Monday, March 16, 2020

Running phpinfo to test Kubernetes ingress and Let's Encrypt certificate

For new cluster, I usually deploy a simple phpinfo app to test that the happy-path works as expected. The PHP service and deployment is pretty simple:


The Docker image is basically a php:apache image with a single index.php file.

Next, setup the ingress and issuer (I'm using ingress-nginx and cert-manager FYI):


And voila.

Friday, February 28, 2020

Amazon SES notes

Amazon IAM policy to restrict sending email from a single address

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "ses:SendRawEmail",
      "Resource": "*",
      "Condition": {
        "StringLike": {
          "ses:FromAddress": "username@domain.com"
        }
      }
    }
  ]
}

Replace `username@domain.com` with `*@domain.com` to allow sending from any addresses.

Generate SMTP password from the secret access key

Official document is available at docs.aws.amazon.com. Usage is like this:

./ses.py --secret DmxxxOY --region us-west-2


Test SMTP credentials

I use the swaks script (source: wiert.me):

brew install swaks

swaks -tls --to xxx@gmail.com \
  --from username@domain.com \
  --server email-smtp.us-west-2.amazonaws.com \
  --auth-user AKxxxOP


If everything is setup correctly, you should receive the test email in your inbox.


Saturday, January 4, 2020

Configure XenForo 2 to use FTP adapter for external and internal data storage

XenForo 1 needs an add-on to use remote storage for data (useful in container environments) but XenForo 2 supports FTP out of the box. Just put something like these in config.php:

$config['fsAdapters']['data'] = function () {
    return new \League\Flysystem\Adapter\Ftp([
        'host' => 'ftp.domain.com',
        'password' => 'password',
        'username' => 'data',
    ]);
};
$config['externalDataUrl'] = function ($externalPath, $canonical) {
    return 'https://data.domain.com/' . $externalPath;
};

$config['fsAdapters']['internal-data'] = function () {
    return new \League\Flysystem\Adapter\Ftp([
        'host' => 'ftp.domain.com',
        'password' => 'password',
        'username' => 'internal_data',
    ]);
};