setting proper web root permissions

# chown -R www-data:www-data /var/www/vhost/example.com/

NOTE!: The www-data user is used by nginx and php5-fpm. If you are running php as a different user then change ownership as per that.

# Correct Directory Permissions
# find /var/www/vhost/example.com/ -type d -exec chmod 0755 {} \;
# Correct Files Permissions
#$ find /var/www/vhost/example.com/ -type f -exec chmod 0644 {} \;

using rancid with password from secretserver

Rancid, http://www.shrubbery.net/rancid/ , is awesome for switch config automation, but keeping the passwords in plain text isn't a good practice. I could use local encryption, but I just wrote a python script to get the passwords from the our password vault (secret server), http://thycotic.com/, then run rancid and then clear the config.

crontab for everything
0 22 * * * root /usr/bin/python /usr/local/rancid/bin/getpass.py > /usr/local/rancid/.cloginrc
1 22 * * * rancid  /usr/local/rancid/bin/rancid-run
2 22 * * * root /usr/bin/echo > /usr/local/rancid/.cloginrc

#------------------------------------------------------------------------------
# Imports
#------------------------------------------------------------------------------

import sys
import suds

client = suds.client.Client("http://example.com/SecretServer/webservices/SSWebservice.asmx?wsdl")
#Org code is not necessary for installed edition and can be represented by ""
token = client.service.Authenticate("username", "password", "", "domain"                                                                                  )
#the token will verify that you can login
#print token

#This is how to find the client ids
#searchSecret=client.service.SearchSecrets(token.Token, "core1")
#searchSecret2=client.service.SearchSecrets(token.Token, "core2")
#searchSecret3=client.service.SearchSecrets(token.Token, "switch1")

#print searchSecret
#print searchSecret2
#print searchSecret3

secret = client.service.GetSecret(token.Token, "123")
secret2 = client.service.GetSecret(token.Token, "124")
secret3 = client.service.GetSecret(token.Token, "131")

#this is will print the password
#print secret

pass1 = secret.Secret.Items.SecretItem[2].Value
pass2 = secret2.Secret.Items.SecretItem[2].Value
pass3 = secret3.Secret.Items.SecretItem[2].Value

#fix stuff that should be escaped
passa = pass1.replace("#", "#\\")
passb = pass2.replace("#", "#\\")
passc = pass3.replace("#", "#\\")

print "add user 192.168.0.1             "+"manager"
print "add password 192.168.0.1         " + '"' + passa + '"'
print "add method 192.168.0.1           "+"ssh"
print "add autoenable 192.168.0.1       "+"1"
print "add user 192.168.0.2             "+"manager"
print "add password 192.168.0.2         " + '"' + passb + '"'
print "add method 192.168.0.2           "+"ssh"
print "add autoenable 192.168.0.2       "+"1"
print "add user 192.168.0.*             "+"manager"
print "add password 192.168.0.*         "+ '"' + passc + '"'
print "add method 192.168.0.*           "+"ssh"
print "add autoenable 192.168.0.*       "+"1"
print "add noenable route-server*      "+"1"
print "add cyphertype *                "+"{3des}"

memory is ram!

I had an issue where a webserver should have been running smoothly using normal disk cache. After pulling my hair out for a while I finally gave up and just moved the cache folder to tmpfs. That cleared everything up.

edit your fstab and add the following:

tmpfs                       65536      284     65252   1% /var/www/vhosts/example.com/cache/

#ls /var/www/vhosts/example.com/cache/

285ea04ebb783e7c264410b1923e156b-cache-1b382f33e05a11af6e176df12538375d.php

285ea04ebb783e7c264410b1923e156b-cache-21adf12cddf084aff54d581b7a245bee.php

285ea04ebb783e7c264410b1923e156b-cache-3165fb29750dc77e8b1c72c5c6ab701d.php

285ea04ebb783e7c264410b1923e156b-cache-6c80b5246d1d6a5a733ecf21ec8f5c45.php

285ea04ebb783e7c264410b1923e156b-cache-de57dad4255b001ebe0a55d7d2bcdefd.php

#df -h

tmpfs                     64M  284K   64M   1% /var/www/vhosts/example.com/cache/