Varnish nsca logging on systemd system with x-forwarded-for

So, you have a Varnish server running systemd, which is behind a reverse proxy for SSL like nginx, and you can’t work out how to make varnishncsa log IP addresses from a specified header? Well, it’s a bit of a pain in the neck really. You need to override the systemd service file, which is like systemd’s version of the init scripts. Due to it being systemd, this is not just a case of editing a file…

For Debian, you can use the service file below, and paste it into
/etc/systemd/system/varnishncsa.service

Once done, you need to reload systemd’s service listing itself;
$ systemctl daemon-reload

Congratulations, you now have varnishncsa logs including the visitor’s real IP address, as specified by Nginx. Change the name in “{X-Forwarded-For}” to change the header name, for example if you want CloudFlare’s view of the client’s IP address, use “CF-Connecting-IP”

[Service]
 RuntimeDirectory=varnishncsa
 Type=forking
 PIDFile=/run/varnishncsa/varnishncsa.pid
 User=varnishlog
 Group=varnish
 ExecStart=/usr/bin/varnishncsa -a -w /var/log/varnish/varnishncsa.log -D -P /run/varnishncsa/varnishncsa.pid -F '%%{X-Forwarded-For}i %%l %%u %%t "%%r" %%s %%b "%%{Referer}i" "%%{User-agent}i"'
 ExecReload=/bin/kill -HUP $MAINPID

 

mysql/mariadb failing to start under systemd

If SystemD MariaDB/MySQL is failing to start, make sure your logs directory is set correctly. Sometimes this is caused by failing to correctly make sure the directory is moved.

You’ll see an error log in the journal as follows;

Nov 27 18:24:55 db-a mysqld[28677]: 2017-11-27 18:24:55 140273229838208 [Note] /usr/sbin/mysqld (mysqld 10.2.10-MariaDB-10.2.10+maria~jessie-log) starting as process 28677
Nov 27 18:24:55 db-a systemd[1]: mariadb.service: main process exited, code=exited, status=1/FAILURE
Nov 27 18:24:55 db-a systemd[1]: Failed to start MariaDB database server.
Nov 27 18:24:55 db-a systemd[1]: Unit mariadb.service entered failed state.

SetEnvIf https (Tell apache we’re behind a reverse proxy handling SSL)

This is complicated, but I need to remember this, so I want to put it somewhere. You need to add this to apache config / .htaccess file to get apache to correctly set the HTTPS environment variable when the backend is secure. It trips based on the X-Forwarded-Proto header being ‘https’.

SetEnvIf X-Forwarded-Proto "https" HTTPS=on

Arduino Variable Types Explained

Here’s something for reference.
I can never find just quite the succinct reference to Arduino Variable types. Nowhere could i find a list of minimum and maximum values, the bits, and the memory used by each variable type.

Neither was there any clear definition of meaning of ‘unsigned’, which just means no plus or minus signs in this type – that is all numbers positive. This increases the highest number that can be stored in the same memory. (thank me in the comments).

Usage Variable type Bits Min value Max value Ram usage Comments
common boolean 8 TRUE FALSE 1 byte
common byte 8 0 255 1 byte
char 8 -128 127 1 byte  A single ‘character’ e.g. ‘a’ is a single char.  Represented by chr(65) or the binary: 01000001
word 16 0 65535 2 byte
common int 16 -32768 32767 2 byte
unsigned long 32 0 4,294,967,295 4 byte
common long 32 -2,147,483,648 2,147,483,647 4 byte
common float 32 -3.4028235E+38 3.4028235E+38 4 byte
The below types are only included for compatibility or further study.
redundant unsigned char 8 0 255  1 byte use byte instead
redundant unsigned int 16 0 65535  2 bytes use word instead
redundant double 32 -3.4028235E+38  3.4028235E+38  4 bytes use float instead
The below types are special types (see arduino.cc)
special string variable  1 byte + x An array of chars
(used for storing strings to modify)
special enum variable  N/A Like boolean but custom fixed set of values allowed instead of TRUE/FALSE.
special struct variable  N/A Public sub variables
(as if you’d made a public class)
special pointer  N/A I’ll be honest, I wasn’t sure the use of this one. Here for completeness though!
Source: https://learn.sparkfun.com/tutorials/data-types-in-arduino
Source: https://playground.arduino.cc/Code/DatatypePractices
Remark: “Unsigned” means no negative sign. This increases the range of positive numbers available.
Remark: Unsigned variables that exceed their capacity roll over back to zero. This could be useful to iterate through arrays of limited length

PPS If anyone can figure out how to properly format this table so it looks nice, with ‘center’ aligned text, please let me know wordpress was being frustrating!

(The formatting css is in the source, see the table tag)

Find Windows workstation logon script

This is a super quick tip from an online forum…
[Sevenforums.com: Where is the location for the windows logon script?]

If you’re looking for the location of the active logon script in a Windows domain network on a workstation, or just to figure out which logon script is being used for a workstation

TLDR; ‘Get to the point, where is the bleeding thing?!’:

To find the location of a user’s logon script, while logged in as the user, run the command:
net user “%USERNAME%” | find “Logon script”
or for a domain user,
net user “%USERNAME%” /domain | find “Logon script”

Standard location

The logon scripts themselves can be found on the network in the standard domain network share location:

\\%USERDOMAIN%\netlogon

Additionally, the commands:

net user “%USERNAME%” /domain

and

gpresult /r

Give interesting results for the current user and what Group policy rules are active for the currently logged in user/(machine?) respectively.

Obviously this is only relevant to windows computers in active directory with primary domain controller and group policy ordaining that each machine should run a logon script.

 

Search Terms:

Things i searched for in order to try and find this out:

  • find out what logon script a computer is using
  • find path of logon script from workstation
  • find path of logon script from workstation registry

(I couldn’t find the registry location as it turns out!)

If this post helped you, or you have additional tips, please leave them in the comments!

Excel tip – adding two numbers where one is text

Just a quick tip as i couldn’t quickly find the answer in google.

If you have two cells of data and you want to add them when one might have text instead of a number, use the SUM function.

For instance

Class Section 1
QTY
Section 2
QTY
Totals
Robots 10,000 1,000 =sum(B2:C2)
=11,000
Humans 9,000,000,000 n/a =sum(B3:C3)
=9,000,000,000
Plants n/a n/a =sum(B4:C4)
=0

I also searched for: sum two values if isnumeric, excel add two numbers if text only include the non text and excel add two numbers if text.

Office music

isolation with headphones

or Togetherness by synchronised streaming?

​

Apps used: 

  • Logitech media server (aka squeezebox) – running on a  Raspberry Pi
  • Squeezer (Android) for remote control, queuing tracks, playlist management and synchronising the players
  • SB player (Android) to play the 

    Ps, it’s way past my bedtime! Insomnia is a pain. Goodnight all. 

    Attention span

    Ran across this interesting video the other day, thanks to YouTube recommendations. Tl;dr version, internet-addicted humans have (possibly) screwed their attention spans, thanks to unrestricted access to the internet.

    I’m not sure. I’m pretty reliant on the internet for my social support structure, and use it to (try to) help others, with what I can.

    I’ve not really found that my attention span has seriously been diminished via the internet, though I certainly do find myself checking twitter more than I probably should. I read an interesting study/article which I can’t find right now that posited that humans are designed to always seek out new information, since it’s valuable to the clan. Found yourself whiling a few hours away on Wikipedia? Same article mentioned twitter as a source of potential endless new things, leading to it’s potential addictive nature.  Whilst looking for it, I did find this more modern article, which discusses why twitter’s addictive, and how missing empathy feedback loops might be being impacting twitter’s troll problem. An article to think on another day.

    Personally, I try to read everything everyone I follow on twitter writes, which means I have to be particularly strict about who I follow. To be honest, there’s plenty of voices on twitter I’d love to read more from, but who just tweet too damn much for me to be able to keep up. I’ll end this ramble with just a few interesting people on twitter;

    • @swiftonsecurity — Computer security, microfiction
    • @jimrossingol — Game development, rt’s interesting left leaning politics
    • @dannilion — Sufferer of a particularly nasty disease leaving Danni bedbound

    Price of cow manure in Nova Scotia

    fishing cove, nova scotia

    So, I didn’t know what to blog about today, so I asked a friend, and he said that. Huh, I thought. That’s actually kinda weirdly interesting. Let’s ask the googles.

    Google tells me, you can buy 1.5 Kilograms of it in a nice plastic bag from home hardware for $3.49 (Canadian dollars). Or, I did find, you could get goat manure for free! But you’ve gotta collect it yourself.

    A bag of cow shit. Yes, really.

    TBH, I didn’t even know where Nova Scotia was, or in which country. I mean, I’d heard the name before, but couldn’t put the name to a place. Canada! Wikipedia tells me Nova Scotia is the second most-densely populated province in Canada with 17.4 inhabitants per square kilometre (45/sq mi).

    So there you go. That’s today’s blogpost, a random fact about cow manure in Canada.

    Though, it turns out that Nova Scotia is one of the places that suffered an “interesting” past due to British colonial activities, namely the forced relocation of french colonists, costing the lives of thousands, not counting the torn histories of tens of thousands.

    Whilst trying to find a good image for this post, I came across the one above, of Peggys cove. Now I wanna actually go there, just because it looks pretty! Probably never going to go, but one can dream!

    .. Please, save me from myself. Ask me interesting questions I can answer and blogpost about, help me keep keep blogging daily. I’ll try to answer (almost) anything within reason.

    I mean, I could tell you about my day, but it was mostly just normal, relatively boring to relate sysadmin stuff. I did have to help a client with a slightly gnarly DNS thing, but that was just knowing how the timeouts work, not sure there’s anything interesting to post about there.

    Is gnarly spelt gnarly or knarly? I kinda want it to be spelt knarly, but the spell checker reliably informs me it’s gnarly. Shame. I’m going to stop typing here. Bye!