cjhaas.com

How to unit test with PHPUnit + Ubuntu 14.04 + WordPress – Part 1

Posted in PHP,WordPress by Chris Haas on September 16th, 2014

The below is pretty much directly from the online manuals for PHPUnit and WordPress but copied here for my personal usage.

Install PHPUnit

  1. Download:
    wget https://phar.phpunit.de/phpunit.phar
  2. Make executable:
    chmod +x phpunit.phar
  3. Move globally:
    sudo mv phpunit.phar /usr/local/bin/phpunit
  4. Test
    phpunit --version

Optionally, if you want to verify the signature, between steps #1 and #2:

  1. Download signature file
    wget https://phar.phpunit.de/phpunit.phar.asc
  2. Add the public key to our local file:
    gpg --keyserver pgp.uni-mainz.de --recv-keys 0x4AA394086372C20A
  3. Verify:
    gpg phpunit.phar.asc

Install WordPress

  1. Get a local copy of WordPress
    cd ~/
    svn co http://develop.svn.wordpress.org/trunk/ wordpress-develop
    cd wordpress-develop/
  2. Create a MySql database (replace DATABASE_NAME_HERE, USERNAME_HERE and PASSWORD_HERE)
    mysql -uroot -p -e "CREATE DATABASE DATABASE_NAME_HERE; GRANT ALL PRIVILEGES ON DATABASE_NAME_HERE.* TO USERNAME_HERE@localhost IDENTIFIED BY 'PASSWORD_HERE';FLUSH PRIVILEGES;"
  3. Copy the test config file
    cp wp-tests-config-sample.php wp-tests-config.php
  4. Modify the variables DB_NAME, DB_USER and DB_PASSWORD in wp-tests-config.php REMEMBER!!!This database gets erased every time a unit test is run so DO NOT POINT IT AT A PRODUCTION DATABASE
    vi wp-tests-config.php.
  5. Sanity check by running the official test suite:
    phpunit

Nginx Optimal SSL settings on Ubuntu 14.04

Posted in nginx by Chris Haas on September 16th, 2014

Below is how to configure Nginx for optimal SSL settings. These settings are directly from Mozilla’s recommend best practice page and were current as of the date of this post. Please refer to that site for the most current settings.

This post assumes that you already have a and you are working with the domain example.com.

  1. Generate your certificate request (CSR)
    sudo openssl req -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/example.com.key -out /etc/nginx/ssl/example.com.csr
  2. Get a cert with the CSR above. I use SSLs.com for my certs since they’re cheap, fast and they do the job. Some people think that you need to get a cert from a big name place like DigiCert or Thawte but in reality, consumers don’t care (let alone understand) so I don’t see a reason to pay extra. There’s a push to get EV (green bar) certs which I understand but still, most people just don’t seem to care.
  3. Assuming you went with the above you’ll get an email with your cert files. However, I usually just log back into my account, navigate to my cert and re-download the certificate which should have a zip file with two files, example.com.crt and bundle.crt. Both files are just text files so either copy or create and write both of them to /etc/nginx/ssl/
  4. Create this file, I’m not going to bother explaining it because I don’t fully understand it either:
    sudo openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
  5. Edit your site’s previously created configuration file:
    sudo vi /etc/nginx/sites-available/example.com.conf

    
    # Optional, redirect non-secure connections to the secure site
    server {
        listen         80;
        return 301 https://$host$request_uri;
    }
    
    server {
        listen 443;
    
        #Your path here
        root /var/www/html;
    
        #Your domain here
        server_name example.com;
    
        ssl on;
        ssl_certificate     /etc/nginx/ssl/example.com.crt;
        ssl_certificate_key /etc/nginx/ssl/example.com.key;
    
        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
        ssl_session_timeout 5m;
        ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK';
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:50m;
        ssl_stapling on;
        ssl_stapling_verify on;
        ssl_trusted_certificate /etc/nginx/ssl/bundle.crt;
        resolver 8.8.8.8;
    
        #Your other rules here
    }
    
  6. Test your configuration:
    sudo nginx -t
  7. Reboot Nginx:
    sudo service nginx restart

These settings should give you (as of this posting date) an A grade but not 100% across the board at Qualys SSL Labs. To do that you need to fix some other edge cases but even Qualys SSL Labs doesn’t seem to want to fix so I’m not too concerned.

Once again, and I can’t stress this enough, DO NOT JUST COPY THE ABOVE but actually go out to Mozilla’s or someone else’s site to get a list of currently recommend cipher suites and protocols, especially as this post gets older and older.

Nginx variable expansion in error_log for virtual hosts/servers

Posted in nginx by Chris Haas on September 4th, 2014

If you’re hoping to use an include for logging of virtual hosts (servers) in Nginx :

include global/logging.conf

so you can just do this in your server blocks, don’t keep your hopes up.

    access_log /home/me/sites/$server_name/logs/access.log;
    error_log /home/me/sites/$server_name/logs/error.log;

According to this email thread, variable expansion for the error_log directive is not supported. And according to this thread (and many others, too), variable usage in Nginx is generally bad because they need to be evaluated for each request. Nginx doesn’t just suck the state into global memory, evaluate/expand variables and keep that as the running config, probably because many of the variables of request-dependent. Makes sense but sucks.

But then again, how lazy am I? Yes, variables allow me to write one configuration to represent 30 sites, but those 30 sites creates millions of requests. I think I can take an extra 5 seconds to hardcode the log location into the configuration path. And if I ever change anything, I guess I can spend an extra 5 minutes updating all of those files. If I ever get dozen upon dozens of configurations, I guess I can spend an extra 30 minutes writing a bash script to manually expand these variables.

HHVM White Screen of Death

Posted in HHVM,nginx,PHP by Chris Haas on September 4th, 2014

I’m bringing up a new server and decided to give HHVM a shot for PHP processing. Having watched WordPress’s trac for several years now I’ve seen a couple of small and some very large things that needed to be changed in order for WordPress to run without issue. But now it seems to be pretty stable and all unit tests (as far as I know) are passing without issue. As can be seen in my other two posts installing HHVM on Ubuntu is relatively easy and configuring Nginx is also trivial.

The first four or five sites that I ported (copied) from Apache/PHP to Nginx/HHVM came over without issue but the last one I ported broke and it broke hard. Attempting to access the site caused a white screen of death and it took a while to trace the error logged in /var/log/hhvm/ related to the Debug Bar extension. Debugging was taking too long so I just switched over to PHP-FPM and everything’s working again. I think the issue was the same as listed in this post.

Does anyone know how to avoid the white screen of death from HHVM? Is there a way to turn screen logging of errors on similar to a default install of PHP on Apache?

Ubuntu 14.04 + Nginx 1.7.1 + HHVM 3.2

Posted in HHVM,nginx,PHP by Chris Haas on September 3rd, 2014

This is very similar to my previous post except I’m starting from a raw Ubuntu 14.04 server install.

  1. Download and install Ubuntu 14.04 Server and don’t install any additional packages (you can and they’ll probably work but I didn’t and this tutorial assumes you didn’t).
  2. Update
    sudo apt-get update
    sudo apt-get upgrade
  3. Add a development branch for Nginx 1.7:
    sudo apt-add-repository ppa:nginx/development
    sudo apt-get update
  4. Run an install scenario so you can see the about to be install version number. If you don’t get 1.7.x (1.7.1 for me as of right now), something is wrong
    sudo apt-get -s install nginx
  5. Install Nginx
    sudo apt-get install nginx
  6. Confirm that Nginx was installed and the expected version:
    nginx -v
  7. -Install HHVM:
    wget -O - http://dl.hhvm.com/conf/hhvm.gpg.key | sudo apt-key add -
    echo deb http://dl.hhvm.com/ubuntu trusty main | sudo tee /etc/apt/sources.list.d/hhvm.list
    sudo apt-get update
    sudo apt-get install hhvm
  8. Confirm that HHVM was install and the expected version:
    hhvm --version
  9. Configure HHVM to run in Nginx:
    sudo /usr/share/hhvm/install_fastcgi.sh

EDIT

And before I forget, install an SMTP server, too! Postfix is common but some people say exim is better. I’m not doing anything special and don’t really care one way or another but I picked exim.

  1. sudo apt-get install exim4
    sudo dpkg-reconfigure exim4-config
  2. Most of the questions asked should be fine with the defaults but for usage you probably want to change it to Internet instead of local

The Relative Cost of Bandwidth Around the World

Posted in Uncategorized by Chris Haas on September 3rd, 2014

This post from the CloudFlare blog comparing the price of bandwidth around the world was very interesting. Also, I need to find some internet direction stickers.

http://blog.cloudflare.com/the-relative-cost-of-bandwidth-around-the-world

PHP Spec

Posted in PHP by Chris Haas on September 2nd, 2014

I know I’m late to the game but this is good news

WordPress + Nginx + HHVM

Posted in nginx,PHP,WordPress by Chris Haas on August 28th, 2014

Today I played around with installing WordPress 3.9 on Nginx at DigitalOcean and was amazed at how easy it really was. It was so easy that I decided to also install HHVM. I’m not going to go into every detail since I mostly just used already existing tutorials that I combined.

  1. Create a droplet
    1. Pick any size, I chose a 1GB because I wanted to compare it with an already existing site I had running up there.
    2. For Linux distributions, pick Ubuntu 14.04 x64
      1. The 64-bit version is very important for HHVM since they have no plans on ever supporting a 32-bit OS

      ubuntu-64

  2. Setup a non-root account.
  3. Update everything
    1. sudo apt-get update
      sudo apt-get upgrade
  4. Install Nginx
  5. Install HHVM
    1. That post is for Ubuntu 13 so you need to use the code below (which also assumes you are not running as root)
      wget -O - http://dl.hhvm.com/conf/hhvm.gpg.key | sudo apt-key add -
      echo deb http://dl.hhvm.com/ubuntu trusty main | sudo tee /etc/apt/sources.list.d/hhvm.list
      sudo apt-get update
      sudo apt-get install hhvm
    2. Assuming that you are not running as root you’ll need to sudo this command towards the bottom instead:
      sudo /usr/share/hhvm/install_fastcgi.sh
  6. Install WordPress
  7. You’ll probably have to change some permissions so that you can upload and delete things:
    sudo find /var/www/html -type d -exec chown www-data:www-data {} \;
    sudo find /var/www/html -type f -exec chown www-data:www-data {} \;
  8. This next one is optional but if your permissions ever get out of whack for some reason you can reapply them:
    sudo find /var/www/html -type f -exec chmod 644 {} \;
    sudo find /var/www/html -type d -exec chmod 755 {} \;

How to merge PDFs and add a Table of Contents (TOC)

Posted in iTextSharp by Chris Haas on August 14th, 2014

This sample code shows how to merge multiple PDFs and add a Table of Contents (TOC) at the end of the document.

http://stackoverflow.com/a/25316944/231316

How to convert HTML to PDF using iTextSharp

Posted in iTextSharp by Chris Haas on August 6th, 2014

I just posted a question and answer tutorial on Stack Overflow for how to convert HTML to PDF using iTextSharp. It shows off both HTMLWorker as well as XMLWorker.