Tiny Deathstars of Foulness

WordPress has an app. That means there’s an API to normalize communication using a predictable programmatic interface. In this case, as with many others, that’s done using a standard REST interface to communicate. The easiest way to interact with any API is to just read some stuff from the server via curl. You can feed curl the URL to the API by using your URL followed by /wp-json – as follows, assuming a URL of


To view header information:

curl -s -D - -o /dev/null

In the below example we’ll ask for a list of posts by adding /wp/v2/posts to the URL:


You’ll see a list of some posts in the output along with a little metadata about the posts. You can then grab an ID and ask for just that post, using a post ID of 48390:


You can also see revisions that have been made to a post by appending the URL with /revisions


You can see comments with the comments route:


Or pages with the pages route:


Or users with the users route:


Or media that has been uploaded with the media route:


And the output of each can be constrained to a single item in that route by providing the ID of the item, which shows additional metadata about the specified item. And there are routes for categories, tags, etc.

There’s also some good stuff at such as which is a plugin that allows you to auth against the API.

curl --user admin:krypted

Not only can you look at user information, you can also add and remove posts. You would add by doing a -X followed by a POST and then feeding a file with the –data option

curl --user admin:password -X POST --data @post.json

The output would then include the ID of your new post to wordpress. In the following example, we’ll get rid of the post we were looking at earlier using -X and DELETE in the URL, assuming a username of admin, a password of krypted, and a post ID of 48390:

curl --user admin:krypted -X DELETE

If successfully deleted the response would be as follows:

“message”:”Deleted post”

To dig in deeper, check out where the whole schema is documented. You can also use the GitHub site to access a command called wp (as well as PHP, node, and java clients) that can be run at the command line for simple scripting interfaces. This could allow you to, for example, simply backup posts to json files, etc.

Also, it’s worth noting that various plugins will require their own interface (note there’s no themes or plugins route), such as woocommerce, interfacing with or

July 14th, 2017

Posted In: WordPress

Tags: , , , , , , , ,

Leave a Comment

Thanks to Allan Sanderson for the following submission, which outlines how to install Final Cut Server in Lion and Mountain Lion Server.


Check “Enable PHP web applications”

Install Java
Open /Applications/Utilities/Java
You’ll be prompted by Software Update service to install Java, click “Continue”, provide admin credentials when promopted.

Install Final Cut Server
Run Final Cut Server installer.
Then run Software Update to get ProApplications 2010-02 & Final Cut Server v1.5.2 updates.

Check Configuration
Check fcsvr user has been created:
dscl /Local/Default -search /Users RecordName fcsvr
Output should look something like this:
fcsvr RecordName = (

Check “fcsvr” user’s home folder location is set to “/Library/Application Support/Final Cut Server”
dscl /Local/Default -read /Users/fcsvr NFSHomeDirectory
Output should look something like this:
NFSHomeDirectory: /Library/Application Support/Final Cut Server
If it doesn’t, caorrect it with this command:
sudo dscl /Local/Default -create /Users/fcsvr NFSHomeDirectory “/Library/Application Support/Final Cut Server”

Customisations To Make It Work
A word to the wise, I personally take a backup before making any changes to system files, Time Machine is nice ‘n all, but I’d prefer not to have to go there in the first place.

An out the box FCSvr install doesn’t set an “AUTH_TYPE” key/value pair in the file. Under 10.5 & 10.6 this didn’t cause any issues, but 10.7+ does seem to be an issue. So for Local and Open Directory authentication, this command will do the job:
sudo defaults write /Library/Preferences/ “AUTH_TYPE” -int 2
If you’re being more daring and trying to work with an Active Directory, then you’ll want the following:
sudo defaults write /Library/Preferences/ “AUTH_TYPE” -int 1

Because of how things have changed between 10.6 and 10.7 & 10.8, its necessary to manually copy the apache site config into a users apache space.
sudo cp “/Library/Application Support/Final Cut Server/Final Cut Server.bundle/Contents/Resources/share/conf/client_apache2.conf” “/etc/apache2/users/fcsvr.conf”

Now in order for the apache site config to be read by apache, we need to add in the necessary direction for httpd.
Append “UserDir Sites” to end of “/etc/apache/httpd.conf”, this can be done as a one-liner if you like:
sudo echo “UserDir Sites” >>/etc/apache2/httpd.conf

Lastly we have to add in the redirection settings for 10.7+ as the installers isn’t able to do this due to file path changes between the OS revisions.
So, in your /etc/apache2/sites/0000_any_80_.conf file, paste in the following lines after the IfModule for mod_ssl.c:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* – [F]
RewriteRule ^/FinalCutServer$ /~fcsvr/Sites/webstart/index.php [NC,L]
RewriteRule ^/FinalCutServer/FinalCutServer_mac.jnlp$ /~fcsvr/Sites/webstart/macJnlp.php [NC,L]
RewriteRule ^/FinalCutServer/FinalCutServer_windows.jnlp$ /~fcsvr/Sites/webstart/windowsJnlp.php [NC,L]
RewriteRule ^/FinalCutServer/FinalCutServer_other.jnlp$ /~fcsvr/Sites/webstart/jnlp.php [NC,L]

SPECIAL_MENTIONS: Matt Geller, David Colville

September 6th, 2012

Posted In: Mac OS X, Mac OS X Server, Xsan

Tags: , , , , , , , , , , , ,

CrashPlan Pro Server is a pretty cool tool with a lot of great features that can be used to back up client computers. There are a lot of things that CrashPlan Pro is good at out of the box, but there are also a lot of other things that CrashPlan Pro wasn’t intended for that it could be good at, given a little additional flexibility. The REST API that CrashPlan Pro uses provides a little flexibility and as with most APIs I would expect it to provide even more as time goes on.

I often hear people run away screaming when REST comes up, thinking they’re going to have to learn some pretty complex scripting. And while the scripting can be complex, it doesn’t necessarily have to be. You can find a lot of handy information about the options available in the REST API at The very first example command that CrashPlan gives is the following:


Now, to use this in a very simple script, let’s look at it with curl. You are going to need to authenticate, so we’re going to inject that into the URL in much the same was that we would with something like, let’s say, WebDAV, SSH or FTP. If the server name were foundation.lan, the user name was daneel and the password was seldonrulez then the curl command would actually look like so (you could use the -u operator to inject the authentication information, but as you’ll see later I’d like to make those a bit less complex):

curl http://daneel:seldonrulez@foundation.lan:4280/rest/users?status=Active

Note: The default port for the web administration in CrashPlan Pro is 4280.

This is simply going to output a list of Active users on the server. The reason it’s going to output only Active users is that we asked it to (reading from left to right after the rest is shown in the URL) query users, using the status attribute and specifying only to show us users whose status matches as Active. We could just as easily have requested all users by using the following (which just removes ?status=Active):

curl http://daneel:seldonrulez@foundation.lan:4280/rest/users

Each user has a unique attribute in their id. These are assigned in an ascending order, so we could also query for the user with an ID of 3 by simply following the users with their unique ID:

curl http://daneel:seldonrulez@foundation.lan:4280/rest/users/3

We could also query for all users with a given attribute, such as orgId (note that these attributes are case sensitive unlike many other things that start with http). For example, to find users with an orgID of 3:

curl http://daneel:seldonrulez@foundation.lan:4280/rest/users?orgId=3

The API doesn’t just expose looking at users though. You can look at Organizations (aka orgs), targets (aka mountPoints), server statistics (aka serverStats) and Computers (aka computers). These can be discovered by running the following command:

curl -i http://daneel:seldonrulez@foundation.lan:4280/rest/

To then see each Organization:

curl http://daneel:seldonrulez@foundation.lan:4280/rest/orgs

And to see each Computer:

curl http://daneel:seldonrulez@foundation.lan:4280/rest/computers

You can also perform compound searches fairly easily. For example, let’s say that we wanted to see

curl http://daneel:seldonrulez@foundation.lan:4280/rest/computers?userId=3&status=Active

These basic incantations of curl are simply getting information, which programmatically could also be specified using a -X operator (or –request if you like to type a lot) to indicate the type of REQUEST we’re sending (continuing on with our Code42 Sci-fi inspired example):

curl -X GET -H ‘Content-type: application/json’ http://daneel:seldonrulez@foundation.lan:4280/rest/orgs

The important thing about being able to indicate the type of REQUEST is that we can do more than GET: we can also POST and PUT. We also used the -H operator to indicate the type of data, which we’re specifying as application/json (per the output of a curl -i command against the server’s REST API URL). POST is used to create objects in the database whereas PUT is used update objects in the database. This could result in:

curl -i -H ‘Content-Type: application/json’ -d ‘{“username”: “charlesedge”, “password”: “test”, “firstName”: “Charles”, “lastName”: “Edge”, “orgId”: “3”}’ http://daneel:seldonrulez@foundation.lan:4280/rest/users

Once you are able to write data, you will then be able to script mass events, such as create new users based on a dscl loop using groups, remove users at the end of a school year (PUT {“status”: “Deactivated”}), mass change orgIds based on other variables and basically fully integrate CrashPlan Pro into the middleware that your environment might already employ.

Perl, Python, Ruby and PHP come with a number of options specifically designed for working with REST, which makes more complicated scripting much easier (such as with php’s curl_setopt); however, these are mostly useful if you already know those languages and the point of this article was to stay in shell scripting land. This allows you knock out simple tasks quickly, even if the good people at Code 42 didn’t think to add the specific features to their software that you might have in mind. Once you start to get into scripting more complex events, look to the Python examples at the bottom of the API Architecture page to get ya’ kickstarted!

November 4th, 2010

Posted In: cloud, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Ubuntu, Unix

Tags: , , , , , , , , , , ,

Using php at the command line isn’t an exact science in regard to which scripts that run in a web page will function from the shell. However, if you are automating many tasks, such as how you would go about with a shell script, then php is a nice alternative to other languages. To get started, let’s look at the version of php that we’re running. A quick way to test this is type the following from the command line.

php -v

This should result in something like the following message, which includes the version of PHP you are running and the current date:

PHP 5.3.0 (cli) (built: Jul 19 2009 00:34:29)

Copyright (c) 1997-2009 The PHP Group

Zend Engine v2.3.0, Copyright (c) 1998-2009 Zend Technologies

In its most basic form, the CLI interface can be used just like any PHP script. Create a sample script similar to the following, which we will save as test.php:


print “This is a test.”;


Next we will make this script executable by using the chmod command:

chmod +x test.php

You can execute this script by entering the following command at a shell prompt provided that you have executable permissions to the script:

php test.php

You can avoid calling the php command first on UNIX-based systems by placing a reference to the PHP program right at the start of the script. This tells the shell which program should be used to execute the script. Here’s an example:



print “Hello World!”;


October 12th, 2009

Posted In: Mac OS X, Mass Deployment, Ubuntu, Unix

Tags: , ,

RSS is an incredibly powerful way to manage content. Using RSS you can provide a feed to users and your website simultaneously.  You can then have items your site, such as WordPress dynamically generate pages for browsers using items published in the feed and have users able to view the feed without seeing the rich media objects that you might also put on the site.

A basic RSS feed might include something like the following:


<title>My Article</title>


<description>Some article on my site.</description>


Each of the above items is a field that has been defined in the rss file that is used to view your feed, similar to an LDAP schema, headers on an Excel spreadsheet or table headers in a database.  MagpieRSS is a php script that parses these RSS feeds. It is fast, flexible and can be as easy to integrate into your site as:

$rss = fetch_rss($url);

There are 4 scripts in Magpie (so I guess it’s more of a framework really):

  • – gets an object or array of objects from an RSS feed.
  • – parses an RSS object, and therefore provides flexibility in dealing with the feed.
  • – caches RSS objects.
  • – provides other basic functions of dealing with RSS originated objects.

Magpie can then be inserted into a page and display the items in feeds, even multiple feeds if you have content from a few different sites you would like to display.  You can also parse this information, so that you should articles that have a specific pattern in them.  This allows for syndication of content across a number of systems.

August 9th, 2009

Posted In: sites, WordPress

Tags: , , ,

Prior to Mac OS X 10.5 MySQL was administered in a stand-alone application.  In 10.5, MySQL has been moved into Server Admin.  Many of the security-centric aspects of MySQL should be managed in the my.cnf file or using MySQL tools.  However, you can disable network connections using Server Admin unless the database actually needs to be accessed from hosts other than the server.

Additionally, many administrators who lack the time to turn MySQL into a bastille of security choose to implement PHPMyAdmin with Mac OS X Server to easily update settings they might not be so quick to find in the command line.


October 20th, 2008

Posted In: Mac OS X Server

Tags: , , ,


A customer recently called asking us to expand the timeout variable for downloading files via PHP from their server. By default the php.ini file does not exist in Mac OS X Server. If you need to use php.ini to granularly configure the parameters for PHP then you should download it from by downloading the source code for PHP for the version that comes up when you run php -v from your server. In the tarball there will be a file called php.ini-recommended. Then copy this file to /etc/php.ini and modify the appropriate settings:

upload_max_filesize = whatever you want the new maximum to be 

posters.max_execution_time = 30

max_input_time = 60

post_max_size = 32M

Also, there is sometimes a file in /etc called php.ini.default that can be copied and renamed for this purpose.

April 10th, 2008

Posted In: Mac OS X Server, Unix

Tags: , ,

I originally posted this at

Developers of code have always been fairly open with their tips and tricks. New advancements in the websphere come fast and many of them come from the open source community. Led by people like Linus Torvalds, the original author of Linux, the open source ommunity has rewritten many of the most popular proprietary applications on the market and made them freely available to the world, asking only that if they don’t sell the code you don’t turn around and sell the code as well.

This was the foundation for the web. Apache, the most popular web server in use, is a product of the open source community. Recently, due to a large pool of code to draw upon and the entry into the open source community of many proprietary products we have been seeing a lot of advancements coming at a more rapid rate than ever., a project for replacing Microsoft Office, Eclipse, a project supposedly named because they were going to “eclipse” Sun and a list almost as long as the postings on (a popular site for open source software) have emerged.

This is changing the way people write code. Programmers today are often charged with assembling and integrating code more than they are actually writing new code. Many organizations have seen that by using code repositories online and in some cases searchable is more efficient than writing new code. In many cases, software developers and architects spend more time finding, downloading and evaluating available code than anything else.

Some programmers sell their code, but many just post it online giving back to the community that helped them find code they have been using and in some cases learn their craft. Finding the appropriate code for a given task and making sure that the licensing and documentation is taken care of can be a tough task. This is where a new type of search engine comes into play. currently offers over 225,000,000 lines of code for languages including PHP, Python, SQL and many others. Krugle is another search engine that offers much more information on code although it is currently in beta. If you would rather pay for your ability to search code you can sign up for the protexIP/OnDemand service with Black Duck. Anyone who will be writing a lot of code should get to know all their options for trolling around for code.

January 4th, 2007

Posted In: Business

Tags: , , , , , ,

I originally posted this at

1. Enable MySQL.
2. Create a database in MySQL called joomladb.
3. Create a new user called jadmin that has full priviledges to this database (the user does not need to be called jadmin, but that is the username we will be using for this walkthrough).
4. Download the latest stable release of Joomla.
5. Extract the tar files into a new folder (for this example we are going to call it joomla to keep things easy).
6. Make the following folders writeable for Joomla
7. Move the joomla folder onto a web server.
8. From your web server, visit the site or the subfolder that you placed the joomla files into.
9. Make sure PHP is enabled for the domain and globally.
10. At the Joomla Pre-Installation check page, you will either see a notice that you can install Joomla or a notice that your system does not meet the minimum requirements for installion. If your system does not meet the requirements, install the modules that are listed in Red, or make Joomla work and click on the Check Again button. Once the dependencies are all installed click Next.
11. Read the license agreement and click on Next.
12. Fill in the appropriate fields for your MySQL environment and click Next >>. The fields that are used:
a. Host Name: If the server you are currently using is a MySQL server then enter localhost. Otherwise enter the name or IP of your MySQL server.
b. MySQL User Name: Either enter the root User Name for your MySQL server or another username if desired.
c. MySQL User Name: Either enter the root password for your MySQL server or the password for another user if desired.
d. MySQL Database Name: The name of the database on the MySQL server you would like the Joomla files saved to. In our example, we will use joomladb.
13. Enter the name you would like to use for your Joomla site. This will be the name users will see when logging into your Joomla site and click on the Next button.
14. At the next screen you will be asked to enter some site specific information and then click Next.
a. URL: Enter the URL that users will use to access your site.
b. Path: Enter the full path to the Joomla directory on your server.
c. Email: This will be used for administrative logins.
d. Admin password: This will be the administrative password used to access your Joomla site.
15. cd into the Joomla directory and remove the directory called installation.
16. Click on the View Site button. If you see the Default Joomla site then you are almost done.
17. Go back to the previous screen and click on the Administration button.
18. Enter admin as your username and the administrative password you gave Joomla in field 14.d.
19. You now have Joomla configured and are now ready to customize it.

July 14th, 2006

Posted In: Mac OS X Server, sites, Social Networking

Tags: , , , , ,