code: 2020

Tuesday, November 3, 2020

Let's Docker Nging reverse proxy Laravel

docker compose laravel swag

Step 1: Wire up swag to your existing docker-compose multi container schema. When your ready flip your staging directive to true so you don't timeout your certbot by mistake if you are steadily destroying containers and remaking them.

Add the following to the docker-compose.yml services directive:

  swag:
    image: linuxserver/swag
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/New_York
      - URL=advisory.nyc
      - SUBDOMAINS=wizdev,
      - VALIDATION=http
      - ONLY_SUBDOMAINS=true #optional
      - STAGING=false #optional
    volumes:
      - ./swag:/config
    ports:
      - 443:443
      - 80:80
    restart: unless-stopped

  swag:
    image: linuxserver/swag
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/New_York
      - URL=advisory.nyc
      - SUBDOMAINS=wizdev,
      - VALIDATION=http
      - ONLY_SUBDOMAINS=true #optional
      - STAGING=false #optional
    volumes:
      - ./swag:/config
    ports:
      - 443:443
      - 80:80
    restart: unless-stopped

Step 2
Change the .env file to explicitly say site_location http:///somesite.you.com, and docker-compose run artisan config:clear

external assets will get blocked unless you do the following steps

Step 3
Add this to the boot() function inside of app/Providers/RouteServiceProvider.php

            /** @var \Illuminate\Routing\UrlGenerator $url */
            $url = $this->app['url'];
            // Force the application URL
            $url->forceRootUrl(config('app.url'));

            /** @var \Illuminate\Routing\UrlGenerator $url */
            $url = $this->app['url'];
            // Force the application URL
            $url->forceRootUrl(config('app.url'));

src: https://laracasts.com/discuss/channels/laravel/how-i-can-force-all-my-routes-to-be-https-not-http?page=1

Step 4
Open all proxies in app/Http/Middleware/TrustProxies.php by changing this directive to a star dot star
```
protected $proxies = '**';
```
```
protected $proxies = '**';
```
src: https://laravel.com/docs/5.5/requests#configuring-trusted-proxies
Step 5 add your proxy pass block with your proto scheme to your nginx.conf

        location / {
                proxy_pass http://wizdev.advisory.nyc:8080/;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                # try_files $uri $uri/ /index.html /index.php?$args =404;
        }


        location / {
                proxy_pass http://wizdev.advisory.nyc:8080/;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                # try_files $uri $uri/ /index.html /index.php?$args =404;
        }

Wednesday, February 5, 2020

VMWare Fusion Catalina VM, Jamf Pro

Get The Catalina Installer

Obtain an Install macOS Version Mojave from your /Applications folder. Or run cd; curl -O https://raw.githubusercontent.com/munki/macadmin-scripts/master/installinstallmacos.py; sudo python installinstallmacos.py --workdir /tmp

open /tmp

Double Click the Installer DMG, Drag the Install macOS Catalina from within the DMG to the Desktop. Feed that to VMWare Fusion 11.5 +.

You will need VMWare Fusion 11.5 or Higher, Pro or Regular doesn't matter.

Make The VMWare VM

open /tmp
Double click the dmg
Drag the actuall Install macOS Mojave to VMWare Fusion

Right after the OS installs I would suggest shutting down and making a clone.

Serialize

Shut the VM all the way down, use my script to set the serial number: https://github.com/zackn9ne/make_jamf_vm

Do All The Things

Start the VM and enroll in Jamf Pro

Thursday, January 2, 2020

Install Terminus Font Ubuntu

Terminus font is easy to install in ubuntu command line. Just do this: sudo apt-get install xfonts-terminus console-terminus

Wednesday, January 1, 2020

How to setup Unifi Docker AWS Controller (instead of using a cloudkey)

Set Up Your EC2

* get an aws ec2 supporting docker
* open the ports as described in the docker manifest: https://hub.docker.com/r/linuxserver/unifi-controller
* factory your USG
* ssh into your usg ubnt@usg-lan-ip-addr
* factory your USG from command line if you are feeling doubtful that the above worked: you can skip above step if you can somehow get in sudo syswrapper.sh restore-default
* set-inform http://$EC2IP:8080/inform
* head to https://$EC2IP:8443 and log in and now you can adopt your USG-3
* repeat the set-inform on your other Unifi branded devices and they will populate in the EC2 controller

Bonus Points Upgrading your (Unifi Device)

* while your ssh connection is live on the device, google unifi upgrade and get the link to the proper firmware, currently it's here https://downloads.ui.com/unifi
* upgrade https://$FIRMWARE (where $FIRMWARE) is the url of the firmware

What if the IPADDRESS of my Controller Changed, like I forgot To Set A Elastic IP?

It's all good you can SSH into your local devices using probably the last IP address shown in your messed up controller. Note when the devices get adopted the ssh creds change from default to something like superadmin, and a hash found in the following screen, so grab the ssh creds like so:

They let you view the password in plain text, and ssh right in, redo the set-inform command with the new URL and you will be all set. Do it per each device.

code

My YouTube Tutorials