LUG Community Blogs

Adam Trickett: Bog Roll: New Time Piece

Planet HantsLUG - Sat, 28/06/2014 - 17:11

Personal portable tine pieces are strange things. My first watch was a small red wind-up Timex that I was given when I could read the time. The strap eventually frayed out but it was still in good order when I was given a Timex LCD digital watch when they became popular and cheap. That watch lasted all of 12 months before it died to be replaced by a Casio digital watch which lasted many years and many straps.

At University I had my grandfather's watch, a mechanical Swiss watch that was very accurate as long as I remembered to keep it wound up. I continued to wear it as my regular watch in my first job. The only problem with this watch was it wasn't shock or waterproof and it was no good when I forgot to wind it up! My better half got me a Casio hybrid analogue/digital watch which I used for many years as my out doors/DIY watch.

I was somewhat disappointed when the resin case failed and though the watch was okay it wasn't wearable anymore and I replaced it with two watches, another similar Casio and a titanium cased Lorus quartz analogue display watch. The Casio failed in exactly the same was as the previous ones, dead straps and the a case failure.

My most recent watch is a Seiko titanium cased quartz analogue display similar to the Lorus (they are the same company) but this one is slightly nicer and battery is solar re-charged so it should never need replacing. The strap is also made of titanium so unlike the continually failing resin straps it should also last quite a bit longer...

The irony of all these watches is that I sit in-front of a computer for a living, and often at home - all of which have network synchronised clocks on them that are far more reliable than any of my wrist-watches. When I'm not at a computer I usually have my mobile phone with me or another high precision time pieces is available...

Categories: LUG Community Blogs

Brett Parker (iDunno): Sony Entertainment Networks Insanity

Planet ALUG - Sat, 28/06/2014 - 16:54

So, I have a SEN account (it's part of the PSN), I have 2 videos with SEN, I have a broken PS3 so I can no deactivate video (you can only do that from the console itself, yes, really)... and the response from SEN has been abysmal, specifically:

As we take the security of SEN accounts very seriously, we are unable to provide support on this matter by e-mail as we will need you to answer some security questions before we can investigate this further. We need you to phone us in order to verify your account details because we're not allowed to verify details via e-mail.

I mean, seriously, they're going to verify my details over the phone better than over e-mail how exactly? All the contact details are tied to my e-mail account, I have logged in to their control panel and renamed the broken PS3 to "Broken PS3", I have given them the serial number of the PS3, and yet they insist that I need to call them, because apparently they're fucking stupid. I'm damned glad that I only ever got 2 videos from SEN, both of which I own on DVD now anyways, this kind of idiotic tie in to a system is badly wrong.

So, you phone the number... and now you get stuck with hold music for ever... oh, yeah, great customer service here guys. I mean, seriously, WTF.

OK - 10 minutes on the phone, and still being told "One of our advisors will be with you shortly". I get the feeling that I'll just be writing off the 2 videos that I no longer have access to.

I'm damned glad that I didn't decide to buy more content from that - at least you can reset the games entitlement once every six months without jumping through all these hoops (you have to reactivate each console that you still want to use, but hey).

Categories: LUG Community Blogs

Martin Wimpress: Integrating Dropbox photo syncing with Open Media Vault and Plex

Planet HantsLUG - Sat, 28/06/2014 - 12:00

I've installed Open Media Vault on a HP ProLiant MicroServer G7 N54L and use it as media server for the house. OpenMediaVault (OMV) is a network attached storage (NAS) solution based on Debian Linux. At the time of writing OMV 0.5.x is based on Debian 6.0 (Squeeze).

I use a free Dropbox account to sync photos from mine and my wife's Android phones and wanted to automate to import of these photo upload into Plex, which is also running on Open Media Vault.

Installing Dropbox on Open Media Vault 0.5.x

I looked for a Dropbox Plugin for Open Media Vault and found this:

Sadly, at the time of writing, it is unfinished and I didn't have the time to go and learn the Open Media Vault plugin API.

The Open Media Vault forum does include a Dropbox HOW-TO which is very similar to how I've run Dropbox on headless Linux servers in the past. So, I decided to adapt my existing notes to Open Media Vault.

Create a Dropbox Share

Create a Dropbox share via the OMV WebUI.

  • Access Right Management -> Shared Folders

I gave my the name "Dropbox". I know, very original.

Installing Dropbox on a headless server

Download the latest Dropbox stable release for 32-bit or 64-bit.

wget -O dropbox.tar.gz "http://www.dropbox.com/download/?plat=lnx.x86" wget -O dropbox.tar.gz "http://www.dropbox.com/download/?plat=lnx.x86_64"

Extract the archive and install Dropbox in /opt.

cd tar -xvzf dropbox.tar.gz sudo mv ~/.dropbox-dist /opt/dropbox sudo find /opt/dropbox/ -type f -exec chmod 644 {} \; sudo chmod 755 /opt/dropbox/dropboxd sudo chmod 755 /opt/dropbox/dropbox sudo ln -s /opt/dropbox/dropboxd /usr/local/bin/dropboxd

Run dropboxd.

/usr/local/bin/dropboxd

You should see output like this:

This client is not linked to any account... Please visit https://www.dropbox.com/cli_link?host_id=d3adb33fcaf3d3adb33fcaf3d3adb33f to link this machine.

Visit the URL, login with your Dropbox account and link the account. You should see the following.

Client successfully linked, Welcome Web!

dropboxd will now create a ~/Dropbox folder and start synchronizing. Stop dropboxd with CTRL+C.

Symlink the Dropbox share

Login to the OMV server as root and sym-link the Dropbox share you created earlier to the Dropbox directory in the root home directory.

mv ~/Dropbox ~/Dropbox-old ln -s /media/<UUID>/Dropbox Dropbox rsync -av -W --progress ~/Dropbox-old/ ~/Dropbox/ init.d

To run Dropbox as daemon with init.d. Create /etc/init.d/dropbox with the following content.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65#!/bin/sh ### BEGIN INIT INFO # Provides: dropbox # Required-Start: $local_fs $remote_fs $network $syslog $named # Required-Stop: $local_fs $remote_fs $network $syslog $named # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # X-Interactive: false # Short-Description: dropbox service ### END INIT INFO DROPBOX_USERS="root" DAEMON=/opt/dropbox/dropbox start() { echo "Starting dropbox..." for dbuser in $DROPBOX_USERS; do HOMEDIR=`getent passwd $dbuser | cut -d: -f6` if [ -x $DAEMON ]; then HOME="$HOMEDIR" start-stop-daemon -b -o -c $dbuser -S -u $dbuser -x $DAEMON fi done } stop() { echo "Stopping dropbox..." for dbuser in $DROPBOX_USERS; do HOMEDIR=`getent passwd $dbuser | cut -d: -f6` if [ -x $HOMEDIR/$DAEMON ]; then start-stop-daemon -o -c $dbuser -K -u $dbuser -x $DAEMON fi done } status() { for dbuser in $DROPBOX_USERS; do dbpid=`pgrep -u $dbuser dropbox` if [ -z $dbpid ] ; then echo "dropboxd for USER $dbuser: not running." else echo "dropboxd for USER $dbuser: running (pid $dbpid)" fi done } case "$1" in start) start ;; stop) stop ;; restart|reload|force-reload) stop start ;; status) status ;; *) echo "Usage: /etc/init.d/dropbox {start|stop|reload|force-reload|restart|status}" exit 1 esac exit 0

Enable the init.d script.

sudo chmod +x /etc/init.d/dropbox sudo update-rc.d dropbox defaults Starting and Stopping the Dropbox daemon

Use /etc/init.d/dropbox start to start and /etc/init.d/dropbox stop to stop.

Dropbox client

It is recommended to download the official Dropbox client to configure Dropbox and get its status.

wget "http://www.dropbox.com/download?dl=packages/dropbox.py" -O dropbox chmod 755 dropbox sudo mv dropbox /usr/local/bin/

You can check on Dropbox status by running the following.

dropbox status

For usage instructions run dropbox help.

Photo importing

So, the reason for doing all this is that I now have a Dropbox instance running on my home file server and everyday it runs a script, that I wrote, to automatically import new photos into a directory that Plex monitors. I'll post details about my photo sorting script, Phort, at a later date.

References
Categories: LUG Community Blogs

MJ Ray: #coops14 sees last days of Downham Food Co-op

Planet ALUG - Fri, 27/06/2014 - 11:14

While  cooperatives fortnight is mostly a celebration of how well cooperatives are doing in the UK, this year is tinged with sadness for me because it sees Downham Food Coop stop trading.

This Friday and Saturday will be their last market stall, 9til 1 on the Town Square, aka Clock or Pump square.

As you can see, the downturn has hit the market hard and I guess being the last stall left outside the market square (see picture: it used to have neighbouring stalls!) was just too much. The coop cites shortage of volunteers and trading downturn as reasons for closure.

But if you’re near Downham today or tomorrow morning, please take advantage of this last chance to buy some great products in West Norfolk!

Categories: LUG Community Blogs

Jonathan McDowell: Forms of communication

Planet ALUG - Thu, 26/06/2014 - 23:39

I am struck by the fragmentation in communication mechanisms. Let's look at how I have communicated with my friends in the past few days:

  • Phone call
    Tried and tested, though I tend to avoid them. I've made some deliberate calls to sort out immediate plans, and at least one accidental call caused by user error which resulted in talking to someone it was good to hear from.
  • Text message
    Again, reasonably tried and tested. I miss the inability to use Google Voice when I'm in the UK; I'd much rather read and compose text messages from my web browser when I'm near a computer than type them on my phone, even if it does have a keyboard.
  • Email
    One of my favourite methods of communication. Suitable for quick messages or longer screeds. I can throw links in and expect you to be able to click them. I can put lots of detail so that everything is covered easily. I can confuse you by quoting correctly. I guess while I do read email on my phone I'm less likely to reply there as I'm always a bit embarrassed how the clients cope with replies.
  • IRC
    Like, I suspect, many readers of my blog posts, I'm still a daily user of IRC. There are friends I keep in touch with mostly via this method. It's great. It's like Twitter for old people and much better in many ways.
  • Skype
    This started out as a work thing. It was the way in which the Belfast office communicated with the US, it become the way the Belfast office communicated with each other and when I moved on it was the way in which I kept in contact with a group of people I consider good friends. It's great for calls (I feel bad saying that, but it's an idea executed well across multiple platforms and any other VOIP stuff I've played with has been much more of a hassle), but the one to one and group chat functionality is pretty spot on as well. Also has the advantage that I can turn it off and mostly not end up with work queries.
  • Google Hangouts
    I actually quite like these. They work on my phone, I can poke them from a web browser, I can dump more than just text into them. IRC is better in some ways, but I do like the additional flexibility I get from a Hangout. It doesn't play well with people who haven't drunk the Google koolaid, which is the main reason I haven't managed to convince the Skype group chat group to move it over here.
  • Facebook messenger
    I hate this. On the face of it there's not a lot of difference between it and Hangouts, but the app wants more and more privileges, I'm less likely to be logged into Facebook (e.g. I avoid it at work, whereas there are good reasons I'd be logged into my Google account there, though less so since the demise of Reader) and I don't think it's as nicely implemented. However there are a few people who it's easiest to get hold of via this method. And there's a certain amount of mesmerisation by the floaty wee faces it invokes on my phone.

While some of these work better for me than others really what I'd like is to use fewer of them, and I can't see that happening any time soon. I don't want to have to run a handful of different messaging apps on my phone. I also don't want to be limited to only using my laptop or my phone for something - I'd much prefer to be able to pickup the phone, laptop or tablet depending on what I'm up to and have my full range of communication available. Some of these things can be aggregated together, but that will then lose some of the advantages. And I'm sure that even if I got rid of one or two of the above there'd be something to fill the gap along shortly (I have, for example, so far completely avoided WhatsApp).

Categories: LUG Community Blogs

MJ Ray: New comments methods

Planet ALUG - Wed, 25/06/2014 - 21:04

After years of resisting it, I’ve added the least evil Twitter/Facebook comments plugin I could find to this blog as a test and updated the comments policy a little.

Please kick the tyres and try commenting to see if it works, phase.

Categories: LUG Community Blogs

Steve Kemp: So I accidentally ... a service.

Planet HantsLUG - Mon, 23/06/2014 - 20:44

This post is partly introspection, and partly advertising. Skip if it either annoys you.

Back in February I was thinking about what to do with myself. I had two main options "Get a job", and "Start a service". Because I didn't have any ideas that seemed terribly interesting I asked people what they would pay for.

There were several replies, largely based "infrastructure hosting" (which was pretty much 50/50 split between "DNS hosting", and project hosting with something like trac, redmine, or similar).

At the time DNS seemed hard, and later I discovered there were already at least two well-regarded people doing DNS things, with revision control.

So I shelved the idea, after reaching out to both companies to no avail. (This later lead to drama, but we'll pretend it didn't.) Ultimately I sought and acquired gainful employment.

Then, during the course of my gainful employment I was exposed to Amazons Route53 service. It looked like I was going to be doing many things with this, so I wanted to understand it more thoroughly than I did. That lead to the creation of a Dynamic-DNS service - which seemed to be about the simplest thing you could do with the ability to programatically add/edit/delete DNS records via an API.

As this was a random hack put together over the course of a couple of nights I didn't really expect it to be any more popular than anything else I'd deployed, and with the sudden influx of users I wanted to see if I could charge people. Ultimately many people pretended they'd pay, but nobody actually committed. So on that basis I released the source code and decided to ignore the two main missing features - lack of MX records, and lack of sub-sub-domains. (Isn't it amazing how people who claim they want "open source" so frequently mean they want something with zero cost, they can run, and never modify and contribute toward?)

The experience of doing that though, and the reminder of the popularity of the original idea made me think that I could do a useful job with Git + DNS combined. That lead to DNS-API - GitHub based DNS hosting.

It is early days, but it looks like I have a few users, and if I can get more then I'll be happy.

So if you want to to store your DNS records in a (public) GitHub repository, and get them hosted on geographically diverse anycasted servers .. well you know where to go: Github-based DNS hosting.

Categories: LUG Community Blogs

Tony Whitmore: Tom Baker at 80

Planet HantsLUG - Mon, 23/06/2014 - 18:31

Back in March I photographed the legendary Tom Baker at the Big Finish studios in Kent. The occasion was the recording of a special extended interview with Tom, to mark his 80th birthday. The interview was conducted by Nicholas Briggs, and the recording is being released on CD and download by Big Finish.

I got to listen in to the end of the recording session and it was full of Tom’s own unique form of inventive story-telling, as well as moments of reflection. I got to photograph Tom on his own using a portable studio set up, as well as with Nick and some other special guests. All in about 7 minutes! The cover has been released now and it looks pretty good I think.

The CD is available for pre-order from the Big Finish website now. Pre-orders will be signed by Tom, so buy now!

Pin It
Categories: LUG Community Blogs

Meeting at "The Moon Under Water"

Wolverhampton LUG News - Mon, 23/06/2014 - 10:15
Event-Date: Wednesday, 25 June, 2014 - 19:30 to 23:00Body: 53-55 Lichfield St Wolverhampton West Midlands WV1 1EQ Eat, Drink and talk Linux
Categories: LUG Community Blogs

Andy Smith: How to work around lack of array support in puppetlabs-firewall?

Planet HantsLUG - Mon, 23/06/2014 - 04:28

After a couple of irritating firewalling oversights I decided to have a go at replacing my hacked-together firewall management scripts with the puppetlabs-firewall module.

It’s going okay, but one thing I’ve found quite irritating is the lack of support for arrays of things such as source IPs or ICMP types.

For example, let’s say I have a sequence of shell commands like this:

#!/bin/bash   readonly IPT=/sbin/iptables   for icmptype in redirect router-advertisement router-solicitation \ address-mask-request address-mask-reply; do $IPT -A INPUT -p icmp --icmp-type ${icmptype} -j DROP done

You’d think that with puppetlabs-firewall you could do this:

class bffirewall::prev4 { Firewall { require => undef, }   firewall { '00002 Disallow possibly harmful ICMP': proto => 'icmp', icmp => [ 'redirect', 'router-advertisement', 'router-solicitation', 'address-mask-request', 'address-mask-reply' ], action => 'drop', provider => 'iptables', } }

Well it is correct syntax which installs fine on the client, but taking a closer look it hasn’t worked. It’s just applied the first firewall rule out of the array, i.e.:

iptables -A INPUT -p icmp --icmp-type redirect -j DROP

There’s already a bug in Puppet’s JIRA about this.

Similarly, what if you need to add a similar rule for each of a set of source hosts? For example:

readonly MONITORS="192.168.0.244 192.168.0.238 192.168.4.71" readonly CACTI="192.168.0.246" readonly ENTROPY="192.168.0.215"   # Allow access from: # - monitoring hosts # - cacti # - the entropy VIP for host in ${MONITORS} ${CACTI} ${ENTROPY}; do $IPT -A INPUT -p tcp --dport 8888 -s ${host} -j ACCEPT done

Again, your assumption about what would work…

firewall { '08888 Allow egd connections': proto => 'tcp', dport => '8888', source => [ '192.168.0.244', '192.168.0.238', '192.168.4.71', '192.168.0.246', '192.168.0.215' ], action => 'accept', provider => 'iptables', }

…just results in the inclusion of a rule for only the first source host, with the rest being silently discarded.

This one seems to have an existing bug too; though it has a status of closed/fixed it certainly isn’t working in the most recent release. Maybe I need to be using the head of the repository for that one.

So, what to do?

Duplicating the firewall {} blocks is one option that’s always going to work as a last resort.

Puppet’s DSL doesn’t support any kind of iteration as far as I’m aware, though it will in future — no surprise, as iteration and looping is kind of a glaring omission.

Until then, does anyone know any tricks to cut down on the repetition here?

Categories: LUG Community Blogs

Martin Wimpress: OpenMediaVault on Debian

Planet HantsLUG - Sun, 22/06/2014 - 12:00

At the time of writing OpenMediaVault 0.6 is pre-release. But it is possible to install OpenMediaVault on Debian Wheezy in order to get some testing done.

Install Debian Wheezy on your target VM or test server. Go with the defaults until the 'Software selection' dialogue. Make sure everything is unselected, like this:

[ ] Debian desktop environment [ ] Web server [ ] Print server [ ] SQL database [ ] DNS Server [ ] File server [ ] Mail server [ ] SSH server [ ] Laptop [ ] Standard system utilities

After the install is complete, reboot and login to the new Debian system as root.

Update the repository sources and add the contrib and non-free repositories.

nano /etc/apt/sources.list

It should look something like this:

deb http://ftp.uk.debian.org/debian/ wheezy main contrib non-free deb-src http://ftp.uk.debian.org/debian/ wheezy main contrib non-free deb http://security.debian.org/ wheezy/updates main contrib non-free deb-src http://security.debian.org/ wheezy/updates main contrib non-free # wheezy-updates, previously known as 'volatile' deb http://ftp.uk.debian.org/debian/ wheezy-updates main contrib non-free deb-src http://ftp.uk.debian.org/debian/ wheezy-updates main contrib non-free

Now add the OpenMediaVault repository.

echo "deb http://packages.openmediavault.org/public kralizec main" > /etc/apt/sources.list.d/openmediavault.list

Update.

apt-get update

Install the OpenMediaVault repository key and Postfix.

apt-get install openmediavault-keyring postfix
  • When the 'Postfix Configuration' dialogue is displayed choose No configuration.

Update again and install OpenMediaVault.

apt-get update apt-get install openmediavault
  • When the 'Configuring mdadm' dialogue is displayed enter none.
  • Do you want to start MD arrays automatically? YES
  • When the 'ProFTPD configuration' dialogue is displayed choose standalone.

Initialise OpenMediaVault and reboot.

omv-initsystem reboot

After the reboot you should be able to connect to the OpenMediaVault WebUI and login as admin with the password of openmediavault.

That's it. Get testing.

Categories: LUG Community Blogs

Martin Wimpress: Setting up BitSync on Debian

Planet HantsLUG - Sat, 21/06/2014 - 12:00

I've replaced Dropbox with BitTorrent Sync. In order to do this I've have btsync running on a VPS (2CPU, 2GB, 400GB), my home server and assorted Arch Linux workstations.

I had a couple of reasons for migrating away from Dropbox.

  • Dropbox was costing $100 per year.
  • Dropbox encryption model is weak and I have data security/privacy.

The VPS I am running BitTorrent Sync on costs $50 per year and provides four times the storage. I run btsync on a VPS so that there is always a server "in the cloud" that is available to sync with so that my setup emulates what Dropbox used to do.

All my servers are running Debian and this is how I install btsync on Debian.

sh -c "$(curl -fsSL http://debian.yeasoft.net/add-btsync-repository.sh)" sudo apt-get install btsync

This is how I respond to the prompts:

  • Do you want to define a default BitTorrent Sync instance? : YES
  • BitTorrent Sync Daemon Credentials:
  • BitTorrent Sync Daemon Group:
  • Niceness of the BitTorrent Sync Daemon: 0
  • On which portnumber should BitTorrent Sync listen? 0
  • BitTorrent Sync Listen Port: 12345
  • Do you want BitTorrent Sync to request port mapping via UPNP? NO
  • Download Bandwith Limit: 0
  • Upload Bandwith Limit: 0
  • Web Interface Bind IP Address: 0.0.0.0
  • Web Interface Listen Port: 8888
  • The username for accessing the web interface: yourusername
  • The password for accessing the web interface: yourpassword

As you'll see, I don't use UPNP on my VPS. I elect a specific port (not actually 12345 by the way) and open that port up with ufw. I also only allow access to the WebUI port from another server I own which reverse proxies via nginx.

btsync works really well, I have it syncing hundreds of thousands of files that amount to several hundred gigabytes of data. On my Arch Linux workstations I use the brilliant btsync-gui and BitTorrent Sync is also available for Android.

That said, I still use a free Dropbox account to sync photos from mine and my wife's Android phones. I have a Dropbox instance running on my home file server and everyday it runs a script to automatically import these photos into Plex.

Such a shame, that at the time of writing, btsync is closed source :-( Maybe that will change but if it doesn't SyncThing may well be the answer when it has matured a little.

References
Categories: LUG Community Blogs
Syndicate content