Notes on Letsencrypt SSL

 (base) LionsEye:~ loalhost$ curl --verbose --header 'https://x.x.x.x' (base) LionsEye:~ localhost$ curl --verbose --header 'https://x.x.x.x' https://x.x.x.x.:443

*   Trying x.x.x.x:443...

* TCP_NODELAY set

* Connected to x.x.x. (ip.address.) port 443 (#0)

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /opt/anaconda3/ssl/cacert.pem

  CApath: none

* TLSv1.3 (OUT), TLS handshake, Client hello (1):

* TLSv1.3 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

* ALPN, server did not agree to a protocol

* Server certificate:

*  subject: CN=x.x.x.x

*  start date: Aug 14 03:31:07 2020 GMT

*  expire date: Nov 12 03:31:07 2020 GMT

*  subjectAltName: host "x.x.x.x" matched cert's "x.x.x.x"

*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3

*  SSL certificate verify ok.

> GET / HTTP/1.1

> Host: x.x.x.x

> User-Agent: curl/7.68.0

> Accept: */*

> https://x.x.x.x

> 

* Mark bundle as not supporting multiuse

< HTTP/1.1 301 Moved Permanently

< Date: Fri, 14 Aug 2020 04:33:26 GMT

< Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.5

< Strict-Transport-Security: max-age=63072000; includeSubdomains

< X-Frame-Options: DENY

< X-Content-Type-Options: nosniff

< Location: https://x.x.x.x

< Content-Length: 238

< Content-Type: text/html; charset=iso-8859-1

< 

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>301 Moved Permanently</title>

</head><body>

<h1>Moved Permanently</h1>

<p>The document has moved <a href="https://x.x.x.x/">here</a>.</p>

</body></html>

* Connection #0 to host x.x.x.x left intact

###HTTP/1.1 301 Moved Permanently

Date: Fri, 14 Aug 2020 04:38:17 GMT

Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.5

Strict-Transport-Security: max-age=63072000; includeSubdomains

X-Frame-Options: DENY

X-Content-Type-Options: nosniff

Location: https://x.x.x.x/

Content-Type: text/html; charset=iso-8859-1

(base) LionsEye:~ localhost$  curl -Iki https://x.x.x.x:443

HTTP/1.1 301 Moved Permanently

Date: Fri, 14 Aug 2020 04:38:20 GMT

Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.5

Strict-Transport-Security: max-age=63072000; includeSubdomains

X-Frame-Options: DENY

X-Content-Type-Options: nosniff

Location: https://x.x.x.x/

Content-Type: text/html; charset=iso-8859-1

Changing innodb_flush_log_at_trx_commit in MySQL/MariaDB innodb performance

 Default value is 1, possible values are 0-2.

0 – Logs are written and flushed to disk once per second. Transactions that have not been flushed out can be lost as a result of a crash.

1 – Logs are written and flushed to disk every time a transaction is committed.

2 – Logs are written after each commit of a transaction and flushed to disk once per second. Transactions that have not been flushed out can be lost in the event of a failure.

Deadlock is one of the nightmare of every developer: MariaDB

------------------------
LATEST DETECTED DEADLOCK
------------------------

Database must always be consistent and ensure integrity to increase the level of confidence in the data holdings. The main database is critical because several processes and programs depends on this database. 

The database is one of the organization core data and business processes are dependent on this databases 

Many days and nights were spent reviewing logs, events, procedures, and queries. Studying Transactions, Storage Engines and the Binary Logs, Query Performance. 

The occurence of deadlock on insert is bugging us , yes deadlock on insert can occur is called gap deadlock.

  
It is possible to cause deadlocks in mysql (Innodb) on concurrent insert statements, without there being any transactions in progress. Deadlocks are possible even when the inserts don't collide on any key.
The deadlocks occur due to gap locking done by mysql. There are several reasons for gap locking, and in this particular case, it has to do with preserving a unique key constraint on an index. The situation presents itself to us this way: There is a unique key constraint on a column and we are doing an insert. Mysql has to make sure that the lock it takes is sufficient to prevent another concurrent insert from adding a record with the same key, thus breaking the unique key constraint.
To address the problem of Gap Deadlock we have to adjust the isolation level to Read Committed .
  
The SQL standard defines four isolation levels, as follows:
1. Read Uncommitted
At this isolation level, all transactions can see the execution results of other uncommitted transactions. This isolation level is seldom used in practical applications, because its performance is not much better than other levels. Reading uncommitted data is also called Dirty Read.
　
2. Read Committed
This is the default isolation level for most database systems (but not MySQL). It satisfies the simple definition of isolation: a transaction can only see changes made by a committed transaction. This isolation level also supports the so-called Nonrepeatable Read, because other instances of the same transaction may have new commit during the processing of the instance, so the same select may return different results.
　
3. Repeatable Read
This is MySQL's default transaction isolation level, which ensures that multiple instances of the same transaction will see the same data row when reading data concurrently. In theory, however, this leads to another thorny problem: Phantom Read. Simply put, hallucination refers to when a user reads a range of data rows, another transaction inserts new rows in the range, and when the user reads the range of data rows, new "hallucination" rows will be found. InnoDB and Falcon storage engines solve this problem through MVCC (Multiversion Concurrency Control) mechanism.
　
4. Serializable
This is the highest isolation level, which solves the hallucination problem by forcing transaction sorting to make it impossible to conflict with each other. In short, it adds a shared lock to each read data row. At this level, it may lead to a large number of timeouts and lock competition.
Here is how we do the Mariadb Setting for the isolation level
SET [GLOBAL | SESSION] TRANSACTION
    transaction_property [, transaction_property] ...
transaction_property:
    ISOLATION LEVEL level
  | READ WRITE
  | READ ONLY
level:
     REPEATABLE READ
   | READ COMMITTED
   | READ UNCOMMITTED
   | SERIALIZABLE
   
Isolation Level

To set the global default isolation level at server startup, use the --transaction-isolation=level option on the command line or in an option file. Values of level for this option use dashes rather than spaces, so the allowable values are READ-UNCOMMITTED, READ-COMMITTED, REPEATABLE-READ, or SERIALIZABLE. For example, to set the default isolation level to REPEATABLE READ, use these lines in the [mysqld] section of an option file:
[mysqld]
transaction-isolation = READ-COMMITTED
To determine the global and session transaction isolation levels at runtime, check the value of the tx_isolation system variable:
SELECT @@GLOBAL.tx_isolation, @@tx_isolation;
#Default isolation level
#set @@session.tx_isolation='read-uncommitted';
set @@session.tx_isolation='read-committed';
SET GLOBAL TRANSACTION ISOLATION LEVEL  READ-COMMITTED


select @@session.tx_isolation;
transaction-isolation = READ-COMMITTED

References:
https://mariadb.com/kb/en/set-transaction/

What we need is discipline and cooperation

We don’t need the government to impose quarantine for us. We can do our  part stay home and self quarantine. 

We always blame the government for the rising cases of covid19 but have  we been disciplined and followed basic health protocols like social distancing, wearing mask and stay at home?

When ever I need to buy our food supply it seems everything is normal lots of people are on the road, sometimes you can see minors outside of their residence playing on the street, you can see a lots of teens roaming around without mask. 

I can feel the hardship of our health workers, they are already over work, over burden, and needed a break, but people need to eat, they need to work in order to survive.

Some people really need to work and go out so that they can provide food for their family. 

Yes health and survival is really important and some of us food is already a survival and they are willing to risk their life in order to eat and survive.

Our government cannot afford to feed the people so please help.

I don’t believe in another lock down or ECQ I believe  in peoples cooperation and discipline.

We can beat Covid19  if we do our part.

I am a tax payer I never complain we were trained to survive on our own.

Life in the rural areas is harsh all my sibling will attest to that,
we use to see our mother crying because we barely survive day to day life.

We came from extreme poverty, there are times that we eat only twice(2)  a day.
My sister (https://www.facebook.com/raquel.mogs / https://www.facebook.com/LessTraveledWorld/ ) used to drink rice coffee instead of baby milk because we cannot afford anything. My other sibling(https://www.facebook.com/mylene.mogado) wanted to attend academic quiz bee and other school-related contests on the district, division, and regional level but she can't because we don't have enough money for her transport & allowance but she consistently graduated valedictorian from elementary, high school and college.  My other sister (https://www.facebook.com/alice.mogado.5) never finish college or employed but she's so creative and learn to earn a living in various ways, farming, business, small eatery and other ways to earn. Our youngest sister is also managing a coffee shop and we teach her to not depend on someone that she has to earn on her own.

At an early age, we learn the ways in the farm from land preparation up to harvesting, every member of the family is on the farm doing manual labor. In farming we learn to live,  if we don't plant we don't eat.

I remember one time,  my Uncle told me if you don't have a job go home (province) and plant camote(sweet potato) you will never get hungry.

In spite of the hardship we learn to strive, we learn to study hard, work hard, we learn to save something for the rainy season.

With all the hardship in life, we manage not to depend on someone, we learn to stand on our own. We never asked the government for support or blame the government for being so poor. We follow rules, policies and regulations  because we believe is not the government or anyone else will uplift our living condition.

We believe we can improve our life by dreaming and working hard to attain anything our imagination is the limit.

In times of crisis like the COVID19 we are already prepared because we have been trained since we were kids.

And not only for ourselves but my sisters have shared some of their blessings to our ka barangay who are in need during the COVID19 Pandemic.

My personal cure to lean purse

1. Instead of eating out from resto, i can buy my favorite food from the market.
2. Instead of Starbucks and  other coffee shop, source out the best coffee bean from the local farm and farmer and brew my own.
3. Instead of grab rides, i choose other mode of transportation.
4. Online sale, mall sale and shopping is not saving, its spending.
5. Unnecessary bills and plans.
6. Clothing, buy what is necessary and important avoid buying one time use like fancy party dress for party.
7. Teach your kids to save! Learning to save is harder than spending. 
8. Investing returns multifold. (Safe investing)

December is the best time to save and invest.