Notes

MySQL Size optimisation

Get table size order

SELECT
  TABLE_NAME AS `Table`,
  ROUND((DATA_LENGTH + INDEX_LENGTH) / 1024 / 1024) AS `Size (MB)`
FROM
  information_schema.TABLES
WHERE
  TABLE_SCHEMA = "bookstore"
ORDER BY
  (DATA_LENGTH + INDEX_LENGTH)
DESC;

View optimized size by tables

SELECT table_name, data_free/1024/1024 AS data_free_MB, table_rows FROM information_schema.tables
  WHERE engine LIKE 'InnoDB';

SELECT table_schema AS "Database",
ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS "Size (MB)"
FROM information_schema.TABLES
GROUP BY table_schema;

Add CA on Centos/Debian/Ubuntu

# Centos/RedHat
1. Copy the .crt file to /etc/pki/ca-trust/source/anchors on your CentOS machine
2. Run update-ca-trust extract
3. Check CA in list : cat /etc/pki/tls/certs/ca-bundle.trust.crt | grep SI2M

# Debian/Ubuntu
$ apt-get install -y ca-certificates
$ cp local-ca.crt /usr/local/share/ca-certificates
$ update-ca-certificates

# Get certificate from URL
openssl s_client -showcerts -verify 5 -connect stackexchange.com:443 < /dev/null

Extract SSL from url

openssl s_client -showcerts -verify 5 -connect wikipedia.org:443 < /dev/null |
   awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/{ if(/BEGIN CERTIFICATE/){a++}; out="cert"a".pem"; print >out}'
for cert in *.pem; do
    newname=$(openssl x509 -noout -subject -in $cert \
      | sed -nE 's/.*CN ?= ?(.*)/\1/; s/[ ,.*]/_/g; s/__/_/g; s/_-_/-/; s/^_//g;p' \
      | tr '[:upper:]' '[:lower:]').pem
    echo "${newname}"; mv "${cert}" "${newname}"
done

KEY and CRT validation

openssl pkey -in privateKey.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum
openssl req -in CSR.csr -pubkey -noout -outform pem | sha256sum

Tomcat SSL and Keystore

#merge all certificats in one file PEM (CRT)
cat wildcard.domain.com.crt geotrust_CA_intermediate.crt geotrust_CA.crt > all.crt

#  convert CRT into P12 (PKCS12)
openssl pkcs12 -export -inkey wildcard.domain.com.key -in all.crt -name spotfire.domain.com -out spotfire.domain.com.p12

# import/export from P12
keytool -importkeystore -srckeystore spotfire.domain.com.p12 -srcstoretype pkcs12 -destkeystore spotfire.domain.com.jks

keytool -importkeystore -srckeystore spotfire.domain.com.jks -destkeystore spotfire.domain.com.jks -deststoretype pkcs12

## keytool -importkeystore -srckeystore spotfire.domain.com.p12 -srcstoretype pkcs12 -destkeystore spotfire.domain.com.jks
> Import du fichier de clés spotfire.domain.com.p12 vers spotfire.domain.com.jks...
Entrez le mot de passe du fichier de clés de destination :
Ressaisissez le nouveau mot de passe :
Entrez le mot de passe du fichier de clés source :
L'entrée de l'alias spotfire.domain.com a été importée.
Commande d'import exécutée : 1 entrées importées, échec ou annulation de 0 entrées

Warning:
Le fichier de clés JKS utilise un format propriétaire. Il est recommandé de migrer vers PKCS12,
qui est un format standard de l'industrie en utilisant :
"keytool -importkeystore -srckeystore spotfire.domain.com.jks -destkeystore spotfire.domain.com.jks -deststoretype pkcs12".

SQL useful commmands

SQL useful commmands (schema)

SELECT default_character_set_name FROM information_schema.SCHEMATA
WHERE schema_name = "schemaname";

For tables:

SELECT CCSA.character_set_name FROM information_schema.`TABLES` T,
       information_schema.`COLLATION_CHARACTER_SET_APPLICABILITY` CCSA
WHERE CCSA.collation_name = T.table_collation
  AND T.table_schema = "schemaname"
  AND T.table_name = "tablename";

For Columns:

SELECT character_set_name FROM information_schema.`COLUMNS`
WHERE table_schema = "schemaname"
  AND table_name = "tablename"
  AND column_name = "columnname";

pgSQL useful commmands

Connect PostgreSQL database

psql -d database -U yser -W
psql -U user -h host "dbname=db sslmode=require"

Switch connection database

\c dbname username
\l : list all databases
\dx : liste des extensions installées
\dt : list all tables
\d table_name : describe a table
\dn : list available schema
\dv : list available functions
\dv : list available views
\du : list all users and their assign roles

\g : execute previous command
\s <filename> : command history (save into filename)
\i filename : execute command from filename

\timing : turn on / off execution time
\e : launch EDITOR defined in your ENV
\ef <function_name> : execute a function named from editor

\a : command switches from aligned to non-aligned column output.
\H : command formats the output to HTML format.

SELECT version();

MySQLdump with nohup

Connect PostgreSQL database

sh -c 'nohup mysqldump -h mydb.hostname -u admin --triggers --routines --events --compress --all-databases --pXXXXX  > mydatabase.dmp &'

Create user pgSQL

See ROLES:

psql -U postgres -c "SELECT * FROM pg_roles;"

postgres=# create database mydb;
postgres=# create user myuser with encrypted password 'mypass';
postgres=# grant all privileges on database mydb to myuser;

PostgesQL locks errors

SELECT
    nom_base,
    schema_objet_locke,
    nom_objet_locke,
    type_objet_locke,
    duree_bloquage,
    pid_session_bloquante,
    user_session_bloquante,
    client_session_bloquante,
    derniere_requete_session_bloquante,
    heure_debut_session_bloquante,
    heure_debut_requete_bloquante,
    pid_session_bloquee,
    user_session_bloquee,
    client_session_bloquee,
    derniere_requete_session_bloquee,
    heure_debut_requete_bloquee,
    heure_debut_session_bloquee
FROM
(
SELECT distinct
    RANK() OVER (PARTITION BY c.pid ORDER BY g.query_start DESC) as rang,
    c.datname AS nom_base,
    e.nspname AS schema_objet_locke,
    d.relname AS nom_objet_locke,
CASE
    WHEN d.relkind IN ('t','r') THEN 'table'
    WHEN d.relkind = 'i' THEN 'index'
    WHEN d.relkind = 's' THEN 'sequence'
    WHEN d.relkind = 'v' THEN 'vue'
ELSE d.relkind::text
END AS type_objet_locke,
    TO_CHAR(now()-c.query_start,'DD')||'j '||TO_CHAR(now()-c.query_start,'HH24:MI:SS') AS duree_bloquage,
    g.pid AS pid_session_bloquante,
    g.usename AS user_session_bloquante,
    g.client_addr AS client_session_bloquante,
    g.query AS derniere_requete_session_bloquante,
    TO_CHAR(g.backend_start,'YYYYMMDD HH24:MI:SS') AS heure_debut_session_bloquante,
    TO_CHAR(g.query_start,'YYYYMMDD HH24:MI:SS') AS heure_debut_requete_bloquante,
    c.pid AS pid_session_bloquee,
    c.usename AS user_session_bloquee,
    c.client_addr AS client_session_bloquee,
    c.query AS derniere_requete_session_bloquee,
    TO_CHAR(c.query_start,'YYYYMMDD HH24:MI:SS') AS heure_debut_requete_bloquee,
    TO_CHAR(c.backend_start,'YYYYMMDD HH24:MI:SS') AS heure_debut_session_bloquee
FROM
    pg_locks AS a,
    pg_locks AS b,
    pg_stat_activity AS c,
    pg_class AS d,
    pg_namespace AS e,
    pg_locks AS f,
    pg_stat_activity AS g
WHERE a.pid = b.pid
    AND a.pid = c.pid
    AND b.relation = d.oid
    AND d.relnamespace = e.oid
    AND b.relation = f.relation
    AND b.pid <> f.pid
    AND f.pid = g.pid
    AND c.query_start >= g.query_start
    AND a.granted IS FALSE
    AND b.relation::regclass IS NOT NULL
    AND e.nspname NOT IN ('pg_catalog','pg_toast','information_schema')
    AND e.nspname NOT LIKE 'pg_temp_%'
    AND f.granted is true
) AS resultat
WHERE rang = 1
ORDER BY resultat.heure_debut_requete_bloquee,resultat.heure_debut_requete_bloquante ;

Hello World

A sample go program is show here.

package main

import "fmt"

func main() {
  message := greetMe("world")
  fmt.Println(message)
}

func greetMe(name string) string {
  return "Hello, " + name + "!"
}

Run the program as below:

$ go run hello.go

Variables

Normal Declaration:

var msg string
msg = "Hello"

Shortcut:

msg := "Hello"

Constants

const Phi = 1.618

Tip et configuration

# test la configuration
varnishd -C -f /etc/varnish/default.vcl
# Request sur les logs
varnishlog -q "RespStatus == 503" -g request
varnishlog -g request

Examples

# filter for 503 errors
varnishlog -q "RespStatus == 503" -g request
varnishlog -g request

# filter by request host header
varnishlog -q 'ReqHeader ~ "Host: example.com"'

# filter by request url
varnishlog -q 'ReqURL ~ "^/some/path/"'

# filter by client ip (behind reverse proxy)
varnishlog -q 'ReqHeader ~ "X-Real-IP: .*123.123.123.123"'

# filter by request host header and show request url and referrer header
varnishlog -q 'ReqHeader ~ "Host: (www\.)?example\.com"' -i "ReqURL" -I "ReqHeader:Referer:"

# filter for permanent redirects and show request host/url and new location
varnishlog -q "RespStatus ~ 301" -i "ReqURL" -I "ReqHeader:Host:" -I "RespHeader:Location:" -i "RespStatus"

# filter for permanent and temporary redirects and filter for Location "http://s3" to
# just show (for example) redirects to something on an Amazon S3 bucket
varnishlog -q '(RespStatus ~ 301 or RespStatus ~307) and RespHeader ~ "Location: https://s3"' \
   -i "ReqURL" -I "ReqHeader:Host:" -I "RespHeader:Location:" -i "RespStatus" -I "ReqHeader:Referer:"

Gestion des 503

vcl 4.0;

backend default {
    .host = "127.0.0.1";
    .port = "8080";
}

sub vcl_recv {
    if (req.url ~ "^/404") {
        return (synth(999, "make 404 error explicitly"));
    }
}

sub vcl_backend_response {
}

sub vcl_deliver {
}

sub vcl_backend_error {
    set beresp.http.Content-Type = "text/html; charset=utf-8";
    synthetic( {"errors due to backend fetch"} );
    return (deliver);
}

sub vcl_synth {
    if (resp.status == 999) {
        set resp.status = 404;
        set resp.http.Content-Type = "text/plain; charset=utf-8";
        synthetic({"errors due to vcl"});
        return (deliver);
    }
    return (deliver);
}