In this post, I’ll walk you through installing mkcert on macOS, generating certificates for localhost, and explain why organizing them in the mkcert directory matters.

🚀 Installing mkcert on macOS

mkcert is lightweight and easy to set up. Here’s how:

1. Install Homebrew (if you don’t already have it):

   /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
   

2. Install mkcert and nss (needed for Firefox trust store):

   brew install mkcert
   brew install nss
   

3. Create and install a local CA (Certificate Authority):

   mkcert -install
   

   This step generates a root CA and adds it to your system and browser trust stores. You’ll see files like rootCA.pem and rootCA-key.pem stored in:

   ~/Library/Application Support/mkcert/
   

🛠 Generating a Localhost Certificate

Once mkcert is installed, creating a certificate for localhost is straightforward:

mkcert localhost

Output:

Created a new certificate valid for the following names 📜
 - "localhost"

The certificate is at "./localhost.pem" and the key at "./localhost-key.pem" ✅
It will expire on 25 May 2028 🗓

You now have two files:

• localhost.pem → the certificate

• localhost-key.pem → the private key

📂 Organizing Certificates

To keep things tidy and ensure recognition by browsers, move your generated files into mkcert’s support directory:

mv localhost.pem ~/Library/Application\ Support/mkcert/
mv localhost-key.pem ~/Library/Application\ Support/mkcert/

Now your certificates live alongside the root CA:

~/Library/Application Support/mkcert/
├── rootCA.pem
├── rootCA-key.pem
├── localhost.pem
└── localhost-key.pem

🔎 Why move them here?

Browsers trust certificates signed by mkcert’s root CA only if they’re managed within mkcert’s directory structure. By placing your localhost.pem and localhost-key.pem inside ~/Library/Application Support/mkcert/, you ensure that mkcert’s trust chain is consistent and browsers recognize the certificates as valid. This avoids the dreaded “Not Secure” warnings and makes your local HTTPS environment behave like production.

🌐 Using Certificates in Development

Point your local server (e.g., Nginx, Apache, Laravel Valet, or Node.js HTTPS server) to these files:

• Certificate: ~/Library/Application Support/mkcert/localhost.pem

• Key: ~/Library/Application Support/mkcert/localhost-key.pem

Once configured, you can access your app securely via https://localhost.

✅ Conclusion

mkcert makes HTTPS development painless. With just a few commands, you can generate trusted certificates, organize them neatly in the mkcert directory, and run your local projects over HTTPS—mirroring production environments more closely.

This setup ensures:

• No browser warnings 🚫

• Secure API testing 🔐

• A smoother developer experience ⚡

For developers and testers, this slows down iteration when styling or debugging the success page. Fortunately, there’s a simple tweak you can apply to make testing much easier.

Why Magento Clears the Quote?

Magento’s checkout flow is designed to ensure that once an order is completed:

• The quote session is cleared ($session->clearQuote()).

• Customers don’t accidentally re-submit the same order.

• The cart resets for a fresh shopping experience.

This is great for production, but not so convenient when you’re working on the success page design or functionality.

The Quick Solution

To bypass this, you can temporarily comment out the line that clears the quote in the Success controller.

File Location

bash

vendor/magento/module-checkout/Controller/Onepage/Success.php

Code Adjustment

Find the following line inside the execute() method:

php

$session->clearQuote();

Comment it out:

php

// $session->clearQuote();

What This Does

By commenting out this line:

• The quote session remains intact after checkout.

• You can revisit the success page multiple times without placing new orders.

• It allows faster iteration when testing layout, custom blocks, or tracking scripts.

How to Access the Success Page

Once the quote isn’t cleared, you can directly access the success page by visiting:

Code

https://yourdomain.com/checkout/onepage/success/

This will display the last order’s success details without requiring a fresh checkout.

Important Notes

• Do not keep this change in production. Clearing the quote is essential for preventing duplicate orders and ensuring a clean cart experience.

• Treat this as a temporary development tweak only.

• Once you’re done testing, restore the original line:

  php

    $session->clearQuote();
  

Conclusion

This small adjustment can save you significant time when working on Magento 2’s checkout success page. Instead of repeatedly placing test orders, you can comment out $session->clearQuote() and freely reload the success page until your design or functionality is perfected.

Would you like me to also add a step-by-step guide with screenshots (e.g., file path navigation, code snippet before/after) so your blog post feels more visual and beginner-friendly, or keep it concise and developer-focused?

Here’s how to use it safely and effectively.

🧰 Prerequisites

• Magento 2 Commerce installed (any version ≥ 2.3)

• Composer installed and configured

• Git version control (strongly recommended)

• Full backup of your codebase and database

🚀 Step-by-Step Downgrade

1. Clone the downgrade tool

bash

git clone https://github.com/opengento/magento2-downgrade-ee-ce.git
cd magento2-downgrade-ee-ce

2. Copy the sample script

bash

cp downgrade.sample downgrade.sh
chmod +x downgrade.sh

3. Update downgrade.sh

Edit the script to include SQL cleanup after the downgrade logic. Example addition at the end:

bash

# Apply SQL cleanup patches
mysql magento_db < ./scripts/attributes.sql
mysql magento_db < ./scripts/ee.sql
mysql magento_db < ./scripts/cms.sql
mysql magento_db < ./scripts/catalogrule.sql
mysql magento_db < ./scripts/salesrule.sql
mysql magento_db < ./scripts/category.sql
mysql magento_db < ./scripts/product.sql
mysql magento_db < ./scripts/cataloginventory.sql
mysql magento_db < ./scripts/customer.sql
mysql magento_db < ./scripts/quote.sql
mysql magento_db < ./scripts/sales.sql
mysql magento_db < ./scripts/wishlist.sql

Replace magento_db with your actual database name.

4. Run the script

bash

./downgrade.sh

This will:

• Remove EE modules

• Rewrite composer.json

• Apply SQL cleanup patches

✅ Final Steps

bash

composer install
bin/magento setup:upgrade
bin/magento setup:di:compile
bin/magento cache:flush

Code

[core:error] (13)Permission denied: access to /robots.txt denied (filesystem path '/home/username/sites') because search permissions are missing on a component of the path

…you’ve run into a classic Linux filesystem permissions problem. The good news? It’s easy to fix once you understand what’s going on.

What the Error Means

In Linux, directories need execute (x) permission for a user or process to “search” or traverse them. Even if a file like /robots.txt has the right read permissions, Apache can’t serve it unless it can walk through every directory in the path.

If any parent directory in /home/username/sites/... is missing execute permission for Apache’s user (apache, www-data, or similar), you’ll get this error.

How to Diagnose

1. Check Apache’s user

   bash

    ps aux | grep httpd   # Apache
    ps aux | grep nginx   # Nginx with php-fpm
   

2. Check permissions on each directory in the path

   bash

    namei -l /home/username/sites
   

   This shows the permissions for each component of the path.

How to Fix

Option 1 — Open execute permission for “others”

Quick and simple:

bash

chmod o+x /home
chmod o+x /home/username
chmod o+x /home/username/sites

Option 2 — Use group permissions (more secure)

1. Add Apache’s user to your group:

   bash

    sudo usermod -a -G yourgroup apache
   

2. Change group ownership and set execute for group:

   bash

    sudo chgrp -R yourgroup /home/username/sites
    chmod g+x /home /home/username /home/username/sites
   

Why This Happens Often

Many developers keep their web projects under /home/<user>/ for convenience. By default, home directories are locked down so other users (including the web server process) can’t traverse them. Apache needs at least execute permission to reach the public folder in your Laravel, WordPress, or static site.

Best Practice

• Keep your web root in /var/www/ or another directory Apache already has access to.

• If you must serve from your home directory, adjust permissions carefully — don’t just chmod 777.

• Use namei -l to quickly spot where permissions break.

In short: This error isn’t about the file itself, it’s about Apache’s ability to walk the path to it. Give the web server execute permission on each parent directory, and your 403 Forbidden will vanish.

1. Understand the Limits

• You can only increase the size of a boot volume. Reducing it is not supported.

• The maximum size for a boot volume is 16 TB.

• If cross‑region replication is enabled, you must disable it before resizing.

• Always take a backup before making changes.

2. Prepare for the Resize

1. Check your current boot volume size In the OCI Console, go to Compute → Boot Volumes and select your instance’s boot volume.

2. Review performance settings If you are on a paid performance tier and want to stay in the Always Free limits, ensure the performance level is set to Lower Cost.

3. Resize the Boot Volume in the OCI Console

1. Sign in to the Oracle Cloud Console.

2. Open the navigation menu and go to Compute → Boot Volumes.

3. Locate the boot volume you want to resize and click its name.

4. Click Edit Size or Performance.

5. Enter the new size in GB. This must be larger than the current size.

6. Save the changes.

4. Resize the Partition and Filesystem in Linux

After the OCI change is applied, your operating system will see the extra space, but you must extend the partition and filesystem to use it.

1. Check the device name

   bash

    lsblk
   

   Identify your boot disk (often /dev/sda or /dev/nvme0n1).

2. Grow the partition (if using GPT and cloud-init has not done it automatically)

   bash

    sudo growpart /dev/sda 1
   

   Replace /dev/sda 1 with your actual device and partition number.

3. Resize the filesystem For ext4:

   bash

    sudo resize2fs /dev/sda1
   

   For XFS:

   bash

    sudo xfs_growfs /
   

4. Verify the new size

   bash

    df -h
   

5. Best Practices

• Keep your boot volume performance tier within free limits if cost control is important.

• Schedule the resize during a maintenance window if you are unsure about online resizing.

• Maintain regular backups so you can roll back if needed.

🛠 Step 1 - Install rbenv and ruby-build

bash

# Install dependencies
sudo apt update
sudo apt install -y build-essential libssl-dev libreadline-dev zlib1g-dev git

# Clone rbenv into ~/.rbenv
git clone https://github.com/rbenv/rbenv.git ~/.rbenv

# Add rbenv to PATH and init in your shell
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc
echo 'eval "$(rbenv init - bash)"' >> ~/.bashrc
source ~/.bashrc

# Install ruby-build plugin
git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build

🛠 Step 2 - Install Ruby (user‑local)

bash

# List available Ruby versions
rbenv install -l

# Install a stable version (e.g., 3.4.5)
rbenv install 3.4.5

# Set it as default
rbenv global 3.4.5.

🛠 Step 3 - Install Capistrano without sudo

bash

gem install capistrano

🧪 Step 4 - Verify

bash

ruby -v
gem -v
cap --version

You should now see:

• Ruby version from rbenv (not system Ruby)

• Capistrano installed and runnable without sudo

💡 Why this works rbenv installs Ruby entirely in your home directory (~/.rbenv), so you own the files and can install/update gems freely. No system paths, no permission errors.

When working on cloud servers - whether in Oracle Cloud, AWS, or your own bare-metal rigs - it’s common to attach additional block volumes for more storage. In this guide, we’ll walk through mounting a fresh 140 GB disk at a custom directory so it’s ready for your data and persists across reboots.

1. Identify the New Disk

First, list your block devices:

bash

lsblk

In my case the new disk appeared as /dev/sdb and is 140 GB in size:

Code

NAME    MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
sda       8:0    0 46.6G  0 disk 
├─sda1    8:1    0 45.6G  0 part /
├─sda15   8:15   0   99M  0 part /boot/efi
└─sda16 259:0    0  923M  0 part /boot
sdb       8:16   0  140G  0 disk

2. Partition the Disk

If it’s completely unformatted, create a partition table and one primary partition:

bash

sudo fdisk /dev/sdb

Inside fdisk:

• Press n → p → accept defaults

• Press w to save changes

3. Format the Partition

bash

sudo mkfs.ext4 /dev/sdb1

💡 Replace sdb1 with your actual partition name.

4. Create a Mount Point

Even though you can mount into /etc/data, best practice is to use /mnt/data or /data for clarity:

bash

sudo mkdir -p /mnt/data

5. Mount the Partition

bash

sudo mount /dev/sdb1 /mnt/data

6. Make the Mount Persistent

Find the UUID:

bash

sudo blkid /dev/sdb1

Edit /etc/fstab:

plaintext

UUID=abcd-1234-...   /mnt/data   ext4   defaults   0   2

Test it:

bash

sudo mount -a

📌 Final Thoughts

• Mount points under /mnt or /data keep the system layout predictable and reduce risk of breaking config-related directories.

• Always double-check fstab entries before rebooting - a wrong mount configuration can block the boot process.

• In this real-world example, we mounted a 140 GB disk, but the same process applies to any size.

Catalog Search index process error during indexation process:
index [magento244p13_product_1_v1] blocked by: [TOO_MANY_REQUESTS/12/disk usage exceeded flood-stage watermark, index has read-only-allow-delete block]

In plain terms: Elasticsearch panicked because disk usage passed the flood-stage watermark (typically 95%), so it slammed the brakes and marked the index as read-only. Magento couldn’t update the index because of it.

Here’s how I solved it, step-by-step.

Step 1: Check Disk Usage

First, I ran:

bash

df -h

Sure enough, my disk space was on the brink. A quick cleanup of old logs and unused packages brought it under control.

Step 2: Clear the Read-Only Block

After freeing space, I lifted the restriction on all indexes with:

bash

curl -XPUT -H "Content-Type: application/json" \
  http://localhost:9200/_all/_settings \
  -d '{"index.blocks.read_only_allow_delete": null}'

In stubborn cases, this broader setting can help:

bash

curl -XPUT -H "Content-Type: application/json" \
  http://localhost:9200/_cluster/settings \
  -d '{
    "transient": {
      "cluster.routing.allocation.disk.threshold_enabled": false
    }
  }'

Step 3: Reindex Magento

With the block removed, I ran:

bash

bin/magento indexer:reindex

And this time—no errors. Clean as a whistle.

Takeaway: Keep a close eye on your Elasticsearch node’s disk usage—especially in local or staging environments with limited storage. Flood-stage blocks are protective but disruptive. This simple reset can save hours of head-scratching.

Step 1: Setting Up the OpenVPN Server

1. Install Required Packages: Ensure that your server has all the necessary packages installed.

    sudo apt update
    sudo apt install wget curl
   

2. Download and Run the OpenVPN Installation Script: The script from angristan simplifies the setup process.

    wget https://github.com/angristan/openvpn-install/archive/master.zip
    unzip master.zip
    cd openvpn-install-master
    chmod +x openvpn-install.sh
    sudo ./openvpn-install.sh
   

3. Follow the Prompts: The script will prompt you for various configuration options. Follow the instructions to set up the server according to your preferences.

4. Download the Generated OVPN Profile: Once the setup is complete, download the generated .ovpn profile to your local machine.

Step 2: Installing OpenVPN Client on Ubuntu

1. Install OpenVPN 3 Client: OpenVPN 3 is the latest version and is recommended for new setups.

    sudo apt update
    sudo apt install openvpn3
   

2. Import the OVPN Profile: Import the generated profile into OpenVPN 3 client.

    openvpn3 config-import --config opi5pro.ovpn
   

3. List Imported Profiles: You can see the imported profiles using the following command.

    openvpn3 configs-list
   

Step 3: Connecting to the OpenVPN Server

1. Start the VPN Session: Use the imported profile to start a VPN session.

    openvpn3 session-start --config opi5pro.ovpn
   

2. List Current VPN Sessions: You can see the list of current VPN sessions with the following command.

    openvpn3 sessions-list
   

3. Disconnect from the VPN Session: If you need to disconnect from the VPN session, use the following command, replacing the session path with your specific session path.

    openvpn3 session-manage --disconnect --session-path /net/openvpn/v3/sessions/4d9521a3s0156s4abfsac14s0864e1bcf14c
   

Conclusion

By following these steps, you can successfully set up an OpenVPN server and client on Ubuntu. This setup ensures that your connection is secure and encrypted, allowing you to safely access your network from anywhere. Whether you're setting this up for personal use or for a larger network, OpenVPN provides a robust solution for your VPN needs.

Feel free to reach out if you encounter any issues or need further assistance. Happy networking! 😊

Step 1: Download and Install mkcert

First, we need to download the mkcert binary and make it executable:

sh

curl -JLO "https://dl.filippo.io/mkcert/latest?for=linux/arm64"
chmod +x mkcert-v*-linux-amd64
sudo cp mkcert-v*-linux-amd64 /usr/local/bin/mkcert

Step 2: Generate the SSL Certificate

Next, we'll use mkcert to generate the SSL certificate and key for localhost:

sh

mkcert -key-file testing-key.pem -cert-file testing-cert.pem testing-dev.fiko.me

This command will create localhost-key.pem and localhost-cert.pem files.

Step 3: Configure Nginx

Now, let's configure Nginx to use the generated SSL certificate. Add the following configuration to your Nginx server block:

nginx

server {
    listen 445 ssl;
    server_name testing-dev.fiko.me;
    set $MAGE_ROOT /home/fiko/sites/testing;
    set $MAGE_MODE developer; # or production, depending on your environment

    ssl_certificate /home/fiko/downloads/testing-cert.pem;
    ssl_certificate_key /home/fiko/downloads/testing-key.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    include /home/fiko/sites/testing/nginx.conf.sample;

    error_page  404  /errors/404.php;
    error_page  500 502 503 504  /errors/503.php;

    access_log /var/log/nginx/testing_ssl.access.log;
    error_log /var/log/nginx/testing_ssl.error.log;
}

Make sure the paths to the SSL certificate and key files are correct.

Step 4: Restart Nginx

Finally, restart Nginx to apply the new configuration:

sh

sudo systemctl restart nginx

Your Nginx server should now be serving the site over HTTPS using the self-signed certificate.

References

• mkcert GitHub Repository

By following these steps, you can generate a self-signed SSL certificate for localhost and configure Nginx to use it. This setup is great for development environments where you need HTTPS but don't want to obtain a certificate from a Certificate Authority.

Happy coding! 😊

Preferences:

• https://help.nextcloud.com/t/cannot-login-too-many-requests/100905

Hit:1 https://download.docker.com/linux/ubuntu jammy InRelease
Hit:2 https://repo.ivpn.net/stable/ubuntu ./generic InRelease                                                                                        
Hit:3 https://pkg.cloudflare.com/cloudflared jammy InRelease                                                                                         
Ign:4 https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 InRelease                                                                            
Hit:6 http://repo.huaweicloud.com/ubuntu-ports jammy InRelease                                                                                       
Hit:8 http://repo.huaweicloud.com/ubuntu-ports jammy-security InRelease                                                                              
Get:9 http://repo.huaweicloud.com/ubuntu-ports jammy-updates InRelease [128 kB]                                 
Hit:10 http://repo.huaweicloud.com/ubuntu-ports jammy-backports InRelease                                                  
Hit:11 https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 Release                  
Hit:12 https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy InRelease             
Hit:13 https://ppa.launchpadcontent.net/ondrej/php/ubuntu jammy InRelease
Hit:14 http://ppa.launchpad.net/rabbitmq/rabbitmq-erlang/ubuntu jammy InRelease
Hit:5 https://packagecloud.io/rabbitmq/rabbitmq-server/ubuntu jammy InRelease
Hit:15 https://ppa.launchpadcontent.net/redislabs/redis/ubuntu jammy InRelease
Ign:16 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/main armhf Packages
Get:17 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/main arm64 Packages [1,737 kB]
Get:18 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/universe armhf Packages [845 kB]
Ign:18 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/universe armhf Packages
Get:16 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/main armhf Packages [945 kB]
Err:16 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/main armhf Packages
  File has unexpected size (944824 != 944876). Mirror sync in progress? [IP: 103.172.25.237 80]
  Hashes of expected file:
   - Filesize:944876 [weak]
   - SHA256:05dbf070158dd9953ee5c260a2e2f9950e420eb6fd4eefe30723e1a248a799cd
   - SHA1:d2716f274b0fa5766f88a42f8dede17b08eb8d54 [weak]
   - MD5Sum:6f5bae8e83a1007cc2bd91620c9f4dca [weak]
  Release file created at: Mon, 26 Aug 2024 00:14:45 +0000
Hit:7 https://packagecloud.io/varnishcache/varnish60lts/ubuntu jammy InRelease
Get:18 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/universe armhf Packages [845 kB]
Err:18 http://repo.huaweicloud.com/ubuntu-ports jammy-updates/universe armhf Packages

Reading package lists... Done 
E: Failed to fetch http://repo.huaweicloud.com/ubuntu-ports/dists/jammy-updates/main/binary-armhf/Packages.xz  File has unexpected size (944824 != 944876). Mirror sync in progress? [IP: 103.172.25.237 80]
   Hashes of expected file:
    - Filesize:944876 [weak]
    - SHA256:05dbf070158dd9953ee5c260a2e2f9950e420eb6fd4eefe30723e1a248a799cd
    - SHA1:d2716f274b0fa5766f88a42f8dede17b08eb8d54 [weak]
    - MD5Sum:6f5bae8e83a1007cc2bd91620c9f4dca [weak]
   Release file created at: Mon, 26 Aug 2024 00:14:45 +0000
E: Failed to fetch http://repo.huaweicloud.com/ubuntu-ports/dists/jammy-updates/universe/binary-armhf/Packages.xz  
E: Some index files failed to download. They have been ignored, or old ones used instead.

Then how I tackle it? simply I need to run:

sudo apt-get clean

Once executed, it's like nothing happened, yet go run sudo apt update again, and it's working and that error message is gone as well.

References:

• https://askubuntu.com/questions/1147254/apt-update-fails-at-chrome-stable-main-file-has-unexpected-size-1103-1104

// Add the event listener when needed.
document.addEventListener('keydown', OnKeyboardPressed);

const escPressed = () => { 
  // Remove event after pressed or you can remove on any other events
  document.removeEventListener('keydown', OnKeyboardPressed);
};

// method to listen to the event
const OnKeyboardPressed = (e) => e.key === 'Escape' && escPressed();

References:

• https://www.toptal.com/developers/keycode

Please to check this github repo for further documentation: https://github.com/fiko/magento2-advanced-order-number

There are several ways to retrieve system configuration, but there are 2 common approaches, they are using object manager and by injecting into construct method (__construct is the recommended one by Magento itself).

1. by Object Manager

.....
$scopeConfig = \Magento\Framework\App\ObjectManager::getInstance()
    ->get(\Magento\Framework\App\Config\ScopeConfigInterface::class);

$configValue = $scopeConfig->getValue(
        'fiko/general/testing_config',
        \Magento\Store\Model\ScopeInterface::SCOPE_STORE,
    );
.....

Notes:

• $scopeConfig = \Magento\Framewo....: we need to define what's the instance / class we want to import / use.

• $configValue = $scopeCon....: time to retrieve the configuration, further notes will be on 2nd solution below

2. by Injecting into construct method (Recommended)

<?php

namespace Fiko\Training\Helper;

class Data
{
    public $scopeConfig;

    public function __construct(
        \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig
    ) {
        $this->scopeConfig = $scopeConfig;
    }
}

Notes:

• public $scopeConfig;: by the time PHP 8 released, it is mandatory to define the visibility (no dynamic property allowed). it can be public/protected/private, but in this case I would use public as it can be used by other instances.

• ScopeConfigInterface $scopeConfig: interface we need to have in order to retrieve configuration.

public function getExampleConfig()
{
    $configValue = $this->scopeConfig->getValue(
        'fiko/general/testing_config',
        \Magento\Store\Model\ScopeInterface::SCOPE_STORE
    );

    return $configValue;
}

Notes:

• fiko/general/testing_config: it is the path of the configuration.

• \Magento\Store\Model\ScopeInterface::SCOPE_STORE: It is the scope area (I assume you already know this).

  • I recommend to use SCOPE_STORE, as it will automatically retrieve the higher scope level (website or default) if it doesn't exist on store level.

References:

• https://www.magetrend.com/blog/magento-2-get-config-value/

• https://magento.stackexchange.com/a/87835/106128

1. I defined helper file of app/code/Fiko/Training/Helper/Data.php (scroll down to see the file).

2. app/code/Fiko/Training/Console/Command/Testing.php defined for the custom command class.

3. app/code/Fiko/Training/etc/di.xml to define custom command and define type & virtualType

• The basic difference is: type will affect all instances, whereas virtualType affects only on sub-class (specific instances)

• if you use type to change class attribute, it will be used by all instances. All instances / classes use that class (app/code/Fiko/Training/Helper/Data.php) will have this value.

app/code/Fiko/Training/Helper/Data.php

<?php

declare(strict_types=1);

namespace Fiko\Training\Helper;

class Data
{
    /** @var array */
    public $data;

    /**
     * Constructor
     *
     * @param array $data
     */
    public function __construct(array $data = [])
    {
        $this->data = $data;
    }

    /**
     * This method will return what's the bypassed parameter
     *
     * @param string $name
     * @return string
     */
    public function getName($name): string
    {
        return "{$this->data['prefix']} {$name}";
    }
}

Notes:

• This class is original file that I will use to practice.

app/code/Fiko/Training/Console/Command/Testing.php

<?php

declare(strict_types=1);

namespace Fiko\Training\Console\Command;

use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;

use Fiko\Training\Helper\Data as HelperData;

class Testing extends Command
{
    private $helper;

    public function __construct(HelperData $helper)
    {
        $this->helper = $helper;

        parent::__construct(null);
    }

    protected function configure(): void
    {
        $this->setName('fiko:training');

        parent::configure();
    }

    /**
     * Execute the command
     *
     * @param InputInterface $input
     * @param OutputInterface $output
     *
     * @return int
     */
     protected function execute(InputInterface $input, OutputInterface $output): int
     {
        $output->writeln($this->helper->getName('Borizqy'));

        return 1;
     }
}

Notes:

• this class is used as the command line executable class.

app/code/Fiko/Training/etc/di.xml

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
   <!-- BEGIN: Defining custom command -->
   <type name="Magento\Framework\Console\CommandList">
       <arguments>
           <argument name="commands" xsi:type="array">
               <item name="fiko:training" xsi:type="object">Fiko\Training\Console\Command\Testing</item>
           </argument>
       </arguments>
   </type>
   <!-- END: Defining custom command -->

   <!-- BEGIN: example of type implementation -->
   <type name="Fiko\Training\Helper\Data">
        <arguments>
            <argument name="data" xsi:type="array">
                <item name="prefix" xsi:type="string">Mr.</item>
            </argument>
        </arguments>
   </type>
   <!-- END: example of type implementation -->

   <!-- BEGIN: example of virtualType implementation -->
   <type name="Fiko\Training\Console\Command\Testing">
        <arguments>
            <argument name="helper" xsi:type="object">data_example</argument>
        </arguments>
   </type>
   <virtualType name="data_example" type="Fiko\Training\Helper\Data">
        <arguments>
            <argument name="data" xsi:type="array">
                <item name="prefix" xsi:type="string">Tuan</item>
            </argument>
        </arguments>
   </virtualType>
   <!-- END: example of virtualType implementation -->
</config>

Notes:

• Defining custom command, to define the custom command line of bin/magento fiko:training

• example of type implementation, all instances use Fiko\Training\Helper\Data will have $data['prefix'] and the value is Mr..

• example of virtualType implementation, specifically Fiko\Training\Helper\Data used by Fiko\Training\Console\Command\Testing will have have $data['prefix'] and the value is Tuan.

References:

• https://www.codedecorator.com/blog/what-is-the-difference-between-type-and-virtualtype-practical-example/

• https://medium.com/@mishra.anshu1710/magento2-difference-between-type-and-virtual-type-5ac4d2e46568

• https://magently.com/blog/magento-2-design-patterns-preferences-virtual-types/

Simply we can run this:

gpg --full-gen-key

Then we will have some interactives.

1. Key Type

   It's optional, but I oftenly use RSA and RSA (number 1)

2. Keysize (Bits)

   It's more secure to have more bit or simply we can take the maximum bit, let's say maximum number is 4096, then we can put 4096

3. Expiration Time

   If we want to use this key on all the time, we can set to 0 to have the never expired key.

4. Expiration confirmation

   let say I set 0 as the expiration date which mean it will never get expired, then it will try to confirm us that we really want to create a key which never get expired.

5. Identity

   1. Name

      Put your name, minimum length is 5.

   2. Email

      You'll never get email for this, it's just for identification purposes. (optional)

   3. Comment

      Just another information we want to put, maybe to identifying something. (optional)

6. Identity confirmation

   It will ask you to confirm your identity, we can input O (O / Oscar character) to confirm that it's correct.

7. Password

   Finally we can put password for the created key, we're going to need this password to decrypt encrypted file.

How to Encrypt file?

gpg -r <uid> -e your-whatever-file.zip

replace <uid> with your created key, then a new file with the .gpg extension will be created.

How to Decrypt File?

gpg -d your-whatever-file.zip.gpg

or if we want to put the unlocked data into a file, we can use

gpg -d your-whatever-file.zip.gpg > your-whatever-file.zip

How to List all existing keys?

gpg --list-keys

or we can just specify a <uid> to know the information of specific key

gpg --list-keys <uid>

How to Export Key?

gpg --export-secret-keys <uid> > output.key

You're going to type your password to able to export the key.

How to Import Key?

gpg --import output.key

Or use gpg2 if you don’t want to input passphrase

gpg2 --batch --import output.key

How to Delete Key?

to be able to delete the keys, we need to delete the secret key first, then deleting the key.

gpg --delete-secret-keys <uid>
gpg --delete-keys <ui>

References:

• https://youtu.be/DMGIlj7u7Eo

• https://linuxhint.com/solve-gpg-decryption-failed-no-secret-key-error/

• https://stackoverflow.com/a/34132924

1. Install Docker

since we're going to use docker, of course we need to install docker. Please to follow official documentation by Docker to install on your machine.

2. Run The mysql Version

You can choose between MySQL, MariaDB, or other version. in this case I'm going to use MariaDB, so I need to run this:

docker run -d --restart=always --name mariadb-10.4.20 --env MARIADB_ROOT_PASSWORD=root -p 1042:3306 mariadb:10.4.20

Descriptions:

• --detach, -d Run container in background and print container ID

• --restart Restart policy to apply when a container exits

• --name Assign a name to the container

• --env, -e Set environment variables

• --expose, -p Expose a port or a range of ports

• mariadb:10.4.20 Package-Name:version

3. FAQ:

3.1. How to ByPass password?

try to ssh on the running database by running:

docker exec -it mariadb-10.4.20 bash

then try to move to HOME directory by running

cd

and then add new file called .my.cnf, and the content are:

[client]
user=root
password=root
host=localhost

[mysqldump]
host=localhost
user=root
password=root

3.2. How to Run Execute?

docker exec -it mariadb-10.2.44 mysql

Once you configured 3.1. you don't need to type the password.

3.3. How to Import Database

docker exec -i mariadb-10.2.44 mysql -u user -p database_name < database.sql

Or if you want to have the progress bar whilst importing database, you can use this command: (don't forget to install pv if you don't have this package)

pv databse.sql | docker exec -i mariadb-10.2.44 sh -c 'mysql database_name'

3.4. How to export Database

docker exec -i mariadb-10.4.20 mysqldump database_name > database.sql

If you want to directly compress the file for the output, you can run this: (don't forget to install gzip if you don't have it.)

docker exec -i mariadb-10.4.20 mysqldump database_name | sed -e 's/\sDEFINER=`[^`]*`@`[^`]*`//g' | gzip -c > database.sql.gz

3.5. Remove DEFINER?

sed -e 's/\sDEFINER=`[^`]*`@`[^`]*`//g' -i database.sql

Preferences:

• https://docs.docker.com/engine/install/

• https://hub.docker.com/_/mysql

• https://hub.docker.com/_/mariadb

• https://docs.docker.com/engine/reference/commandline/run/#options

• https://howtoinstall.co/en/pv

• https://howtoinstall.co/en/gzip

1. Install Required Packages

We need two packages in order to start creating SSL certficates, they are certbot and python3-certbot-apache.

sudo apt update
sudo apt install certbot python3-certbot-apache

2. Configure Apache2 Virtual Host

in this case, I'm going to try to create a virtual host for magento245.dev.fiko.me. You just need to setup the port 80 and skipping the 443 port.

<VirtualHost *:80>
    ServerAdmin hi@fiko.me
    DocumentRoot /home/fiko/sites/magento245/pub/
    ServerName magento245.dev.fiko.me

    <Directory /home/fiko/sites/magento245/pub/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Require all granted
    </Directory>

    <FilesMatch \.php$>
    SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://localhost"
    </FilesMatch>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

then restart your apache2 by running:

sudo service apache2 restart

3. Install SSL

Once you created the virtual host, try to create the certificate by running:

sudo certbot --apache

Follow the steps, and restart apache2 service.

Preferences:

• https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-20-04

• https://towardsdatascience.com/how-to-host-multiple-website-with-apache-virtual-hosts-4423bd0aefbf

• https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-20-04

We can do it by implementing reverse proxy, so how to do it?

1. Create Virtual Host

We need to create a virtual host, in this case I will try to create magento245.dev.fiko.me

<VirtualHost *:80>
    ServerAdmin hi@fiko.me
    ServerName testing.dev.fiko.me
</VirtualHost>

2. Setup Reverse Proxy

Next we need to place reverse proxy, and point this virtual host to original port you have previously installed on. In this case I already installed my application locally on port of 8082, so I need to point to port of 8082.

<VirtualHost *:80>
    ServerAdmin hi@fiko.me
    ServerName testing.dev.fiko.me

    SSLProxyEngine On
    RequestHeader set Front-End-Https "On"
    ProxyPreserveHost On
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    SSLProxyCheckPeerExpire off

    ProxyPass / http://127.0.0.1:8082/
    ProxyPassReverse / http://127.0.0.1:8082/
</VirtualHost>

3. Try to test your apache2 configuration

Try to run :

sudo apache2ctl configtest

it should have Syntax Ok response.

Once it's good, restart your apache

sudo service apache2 restart

and try to access your application from browser.

4. Install Required Modules (Optional)

Do you face this error?

It's too general, but maybe you haven't enabled required apache2 modules, you need to enable these modules:

sudo a2enmod ssl
sudo a2enmod proxy
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http

Then restart your apache2, and refresh the browser.

References:

• https://www.cloudflare.com/en-gb/learning/cdn/glossary/reverse-proxy/

• https://stackoverflow.com/questions/23931987/apache-proxy-no-protocol-handler-was-valid

• https://community.bitwarden.com/t/linux-installation-with-existing-apache-server/39506/4