Nginx proxy with Ansible and letsencrypt for multiple domains

Posted on Thu 25 August 2016 in SysAdmin • Tagged with nginx, proxy, ansible, letsencrypt, ssl

Say you're running an nginx proxy and need to set up multiple domains with different backends.



- hosts: proxy
    letsencrypt_webroot_path: /var/www/letsencrypt/
    letsencrypt_email: [email protected]
    letsencrypt_renewal_command_args: '--renew-hook "systemctl restart nginx"'
    - { role: ansible-letsencrypt, tags: letsencrypt }
    - { role: nginx, tags: nginx }

In your nginx role:


http {
    ssl_certificate /etc/letsencrypt/live/{{ letsencrypt_cert_domains[0] }}/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/{{ letsencrypt_cert_domains[0] }}/privkey.pem;


server {

  listen 80;
  listen 443;


  location /.well-known/acme-challenge {
    add_header  X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
    root /var/www/letsencrypt/;

Dumping PHP headers

Posted on Mon 07 March 2016 in SysAdmin • Tagged with php, testing, debug

I read this somewhere and want to keep it around.

Sometimes I need to debug HTTPS/header issues in a load balanced environment.

Here's how to dump all the headers in PHP:

/* {DocumentRoot}/headers.php
Show all values defined on $_SERVER */
     while (list($var,$value) = each ($_SERVER)) {
            echo "$var => $value <br />";

Multiple Ansible versions on Mac

Posted on Thu 03 March 2016 in SysAdmin • Tagged with ansible, testing, debug

I ran into some regression bugs with the latest version of Ansible and wanted to test to confirm a few things before posting bug reports. As I run MacOS at work, Ansible is installed from Brew. If you're lucky, you might still have your old versions around:

$ ls /usr/local/Cellar/ansible/

Otherwise you can just clone the branch:

git clone -b ${VERSION} --recursive ${VERSION}

and run with the correct PYTHONPATH:

source ${ANSIBLE_DIR}/hacking/env-setup
PYTHONPATH="${ANSIBLE_DIR}/lib/:/usr/local/Cellar/ansible/" ansible-playbook test.yml

env-setup adds the first PATH but the second is specific to the Brew install so you need to add it manually.

If you run the above incorrectly, you will be missing modules and see errors like this:

Unexpected Exception: No module named yaml
the full traceback was:

Traceback (most recent call last):
    File "/Users/thanh/Downloads/ansible/ansible-", line 72, in <module>
        mycli = getattr(__import__("ansible.cli.%s" % sub, fromlist=[myclass]), myclass)
    File "/Users/thanh/Downloads/ansible/", line 27, in <module>
        import yaml
ImportError: No module named yaml


Traceback (most recent call last):
    File "/Users/thanh/Downloads/ansible/ansible-", line 39, in <module>
    from ansible.errors import AnsibleError, AnsibleOptionsError, AnsibleParserError
ImportError: No module named ansible.errors

Microphone feedback loop with PulseAudio

Posted on Tue 06 October 2015 in Linux • Tagged with alsa, arch, archlinux, pulseaudio

Moving to PulseAudio is pretty painless. Just need to install the package and edit /etc/pulse/client.conf to have:

autospawn = yes

One issue I did have was I kept hearing my microphone input in my headphones using a USB headset.
Fixing this was quite simple - in alsamixer, use F6 to select the 'sound card' and select your headset.
Mute the 'Playback' for the microphone while leaving the capture options on.

Finding out your Solr version

Posted on Thu 01 October 2015 in SysAdmin • Tagged with solr, tomcat

I can never remember how to do this without the GUI so here is the quick command to detect the Solr version you're currently running:

wget -q -O- localhost:8080/solr/admin/registry.jsp | grep -E "spec-version|impl-version"

A helpful StackOverflow link: