Full blog posts written by me, without all this Twitter stuff.
Split your Redux actions into several files
I’m currently working on a React project using Redux. I was putting all my actions into one file, but it quickly became unmanageable. Weirdly, I’ve had a hard time to find a nice example showing up how to split all your actions into different files. So I’m sharing how I’ve set it up, as it might help a few people out there.
I’ve divided my actions into several files:
- authActions.js
- postActions.js
- userActions.js
My actions look like this
1 2 3 4 5 |
export function getAccessToken(redirectURL, code) { return dispatch => { ... } } |
I then have a actionCreators.js files that export all actions at once.
1 2 3 |
export * from './authActions' export * from './postsActions' export * from './userActions' |
And then, I can import all actions at once:
1 |
import * as actionCreators from '../actions/actionCreators' |
But you can also import only the actions needed, of course 😉
Check an SSL certificate against the server private key and CSR
When working with SSL certificates, it can be handy to check that the certificate you got (.crt file) properly corresponds to the private key (.key file) and the certificate request (.csr file).
Just use those commands :
1 2 3 |
openssl x509 -noout -modulus -in certificate.crt | openssl md5 openssl rsa -noout -modulus -in privateKey.key | openssl md5 openssl req -noout -modulus -in CSR.csr | openssl md5 |
They will output a string composed of numbers. All 3 of them need to be the same in order for your certificate to work properly on your server.
It’s as simple as that.
Updating my Nexus 5 from stock ROM to Lineage OS
It doesn’t seem like much, but it definitely requires some preparation and knowledge. I won’t detail all the steps in here, there are many tutorials on the internet. But it’s just a little recap with useful links and info.
I’ve mainly followed this guide (but it’s in french).
Backup your files
Many ways to do that. There are apps like Helium or Titanium Backup.
Google can save your data too.
You can also use the adb command to create backups from your computer (tutorial in french, easy to follow, it’s just command lines).
Connect your phone to USB and check all folders, especially the Pictures folder as everything will be wiped.
Unlock your phone
This will wipe the data of your phone. No other solution here, just do it. Tutorials are easy to find on the internet. I used this one.
I would recommend to reboot the device completely. It might have avoid my bootloop issue (see next part).
Install custom recovery
TWRP is the most famous one, so I chose this one. Go to the official page to download the img file (this is specific for the Nexus 5, the list of other devices is there). Instructions for the Nexus 5 are available on the site too.
I had an issue with the install, not sure if it’s because of the version (3.1.0 at that time) or my install file which was corrupted. But I ended up with a bootloop, but with fastboot still available.
After some research, it’s actually easy to fix that up. I found that thread in XDA forums, where a member says he followed that other guide to put his device back on the road (just replace stuff with Nexus 5 files and you’re all good).
Phew… I must say I was a bit stressed after seeing my Nexus 5 in a bootloop !
Boot to TWRP
Boot to fastboot (hold volume down + power buttons). Choose recovery with the volume button and press power to choose recovery.
Wipe those partitions:
- Dalvik / ART Cache
- System
- Data
- Cache
Install Lineage
Download the ROM file from the official Lineage OS site.
When in TWRP, the USB storage of your device should be available from your computer. You can copy the Lineage OS zip file to your phone.
I also put the md5 check file so TWRP can check the integrity of the file before installing it. If your rom filename is lineage-14.1-20170328-nightly-hammerhead-signed.zip, create a text file named lineage-14.1-20170328-nightly-hammerhead-signed.zip.md5, open it with a text editor and put the MD5 hash inside it. Be sure to copy it alongside the Lineage OS rom file on your phone.
Install it using the Install option in TWRP. Once done, wipe the cache as recommended by TWRP. Tap TWRP icon on the top left to go back to TWRP menu.
Install Google Apps via Open GApps
Go to http://opengapps.org/ to download the Google Apps package. The Nexus 5 is using an ARM processor. Note that I tried to install the Stock package, but it failed because of the size of the System partition being too small. I had to go down to the Micro package to be able to install the apps.
Same thing as above, put the zip file on your device, along with the md5 file (you can download that file directly from the open GApps site). Install it using TWRP, wipe the cache, and you’re done.
Reboot and enjoy
Reboot the phone and let LineageOS boot. It will take some time to boot at first.
Restore the files using whatever method you chose. I personally just restored things from my Google account. I don’t mind loosing some data as I didn’t have anything important.
Secure phpMyAdmin install with Fail2ban
First, let’s change the address to access phpMyAdmin. By Default, it’s ser.ver.ip/phpmyadmin.
I’ve copied the original phpmyadmin apache config file so I can customize it as I want, and still have the original one in case mine is broken. sudo cp /etc/phpmyadmin/apache.conf /etc/phpmyadmin/apache-custom.conf
At the top of the custom file, change the 3 line Alias /phpmyadmin /usr/share/phpmyadmin to something else, like Alias /phpthisismine /usr/share/phpmyadmin
Now, I don’t know how your apache is setup to take into account the phpmyadmin configuration file. On my server, it wasn’t added automatically, so I’ve added it myself in /etc/apache2/apache2.conf. At the bottom, just add Include /etc/phpmyadmin/apache-custom.conf.
Now, in order to deal with those stupid bots, if they ever find the URL, it would be nice to have fail2ban take care of those f*ckers. The problem is, phpMyAdmin doesn’t log any failed login attempt (bummer !).
Well actually, this is what I found:
phpMyAdmin uses php’s apache_note function to make this work. AFAIK this function is only available in mod_php mode. This will not work with mod_fcgi & co.
And I’m using php-fpm so I need to modify phpMyAdmin to log failed attempts. Let’s edit /usr/share/phpmyadmin/libraries/plugins/auth/AuthenticationCookie.class.php (I know, that’s bad, but what can I do ?).
Find the authFails() function and inside, right after the last header() call, add error_log(‘phpmyadmin: authentification failed’);
1 |
[Wed Jan 18 06:56:33.915985 2017] [:error] [pid 12423:tid 140093452912384] [client 99.99.99.99:64335] FastCGI: server "/usr/lib/cgi-bin/php" stderr: PHP message: phpmyadmin: authentification failed, referer: http://88.88.88.88/phpthisismine/index.php |
Hell yeah.
Now let’s setup fail2ban. Create a file /etc/fail2ban/filter.d/apache-phpmyadmin.conf and place that inside
1 2 3 |
[Definition] failregex = .*\[client <HOST>:[0-9]+\] phpmyadmin: authentification failed.* ignoreregex = |
Now edit your local fail2ban configuration file. Mine is /etc/fail2ban/jail.local and add
1 2 3 4 5 |
[apache-phpmyadmin] enabled = true filter = apache-phpmyadmin port = http,https logpath = %(apache_error_log)s |
Reload fail2ban sudo service fail2ban reload and you’re all set !
Configuring an email server on Ubuntu 16.04
DigitalOcean has made a great guide to configure an email server that only sends email. If your email inbox are stored somewhere else, your server don’t need to receive and store any email. Configuring it to only send email is making it easier to maintain and less subject to hack/viruses.
Before reading the guide, I’ve created 2 subdomains that points to my server and I will use them in the tutorial.
Well in fact I created one twice, with an A type and AAA type to be sure both ipv4 and ipv6 are working. The A type must point to your server IPv4, the AAA type to your server IPv6. Let’s call it serv.site.com.
Once that’s done, I had to configure my reverse server IP. I found that in my server IP settings. For both IPv4 and IPv6, I’ve set the reverse to my previously created subdomain, serv.site.com. That will make Google and probably other email services happy. More on that on Google Documentation.
Next step, go and follow the tutorial. When entering the domain, I entered the subdomain I created, serv.site.com, not just site.com.