How-to use Docker with Gogland Go IDE

If you’re on macOS follow these steps.

Install socat

brew install socat

If you don’t have the brew command, checkout brew.sh

Create TCP listener

socat -d -d TCP-L:8044,fork UNIX:/var/run/docker.sock

This creates a TCP port on 8044 that is mapped to the socket that Docker is running on.
Tip: In your ~/.bash_profile file make an alias to easily create the listener at anytime. Example:

alias dockertcp="socat -d -d TCP-L:8044,fork UNIX:/var/run/docker.sock"

Now anytime you want to create the listener simply run dockertcp from a Terminal.

Configure Gogland

To get to the Docker configuration go to Preferences / Build, Execution, Deployment / Docker.

Set your API URL to tcp://localhost:8044
I had to leave the Certificates folder blank in order for it to work for me.

And you should be all set!

BTW these instructions should work for all of Jetbrains IDE products including PyCharm, WebStorm, etc.

Quick & Easy Let’s Encrypt Setup on pfSense using ACME

There is a wonderful new capability in pfSense to use Let’s Encrypt to automatically and securely generate fully recognized TLS certificates.

This is a great thing because security is important. Using self-signed certs is annoying at best. You still completely control your private key when using ACME via services such as Let’s Encrypt, so there is no security downfall to using it.

How-to use Let’s Encrypt on pfSense

Under System / Package Manager / Available Packages you should find a package called acme. Click the install button and allow it to complete.

Once installed you should find Acme Certificates under the Services menu.

The first step is to create your account keys. Enter a name, select the production server if you want this to be live.
Click “Create new account key” to generate a key and insert it into the Account key box.
Finally click the Register button and Save.

The next step is to create your certificate. Under Certificates click the Add button.
Enter the details such as the name.

In the Table you will see I selected “standalone HTTP server” and in the options set the listen port to 8082. This is important because the ACME server needs to be able to access this standalone HTTP server on port 80. We will accomplish this with a port forward rule in the next step.

Under Firewall / NAT / Port Forward create a new rule that forwards port 80 HTTP to your pfSense IP address which is 192.168.1.1 by default.
This allows the ACME server to communicate with your device to verify ownership.

Of course you can use other methods, I just found this to be the simplest option assuming that you have something already running on port 80 like I do.

Now let’s go back to Acme Certificates, and click the Issue/Renew button. If the domain name you used has correctly configured DNS, you should have a freshly minted certificate available for use under System / Cert. Manager.

To use this new certificate from the pfSense webConfigurator like I am, go to System / Advanced / Admin Access and select your new certificate under the SSL Certificate drop down menu.

Onward to TLS everywhere!

We’ve started an Online Disc Store

img_7617_bf0cb84e-4b86-4f89-9904-b60252675d96_1000xMy wife Melodie had the idea of having a family based business that we’d be able to do, and since we all enjoy disc sports and e-commerce is relatively easy to get into we said, hey let’s try setting up an online disc store and run the inventory from our garage!
So starting today you can now find our new family business at mydisc.ca.

We carry the awesome rubber based discs from Vibram Disc Golf, and the Canadian made discs from Daredevil Discs here in Ontario. Official Ultimate discs and the really nice flex golf discs that are great for playing in the cold.

Check it out, and if you’d like to try out some new discs we’d love to have your business!

 

How-to use Media Vault with Nginx

The Media Vault plugin for WordPress is the only WordPress plugin that I’m aware of that allows you to protect uploaded files from public access. Protecting your WordPress web site is relatively easy and there a bunch of great plugins that help make your site private for internal use.

But there is a bit of a catch, the Media Vault plugin only supports Apache web servers. So if you’re running your WordPress installation on Nginx, there’s a small hack you need in order to make it work.

Step 1 – Install and modify the plugin

First of all install the Media Vault plugin like you normally would, and it will give you a message that you need to activate the Apache rewrite rules. Of course it won’t work, so in order to activate the plugin we’ll do this.

  1. Under WordPress Admin go to Plugins / Editor to edit the Media Vault plugin.
  2. From the “Select plugin to edit:” menu select “Media Vault” and click Select
  3. On the right-hand side click on the media-vault/_mediavault.php plugin file.
  4. Look for a line that reads: “function mgjp_mv_check_rewrite_rules( $deactivation = false ) {
  5. Modify the return statement in that function so it reads: return true;

That simply makes the activation successful even though we don’t actually have it working yet. The reason we have to do this is because the nginx rewrite rules that we’re going to add work, but don’t pass the test in this function because they don’t return the same http codes that apache does.

Step 2 – Configure Nginx

Here’s what my relevant nginx configuration looks like, you can copy parts as needed:

location / {
    rewrite ^/wp-content/uploads(/_mediavault/.*\.\w+)$ /index.php?mgjp_mv_file=$1 last;
    if ($args ~* "^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$") {
        rewrite ^/wp-content/uploads(/.*\.\w+)$ /index.php/?mgjp_mv_file=$1 last;
    }
 
    try_files $uri $uri/ @rewrites;
}

location @rewrites {
    rewrite ^ /index.php last;
}

location /wp-content/uploads {
    rewrite /wp-content/uploads/([1-9]+.+) /wp-content/uploads/_mediavault/$1 redirect;
}

This configure takes care of WordPress pretty-urls, Media Vault rules, and also redirects any old upload URLs from your media library to the new media vault protected URL. This was helpful in our case were we already had a lot of existing media in use in the WordPress site and it would have taken a lot of effort to update all the URLs on the pages.

Hope this helps someone out there, enjoy!