Install LetsEncrypt certificate

Today I installed LetsEncrypt certificate on one of the production server. I can not believe it is so simple to secure a website running on an Ubuntu server sudo apt-get install certbot python-certbot-nginx sudo certbot --nginx -d mydomain.com -d www.mydomain.com It even configures nginx (or apache) server for you. To manually renew run the following: certbot renew --quiet But you don’t have to, cause certbot is so awesome that it automatically adds an entry into crontab so that certbot runs twice daily.

Continue Reading »

Configure `rsyslog`

Today, I configured rsyslog on Ubuntu server to collect logs from remote application server. syslog using UDP seems straight forward, but I wanted to set up using TCP (TCP being more reliable and all) At first, it did not work because I needed to tell SysLogHandler that we are using TCP using SOCK_STREAM as optional param. (Default is UDP) So in a standalone test script, remote logging worked. Turns out because of how TCP works, the logs are not flushed to the remote server till the application server closes the socket connection.

Continue Reading »