rbachwiki - User contributions [en]

Setup Mac for ssh into synology

2026-04-24T19:02:27Z

Bacchas:

== Set up Password-less Login ==

'''For an unattended script, your Mac needs to log in without a password. Open Terminal on your Mac:'''
'''Generate a key:'''
ssh-keygen -t ed25519 (Press Enter through all prompts).
'''Copy it to the NAS:'''
ssh-copy-id -i ~/.ssh/id_ed25519.pub your_nas_user@100.x.y.z
'''Test it:'''
ssh your_nas_user@100.x.y.z. If you get in without a password, you’re ready.

== Fix Permissions on the Synology==
'''Log in to your NAS with your password one last time and run these commands to restrict access to your home folder: '''
'''Set Home Directory to 755: SSH requires that your home directory is not writable by others.'''
chmod 755 /volume1/homes/bacchas
'''Set .ssh Folder to 700: This folder must be readable only by you.'''
chmod 700 /volume1/homes/bacchas/.ssh
'''Set authorized_keys to 600: The key file must be strictly protected.'''
chmod 600 /volume1/homes/bacchas/.ssh/authorized_keys

== Verify "User Home Service" is Enabled ==
'''SSH keys won't work if the NAS isn't correctly mapping your home directory. '''
'''In DSM, go to Control Panel > User & Group > Advanced.'''
'''Scroll down to User Home and ensure Enable user home service is checked. '''

==Check Synology’s SSH Configuration ==
'''Sometimes PubkeyAuthentication is disabled in the system config. '''
'''On the NAS, edit the config file: '''
sudo vi /etc/ssh/sshd_config.
'''Find these lines and ensure they are uncommented (no # at the start):'''
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
'''If you made changes, restart the service in Control Panel > Terminal & SNMP by unchecking and re-checking the Enable SSH service box. '''

==Mac-Specific: Add Key to your SSH Agent==
'''On macOS, your terminal might not be "offering" the key automatically. Run this command on your Mac to manually add it to your current session:'''
ssh-add ~/.ssh/id_ed25519

==How to Troubleshoot==
'''If it still asks for a password, run the connection in "verbose" mode on your Mac:'''
ssh -vvv username@192.168.20.22
'''Look for a line that says "debug1: Next authentication method: publickey". If it says "Authentication refused: bad ownership or modes," it means the permission fix in Step 1 didn't stick or was applied to the wrong path. '''

==Restart the Service==
'''Changes to sshd_config do not take effect until the service restarts.'''
'''Command: sudo '''
synosystemctl restart sshd.
'''Alternative: Toggle "Enable SSH Service" off and back on in the DSM Control Panel. '''

=Create config file=
'''Create a config file in the ~/.ssh/config'''
''' This file contains the host name and the path to the ssh keys'''
<pre>
Host wendy
HostName 192.168.20.22
User myname
IdentityFile ~/.ssh/keyidfile
IdentitiesOnly yes

#for tailscale

Host wendy-tailscale
HostName 1.1.1.1
User myname
IdentityFile ~/.ssh/keyfile
IdentitiesOnly yes

</pre>

==[[ Backup_script_on_mac_config_and_setup| Mac Setup]] - [[Bash| Bash menu]]-[[Main_Page| Home]]==
[[Category:Bash]]

Scripts to backup to synology without mounting drives

2026-04-24T19:02:12Z

Bacchas: /* Mac Setup Bash menu- Home */

<pre>
#!/bin/bash
# Use absolute paths for everything
RSYNC_BIN="/usr/bin/rsync"
MKDIR_BIN="/bin/mkdir"

fdate=`date -I`
fname="wendy_karaoke.txt"
LOG_FILE="$HOME/Desktop/cronlogfiles/logs/$fname"

# Create log directory if missing
mkdir -p "$HOME/Desktop/cronlogfiles/logs"

# Log Header
{
echo " "
echo "***********************************************************"
echo " "
echo "------ $(date) --------"
echo " "
} >> "$LOG_FILE"

# THE FIX:
# 1. Changed '-avi' to '-av' (Removes the cryptic >f+++++ codes, showing only filenames)
# 2. Added '--modify-window=1' (Ignores tiny timestamp differences common on external drives)
rsync -av --delete --modify-window=1 \
--omit-dir-times --no-perms --no-owner --no-group \
--exclude={'.DS_Store','Thumbs.db','*.tmp'} \
"/Volumes/owcv1/Karaoke/" \
"wendy:/volume1/Karaoke_All_folders/" \
>> "$LOG_FILE" 2>&1
</pre>

==[[ Backup_script_on_mac_config_and_setup| Mac Setup]] - [[Bash| Bash menu]]-[[Main_Page| Home]]==
[[Category:Bash]]

Setup Mac for ssh into synology

2026-04-24T19:01:12Z

Bacchas:

== Set up Password-less Login ==

'''For an unattended script, your Mac needs to log in without a password. Open Terminal on your Mac:'''
'''Generate a key:'''
ssh-keygen -t ed25519 (Press Enter through all prompts).
'''Copy it to the NAS:'''
ssh-copy-id -i ~/.ssh/id_ed25519.pub your_nas_user@100.x.y.z
'''Test it:'''
ssh your_nas_user@100.x.y.z. If you get in without a password, you’re ready.

== Fix Permissions on the Synology==
'''Log in to your NAS with your password one last time and run these commands to restrict access to your home folder: '''
'''Set Home Directory to 755: SSH requires that your home directory is not writable by others.'''
chmod 755 /volume1/homes/bacchas
'''Set .ssh Folder to 700: This folder must be readable only by you.'''
chmod 700 /volume1/homes/bacchas/.ssh
'''Set authorized_keys to 600: The key file must be strictly protected.'''
chmod 600 /volume1/homes/bacchas/.ssh/authorized_keys

== Verify "User Home Service" is Enabled ==
'''SSH keys won't work if the NAS isn't correctly mapping your home directory. '''
'''In DSM, go to Control Panel > User & Group > Advanced.'''
'''Scroll down to User Home and ensure Enable user home service is checked. '''

==Check Synology’s SSH Configuration ==
'''Sometimes PubkeyAuthentication is disabled in the system config. '''
'''On the NAS, edit the config file: '''
sudo vi /etc/ssh/sshd_config.
'''Find these lines and ensure they are uncommented (no # at the start):'''
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
'''If you made changes, restart the service in Control Panel > Terminal & SNMP by unchecking and re-checking the Enable SSH service box. '''

==Mac-Specific: Add Key to your SSH Agent==
'''On macOS, your terminal might not be "offering" the key automatically. Run this command on your Mac to manually add it to your current session:'''
ssh-add ~/.ssh/id_ed25519

==How to Troubleshoot==
'''If it still asks for a password, run the connection in "verbose" mode on your Mac:'''
ssh -vvv username@192.168.20.22
'''Look for a line that says "debug1: Next authentication method: publickey". If it says "Authentication refused: bad ownership or modes," it means the permission fix in Step 1 didn't stick or was applied to the wrong path. '''

==Restart the Service==
'''Changes to sshd_config do not take effect until the service restarts.'''
'''Command: sudo '''
synosystemctl restart sshd.
'''Alternative: Toggle "Enable SSH Service" off and back on in the DSM Control Panel. '''

=Create config file=
'''Create a config file in the ~/.ssh/config'''
''' This file contains the host name and the path to the ssh keys'''
<pre>
Host wendy
HostName 192.168.20.22
User myname
IdentityFile ~/.ssh/keyidfile
IdentitiesOnly yes

#for tailscale

Host wendy-tailscale
HostName 1.1.1.1
User myname
IdentityFile ~/.ssh/keyfile
IdentitiesOnly yes

</pre>

==[[ Backup_script_on_mac_config_and_setup| Mac Setup]] [[Bash| Bash menu]]-[[Main_Page| Home]]==
[[Category:Bash]]

Setup Mac for ssh into synology

2026-04-24T18:58:33Z

Bacchas:

== Set up Password-less Login ==

'''For an unattended script, your Mac needs to log in without a password. Open Terminal on your Mac:'''
'''Generate a key:'''
ssh-keygen -t ed25519 (Press Enter through all prompts).
'''Copy it to the NAS:'''
ssh-copy-id -i ~/.ssh/id_ed25519.pub your_nas_user@100.x.y.z
'''Test it:'''
ssh your_nas_user@100.x.y.z. If you get in without a password, you’re ready.

== Fix Permissions on the Synology==
'''Log in to your NAS with your password one last time and run these commands to restrict access to your home folder: '''
'''Set Home Directory to 755: SSH requires that your home directory is not writable by others.'''
chmod 755 /volume1/homes/bacchas
'''Set .ssh Folder to 700: This folder must be readable only by you.'''
chmod 700 /volume1/homes/bacchas/.ssh
'''Set authorized_keys to 600: The key file must be strictly protected.'''
chmod 600 /volume1/homes/bacchas/.ssh/authorized_keys

== Verify "User Home Service" is Enabled ==
'''SSH keys won't work if the NAS isn't correctly mapping your home directory. '''
'''In DSM, go to Control Panel > User & Group > Advanced.'''
'''Scroll down to User Home and ensure Enable user home service is checked. '''

==Check Synology’s SSH Configuration ==
'''Sometimes PubkeyAuthentication is disabled in the system config. '''
'''On the NAS, edit the config file: '''
sudo vi /etc/ssh/sshd_config.
'''Find these lines and ensure they are uncommented (no # at the start):'''
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
'''If you made changes, restart the service in Control Panel > Terminal & SNMP by unchecking and re-checking the Enable SSH service box. '''

==Mac-Specific: Add Key to your SSH Agent==
'''On macOS, your terminal might not be "offering" the key automatically. Run this command on your Mac to manually add it to your current session:'''
ssh-add ~/.ssh/id_ed25519

==How to Troubleshoot==
'''If it still asks for a password, run the connection in "verbose" mode on your Mac:'''
ssh -vvv username@192.168.20.22
'''Look for a line that says "debug1: Next authentication method: publickey". If it says "Authentication refused: bad ownership or modes," it means the permission fix in Step 1 didn't stick or was applied to the wrong path. '''

=Create config file=
'''Create a config file in the ~/.ssh/config'''
''' This file contains the host name and the path to the ssh keys'''
<pre>
Host wendy
HostName 192.168.20.22
User myname
IdentityFile ~/.ssh/keyidfile
IdentitiesOnly yes

#for tailscale

Host wendy-tailscale
HostName 1.1.1.1
User myname
IdentityFile ~/.ssh/keyfile
IdentitiesOnly yes

</pre>

==[[ Backup_script_on_mac_config_and_setup| Mac Setup]] [[Bash| Bash menu]]-[[Main_Page| Home]]==
[[Category:Bash]]

Setup Mac for ssh into synology

2026-04-24T18:54:30Z

Bacchas:

Setup Mac for ssh into synology

2026-04-24T18:52:52Z

Bacchas:

Scripts to backup to synology without mounting drives

2026-04-24T18:35:27Z

Bacchas:

<pre>
#!/bin/bash
# Use absolute paths for everything
RSYNC_BIN="/usr/bin/rsync"
MKDIR_BIN="/bin/mkdir"

fdate=`date -I`
fname="wendy_karaoke.txt"
LOG_FILE="$HOME/Desktop/cronlogfiles/logs/$fname"

# Create log directory if missing
mkdir -p "$HOME/Desktop/cronlogfiles/logs"

# Log Header
{
echo " "
echo "***********************************************************"
echo " "
echo "------ $(date) --------"
echo " "
} >> "$LOG_FILE"

# THE FIX:
# 1. Changed '-avi' to '-av' (Removes the cryptic >f+++++ codes, showing only filenames)
# 2. Added '--modify-window=1' (Ignores tiny timestamp differences common on external drives)
rsync -av --delete --modify-window=1 \
--omit-dir-times --no-perms --no-owner --no-group \
--exclude={'.DS_Store','Thumbs.db','*.tmp'} \
"/Volumes/owcv1/Karaoke/" \
"wendy:/volume1/Karaoke_All_folders/" \
>> "$LOG_FILE" 2>&1
</pre>

==[[ Backup_script_on_mac_config_and_setup| Mac Setup]] [[Bash| Bash menu]]-[[Main_Page| Home]]==
[[Category:Bash]]

Setup Mac for ssh into synology

2026-04-24T18:35:09Z

Bacchas:

=Create config file=
'''Create a config file in the ~/.ssh/config'''
''' This file contains the host name and the path to the ssh keys'''
<pre>
Host wendy
HostName 192.168.20.22
User myname
IdentityFile ~/.ssh/keyidfile
IdentitiesOnly yes

#for tailscale

Host wendy-tailscale
HostName 1.1.1.1
User myname
IdentityFile ~/.ssh/keyfile
IdentitiesOnly yes

</pre>

==[[ Backup_script_on_mac_config_and_setup| Mac Setup]] [[Bash| Bash menu]]-[[Main_Page| Home]]==
[[Category:Bash]]

Setup Mac for ssh into synology

2026-04-24T17:56:52Z

Bacchas: Created page with "=Create config file= '''Create a config file in the ~/.ssh/config''' ''' This file contains the host name and the path to the ssh keys''' <pre> Host wendy HostName 192.168.20.22 User myname IdentityFile ~/.ssh/keyidfile IdentitiesOnly yes #for tailscale Host wendy-tailscale HostName 1.1.1.1 User myname IdentityFile ~/.ssh/keyfile IdentitiesOnly yes </pre>"

Scripts to backup to synology without mounting drives

2026-04-24T17:51:55Z

Bacchas: Created page with "<pre> #!/bin/bash # Use absolute paths for everything RSYNC_BIN="/usr/bin/rsync" MKDIR_BIN="/bin/mkdir" fdate=`date -I` fname="wendy_karaoke.txt" LOG_FILE="$HOME/Desktop/cronlogfiles/logs/$fname" # Create log directory if missing mkdir -p "$HOME/Desktop/cronlogfiles/logs" # Log Header { echo " " echo "***********************************************************" echo " " echo "------ $(date) --------" echo " " } >> "$LOG_FILE" # THE FIX: # 1. Changed '-avi'..."

Backup script on mac config and setup

2026-04-24T17:50:28Z

Bacchas: Created page with "= Setup Mac for ssh into synology = =Scripts to backup to synology without mounting drives="

=[[ Setup Mac for ssh into synology ]]=
=[[Scripts to backup to synology without mounting drives]]=

Bash

2026-04-24T17:47:30Z

Bacchas:

== [[backup script on mac config and setup ]] ==
==[[Scripts used on Servers]]==
==[[Useful bash commands]]==
==[[Tmux]]==

== Useful Command Line Utilities ==
* [[RMLINT | RMLINT - Duplicate Finding cmd Tool]]
* [[RCLONE | Rclone syncs your files to cloud storage ]]
* [[NCDU | Ncdu Ncdu is a disk usage analyzer]]
* [[BTOP]]
* [[NTFY]]

==[[Image Scripts]]==
==[[Script Course]]==
==[[Centos OS | More Scripting]]==
==[[Sample Scripts]]==
==[[File Commands]]==
===[[Ubuntu File System Commands]]===
* find, copy, replace, rename
==[[AWK Command]]==
==[[Text File Commands]]==
* find and replace text in bulk
==[[BSD MAILX]]==
==[[Shell Scripting]]==

PYTHONAPP

2026-04-23T14:49:49Z

Bacchas:

=Karaoke app Deployment=
== Prerequisite Check ==
# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot
# if certbot isn't installed
sudo apt update
sudo apt install certbot python3-certbot-apache -y

# Install Python venv if needed:
sudo apt install python3-venv python3-pip -y

== Create the App Directory ==
sudo mkdir -p /var/www/html/myapp
cd /var/www/html/myapp

== Upload App Files ==
# Upload the .env file (hidden, so it won't be picked up by scp -r)
'''If you don't see .env in Finder, press Cmd+Shift+. to toggle hidden files.'''

== Set up the Python Environment ==

cd /var/www/html/myapp
python3 -m venv venv
source venv/bin/activate
pip install flask pymysql cryptography gunicorn DBUtils
deactivate

'''The cryptography package is required for MySQL caching_sha2_password auth.'''

== Configure the Database ==
'''Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the dbasename database. If not, in phpMyAdmin run:'''

GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost';
FLUSH PRIVILEGES;
'''Verify your .env file on the server has the correct values:'''

cat /var/www/html/myapp/.env

''' It should contain '''
DB_HOST=localhost
DB_USER=YourUser
DB_PASS=YourPassword
DB_NAME=dbasename
SECRET_KEY=some-random-string
HOST_NAME= name for the host side
PORT=3001
'''Important: Use a different port from any other apps you have running. I'm using 3001 here — pick whatever's free.'''

==Test App Manually==
cd /var/www/html/myapp
source venv/bin/activate
python3 app.py

'''You should see "Karaoke app running on http://localhost:3001". In another SSH window test'''
sudo nano /etc/systemd/system/myapp.service

== Create the systemd Service ==
'''Paste '''
[Unit]
Description=My App mydir (Gunicorn)
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/var/www/html/myapp
Environment="PATH=/var/www/html/myapp/venv/bin"
ExecStart=/var/www/html/myapp/venv/bin/gunicorn --workers 3 --bind 127.0.0.1:3001 app:app
Restart=always

[Install]
WantedBy=multi-user.target

'''Save (Ctrl+O, Enter, Ctrl+X).'''

'''Set permissions:'''
sudo chown -R www-data:www-data /var/www/html/myapp

'''Enable and start '''
sudo systemctl daemon-reload
sudo systemctl enable myapp
sudo systemctl start myapp
sudo systemctl status myapp

'''You should see active (running). If not:'''
sudo journalctl -u myapp -n 50

== Configure Apache Reverse Proxy==
'''Enable required modules (only needed once on the server):'''
sudo a2enmod proxy proxy_http ssl rewrite headers

'''Create the HTTP vhost (which certbot will upgrade later):'''

sudo nano /etc/apache2/sites-available/mydomain.conf

'''Paste — replace yourdomain.com with your actual domain''
<pre>
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

ErrorLog ${APACHE_LOG_DIR}/mydomain-error.log
CustomLog ${APACHE_LOG_DIR}/mydomain-access.log combined
</VirtualHost>
</pre>

'''Enable and reload'''
sudo a2ensite mydomain.conf
sudo apache2ctl configtest
sudo systemctl reload apache2

Test in your browser: http://yourdomain.com — you should see the login page.

== Enable HTTPS with Certbot==
'''Make sure your domain's DNS A record points to your server IP first.'''

'''Run certbot:'''
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

'''Choose 2 (Redirect) when asked, so HTTP automatically redirects to HTTPS.'''

'''Certbot will create /etc/apache2/sites-available/rb222-le-ssl.conf and enable it.'''
sudo apache2ctl configtest
sudo systemctl reload apache2

'''Visit https://yourdomain.com — you should see the lock icon and the app.'''

'''If certbot fails to auto-configure (it sometimes does), create the SSL vhost manually:'''

sudo nano /etc/apache2/sites-available/mydomain-le-ssl.conf

<pre>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

ErrorLog ${APACHE_LOG_DIR}/rb222-ssl-error.log
CustomLog ${APACHE_LOG_DIR}/rb222-ssl-access.log combined
</VirtualHost>
</IfModule>
</pre>
'''then'''
sudo a2ensite mydomain-le-ssl.conf
sudo systemctl reload apache2

'''Cert auto-renewal is already enabled by certbot's systemd timer — verify with'''
sudo systemctl list-timers | grep certbot

=Database Optimization=
<pre>
CREATE INDEX idx_songs_title ON songs(Title(100));
CREATE INDEX idx_songs_artists ON songs(Artists(100));
CREATE INDEX idx_favorite_name ON Favorite(Name(80), Tag(20));
CREATE INDEX idx_queue_status ON queue(Status(20));
CREATE INDEX idx_queue_timestamp ON queue(TimeStamp(20));
CREATE INDEX idx_archive_name ON Archive_Singers(Name(80));
</pre>
= How to find out the service name of the app=
'''This is the service that starts the app, this will list all running services'''
<pre>
# "What services exist on this box?"
systemctl list-unit-files --type=service --state=enabled

# "Which one is MY app?"
sudo grep -l "/var/www/html/<dirname>" /etc/systemd/system/*.service

# "Which service owns port X?"
sudo lsof -i :3000 -P -n # gets PID
ps -o unit= -p <PID> # gets service name
</pre>

PYTHONAPP

2026-04-21T20:25:32Z

Bacchas: /* Test App Manually */

PYTHONAPP

2026-04-21T20:25:04Z

Bacchas: /* Configure the Database */

=Karaoke app Deployment=
== Prerequisite Check ==
# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot
# if certbot isn't installed
sudo apt update
sudo apt install certbot python3-certbot-apache -y

# Install Python venv if needed:
sudo apt install python3-venv python3-pip -y

== Create the App Directory ==
sudo mkdir -p /var/www/html/myapp
cd /var/www/html/myapp

== Upload App Files ==
# Upload the .env file (hidden, so it won't be picked up by scp -r)
'''If you don't see .env in Finder, press Cmd+Shift+. to toggle hidden files.'''

== Set up the Python Environment ==

cd /var/www/html/myapp
python3 -m venv venv
source venv/bin/activate
pip install flask pymysql cryptography gunicorn DBUtils
deactivate

'''The cryptography package is required for MySQL caching_sha2_password auth.'''

== Configure the Database ==
'''Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the dbasename database. If not, in phpMyAdmin run:'''

GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost';
FLUSH PRIVILEGES;
'''Verify your .env file on the server has the correct values:'''

cat /var/www/html/myapp/.env

''' It should contain '''
DB_HOST=localhost
DB_USER=YourUser
DB_PASS=YourPassword
DB_NAME=dbasename
SECRET_KEY=some-random-string
HOST_NAME= name for the host side
PORT=3001
'''Important: Use a different port from any other apps you have running. I'm using 3001 here — pick whatever's free.'''

==Test App Manually==
cd /var/www/html/myapp
source venv/bin/activate
python3 app.py

'''You should see "Karaoke app running on http://localhost:3001". In another SSH window test'''
sudo nano /etc/systemd/system/rb222.service

== Create the systemd Service ==
'''Paste '''
[Unit]
Description=My App mydir (Gunicorn)
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/var/www/html/myapp
Environment="PATH=/var/www/html/myapp/venv/bin"
ExecStart=/var/www/html/myapp/venv/bin/gunicorn --workers 3 --bind 127.0.0.1:3001 app:app
Restart=always

[Install]
WantedBy=multi-user.target

'''Save (Ctrl+O, Enter, Ctrl+X).'''

'''Set permissions:'''
sudo chown -R www-data:www-data /var/www/html/myapp

'''Enable and start '''
sudo systemctl daemon-reload
sudo systemctl enable myapp
sudo systemctl start myapp
sudo systemctl status myapp

'''You should see active (running). If not:'''
sudo journalctl -u myapp -n 50

== Configure Apache Reverse Proxy==
'''Enable required modules (only needed once on the server):'''
sudo a2enmod proxy proxy_http ssl rewrite headers

'''Create the HTTP vhost (which certbot will upgrade later):'''

sudo nano /etc/apache2/sites-available/mydomain.conf

'''Paste — replace yourdomain.com with your actual domain''
<pre>
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

ErrorLog ${APACHE_LOG_DIR}/mydomain-error.log
CustomLog ${APACHE_LOG_DIR}/mydomain-access.log combined
</VirtualHost>
</pre>

'''Enable and reload'''
sudo a2ensite mydomain.conf
sudo apache2ctl configtest
sudo systemctl reload apache2

Test in your browser: http://yourdomain.com — you should see the login page.

== Enable HTTPS with Certbot==
'''Make sure your domain's DNS A record points to your server IP first.'''

'''Run certbot:'''
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

'''Choose 2 (Redirect) when asked, so HTTP automatically redirects to HTTPS.'''

'''Certbot will create /etc/apache2/sites-available/rb222-le-ssl.conf and enable it.'''
sudo apache2ctl configtest
sudo systemctl reload apache2

'''Visit https://yourdomain.com — you should see the lock icon and the app.'''

'''If certbot fails to auto-configure (it sometimes does), create the SSL vhost manually:'''

sudo nano /etc/apache2/sites-available/mydomain-le-ssl.conf

<pre>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

ErrorLog ${APACHE_LOG_DIR}/rb222-ssl-error.log
CustomLog ${APACHE_LOG_DIR}/rb222-ssl-access.log combined
</VirtualHost>
</IfModule>
</pre>
'''then'''
sudo a2ensite mydomain-le-ssl.conf
sudo systemctl reload apache2

'''Cert auto-renewal is already enabled by certbot's systemd timer — verify with'''
sudo systemctl list-timers | grep certbot

=Database Optimization=
<pre>
CREATE INDEX idx_songs_title ON songs(Title(100));
CREATE INDEX idx_songs_artists ON songs(Artists(100));
CREATE INDEX idx_favorite_name ON Favorite(Name(80), Tag(20));
CREATE INDEX idx_queue_status ON queue(Status(20));
CREATE INDEX idx_queue_timestamp ON queue(TimeStamp(20));
CREATE INDEX idx_archive_name ON Archive_Singers(Name(80));
</pre>

PYTHONAPP

2026-04-21T17:40:20Z

Bacchas:

=Karaoke app Deployment=
== Prerequisite Check ==
# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot
# if certbot isn't installed
sudo apt update
sudo apt install certbot python3-certbot-apache -y

# Install Python venv if needed:
sudo apt install python3-venv python3-pip -y

== Create the App Directory ==
sudo mkdir -p /var/www/html/myapp
cd /var/www/html/myapp

== Upload App Files ==
# Upload the .env file (hidden, so it won't be picked up by scp -r)
'''If you don't see .env in Finder, press Cmd+Shift+. to toggle hidden files.'''

== Set up the Python Environment ==

cd /var/www/html/myapp
python3 -m venv venv
source venv/bin/activate
pip install flask pymysql cryptography gunicorn DBUtils
deactivate

'''The cryptography package is required for MySQL caching_sha2_password auth.'''

== Configure the Database ==
'''Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the karaoke database. If not, in phpMyAdmin run:'''

GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost';
FLUSH PRIVILEGES;
'''Verify your .env file on the server has the correct values:'''

cat /var/www/html/rb222/.env

''' It should contain '''
DB_HOST=localhost
DB_USER=YourUser
DB_PASS=YourPassword
DB_NAME=dbasename
SECRET_KEY=some-random-string
HOST_NAME= name for the host side
PORT=3001
'''Important: Use a different port from any other apps you have running. I'm using 3001 here — pick whatever's free.'''

==Test App Manually==
cd /var/www/html/myapp
source venv/bin/activate
python3 app.py

'''You should see "Karaoke app running on http://localhost:3001". In another SSH window test'''
sudo nano /etc/systemd/system/rb222.service

== Create the systemd Service ==
'''Paste '''
[Unit]
Description=My App mydir (Gunicorn)
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/var/www/html/myapp
Environment="PATH=/var/www/html/myapp/venv/bin"
ExecStart=/var/www/html/myapp/venv/bin/gunicorn --workers 3 --bind 127.0.0.1:3001 app:app
Restart=always

[Install]
WantedBy=multi-user.target

'''Save (Ctrl+O, Enter, Ctrl+X).'''

'''Set permissions:'''
sudo chown -R www-data:www-data /var/www/html/myapp

'''Enable and start '''
sudo systemctl daemon-reload
sudo systemctl enable myapp
sudo systemctl start myapp
sudo systemctl status myapp

'''You should see active (running). If not:'''
sudo journalctl -u myapp -n 50

== Configure Apache Reverse Proxy==
'''Enable required modules (only needed once on the server):'''
sudo a2enmod proxy proxy_http ssl rewrite headers

'''Create the HTTP vhost (which certbot will upgrade later):'''

sudo nano /etc/apache2/sites-available/mydomain.conf

'''Paste — replace yourdomain.com with your actual domain''
<pre>
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

ErrorLog ${APACHE_LOG_DIR}/mydomain-error.log
CustomLog ${APACHE_LOG_DIR}/mydomain-access.log combined
</VirtualHost>
</pre>

'''Enable and reload'''
sudo a2ensite mydomain.conf
sudo apache2ctl configtest
sudo systemctl reload apache2

Test in your browser: http://yourdomain.com — you should see the login page.

== Enable HTTPS with Certbot==
'''Make sure your domain's DNS A record points to your server IP first.'''

'''Run certbot:'''
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

'''Choose 2 (Redirect) when asked, so HTTP automatically redirects to HTTPS.'''

'''Certbot will create /etc/apache2/sites-available/rb222-le-ssl.conf and enable it.'''
sudo apache2ctl configtest
sudo systemctl reload apache2

'''Visit https://yourdomain.com — you should see the lock icon and the app.'''

'''If certbot fails to auto-configure (it sometimes does), create the SSL vhost manually:'''

sudo nano /etc/apache2/sites-available/mydomain-le-ssl.conf

<pre>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

ErrorLog ${APACHE_LOG_DIR}/rb222-ssl-error.log
CustomLog ${APACHE_LOG_DIR}/rb222-ssl-access.log combined
</VirtualHost>
</IfModule>
</pre>
'''then'''
sudo a2ensite mydomain-le-ssl.conf
sudo systemctl reload apache2

'''Cert auto-renewal is already enabled by certbot's systemd timer — verify with'''
sudo systemctl list-timers | grep certbot

=Database Optimization=
<pre>
CREATE INDEX idx_songs_title ON songs(Title(100));
CREATE INDEX idx_songs_artists ON songs(Artists(100));
CREATE INDEX idx_favorite_name ON Favorite(Name(80), Tag(20));
CREATE INDEX idx_queue_status ON queue(Status(20));
CREATE INDEX idx_queue_timestamp ON queue(TimeStamp(20));
CREATE INDEX idx_archive_name ON Archive_Singers(Name(80));
</pre>

PYTHONAPP

2026-04-21T17:37:50Z

Bacchas:

=Karaoke app Deployment=
== Prerequisite Check ==
# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot
# if certbot isn't installed
sudo apt update
sudo apt install certbot python3-certbot-apache -y

# Install Python venv if needed:
sudo apt install python3-venv python3-pip -y

== Create the App Directory ==
sudo mkdir -p /var/www/html/myapp
cd /var/www/html/myapp

== Upload App Files ==
# Upload the .env file (hidden, so it won't be picked up by scp -r)
'''If you don't see .env in Finder, press Cmd+Shift+. to toggle hidden files.'''

== Set up the Python Environment ==

cd /var/www/html/myapp
python3 -m venv venv
source venv/bin/activate
pip install flask pymysql cryptography gunicorn DBUtils
deactivate

'''The cryptography package is required for MySQL caching_sha2_password auth.'''

== Configure the Database ==
'''Open phpMyAdmin in your browser. Make sure the user in your .env file has privileges on the karaoke database. If not, in phpMyAdmin run:'''

GRANT ALL PRIVILEGES ON dbasename.* TO 'YourUser'@'localhost';
FLUSH PRIVILEGES;
'''Verify your .env file on the server has the correct values:'''

cat /var/www/html/rb222/.env

''' It should contain '''
DB_HOST=localhost
DB_USER=YourUser
DB_PASS=YourPassword
DB_NAME=dbasename
SECRET_KEY=some-random-string
HOST_NAME= name for the host side
PORT=3001
'''Important: Use a different port from any other apps you have running. I'm using 3001 here — pick whatever's free.'''

==Test App Manually==
cd /var/www/html/myapp
source venv/bin/activate
python3 app.py

'''You should see "Karaoke app running on http://localhost:3001". In another SSH window test'''
sudo nano /etc/systemd/system/rb222.service

== Create the systemd Service ==
'''Paste '''
[Unit]
Description=My App mydir (Gunicorn)
After=network.target

[Service]
User=www-data
Group=www-data
WorkingDirectory=/var/www/html/myapp
Environment="PATH=/var/www/html/myapp/venv/bin"
ExecStart=/var/www/html/myapp/venv/bin/gunicorn --workers 3 --bind 127.0.0.1:3001 app:app
Restart=always

[Install]
WantedBy=multi-user.target

'''Save (Ctrl+O, Enter, Ctrl+X).'''

'''Set permissions:'''
sudo chown -R www-data:www-data /var/www/html/myapp

'''Enable and start '''
sudo systemctl daemon-reload
sudo systemctl enable myapp
sudo systemctl start myapp
sudo systemctl status myapp

'''You should see active (running). If not:'''
sudo journalctl -u myapp -n 50

== Configure Apache Reverse Proxy==
'''Enable required modules (only needed once on the server):'''
sudo a2enmod proxy proxy_http ssl rewrite headers

'''Create the HTTP vhost (which certbot will upgrade later):'''

sudo nano /etc/apache2/sites-available/mydomain.conf

'''Paste — replace yourdomain.com with your actual domain''
<pre>
<VirtualHost *:80>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

ErrorLog ${APACHE_LOG_DIR}/mydomain-error.log
CustomLog ${APACHE_LOG_DIR}/mydomain-access.log combined
</VirtualHost>
</pre>

'''Enable and reload'''
sudo a2ensite mydomain.conf
sudo apache2ctl configtest
sudo systemctl reload apache2

Test in your browser: http://yourdomain.com — you should see the login page.

== Enable HTTPS with Certbot==
'''Make sure your domain's DNS A record points to your server IP first.'''

'''Run certbot:'''
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

'''Choose 2 (Redirect) when asked, so HTTP automatically redirects to HTTPS.'''

'''Certbot will create /etc/apache2/sites-available/rb222-le-ssl.conf and enable it.'''
sudo apache2ctl configtest
sudo systemctl reload apache2

'''Visit https://yourdomain.com — you should see the lock icon and the app.'''

'''If certbot fails to auto-configure (it sometimes does), create the SSL vhost manually:'''

sudo nano /etc/apache2/sites-available/mydomain-le-ssl.conf

<pre>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName yourdomain.com
ServerAlias www.yourdomain.com

ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3001/
ProxyPassReverse / http://127.0.0.1:3001/

SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf

ErrorLog ${APACHE_LOG_DIR}/rb222-ssl-error.log
CustomLog ${APACHE_LOG_DIR}/rb222-ssl-access.log combined
</VirtualHost>
</IfModule>
</pre>
'''then'''
sudo a2ensite mydomain-le-ssl.conf
sudo systemctl reload apache2

'''Cert auto-renewal is already enabled by certbot's systemd timer — verify with'''
sudo systemctl list-timers | grep certbot

PYTHONAPP

2026-04-21T17:30:26Z

Bacchas:

PYTHONAPP

2026-04-21T17:22:02Z

Bacchas:

PYTHONAPP

2026-04-21T17:19:38Z

Bacchas:

PYTHONAPP

2026-04-21T17:15:49Z

Bacchas:

PYTHONAPP

2026-04-21T17:08:24Z

Bacchas:

PYTHONAPP

2026-04-21T17:06:41Z

Bacchas:

PYTHONAPP

2026-04-21T17:06:15Z

Bacchas:

=Karaoke app Deployment=
== 1 Prerequisite Check ==
# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot
# if certbot isn't installed
sudo apt update
sudo apt install certbot python3-certbot-apache -y

# Install Python venv if needed:
sudo apt install python3-venv python3-pip -y

== 2 Create the App Directory ==
sudo mkdir -p /var/www/html/myapp
cd /var/www/html/myapp

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T17:02:55Z

Bacchas:

PYTHONAPP

2026-04-21T17:02:42Z

Bacchas:

==Karaoke app Deployment==
== 1 Prerequisite Check ==
# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot
# if certbot isn't installed
sudo apt update
sudo apt install certbot python3-certbot-apache -y

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T17:01:15Z

Bacchas:

==Karaoke app Deployment==

# ssh into the server
# verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T17:00:58Z

Bacchas:

==Karaoke app Deployment==

* ssh into the server
* verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T17:00:45Z

Bacchas:

==Karaoke app Deployment==

1. ssh into the server
2. verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T17:00:36Z

Bacchas:

==Karaoke app Deployment==

1. ssh into the server'
2. verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T17:00:14Z

Bacchas:

==Karaoke app Deployment==

'ssh into the server'
1. verify what is installed
apache2 -v
python3 --version
mysql --version
which certbot

pip install flask pymysql cryptography gunicorn DBUtils

PYTHONAPP

2026-04-21T16:58:41Z

Bacchas: Created page with " pip install flask pymysql cryptography gunicorn DBUtils"

pip install flask pymysql cryptography gunicorn DBUtils

Main Page

2026-04-21T16:37:52Z

Bacchas:

==[[APPSHEET]]==
==[[PYTHONAPP]]==
== [[AWS|Amazon Cloud Service]] ==
== [[Bash]] ==
== [[Bluhost]] ==
==[[Centos OS]] ==

== [[Docker]]==
== [[Github]]==
==[[Google Sheets]]==
== [[Hacking|Hacking And Security ]] ==
==[[Hardware]]==
==[[IOS Apps]]==
==[[JavaScript]]==
==[[Linode]]==
==[[Login and reset Forget Password]]==
== [[Math]] ==
== [[Mac]] ==
== [[Mysql]] ==
== [[Networking]] ==
== [[Open Source Software]] ==
== [[Oracle SQL]] ==
== [[Programming]] ==
== [[Problem Solution]] ==
== [[Software Tips]] ==
==[[Tailscale]]==
== [[Utilities]] ==
== [[Ubuntu Tips]] ==

== [[Web Links]] ==
== [[Windows]] ==
==[[Virtualization]]==

Python Environment Setup

2026-01-05T16:52:10Z

Bacchas:

==Create the Environment with a Unique Name==
*Instead of the generic .venv, give your Windows environment a name that clearly identifies it. In your project's root terminal, run:
python -m venv .venv_pc
*This creates a new folder named <code>.venv_pc </code>in your project. Your existing Mac folder <code>(e.g., .venv or .venv_mac) </code>will remain completely untouched.
==Set VS Code to Use the New PC Environment==
* You must tell VS Code on your PC to use this specific folder instead of the one from your Mac:
**Press<code> Ctrl + Shift + P</code> to open the Command Palette.
*Type and select Python: Select Interpreter.
*Choose the one that points to your new folder: <code>('.venv_pc': venv).</code>
*If it doesn't appear, select Enter interpreter path... and browse to .venv_pc\Scripts\python.exe.
= Sync Libraries via requirements.txt =
*Since you have a new, empty environment, you need to install your project's dependencies:
* On your Mac (before switching): <code>Run pip freeze > requirements.txt</code> to save a list of your current libraries.
* On your PC: Activate the new environment with <code>.venv_pc\Scripts\activate </code> and then run
pip install -r requirements.txt.
= Prevent Future Sync Issues =
*To ensure your Mac environment doesn't accidentally get messed up by your PC (or vice versa), add both environment names to your project's <code>.gitignore</code> file:
<pre>
.venv/
.venv_pc/
.venv_mac/

</pre>

Python Environment Setup

2026-01-05T16:50:34Z

Bacchas:

Python Environment Setup

2026-01-05T16:21:28Z

Bacchas:

Python Environment Setup

2026-01-05T16:20:59Z

Bacchas:

Python Environment Setup

2026-01-05T16:20:28Z

Bacchas:

Python Environment Setup

2026-01-05T16:18:39Z

Bacchas:

Python Environment Setup

2026-01-05T16:18:04Z

Bacchas:

Python Environment Setup

2026-01-05T16:03:12Z

Bacchas:

Python Environment Setup

2026-01-05T15:47:35Z

Bacchas: Created page with "==Create the Environment with a Unique Name== *Instead of the generic .venv, give your Windows environment a name that clearly identifies it. In your project's root terminal, run: python -m venv .venv_pc *This creates a new folder named .venv_pc in your project. Your existing Mac folder (e.g., .venv or .venv_mac) will remain completely untouched."

Python

2026-01-05T15:46:10Z

Bacchas:

=[[Python Environment Setup]]=
=[[Convert .Py to .exe]]=
=[[Fix Python Errors]]=
=[[Python Software installation]]=
=[[Object and Data Structure Basics]]=
=[[Perform IO with Text Files]]=
=[[Control Flow, if statements etc..]]=
=[[Python Problems and Solutions]]=
=[[Python Functions]]=
=[[Python Web Scraping]]=
=[[Python Data Mining]]=
=[[Coursera Google Python Automation Course]]=
=[[Python Excel Related]]=
=[[Python Copying File and Directories ]]=

Python

2026-01-05T15:45:57Z

Bacchas:

=[[Python Environment Setup]]==
=[[Convert .Py to .exe]]=
=[[Fix Python Errors]]=
=[[Python Software installation]]=
=[[Object and Data Structure Basics]]=
=[[Perform IO with Text Files]]=
=[[Control Flow, if statements etc..]]=
=[[Python Problems and Solutions]]=
=[[Python Functions]]=
=[[Python Web Scraping]]=
=[[Python Data Mining]]=
=[[Coursera Google Python Automation Course]]=
=[[Python Excel Related]]=
=[[Python Copying File and Directories ]]=

.PS1 To .exe

2025-12-02T19:06:36Z

Bacchas:

==Converting a PowerShell script (.ps1) to an executable (.exe) can be achieved using tools like PS2EXE or IExpress.==
Install-Module -Name PS2EXE
*Convert the script: Use the Invoke-PS2EXE command, specifying the source .ps1 file and the desired output .exe file path. For example:
Invoke-PS2EXE -File C:\Path\To\YourScript.ps1 -OutputFile C:\Path\To\YourExecutable.exe
*You can also include parameters like -NoConsole to prevent a PowerShell console from appearing when the .exe is run, or -IconFile to specify a custom icon.

.PS1 To .exe

2025-12-02T19:05:11Z

Bacchas: Created page with "==Converting a PowerShell script (.ps1) to an executable (.exe) can be achieved using tools like PS2EXE or IExpress.=="

==Converting a PowerShell script (.ps1) to an executable (.exe) can be achieved using tools like PS2EXE or IExpress.==

PowerShell

2025-12-02T19:04:57Z

Bacchas:

==[[.PS1 To .exe]]==
==[[Powershell Fundamentals]]==
==[[Useful PowerShell Commands]]==
==[[POWERSHELL FILEBASED OPERATIONS]]==
==[[Powershell Network Commands]]==
==[[PowerShell Comparison Operators]]==

Convert .Py to .exe

2025-12-02T16:50:02Z

Bacchas:

<h2> Converting a Python script (.py) to an executable (.exe) file for Windows can be achieved using tools like PyInstaller</h2>

'''Using PyInstaller (Command Line):''' <br />
'''Install PyInstaller: Open your command prompt or terminal and execute:'''
pip install pyinstaller
* Navigate to your script's directory: Use the cd command to change the directory to where your Python script is located. For example
cd C:\Users\YourUser\Documents\PythonProjects
* Run PyInstaller: Execute the following command, replacing your_script_name.py with the actual name of your Python file:
pyinstaller your_script_name.py
*To create a single executable file (instead of a directory with dependencies), add the --onefile flag:
pyinstaller --onefile your_script_name.py

*pyinstaller --onefile your_script_name.py

Convert .Py to .exe

2025-12-02T16:48:13Z

Bacchas:

Convert .Py to .exe

2025-12-02T16:47:52Z

Bacchas: