Category Archives: Muppet Labs

Afrikaans Spell Check for macOS and iOS

How to add Afrikaans spell checking and dictionaries to macOS 10.12…

I use Telegram Desktop a fair bit and it bugged me that Afrikaans spell checking was missing. Here is my current solution. I’m not sure it’s 100% tip-top, but it’s much better than it was.

Dictionary

Download these, unzip and copy into ~/Library/Dictionaries.

Open Dictionary.app, look in Preferences, enable the new dictionaries and move them into the order you want them.

Spell Check

Download en_af_ZA.zip, unzip, copy to ~/Library/Spelling. I found this on the translate.org.za site a few years back.

Settings > Keyboard > Text > Spelling drop down

Scroll down to “Set Up…” and enable Afrikaans.

Now set that drop down to Automatic by Language.

iOS

Just install SwiftKey app and enable Afrikaans.

Now, if only Telegram Desktop (Qt on macOS) would support spell checking. Until then, I’ll just have use the macOS Telegram app.

Install Debian on a Macbook Pro

How to install Debian 9 on an old-ish Macbook Pro.

In the future, everybody will run Debian – the universal operating system. Don’t resist. It’s way cooler than macOS. Install Wayland and Sway.

Re-install macOS. Partition the drive and give macOS about 40GB space. Keep the rest for Linux.

Get the Debian ISO: debian-mac-9.0.0-amd64-netinst.iso Note: you may want to download the one with non-free firmware. I just used the standard one.

Prep USB drive:

hdiutil convert debian.iso -format UDRW -o target.img
diskutil list
diskutil unmountDisk /dev/diskN
sudo dd if=target.img of=/dev/diskN bs=1m
diskutil eject /dev/diskN

Download rEFInd binary zip file. Unzip and run the refind-install script on the Macbook Pro. You should now have a nice boot menu.

With USB drive in the laptop, reboot and hold down the Alt key.

Follow the Debian install process, and make sure you select the Linux partition you created, in my case it was /dev/sda4.

Use the Ethernet port and connect to the internet. You may need to install the wifi firmware:

apt-get install firmware-b43-installer

Django Setup Notes – Ubuntu, Nginx, uWSGI

muppetlabslogo

Notes for getting Django running on Ubuntu 16.04… with Nginx, Supervisord, uWSGI in emperor mode and a bit of Postgres.

Start by setting up your Ubuntu environment.

Newish Python 3.6

add-apt-repository ppa:fkrull/deadsnakes
apt-get update
apt-get install python3.6
apt-get install python3.6-dev
apt-get install python-virtualenv

Postgres

apt-get install postgresql postgresql-contrib
su - postgres
createdb myapp
createuser -P

You may need to dump a database and import it again…

pg_dump -U myuser myapp > myapp.db
psql myapp < myapp.db

SSL Cert Setup

Grab a free SSL cert…

service nginx stop
apt-get install letsencrypt
letsencrypt certonly --standalone -d www.myapp.com -d myapp.com
service nginx start

Nginx

apt-get install nginx

This should give you a nice and secure HTTPS setup which also supports HTTP2…

/etc/nginx/sites-available/myapp.com


server {
server_name www.myapp.com;
listen 443 ssl http2;
charset utf-8;
client_max_body_size 75M;

ssl on;
ssl_certificate /etc/letsencrypt/live/www.myapp.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.myapp.com/privkey.pem;

ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers On;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';

ssl_session_cache shared:SSL:128m;

add_header Strict-Transport-Security "max-age=31557600; includeSubDomains";
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Xss-Protection "1";
add_header Content-Security-Policy "default-src 'self'; script-src 'self' *.google-analytics.com";
add_header Referrer-Policy origin-when-cross-origin;

ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;

access_log on;

location /static {
alias /var/www/www.myapp.com/api/static;
}

location / {
uwsgi_pass unix:///var/www/www.myapp.com/api.sock;
include /var/www/www.myapp.com/uwsgi_params;
}
}

/var/www/myapp/uwsgi_params


uwsgi_param QUERY_STRING $query_string;
uwsgi_param REQUEST_METHOD $request_method;
uwsgi_param CONTENT_TYPE $content_type;
uwsgi_param CONTENT_LENGTH $content_length;
uwsgi_param REQUEST_URI $request_uri;
uwsgi_param PATH_INFO $document_uri;
uwsgi_param DOCUMENT_ROOT $document_root;
uwsgi_param SERVER_PROTOCOL $server_protocol;
uwsgi_param REMOTE_ADDR $remote_addr;
uwsgi_param REMOTE_PORT $remote_port;
uwsgi_param SERVER_ADDR $server_addr;
uwsgi_param SERVER_PORT $server_port;
uwsgi_param SERVER_NAME $server_name;
uwsgi_param UWSGI_SCHEME $scheme;

Django Virtual Environment

cd /var/www
mkdir www.myapp.com
virtualenv -p /usr/bin/python3.6 env

cd /var/www/www.myapp.com
source env/bin/activate

git clone https://github.com/myco/myapp.git api

Note: my Django app name is “api” here.

pip install -r api/requirements.txt

pip install Django
pip install uwsgi

Install uWSGI System-wide

Using the latest Python, install uWSGI in /usr/local/bin…

Make sure you are not in a virtual environment or run “deactivate”.


python3.6 -m pip install --upgrade pip
python3.6 -m pip install uwsgi

Supervisord to Manage uWSGI in Emperor mode

apt-get install supervisor

/etc/supervisor/conf.d/uwsgi.conf


[program:uwsgi]
command=/usr/local/bin/uwsgi --emperor /etc/uwsgi/apps-enabled
autostart=true
autorestart=true
redirect_stderr=true
stopsignal=QUIT
stdout_logfile=/var/log/uwsgi.log

Setup /etc/uwsgi

cd /etc
mkdir uwsgi
cd uwsgi
mkdir apps-available
mkdir apps-enabled
cd apps-available

/etc/uwsgi/apps-available/myapp.ini

[uwsgi]
uwsgi-socket = /var/www/myapp/api.sock
pythonpath = /var/www/myapp/api
virtualenv = /var/www/myapp/env
processes = 2
reload-on-rss = 150
module = api.wsgi
uid = www-data
gid = www-data


cd /etc/uwsgi/apps-enabled
ln -s ../apps-available/myapp.ini
service supervisor restart

You can now also edit / touch your myapp.ini to make uwsgi restart the worker processes.

Done. Test your setup.

Go make some tea and start coding.

More Notes

Let me know if something above can be done better.

Tune your Postgres database. Then su – postgres and run “pg_conftool show all” to see that your setting are up to date.

Tune your SSL setup.

You probably want 2x uwsgi processes for every CPU in your server.

Ubuntu Server Tweaks 16.04

muppetlabslogo

Things you might want to tweak on your new Ubuntu 16.04 server – because you need a pretty prompt and a text editor.

I figured this is a good place to put some notes for next time I want to make a new server feel a bit more homely.

apt via IPv4

echo ‘Acquire::ForceIPv4 “true”;’ | sudo tee /etc/apt/apt.conf.d/99force-ipv4

update packages

apt-get update
apt-get dist-upgrade

Clone some packages from another box, maybe?

Old:
sudo apt-get install apt-clone
apt-clone clone foo

New:
sudo apt-get install apt-clone
sudo apt-clone restore foo.apt-clone.tar.gz

ssh

apt-get install openssh-server
ssh-keygen

Setup ssh keys.
Change the port your server runs on in /etc/ssh/sshd_config

mosh

apt-get install mosh

Add something like this in .zshrc (on your laptop):
alias mocms=”mosh -p 2345 –ssh=\”ssh -p 2345 \” joe@cms.my.server.co”

motd

apt-get install update-motd landscape-common update-notifier-common
ln -s /var/run/motd.dynamic /etc/motd

Auto Security Updates

apt-get install unattended-upgrades

/etc/apt/apt.conf.d/10periodic
APT::Periodic::Update-Package-Lists “1”;
APT::Periodic::Download-Upgradeable-Packages “1”;
APT::Periodic::AutocleanInterval “7”;
APT::Periodic::Unattended-Upgrade “1”;

/etc/apt/apt.conf.d/50unattended-upgrades
Unattended-Upgrade::Mail “your@email.address”;

sudo apt install apticron

/etc/apticron/apticron.conf
EMAIL=”your@email.address”

zsh

apt-get install zsh

install oh-my-zsh:
sh -c “$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)”

use this .zshrc if you like.

edit your .zshrc
plugins=(autojump brew pip git django python docker screen)

jed

apt-get install jed
/etc/jed.d/99defaults.sl
No_Backups = 1;

emacs

apt-get install emacs aspell

install prelude:
wget –no-check-certificate https://github.com/bbatsov/prelude/raw/master/utils/installer.sh -O – | sh

edit .emacs.d/prelude-modules.el

You may want to run emacs as a daemon for more than one user on your server.

Add (setq server-use-tcp t) to the top of init.el config files – so emacs starts as a tcp server.

/home/joe/.zshrc:
alias emacsinit=”emacs -u joe –daemon=joe”
alias e=”emacsclient –server-file=joe -t”

/root/.zshrc:
alias emacsinit=”emacs -u root –daemon=root”
alias e=”emacsclient –server-file=root -t”

Apache HTTP2

apt-get install software-properties-common
add-apt-repository ppa:ondrej/apache2
apt-get update
apt-get dist-upgrade
a2enmod http2
service apache2 restart

Add this to your vhosts:
Protocols h2 http/1.1