19
Jan
2021

ESP8266 WPA EAP minimal example

This example shows how to connect to WPA2-EAP wifi with username and password on the ESP8266 using the Arduino framework:

#include <Arduino.h>
#include <ESP8266WiFi.h>
#include "wpa2_enterprise.h"

char ssid[] = "MyWifiSSID";
char username[] = "MyEAPUsername";
char password[] = "MyEAPPassword";

void setup()
{
  Serial.begin(115200);

  wifi_set_opmode(STATION_MODE);

  // Configure SSID
  struct station_config wifi_config;

  memset(&wifi_config, 0, sizeof(wifi_config));
  strcpy((char *)wifi_config.ssid, ssid);

  wifi_station_set_config(&wifi_config);

  // DO NOT use authentication using certificates
  wifi_station_clear_cert_key();
  wifi_station_clear_enterprise_ca_cert();

  // Authenticate using username/password
  wifi_station_set_wpa2_enterprise_auth(1);
  wifi_station_set_enterprise_identity((uint8 *)username, strlen(username));
  wifi_station_set_enterprise_username((uint8 *)username, strlen(username));
  wifi_station_set_enterprise_password((uint8 *)password, strlen(password));

  // Connect
  wifi_station_connect();

  // Wait for connect
  while (WiFi.status() != WL_CONNECTED)
  {
    Serial.println("Wifi connecting...");
    delay(500);
  }
  // Print wifi IP addess
  Serial.println("IP address: ");
  Serial.println(WiFi.localIP());
}

void loop()
{
  // put your main code here, to run repeatedly:
}

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in ESP8266/ESP32
19
Jan
2021

Minimal ESP8266 WiFi example

#include <Arduino.h>
#include <ESP8266WiFi.h>

void setup() {
  Serial.begin(115200);
  WiFi.begin("MySSID", "MyPassword");
  while (WiFi.status() != WL_CONNECTED) {
    Serial.println("Wifi connecting...");
    delay(500);
  }
  Serial.println("Wifi connected");
}

void loop() {
  // put your main code here, to run repeatedly:
}

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in C/C++, ESP8266/ESP32
17
Jan
2021

How to fix .NET Core: Could not execute because the application was not found or a compatible .NET SDK is not installed.

Problem:

You are trying to run a .NET core command using e.g.

dotnet new console

but you see this error message:

Could not execute because the application was not found or a compatible .NET SDK is not installed.
Possible reasons for this include:
  * You intended to execute a .NET program:
      The application 'new' does not exist.
  * You intended to execute a .NET SDK command:
      It was not possible to find any installed .NET SDKs.
      Install a .NET SDK from:
        https://aka.ms/dotnet-download

Solution:

You didn’t install a .NET Core SDK, only the .NET Core host.

Install the SDK by using e.g. (this command works on Debian & Ubuntu)

sudo apt -y install dotnet-sdk-5.0

You might need to select the correct version (5.0 in this example).

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in C#
16
Jan
2021

nginx redirect to output of command

You can use the lua plugin (sudo apt -y install libnginx-mod-http-lua) in order to use this technique to redirect to an URL that is the output of a command line command:

location = /myurl {
    access_by_lua_block  {
        local process = io.popen("curl -fsSL http://mydomain.com/file-which-contains-an-URL.txt", "r")
        local output = process:read('*a')
        process:close()
        ngx.redirect(output)
    }
}

By default, this redirects using the status code 302 (temporary redirect – not cached). In case you want a 301 (moved permanently) instead, use

ngx.redirect(output, 301)

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in nginx
13
Jan
2021

How to fix Angular ng: not found

Problem:

When trying to run a command like ng build, e.g. in a CI setup, you see an error message like

sh: ng: not found

Preferred solution:

Only the machine where you’re running this command, you have not installed the ng command globally.

However, your node_modules folder will have a local installation of @angular/cli.

In order to use it, replace ng by ./node_modules/.bin/ng.

For example, a scripts section of your package.json

"scripts": {
  "build": "ng build"
},

would be replaced by

"scripts": {
  "build": "./node_modules/.bin/ng build"
},

Alternative solution:

Install ng globally on the machine running the command by using

sudo npm i -g @angular/cli

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Angular
13
Jan
2021

How to find out if a certificate has an elliptic curve or an RSA key

You can use openssl to find out if your certificate is using an elliptic curve (e.g. ECDSA) or an RSA key using the following command, replacing cert.pem by the path of your certificate:

openssl x509 -noout -text -in cert.pem | grep -i "ecPublicKey" > /dev/null ; if [ $? -ne 0 ]; then echo "No elliptic curve key" ; else echo "Elliptic curve key"; fi

If the certficate’s key is an elliptic curve key, it will print:

Elliptic curve key

If the certficate’s key another type of key like a RSA key, it will print:

No elliptic curve key

How it works

First we tell OpenSSL to print info about the certificate:

openssl x509 -noout -text -in cert.pem

Then we grep for ecPublicKey. This is because for elliptic curve keys, the output of the aforementioned openssl command contains

Subject Public Key Info:
    Public Key Algorithm: id-ecPublicKey
        Public-Key: (384 bit)
        pub:

whereas for RSA keys it looks like this:

Subject Public Key Info:
    Public Key Algorithm: rsaEncryption
        RSA Public-Key: (2048 bit)
        Modulus:

The grep command is piped to /dev/null since we’re not interested in its output but only in its return code (which is available as $? in the shell). grep returns a return code of 0 if and only if it finds at least one match in the input. Otherwise, it has a return code of 1. In our case, this means that we’ll get a return code of 0 if ecPublicKey appears anywhere in the output. We assume that this string will only ever occur in the Subject Public Key Info: section. While in theory it is possible that ecPublicKey appears in some user-defined fields of the certificate, this is extremely unlikely to happen and could be mitigated by using a regular expression in grep

We can then use this bash snippet:

if [ $? -ne 0 ]
then
    # TODO insert code if grep does NOT find anything
else
    # TODO insert code if grep finds at least one line
fi

which we use like this:

if [ $? -ne 0 ]; then echo "No elliptic curve key" ; else echo "Elliptic curve key"; fi

i.e. depending on the return code of grep, we will print the correct message.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Networking
13
Jan
2021

How to find public key type of SSL/TLS X.509 certificate using OpenSSL

Use the following command to print, replacing cert.pem by the path of your certificate:

openssl x509 -noout -text -in cert.pem | grep -i "Public Key Info" --after 3

Example output:

Subject Public Key Info:
    Public Key Algorithm: rsaEncryption
        RSA Public-Key: (2048 bit)
        Modulus:

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Networking
13
Jan
2021

How to use FCCT Transpiler online without installation

You can use fcctthe Fedora CoreOS Configuration Transpiler in order to create Ignition JSON files for installing CoreOS from YAML.

Instead of installing fcct, you can use

Click here to go to TechOverflow FCCT Online

Currently our service runs FCCT 0.9.0 using the fcct-online container.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in CoreOS, Linux
13
Jan
2021

How to use apt install correctly in your Dockerfile

This is the correct way to use apt install in your Dockerfile:

ENV DEBIAN_FRONTEND=noninteractive
RUN apt update && apt install -y PACKAGE && rm -rf /var/lib/apt/lists/*

Key takeaways:

  • Set DEBIAN_FRONTEND=noninteractive to prevent some packages from prompting interactive input (tzdata for example), which leads to indefinite waiting for an user input
  • Run apt update before the install command to fetch the current package lists
  • apt install with -y to prevent apt from asking you if you really want to install the packages
  • rm -rf /var/lib/apt/lists/* after the install command in order ot prevent the cached apt lists (which are fetched by apt update) from ending up in the container image
  • All of that in one command joined by && in order to prevent docker from building separate layers for each part of the command (and to prevent it from first storing /var/lib/apt/lists in one layer and then delete it in another layer)

Also see the official guide on Dockerfile best practices

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Container, Docker
12
Jan
2021

How to fix Gitlab CI error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on … no such host

Problem:

In your GitLab CI jobs, you see this error message while trying to run some docker command:

error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 192.168.178.1:53: no such host

Solution:

This error occurs with docker-based gitlab runners such as the one we’re that are configured using a docker executor. The error message means that the inner docker container doesn’t have a connection to the host docker daemon.

In order to fix this, set these options in [runners.docker] in your gitlab-runner config.toml:

privileged = true
volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]

A valid config.toml looks like this:

concurrent = 1
check_interval = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "CoreOS-Haar-Runner"
  url = "https://gitlab.techoverflow.net/"
  token = "bemaiBie8usahMoo9ish"
  executor = "docker"
  [runners.custom_build_dir]
  [runners.cache]
    [runners.cache.s3]
    [runners.cache.gcs]
    [runners.cache.azure]
  [runners.docker]
    tls_verify = false
    image = "docker:stable"
    privileged = true
    disable_entrypoint_overwrite = false
    oom_kill_disable = false
    disable_cache = false
    volumes = ["/cache", "/var/run/docker.sock:/var/run/docker.sock"]
    shm_size = 0

Why this works

Adding "/var/run/docker.sock:/var/run/docker.sock" allows the inner docker container running inside the gitlab-runner to access the outer (host) docker daemon. Without this, it tries to connect to the docker default URL, i.e. http://docker:2375. This URL can’t be resolved via DNS (the DNS server in my case is 192.168.178.1, the DNS standard port being 53), hence docker prints the error message listed above.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Docker
12
Jan
2021

Mini systemd command cheat-sheet

These are the most common commands I use if my systemd service file is placed in /etc/systemd/system/myservice.service.

Enable (i.e. start at boot) and also start the service right now (--now):

sudo systemctl enable --now myservice

Start by

sudo systemctl start myservice

Restart by

sudo systemctl restart myservice

Stop by

sudo systemctl stop myservice

View status:

sudo systemctl status myservice

View & follow logs:

sudo journalctl -xfu myservice

View logs in less:

sudo journalctl -xu myservice

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Linux
12
Jan
2021

How to register gitlab runner for multiple GitLab instances

One GitLab runner can support attaching to multiple GitLab instances. You can add additional instances by running gitlab-runner register.

gitlab-runner register

again, or running

docker-compose exec -T gitlab-runner gitlab-runner register

if you’re using our docker-compose-based GitLab runner setup.

This will append a new section to the config file.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in GitLab
12
Jan
2021

How to install gitlab-runner using docker-compose

First, choose a directory where the service will reside in. I recommend /opt/gitlab-runner.  Then create docker-compose.yml in said directory with this content:

version: '3'
services:
  gitlab-runner:
    image: 'gitlab/gitlab-runner:latest'
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./config:/etc/gitlab-runner
    restart: unless-stopped

then run this command to configure the runner:

docker-compose up -d
docker-compose exec gitlab-runner gitlab-runner register

It will ask you for details about the GitLab instance you want to attach to. You will find this information at https://<your-gitlab-domain>/admin/runners. This example is for my GitLab instance:

Runtime platform                                    arch=amd64 os=linux pid=38 revision=943fc252 version=13.7.0
Running in system-mode.

Enter the GitLab instance URL (for example, https://gitlab.com/):
https://gitlab.techoverflow.net/
Enter the registration token:
Loo2lahf9Shoogheiyae
Enter a description for the runner:
[148a53203df8]: My-Runner
Enter tags for the runner (comma-separated):

Registering runner... succeeded                     runner=oc-oKWMH
Enter an executor: custom, docker-ssh, shell, virtualbox, docker-ssh+machine, docker, parallels, ssh, docker+machine, kubernetes:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!

Now, restart the runner that is running with the old config (i.e. with no gitlab instance being attached):

docker-compose down

After that’s finished, you can run the script from our previous post Create a systemd service for your docker-compose project in 10 seconds in the directory where docker-compose.yml is located.

curl -fsSL https://techoverflow.net/scripts/create-docker-compose-service.sh | sudo bash /dev/stdin

This will automatically generate a systemd service and start the runner (also on boot). For more details, see the corresponding blogpost. If your directory is named gitlab-runner, the service file will be stored in /etc/systemd/systemd/gitlab-runner.service, hence these are commands you can use to control the service:

Note that the script that creates the systemd service will automatically start the runner, so you don’t need to start it manually. !

Start by

sudo systemctl start gitlab-runner

Restart by

sudo systemctl restart gitlab-runner

Stop by

sudo systemctl stop gitlab-runner

View status:

sudo systemctl status gitlab-runner

View & follow logs:

sudo journalctl -xfu gitlab-runner

View logs in less:

sudo journalctl -xu gitlab-runner

Also see Mini systemd cheat-sheet

Also see How to register gitlab runner for multiple GitLab instances.

Note that you can also use

docker-compose logs -f

to view the logs (run this from the directory where docker-compose.yml) is located.

In case you see an error message like

error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on 192.168.178.1:53: no such host

in your jobs, see How to fix Gitlab CI error during connect: Post http://docker:2375/v1.40/auth: dial tcp: lookup docker on &#8230; no such host

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in GitLab
10
Jan
2021

How to fix certbot unrecognized arguments: –dns-cloudflare-credentials on Ubuntu

Problem:

You are trying to request a Let’s Encrypt certificate using certbot, but instead you see an error message like

certbot: error: unrecognized arguments: --dns-cloudflare-credentials /root/.secrets/cloudflare.ini

Solution:

Install the required package. This is the solution if you have installed python3-certbot as an apt package:

sudo apt -y install python3-certbot-dns-cloudflare

This is the solution if you have installed certbot as a snap:

sudo snap set certbot trust-plugin-with-root=ok
sudo snap install certbot-dns-cloudflare

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Networking
09
Jan
2021

What is the Alpine linux default login & password?

The Alpine Linux installation ISO uses root as the default user and an empty password. In order to login, just enter the username root and press return.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Alpine Linux, Linux
09
Jan
2021

How to grep for WordPress DB_NAME, DB_USER, DB_PASSWORD and DB_HOST in wp-config.php

This grep statement filters out the DB_NAME, DB_USER, DB_PASSWORD and DB_HOST contents from a wp-config.php:

grep -oP "define\(['\"]DB_NAME['\"],\s*['\"]\K[^'\"]+(?=[\'\"]\s*\)\s*;)" wp-config.php

For example, from the wp-config.php line

define('DB_NAME', 'techoverflow');

it will extract techoverflow.

Here are the statements for DB_NAME, DB_USER, DB_PASSWORD and DB_HOST:

DB_NAME=$(grep -oP "define\(['\"]DB_NAME['\"],\s*['\"]\K[^'\"]+(?=[\'\"]\s*\)\s*;)" wp-config.php)
DB_USER=$(grep -oP "define\(['\"]DB_USER['\"],\s*['\"]\K[^'\"]+(?=[\'\"]\s*\)\s*;)" wp-config.php)
DB_PASSWORD=$(grep -oP "define\(['\"]DB_PASSWORD['\"],\s*['\"]\K[^'\"]+(?=[\'\"]\s*\)\s*;)" wp-config.php)
DB_HOST=$(grep -oP "define\(['\"]DB_HOST['\"],\s*['\"]\K[^'\"]+(?=[\'\"]\s*\)\s*;)" wp-config.php)

You can use this, for example, in automatic backup scripts without manually copying the password to the backup script

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in PHP, Wordpress
09
Jan
2021

How to install Emscripten SDK on Ubuntu in 1 minute

This script installs the emscripten SDK in Ubuntu in ~/.emsdk and automatically adds source ~/.emsdk/emsdk_env.sh to .bashrc and .zshrc if they exist. It will also automatically update emscripten in case ~/.emsdk already exists.

Run this one liner to install:

curl -fsSL https://techoverflow.net/scripts/install-emscripten.sh | bash

Script content:

#!/bin/bash
# This script installs emscripten to ~/.emsdk
if [[ -d "~/.emsdk" ]]
then # Update
  echo "Updating emscripten SDK..."
  cd ~/.emsdk && git pull
else # Install
  echo "Installing emscripten SDK..."
  git clone https://github.com/emscripten-core/emsdk.git ~/.emsdk
fi
# Install & activate latest SDK
# See https://emscripten.org/docs/getting_started/downloads.html for more details
cd ~/.emsdk
./emsdk install latest 
./emsdk activate latest    
# Add to .bashrc and .zshrc
if [[ -f "~/.bashrc" ]]; then echo -e "\nsource ~/.emsdk/emsdk_env.sh" >> ~/.bashrc; fi
if [[ -f "~/.zshrc" ]]; then echo -e "\nsource ~/.emsdk/emsdk_env.sh" >> ~/.zshrc; fi

 

 

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in WASM
09
Jan
2021

How to enable SSH password authentication on Fedora CoreOS

Add this config line to your Fedora CoreOS Ignition config in order to enable SSH password authentication on your install.

storage:
  files:
    - path: /etc/ssh/sshd_config.d/20-enable-passwords.conf
      mode: 0644
      contents:
        inline: |
          PasswordAuthentication yes

By default, Fedora CoreOS will only allow pubkey authentication and disable password authentication. This Ignition config will set PasswordAuthentication yes as a config option for the SSH daemon.

Original source: The Fedore CoreOS authentication guide.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in CoreOS
09
Jan
2021

How to install fcct on Ubuntu Linux

Note: This currently doesn’t work due to libc issues on most Ubuntu versions. I am working on a solution !

I use fcct, the Fedora CoreOS Configuration Transpiler in order to create Ignition JSON files for installing CoreOS from YAML

Use these commands in your shell to download fcct to /usr/local/bin/fcct and hence install it. This works on most Linux distributions, but I mainly use it in Ubuntu and Debian.

sudo wget -O /usr/local/bin/fcct https://github.com/coreos/fcct/releases/download/v0.9.0/fcct-x86_64-unknown-linux-gnu
chmod a+x /usr/local/bin/fcct

See Fedora CoreOS minimal ignition config for XCP-NG for my Fedora CoreOS ignition config

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Container
05
Jan
2021

How to fix htpasswd cannot open file htpasswd for read/write access

Problem:

You are trying to add/change a password in a htpasswd file using a command like

htpasswd auth.htpasswd myuser

but you see this error message:

htpasswd: cannot open file htpasswd for read/write access

Solution:

htpasswd is trying to tell you that it got Permission denied when accessing the htpasswd file and hence can’t read it or it can’t write the file (auth.htpasswd in this example).

There are multiple ways to fix this:

  1. Run htpasswd using sudo, e.g.
    sudo htpasswd auth.htpasswd myuser
  2. Fix the permissions of the file, e.g. using
    sudo chown $USER auth.htpasswd
chmod o+rw auth.htpasswd

    Note that this permanently modifies the permissions for the htpasswd file and hence might create additional security risks!

  3. Use a different htpasswd file to which you have access. You need to change the configuration on your webserver etc (i.e. the software that is using the htpasswd file). This option isn’t always available – e.g. if you can’t change the webserver’s configuration, you just have the option of asking the system administrator nicely.

If this post helped you, please consider buying me a coffee or donating via PayPal to support research & publishing of new posts on TechOverflow



Posted by Uli Köhler in Allgemein

Categories

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPTPrivacy &amp; Cookies Policy