Ansible mysql_secure_installation playbook

Right after installing MySQL/MariaDB server it is mandatory to run mysql_secure_installation tool that comes with the default server installation. This tool mainly removes the test database, test and anonymous users and set a new password for user root.

Following is an Ansible playbook to achieve the same results:

---
# Ansible mysql_secure_installation playbook

- name: delete anonymous MySQL server user for {{ ansible_hostname }}
  action: mysql_user user="" host="{{ ansible_hostname }}" state="absent"

- name: delete anonymous MySQL server user for localhost
  action: mysql_user user="" state="absent"

- name: remove the MySQL test database
  action: mysql_db db=test state=absent
  
  
# 'localhost' needs to be the last item for idempotency, see
# http://ansible.cc/docs/modules.html#mysql-user   
- name: Change root user password on first run
  mysql_user: login_user=root
              login_password=''
              name=root
              password={{ mysql_root_password }}
              priv=*.*:ALL,GRANT
              host={{ item }}
  with_items:
    - "{{ ansible_hostname }}"
    - 127.0.0.1
    - ::1
    - localhost

As it is not very recommended to store the MySQL root password anywhere, you will have to pass it as an Ansible variable:

$ ansible-playbook -i <your inventary> mysql_secure_installation.yml --extra-vars "mysql_root_password=<your password>"

How to fix SSH “Host key verification failed” error

If you’ve ever rebuilt a server that you have connected to in the past, chances are you’ve received an error when trying to ssh back into it for the first time since the rebuild. If you’re getting a screen that says “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!”:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is b7:f5:48:4c:d0:1d:76:6a:50:4a:88:12:c7:80:f1:e5. Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending key in /home/user/.ssh/known_hosts:2 RSA host key for myhost has changed and you have requested strict checking. Host key verification failed. - See more at: http://injustfiveminutes.com/2014/08/13/how-to-fix-ssh-host-key-verification-failed-error

Since we just rebuilt our server, this error is expected as the it is sending a new RSA key different than the one stored in /home/user/.ssh/known_hosts and now your computer’s ssh system is saying, “Hold on, this server you’re connecting to via this IP is not giving me the same ID. It could be that you just rebuilt the server, or it could be a man-in-the-middle attack!”

The workaround is actually quite simple, we have to remove the stored RSA key so we can add safely the new one.
To do so, take a look at the last integer of the line that says “Offending ECDSA key,” because this integer is actually the line number inside your known_hosts file that’s throwing the error.

/home/user/.ssh/known_hosts:2 

Then type in the following command, changing the number 2 to whatever matches your own error.

sed -i '2d' ~/.ssh/known_hosts

 

UPDATED

The offending RSA key can be also be removed with:

ssh-keygen -f "/home/user/.ssh/known_hosts" -R <server ip>

ifconfig command not found on CentOS 7

CentOS 7 has been recently released studded with many new features. On the part of exploring the CentOS 7, you might encounter with its first change if you use the minimal installation.

On CentOS 6.x and before, ifconfig command by default used to shipped. Whereas in minimal installed CentOS 7 , ifconfig command it is not found.

To get the ifconfig command into our system , run the below given command as root:

yum install net-tools

What’s my public IP address from linux command line

Lots of times you need to determine your public IP address, if you are using Linux operating system to power your PC, you may use some good console commands to guess your public IP address.

Most of these methods will return you the local IP and not the public IP of your proxy if you are behind one.

WGET

wget -q -O - checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//'

CURL

curl -s checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//'

LYNX

lynx -dump ifconfig.me | grep 'IP Address'

How to Add EPEL Repository in CentOS/RHEL 7/6/5

EPEL or “Extra Packages for Enterprise Linux” is an online yum repository providing high quality of rpm packages. These packages are developed and tested on fedora, which is available for RHEL. RHEL 7 beta packages are also available to install now.

For RHEL 7(beta)

# rpm -Uvh http://epel.mirror.net.in/epel/beta/7/x86_64/epel-release-7-0.1.noarch.rpm

For CentOS/RHEL 6

On 32-Bit
# rpm -Uvh http://epel.mirror.net.in/epel/6/i386/epel-release-6-8.noarch.rpm

On 64-Bit
# rpm -Uvh http://epel.mirror.net.in/epel/6/x86_64/epel-release-6-8.noarch.rpm

For CentOS/RHEL 5

On 32-Bit
# rpm -Uvh http://epel.mirror.net.in/epel/5/i386/epel-release-5-4.noarch.rpm

On 64-Bit
# rpm -Uvh http://epel.mirror.net.in/epel/5/x86_64/epel-release-5-4.noarch.rpm

Submitting large amount of data in a form with PHP max_input_vars

Recently I was working on a project which had an Excel-like spreadsheet fully implemented in jQuery using the HandsomeTable plugin (http://handsontable.com/).
The number of rows to be saved was unpredictable and all the data was submitted on a POST request to the server. When tried to save it got saved only partially data, rest of rows got truncated. Checking if there were any PHP errors, I found the following in the error logs:

PHP Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0, referer: http://example/process

There is a PHP setting “max_input_vars” which limits the number of variables that PHP will process. If this value is 1000 (default is 1000) PHP will process first 1000 variables and drop the remaining throwing no errors to the browser.

To solve this issue we need to increase the “max_input_vars” to a bigger number.
There are 2 ways. Either by changing the variable in .htaccess file (or your VirtualHost config file) or php.ini file.

1. Change max_input_vars using .htaccess file

Add the following line in you .htaccess file.

php_value max_input_vars 2000

2. Change max_input_vars using php.ini file

Edit your php.ini file and search for “max_input_vars“. this might look something similar to following:

; max_input_vars = 1000

The above line is commented, that means it will take PHP’s default value which is 5000. To change it to 5000 change that line to be:

max_input_vars = 5000

After this change you will have to restart Apache server.