Other articles

  1. How to configure EncFS on OSX 10.10 (Yosemite)

    With EncFS it's possible to keep our data in almost any cloud (Dropbox, OneDrive, etc...), having a good level of privacy and security. Infact EncFS encrypt and decrypt our data automatically. It's available for Linux as well and using a commercial solution (that is currently unsupported) even on Windows.

    Installing EncFS

    EncFS can be installed from brew. If you don't have brew package manager installed on OSX you can install it using this command:

    ``` {.lang:sh .decode:true} ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

    After brew, you need to install **OSXFuse** from this
    website <http://osxfuse.github.io>
    Finally you can install **encfs** using this command:
    ``` {.lang:sh .decode:true}
    brew install homebrew/fuse/encfs

    Configuring the encrypted folder

    Now that EncFS is installed, you can either mount an existing EncFS volume or create a new one. In both cases the command is the same:

    ``` {.lang:sh .decode:true} encfs ~/Dropbox/Private ~/Private

    If you are mounting an existing encrypted volume, you will be prompted
    for the password. If you are creating a new encrypted volume you will be
    asked some questions about EncFS parameters.
    **Note:** if it's important for you to keep compatibility with
    **[BoxCryptor Classic](https://www.boxcryptor.com/en/classic)** (in case
    you want to use the same volume under Windows), please refer to this
    other article I
    wrote: <https://www.andreagrandi.it/2014/09/12/create-an-encfs-volume-compatible-with-boxcryptor-classic/>
    Mount the encrypted volume on startup
    First of all you need to save the volume's password inside the OSX
    keychain. Open the app **Keychain Access** and create a new entry with
    name **encfs** and account value **encfs**, then write your **password**
    and click **Add**:
    .size-full .wp-image-1052 width="428"
    Once the password is saved, **open a text editor** and paste this script
    and save it as **encfs\_mount.sh** inside your **\$HOME** folder:
    ``` {.lang:sh .decode:true}
    # Secure EncFS Dropbox mounter by Daniel Widerin <[email protected]>
    mount | grep $TARGET >/dev/null
    [[ "$?" -eq "0" ]] && /usr/sbin/diskutil unmount $TARGET
    if [ ! -d $TARGET ]; then
     echo "Create new mountpoint $TARGET"
     mkdir $TARGET
     chmod 0700 $TARGET
    $ENCFS $SOURCE $TARGET --extpass="security 2>&1 >/dev/null find-generic-password -gl '$KEYCHAIN_PASSWORD' |grep password|cut -d \\\" -f 2" -ovolname=$VOLUME_TITLE

    Make it executable:

    ``` {.lang:sh .decode:true} chmod +x ~/encfs_mount.sh

    Open **AppleScript** editor and paste this text inside and save as an
    app in the \$HOME folder:
    [![Screenshot 2015-10-11
    .size-full .wp-image-1055 width="484"
    ``` {.lang:sh .decode:true}
    do shell script "$HOME/encfs_mount.sh"

    Finally, open "System Preferences" -> "Users & Groups" and add the previously saved application.

    Screenshot 2015-10-11
19.27.44{.aligncenter .size-full .wp-image-1056 width="463" height="380"}

    Final notes

    At this point encfs is configured to be mounted at startup and to save the encrypted files inside Dropbox. Please note: do not save anything directly on \~/Dropbox/Private, only read and save your files from \~/Private


    read more


  2. How to create a Docker image for PostgreSQL and persist data

    Before I start, let me confirm to you that official Docker images for PostgreSQL already exist and are available here: https://registry.hub.docker.com/_/postgres/ so this howto wants to be a guide to explain how to create these images and talk about some of the Docker features.

    I will assume that you have already installed Docker on your machine. I have tested these instructions both on Ubuntu Linux and OSX (OSX users will need to install boot2docker, instructions are not available in this guide).


    To create a Docker image we need to create a text file named Dockerfile and use the available commands and syntax to declare how the image will be built. At the beginning of the file we need to specify the base image we are going to use and our contact informations:

    FROM ubuntu:14.04
    MAINTAINER Andrea Grandi <[email protected]>

    In our case we are using Ubuntu 14.04 as base image. After these instructions we need to add PostgreSQL package repository and GnuPG public key:

    RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
    RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main" > /etc/apt/sources.list.d/pgdg.list

    then we need to update the packages available in Ubuntu and install PostgreSQL:

    RUN apt-get update && apt-get -y -q install python-software-properties software-properties-common   
      && apt-get -y -q install postgresql-9.3 postgresql-client-9.3 postgresql-contrib-9.3

    We are installing version 9.3 of PostgreSQL, instructions would be very similar for any other version of the database.

    Note: it's important to have apt-get update and apt-get install commands in the same RUN line, else they would be considered two different layers by Docker and in case an updated package is available it won't be installed when the image is rebuilt.

    At this point we switch to postgres user to execute the next commands:

    USER postgres
    RUN /etc/init.d/postgresql start   
      && psql --command "CREATE USER pguser WITH SUPERUSER PASSWORD 'pguser';"   
      && createdb -O pguser pgdb

    We switch to root user and we complete the configuration:

    USER root
    RUN echo "host all  all  md5" >> /etc/postgresql/9.3/main/pg_hba.conf
    RUN echo "listen_addresses='*'" >> /etc/postgresql/9.3/main/postgresql.conf

    We expose the port where PostgreSQL will listen to:

    EXPOSE 5432

    We setup the data and shared folders that we will use later:

    RUN mkdir -p /var/run/postgresql && chown -R postgres /var/run/postgresql
    VOLUME  ["/etc/postgresql", "/var/log/postgresql", "/var/lib/postgresql"]

    Finally we switch again to the postgres user and we define the entry command for this image:

    USER postgres
    CMD ["/usr/lib/postgresql/9.3/bin/postgres", "-D", "/var/lib/postgresql/9.3/main", "-c", "config_file=/etc/postgresql/9.3/main/postgresql.conf"]

    The full Dockerfile is available here https://github.com/andreagrandi/postgresql-docker/blob/master/Dockerfile

    Building Docker image

    Once the Dockerfile is ready, we need to build the image before running it in a container. Please customize the tag name using your own docker.io hub account (or you won't be able to push it to the hub):

    docker build --rm=true -t andreagrandi/postgresql:9.3 .

    Running the PostgreSQL Docker container

    To run the container, once the image is built, you just need to use this command:

    docker run -i -t -p 5432:5432 andreagrandi/postgresql:9.3

    Testing the running PostgreSQL

    To test the running container we can use any client, even the commandline one:

    psql -h localhost -p 5432 -U pguser -W pgdb

    When you are prompted for password, type: pguser
    Please note that localhost is only valid if you are running Docker on Ubuntu. If you are an OSX user, you need to discover the correct ip using: boot2docker ip

    Persisting data

    You may have noticed that once you stop the container, if you previously wrote some data on the DB, that data is lost. This is because by default Docker containers are not persistent. We can resolve this problem using a data container. My only suggestion is not to do it manually and use a tool like fig to orchestrate this. Fig is a tool to orchestrate containers and its features are being rewritten in Go language and integrated into Docker itself. So if you prepare a fig.yml configuration file now, you will be able, hopefully, to reuse it once this feature will be integrated into Docker. Please refer to fig website for the instructions to install it (briefly: under Ubuntu you can use pip install fig and under OSX you can use brew install fig).

      image: andreagrandi/postgresql:9.3
        - /var/lib/postgresql
      command: true
      image: andreagrandi/postgresql:9.3
        - dbdata
        - "5432:5432"

    Save this file as fig.yml in the same folder of the Dockerfile and spin up the container using this command: fig up

    andreas-air:postgresql-docker andrea [master] $ fig up
    Recreating postgresqldocker_dbdata_1...
    Recreating postgresqldocker_db_1...
    Attaching to postgresqldocker_db_1
    db_1 | 2015-02-21 19:01:07 UTC [6-1] LOG:  database system was interrupted; last known up at 2015-02-21 17:46:10 UTC
    db_1 | 2015-02-21 19:01:07 UTC [6-2] LOG:  database system was not properly shut down; automatic recovery in progress
    db_1 | 2015-02-21 19:01:07 UTC [6-3] LOG:  redo starts at 0/1782F68
    db_1 | 2015-02-21 19:01:07 UTC [6-4] LOG:  record with zero length at 0/1782FA8
    db_1 | 2015-02-21 19:01:07 UTC [6-5] LOG:  redo done at 0/1782F68
    db_1 | 2015-02-21 19:01:07 UTC [6-6] LOG:  last completed transaction was at log time 2015-02-21 17:46:10.61746+00
    db_1 | 2015-02-21 19:01:07 UTC [1-1] LOG:  database system is ready to accept connections
    db_1 | 2015-02-21 19:01:07 UTC [10-1] LOG:  autovacuum launcher started

    If you try to write some data on the database and then you stop (CTRL+C) the running containers and spin up them again, you will see that your data is still there.


    This is just an example of how to prepare a Docker container for a specific service. The difficoult part is when you have to spin up multiple services (for example a Django web application using PostgreSQL, RabbitMQ, MongoDB etc...), connect them all together and orchestrate the solution. I will maybe talk about this in one of the next posts. You can find the full source code of my PostgreSQL Docker image, including the fig.yml file in this repository https://github.com/andreagrandi/postgresql-docker

    read more


  3. How to fix encfs installation on OSX 10.9 (Mavericks) and brew

    After upgrading from OSX 10.8.x to 10.9 (Mavericks), encfs recipe is broken. First of all you have to fix a problem with a library header:

    sudo ln -s /usr/include/sys/_endian.h /usr/include/sys/endian.h

    then you can install encfs using this remote brew recipe:

    brew reinstall https://gist.github.com/ghibble/7297078/raw/cae1ff000a5e1cfc670f5b7a611279ed494b63af/encfs.rb

    It's also possible that you have to fix fuse4x installation before being able to use encfs (I had to do it):

    sudo /bin/cp -rfX /usr/local/Cellar/fuse4x-kext/0.9.2/Library/Extensions/fuse4x.kext /Library/Extensions
    sudo chmod +s /Library/Extensions/fuse4x.kext/Support/load_fuse4x

    That's it! Please note that this is just a workaround (thanks to Giovanni Bajo for suggesting me the symlink fix). Please also note that this recipe uses fuse4x library and not the most updated osxfuse (but it works, anyway). Some other users reported me that there is a fix for the original brew recipe, and this one uses osxfuse. You can find it here https://gist.github.com/defunctzombie/7324625 but I haven't tested it yet.

    Update: to fully integrate encfs with OSX, I also suggest to follow this nice guide http://www.maketecheasier.com/install-encfs-mac/

    read more


Page 1 / 1