Linux PHP Webmuckel-Kram

LDAPS nach PHP update von 5 auf 7

Auf einem alten Host lief noch ein PHP 5.x das ich nun endlich auf die zur Zeit aktuelle Version 7.4 updaten durfte.

Teil der dort laufenden Software ist eine LDAP(S)-Verbindung zu einem ActiveDirectory-Server.

Diese SSL verschlüsselte Verbindung (LDAPS) lief nach dem Update nicht mehr und lieferte nur einen „bind“-Fehler.

PHP Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server

Um das zu beheben muss man dem LDAP-Client explizit erlauben selbst signierte SSL-Zertifikate zu akzeptieren. Dazu in der Datei /etc/openldap/ldap.conf (z.b. bei CentOS 7) einen Eintrag hinzufügen


Danach noch den http-Server ggf. neu starten. (systemctl restart httpd)

JavaScript (nodejs ...) Webmuckel-Kram

HowTo: NPM hinter einem Proxy verwenden

Der Node Package Manager (NPM) ist ein unverzichtbares Werkzeug bei der Entwicklung mit nodejs. 

Damit dieser auch hinter einem Proxy funktioniert ist dieser entsprechend zu konfigurieren. Freundlicherweise weiß uns npm beim Versuch ein Modul zu installieren bereits darauf hin.

Da NPM (zumindest unter Windows) nicht die systemweite Umgebungsvariable benutzt, muss der Proxy manuell eingetragen werden. Die geschieht am einfachsten mit den Kommandos

$ npm config set proxy http://proxy.domain.tld:port
$ npm config set https-proxy http://proxy.domain.tld:port

Für „proxy.domain“ wird natürlich die URL/IP Deines Proxy eingesetzt. Der Port ebenso. Zu beachten, dass bei dem https-Proxy dies mit Bindestrich geschrieben werden muss und nicht wie sonst üblich mit Unterstrich.

Die Einstellungen werden anschließend in der Datei .npmrc (c:\Users\<benutzer>) gespeichert.

Auch ein Proxy der Authentifizierung erfordert kann verwendet werden. Dafür muss Username sowie Passwort mit übergeben werden

$ npm config set proxy http://user:pass@proxy.domain.tld:port

Sollte der Username oder das Passwort ein @-Zeichen beinhalten, so ist die User/Pass-Kombination noch zusätzlich in Anführungszeichen zu setzen

$ npm config set proxy http://“user:p@asswort“@proxy.domain.tld:port

Für den Fall, dass sich der User in einem AD befindet muss zusätzlich die entsprechende Domain mit angegeben werden

$ npm config set proxy http://domain\\username:pass@proxy.domain.tld:port

Unter Umständen ist es nötig die verwendete Registry (https://registry.npmjs.org) von https auf http umzustellen. Dazu wird in der .npmrc-Datei die folgende Zeile hinzugefügt

$ npm config set registry http://registry.npmjs.org

Oftmals kommt, besonders in Unternehmen, ein automatisches Proxy-Script (*.pac-Datei) zum Einsatz. Diese kann leider nicht verwendet werden. Um den darin festgelegten Proxy-Server ausfindig zu machen die URL zum PAC-File per „wget“ oder im Browser aufrufen. Es handelt sich um ein lesbares Textfile. 


  • die gemachten Settings finden sich in der Datei .nmprc und können auch dort direkt mit einem Editor bearbeitet werden
  • Auch User/Pass sind dort im Klartext zu lesen, also Zugriff auf die Datei entsprechend beschränken!

kreuz & quer TYPO3 Webmuckel-Kram

How the TYPO3-Forum was built

After 2 years it’s finally online as a public beta – the official TYPO3-Forum. It has been a long way to come to this state …

It was 2010 and I was attending the T3CON in Frankfurt. While listening to the talk „Getting involved with TYPO3“ (Video) by Berit Jensen and Ben van ‚t Ende I decided to support the community. As I’m an IT-Administrator I contacted Michael Stucki shortly after the T3CON10 and offered my help to the serverteam. He was on vacation and forwarded my mail to Sebastian. Some mails and skype calls later the goal was set. Let’s make a classic web-based forum for those who don’t want (or can’t) use the newsgroups or mailinglists. 

How to start such a project? As it doesn’t make sense to develop a new forum we compared the available software. Soon, the decision was made to use FUDForum as it has a gateway to NNTP (Newsgroup) already built in. This feature is essential in order to not have different support channels for the community. I installed it on my own server in order to test if everything works as promised. It did. 

Ingmar Schlecht took over on the side of the server team and set up an a vhost where I could install the forum and play around. Some stuff needed to be adjusted on the punkt.de-Server. Mainly PHP Modules, userrights, database and setting up cron. All went smooth so the first version with the first manually synced newsgroup was online. Time to think about what features should be available and what is possible … and what not. 

  • Synchronisation with Newsgroups (NNTP)
  • Synchronisation with Mailinglists 
  • Single-Sign-On (SSO)
  • Better design

TYPO3-Forum (JH Design)
TYPO3-Forum (JH Design)

Jens Hoffmann from d.k.d provided a first design which I implemented, Christine Gerpheide joined the team and created an SSO adapter, which handels the login through typo3.org. A project on forge was created to coordinate the team’s work.

In January 2011 the relaunch of typo3.org was pushed forward and it was decided to overwork the design provided by Jens and make the forum „look the same“ as the upcoming typo3.org. I saw some first screens of this new layout and started to think about the best way to implement this as best as possible. As I’m not a very good frontend designer (or whatever you call such a person) Ingmar posted a news asking for help.  In the meanwhile the guys from AOE Media started to code for typo3.org and Kian Gould provided the sources to us. Some volunteers offered to help but unfortunately nothing more than this happend.

After receiving the typo3.org template I started over again to implement the design into a FUDForum template. In the beginning the template system used by FUDForum is quite difficult to understand. A lot of includes, templates, php files, sub templates, data templates and so on. I worked through them and bit by bit the new design grew. A lot of small things took more time than planned in order to make it as perfect as I wanted. Some bugs appeared (like no working tree-view), which was quite hard to nail down. In the end the server configuration needed to be adjusted. 

In the middle of 2011 I had a lot of projects at work and nearly no time (and motivation) to work on the forum.

Joern Bock from AOE joined the team and introdruced Denis Zastanceanu to me. Together we worked through all screen designs of the forum and Denis provided layouts in the following days. This was a big step forward! The overall layout was already implemented back then, but the details were quite ugly.

The first T3O sprint at the AOE office was announced for September 2011. As its location (Wiesbaden) is just around the corner from my home, I decided to show up there and discuss some points with Ben van ‚t Ende and Joern Bock … and, of course, work a bit on the forum. In the following weeks I wrote some nice shell scripts to import the newsgroups messages every minute and every newsgroup was mirrored to the forum. The design of the forum did make some progress as well.

Steffen Gebert joined the team and gave me some new motivation. He never is tired to ask about the current status and thus motivates me to pick up the work (thank you Steffen!). He took over the work from Ingmar and set up a virtual server on the meanwhile established server infrastructure. This was a big speed boost for the forum. Backups and other things took seconds instead of minutes. 

Already more than a year has past and the forum was running technical very stable, but with lots of design glitches. With the beginning of 2012, new project at work hit me and development on the forum got stuck. Although I tried to do something – there was just no time. In March, Steffen did a new approach to find some more helping hands in order to distribute work and knowledge a bit. Christine unfortunately had too much to do and couldn’t develop the SSO-adapter further. Kay Strobach luckily had a working adapter and kindly provided it us. Steffen installed it and made SSO login possible with the upcoming relaunched typo3.org.

May brought some news which affectes the progress. We discontinued forumdev.typo3.org and moved to forum.typo3.org. After the move, an upgrade to a newer version of FUDForum broke some things and fixing this took some time. I just was motivated to start a new „sprint“ as my private working machine stopped working. Just two weeks after the warranty ended, my MacBook Pro died. Having not enough money to walk into an Apple Store to get a new one, I was grounded. Without a good and fast computer – developing the forum further was no fun and thus I didn’t do anything. Steffen took over and started (once again) to ask others for help. Nothing really happend. 

In June I ordered an new MBP, which was delivered by the beginning of August. Work could go on. Martin Terber and Roxanne joined the team. We had some Skype calls and Martin took some time to tidy up the issue tracker. Roxanne cloned the forum on her own server in order to dig into FUDForum. As a first result she made „collapsing“ working. While editing some templates something went wrong and the templates were not able to compile. It was very hard to find the error and I think I complained to much about the way Roxanne worked. At least I never got any feedback from her again. (Roxanne, I apologize if I did something which leads you to stop).

As a result of this Steffen set up a Git repository of the sources to be better able to rollback if something like this happens again. Time runs and the September passed without anything mayor going on.

Beginning of October I decided not to wait for more help and finally bring this to an „end“. I took two hours off every day and started to code all the missing things. It turned out that there were more things missing than I thought. I opened and closed a lot of forge-issues during this time and was in close contact with Steffen who supported me very much. 

Beginning of December 2012 there was the fourth code sprint for T3O, once again at the AOE office. I managed to get off the whole sunday and was able to attend. Working side-by-side with Steffen, we managed to get some more stuff done. Joern provided a lot feedback regarding functions an design. The result? More work to be done.

We now have an simple and clean layout and most issues have been solved. There a still unresolved issues open which will be tackled in the future. Beside that I’m sure that there will be a lot of new issues popping up, while the forum is actually used. Feel free to play around and open an issue on forge if you find anything, which is wrong or if you have any suggestions.

Now I’ll head over and develop the forum further. Beside that some documentation needs to be written. I’m sure there is enough work for some more long evenings …

Finally I want to say „Thank you“ to everyone who contributed. Especially the guys from the server-admin-team (Sebastian, Ingmar, Steffen, Michael). Patrick M. Hausen from punkt.de for supporting me with the server (as long as we used their server). Christine Gerpheide and Kay Strobach for their work on the SSO adapter. Martin Treber and Roxanne for helping. Denis for providing designs and everything visual. Jens Hoffmann for the first layout. Joern Bock for hosting the sprint events and general support.

The biggest thanks goes to my wife. For this project I really spent a lot of my spare time in front of the computer and she never blamed me for that. 






Allgemein Webmuckel-Kram

Backup & Recovery: ist euer Blog ein Backup wert?

Thema der Woche auf webmasterfriday ist „Backup & Recovery: ist euer Blog ein Backup wert?“. Ich finde die Frage stellt sich eigentlich gar nicht. Zumindest heute denke ich das. Früher, zu meiner Sturm-und-Drang Zeit habe ich immer gesagt „Backup ist für Feiglinge“. Nun, die Zeiten ändern sich. Man wird erwachsener, reifer und vor allem erfahrener. Wenn die erste Festplatte mit den Urlaubsbildern der letzen 13 Jahre mal das zeitliche segnet, dann wünscht man sich ein Backup herbei.

… ich schweife ab. Genauso ist es natürlich auch mit dem eigenen Blog. Viele Stunden Arbeit, eigene Artikel, Kommentare, all das sollte man regelmässig sichern. Das lasse ich meinen Hosting-Provider machen. Nacht für Nacht zieht der ein Backup der Datenbank und der Dateien. Die kann ich dann bis zu 30 Tage zurück wieder einspielen. Darüber hinhaus erstelle ich vor jedem Update von TYPO3 oder WordPress nochmals ein gesondertes Backup, das ich mir auf die lokale Maschine ziehe. Das beinhaltete dann sämtliche Dateien und einen Dump der Datenbank. Das Vorgehen dabei ist im Prinzip wie hier beschrieben. Somit kann ich jederzeit innerhalb kürzester Zeit wieder auf die alte Version zurück und gehe dadurch kein Risiko ein.


Google Wave Einladung

Update 20.12.09: Wieder neue Invites verfügbar!

Ich hätte da noch ein paar Invites zu Google Wave zu vergeben. Wer Interesse hat möge einen Kommentar hinterlassen.