Use Github as a CDN to store and serve static content (JavaScript, CSS, Images) with rawgit

In this article I will be explaining how to use Github's "raw" feature coupled with rawgit to store and serve static content

Please note I assume you have some basic git knowledge
1.- Creating a Github account

Ok so first things first, in order to do this you need a Github account; so if you don't have one head up to the GitHub website and create one ; go ahead I'll wait :)

2.- Creating a Github repository

Login to your Git account and create a new repository :

Provide a name for your repo (for example static_files) :

3.- Build repository structure

We will now create a folder structure for our repository in order for us to organise the files, for example :

  • css
  • js
  • img

So now go ahead and clone your git repository from either the command line or with your favorite tool

git clone https://github.com/xxxx/static_files.git

Once the repository is cloned; go ahead and create the 3 folders mentioned above

cd static_files
mkdir css
mkdir js
mkdir img

Ok so Git does not allow you to commit empty folders, so now in order to commit our folder structure we have to add at least 1 file to each one of the folders; at this point either :

  • copy your existing files to their respective folder based on their type (images, javascript, etc.)
  • create your content files in the respective folders (i.e. custom javascript, css etc.)
  • create placeholder files in each of the folders (for example: touch js/.gitkeep ; touch css/.gitkeep; touch img/.gitkeep)
git add *
git commit -a -m "initial commit"
git push
4.- Obtain files URLs and serve them

Go back to your GitHub account and open the repository then navigate to a file you want to serve, then click on the "raw" button:

After clicking on the raw button you should be redirected to a "raw" page

Copy the url in the browser (it should start with raw.githubusercontent.com) and head up to http://rawgit.com paste the url in the main input

Below you get 2 CDN urls that you can use either for production or development

5.- Include the files in your website

Repeat step 4 with all the files you want to serve and include them in your website


Finally please also note that as stated in their website that rawgit : is a free service, so there are no uptime or support guarantees.

Preventing bash commands to be displayed in the history or deleting a specific command from history

It's sometimes useful when using the linux command line to prevent things to go into the bash history; for example if you're using curl to download a file while providing your username password.

This can be easily done in linux by configuring the HISTCONTROL variable in either your ~/.bashrc (which I recommend in order to have it permanently in your bash sessions) or by just changing the value for your current session.

Either way either set the variable as follows on your ~/.bashrc or on your current session

HISTCONTROL=ignorespace

If you took the ~/.bashrc approach don't forget to source it to have i

Once this is done commands that you start with a white space will be ignored :

[root@myserver] curl -o strx25.tar.bz2 --user user:password http://www.openss7.org/repos/tarballs/strx25-0.9.2.1.tar.bz2

note the whitespace before the curl command

Removing a specific line from history

Now if you have to remove a specific line from history this is done in 2 steps

Display commands in history :

[root@myserver]history
  832  docker images
  833  docker rmi 0d22948b5794
  834  docker images
  835  docker rmi 1a31905bb4e4
  836  docker build -t dse/docker .
  837  docker images
  838  docker rmi 47a8395f9714
  839  docker build -t dse/docker .
  840  docker images
  841  docker rmi fe7a4702bf61
  842  docker ps
  843  docker ps -a
  844  docker rm e3f7c83390ee
  845  docker rmi fe7a4702bf61
  846  docker build -t dse/docker .
  847  docker images
  848  docker  rmi a386794cb70c

Once you identified the culprit; delete it with the following command (for example here the line 845):

history -d 845

OSX Wi-fi and Ethernet network simultaneously connected and static routing

So recently I had a situation where I had my Ethernet and Wifi connected to 2 different networks in my MAC OS X, and I had a very specific use case for this

I needed to use the Ethernet connection to access 1 specific host (an internal web service), the connection through the ethernet cable allowed this but did not allow internet access, the Wifi connection allowed internet access but will not allow access to the internal web service, so basically what I needed was :

  • Have both connections active
  • Access the internal web service through the Ethernet connection
  • Access all the other hosts through the Wi-fi connection

Just connecting both interfaces does not work I was either getting access to the internet or either access to the internal WebService; if you check this article over at apple OS X network interfaces priority you can see that you can change the priority used by the system to route the requests; so if you change the priority of the Wi-fi to be on top you get internet access but not access to the internal network, and vice-versa

Sure you can make it work this way but it's really painful to have to manually change the interfaces priority to accommodate what you are trying to do at that moment

The solution that I found is to add a static route to that host; this can be easily done in a few steps (you will need for this the IP of the internal host you are trying to access)

  1. Give your Wi-fi interface the highest priority (put it on top), for this you can refer to the apple link cited above
  2. Identify the interface names, for that execute the following command on the terminal netstat -nr (in my case en0 is the ethernet interface whereas the Wi-fi is the en1)
Add a static route for the specific host (10.120.136.57) telling it to use the gateway of the Ethernet interface by running the following command in the terminal
sudo route add -host 10.120.136.57 10.247.131.1

And that should be it, please note that restarting the PC will probably remove the static route from the routing table so you will have to re-add it

Debug Java SSL/HTTPS WebService with man in the middle proxy

In this article I will be showing how to debug WebServices HTTPS/SSL requests by using a Man in the Middle proxy, this can especially be useful when dealing with WebServices errors since all request will go through the proxy we will be able to see all the content that is sent back and forward

There are several proxies out there that support HTTPS/SSL queries but my favorite by far is mitmproxy and this is the one I will be showing in this post.

The installation instructions detailed here for mitmproxy are for MacOSX but can easily be adapted to Linux distributions; please note that a lot of the instructions detailed here apply to Java applications

1. Install mitmproxy

Personally I use home-brew for my package management; so I assume you have it installed (otherwise you'll have to install mitmproxy manually)

Run the following command to install mitmproxy :

brew install mitmproxy

Your output should look something similar to this

==> Installing dependencies for mitmproxy: libpng, freetype, jpeg
==> Installing mitmproxy dependency: libpng
==> Downloading https://homebrew.bintray.com/bottles/libpng-1.6.21.el_capitan.bottle.tar.gz
######################################################################## 100,0%
==> Pouring libpng-1.6.21.el_capitan.bottle.tar.gz
🍺  /usr/local/Cellar/libpng/1.6.21: 25 files, 1.2M
==> Installing mitmproxy dependency: freetype
==> Downloading https://homebrew.bintray.com/bottles/freetype-2.6.3.el_capitan.bottle.tar.gz
######################################################################## 100,0%
==> Pouring freetype-2.6.3.el_capitan.bottle.tar.gz
🍺  /usr/local/Cellar/freetype/2.6.3: 61 files, 2.5M
==> Installing mitmproxy dependency: jpeg
==> Downloading https://homebrew.bintray.com/bottles/jpeg-8d.el_capitan.bottle.2.tar.gz
######################################################################## 100,0%
==> Pouring jpeg-8d.el_capitan.bottle.2.tar.gz
🍺  /usr/local/Cellar/jpeg/8d: 19 files, 713.7K
==> Installing mitmproxy
==> Downloading https://homebrew.bintray.com/bottles/mitmproxy-0.16.el_capitan.bottle.1.tar.gz
######################################################################## 100,0%
==> Pouring mitmproxy-0.16.el_capitan.bottle.1.tar.gz
🍺  /usr/local/Cellar/mitmproxy/0.16: 1,317 files, 19.8M

2. Add the appropriate SSL certificates to the keystore and truststore

Before anything you will need to add at least the 2 following certificates to your truststore and keystore :

  • The SSL certificate of the site your invoking through your web service
  • The mitmproxy certificate

Please note that I assume you already have a truststore and keystore already configured on your environment

Add the website certificate

   keytool -import -file mywebsite.com -alias mtimproxy -keystore truststore
   keytool -import -file mywebsite.com -alias mtimproxy -keystore keystore

When prompted provide the appropriate password

The mitmproxy certificate can be found under ~/.mitmproxy/ (if the folder does not exist yet it might be necessary to run once the mitmproxy so it will be created)

   keytool -import -file ~/.mitmproxy/mitmproxy-ca-cert.pem -alias mtimproxy -keystore truststore
   keytool -import -file ~/.mitmproxy/mitmproxy-ca-cert.pem -alias mtimproxy -keystore keystore

3. Start mitmproxy

Here I'm starting the proxy and making it listen on port 8080

   mitmproxy --app-port 8080

Once the command executed you should see the console open on your terminal and you will start seeing the request going through the proxy

4. Configure Java proxy and keystore / truststore paths

        System.setProperty("javax.net.ssl.trustStore", "./truststore");
        System.setProperty("javax.net.ssl.trustStorePassword", "password");
        System.setProperty("javax.net.ssl.keystore", "./keystore");
        System.setProperty("javax.net.ssl.keyStorePassword", "password");
        System.getProperties().put("http.proxyHost", "localhost");
        System.getProperties().put("http.proxyPort", "8080");
        System.getProperties().put("https.proxyHost", "localhost");
        System.getProperties().put("https.proxyPort", "8080");

5. Check mitmproxy output

Once the request start going through the proxy you should be able to see them on the console and click on the ones you would like more detail

As you can see from the screenshots you have multiple tabs containing a lot of info

Linux change timezone and force ntpd synchronization

This short article shows how to change the timezone of the Linux distribution as well as forcing the synchronisation of date/time with the ntpd servers

This applies specifically applies to CentOS so some changes might be possible depending on the distribution
1.Change timezone
cp /etc/localtime /root/old.timezone
rm /etc/localtime
ln –s /usr/share/zoneinfo/Europe/Zurich /etc/localtime
2.Add ntpd servers to you configuration file (optional)

Edit (or create) the /etc/ntpd.conf and add the appropriate ntpd servers :

server xxx.xxx.xxx.xxx
server xxx.xxx.xxx.xxx
note: xxx.xxx.xxx.xxx is the ip or domain name of the server
3.Stop the ntpd daemon

/etc/init.d/ntpd stop

4.Force the date update

Force the update of the date with the new timezone and eventually the ntpd servers


ntpdate xxx.xxx.xxx.xxx

5.Stop the ntpd daemon

/etc/init.d/ntpd start

6.Stop the ntpd daemon

date

Install / build docker squash on OS X to reduce docker image size

Recently while I was trying to install a Docker related app called docker-squash on OSX El Capitan.

For those who are not familiar with the utility; docker squash is a nice utility that reduces the size of docker images by removing the layers

However when running the command

go get github.com/docker/docker/pkg/units

I was getting the following error message :


Building docker-squash
export.go:19:2: cannot find package "github.com/docker/docker/pkg/units" in any of:
        /usr/lib/go/src/pkg/github.com/docker/docker/pkg/units (from $GOROOT)
        /root/t/docker-squash/src/github.com/docker/docker/p

Below I will show you how to build docker squash step by step (some steps can be omitted i.e. installing go if you already have installed)

Install go and set-up variables

brew install go
mkdir $HOME/.go
export GOPATH=$HOME/.go
export PATH=$PATH:$GOPATH/bin

Clone the docker squash repo

I'm not sure this is required but clone the repo under ~/.go/src/github.com/jwilder/docker-squash/

git clone https://github.com/jwilder/docker-squash.git

Install glock and sync your repo

under the folder ~/.go/src/github.com/jwilder/docker-squash/ run the following command

go get github.com/robfig/glock

Once the command finished sync your local repo with glock

glock sync github.com/jwilder/docker-squash

Install the units package

go get github.com/docker/docker/pkg/units

Build docker squash

GOBIN=$(pwd) make

Install gnu-tar and added to the path

brew install gnu-tar
PATH="/usr/local/opt/gnu-tar/libexec/gnubin:$PATH"

Move the executable to a bin folder

You should now have a docker-squash executable in your local repository; move the executable to a bin folder of your choice for example /usr/local/bin/

You should now be able to run docker-squash from your mac

Final thoughts and remarks

If you use docker-squash frequently you should change your .bashrc to do this automatically

Jaspersoft Studio OSX jdk 8/7 not starting

Recently I downloaded Jaspersoft studio on my Mac OSX but I was having trouble laughing the app as the system kept telling me I needed the older runtime version of Java, as you can see from the screenshot below (sorry in french)

Luckily this is solved pretty easy head up to your Applications folder and right click on Jaspersoft Studio.app then on the pop-up menu show package contents then inside the Contents folder you should find an info.plist file; edit the file and add the following line (or change the Current in the path with the JDK version you want) :

-vm/System/Library/Frameworks/JavaVM.framework/Versions/Current/Commands/java

Save the edited file; you should now be able to launch the software without problems