Marks Notes

========== 2022-04-16
INSTALLATION: always use https://www.raspberrypi.com/software/
“Install Raspberry Pi OS using Raspberry Pi Imager” – never just “click-drag” and image, that does NOT work
===========================

default ip 192.168.123.20 username/password: ubnt/ubnt

1) set new IP number under “Network”

2) under “Wireless”, select WDS (transparent bridge mode

3) scan (or manually enter SSID name)

4) select wpa2-AES for security

5) password

6) rename radio

raspberry pi computer:
user: pi
pass: raspberry ??me??57!

@reboot ( sleep 15 ; bash -vx /home/pi/iptablesSetup.bsh ) > /home/pi/iptablesSetup.bsh.log 2>&1

1. since the current modem does not allow for remote access, just grab pages for display (cheap shot)
   */5 * * * * sudo curl —insecure https://192.168.1.254/xslt?PAGE=A_0_0 | sed —expression=‘s|href=”/?css|href=“http://slrh.edwardsmark.com/css/c|; s||PASSWORD!|;’ > /var/www/html/modemStatusHome.html
   */5 * * * * sudo curl —insecure https://192.168.1.254/xslt?PAGE=C_0_0 | sed —expression=‘s|href=”/?css|href=“http://slrh.edwardsmark.com/css/c|;’ > /var/www/html/modemStatusSettingsSystemInfo.html

cat /home/pi/iptablesSetup.bsh;
#! /bin/bash
PI_IP=192.168.100.50;

sudo echo “1” > /proc/sys/net/ipv4/ip_forward ;

sudo iptables —flush ; ## there is probably a better way….

sudo iptables -I INPUT 1 -i eth0 -p tcp —dport 8080 -j ACCEPT ; ## for rasberry pi apache2 server…..

sudo echo “Setting ifconfig eth0 to ${PI_IP} !!!!!! “;
sudo ifconfig eth0 ${PI_IP} netmask 255.255.255.0 up ;

##### UNUSED BELOW:

sudo apt-get update ;
sudo apt-get install socat ;
sudo apt-get install firewalld;
sudo systemctl start firewalld ;
sudo systemctl stop firewalld ;
sudo systemctl enable firewalld ;
sudo systemctl status firewalld ;
sudo firewall-cmd —zone=public —add-port=80/tcp —permanent ;

sudo ifconfig eth0 192.168.1.5 netmask 255.255.255.0 up ;
sudo route add default gw 192.168.1.1 ;
sudo echo “nameserver 1.1.1.1” > /etc/resolv.conf ;
ping google.com ;

socat commands:
socat -V ;
socat TCP4-LISTEN:80,fork,reuseaddr TCP4:192.168.1.21:80 ;

1) create new project https://console.cloud.google.com/projects

2) https://console.developers.google.com/iam-admin/
- create IAM and add “cloud spanner admin “ (added all options under “cloud spanner)

3) be SURE billing is installed in project !

4) https://console.cloud.google.com/spanner/ – initialize spanner (dont skip this step)

https://console.developers.google.com/apis/api/spanner.googleapis.com/overview?project=marks-spanner-project-2&duration=P30D (???)

IF NOT USING GOOGLE-VPS:
https://cloud.google.com/sdk/docs/quickstart-redhat-centos
(use the yum option) gcloud init;

IF USING GOOGLE-VPS:
in terminal window:

sudo yum -y update; ## of course!

gcloud config set account marks-spanner-project-2; ## this is PROJECT-ID, not PROJECT-NAME!
gcloud config set project PROJECT_ID ;

gcloud config list ; gcloud auth list ; ### confirm everything.

1. BE SURE PROJECT NAME MATCHES – this had been a problem!

gcloud auth application-default login; ## will create a temporary “login-link”
gcloud auth login;

gcloud auth list; ## auth list

========================

gcloud spanner instances create test-instance-next \ —config=regional-us-central1 \ —description=“Test Instance” \ —nodes=1 ;
gcloud spanner instances delete test-instance-next ; ## deletes instance

gcloud spanner instances list ;

======================

https://cloud.google.com/spanner/docs/getting-started/nodejs/

git clone https://github.com/googleapis/nodejs-spanner.git ;
cd /nodejs-spanner/samples ;
npm install ;

cool command:
gcloud spanner databases execute-sql example-db \ —instance=test-instance \ —sql=‘SELECT SingerId, AlbumId, AlbumTitle FROM Albums’;

### LETS-ENCRYPT ON VIRTUALMIN (2-18-02-04)

1 – use virtualmin to turn website into a https site
2 – edit-virtual-server, enabled-features, check “Apache SSL website enabled?” ## no more certbot-auto! its the same as regular certbot:

dnf —assumeyes —enablerepo=epel-testing install certbot ;

####3 – ./certbot-auto, enter number of domains to be certified (stand ready to scroll since we have many names)
####4 – certbot-auto will “edit” httpd.conf file to point to the new names.
5 – manually start https: apachectl configtest ; systemctl restart httpd ; systemctl stop httpd ; systemctl start httpd ;

6) certbot-auto renew; renews all certbot certs

NOTE: answering the question “2: Redirect – Make all requests redirect to secure HTTPS access.” will put the new 443 ssl site into a separate file at “/etc/httpd/conf/httpd-le-ssl.conf” and add an “Include” at the bottom of “/etc/httpd/conf/httpd.conf”. it will also add the “RewriteCond/RewriteRule” directly into the httpd.conf file rather than put it into (dot)htaccess.

### INITIAL STUFF TO GET APACHE WORKING: (2018-01-24)

sudo yum —assumeyes update ; ## always a good idea!
sudo yum —assumeyes install httpd ; ## install apache
sudo systemctl start httpd.service; ## start running apache
sudo systemctl enable http.service ; ## (optional) start at boot

### ESTABLISHING A VIRTUAL HOST:

## we first have to create a virtual host: (wow godaddy has something useful, surprisingly….)
## https://www.godaddy.com/help/configure-apache-virtual-hosts-centos-7-17338

## ERROR!
https://unix.stackexchange.com/questions/229192/apache-wont-restart-after-configuring-virtual-hosts
QUOTE: I had a similar issue and it turns out that Apache didn’t like the ErrorLog and CustomLog lines ### in the VirtualHost container. I commented them out and service started without a problem.

1) commend out ErrorLog and CustomLog: /etc/httpd/sites-available/canyonverde.church.conf

2) add this line to every virtual host:
SSLProtocol all -SSLv2 -SSLv3

## OPTIONAL FIREWALL:
sudo firewall-cmd —zone=public —add-port=80/tcp —permanent; sudo firewall-cmd —reload ;
sudo firewall-cmd —zone=public —add-port443/tcp —permanent; sudo firewall-cmd —reload ;
sudo systemctl restart httpd.service ; ## is this really necessary?

### lets encrypt stuff

sudo yum -y install yum-utils ;
sudo yum-config-manager —enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional ;
sudo yum —assumeyes install certbot-apache ;

sudo certbot —version ;

optionally: https://certbot.eff.org/all-instructions/#web-hosting-service-none-of-the-above

sudo yum —assumeyes install wget;
sudo wget https://dl.eff.org/certbot-auto ;
sudo chmod a+x certbot-auto ; mv ./certbot-auto /usr/local/bin ; ## 2020-10-15

./certbot-auto —test-cert ; ## notice —test-cert option!

- feathers-sequelize (coming tutorial one) — https://github.com/feathersjs/feathers-sequelize

- sails-waterline — http://waterlinejs.org/ https://kev.inburke.com/kevin/dont-use-sails-or-waterline/

- vue-sequelize https://codeburst.io/building-a-feature-complete-bookmarking-app-with-vue-js-express-and-sequelize-orm-b36506ebcb4c

- adonisJS — https://adonisjs.com/docs/3.2/database-setup

— trailsJS – supports ORM’s https://trailsjs.io/start (see ‘choose ORM’ )

- deepstream-sequelize (i still am convinced i can get this working successfully)

sails vs trails:
https://medium.com/jsbot/trails-vs-sails-1-89e2be2bce73

negative sails/waterline article:
https://kev.inburke.com/kevin/dont-use-sails-or-waterline/

from wolfram:

class User{ constructor( recordName ) { this.record = ds.record.getRecord( recordName ); this.record.subscribe( this._processUpdate.bind( this ) ); }

_processUpdate( data ) { if( this.record.name === ‘…’) { // do stuff } } }