Nginx is our favorite web server currently as it is fast, lean and easy to configure. Performance is just outstanding and if you haven’t take a look at it.

One thing that I noticed while we deployed Nginx with Tomcat is that their default size for the buffers are very low. Don’t know why a 4K buffer size would be sufficient. If you keep it at their default size and might have a heavy duty Tomcat app then it could be that you will see error messages like:

upstream sent too big header while reading response header from upstream

The remedy for this error is to set the parameters for higher values for the proxy_buffer* parameters as we have done and now all is back to normal. Here are the current settings that worked well for us;

proxy_buffer_size   128k;
proxy_buffers   4 256k;
proxy_busy_buffers_size   256k;

Today I set out to get MySQL and PHP setup on my MacBook Pro. Since Apache2 already comes with MacOS X (mine is Snow Leopard and yours should be too!). Now, the funny thing is that I first searched on the web how to best install PHP and MySQL.

Surely, I came across MAMP (a package that gets you Apache2, PHP, MySQL and a couple libraries) in a nice one click application and some others. Being the guy who rather has things separated and controllable, I quickly shined away from those. Thought, I gave MAMP a try, but could not get MySQL to listen to anything else then the internal Apache2 server from the MAMP package (but guess that is another story and I’m really not doing this the first time.). Anyhow…

I then looked into getting Apache2, MySQL and PHP with MacPorts. Thought MacPorts has proven to be perfect in such circumstances, I had a hard time (and it took very long) to get this setup up and running. I’m sure, some of you have had successful installs and all works great, but at the end it did not work for me. There are even more instructions to get PHP running, with a lot of tweaking and such, but to be honest in the end…

Really the simplest and most straightforward method to get Apache2, MySQL and PHP running on MacOS X is;

MySQL

Now, this is really no brainer. All you need to do is to go to http://www.mysql.com and download the recent release. Within the download image you will find a nice installer and Preference pane which lets you start/stop MySQL. If you want to go all GUI, then also download the GUI tools from MySQL.

Apache2/PHP

The probably easiest of it all. Since MacOS X already comes with Apache2 and PHP all you need to do is to enable it. Thought, PHP is disabled in the httpd.conf, all there is to do is to edit httpd.conf and uncomment the mod for the php library.

That’s it!

Nothing to install, (almost) nothing to configure. Simple and easy.

SugarCRM is a good open source CRM, but the overwhelming functions and navigation makes it “sometimes” hard to really get to the one thing you want to do. In any case, it does the job well. Apart from that, I just came upon this error message within SugarCRM:

Warnings: Inbound Email cannot function without the IMAP c-client libraries enabled/compiled with the PHP module. Please contact your administrator to resolve this issue.

This definitely means that PHP is missing some mail libraries, but the message to compile PHP is kinda scary, isn’t it? Luckily, if you are using Ubuntu all you need to do is to issue an “apt-get” command and you are rolling. So here we go:

apt-get install php5-imap

This will install everything for you, make sure to restart PHP (restart Apache or the FastCGI).

We just moved a whole bunch of servers to a new hosting center and moved from CentOS to Ubuntu (server) and Apache to Nginx (more on this in a later blog post).

While we migrated mostly everything without problems we were confronted with the problem that our SSL certificate gave us an error message of the form:

“The certificate for this website was signed by an unknown certifying authority”

This was rather strange because the same certificate worked with Apache just fine. After some time and searching for a solution we found that we had to tell Nginx to use the SSL Chain file as well. The only problem is that Nginx does not have a explicit parameter like Apache has. In Apache the SSL config looks like this (we use a GoDaddy certificate):

SSLEngine On
SSLCertificateFile /etc/httpd/ssl/youcert.crt
SSLCertificateKeyFile /etc/httpd/ssl/yourkey.key
SSLCertificateChainFile /etc/httpd/ssl/gd_bundle.crt

Now, in order to get this working in Nginx you need to append the “gd_bundle.crt” to your crt file, which is quite simple with the following commands (do a backup of any files before doing this!):

cat gd_bundle.crt >> yourcert.crt

Then simply restart Ngnix and all is back to normal (but just really faster with Nginx then with anything else:-) ).

Just been going trough a lot of reconfiguration lately and today finished configuring a new server. While testing the mail function we saw in the mail logs the following lines:

javax.mail.MessagingException - 501 Syntactically invalid HELO argument(s)

First we thought, it is the application server or sendmail/exim not being properly configured. But as we soon found out, one simply needs to have a valid hostname set for the server. In other words, this error is commonly caused by the hostname of the machine being wrong compared to what the mailserver expects. Java mail does a getHostName and uses that in the HELO.

And just in case you simply set your hostname with “hostname domain” it will not persist on the next reboot. In order to keep your new hostname you will need to change it in the hostname file itself, as in:

sudo  vi /etc/hostname

Do a reboot and all should be good.

We just moved some of our subversion repositories to a new server and with it changed the URL’s. Now, in order to change any existing checkout version to grab updates from the new subversion server we issued the simple “switch” command from subversion as in:

svn sw svn://svn.domain.com/trunk .

The problem with this was that the system complained with:

svn: 'svn://svn.domain.com/trunk'
is not the same repository as
'svn://svn.newdomain.com/trunk'

The correct syntax to relocate any existing checkout copy is to use the “–relocate” switch as in:

svn sw --relocate svn://svn.domain.com/trunk svn://svn.newdomain.com/trunk

And we are back in business…

CentOS, being a “legal copy” of RedHat, as good as it is, comes with some really outdated libraries. This has caused many, including myself, to find way how to bring latest code releases into CentOS. Be it by alternatives repros or compiling the packages.

Now, I don’t know how I could overlook it, but I just found out that the CentOS team offers a CentOS-Testing repro. Once installed you will get the latest library updates as well. Since it is based and supported by the CentOS guys, I figure it is the safest way to get the latest updates.

Simply add the following at /etc/yum.repos.d/centos-test.repo:

[c5-testing]
name=CentOS-5 Testing
baseurl=http://dev.centos.org/centos/5/testing/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://dev.centos.org/centos/RPM-GPG-KEY-CentOS-testing

Save it and do a yum check-update and you will get all the good yummies. Make sure that you don’t install something carelessly on a production server, right…

Mind you, I’m no PHP guru and I only have PHP installed on our server because of our Wordpress blogs. that said, I was facing an ugly PHP error today and somehow we could not load the Wordpress admin pages anymore of it. The error was:

PHP Warning:  Module 'fileinfo' already loaded in Unknown on line 0

After searching for a solution I thought it would be best to update PHP along the way. Thus I found this nice description on Webtatic Blog which describes how to update to the latest PHP version on CentOS 5.x (since the default repro only brings you 5.1.6).

Low and behold, after updating to the latest PHP version, it will give you 5.3.1, the error was gone and Wordpress Admin pages are back to normal.

Running an Oracle database is great, because it is stable and just runs, but sometimes you are hit with unexpected errors when you restart your machine. Thought, I know Oracle quite well, I’m always surprised at some things. Here are two errors (and solution) I was just confronted with:

ORA-27101: shared memory realm does not exist

To be honest, I don’t know why I was confronted with this error, since we haven’t changed anything to the machine or to the environment variables. Metalink suggest to check that the ORACLE_HOME and ORACLE_SID are correct. Funny thing is that this system runs for over a year without a change to the path, nevertheless I checked the ORACLE_HOME path and sure enough I had trailing slash at the end.

So, the solution was to see that ORACLE_HOME does NOT have a trailing slash.

echo $ORACLE_HOME
/opt/oracle/product/11/ <--- WRONG!

echo $ORACLE_HOME
/opt/oracle/product/11 <--- CORRECT!

Remember to log out of your current shell session in order to reapply the new settings.

ORA-28002: the password has expired

Now, this error caught be even worse, because it happened right within a production environment. Also, here I was unaware of this setting. In any case, Oracle seams to want you to reset your password after one year or so. In case, you want to disable this on a user without changing the users password you need to issue the following commands in sqlplus:

alter profile {user} limit password_verify_function null;

This will set the verification for this user to null. If you want to do this for every user in your system you would use this (this is applied to the DEFAULT profile):

alter profile DEFAULT limit password_verify_function null;

Once done you can then reset the password for the user with the same password or with another one with:

alter user {user} identified by {password};

Exit sqlplus and your changes should have been applied.

I had to spent way too much time the last time to set up ImageMagick and Ghostscript together that I simply jump right in so you don’t have to waste time on this, like I did.

Creating thumbnails and images from a PDF is one of the most used features within Razuna. But the other day, when we run the normal convert command we were faced with an error message within our web application of:

Error: Uncaught exception ‘ImagickException’ with message ‘Postscript delegate failed....: No such file or directory

Of course, the first thing I did was to see if we have a error in the shell. Strangely, there was NO error when running the same command in the shell! Needless to say, I spent many hours looking for a solution, trying out different things from reinstalling ImageMagick and Ghostscript to looking all over the web for an answer.

In the end, it boiled down to that web applications (be it CFML, PHP, etc.), are looking for a different executable path then when you run command from the shell. Since Ghostscript installed the executable in the “/usr/local/bin/gs” path the web application could not find it. So the solution to “hours of pain” was to simply create a symbolic link to the “gs” library in the “/usr/bin” directory with:

ln -s /usr/local/bin/gs /usr/bin/gs

Hope this helps the next seeker!