Make sure the Speakers playback device for your Blue Yeti is disabled. This is the playback option for playing through a device you plug into the mic's 3.5mm jack. In my use case, I have the HyperX Cloud Alpha headphones and don't require this jack. I had recently enabled the device which looks like it was resetting my mic volume to 50%...no idea why this fixed it but it did for me at least.

At first, I thought the update had automatically enabled FileVault 2 on my SSD (since the icon and "verifying" text looks similar). But as it turns out in my case at least, if I open any video files in Quicktime, it'll add the "com.apple.quarantine" extended attribute to the file. It looks like this is a bug and hopefully Apple will fix it soon since it makes opening large files on slower devices take minutes to verify with no skip button like you have for .dmg files.

In the meantime, you can remove the quarantine attribute from your file using the xattr command in terminal.

Also, I'll just leave this here if you understand the risks. If you want to disable quarantine system-wide so that you don't have to do the following steps on a per-file basis, type this command into terminal and restart your computer. Keep in mind though that this is disabling a protection feature of macOS and isn't recommended, although it should fix your problem permanently and system-wide.

defaults write com.apple.LaunchServices LSQuarantine -bool NO

1. Open Terminal by typing terminal into spotlight search.
2. Type xattr and then drag the file (or type the path) in question into terminal like so:
   
3. Hit enter and you'll see the current attributes on said file.
   
4. If you see com.apple.quarantine, you can remove it by adding -d com.apple.quarantine between the command and file name like this:
   
5. Now when you rerun xattr to see the current attributes on the file, com.apple.quarantine shouldn't be there anymore and you should be able to open your files without the long verifying times.
   

About nginx

NGINX is a very fast Webserver, its faster than Apache (under similar conditions) because it doesn't need to spawn new processes or threads for each request like Apache does. Hence it also has a low memory foot print. - sridharpandu

Getting Started

For this guide, we will be installing nginx on a Digital Ocean droplet running Ubuntu 15.10. If you need help setting up your own droplet, check out my other blog post, How to set up a Digital Ocean Droplet.

Install nginx

Run sudo apt-get install nginx and you're done...just kidding!

Well, technically nginx is now installed and you can access it at your IP address, but we want to easily access our files and change some permissions around before we call it a day.

Web root location

By default, nginx will create a directory at /var/www/html that will house all of your static files that you want to serve.

While your website will work just fine at this location, it isn't really the proper spot to place files for nginx to serve. Also, if you end up hosting multiple domains in the future, it'll just become a bigger mess. What we are going to do instead is place our files in the /srv directory,

Setting up /srv

We are going to have to set up a directory structure in the / folder which will require a lot of sudo.

To save some typing, you can login to the root account by typing sudo su followed by your password. Now you won't have to prepend every command with sudo for the next few steps.

Go to the /srv folder with cd /srv.

Now make a directory called www by running mkdir www and then go to the new directory with cd www.

This will be the directory that all of your domains will be housed. Make a new folder with your domain. For example: mkdir keitharm.me. If you don't have a domain and just want to host from your ip, you can make a default folder instead mkdir default. Now, enter the directory and make a directory called public_html. This will be the directory that all of your files you want to served from. Next, enter public_html and type echo "hello world" > index.html to make a test index.html file that we can use for later.

Permissions

Currently, any of the files under the /srv directory will require root permissions in order to modify/create/delete. We will need to change the permissions of the domain folder you made so that you (and possibly others) will have access to the files.

If you only want 1 user to have read/write permissions for a domain's directory, you can easily just run chown keith:keith -R /srv/www/keitharm.me. This will make it so that only keith (and root) can create/modify/delete files in the keitharm.me directory as well as any directories underneath it (public_html). You can skip to the next step, "Making an easy access alias".

If you want multiple users to be able to read/write a domain's directory, we will have to setup a new group that has access to the folder. To do this, we will make a new group called keitharm, give the keitharm group read/write permissions for the keitharm.me directory, and then add users keith and garrett to the group so that both users have access. To make a new group, type addgroup keitharm.

Now, we need to change the group owner of /srv/www/keitharm.me to keitharm.me. You can do this by typing chgrp keitharm /srv/www/keitharm.me. Next, we need to set the read/write permissions for the group. Type chmod g+rws -R /srv/www/keitharm.me.

If you are wondering what the s means in that command, you can read up more about setuid/gid here. Basically, it means that if a user with read/write permissions to a directory creates a file, it'll duplicate the current read/write and group permissions for that file. This is so that if keith creates a file, it'll make the group owner for that file keitharm and also make it maintain it's read/write permissions so that later on, garrett could modify that file as well. This applies to directories as well.

Now for the last step, we have to add keith and garrett to the keitharm group. You can do this with the usermod command like so:

usermod -a -G keitharm keith - Add keith to the keitharm group.

usermod -a -G keitharm garrett - Add garrett to the keitharm group.

Now both of those users will have full read/write permissions for the domain's directory (if the user is currently logged in, they'll need to logout and back in again for the permissions to update for their account).

Making an easy access alias

For the last step, it'd be nice if you didn't have to type the full path /srv/www/keitharm.me/public_html/ everytime you wanted to access something on your website. Luckily, we can use symbolic links to make a shortcut in your home directory so that you can access your files through something like www instead.

Make sure you are in the user's home folder (or wherever you want the shortcut to be) and type ln -s /srv/www/keitharm.me/public_html www. This will make a new symbolic link in the directory that you can cd into to easily get to the real directory.

Changing nginx's default directory

Now that we have all of our permissions and directories set up, we need to update the nginx config to point to the new paths.

nginx's config is located at /etc/nginx. What we are interested in is the sites-available folder. By default, there is a default file in there with nginx configuration information. If you only want to host from your ip, you can keep this file. Otherwise, if you have a domain, make a newfile with your domain name like keitharm.me.

Now, copy the default config file into your new domain file with cp default keitharm.me. And then, edit the file with nano keitharm.me.

You will see a lot of configurations settings that you can learn more about here, but the one setting that we are concerned about is the root value. Located on line 36, this is the directory that nginx will server files out of.

Change this to /srv/www/keitharm.me/public_html and then save and close the file.

Now go to /etc/nginx/sites-enabled. This is the actual directory that nginx loads the settings from. You can think of the sites-available directory as the staging area. In order to "enable" the site, we make a symbolic link to the config file in the sites-available directory like so:
ln -s /etc/nginx/sites-available/keitharm.me

Make sure you remove the default file with rm default if you are using your own domain file.

Now, test your nginx configuration with nginx -t. If no errors appear, you can restart the nginx server with service nginx restart.

Go to your ip address and you should see our "hello world" message from the index.html file that we created from before!

Blog post video tutorial available on youtube

About Digital Ocean

Digital Ocean is a simple cloud hosting service built for developers.

Unlike other services that have tools like cPanel and Jailshells, Digital Ocean provides you with full root access which gives you complete control over your server. This freedom also requires you to know what you are doing in order to get everything in working order.

Getting Started

To get started, go to Digital Ocean and sign up. Make sure you use my link in order to get a free $10 in credit (2 months of server time) added to your account.

Once you have signed up, have verified your email, and have added a form of payment, you are ready to set up your first droplet (droplet = server in DO jargon).

Creating a droplet

Click on Create Droplet, and make the most important decision: which OS you want this server to run.

It's mostly a matter of personal preference which OS to choose...so personally, I'd stick with Ubuntu 15.10 x64. I'm not going to waste half a page giving reasons for choosing it over another version, 32/64 bit, OS, LTS or not, etc., I'm sure you can find thousands of arguments on Google for that. But the main reasons are: the large community you can talk to for support, large library of packages supported through apt-get, and there are a huge number of tutorials out there that use Ubuntu as their OS of choice which makes following along MUCH easier (exhibit A).

Next, pick a droplet size. Keep in mind that you can resize your droplet in the future if your server demands it, but only upwards. Unless you choose flexible resizing, you will not be able to go back to a lower and cheaper tier. So, I'd play it safe by starting off at $5.

And finally, choose which region you'd like your server hosted. It'd probably be the best to choose a region closest to you/your audience in order to lower latency...although it probably won't be very noticeable unless your website is very high demand. Check this article out to learn more.

For additional options, I'd just choose Private Networking in case I end up spinning up another droplet that I'd like to easily communicate with using an internal IP.

Now we wait ~55 seconds for your droplet to be created. You should receive an email shortly after creating your droplet that will contain your IP address, and root password.

55 seconds later...

Configuring your droplet

Open up your favorite Terminal client and ssh to your new server! For Windows users, you can download a terminal client such as Cygwin or PuTTY or follow along from your droplet's console on DO by clicking on your droplet and then clicking console access.

$ ssh root@your_ip_address

Once you have logged in, you will have to change your root password for security measures.

$ ssh root@12.34.56.78
The authenticity of host '12.34.56.78 (12.34.56.78)' can't be established.  
ECDSA key fingerprint is SHA256:zqAUPWpCLXCCUCLKaj+jNAxgKw1FRRh+lVvFH3q0f2k.  
Are you sure you want to continue connecting (yes/no)? yes  
Warning: Permanently added '12.34.56.78' (ECDSA) to the list of known hosts.  
root@12.34.56.78's password:  
You are required to change your password immediately (root enforced)  
Welcome to Ubuntu 15.10 (GNU/Linux 4.2.0-27-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
Changing password for root.  
(current) UNIX password:
Enter new UNIX password:  
Retype new UNIX password:  
root@ubuntu-512mb-sfo1-01:~#  

Now with that out of the way, we are going to update all of the packages on your new droplet to their latest versions using apt-get.

Run apt-get update followed by apt-get upgrade -y to update all of the packages currently installed on your droplet.
# apt-get update && apt-get upgrade -y

Next, we are going to update the kernel using apt-get dist-upgrade -y.
# apt-get dist-upgrade -y

And finally, we are going to remove the old kernel with apt-get autoremove -y and then reboot the droplet to load in the latest kernel by typing reboot.
# apt-get autoremove -y && reboot

Now it's time to secure your account. First, we are going to set up a personal account for yourself, give it sudo privileges, and then lastly disable root login.

Type adduser username_here to add a new user. Give the user a password and then leave the rest of the values blank by pressing enter.

Now, type visudo and look for the line # User privilege specification.
Follow the format of root and type a new line with your username. It should look something like this:

# User privilege specification
root    ALL=(ALL:ALL) ALL  
username_here (ALL:ALL) ALL  

Save the file with ctrl + x, y, enter

Now, we will disable root login for security.

Type nano /etc/ssh/sshd_config
Find the line that says PermitRootLogin yes and change the yes to no.
Save the same way as before with ctrl + x, y, enter.
And type service sshd restart to make the changes take effect. You should be unable to login as root now...use your new account you just created from now on. If you need to run something as root, you should prepend the sudo keyword to your command.

Congratulations! You have finished setting up your Digital Ocean droplet!

In a future blog post, we will go over setting up an NGINX web server as well as setting up a node server that uses the reverse proxy feature of NGINX.

From now...