WordPress multisite and Let's Encrypt certificates for multiple sites

I’m using the Bitnami images for my WordPress installations, and am very happy with them. However, it got a little weird when I added a new site to my WordPress multisite instance.

The secret was to run a few commands by hand:

sudo /opt/bitnami/ctlscript.sh stop apache
sudo /opt/bitnami/letsencrypt/lego  --path="/opt/bitnami/letsencrypt/" --email="david@some-domain-name-i-am-not-publishing-here" --domains="gerisch.org" --domains="www.gerisch.org" --domains="test.gerisch.org" --http run
sudo /opt/bitnami/ctlscript.sh start apache

Earlier, I had run the Bitnami bncert-tool which wrangled my Apache configuration so that all attempts to go to an http:// address were re-written to go to an https:// address. This is very good. But when I added the test.gerisch.org web site, the certificate provided by Let’s Encrypt did not have a SAN (Subject Alternative Name) entry for “test”. So trying to visit that site got the ominous “this site is insecure – nothing provides for an SSL certificate for it”. True enough.

By running the /opt/bitnami/letsencrypt/lego script with multiple –domains arguments, I could update the requested certificate to have the additional SANs I wanted. Very nice. It was the Bitnami community support web site that gave me this information. The same page warns me that more than five requests for new certificates puts the certificate issuer into a time-out corner for one week. So that is something to be aware of.

How to make Ubuntu have a nice bash shell like OpenSuSE

There are two features of OpenSuSE that I love when logging in to the command line, that do not exist in Ubuntu. Problem is, I’m renting web servers from Amazon, and those are Ubuntu. So I log in to them with ssh, and the bash completion features I want are not there. This post will be documentation of how to get back to the settings I want.

Apparently, theses used to be the settings that most Linux distributions came with. But someone somewhere decided they had a better (in my opinion: worse) plan, and the rest of the world didn’t push back. Well, except for OpenSuSE. Since I cut my teeth on SuSE, I grew to really like those features, and badly miss them when I’m on a Ubuntu box.

First up: change the editor to VIM

On these new boxes, the file ~/.bash_profile does not exist. That’s fine; Ubuntu will read it on login if it does exist.

vim ~/.bash_profile

Get into insert mode with <ins>

export EDITOR=vim

Because the presence of .bash_profile breaks .bashrc (used later), add this to .bash_profile:

[ -r $HOME/.bashrc ] && source $HOME/.bashrc

Save and exit VIM with <esc> : w q

Now, if you are looking at a file with “less” and you want to then edit it, you can hit the letter “v” and be editing the file.

I imagine that way back when, “v” was a way to think “VIM”; but once Ubuntu changed it’s default to the nano editor, that doesn’t really map any more. This changes it back.

Second up: alias the change directory command up-one-level to ..

vim ~/.bashrc

Find the list of alias commands, and move to the bottom line in the list of aliases, and do a “yank”, then a “paste” in VIM:

yy
p

Then get into edit mode by hitting the <ins> key, and modify the pasted command to be this:

alias ..='cd ..'

Get out of insert mode with <esc> and :wq to write the file and quit VIM

If you exit your ssh session, and log back in, the .. command should now take you up one level in the directory hierarchy. Much nicer than having to type cd ..

Third up: bash history search command

We will be editing /etc/inputrc

The tricky part here is that /etc/inputrc is a system file, and attempting to edit it warns that I won’t be able to write and quit. I don’t have permission to edit this file. The solution is to edit it with permissions:

sudo vim /etc/inputrc

Nicely enough, the commands I want are already there; they are merely commented out:

# alternate mappings for "page up" and "page down" to search the history
# "\e[5~": history-search-backward
# "\e[6~": history-search-forward

All I have to do is to delete the “#” character that declares \e[5~ and \e[6~ to be a comment. With VIM, this is the x key

I'm new to Audible.com – so far, it is good

I’ve been thinking about getting an Audible.com subscription for a few months now. Amazon had a deal for Prime customers (leading up to their Amazon Prime Day) for 1/3 off. Instead of being $15 per month, I could purchase 12 credits for $120 for the year – same as $10 per month (for one year). Of course, next year, it will bump up to the normal price.

The first book I listened to was Zen and the Art of Motorcycle Maintenance by Robert M. Pirsig.

I love this book. It was every bit as interesting, listening to it this time, as it was the first time I read it oh-so-many decades ago. One nice aspect to it as an Audible product is that the book was written in the first person. So the narrator and the writing style mesh very well.

The second book I listened to was Neuromancer by William Gibson.

This one wasn’t as fun to listen to again. The thought that occurred to me often was that I wish the narrator wasn’t having to pretend to be a different voice when a different character was speaking. Every time he had to switch up his voice, I was taken out of the experience. The quality of the experience would have been far better as an audio play / radio show than as a single narrator trying to play all the characters.

Of course, that would mean more up front expense on Audible’s part, than just the one contract for the one narrator. It probably isn’t the case that bringing in several other voice actors to take over some parts would drop the expense of the main voice actor. He probably doesn’t get paid by the minute; even if the total minutes shrink a little when another actor picks up some of the lines.

What I don’t know, is if Audible / Amazon makes a lot of money in comparison to the initial outlay. If they do make a lot of money compared to the voice actor expenses, then they would be far better off delivering the highest quality experience (because the production expenses would be small in comparison to the overall return).

I enjoyed listening to Neuromancer all over again; but, it was only satisfactory. I far more enjoyed Zen and the Art of – partially because I was so fond of the original. Also, Neuromancer has way too much flowery descriptive prose that is supposed to wow me expanded horizons or some such dirt.

Next up: Snow Crash by Neal Stephenson. I have read Cryptonomicon before; so I’m a little familiar with the author’s style. But I’ve never read Snow Crash (nor The Diamond Age), so this will be my first experience with Audible listening to a book I’ve never heard / read before.

Strawberry Perl did a brain-dead thing to me

When one installs Strawberry Perl, one gets a file structure that has a directory named “site”. Underneath “site” is “bin”.

But of course, there is also a “bin” directory where the perl.exe is stored too. Why wouldn’t you store your source code in the bin directory with the perl.exe? If you are in that directory at the command prompt, perl.exe doesn’t have to do any searching to find your Perl script.

Somewhere along the line, I was told “Don’t put your source code in the bin directory where perl.exe is stored. An upgrade will come along, and delete everything in the directory where perl.exe is – including your source code! Put your scripts in ../site/bin because that won’t get wiped out during an update of perl.exe”

And, I just upgraded Strawberry Perl, and it wiped out everything.

Yes: including the ../site/bin directory dedicated to being my safe place for my source code! It’s the place (that was supposed to be) protected from accidental-upgrade-based-deletion.

Just “bin” – expect everything there to be wiped, when an upgrade happens. But “../site/bin” – the whole reason we have this extra folder structure is because there should be a place for your code that doesn’t get clobbered during an upgrade.

And Strawberry Perl clobbered it anyway.

Sigh. This make me really leery of trying to make scripts I could distribute to my users. Should we need to push an upgrade to Strawberry Perl, if someone had written their own scripts, we would clobber their work! Gah!

Advertising sucks: Billy Jones never existed here

Somewhere along the line, my local newspaper started selling advertising (to the fools who do business with them) for a false name. Someone invented a name and put it on their mailing list, of a person who has never lived at my street address.

I am the second owner of my house. The original owner lived there for 45 years. I do know every name of every person who has lived at my address, ever.

Billy Jones was never one of them. For all I know such a person has never existed.

Half of the crapmail I get is addressed to Billy Jones.

I have even telephoned the credit card advertising company telephone number where you can opt-out of credit card offers. OK, for me that worked; but what about Billy Jones?

Yeah, they aren’t going to allow me to opt-out until I cough up Billy Jones’ social security number. This infuriates me – for all I know, Billy Jones is my neighbor’s hamster.

There are some good things about Billy Jones:

  • I can instantly throw anything addressed to Billy in the trash.
  • The companies that are paying for advertisements sent to Billy are 100% losing their money.

Hopefully, the people buying advertising will figure that out. Advertising is all loss and no gain; you deserve to lose your money on it for spending it with a company that will falsify the names on the mailing list.

Ha! Ha! Sucks to be you.

But really, I would prefer you advertisers just stop it.

Advertising: bane of the modern world

A while back, I was on Reddit, reading the subreddit AskReddit “What is the biggest scam that we all tolerate collectively?”

For me, the answer is advertising.

$1,300 per man, woman, and child will be spent this year on advertising here in the U.S.A. (2019)

And I doubt that includes everything; there are several industries that make their money by providing services to the advertising industry, but may not be considered a part of the 2% of GPD dedicated to advertising. Much of the stuff I hate comes from printers; but the whole printing industry isn’t all advertising (text books being the primary exception).

Some industries cost more than 2% of GPD of course. But those are worth something, or optional, or both.

I either have a choice to spend my money for those, or, I get something for it. Advertising just sucks.

The purpose of advertising is to waste my time. To distract me from what is good, and to say “look at me! look at me! pay attention to me before you throw me away!” This is a complete waste of my time, and someone’s money.

It is terribly wasteful. Some clueless person hires someone in the creative class to design shit, then hires workers to print the shit, then pays for workers to deliver the shit to me, for the sole reason for me to throw it in the trash! How did we get to this point? Who thought this was a good idea?

How can we stop it?

Yes, all of radio and television is the same waste; but, I don’t tune in. You want to waste your money – go for it. Although if someone else has the same product at lower cost (because they don’t waste their money on advertising), you bet I’m buying their product instead / preferentially.

But snail mail: I hate you. There is no option to opt-out.

The only way I know of how to stop this shit is to remove the tax deductions for advertising / marketing expenses. I’d love to see this; but I’m not holding my breath.

Silly Game of Thrones idea

Over on Reddit, in the Game of Thrones subreddit, there is a ballot you can cast, for the question of who do you want to see on the Iron Throne? (It may be for who do you expect to see on the Iron Throne at the end?)

I’ve cast my ballot, but the thought occurred to me: what if George R.R. Martin wanted to screw with us?

It’s no secret that he is willing to kill off beloved characters. It’s also not a secret that the television series outpaced the books. The producers of the show had to arrange to meet with GRRM, and spent a weekend with him in a hotel room, getting him to write the ending of the story: A Song of Ice and Fire. In some sense, they needed him to play his hand before the real books come out. What if George felt a little mischievous? Or maybe he wants to create a crisis of emotional loss, in the audience of people who think there are heroes in the Game of Thrones?

At the time of this writing, there is only one more episode yet un-aired.

What if GRRM fed the producers a plot line that won’t be anything like the real books he is writing?

OK – spoilers below. You have been warned. Click this line to reveal

Cersei was killed off in a way that left me quite unsatisfied. I, and I imagine many people, wanted the people she oppressed to get their vengeance in her death. Vengeance denied!

What if GRRM wanted to deliver that same emotional impact with all the television viewers? What if he wanted to have the last laugh by tormenting us all? What if the good ending to the stories is going to be in the book (“buy the books for the real ending!!!”)?

In this vein, I think Sansa Stark will win the Games of Throne. Here’s how I could see it happening.

  • Tyrion is killed off immediately, as soon as Daenerys learns that Tyrion released Jaime.
  • Daenerys, fearing plotting by Sansa, orders Jon Snow to kill Sansa.
  • Jon Snow refuses.
  • Daenerys has Jon Snow killed. Likely, Grey Worm does this.
  • Arya kills Daenerys as revenge for killing Jon.
  • Drogon (the remaining dragon) seeing his mother killed, kills Arya.

This would leave Sansa, Samwell, Bran, and Grey Worm remaining.

Grey Worm could take over, and through sheer might with his army, seize the Iron Throne. That wouldn’t really be such a bad ending, so under the theory that GRRM wants to make you have to think about your emotions about the ending – yeah, that’s right out.

Bran wouldn’t get it, because of his infirmity, and Sansa wants it.

Samwell could want it (but so far, he doesn’t really). The nerds in the audience (and I fit that bill) would be happy if a nerd won the Iron Throne – so that’s right out. It would be kind of a happy ending, but it wouldn’t hit you in the gut, really.

Which leaves Sansa.

The sister who agreed to marry Joffrey, who suffered a little, but by appearances got to live the plush life (in fact, she was later raped by Ramsay Boulton, but not many people know that), who felt bad, but never much helped as her family were hunted and killed. “Well, I felt bad, while you all died; but you’re all dead now, so I might as well take the Iron Throne and live the good life.”

That would be an emotional kick in the gut. I could see GRRM doing it.

Of course, a super twist would be Tormund and Brienne getting married and taking over the North; letting the South burn and war and starve, and the Iron Throne become a curse to anyone dumb enough to fight for it.

So that’s my silly idea. One more week to find out. 🙂

All-in-One WP Migration prior to being crippled by it's authors

Newer versions of the WordPress plugin All-in-One WP Migration have been re-written to refuse to work if the migration file is larger than 512MB. The plugin has been deliberately crippled to induce you to pay for an upgrade that unlocks larger file sizes.

One thing that is (in my opinion) a little sleazy is that the export function will create and download any size file you have. It’s only after you need to import that you get mugged for the upgrade.

The nice lady at https://marionblackonline.com/all-in-one-wp-migration-plugin-hack/ showed how to get the old version of the All-in-One WP Migration plugin. Version 6.77, although it has the artificial limit, can be edited to a different limit. Getting the file is slightly opaque, as the plugin page on wordpress.org does not let you go back that far, version -wise. But the file is on the servers, and downloadable.

https://downloads.wordpress.org/plugin/all-in-one-wp-migration.6.77.zip

Once you’ve installed it (by uploading it from a .zip file instead of from the WordPress Plugins store), WordPress will constantly nag you to update to the crippled version. Edit the file wp-content/plugins/all-in-one-wp-migration/all-in-one-wp-migration.php and change the Version string to an impossibly high number.

As long as you are editing files, you might as well edit wp-content/plugins/all-in-one-wp-migration/constants.php

Original file size limit: 

define( 'AI1W†M_MAX_FILE_SIZE', 2 << 28 );

Make it your preferred file size limit:

define( 'AI1WM_MAX_FILE_SIZE', 4294967296 ); // 4 GB file size limit

Microsoft is Pinky

“Brain: It must be inordinately taxing to be such a boob. Pinky: You have no idea.”

I have an application I’d like to run on Windows 10, that invokes the UAC (User Account Controls) every time it runs. I’d like to turn off UAC for just this one program.

Nope. No can do

(BTW, I really wanted to link to a clip from Pinky and The Brain, for “Brain: It must be inordinately taxing to be such a boob”, but Youtube / Google gets completely hung up over that word “boob”)

The obvious first step is to change the shortcut to launch the .exe to “Run As Administrator”. Doesn’t work.

There is an article in the Microsoft support forums that says one can configure Windows to run a chosen program without invoking the UAC. It involves downloading their Accessibility Toolkit, which allows Windows to be altered for people with muscular dystrophy (for example). Stupid extra keystrokes for people who have a hard time manipulating a keyboard can be done away with, which is a good thing.

And if Microsoft can’t figure out how to suppress the UAC for the one program for regular users, well, maybe us regular users can shoe-horn the accessibility toolkit into getting Windows to be helpful instead of annoying.

Nope. Doesn’t work. The program I reconfigured does now have an updated icon, to indicate that UAC will be invoked when I want to run it. But all I wanted was to click the icon, and the program works.

My choice is now between “turn off UAC completely” or “every time I run this program, get stopped and slapped in the face with the reminder of how bad at programming Microsoft is”.

Well, I’ve learned that sometimes, it’s better to be happy than to be right, so UAC is getting turned off, system-wide. It’s stupid.

Microsoft is such a boob.