{"@attributes":{"version":"2.0"},"channel":{"title":"php &mdash; LinuxPizza","link":"https:\/\/blogs.linux.pizza\/tag:php","description":"Personal notes and occasional posts - 100% human, 0% AI generated","pubDate":"Sat, 18 Apr 2026 05:02:42 +0000","item":{"title":"Random stuff cheat-sheet","link":"https:\/\/blogs.linux.pizza\/random-stuff-cheat-sheet","description":"<![CDATA[LVM stuff\n\nWARNING: PV \/dev\/sda2 in VG vg0 is using an old PV header, modify the VG to update.\nUpdate the metadata with the vgck command - where the \"vg0\" is your own pool.\nvgck --updatemetadata vg0\ncurl stuff\nCurl a specific IP with a another host-header\ncurl -H \"Host: subdomain.example.com\" http:\/\/172.243.6.400\/\ngit stuff\ntell git.exe to use the built-in CA-store in Windows\ngit config --global http.sslBackend schannel\nrandom stuff\nSee which process is using a file\nfuser file\nImport RootCert into Java-keystore example\nsudo \/usr\/lib\/java\/jdk8u292-b10-jre\/bin\/keytool -import -alias some-rootcert -keystore \/usr\/lib\/java\/jdk8u292-b10-jre\/lib\/security\/cacerts -file \/usr\/share\/ca-certificates\/extra\/someRoot.crt`\n\nApache2 configs example\nEnable AD-authentication for web-resources\nLocation \/\n   AuthName \"AD authentication\"\n   AuthBasicProvider ldap\n   AuthType Basic\n   AuthLDAPGroupAttribute member\n   AuthLDAPGroupAttributeIsDN On\n   AuthLDAPURL ldap:\/\/IP:389\/OU=Users,OU=pizza,DC=linux,DC=pizza? \n   sAMAccountName?sub?(objectClass=)\n   AuthLDAPBindDN cn=tomcat7,ou=ServiceAccounts,ou=Users,OU=pizza,dc=linux,dc=pizza\n  AuthLDAPBindPassword \"exec:\/bin\/cat \/etc\/apache2\/ldap-password.conf\"\n  Require ldap-group \n  CN=somegroup,OU=Groups,OU=pizza,DC=linux,DC=pizza\n  ProxyPass \"http:\/\/localhost:5601\/\"\n  ProxyPassReverse \"http:\/\/localhost:5601\/\"\n\n\/Location\n\nInsert Matomo tracking script in Apache using modsubstitute\nAddOutputFilterByType SUBSTITUTE text\/html\nSubstitute \"s-\/head-script type=\\\"text\/javascript\\\"var paq = paq || [];paq.push(['trackPageView']);paq.push(['enableLinkTracking']);(function() {var u=\\\"https:\/\/matomo.example.com\/\\\";paq.push(['setTrackerUrl', u+'matomo.php']);paq.push(['setSiteId', '1']);var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];g.type='text\/javascript'; g.async=true; g.defer=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);})();\/script\/head-n\"\nLoad balance backend-servers\nProxy balancer:\/\/k3singress\n\tBalancerMember http:\/\/x.x.x.1:80\n\tBalancerMember http:\/\/x.x.x.2:80\n\tBalancerMember http:\/\/x.x.x.3:80\n\tBalancerMember http:\/\/x.x.x.4:80\n\tProxySet lbmethod=bytraffic\n\tProxySet connectiontimeout=5 timeout=30\n\tSetEnv force-proxy-request-1.0 1\n\tSetEnv proxy-nokeepalive 1\n\/Proxy\n       ProxyPass \"\/\" \"balancer:\/\/k3singress\/\"\n       ProxyPassReverse \"\/\" \"balancer:\/\/k3singress\/\"\n       ProxyVia Full\n       ProxyRequests On\n       ProxyPreserveHost On\nBasic Apache-config for PHP-FPM\nVirtualHost :80\n  ServerName www.example.com\n  DocumentRoot \/srv\/www.example.com\/htdocs\n  Directory \/srv\/www.example.com\/htdocs\n    AllowOverride All\n    Require all granted\n    DirectoryIndex index.html index.htm index.php\n    FilesMatch \"\\.php$\"\n      SetHandler proxy:unix:\/run\/php\/www.example.com.sock|fcgi:\/\/localhost\n    \/FilesMatch\n  \/Directory\n  SetEnvIf x-forwarded-proto https HTTPS=on\n\/VirtualHost\nBasic PHP-fpm pool\n[www.example.com]\nuser = USER\ngroup = GROUP\n\nlisten = \/var\/run\/php\/$pool.sock\n\nlisten.owner = www-data\nlisten.group = www-data\n\npm = ondemand\npm.processidletimeout = 10\npm.maxchildren = 1\n\nchdir = \/\n\nphpadminvalue[sendmailpath] = \/usr\/sbin\/sendmail -t -i -f no-reply@ftp.selea.se\nphpadminvalue[mail.log] = \/srv\/ftp.selea.se\/log\/mail.log\nphpadminvalue[openbasedir] = \/srv\/ftp.selea.se:\/tmp\nphpadminvalue[memorylimit] = 64M\nphpadminvalue[uploadmaxfilesize] = 64M\nphpadminvalue[postmaxsize] = 64M\nphpadminvalue[maxexecutiontime] = 180\nphpadminvalue[maxinputvars] = 1000\n\nphpadminvalue[disablefunctions] = passthru,exec,shellexec,system,procopen,popen,curlexec,curlmultiexec,parseinifile,showsource,mail\nNetplan - use device MAC instead of \/etc\/machine-id for DHCP\nnetwork:\n  ethernets:\n    eth0:\n      dhcp4: true\n      dhcp-identifier: mac\n  version: 2\nHPs apt repo for various utilities for proliant machines \ndeb http:\/\/downloads.linux.hpe.com\/SDR\/repo\/mcp buster\/current non-free\npsql stuff\nCREATE DATABASE yourdbname;\nCREATE USER youruser WITH ENCRYPTED PASSWORD 'yourpass';\nGRANT ALL PRIVILEGES ON DATABASE yourdbname TO youruser;\n\nGet entity for AD\/SMB based user so you can put it in getent passwd USERNAME\nNicely shutdown NetApp cluster\nsystem node autosupport invoke -node  -type all -message \"MAINT=48h Power Maintenance\"\nsystem node halt -node  -skip-lif-migration-before-shutdown true -ignore-quorum-warnings true -inhibit-takeover true\nAllow a process to listen on ports 0-1000 in systemd.service file\n[Service]\nAmbientCapabilities=CAPNETBINDSERVICE\n\n#linux #kubernetes #netplan #php-fpm #apache #LVM\n\n]]>","guid":"https:\/\/blogs.linux.pizza\/random-stuff-cheat-sheet","pubDate":"Fri, 30 Jun 2023 07:53:42 +0000"}}}