Tips

Working config for nginx + Drupal + Boost

Self-notes...after spending a few hours researching and benchmarking various configurations. Apache is so old news.

Setup:

  • Ubuntu Lucid Lynx (10.04)
  • nginx as frontend webserver
  • Drupal served using fastcgi to phpcgi
  • ...and Drupal's Boost module.

Most of these configs is gathered from http://groups.drupal.org/node/26363.

How fast is it now? How about almost 6,000 requests/sec, with throughput around 240Mbps? Fast enough?

How to fix "VMware Workstation was unable to claim the device (No such file or directory)"

I'm running Ubuntu 7.10 using custom 2.6.23.11 kernel. Somehow, starting from kernel 2.6.23, VMware was unable to properly use my Windows Mobile PDA (Atom O2 Life). Every time I plugged in the Atom, VMware will spurt out "VMware Workstation was unable to claim the device" message. The issue was actually with VMware, and not the kernel. Follow the steps outlined below to work around this bug in VMware.

Recovering from stuck modifier keys caused by VMWare

I use VMware a lot, mostly using VMware Workstation 6.0.2 under Linux host. However, from to time, some or all of the modifier keys (Ctrl, Shift, and Alt) somehow ceased to function. Seemed that sometime VMware failed to correctly restore those keys function to X server.

Here's simple command, using xmodmap (installed as part of X base utilities) that will fix this issue. xmodmap is assumed to be located at /usr/bin

Installing and configuring FireHOL

Linux / Network: Beginners guide to FireHOL.

NOTE: Content of this tutorial is probably outdated.

Part 1

Having firewall is one of the steps you can take to make sure that you machine is a little bit secure. This is achieved by opening access only to application or ports that you explicitly allow, and blocking the rest. This for me is a good practice, although some people might argue otherwise.

Defragment XFS File-system

I have been using XFS file-system for all my Linux box for quite some time now. XFS have some fancy features such as live file-system defragmenting. Let's cover how to do that.

First, make sure you have the xfsdump utilities install. For Ubuntu or its derivatives distribution, simply issue this command:

sudo apt-get install xfsdump

Then, optionally you can check how fragmented your file-system is by this command:

How to enable Time Machine to backup to network disk

Easy. Just follow these steps:

 sudo defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1
  1. Obviously you need another Mac to which you want to backup to, with the disk formatted as Mac OS Extended Journaled.
  2. Open Terminal from Mac you want to backup from. Issue command
  3. Open System Preferences → Time Machine. Click Change Disk. Your network disk should appear now.
  4. Select it, and you are good to go.

Which RBL do you use?

List of reliable RBL that we use internally and recommend to our customers.

Here goes:

  • zen.spamhaus.org
  • bl.spamcop.net
  • combined.njabl.org
  • cbl.abuseat.org
  • combined.rbl.msrbl.net
  • psbl.surriel.com
  • b.barracudacentral.org

With these RBL, combined with greylisting and a good SpamAssassin ruleset, out of combined 50,000 - 55,000 incoming email attempts daily on all SMTP servers that we monitor, only 0.05% of spam managed pass through. Pretty good!

Accelerate Plone with Varnish

Introduction

This tutorial highlight the necessary steps to configure Varnish and lighttpd to serve your Plone site. The primary benefit is that you can tremendously improve performance of your Plone. In Bitubique.com case, the stock Plone installation was only able to push up to 13 requests per seconds, but putting Varnish and lighttpd in front push the performance up to 160 requests per seconds. That's 12 times faster than stock installation!

Port forwarding using xinetd

Edit or create /etc/xinet.d/yourservicename

E.g. to listen to 443 and redirect to 192.168.2.1 port 22, replace listenport = 443, targetip = 192.168.2.1, targetport = 22.

service yourservicename
{
        disable         = no
        type            = UNLISTED
        socket_type     = stream
        protocol        = tcp
        user            = nobody
        wait            = no
        redirect        = targetip targetport
        port            = listenport
}