Category Archives: DevOps

Subversion (SVN) tricks

When you use Subversion as a source control management system it is useful to know some magic commands.

The next command cleans, updates, adds and shows status of local repository:

  svn cleanup \
    && echo "-UPDATE-" && svn up \
    && echo "-ADD-" && svn add * --force \
    && echo "-STATUS-" && svn st

After you can commit changes with:

  svn ci -m "your comment..."

More info on and

Remove kernel in CentOS

After unsuccessful upgrade of kernel you have to fix linux OS.
To delete invalid kernel in case of CentOS do next steps.

1. Show kernel list:

  rpm -q kernel

And you’ll see output:


2. Delete corrupted kernel:

  rpm -e kernel-3.10.0-327.22.2.el7.x86_64

3. Reboot.
So, you system downgraded!

Thanx to

Execute command from other user in Linux

Linux OS is fluent to run commands under different user if you are logged as root.
Here are two ways to do it:

1. Using “SUDO” command:

  sudo -u <username> "<commands>"

Example: sudo -u www-data php occ

2. Using “SU” command:

  su - <username> -c "<commands>"

Example: su – www-data -c ‘php /var/www/html/console.php files:scan –all’

Thanx to

OwnCloud connection to server error

The OwnCloud is great replacement of google, yandex, dropbox disks. It is really useful and convenient tool to manage your private data.

There are few ways to connect to you server:
- web dav directly from OS
- browser access
- iOS/Android mobile OS

If you OwnCloud service is behind the Nginx server with SSL protection, you can see the next error when access from mobile client:

it is not possible to connect to the server at this time

After spending few days in searching the solution on forum no one fix helped.

I paid attention in Admin panel on “Security & setup warnings” section:

The "Strict-Transport-Security" HTTP header 
is not configured to least "15768000" seconds. 
For enhanced security we recommend enabling HSTS 
as described in our security tips.

So, go ahead!

Just add the header to Nginx config (Strict-Transport-Security):

add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";

Restart Nginx and voila – mobile client will ask you to accept SSL certificate!

Xrdp configuration to connect existing session

The RDP protocol is very convenient to manage windows and linux servers. But if you use Xrdp as terminal server, you may notice new session always creates when connection established.

The CentOS (RedHat) rdp server implementation is more useful, because can connect to existing session by default. But Ubuntu (Debian) always creates new session if you configure it as “port=-1” setting in xrdp.ini file:


But if you set port to certain value, connection problem occurs.
To fix the problem I recommend to create two different xrdp configurations in xrdp.ini file:



So, for the first connection you have to use “new-session” configuration, and the next one will be used “existing-session” configuration by default.
Make sure, you are connecting to 5910 port (in my case).

Docker containers dependencies

As a rule, you have more then one docker containers. It can be one base container (parent) and many other (children).
To connect they in docker-compose you can use the next snippets:

1. Using “links” – in common case is the most popular method. Here are network ports and volumes from parent container shares to child one.

    - base

2. Using “volumes_from” – only volumes from parent container shares to child.

    - base

The second way is useful when you connect your docker contaner network is applied to host network. The “links” directive cannot be used (since docker-compose v1.9).

  net: "host"


Generating SSL certificate

To apply SSL connection in your server you have to use SSL certificate.
Here are the steps to create Self-Signed SSL certificate:

1. Install openssl.

yum install -y openssl

2. Create shell script

set -e


# Generate private key
openssl genrsa -out $prefix.key 2048

# Generate CSR
echo -e "[LOCALE]\n[COUNTRY]\n[CITY]\n[COMPANY]\nSSL\n$prefix\n[EMAIL]\n\n\n\n" \
	| (openssl req -new -key $prefix.key -out $prefix.csr)

# Generate Self Signed Key
openssl x509 -req -days 365 -in $prefix.csr -signkey $prefix.key -out $prefix.crt

# Copy the files to the correct locations
mv $prefix.crt /etc/ssl
mv $prefix.key /etc/ssl
mv $prefix.csr /etc/ssl

Replace [LOCALE], [COUNTRY], [CITY], [COMPANY], [EMAIL] with your values.

3. Run script example: