How we can Varnish support using Lando for drupal8 recipe - lando

How we can Varnish support using Lando, I am using default .lando.yml file
name: d8
recipe: drupal8
config:
php: '7.2'
webroot: web

You can add any other support provided by lando using service:
name: d8
recipe: drupal 8
config:
php: 7.2
webroot: web
services:
varnishcache:
type: varnish:4.1
backends:
- appserver
backend_port: 80
ssl: false
config:
vcl: config/custom.vcl

Related

Wiki.js can't go through corporate proxy

I'm new to Ubuntu, but I've got a job to install Wiki.JS with docker. It works, the server is running, but for some reason it cannot reach GraphQL API.
I've ran into the following problem:
Server:
2020-06-14T11:43:53.980Z [MASTER] error: Fetching latest updates from Graph endpoint: [ FAILED ]
2020-06-14T11:43:53.980Z [MASTER] error: request to https://graph.requarks.io failed, reason: connect ETIMEDOUT 104.26.14.122:443
2020-06-14T11:43:56.028Z [MASTER] error: Syncing locales with Graph endpoint: [ FAILED ]
2020-06-14T11:43:56.028Z [MASTER] error: request to https://graph.requarks.io failed, reason: connect ETIMEDOUT 104.26.15.122:443
Client:
Error: GraphQL error: Invalid locale or namespace
Stack trace:
n#http://server.mydomain.test/_assets/js/app.js?1591384357:2:125092
["./node_modules/apollo-client/bundle.umd.js"]/i/k</e.prototype.queryListenerForObserver/<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:146832
["./node_modules/apollo-client/bundle.umd.js"]/i/k</e.prototype.broadcastQueries/</<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:153007
["./node_modules/apollo-client/bundle.umd.js"]/i/k</e.prototype.broadcastQueries/<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:152971
["./node_modules/apollo-client/bundle.umd.js"]/i/k</e.prototype.broadcastQueries#http://server.mydomain.test/_assets/js/app.js?1591384357:2:152920
["./node_modules/apollo-client/bundle.umd.js"]/i/k</e.prototype.fetchRequest/</b<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:154884
["./node_modules/zen-observable/lib/Observable.js"]/j</<.value/</<.next#http://server.mydomain.test/_assets/js/app.js?1591384357:333:17099
b#http://server.mydomain.test/_assets/js/app.js?1591384357:333:14921
y#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15429
["./node_modules/zen-observable/lib/Observable.js"]/w</<.value#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15982
w/</n<.next/<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:140468
w/</n<.next#http://server.mydomain.test/_assets/js/app.js?1591384357:2:140430
b#http://server.mydomain.test/_assets/js/app.js?1591384357:333:14921
y#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15429
["./node_modules/zen-observable/lib/Observable.js"]/w</<.value#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15982
o/</</r<.next#http://server.mydomain.test/_assets/js/app.js?1591384357:2:169810
b#http://server.mydomain.test/_assets/js/app.js?1591384357:333:14921
y#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15429
["./node_modules/zen-observable/lib/Observable.js"]/w</<.value#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15982
["./node_modules/apollo-link-batch/lib/batching.js"]/o</e.prototype.consumeQueue/<.next/</<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:168733
["./node_modules/apollo-link-batch/lib/batching.js"]/o</e.prototype.consumeQueue/<.next/<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:168700
["./node_modules/apollo-link-batch/lib/batching.js"]/o</e.prototype.consumeQueue/<.next#http://server.mydomain.test/_assets/js/app.js?1591384357:2:168669
b#http://server.mydomain.test/_assets/js/app.js?1591384357:333:14921
y#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15429
["./node_modules/zen-observable/lib/Observable.js"]/w</<.value#http://server.mydomain.test/_assets/js/app.js?1591384357:333:15982
t/n.batcher<.batchHandler/</<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:165472
["./node_modules/core-js/modules/es.promise.js"]/J/<#http://server.mydomain.test/_assets/js/app.js?1591384357:2:450433
["./node_modules/core-js/internals/microtask.js"]/i#http://server.mydomain.test/_assets/js/app.js?1591384357:2:412213
Keep in mind, I've tested it before on Windows and my collegue on Linux. Both worked as long as the virtual machine didn't have proxy..
I tried to setup the proxy for the machine and set the environment variables but it still doesn't seem to work.
How can I fix this?
To explain the sideloaing solution with Docker offered by #GanjalfTheGreen, first you need to clone the Wiki.js localization repository (or download selected localizations from that repository; just make sure you have the locales.json and en.json alongside your selected items). Then you need to bind the folder containing the localization files to the /wiki/data/sideload directory inside the container.
Also you need to set the offline parameter in config.yml file to let the wiki.js know that it should use the sideloaded localization files. To do this, you neeed to create a config.yml file in the host machine and bind it to the container config file.
Here is an example:
docker-compose.json
version: "3"
services:
db:
image: postgres:11-alpine
environment:
POSTGRES_DB: wiki
POSTGRES_PASSWORD: wikijsrocks
POSTGRES_USER: wikijs
logging:
driver: "none"
restart: unless-stopped
volumes:
- db-data:/var/lib/postgresql/data
wiki:
image: requarks/wiki:2
depends_on:
- db
environment:
DB_TYPE: postgres
DB_HOST: db
DB_PORT: 5432
DB_USER: wikijs
DB_PASS: wikijsrocks
DB_NAME: wiki
OFFLINE_ACTIVE: 1
restart: unless-stopped
ports:
- "80:3000"
volumes:
- ./sideload:/wiki/data/sideload
- ./config.yml:/wiki/config.yml
volumes:
db-data:
config.yml
port: 3000
bindIP: 0.0.0.0
db:
type: $(DB_TYPE)
host: '$(DB_HOST)'
port: $(DB_PORT)
user: '$(DB_USER)'
pass: '$(DB_PASS)'
db: $(DB_NAME)
storage: $(DB_FILEPATH)
ssl: $(DB_SSL)
ssl:
enabled: $(SSL_ACTIVE)
port: 3443
provider: letsencrypt
domain: $(LETSENCRYPT_DOMAIN)
subscriberEmail: $(LETSENCRYPT_EMAIL)
logLevel: info
ha: $(HA_ACTIVE)
offline: $(OFFLINE_ACTIVE)
The reason you won't be able to get Wiki.JS working behind a corporate firewall is that this functionality is not implemented.
Based on this GitHub issue you can vote for this feature here.
There is a workaround mentioned in the issue (1.), but you can also sideload the missing files (2.).
1. Workaround
I figured out a work around for this:
use https://github.com/rofl0r/proxychains-ng with LD_PRELOAD. In my case, I am using docker-compose.
You have to:
incorporate the compiled proxychains4.so in to /lib/ and set the
environment variable
create your own proxychains.conf
Here is an example:
Dockerfile
FROM requarks/wiki:2
USER root
ADD ./libproxychains4.so /lib/
RUN echo -e 'localnet 192.168.0.0/255.255.0.0\n\
[ProxyList]\n\
http <YOUR PROXY> <PROXY PORT>\n'\
> /etc/proxychains.conf
USER node
docker-compose.yaml
version: "3"
services:
db:
image: postgres:11-alpine
environment:
POSTGRES_DB: wiki
POSTGRES_PASSWORD: wikijsrocks
POSTGRES_USER: wikijs
restart: unless-stopped
volumes:
- /data/wikijs/postgresql/data:/var/lib/postgresql/data
wiki:
image: wikijs-proxychains:1
depends_on:
- db
environment:
DB_TYPE: postgres
DB_HOST: db
DB_PORT: 5432
DB_USER: wikijs
DB_PASS: wikijsrocks
DB_NAME: wiki
LD_PRELOAD: /lib/libproxychains4.so
restart: unless-stopped
ports:
- "80:3000"
2. Sideload
If your wiki is installed in an environment which is isolated from the internet, you can sideload data that would normally be downloaded from the internet.
This is achieved by manually downloading a set of files and placing them in a specific directory in your wiki installation. These files will be imported during initialization.
Getting Started Create a new folder at path data/sideload inside your Wiki.js installation folder. For example, if your wiki is installed at path /home/wiki, you'd need to create a folder at path /home/wiki/data/sideload
Locales In order to install locale packages, you need the master locale file + at least one locale package file.
The files can be downloaded from https://github.com/Requarks/wiki-localization. These files are made up to date every night.
1 - Master File
The master file locales.json contains information about all available languages and is REQUIRED to install any locale.
Place this file inside the sideload folder created previously.
2 - Locale Packages
The locale package file xx.json or xx-zz.json contains all the translations for the language(s) of your choice. You can sideload any number of locales at the same time.
The English package en.json is REQUIRED, as this is the default language during installation. You can change the language afterwards.
Place the file(s) inside the sideload folder created previously alongside the master file. You should now have locales.json, en.json and any additional languages in your folder.
3 - Sideload
Run Wiki.js (or restart the process if already running) to automatically sideload the files localed in the data/sideload folder.
Because of a bug in versions prior to 2.5, the locale files are loaded in incorrect order, causing the clients to be unable to fetch the translations.
As a workaround, once Wiki.js is fully started, restart the server again. The locale data (which is now in the database) will be loaded correctly. I've came around the same issue and will use BlueSpice MediaWiki as long as this feature has not been implemented, since Wiki.JS has "import from MediaWiki" on its roadmap.

Strapi on Azure does not run

I am using the lastest version of strapi (v3.x)with Node v10.15.2. I am trying to deploy to Azure Web App using this server.js configuration.
module.exports = ({ env }) => ({
host: env('HOST', 'localhost'),
port: env.int('PORT', 1337),
url: 'https://clinicaback.azurewebsites.net',
cron: {
enabled: false
},
admin: {
url: "/dashboard",
autoOpen: false,
build: {
backend: "https://clinicaback.azurewebsites.net"
}
}
});
It build successful and seems like is running with the development configuration. Here is the output from Azure's kudu service
but when I enter to the website, it does not load. and I ran Diagnose and solve problems from Azure and it's showing this...
The webapp only supports port 80 and port 443. It is recommended to modify the relevant port settings in your code.
It is recommended to release the code after build, add npx serve -s as Startup Command for your App Service> General settings.

Issue when running application in devspaces under AKS cluster

I created an AKS cluster with http enabled.Also I have my project with dev spaces enabled to use the cluster.While runing azds up the app is creating all necessary deployment files (helm.yaml,charts.yaml,values.yaml).However I want to access my app using a public endpoint with dev space url but when I do azds list-uris it is only giving localhost url and not the url with dev space enabled.
Can anyone please help?
My azds.yaml looks like below
kind: helm-release
apiVersion: 1.1
build:
context: .
dockerfile: Dockerfile
install:
chart: charts/webfrontend
values:
- values.dev.yaml?
- secrets.dev.yaml?
set:
# Optionally, specify an array of imagePullSecrets. These secrets must be manually created in the namespace.
# This will override the imagePullSecrets array in values.yaml file.
# If the dockerfile specifies any private registry, the imagePullSecret for that registry must be added here.
# ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
#
# For example, the following uses credentials from secret "myRegistryKeySecretName".
#
# imagePullSecrets:
# - name: myRegistryKeySecretName
replicaCount: 1
image:
repository: webfrontend
tag: $(tag)
pullPolicy: Never
ingress:
annotations:
kubernetes.io/ingress.class: traefik-azds
hosts:
# This expands to form the service's public URL: [space.s.][rootSpace.]webfrontend.<random suffix>.<region>.azds.io
# Customize the public URL by changing the 'webfrontend' text between the $(rootSpacePrefix) and $(hostSuffix) tokens
# For more information see https://aka.ms/devspaces/routing
- $(spacePrefix)$(rootSpacePrefix)webfrontend$(hostSuffix)
configurations:
develop:
build:
dockerfile: Dockerfile.develop
useGitIgnore: true
args:
BUILD_CONFIGURATION: ${BUILD_CONFIGURATION:-Debug}
container:
sync:
- "**/Pages/**"
- "**/Views/**"
- "**/wwwroot/**"
- "!**/*.{sln,csproj}"
command: [dotnet, run, --no-restore, --no-build, --no-launch-profile, -c, "${BUILD_CONFIGURATION:-Debug}"]
iterate:
processesToKill: [dotnet, vsdbg, webfrontend]
buildCommands:
- [dotnet, build, --no-restore, -c, "${BUILD_CONFIGURATION:-Debug}"]
I followed below guide
https://microsoft.github.io/AzureTipsAndTricks/blog/tip228.html
AZDS up is giving end point to my localhost
Service 'webfrontend' port 80 (http) is available via port forwarding at http://localhost:50597
Has your azds.yaml file ingress definition to the public 'webfrontend' domain?
Here is an example azds.yaml file created using .NET Core sample application:
kind: helm-release
apiVersion: 1.1
build:
context: .
dockerfile: Dockerfile
install:
chart: charts/webfrontend
values:
- values.dev.yaml?
- secrets.dev.yaml?
set:
replicaCount: 1
image:
repository: webfrontend
tag: $(tag)
pullPolicy: Never
ingress:
annotations:
kubernetes.io/ingress.class: traefik-azds
hosts:
# This expands to [space.s.][rootSpace.]webfrontend.<random suffix>.<region>.azds.io
# Customize the public URL by changing the 'webfrontend' text between the $(rootSpacePrefix) and $(hostSuffix) tokens
# For more information see https://aka.ms/devspaces/routing
- $(spacePrefix)$(rootSpacePrefix)webfrontend$(hostSuffix)
configurations:
develop:
build:
dockerfile: Dockerfile.develop
useGitIgnore: true
args:
BUILD_CONFIGURATION: ${BUILD_CONFIGURATION:-Debug}
container:
sync:
- "**/Pages/**"
- "**/Views/**"
- "**/wwwroot/**"
- "!**/*.{sln,csproj}"
command: [dotnet, run, --no-restore, --no-build, --no-launch-profile, -c, "${BUILD_CONFIGURATION:-Debug}"]
iterate:
processesToKill: [dotnet, vsdbg]
buildCommands:
- [dotnet, build, --no-restore, -c, "${BUILD_CONFIGURATION:-Debug}"]
More about it: https://learn.microsoft.com/pl-pl/azure/dev-spaces/how-dev-spaces-works-prep
How many service logs do you see in 'azds up' log, are you watching something similar to:
Service 'webfrontend' port 'http' is available at `http://webfrontend.XXX
Did you follow this guide?
https://learn.microsoft.com/pl-pl/azure/dev-spaces/troubleshooting#dns-name-resolution-fails-for-a-public-url-associated-with-a-dev-spaces-service
Do you have the latest version of the azds?

dotnet restore fails on a bitbucket pipeline configured with proxy

I'm going to route all the traffic from running pipeline throught my remote host. Unfotunately, when a process run into dotnet restore it fails. I have thoughts about proxy issues but all stuff worked as well before a moment. Direct me, please, into right direction.
Here the environment
bibucket-pipeline.yml file:
image: microsoft/dotnet:2.1-sdk
pipelines:
default:
- step:
caches:
- dotnetcore
script:
- curl https://api.ipify.org
- ssh -fN -C -4 -D 41337 user#remotehost
- export http_proxy='socks5://localhost:41337'
- export https_proxy='socks5://localhost:41337'
- curl https://api.ipify.org
- dotnet restore
- dotnet build
- dotnet test
dotnet --info:
.NET Core SDK (reflecting any global.json):
Version: 2.1.302
Commit: 9048955601
Runtime Environment:
OS Name: debian
OS Version: 9
OS Platform: Linux
RID: debian.9-x64
Base Path: /usr/share/dotnet/sdk/2.1.302/
Host (useful for support):
Version: 2.1.2
Commit: 811c3ce6c0
.NET Core SDKs installed:
2.1.302 [/usr/share/dotnet/sdk]
.NET Core runtimes installed:
Microsoft.AspNetCore.All 2.1.2 [/usr/share/dotnet/shared/Microsoft.AspNetCore.All]
Microsoft.AspNetCore.App 2.1.2 [/usr/share/dotnet/shared/Microsoft.AspNetCore.App]
Microsoft.NETCore.App 2.1.2 [/usr/share/dotnet/shared/Microsoft.NETCore.App]
Errors:
/usr/share/dotnet/sdk/2.1.302/NuGet.targets(114,5): error : Unable to
load the service index for source https://api.nuget.org/v3/index.json.
[/opt/atlassian/pipelines/agent/build/PCT.sln]
/usr/share/dotnet/sdk/2.1.302/NuGet.targets(114,5): error : Only the
'http' scheme is allowed for proxies.
[/opt/atlassian/pipelines/agent/build/PCT.sln]
By now (Dec 18), dotnet restore still does not support socks5 proxy. Use HTTP proxy instead.
I use privoxy to convert socks5 proxy traffic to http proxy.

How to allow only https traffic using a nodejs app on GAE flex vm?

I have the following configuration in app.yaml
runtime: nodejs
env: flex
handlers:
- url: /.*
script: app.js
secure: always
But still I am able to access both http and https. I would like to disable all communication to http. Am I missing any configuration?

Resources