IPv4 Fremnet Logo
TOOLS, TINKERINGS & CODE

Show you care

More detail in NGINX error logs · 2938 days ago by Shannon Wynter

Where I’m working now we have a rather complicated internal structure to our rather large web application and it’s sometime super hard to track down the problem – especially if a request triggers an API call.

I’ve modified our frontend configuration to pass a X-Trace-ID and all our logging/servers to include that trace id in any given request

	set $tid $pid-$msec-$remote_addr-$connection-$request_id;
	if ($http_x_trace_id) {
		set $tid $http_x_trace_id;
	}
 	proxy_set_header X-Trace-ID $tid;
	fastcgi_param HTTP_X_TRACE_ID $tid;

Except when it comes to error logs, if anything goes wrong with a proxied request, we’re out of luck – well not any more :D

  1. diff -dur nginx-1.11.6.org/src/http/ngx_http_request.c nginx-1.11.6/src/http/ngx_http_request.c
  2. --- nginx-1.11.6.org/src/http/ngx_http_request.c2016-11-16 01:11:47.000000000 +1000
  3. +++ nginx-1.11.6/src/http/ngx_http_request.c2016-12-05 21:18:16.000000000 +1000
  4. @@ -118,6 +118,10 @@
  5.                   offsetof(ngx_http_headers_in_t, content_type),
  6.                   ngx_http_process_header_line },
  7.   
  8. +    { ngx_string("X-Trace-ID"),
  9. +                 offsetof(ngx_http_headers_in_t, x_trace_id),
  10. +                 ngx_http_process_header_line },
  11. +
  12.      { ngx_string("Range"), offsetof(ngx_http_headers_in_t, range),
  13.                   ngx_http_process_header_line },
  14.   
  15. @@ -3656,5 +3660,11 @@
  16.          buf = p;
  17.      }
  18.   
  19. +    if (r->headers_in.x_trace_id) {
  20. +        p = ngx_snprintf(buf, len, ", trace_id: \"%V\"",
  21. +                         &r->headers_in.x_trace_id->value);
  22. +        buf = p;
  23. +    }
  24. +
  25.      return buf;
  26. }
  27. diff -dur nginx-1.11.6.org/src/http/ngx_http_request.h nginx-1.11.6/src/http/ngx_http_request.h
  28. --- nginx-1.11.6.org/src/http/ngx_http_request.h2016-11-16 01:11:47.000000000 +1000
  29. +++ nginx-1.11.6/src/http/ngx_http_request.h2016-12-05 21:33:07.000000000 +1000
  30. @@ -185,6 +185,7 @@
  31.      ngx_table_elt_t                  *content_length;
  32.      ngx_table_elt_t                  *content_range;
  33.      ngx_table_elt_t                  *content_type;
  34. +    ngx_table_elt_t                  *x_trace_id;
  35.   
  36.      ngx_table_elt_t                  *range;
  37.      ngx_table_elt_t                  *if_range;
  38.  
  39. Download this code: nginx_trace_id.1.11.6.patch (Downloaded 1087 time(s))

Apply this patch to nginx-1.11.6 and X-Trace-ID will appear in your logs if it’s available

Comment

StartSSL - Free certificate, not worth the time · 4043 days ago by Shannon Wynter

So today I discovered that Karen at StartSSL has a confused definition of “commercial in nature” and “financial transaction”

I attempted to grab a ssl certificate for one of my subdomains on one of my servers so I could have an upcoming chrome plugin securely communicate with it.

In fact their website specifically highlights this feature: “The StartSSL™ Free certificates are intended for web sites which require protection of privacy and prevent eavesdropping.” – Sounds perfect doesn’t it.

According to their policy

Class 1 certificates are limited to client and server
certificates, whereas the later is restricted in its usage for
non-commercial purpose only. Subscribers MUST upgrade to Class
2 or higher level for any domain and site of commercial nature,
when using high-profile brands and names or if involved in
obtaining or relaying sensitive information such as health
records, financial details, personal information etc.

I should be good to go right?

This site clearly isn’t commercial in nature, nor is the domain I was attempting to get the certificate for (flatus.fremnet.net) I have no intent to make money off the chrome plugin or the data that’s being transferred.

I also have no intention of obtaining or relaying sensitive information such as health records, financial details, personal information etc

Having a paypal donate button in the top right hand corner of a site doesn’t make the site commercial, it’s giving others a chance to contribute to keeping the information here online – some of it is quite useful. Hosting isn’t free, it’s coming out of my pocket.

Having a paypal donate button indiciates that the financial transactions I do conduct (however few and far between) clearly won’t be run over the StartSSL free certificate as I already have a method that doesn’t involve them.

The kicker, I’ve had certificates from StartSSL before and this hasn’t been an issue.

I’m an open source coder and tinkerer, almost everything I do is given away, either under GPL or completely free without license or constraint.

Comment

Bukkit/Minecraft Plugins · 4620 days ago by Shannon Wynter

Well, it’s been an awfully long time since I made a post, but in order to help those wandering Bukkit users that make their way here via Google looking for my Bukkit plugins (as Bukkit have removed links to my plugins from their forums because I refuse to change the way I run my website) I thought it might be time for a new post

Bukkit – Wonderful system for adding plugins to the Minecraft server, great community, a bit heavy handed on the moderation.

If you are after my plugins including:

You will find them here: http://bukkit.fremnet.net/

But be warned, I give you the difficult^ choice of two download links to click on.
One gives me pennies for every click via the adf.ly service (just think of it as a way to contribute for free) while the other gives you a perfectly add free link to paste into wget or download directly

^ Bukkit moderator mbaxter thinks you are incapable of making an informed decision so has chosen to make your life less confusing by removing this one choice from the bukkit forums.

It seems policy there is any link that contains a link that contains a link to a page that has a link to adf.ly supported downloads is “direct(ing) users through adfly”. So here I make it clear, I direct you to chose to download through either an adf.ly supported link or a direct link.

Hell I even give you the option of donating real money through paypal

Comment [1]

Meh, hard disk crash · 5008 days ago by Shannon Wynter

Sorry for the recent downtime, my 74 gig raptor drive died and while I have pretty recent backups I’ve had to recover some stuff through the use of google cache so forgive the out of order posts and missing bits (if I missed any)

I still have to go through all the sub-domains and other sites I host to make sure everything functions (especially chumby things)

It’s late now, so this isn’t a long post, I have so many more things to sort out (this is more than a webserver)

Comment

A long awaited: Solar Updated · 5142 days ago by Shannon Wynter

Sorry it’s taken so long to update you all on my solar install.

The installers came back out and replaced my indoor in box inverter with an outdoor model and wired it up with two inputs.

One of the first photos from my new camera - upskirt shot of ... on Twitpic

Sexy isn’t it?

While they were here they found a faulty connector on the roof, which was killing one string from my array, and fixed it.

The install isn’t as tidy as I would have liked, but it works now.

I’ve created and released my first cpan module Device::Inverter::Aurora and stopped using the C program (not that there was anything wrong with the C program, this just suits my application better)

And, I’ve created a Google AppEngine application to produce and display graphs (for laughs I also use html5’s canvas and lots of javascript) – http://arraywatch.appspot.com/ – I love how you can see the lensing effect the edges of clouds have as they pass over the roof

Since the new meter was installed at the beginning of October I have exported 547kWH to the grid and imported only 167 at night (approx 10.13kw/day export)

The array is working well, not perfectly – it could really use some tilt – but since it’s been fixed we’ve had fairly bleh weather so I really haven’t been able to see what it’s peak is yet.

Comment

---== Copyright Shannon Wynter - All rights reserved - All wrongs avenged ==---