UFW and docker

if you use ufw/iptables as firewall, in default you cannot manage access port which docker using.

example if you want to only allow certain ip address to access mysql database port (3306) with ufw command

$ sudo ufw allow from 192.168.68.113 to any port 3306

another ip will still can access.

you need to add rule firewall in docker daemon

$ sudo echo '{ "iptables":false }' > /etc/docker/daemon.json

then restart docker service

$ sudo service docker restart

now test connect from allow and not allow ip port

UFW – make firewall simple

in linux we using iptables to manage connection in-out from or to another machine.

if you ever using iptables it headache to remember the command and what its mean.

lucky with ufw we have more simple “ui” to manage firewall.

this simple code in ubuntu base distro

# install ufw
$ sudo apt install ufw

# enable ufw
$ sudo ufw enable

# enable ssh / port 22 from certain ip
$ sudo ufw allow from 192.168.68.113 to any port 22

# enabe web http (port 80) and https to access from any
$ sudo ufw allow from any to any port 80

# list application which define in ufw
$ sudo ufw app list

# enable app
$ sudo ufw enable "WWW-SECURED"

# status ufw
$ sudo ufw status numbered

# delete rule ufw
$ sudo ufw delete 3

Sebuah PO Bus di akusisi

Scrolling berita dimedsos, ada sebuah PO bus yg cukup ‘tua’ di akusisi oleh perusahaan transportasi lain yg cukup terkenal. saya bukan penggemar bus atau suka menggunakan jasa bus, bahkan cenderung jika ada alternative transportasi, pasti memilih yang lain. mungkin pengalaman buruk di masa lalu berpergian dengan bus (bukan PO ini).

Karena saya tahu, saya tidak tahu apa-apa tentang bus, maka saya membaca ke komentar para viewernya. Dari yang mereka tulis, mereka mengutarakan kesan pengalaman menggunakan jasa PO tersebut.

beberapa kata yang saya tangkap dari komentar diberita itu “terlambat”, “mogok”, “tidak ramah”, “kenek pungli”, “tidak sampai tujuan”. Lalu dari positipnya “ramah”, “tepat waktu”. tapi komentar tersebut lebih banyak negatip dari pada positip. para membaca yg memberikan komentar positip terindikasi pengguna lama atau pengguna bisa di masa lalu, 5 – 10 tahun lebih. sementara yg memberikan kesan negatip, rata-rata adalah pengguna masa di bawah 5 tahun. dan juga kalimat lain yg menyebutkan “kompetitor”, “tertinggal”, “mahal”.

komentar negatip lebih banyak pada masalah pelayanan awak bus dan mogok. dan penurunan pelayanan itu terjadi pada 5 tahun belakangan (bisa juga lebih).

Kesimpulan, perusahaan bus adalah perusahaan jasa, dimana pelayanan kepada pengguna adalah salah satu bagian penting atau key point. Pengguna merasa tidak nyaman saat awak bus meminta tarif yang tidak tercantum pada aturan, pengguna sering kali merasakan mogok, hal ini jika ditarik sebab dari info komentar lain, disebabkan oleh armada bus yg sudah berumur. kenyamanan dan kemampuan dalam memberikan pelayanan jasa adalah hal penting dari perusahaan jasa tersebut, dari beberapa komentar lain menyebutkan mereka memilih pindah ke PO lain karena layanan yg lebih baik. intinya. adalah pelayanan, jika tidak bisa memberikan pelayanan yg baik, maka costumer akan berpindah / mencoba kompetitor lain.

debug – laravel with storage:link, file not found

yes i have installed laravel 10, with laradock as server. using storage:link but the file cannot show in browser.

my problem is permission, the storage folder need 775, this how it solve

# login to laradock workspace 
$ cd ~/workspace/laradock_folder
$ docker-compose exec --user=laradock workspace bash

# go to folder project
laradock@8b9c4bdfa44f:/var/www/$ cd myproject
laradock@8b9c4bdfa44f:/var/www/myproject/$ chmod -R 775 storage/

Laradock – multiple php version

have multiple projects laravel, the old version must run in php 7.4 and the latest laravel (2023-12-15) need at least php 8. the project cannot run in same time, and build php version need time and bandwith.

https://msirius.medium.com/1-n-php-versions-and-projects-via-laradock-51938b337071

add config php 8.2 in docker-compose.yml

open file docker-compose.yml copy and paste php-fpm: part

change from

php-fpm:
args:
- - LARADOCK_PHP_VERSION=${PHP_VERSION}
volumes:
- ./php-fpm/php${PHP_VERSION}.ini:/usr/local/etc/php/php.ini

to

php-fpm-8.2:
args:
- LARADOCK_PHP_VERSION=8.2
volumes:
- ./php-fpm/php8.2.ini:/usr/local/etc/php/php.ini

add config in nginx

$ cd nginx/sites 
$ cp default.conf php8laravel.conf 
$ code php8laravel.conf

change value in file php8laravel.conf
from

server_name localhost;
root /var/www;
fastcgi_pass php-upstream:9000;

to

server_name yourphp8server.gw;
root /var/www/your-folder-laravel-required-php8/public;
fastcgi_pass php-fpm-8.2:9000;

build with command

docker-compose build php-fpm-8.2
docker-compose build workspace

add domain to /etc/hosts file

sudo nano /etc/hosts

add this line

127.0.0.1 yourphp8server.gw

save and exit with button Ctrl+X

run with command

docker-compose up -d nginx mysql phpmyadmin workspace php-fpm-8.2

then open localhost and yourphp8server.gw with browser

how to run artisan ?

we can’t sign to workspace to exec php 8.2, becouse php-upstream using php default (7) and php8 just extend. so how if we need php artisan which using php 8 ?

# login to php 8 with www-data user
$ docker-compose exec --user=www-data php-fpm-8.2 bash

now test with

$ cd you-project-laravel10-need-php8
$ php artisan make:model Kelas -m

now you can edit & save the file in text editor

add composer to php-fpm-8.2

we need composer if want install fresh latest or version laravel, the command

# install laravel via composer
$ composer create-project laravel/laravel example-app

and we cannot do this via workspace, becouse workspace using php 7 as default. so we need to install composer in build php-fpm-8.2 image
open file php-fpm/Dockerfile, look in last line code
from

# Configure locale.
ARG LOCALE=POSIX
ENV LC_ALL ${LOCALE}

WORKDIR /var/www

CMD ["php-fpm"]

EXPOSE 9000

to

# Configure locale.
ARG LOCALE=POSIX
ENV LC_ALL ${LOCALE}

## adding composer
COPY --from=composer /usr/bin/composer /usr/local/bin/composer

WORKDIR /var/www

CMD ["php-fpm"]

EXPOSE 9000

RASA chat bot integrated with telegram

prequeties:

• had bot telegram with key access_token
• downloaded ngrok
• using python 3.9 (you can have 2 python version in laptop)
• for simply dev with venv just using PyCharm

pycharm

setup new project, just call rasa-chat-bot in ~/workspace/rasa-chat-bot.
using venv with python 3.9. create project.

setup rasa

just simply setup rasa default for test. in pycharm open tab terminal,

# create new folder
$ mkdir RasaDefault && cd RasaDefault

# fast setup new rasa
$ rasa init --no-prompt

# let it, lets change another file

get ngrok url

exec ngork with command

./ngrok http 5005

example you get url https://e33d-101-128-117-173.ngrok-free.app. copy ngrok url

add config telegram to rasa

open file credentials.yml, you can clear the rest and just fill

rest:

telegram:
  access_token: "396175282:AAHXVRsnEDWYs9gjI6b7ao0GIXyTgLFEqv8"
  verify: "your_name_bot"
  webhook_url: "https://e33d-101-128-117-173.ngrok-free.app/webhooks/telegram/webhook"

rasa:
  url: "http://localhost:5002/api"

setup webhook telegram

open browser paste url, or via curl

https://api.telegram.org/bot396175282:AAHXVRsnEDWYs9gjI6b7ao0GIXyTgLFEqv8/setWebhook?url=https://e33d-101-128-117-173.ngrok-free.app/webhooks/telegram/webhook

wait json respond

restart rasa

back to terminal, shutdown rasa shell with message /stop.
then start rasa server with command

rasa run --enable-api --cors "*"

test chat with bot

Speed Up Import SQL docker mariadb

i faced very slow import query file in docker mariadb,the file only have size 250MB but it takes more than 6 hours to import (and not finished)

then find the config from dba.stackexchange.com , it bost my import file to under 5 minutes

using docker compose to running docker this my config

this my docker-compose.yml file

version: "3"
services:
  mariadb:
    image: mariadb
    volumes:
      - ./db:/var/lib/mysql:delegated
      - ./logs:/var/log/mysql
      - ./tmp:/tmp
      - ./custom.cnf:/etc/mysql/conf.d/custom.cnf
    ports:
      - 3306:3306
    environment:
      TZ: "Asia/Jakarta"
      MYSQL_ALLOW_EMPTY_PASSWORD: "no"
      MYSQL_ROOT_PASSWORD: "root"
      MYSQL_USER: "userdb"
      MYSQL_PASSWORD: "passdb"
      MYSQL_DATABASE: "test"

this my custom.cnf file

[mysqld]
# https://dba.stackexchange.com/questions/83125/mysql-any-way-to-import-a-huge-32-gb-sql-dump-faster
innodb_buffer_pool_size = 4G
innodb_log_buffer_size = 256M
innodb_log_file_size = 1G
innodb_write_io_threads = 16
innodb_flush_log_at_trx_commit = 0

git clone modified jpg binary file

this couse by crlf in different computer, you can solve with ignore

cd your/source/project
git config core.fileMode false

gitignore not removing modified file

i clone new git from my repo, build docker compose and up it. but when i check with git status
““`
git status
““`

much file had modified in public/template (laravel source code)
i will ignore this with add public/template in .gitignore file

but its still detect as modified

it problem in cache git, so remove cache add all file
““

git rm --cached -r .
git add . 
git commit -m "refreshed ignored files."

git status
# On branch master
# Your branch is ahead of 'origin/master' by 2 commits.
#   (use "git push" to publish your local commits)
#
nothing to commit, working directory clean

git pull
Already up-to-date.

mirroring android screen over wifi using scrcpy

using fedora 38 as my laptop OS,

1. in laptop install ADB

sudo dnf install android-tools

2. enable wireless debuging
   
   
3. see IP address and port
   
4. cek pairing code
   
5. in laptop do pairing command with adb
   
6. connect
   adb connect 192.168.68.104:39331
   
7. install scrcpy

sudo dnf copr enable zeno/scrcpy
sudo dnf install scrcpy

6. execute scrcpy

scrcpy