to you.

Install Rake

rpm -ivh http://mirrors.tummy.com/pub/fedora.redhat.com/epel/5/x86_64/rubygems-1.3.1-1.el5.noarch.rpm
rpm -ivh http://mirrors.tummy.com/pub/fedora.redhat.com/epel/5/x86_64/rubygem-rake-0.8.3-1.el5.noarch.rpm

Install MySQL bindings for Ruby

rpm -ivh http://mirrors.tummy.com/pub/fedora.redhat.com/epel/5/x86_64/ruby-mysql-2.7.3-1.el5.x86_64.rpm

Install git if needed

yum install git

I like to install non-rpmed apps in /opt so that is where I will clone the git project

cd /opt
git clone git://github.com/reductivelabs/puppet-dashboard.git

Now lets config the database. As of writing this, there is an error in the sample configs but one of the authors told me he was doing to fix them. It is in user and pass, they should be username and password

So here is my sample config

cd puppet-dashboard
cat config/database.yml

Here are the contents




development:
    adapter: mysql
    database: puppet_dash
    username: puppet
    password: master
    encoding: utf8
    host: 192.168.100.5
Now create the database
rake install
Now lets config our puppet clients to make sure they send reports back to the servers. So edit the following file on the clients
/etc/puppet/puppet.conf
In the [puppetd] section add the following
report = true
Then on the puppetmaster server edit the following file
/etc/sysconfig/puppetmaster
Find the following line
#PUPPETMASTER_EXTRA_OPTS=–noca
Change it to
PUPPETMASTER_EXTRA_OPTS=”––reports puppet_dashboard”
Now move the puppet_dashboard file. This should be the same for 64bit and 32bit. I am using 64bit and it works
cp /opt/puppet-dashboard/puppet/lib/puppet_dashboard.rb /usr/lib/ruby/site_ruby/1.8/puppet/reports/
Now restart puppetmaster
service puppetmaster restart
Now run puppet-dashboard
/opt/puppet-dashboard/script/server

I also wrote a post on setting up a init.d script for puppet-dashboard

Filed under Sys Admin · Tagged with , , ,

Line breaks in command output redirect

Posted by on March 10, 2010 · 2 Comments 

Every now and then you need to save command output into a bash var from a command. Generally it looks like

VAR=`command`

That will put the stdout of command into $VAR

There is an issue if the output has linebreaks. Recently I had this issue trying to email SVN diffs for DNS changes. My command to get the diffs looked like this

DIFF=`svn diff /var/named/chroot/var/named/ /var/named/chroot/etc/`

If you run the following command

echo $DIFF

You get the following output

Index: /var/named/chroot/var/named/internal/theopenskyproject.com.mgmt =================================================================== — /var/named/chroot/var/named/internal/theopenskyproject.com.mgmt (revision 3056) +++ /var/named/chroot/var/named/internal/theopenskyproject.com.mgmt (working copy) @@ -33,3 +33,7 @@ $INCLUDE “internal/theopenskyproject.com.main” openn.lcl rev.192.168.100 shopopensky.com theopenskyproject.com theopenskyproject.com.main theopenskyproject.com.mgmt theopenskyproject.lcl theopenskyproject.qa theopenskyproject.stg IN CNAME theopenskyproject.com. + +;; test +;; +;; test

You can see it is one big mess.. but if you add quotes around it

echo “$DIFF”

You get the following

===================================================================
— /var/named/chroot/var/named/internal/theopenskyproject.com.mgmt     (revision 3056)
+++ /var/named/chroot/var/named/internal/theopenskyproject.com.mgmt     (working copy)
@@ -33,3 +33,7 @@
$INCLUDE “internal/theopenskyproject.com.main”
*               IN CNAME    theopenskyproject.com.
+
+;; test
+;;
+;; test

As you can see that is much better. Now I can email it to the group

echo “$DIFF” | mail -s “DNS Changes” group@domain.com

Filed under Sys Admin · Tagged with , ,

Bash Command Logger with Curl Support

Posted by on March 9, 2010 · 9 Comments 

There is a great project called Bash Paranoia. Right now their site is busted so I can’t link to it. Its a patch that applies to bash that allows commands to be logged to syslog. I basically took this one step further and added curl support.

The bash paranoia patch and my curl addition can be found on my GitHub project page

http://github.com/mzupan/bash-paranoia-curl

Below is my patch I wrote. Right now it will only work with 64bit systems. It should be easy to make it work with 32bit systems if you edit the patch file at the bottom where I patch Makefile.in. Change the lib64 to lib and you should be good to go

Now if you want to install these patches you would run the following commands. My curl patch needs the base paranoia patch to work. I don’t even think it will apply alone.

wget http://zcentric.com/files/bash-paranoia.patch
wget http://zcentric.com/files/bash-paranoia-curl.patch
tar zxf bash-3.2.tar.gz
cd bash-3.2
patch -p0 < ../bash-paranoia.patch
patch -p1 < ../bash-paranoia-curl.patch
./configure ––enable-paranoia #you can include  other configure flags here
make
make install

That will get you going and the next time you login (if bash if your default shell) you will see the following in your logs (for redhat is is /var/log/messages)

Mar  9 15:24:02 263724-mgmt1 bash: user: mzupan as root from ip: 192.168.71.154:pts/0 execs: ‘cat /var/log/messages’

There you go a nice little command logger that will tell you most of what you need to do to keep tabs on users.

Now if you want to also append this to a db somewhere then curl and a web endpoint is the best solution. So my database look like

CREATE TABLE `commandlog` (
`id` int(11) NOT NULL auto_increment,
`server` varchar(100) NOT NULL,
`user_login` varchar(100) NOT NULL,
`user_run` varchar(100) NOT NULL,
`ip` varchar(100) NOT NULL,
`session` varchar(100) NOT NULL,
`command` longtext NOT NULL,
`ts` datetime NOT NULL,
PRIMARY KEY  (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
So now here is a simple php app to save it into a db. THERE IS NO SANITY CHECKING HERE. THIS IS JUST A SAMPLE!
I am writing this without checking any code.. so it might be broken.
<?php
$server = $_SERVER['REMOTE_ADDR'];
$user_login = $_POST['user_login'];
$user_run =  $_POST['user_run'];
$ip =  $_POST['ip'];
$session =  $_POST['session'];
$command =  $_POST['command'];
$ts = time();
$sql = “INSERT INTO commandlog(server,user_login,user_run,ip,session,command,ts) VALUES(‘$server’,'$user_login’,'$user_run’,'$ip’,'$session’,'$command’,'$ts’)”;
// place into sql now.. too lazy to do this for you
?>
Now if you want to enable the curl post on the server you edit the following file
/etc/bash.conf
Here is an example
URL=http://1.1.1.1/endpoint/
Have fun!
If you want a spec file that will work for Redhat/CentOS 4/5 64bit you can download the following file

Filed under Sys Admin · Tagged with , , , , , ,