My vim standard config

highlight Cursor guifg=white guibg=black
highlight iCursor guifg=white guibg=steelblue
set guicursor=n-v-c:block-Cursor
set guicursor+=i:ver100-iCursor
set guicursor+=n-v-c:blinkon0
set guicursor+=i:blinkwait10
set mouse=a

autocmd TextChanged,TextChangedI <buffer> silent write


set clipboard=unnamedplus
set paste
set nu
set tabstop=4

noremap <S-s> :w <Enter>


let g:netrw_banner = 0
let g:netrw_liststyle = 3
let g:netrw_browse_split = 4
let g:netrw_altv = 1
let g:netrw_winsize = 25
augroup ProjectDrawer
  autocmd!
  autocmd VimEnter * :Vexplore
augroup END

function! NetrwOpenMultiTab(current_line,...) range
   " Get the number of lines.
   let n_lines =  a:lastline - a:firstline + 1

   " This is the command to be built up.
   let command = "normal "

   " Iterator.
   let i = 1

   " Virtually iterate over each line and build the command.
   while i < n_lines
      let command .= "tgT:" . ( a:firstline + i ) . "\<CR>:+tabmove\<CR>"
      let i += 1
   endwhile
   let command .= "tgT"

   " Restore the Explore tab position.
   if i != 1
      let command .= ":tabmove -" . ( n_lines - 1 ) . "\<CR>"
   endif

   " Restore the previous cursor line.
   let command .= ":" . a:current_line  . "\<CR>"

   " Check function arguments
   if a:0 > 0
      if a:1 > 0 && a:1 <= n_lines
         " The current tab is for the nth file.
         let command .= ( tabpagenr() + a:1 ) . "gt"
      else
         " The current tab is for the last selected file.
         let command .= (tabpagenr() + n_lines) . "gt"
      endif
   endif
   " The current tab is for the Explore tab by default.

   " Execute the custom command.
   execute command
endfunction

" Define mappings.
augroup NetrwOpenMultiTabGroup
   autocmd!
   autocmd Filetype netrw vnoremap <buffer> <silent> <expr> t ":call NetrwOpenMultiTab(" . line(".") . "," . "v:count)\<CR>"
   autocmd Filetype netrw vnoremap <buffer> <silent> <expr> T ":call NetrwOpenMultiTab(" . line(".") . "," . (( v:count == 0) ? '' : v:count) . ")\<CR>"
augroup END


"execute "set <M-j>=\e1"
"nnoremap <M-j> :tabnew

noremap <Esc>1 1gt
noremap <Esc>2 2gt
noremap <Esc>3 3gt
noremap <Esc>4 4gt
noremap <Esc>5 5gt
noremap <Esc>6 6gt
noremap <Esc>7 7gt
noremap <Esc>8 8gt
noremap <Esc>9 9gt
noremap <Esc>z :tabnext <Enter>
noremap <C-w> :close <Enter> <Esc>
noremap <C-Tab> gt
noremap <C-S-Tab> gT
noremap <C-t> :tabnew <Enter>
noremap <Esc>e :Vex <Enter>
noremap <Esc>q :qa! <Enter>
noremap <Space>d <C-w>l
noremap <Space>a <C-w>h
noremap <Space>w <C-w>k
noremap <Space>s <C-w>j
noremap <Esc>s <C-w>w
noremap <C-s> :w <Enter>

" CTRL-Tab is next tab
noremap <C-Tab> :<C-U>tabnext<CR>
inoremap <C-Tab> <C-\><C-N>:tabnext<CR>
cnoremap <C-Tab> <C-C>:tabnext<CR>
" CTRL-SHIFT-Tab is previous tab
noremap <C-S-Tab> :<C-U>tabprevious<CR>
inoremap <C-S-Tab> <C-\><C-N>:tabprevious<CR>
cnoremap <C-S-Tab> <C-C>:tabprevious<CR>

noremap <silent> <F12> touch ~/.uwsgi.ini<cr>

 


Setup uWSGI and Emperor on Centos 6.xx

uWSGI is driving me crazy when install it, every single time. I’m using Centos 6.9 to setup my python app.

This one is for setup uWSGI and make sure you already installed Python2.7 on your machine:

$ wget https://bootstrap.pypa.io/get-pip.py
$ which python2.7
$ sudo /usr/local/bin/python2.7 get-pip.py
$ which pip2.7
$ sudo /usr/local/bin/pip2.7 install uWSGI
$ which uwsgi
$ uwsgi --version

Test your app with uWSGI manually:

$ sudo /usr/local/bin/uwsgi --ini /dir/to/app/uwsgi.ini

Setup vassels from uwsgi ini file

$ sudo mkdir -p /etc/uwsgi/vassels
$ sudo ln -s /dir/to/app/uwsgi.ini /etc/uwsgi/vassels/appname.ini

Create emperor to make uWSGI as a service:

$ sudo vim /etc/init.d/emperor
#!/bin/sh
# chkconfig: 2345 99 10
# Description: Starts and stops the emperor-uwsgi
# See how we were called.

RUNEMPEROR="/usr/local/bin/uwsgi --emperor=/etc/uwsgi/vassels"

PIDFILE=/var/run/emperor-uwsgi.pid
LOGFILE=/var/log/uwsgi/emperor.log

start() {
  if [ -f /var/run/$PIDNAME ] && kill -0 $(cat /var/run/$PIDNAME); then
    echo 'Service emperor-uwsgi already running' >&2
    return 1
  fi
  echo 'Starting Emperor...' >&2
  local CMD="$RUNEMPEROR &> \"$LOGFILE\" & echo \$!"
  su -c "$CMD" > "$PIDFILE"
  echo 'Service started' >&2
}

stop() {
  if [ ! -f "$PIDFILE" ] || ! kill -0 $(cat "$PIDFILE"); then
    echo 'Service emperor-uwsgi not running' >&2
    return 1
  fi
  echo 'Stopping emperor-uwsgi' >&2
  kill -7 $(cat "$PIDFILE") && rm -f "$PIDFILE"
  echo 'Service stopped' >&2
}

status() {
    if [ ! -f "$PIDFILE" ]; then
	echo "Emperor is not running." >&2
	return 1
    else
    	echo "Emperor (pid  `cat ${PIDFILE}`) is running..."
    	ps -ef |grep `cat $PIDFILE`| grep -v grep
    fi
}

case "$1" in
start)
      start
      ;;
stop)
      stop
      ;;
status)
      status
      ;;
restart)
      stop
      start
      ;;
*)
    echo "Usage: emperor {start|stop|restart}"
    exit 1
esac
$ sudo chmod +x /etc/init.d/emperor
$ sudo /etc/init.d/emperor start
$ sudo chkconfig emperor on

Check your app if it’s already running:

$ sudo ps -ef | grep uwsgi

SSH tunneling to your secured database/RDS through bastion/jump server with forwarded port

$ ssh -f -N -v -t -L 5433:target_host:5432 user@jump_server
  • target_host is the host/database_server/RDS that you want to access that only can be accessed from jump _server or bastion if you’re using AWS
  • jump_server is the host that accessible from you and the only host that can access target_host
  • 5432 is local port (postgresql default)
  • 5433 is the forwarded host/database_server/RDS port that you can access through localhost
    What’s next?

    Afterwards, you should be able to get postgresql open with forwarded port through localhost (5433).

    Test the forwarded port using telnet:

    $ telnet localhost 5433
    

    or using netcat:

    $ nc -vz localhost 5433
    

Create partition in Linux that size larger than 2TB

Install parted:

sudo apt-get install parted

Use parted to create partition:

parted /dev/sdb

Inside parted cli, follow these steps:

(parted) mklabel gpt
Warning: The existing disk label on /dev/sdb will be destroyed and all data on this disk will be lost. Do you want to continue?
Yes/No? yes
(parted) unit GB
(parted) mkpart primary 0.0GB 3000GB
(parted) print

Format the filesystem we created, using mkfs and try to mount it to mount point:

mkfs.ext4 /dev/sdb1
mkdir /tes
mount /dev/sdb1 /tes

SSH tunneling to your secured server through bastion/jump server with forwarded port

This is a quick guide will show you how to open ssh tunnel to ssh into your target server that can only be accessed from jump server. So this is how to do it:

ssh -v -t -L 10443:localhost:20443 <jump_server> ssh -t -L 20443:localhost:443 user@<target_server>
  • jump_server is the host that accessible from you and the only host that can access target_server
  • target_server is the host that you want to access that only can be accessed from jump _server or bastion if you’re using AWS
  • 10443 is the forwarded port that you can access to SSH to target_server

So, here is the example:

ssh -v -t -L 10443:localhost:20443 123.456.1.1 ssh -t -L 20443:localhost:443 user@10.1.1.1
  • 123.456.1.1 is my jump_server that I can only access to access target_server
  • 10.1.1.1 is the target_server

And try it out, see the magic for yourself! after the last command above executed, you will inside your target_server and 10443 port is open from your localhost.

target_server~$

If you want to just have your SSH session running in background and you want to SSH it by yourself, just try this command:

ssh -f -N -v -t -L 10443:localhost:20443 123.456.1.1 ssh -t -L 20443:localhost:443 user@10.1.1.1

if you want to remove the logs (disable verbose mode) when you logging in, just remove the “-v”

SSH to localhost with port 10443, to access your target_server

$ ssh localhost 10443

Magic!


Start forticlient VPN only with command line

If your VPN client office using forticlient, you might want to run your VPN client with only command line, so you don’t have to see the small window just for connect your servers from home. With this bash script you can run your forclient VPN client only with CLI. GUI is for loosers.

Install expect first if you’re using ubuntu.

$ sudo apt-get install expect

Then copy this script below and save itInside the script there are some variables like username, password, host, port, that you need to fill.

#!/bin/bash

# Forticlient SSL VPN Client launching script utilizing expect.

FORTICLIENT_PATH="/your-path-to-forticlient/64bit/forticlientsslvpn_cli"

# VPN Credentials
VPN_HOST="yourVPNHost:YourPort"
VPN_USER="yourVPNUser"
VPN_PASS="enter-your-pass-here"

if [[ $EUID -ne 0 ]]; then
  echo "This script must be run as root"
  exit 1
fi

if [ -z "$FORTICLIENT_PATH" ]; then
  FORTICLIENT_PATH=`uname -r | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)`
  if [ ! -f $FORTICLIENT_PATH ]; then
    echo "Tried to locate Forticlient SSL VPN Cli binary, but failed."
    echo "Specify it at variable FORTCLIENT_PATH"
    exit 1
  fi
  echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH"
fi

echo "Killing previous instances of Forticlient SSL VPN client..."
killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null

cat << EOF > /tmp/expect
#!/usr/bin/expect -f
match_max 1000000
set timeout -1
spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive
expect "Password for VPN:"
send -- "$VPN_PASS"
send -- "\r"

expect "Would you like to connect to this server? (Y/N)"
send -- "Y"
send -- "\r"

expect "Clean up..."
close
EOF

chmod 500 /tmp/expect
/usr/bin/expect -f /tmp/expect

rm -f /tmp/expect

After you saved the script, let’s try to run it with sudo mode:

$ sudo vpn.sh &

Post twitter using python script

$ pip install --upgrade pip
$ pip install tweepy
import tweepy

def get_api(cfg):
    auth = tweepy.OAuthHandler(cfg['consumer_key'], cfg['consumer_secret'])
    auth.set_access_token(cfg['access_token'], cfg['access_token_secret'])
    return tweepy.API(auth)

def main():
    cfg = {
        "consumer_key"        : "xxxxx",
        "consumer_secret"     : "xxxxx",
        "access_token"        : "xxxxx",
        "access_token_secret" : "xxxxx"
    }

    api = get_api(cfg)
    tweet = "my status here"
    status = api.update_status(status=tweet)

if __name__ == "__main__":
    main()