Develop Reference

Electron.js: main process throws "Error: Cannot find module in app.asar" in production build

Problem
I have a worker_threads worker that I'm invoking as shown below.
It works in dev but throws the following error in production build:
Error invoking remote method 'get-dir-items':
Error: Cannot find module
'C:\Users\user\AppData\Local\Programs\test-app\resources\app.asar\resources\workers\fsCoreWorker.js'
Code
main
electron.ipcMain.handle('get-dir-items', async (event, params) => {
return new Promise((resolve, reject) => {
const worker = new Worker('./src/workers/fsCoreWorker.js', {workerData: params})
worker.on('message', (params) => resolve(params))
worker.on('error', (error) => reject(error))
})
})
renderer
electron.ipcRenderer.invoke('get-dir-items', params)
.then((data) => resolve(data))
.catch((error) => reject(error))
It seems this declaration cannot resolve the path inside the app.asar
new Worker('./src/workers/fsCoreWorker.js', {workerData: params})
I tried extracting worker file to the resource directory, but it didn't help since it depends on other files and NPM modules that I cannot extract
electron-builder config
extraResources: ['src/workers/fsCoreWorker.js']
path in main
const worker = new Worker(
path.join(process.resourcesPath, '/src/workers/fsCoreWorker.js'),
{workerData: params}
)

I cannot initialize Logstash 7.16. Unsupported SSL

Logstash 7.16. OpenSearch output plugin. Tarball.
Run:
./bin/logstash --path.settings /opt/logstash/config --verbose
Error message:
...
[ERROR][logstash.javapipeline ][fallback] Pipeline error {:pipeline_id=>"fallback", :exception=>#<Manticore::UnknownException: Unsupported or unrecognized SSL message>,
...
Output configuration file:
output {
opensearch {
hosts => [ "<IP>" ]
user => "user"
password => "password"
index => "%{[#metadata][beat]}-%{[#metadata][version]}-%{+YYYY.MM.dd}"
ssl => true
ssl_certificate_verification => false
cacert => "/opt/logstash/config/tls/root-ca.crt"
keystore => "/opt/logstash/config/tls/logstash-elasticsearch-output-client.p12"
keystore_password => "<passwd>"
}
}
Thanks for your attention

Puppet not creating grafana

When trying to run this code in my puppet-server - it complains on the port TCP 3000.
Error: /Stage[main]/Main/Grafana_datasource[prometheus]: Could not evaluate: Failed to open TCP connection to localhost:3000 (Connection refused - connect(2) for "localhost" port 3000)
class { 'grafana':
cfg => {
app_mode => 'production',
},
database => {
type => 'mysql',
host => '127.0.0.1:3306',
name => 'grafana',
user => 'root',
type => '',
},
users => {
allow_sign_up => false,
},
}
grafana_datasource { 'Prometheus':
grafana_url => 'http://localhost:3000',
grafana_user => 'admin',
grafana_password => 'grafanapw',
type => 'prometheus',
url => 'http://prom-ip:9090',
access_mode => 'proxy',
is_default => true,
require => Class['grafana'],
}
If I try to add this code into the class { 'grafana':}
It stops complaining - but no datasource is created
class { 'grafana':
cfg => {
server => {
http_port => 8080,
}
},
database => {
...
},
}
Overall the main issue is that grafana won't be created with a working datasource & dashboard(not shown here)
https://i.stack.imgur.com/MOz01.png

Grafana bind defaults to 3000. To use port 8080 you need to either give the Grafana binary:
$ sudo setcap 'cap_net_bind_service=+ep' /usr/sbin/grafana-server

Puppet - How to purge a directory

A bit of a Puppet newbie here. I am trying to recursively purge all files and directories under /var/www except keep one file present (/var/www/html/appicon.ico). This is my code:
file {'/var/www':
ensure => directory,
recurse => true,
purge => true,
force => true,
require => Package['httpd'],
subscribe => Package['httpd']
} ->
file {'/var/www/html':
ensure => directory,
owner => 'root',
group => 'root',
mode => '0755'
} ->
file {'/var/www/html/appicon.ico':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => ''
}
The code does appear to purge all files and directories, except for other files under /var/www/html. Any thoughts what I am doing wrong here or how this can be done properly?

You would need to set purge on the html directory too, that is:
file {'/var/www':
ensure => directory,
recurse => true,
purge => true,
force => true,
require => Package['httpd'],
subscribe => Package['httpd'],
} ->
file {'/var/www/html':
ensure => directory,
recurse => true, # note here
purge => true, #
owner => 'root',
group => 'root',
mode => '0755'
} ->
file {'/var/www/html/appicon.ico':
ensure => file,
owner => 'root',
group => 'root',
mode => '0644',
content => ''
}
Explicitly including a file/directory in a Puppet manifest "protects" it from being purged by purge => true, recurse => true set on its parent directory.

LDAP Authentication for Apache using Puppet

I am currently setting up a reverse proxy in puppet so that I can authenticate using Active Directory.
I have the following in my puppet module.
class { 'apache::mod::ldap' :}
class { 'apache::mod::authnz_ldap' :}
apache::vhost { 'reverse-proxy':
port => '443',
docroot => '/var/www/html',
ssl => true,
ssl_cert => '/etc/httpd/ssl/cert.crt',
ssl_key => '/etc/httpd/ssl/cert.key',
require => [ File['/etc/httpd/ssl/cert.crt'], File['/etc/httpd/ssl/cert.key']],
rewrites => [
{
comment => 'Eliminate Trace and Track',
rewrite_cond => ['%{REQUEST_METHOD} ^(TRACE|TRACK)'],
rewrite_rule => [' .* - [F]'],
},
],
proxy_preserve_host => true,
proxy_pass => {
path => '/',
url => 'http://127.0.0.1:5601/',
},
directories => [
{
path => '/',
provider => 'location',
auth_name => 'Kibana Authentication',
auth_type => 'Basic',
auth_basic_provider => 'ldap',
auth_ldap_bind_dn => 'cn=serviceuser,ou=Users,dc=example,dc=com',
auth_ldap_bind_password => 'supersecretpassword',
auth_ldap_url => 'ldaps://ldap.example.com/dc=example,dc=com?CN?
sub?(objectClass=user)',
require => 'ldap-group
cn=application_users,ou=application_groups,ou=groups,dc=example,dc=com',
},
],
}
The problem I'm running into is that when I apply this configuration to my apache server auth_ldap_bind_dn, auth_ldap_bind_password, and auth_ldap_url are not being copied over. Puppet isn't throwing any errors and apache runs fine, but it isn't authenticating against LDAP.

old thread but for the benefit of anyone else with the same issue:
I've taken a look at the apache module's code in github and it doesn't appear to support the parameters you've mentioned (auth_ldap_bind_dn, auth_ldap_bind_password, and auth_ldap_url).
However, the directories resource allows you to include custom fragments, which you can use to inject any custom configuration outside of the apache module's scope into your config.
In your case, this should work:
class { 'apache::mod::ldap' :}
class { 'apache::mod::authnz_ldap' :}
apache::vhost { 'reverse-proxy':
port => '443',
docroot => '/var/www/html',
ssl => true,
ssl_cert => '/etc/httpd/ssl/cert.crt',
ssl_key => '/etc/httpd/ssl/cert.key',
require => [ File['/etc/httpd/ssl/cert.crt'], File['/etc/httpd/ssl/cert.key']],
rewrites => [
{
comment => 'Eliminate Trace and Track',
rewrite_cond => ['%{REQUEST_METHOD} ^(TRACE|TRACK)'],
rewrite_rule => [' .* - [F]'],
},
],
proxy_preserve_host => true,
proxy_pass => {
path => '/',
url => 'http://127.0.0.1:5601/',
},
directories => [
{
path => '/',
provider => 'location',
auth_name => 'Kibana Authentication',
auth_type => 'Basic',
auth_basic_provider => 'ldap',
custom_fragment => "AuthLDAPURL 'ldaps://ldap.example.com/dc=example,dc=com?CN?sub?(objectClass=user)'
AuthLDAPBindDN 'cn=serviceuser,ou=Users,dc=example,dc=com'
AuthLDAPBindPassword supersecretpassword",
require => 'ldap-group cn=application_users,ou=application_groups,ou=groups,dc=example,dc=com',
},
],
}