Github behind a proxy

2009/04/10

Suppose you have an account to github and you want to use it even when you are behind a very restrictive proxy.
The problem arises “only” when you have to push new patches, given that you can clone/pull even using http out of the box.

Luckily the github guys give us the access to another server (ssh.github.com) which basically listen on the port 443 and forwards

The informations to set up your environment can be found here:

github over proxy

And here you find:
corkscrew

This for example is my configuration (on Macosx but on linux is the same):

SSH_CONFIG

Host gitproxy
  User git
  HostName ssh.github.com
  Port 443
  ProxyCommand corkscrew <proxy> <port> %h %p
  IdentityFile /Users/andrea/.ssh/github

Now in your git repository you can simply add the new remote

git remote add git@gitproxy:<repository>

Another nice way to bypass the proxy (thanks Christian) is to use the GIT_PROXY_COMMAND variable, in this way

export GIT_PROXY_COMMAND=/usr/local/bin/proxy-cmd.sh

#!/bin/bash
(echo "CONNECT $1:$2 HTTP/1.0"; echo; cat ) | socket proxy.unitn.it 3128 | (read a; read a; cat )

And now git for every push/pull will execute that script and bypass the proxy.

1 Comment | programming, sysadmin | Tagged: , , | Permalink
Posted by petitesnouvelles

Auto ssh over a set of machines

2009/03/19

I just found out that every pc in the lab have sshd running and waiting at port 22.
Now I immediately thought some nice and nasty things like:

  • running the same process everywhere
  • do some funny jokes to the users connected

    • etc etc

    Or simply get a shell with all the laboratory software you need automatically.

    If you also have on those machines a listening xorg then you could also use X11 programs over the ssh, which works like a charm. (ssh -Yc “hostname” “command” for example)

    The only two “problems” are:

  • the need to insert the password every time
  • the need to accept the fingerprint for each new pc

    • Let’s see how to solve them.

    First we generate a new key:

    ssh-keygen -t dsa -f $HOME/.ssh/unilab

    Then we upload the public key to one of the pc’s, as long as the home directory is mounted over the network (of course) it doesn’t matter which one.

     scp $HOME/.ssh/unilab.pub utente@host:.ssh/

    Last thing you need to add to the authorized keys your public key (on whatever lab pc you’re logged in).

     cat $HOME/.ssh/unilab.pub &gt;&gt; $HOME/.ssh/authorized_keys

    Now we can set a really nice configuration in our $HOME/.ssh/config.

    Here it is:

    Host a10?pc*
  User <youruser>
  IdentityFile <your private key>
  Port 22
  StrictHostKeyChecking no

    And that’s it, if for example you now do

     ssh a105pc08

    ssh will find the matching on the regular expression and use those settings, letting you login automatically.

    But we’re not over, how do we know where sshd is up and running?

    Read the rest of this entry »

    1 Comment | sysadmin | Tagged: , | Permalink
    Posted by petitesnouvelles

    Find that pc

    2009/01/27

    Assume that you are in a big network where the ip addresses are given via dhcp.
    Assume also that you want to be able to communicate with the same pc which can change the ip address every time it reboots.

    One easy and “legal” way to always find is using netbios, a protocol that makes a computer shout over the network it’s pairing Name -> IP address.

    For windows and macosx this works out of the box, for linux/bsd machines you can just set a minimal smb.conf like this.

    [global]
	workgroup = WORKGROUP
	server string = My Samba Server
	netbios name = koala

    It’s useful to have the correct pairing right in /etc/hosts for every kind of command line program that doesn’t speak netbios.
    So we’ll use nmblookup and sed for the task.
    Just substitute the netbios name that you need here:

    export koala=$(nmblookup koala | sed -n 2p | cut -d ' ' -f 1)
# Now I can substitute the right ip in /etc/hosts
sed "/koala/ s/.*/$koala\tkoala" < /etc/hosts > /tmp/hosts
sudo mv /etc/hosts /etc/hosts.bak
sudo mv /tmp/hosts /etc/hosts

    Maybe you also want to modify sudoers to use it without inserting a password each time.

    Leave a Comment » | sysadmin | Tagged: , , | Permalink
    Posted by petitesnouvelles

    Automating the interaction

    2009/01/22

    A pretty nice feature of shell scripting is “<<" operator.
    It allows basically to launch interactive commands within a bash script.

    For example I wanted to add a small but very useful function to textmate, I want to be able to know all the possible informations about a whatever function or data type.

    The default info function in the haskell bundle unfortunately is only able to retrieve informations about prelude functions or functions used with the full path.
    (eg Data.List.lookup and not simply lookup ).

    Using ghci I should load the file (which automatically loads also the needed libraries) and type :info.
    This is really easily done using “<<".

    I added a command “info about” with the following code in my haskell bundle and now if the file is correct (it compiles) you are sure that you’ll get the informations about the function you’re looking for.

    GHCI << EOF
:load $TM_FILEPATH
:info ${TM_SELECTED_TEXT:-$TM_CURRENT_WORD}
EOF

    I also think that there should be a better way to communicate with ghci (and using System.Enviroment to get the arguments) but I didn’t find any, this solution even if not really elegant works pretty well.

    This “approach” can be used also with many interpreters, sometimes I find it really useful.

    Leave a Comment » | sysadmin | Tagged: , , , , | Permalink
    Posted by petitesnouvelles

    Life behing a proxy

    2009/01/19

    Staying behind a proxy can be very annoying, with macosx it’s nice and easy to set a global proxy.
    Unfortunately command line programs don’t care about those settings, so we have to manually set them every time.

    With the script you’ll find below we set globally the proxy for ftp, http, rsync and subversion:

    Read the rest of this entry »

    Leave a Comment » | sysadmin | Tagged: , , , , , , , | Permalink
    Posted by petitesnouvelles

    Downloading the whole rfc database

    2008/12/04

    This is my first post and I created it with textmate , which has a wonderful bundle to blog directly inside it.
    I created a little function which allows you to download the whole database of the request for comments:

    function update_rfc() {
	RFC_DIR="$HOME/howto_guide/rfc/"
	INDEX_FILE="1rfc_index.txt"
	INDEX="http://www.ietf.org/iesg/$INDEX_FILE"
	SITE="http://www.ietf.org/rfc"
	[ -d "$RFC_DIR" ] ||  mkdir "$RFC_DIR" || return
	cd "$RFC_DIR"
	[ -f $INDEX_FILE ] || wget $INDEX || (echo "error can't get the index" 1>&2 && exit 2)

	grep -E '^[0-9]{4}' $INDEX_FILE | awk -F ' ' '{print $1}' | while read NUM
	do
		FNAME="rfc$NUM.txt"
		[ -f $FNAME ] && continue
		# otherwise just try download it
		echo "downloading rfc number $FNAME"
		wget "$SITE/$FNAME" > /dev/null || echo "rfc $NUM not downloaded" 1>&2
	done	
}

    Just set where you want to download them in the variable “RFC_DIR”, put the function somewher (“.bashrc, .bash_profile” or whatever) and call it from the shell.
    You need to have wget installed, the other commands should be present on every *nix machine.

    Pay attention because it’s pretty big:

    du -sh $HOME/howto_guide/rfc
266M	/Users/andrea/howto_guide/rfc

    Leave a Comment » | sysadmin | Tagged: , , , | Permalink
    Posted by petitesnouvelles

    Follow

    Get every new post delivered to your Inbox.