VVV disable backups

list of vvv custom action filesVVV is great but if you have 20+ sites in it most of which are quite big doing a reload or halt can be quite slow.
Disabling it isn’t the easiest. In vagrant-root/config/homebin/ create these 3 files:

  • vagrant_destroy_custom
  • vagrant_halt_custom
  • vagrant_suspend_custom

I wish there was a way to easily disable these. The vvv-custom.yml would be great for this.
Also adding a way to exclude specific databases.

source

php array; insert new item at specific index

The php function array_splice can be used to insert new items. At specific places.

<?php
$breadcrumbs = [
    'home',
    'year',
    'month',
    'day',
];
$new_crumb = [
    'category'
];
array_splice($breadcrumbs, 1, 0, $new_crumb);

The result is that category is inserted at the second place.

array (
    0 => 'home',
    1 => 'category',
    2 => 'year',
    3 => 'month',
    4 => 'day',
);

Running php from command line

This is one of those “I know this is possible, but don’t know how”.

php -r 'echo "hello world";'

Only useful for simple onelines. You’re very likely to be better of putting code in a php file and run that script like:

php ./helloworld.php

Installing PHP7.3 on a Rapsberry Pi

Note: this post call also be used to install php7.2, just change every 7.3 reference to 7.2.

Default rasbian still ships with php7.0 even though that version in not supported any more. We will install the latest php 7.3. But because this is not the default we will need to do a few extra tweaks.

Add newer source

Let’s create a new source list: sudo nano /etc/apt/sources.list.d/10-buster.list.
In that file add.

deb http://mirrordirector.raspbian.org/raspbian/ buster main contrib non-free rpi

After saving create the next file sudo nano /etc/apt/preferences.d/10-buster.
In that file add.

Package: *
Pin: release n=stretch
Pin-Priority: 900

Package: *
Pin: release n=buster
Pin-Priority: 750
index f

Again save. Make the system aware of this source list with

sudo apt update

Actual install php

Now we are ready to install PHP7 with all it’s modules:

sudo apt install -y -t buster php7.3-fpm php7.3-curl php7.3-gd php7.3-intl php7.3-mbstring php7.3-mysql php7.3-imap php7.3-opcache php7.3-sqlite3 php7.3-xml php7.3-xmlrpc php7.3-zip php-apcu

When done check it with php -v it should show a PHP 7.3.. Now we need to add a few fpm things for nginx to work properly. Create a extra config file sudo nano /etc/php/7.3/fpm/conf.d/90-pi-custom.ini.
And add:

cgi.fix_pathinfo=0

upload_max_filesize=64m
post_max_size=64m
max_execution_time=600

Finally reload php

sudo service php7.3-fpm reload

Now PHP is ready to use

Extra’s

You might want to follow these instructions to install. wp-cli, composer, image compression support in php

Installing Nginx on a Rapsberry Pi

In this step we are going to install a webserver (nginx). For those who are bit familiar with webservers you might wonder why we are not using apache? I myself are far more familiar with Apache but Nginx just has better performance. And on the not so powerful pi that is important.

Install Nxing

Like with php we want a newer version. So again we will use the buster source. (see first step of installing php to add buster source)
It should install 1.14. To install nginx run the command:

sudo apt install -y -t buster nginx

Check the version nginx -v it should be version nginx/1.14. or higher

To test if it works enter the IP address in the browser. You should see this page.

If you see an error most likely IPv6 isn’t supported. Open the nginx config file sudo nano /etc/nginx/sites-enabled/default.
At the top you should see these lines

    listen 80 default_server;
    listen [::]:80 default_server;

Change them to:

    listen 80 default_server;
    #listen [::]:80 default_server;

Save then restart nginx.

sudo nginx -t && sudo service nginx reload

Then test the page again in the browser.

Setting up a site with php and url

First we will do some global settings open: sudo nano /etc/nginx/conf.d/99-custom.conf
Add the following line, we increase the allowed upload sizes.

client_max_body_size 64M;

Note: for the example I use example.local replace that with the url you want to use. If you don’t have the url setup yet you can add it to you own host file. Or instead of the url use the IP-address of the Pi.

We will create our own vhost files. PS I’ll be using example.local but use whatever you intend to use. Create the vhost file: sudo nano /etc/nginx/sites-enabled/example.local.conf

server {
    listen 80;

    server_name example.local;
    root /var/www/example.local/public_html;

    index index.php index.html;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
        fastcgi_intercept_errors on;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
    }
}

Next create the folders needed. Set the rights of those files and add a test page.

sudo mkdir -p /var/www/example.local/public_html
sudo touch /var/www/example.local/public_html/index.php
sudo chown www-data:www-data /var/www/example.local -R
sudo nginx -t && sudo service nginx reload

In the main file add sudo nano /var/www/example.local/public_html/index.php

<?php
phpinfo();

To test the url example.local you need to add it to your host file. Depending if you’re on Windows, Mac or Linux the instructions are different. See this guide: How to edit your hostfile

Now go the the url and you should see this:
phpinfo dump on a working example.local

Now we have a basic and functioning webserver with php.
For security sake delete the index.php file

sudo rm /var/www/example.local/public_html/index.php 

Permissions and Nginx

So far we use sudo for pretty much everything. This is fine.
After the initial setup most of the work has to be done in /var/www/*. These files are owned by the www-data user. This also is normal and fine.
We can change Nginx to use the pi user.

That way you can avoid the sudo for every small change.
This is a security risk of course.
The big upside is no more sudo and changing owners of files.
The downside is that every file pi can access Nginx also can access.

Tips when using the default Nginx user.

  1. Files created by Nginx will have owner and group www-data
  2. The default pi user can’t edit these. When editing use sudo
    If you are changing a lot you want want too temporarily change the entire folder to the pi user.

    Change user to PI
    sudo chown pi:pi -R /var/www/PATH

    Change user to the Nginx default.
    sudo chown www-data:www-data -R /var/www/PATH

Changing the Nginx user

Use this at own risk. The rest of the guide(s) acts as if you didn’t do this.

Open file sudo nano /etc/php/7.3/fpm/pool.d/zzz-users.conf and add.

user = pi
group = pi
listen.owner = pi
listen.group = pi

And reload php sudo service php7.3-fpm restart

Next open sudo nano /etc/nginx/nginx.conf on line 1 the user to pi
Restart nginx sudo nginx -t && sudo service nginx restart

Last step is really making pi the owner of all webfiles: sudo chown pi:pi /var/www/ -R

Curl output format

A lot of usefull informatoin can be caught using curl. Formating the output can be done with the -w --write-out argument

curl -w 'Home loadtime: %{time_total}\nResponse code: %{http_code}\n' -o /dev/null -s 'https://www.janw.me/'

Output example: Bash output of curl request

This example will show the load time and response code. These 2 values are duable. But If you want more it’s more readable to pass a file.

In file: nano curlformat.txt

    time_namelookup:  %{time_namelookup}\n
       time_connect:  %{time_connect}\n
    time_appconnect:  %{time_appconnect}\n
   time_pretransfer:  %{time_pretransfer}\n
      time_redirect:  %{time_redirect}\n
 time_starttransfer:  %{time_starttransfer}\n
                    ----------\n
         time_total:  %{time_total}\n

Then pass the file to curl:

curl -w "@curl-format.txt" -o /dev/null -s "https://janw.me/"

Bash output of curl format file

A list of all avialable variables are in the man pages

Sources:

extra programs on a Raspberry Pi

In this series Raspbian Lite is used when Installing the Pi. Some extra’s will come in handy.

Installing git on a Raspberry Pi

sudo apt install git -y

After installing git, set your credentials

git config --global user.name "John Doe"
git config --global user.email johndoe@example.com

Git documentation

Installing wp-cli on a Raspberry pi

! Wp-cli will not work without php installed

curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
chmod +x wp-cli.phar
sudo mv wp-cli.phar /usr/local/bin/wp
wp --info

WP-cli documentation

Installing composer on a Raspberry pi

! composer will not work without php and git

curl -O https://getcomposer.org/composer.phar
chmod +x composer.phar
sudo mv composer.phar /usr/local/bin/composer
sudo composer self-update
composer --version

Composer documentation

Installing optipng gifsicle libjpeg-progs on a Raspberry Pi

You might want image optimization & compression. In the main php article php-gp was installed. But that is not enough.

sudo apt install -y optipng gifsicle libjpeg-progs

Installing PHP on a Raspberry Pi

PHP is covered in it’s own article.

Installing mariaDB/mysql on a Raspberry Pi

MariaDB or Mysql is covered in it’s own article.

Installing NginX on a Raspbery Pi

NginX is covered in it’s own article

RaspberryPi, Only allow ssh key login

This is the followup of Opening a Raspberry Pi to the outside world On the internet bots constantly try to hack servers. The Raspberry Pi is popular target. That’s why by default ssh is disabled nowadays.
To make this more secure we will only allow login by ssh key instead of a password. Ssh keys are a lot safer and you also won’t need to type/paste the password on login.

Open file: sudo nano /etc/ssh/sshd_config

Look for PasswordAuthentication
remove the # at the front and change the value to no.

PasswordAuthentication no

As a fall-back we will allow login in from the home network. So at the bottom of the file add. (the 4 spaces in front of the line matter)

Match address 192.168.*.*
    PasswordAuthentication yes

Restart the ssh service. sudo service ssh restart

ssh keys

Generate keys on the raspberry pi: ssh-keygen -t rsa -b 4096 -C "pi-webserver"
Just press enter for both the location and password.
Add your local key. Form your own machine mac/linux/windows.

Open File: sudo nano .ssh/authorized_keys

Paste your public key in this file.
For linux/mac you can find your public key with: cat ~/.ssh/id_rsa.pub

In a new terminal tab/window, try to login again. This way you can change things in the current tab. If something went wrong. You should login without needing to type the password. To check if the password is disabled you should try login in from a different computer and a different ip.

RaspberryPi up and running

This guide will help you set up a Raspberry Pi with Rasbian. Ready to do pretty much whatever you want.

What hardware do you need?

  • First off a Raspberry Pi of course, this tutorial should work on a Model 2B and on a 3B. The only difference for this tutorial is the wifi (which I don’t use)
  • Second I have a network cable, wifi on a 3B will work but a wire is always more stable. But of course you need to get the network cable to the right location in the house.
  • A micro USB power source. This can get a bit tricky. Recommended is at least 2A with 5V. A normal smartphone adapter won’t give that. Using less will slow down your raspberry.
  • a micro SD card, at least class 10 for speed and with 8GB or more. The SD card will serve as the main harddrive for the pi. An micro SD adapter is also needed to install the image on the SD card.

Installing Rasbian

First off download Raspbian Jessie Lite from the Raspberry pi website. When It’s done flash the image on the SD card. There is an official guide that explains it better then what I could do.

Flashing the image can take a while. You could set up all the wires and put things in place.

After the SD card is done

When the writing of the SD card is done. Put a file with the name (of empty folder) named ssh in the root of the boot partition. If you need wifi place a file named wpa_supplicant.conf also in the boot partition. And add the following:

network={
    ssid="YOUR_SSID_WIFI_NAME"
    psk="YOUR_PASSWORD"
    key_mgmt=WPA-PSK
}

I haven’t tried this myself so more information here

Then plug in the SD card and powerup. Check the IP address guide to get the ip-address of the pi. Do wait 2~5minutes before actually trying. The raspberry has to setup stuff for the first time. If after 20max you still can’t find an IP. The flashing of the SD card has gone wrong and you’ll have to restart.

Go to your own computer and open the terminal (or Putty for the windows users) Login with the command ssh pi@192.168.*.* Use the IP address you noted before. If it asks if you want to continue choose yes. and use the default password: raspberry Putty again will work a bit different.

You should see something like this:
Login in on a raspberry pi by a terminal

Now you are logged-in remote on the raspberry pi. Time to configure some stuff with the command sudo raspi-config.
On this menu we can configure some basic settings. Let’s change some settings. the start screen of raspi-config tool

  1. Change User Password CHANGE THE PASSWORD. Longer is better and safer
  2. Network options
    N1 Hostname the name of your Raspberry in your network. I named mine pi-webserver. Not required. It’s just a label. But usefull if you got multiple Raspberry’s running.
  3. Boot options
    B1 Desktop / CLI Chose the ‘Console Autologin’ of ‘Console’ option. Don’t choose auto login if someone else might have physical access to the pi. Desktop will just waste power.
    Wait for Network at Boot Just turn this off to be safe.
  4. Localisation Options Here you can change the timezone to your current one. You could change the language of the PI and the keyboard layout if you need to. Keep in mind I will be using English.
  5. Interfacing Options we don’t need this
  6. Overclock Set this to the highest setting. It won’t hurt and will make the Pi a faster. This might not be available. If it gives an error just ignore it.
  7. Advanced Options This will be a bit more. A1 Expend Filesystem Run this. No need to reboot immediately. A3 Memory Split Set this to 16. Because we don’t have a interface we won’t need memory for that.
  8. Update Run this is should not hurt. It’s only to update the raspi-config tool.

When this is finished the pi might download some language packs. It it doesn’t reboot. you have to do it yourself. sudo reboot now.

Wait about a minute and login in again like before.

Updates

This might take a while but first we are going to update.

sudo apt update && sudo apt upgrade -y

Now we update all default installed software. If the image is old or hasn’t been updated in a while it might take a long time. The date of the image is in the file name of the downloaded image.
At times It might appear to hang. It Unless it’s stuck on one thing 15 minutes it’s probably fine. Give it an 15 to 30 minutes. Else pull the plug.

When it’s done reboot again just to be sure.

You now have a Raspberry Pi ready for use.