// it's simple to add one key but this helps when i'm on a machine w/ multiple authorized hosts
// use like `ssh-copy-id ww1.example.com` -- make sure you have `ssh-agent` running and have added keys w/ `ssh-add` (use `ssh-add -L` to check)
// got this from the OpenSSH in Ubuntu, don't have it on mac afaik?

#!/bin/sh

# Shell script to install your public key on a remote machine
# Takes the remote machine name as an argument.
# Obviously, the remote machine must accept password authentication,
# or one of the other keys in your ssh-agent, for this to work.

ID_FILE="${HOME}/.ssh/id_rsa.pub"

if [ "-i" = "$1" ]; then
  shift
  # check if we have 2 parameters left, if so the first is the new ID file
  if [ -n "$2" ]; then
    if expr "$1" : ".*\.pub" >/dev/null; then
      ID_FILE="$1"
    else
      ID_FILE="$1.pub"
    fi
    shift         # and this should leave $1 as the target name
  fi
else
  if [ x$SSH_AUTH_SOCK != x ] && ssh-add -L >/dev/null 2>&1; then
    GET_ID="$GET_ID ssh-add -L"
  fi
fi

if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
  GET_ID="cat ${ID_FILE}"
fi

if [ -z "`eval $GET_ID`" ]; then
  echo "$0: ERROR: No identities found" >&2
  exit 1
fi

if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
  echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2
  exit 1
fi

{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1

cat <<EOF
Now try logging into the machine, with "ssh '$1'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

EOF

// block access to .svn dirs
// should be done server-wide if you can (another snippet)

<IfModule mod_rewrite.c>
  RewriteRule ^(.*/)?\.svn/ - [F,L]
  ErrorDocument 403 "Access Forbidden"
IfModule>

// protect ".svn" and "CVS" dirs (could add more)
// for server-wide protection; goes in httpd.conf
// there's a separate snippet for .htaccess-based code

<DirectoryMatch "^/.*/(\.svn|CVS)/">
  Order deny,allow
  Deny from all 
DirectoryMatch>

// get started with ubuntu 7.1
// e.g. on a new slice from http://slicehost.com !

# 1) make yrself a user and stop being root

# 2) main web stack + ruby
sudo aptitude install -y make screen
sudo aptitude install -y apache2 php5 mysql-server
sudo aptitude install -y subversion postfix
sudo aptitude install -y ruby1.8 ruby1.8-dev rubygems irb
sudo aptitude install -y imagemagick librmagick-ruby1.8 librmagick-ruby-doc libfreetype6-dev xml-core

# 3) gemz
# rubygems appears to be broken as hell. 
# gem update --system does squat
# had to manually d/l rubygems 1.0.1, ruby setup.rb
wget http://rubyforge.org/frs/download.php/29548/rubygems-1.0.1.tgz
tar xzvf rubygems-1.0.1.tgz
cd rubygems-1.0.1
sudo ruby setup.rb
sudo gem install rails mongrel merb map_by_method

Upgrades woohoo! Tell those lusers to hold their horses while you happily debug. Some .htaccess magic, just sub in your IP:

<IfModule mod_rewrite.c>
        RewriteEngine On
        # 'under construction' override
        RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$
        RewriteRule ^(.*)$ maintenance.html
IfModule>

When you can't use SCP…

ncftpput -u username -p password ftpperso.free.fr -R -m /local/path /remote/path

Ocassionally things go bad(tm). This has bit me for the second time in approx 3 years now, but generally one needs to load the old FreeBSD kernel to start debugging and going through a box with a fine toothcomb.

The following snipbit gives you an idea what steps to take when rebooting the server so that you can load the previous working copy of the FreeBSD kernel:
When the boot menu appears hit the spacebar to stop the countdown.
Press "6" for "to escape to loader prompt"
unload
load /boot/kernel.old/kernel
boot

Now the old working FreeBSD kerenl is booting up. It would be recommended to copy the last working version to /boot/kernel.last for example so that you can "load /boot/kernel.last/kernel", especially if you are going to be building your kernel multiple times on a server.

This searches for and destroys the zombie processes that linger (and block I/O for an indefinite amount of time) after cron starts up on a shared server:

for each in `ps jauxww | grep Z | grep -v PID | awk '{print $3}'`; do for every in `ps auxw | grep $each | grep cron | awk '{print $2}'`; do kill -9 $every; done; done

ps ax | grep webmin | kill -9 `awk '{print $1}'`

User the "begin routers" section add:

route_append:
    driver = manualroute
    domains = *
    transport = remote_smtp
    route_data = "smarthost.host.name byname"

Given that this isn't something I do regularly, it's handy to have the commands to hand so I don't have to scroll through man pages trying to remember how to do it.

Clear the disk

# dd if=/dev/zero of=/dev/ad1 bs=1k count=1

Initialise it

# fdisk -BI ad1

Label it, then edit the labels created

# bsdlabel -B -w ad1s1 auto
# bsdlabel -e ad1s1

Format it with a filesystem

# newfs /dev/ad1s1e

Make directories and mount as appropriate, and you're done!

Using "textdrive" as an example

pw groupadd textdrive
pw useradd textdrive -m -c "Main Textdrive account" -d /home/textdrive -s /bin/tcsh -G textdrive -k /usr/share/skel/

Then set the password:

passwd textdrive

ps axu | grep user | kill -9 `awk �{print $2}�`

ps axu | sort -rn | more