Installing and renewing SSL certificates with Certbot

This article assumes EasyEngine v3’s file/directory structure for Nginx configurations.

Install Certbot

There are several ways to install Certbot, On Ubuntu use the following commands.

sudo apt install certbot python-certbot-nginx
sudo certbot --nginx

Generating the Certificate

Install a certificate with the command:

sudo certbot certonly -a webroot --renew-by-default -w /var/www/<your-site>/htdocs -d <your-site>

Here -w flag is for the webroot path .i.e. the absolute path to the root of the website. -d flag is for the domain name.

Using the certificate in the configuration

Download the file to the directory to the config directory of the new domain:

curl -L https://gist.githubusercontent.com/Nikschavan/be9cbc0e738268ad063a6fe3b72547c7/raw/faa3bdd37aa8a9459e2b5710fc6bd0d367f80cf5/ssl.conf.template -o /var/www/<your-domain-name-here>/conf/nginx/ssl.conf

Replace the dummy domain name from the template to your correct domain name

sed -i.default "s/<your-domain>/<replace-your-domain-name-here>/g" /var/www/<replace-your-domain-name-here>/conf/nginx/ssl.conf 

Note – Replace <replace-your-domain-name-here> with the actual domain name in the above command

Reload Nginx Configuration.

sudo service nginx reload
(Link to source code)

Redirecting HTTP to HTTPS

Download the force-redirect Nginx configuration template:

curl -L https://gist.githubusercontent.com/Nikschavan/c2a5cbb5181078df8f532dda5030319a/raw/bbc626987863db1d8ed26dc5bcba1e2443daa11c/force-ssl-website.conf -o /etc/nginx/conf.d/force-ssl-<replace-your-domain-name-here>.conf 

Note РReplace <replace-your-domain-name-here> with your domain name in the above command.

Replace the dummy domain name with the actual domain name.

sed -i.default "s/<your-domain>/<replace-your-domain-name-here>/g" /etc/nginx/conf.d/force-ssl-<replace-your-domain-name-here>.conf

Note – Replace <replace-your-domain-name-here> with your domain name in the above command.

Reload Nginx Configuration.

sudo service nginx reload
(Link to source code)

Renewing Certificates

Following command renews all the certificates on a server sudo /opt/letsencrypt/certbot-auto renew

You can set a cron job and automate SSL certificate renewal.

Open crontab by running the following command:

sudo crontab -e

And add the following line to the end of the crontab file:

0 0 * * * sudo /opt/letsencrypt/certbot-auto renew

TLDR; All the commands that are needed setup the license:

Replace <new-domain-name> with the domain name. The domain name is without http:// and www

sudo certbot certonly -a webroot --renew-by-default -w /var/www/<new-domain-name>/htdocs -d <new-domain-name> -w /var/www/<new-domain-name>/htdocs -d www.<new-domain-name>

sudo curl -L https://gist.githubusercontent.com/Nikschavan/be9cbc0e738268ad063a6fe3b72547c7/raw/faa3bdd37aa8a9459e2b5710fc6bd0d367f80cf5/ssl.conf.template -o /var/www/<new-domain-name>/conf/nginx/ssl.conf

sudo sed -i.default "s/<your-domain>/<new-domain-name>/g" /var/www/<new-domain-name>/conf/nginx/ssl.conf

sudo chown -R www-data:www-data /var/www/<new-domain-name>/conf/nginx/ssl.conf

sudo curl -L https://gist.githubusercontent.com/Nikschavan/c2a5cbb5181078df8f532dda5030319a/raw/bbc626987863db1d8ed26dc5bcba1e2443daa11c/force-ssl-website.conf -o /etc/nginx/conf.d/force-ssl-<new-domain-name>.conf

sudo sed -i.default "s/<your-domain>/<new-domain-name>/g" /etc/nginx/conf.d/force-ssl-<new-domain-name>.conf

wp --path=/var/www/<new-domain-name>/htdocs/ search-replace http://<new-domain-name> https://<new-domain-name>

Monitor a running process on a ubuntu server

The use case I had for this was when I was wanted to copy over a large data from one server to another and this was going to take a couple of hours.

So I just started the rcyncas a background process on the server and used the following command to monitor the process output from time to time.

sudo strace -e open $(ps -o lwp= -LC rsync | sed 's/^/-p/')

Enable and disable Xdebug quickly on OS X homebrew php 7.1

Xdebug is a powerful tool for debugging PHP code, but it can be a memory hog when it is continually turned on. Xdebug can be quickly enabled and disabled by creating simple custom scripts.

Download these shell files on your Mac, make them executable and you are good to go!

curl -L https://gist.githubusercontent.com/Nikschavan/0222875b8ca913d19a10773c40764ca6/raw/8aecb01f11d12c58afdeb6a77505d780b8cd8313/disable-xdebug.sh -o /usr/local/bin/disable-xdebug
curl -L https://gist.githubusercontent.com/Nikschavan/0222875b8ca913d19a10773c40764ca6/raw/8aecb01f11d12c58afdeb6a77505d780b8cd8313/enable-xdebug.sh -o /usr/local/bin/enable-xdebug
chmod +x /usr/local/bin/*able-xdebug

Now run enable-xdebug on your terminal to enable Xdebug and disable-xdebug to disable it.

Shell script to restart MySQL automatically when it shuts down.

A dirty hack but essential at times, MySQL server consumes higher memory if not configured correctly and due to which the MySQL service is terminated by the OS to save itself from crashing under high traffic.

A simple shell script can be used to restart MySQL service when it terminated.

Download this script using wget

wget https://gist.githubusercontent.com/Nikschavan/2346941b328b2c7f08b79611b2c9157c/raw/75ccc4855a2e8955d1c9ffac430857704f8c15f4/mysql-monitor.sh

Make the script executable

sudo chmod +x mysql-monitor.sh

Execute this script each minute with a crontab

sudo crontab -e
*/1 * * * * sh /path/to/script/mysql-monitor.sh