How to renew a standalone Let's Encrypt cert

If you deployed Let's Encrypt SSL certificate independently with nginx (standalone), you can't renew that cert while nginx is running. The only way is to stop nginx and proceed the renewal than start nginx again. Here is a bash script that you can use as crontab (e.g. /opt/my_scripts/

Note: the script requires ssl-cert-check package so install it using this:

sudo apt install ssl-cert-check

Set the crontab as following:

0 */12 * * * /opt/myh_scripts/ > /var/log/renew_cert.log 2>&1

Make function keys work on putty's ssh session

When you ssh to a Linux machine using putty and running tmux or byobu, by default, you can not use function keys to switch between sessions (F3, F4) or create a new session (F2). By setting putty as below, you will "fix" that:

1. Go to Putty settings, Terminal section, Keyboard, The Function keys and keypad, select Xterm R6

2. Apply and close.

Another SSH tunneling trick - to get you ssh into your blocked server from the outside world

I wrote a blog post about SSH tunneling 4 years ago at this. Today I will show you another trick that gets you into the server behind firewalls.

Normally, corporate's firewalls will block all the incoming ports except port 80 and 443 which are using for accessing the web servers. So, here are how to can get access to the servers from outside (assuming you have access to the server you want to connect to from inside the corporate network):

1. If the server you want to connect to doesn't have anything web or anything running on port 80/443, you just need to change its's ssh config to let sshd runs on port 80/443.

sudo nano /etc/ssh/sshd_config

Port 80
sudo systemctl restart ssh

2. If your server already has a web or a server that runs on port 80/443, use another server that you can access from inside the network and free of port 80/443. 

Then establish the tunnel, assuming: the server that I have access from inside the the server that I wan…

How to dev a new Horizon dashboard without devstack/fullstack OpenStack

Everybody knows the easiest way to build a new Horizon dashboard is to use devstack. But, devstack requires a number of resources (16GB of RAM for a workable devstack in my experience). So what can you do if you only have a laptop with 4-8GB RAM? Easy, easy, follow these setups:

1. Install keystone (the minimum requirement of Horizon):

Follow this official instruction:

Read these blog posts to fix some issues:

2. Install Horizon:

Follow this official instruction to install Horizon on your computer:

3. Building your own dashboard:

Using this document:…

Fix error "AttributeError: 'module' object has no attribute 'Cryptography_HAS_SSL_ST'" when installing keystone on Ubuntu 16.04

I followed the keystone's official docs to install it but got this error on Ubuntu 16.04:

AttributeError:'module' object has no attribute 'Cryptography_HAS_SSL_ST'
Then I added this below ppa and I can install keystone successfully:

sudo add-apt-repository ppa:ubuntu-cloud-archive/queens-staging
sudo apt-get update
sudo apt install keystone apache2 libapache2-mod-wsgi