SSL!

Posted on October 17, 2014 by mbrancaleoni

Well, finally I managed to run WP behind a reverse SSL proxy (nginx).

Used nginx because on CentOS 6 has better support for latest and greatest TLS features, unless you use apache 2.4 (from SCL), which maybe a bit a problematic to setup if migration is involved.

This post was useful to fix my infinite loops redirection: http://codex.wordpress.org/Administration_Over_SSL

This is my wp-config.php snippet:

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
       $_SERVER['HTTPS']='on';

Be sure to insert it *before* this comment:

/* That's all, stop editing! Happy blogging. */

And relevant nginx.conf snippets (this is not a full config, just for example):

http {
 .....
 proxy_set_header X-Forwarded-Proto https;
 ....
 server {
  listen       80;
  server_name  www.brancaleoni.com brancaleoni.com;
  rewrite ^/(.*) https://$server_name/$1 permanent;
 }

 server {
  listen       443 ssl spdy;
  ssl_certificate /path/to/domain.crt;
  ssl_certificate_key /path/to/domain.key;
  server_name     www.brancaleoni.com brancaleoni.com;
  location / {
   proxy_pass        http://localhost:8080;
  }
 }
 ....
}

And yes, this blog is spdy enabled :)

Posted in Linux | Tagged , | Leave a comment

FreeSWITCH opensource G.729 using Belledonne Communications GPLv2 G.729 implementation

Posted on July 22, 2013 by mbrancaleoni

Very few people knows about bcg729, which is a gpl implementation for G.729 codec.
So wrote a small wrapper around it to use as codec under FreeSWITCH:

https://github.com/xadhoom/mod_bcg729

There’s also a similar project on github, done by adapting fsg729 and patching the whole FreeSWITCH.  I prefer a separate module, is more clean 😉

Posted in Linux | Tagged , , | 18 Comments

Fedora 18 and google talk plugin

Posted on March 9, 2013 by mbrancaleoni

after struggling with google talk plugin and chrome on fc18 (hint:  Warning(clientchannel.cc:562): Connection lost while waiting for authorization reason=0 in chrome logs ), eventually found out that the culprit was firewalld …

systemctl stop firewalld

fixed that :).

And to disable it completely also for next boots, just

systemctl disable firewalld

Obviously systemctl must be called as root.
Afterall I have a router with firewall on home network, I don’t need any firewall on my local workstations :)

Posted in Linux | Tagged , , , | Leave a comment

httpd-itk on Fedora EPEL

Posted on April 4, 2012 by mbrancaleoni

Seems that httpd-itk appeared on Fedora EPEL repository, but is built against httpd 2.2.22, which is not into CentOS 6 updates as time of writing.

Maybe when CentOS6 will be again in sync with el6, will be better to use a Fedora provided rpm instead of mine :)

Update 05/08/2012: mmh I’ve checked RH rpms and they still have http 2.2.15. Wondering why Epel offers httpd-itk based on different apache version… anyone tryed it to check if is working ok ?

Posted in Linux | Tagged , , | Leave a comment

New rpms for apache mpm-itk

Posted on February 20, 2012 by mbrancaleoni

Since upstream has released httpd-2.2.15-15.el6.1 (which includes some security patches), I’ve rebuilt httpd-itk on latest upstream sources.

As usual, rpms can be found here: http://www.brancaleoni.com/repos/centos/6

Posted in Linux | Tagged , , | Leave a comment

Apache and mpm-itk on CentOS 6

Posted on January 25, 2012 by mbrancaleoni

Published a brief guide on how to install and configure httpd with mpm-itk on CentOS 6.

The guide can be found here.

Posted in Linux | Tagged , , | Leave a comment

just another blog

Posted on January 24, 2012 by mbrancaleoni

ok, from time time I need a place to publish stuff online, better if “nice to see”.
So I started a blog, not for real blogging, but to archive stuff I have around.
Maybe sooner or later I’ll start blogging also. Who knows ?

For now, just poke around… :)

Posted in Uncategorized | Leave a comment