Blog

Blog

Custom PostGreSql version ( 9.6 ) pg_dump and restore from and to remote host

Backup PostgreSQL Remote DB:

SSL / TLS setup of RapidSSL certificate with Nginx on Ubuntu server

Here is guide to setup SSL / TLS in Nginx ubuntu instance:

- Generate Pvt key
    openssl genrsa -out /home/ubuntu/something_com_pvt.key 2048

- Generate CSR from pvt key
    openssl req -new -key /home/ubuntu/something_com_pvt.key -out /home/ubuntu/something_com_.csr

- Submit above CSR To SSL Provider, RapidSSL in our case.
- Download x.509 type certificates
- Combine intermediate and ssl certificate name it "ssl_final.cer" put it in /home/ubuntu/

- Execute following :
    sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

- put in nginx conf server block :
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;

- In /etc/nginx/snippets

    self-signed.conf content

    ssl_certificate /home/ubuntu/ssl_final.cer;
    ssl_certificate_key /home/ubuntu/something_com_pvt.key;

    ssl-params.conf content

    # from https://cipherli.st/
    # and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    # https://cipherli.st/
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_ecdh_curve prime256v1;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;


Restart Nginx. Thats It!

AWS IPv6 address to Existing EC2 and VPC Guide

Apple now forcing app developers to upload IOS builds with backend apis having support of IPv6 only. So sooner or later you have to add support of ipv6. 

Here is guide to setup ipv6 in AWS having ubuntu instance.

1. Go to VPC console and select existing vpc:
Actions > Edit CIDRs > in block "VPC IPv6 CIDRs" Associate auto IPv6 CIDR Block > Update
2. Go to VPC console > Subnets > Select subnets one by one and do following for all or yours selected one:
Actions > Edit IPV6 CIDRs > Associate auto IPv6 CIDR Block > Update
Actions > Modify Auto Assign IP Settings > Check both ipv4 and ipv6

3. Go to VPC Console > Route Tables :

Bash Shell Script to backup RDS/EC2 PostgreSQL DB and upload to S3 weekly

#!/bin/bash
# Run as sudo. for weekly backup of db. and upload to s3 bucket.
DBHOME="/home/priyank/crontabs/dbbackups/"
BUCKETNAME="yourAWSbucket"
SCRIPTNAME="$(basename $BASH_SOURCE)"
SCRIPTFULLPATH="$(pwd)/$(basename $BASH_SOURCE)"
mkdir -p $DBHOME
chown -R postgres:postgres $DBHOME
cp $SCRIPTFULLPATH $DBHOME
SCHEMA_BACKUP="$DBHOME/$(date +%w).sql"
sudo -u postgres touch $SCHEMA_BACKUP
sudo -u ubuntu echo "" > $SCHEMA_BACKUP
sudo -u postgres PGPASSWORD="yourPGpassword" pg_dump -h localhost -p 5432 -U postgres -F p -b -v --column-inserts --data-only -f $SCHEMA_BACKUP "yourDBname"
CRONPATH="$DBHOME$SCRIPTNAME"
chmod +x $CRONPATH
FLAGCHK=0
crontab -l | grep -q "$SCRIPTNAME" && FLAGCHK=1 || (crontab -l | { cat; echo "00 23 * * * $CRONPATH"; } | crontab -)
if [ $FLAGCHK -eq 0 ]
then
apt-get install s3cmd
s3cmd --configure
fi
s3cmd put $SCHEMA_BACKUP "s3://$BUCKETNAME/dbbackups/"

Bash Script to backup RDS/EC2 MySQL DB and upload to S3 weekly

You may come across task to write cronjob that takes backup of db every day/week/month and upload to aws s3. 
Here is shell script to do that job. make sure to replace bucket name, credentials with yours.

#!/bin/bash
# Run as sudo. for weekly backup of db. and upload to s3 bucket.
DBHOME="/home/ubuntu/priyank/crontabs/dbbackups/"
BUCKETNAME="yourAWSbucket"
SCRIPTNAME="$(basename $BASH_SOURCE)"
SCRIPTFULLPATH="$(pwd)/$(basename $BASH_SOURCE)"
mkdir -p $DBHOME
chown -R ubuntu:ubuntu $DBHOME
cp $SCRIPTFULLPATH $DBHOME
SCHEMA_BACKUP="$DBHOME/$(date +%w).gzip"
sudo -u ubuntu touch $SCHEMA_BACKUP
sudo -u ubuntu echo "" > $SCHEMA_BACKUP
sudo -u ubuntu mysqldump -P <yourDBport> -h <yourDBHost> -u <yourDBUser> -p<yourDBpassword> --force --opt --databases <yourDBName> | gzip -c > $SCHEMA_BACKUP
CRONPATH="$DBHOME$SCRIPTNAME"
chmod +x $CRONPATH
FLAGCHK=0
crontab -l | grep -q "$SCRIPTNAME" && FLAGCHK=1 || (crontab -l | { cat; echo "00 23 * * * $CRONPATH"; } | crontab -)
if [ $FLAGCHK -eq 0 ]
then
apt-get install s3cmd
s3cmd --configure
fi
s3cmd put $SCHEMA_BACKUP "s3://$BUCKETNAME/dbbackups/"