Oct 092018
 

Again with the casual breakage! For whatever reason(s) my openmediavault installation decided that it did not want to accept the addition of new shared folders. Yep, the disks are good (well a couple of SMART errors on the spinning rust, but nothing unexpected), everything is updated and yet…

omv-cant-apply-changes-2018-10-0.png

Troubleshooting was non-obvious, so the simple thing to do was to destroy and start again, to “nuke and repave”.

Get OMV Arrakis and install

https://www.openmediavault.org/download.html

Use Etcher to burn ISO to USB, and install ISOfollowing onscreen instructions. Make note of IP4 addr from installation.

 

From webgui… 0

http://192.168.2.59

usr: admin
pswd: openmediavault

  • change passwords, ssh port, httpd port
  • add “network” user

Install OMV extras plugin

$ ssh [email protected]
# sudo apt update && sudo apt upgrade
# wget -O – http://omv-extras.org/install | bash
# apt-get install python-pip
# pip install python-magic

From webgui… 1

  • mount filesystems under
    File Systems

    .

  • add shares under
    Shared Folders

    .

  • add Shared Folders under
    SMB/CIFS

    for network discovery. Everything allos “guest” except root directory.

  • under
    Rsync

    set up scheduled copy of WDR4TB-UK to WDR4TB-USthe two Western Digital Red drives in the system (system drive is a ca, 160GB Hitachi SSD). No fancy RAIDing or shit. Just one media drive backed up to another.

  • install Docker CE
  • from Docker install
    • Emby (plex replacement)
    • LazyLibrarian
    • Headphones
    • ¿¿ Nextcloud ?? (already have this on a VPS, but…)
    • ¿¿ Pihole ?? (already have this on a rasp-pi, but for backup?)
    • ¿¿ Podcast server ?? — do I really want ot open up the network?
    • jupityer notebooks?
    • ¿¿ other docker awesomeness

Installing Docker apps/services all follows the same model. Confusing at first (esp if you do not read the docs), but pretty straightforward.  If you get one down the rest will slot nicely into place.

SO… the settings for lazylib:

lazylibrarian-docker-omv-settings.jpg

 

With PGID and PUID coming from

S id<span class="">networkdude</span>

,  group and user id respectively.

And the ress of the settigngs coming from info from the docker container…

<br /><br /><pre><code>docker create \
  --name=lazylibrarian \
  -v <path to data>:/config \
  -v <path to data>:/downloads \
  -v <path to data>:/books \
  -e PGID=<gid> -e PUID=<uid>  \
  -e TZ=<timezone> \
  -p 5299:5299 \
  linuxserver/lazylibrarian

Oct 062018
 

Machine crashed– well, hung– after [insert reason]. Age?
PS showed nothing, neither did “Activity Monitor”, and my googlefu must have been for /ʃaɪt/, since I found nothing there either.

After some digging around the usual directories… a lock file. Kill that, and we’re back in business.

 

audacity-the-second-running

audacity-the-second-running

Sep 212018
 

Sooo, my TP-Link Archer C8 AC1750 Gigabit router decided to not play nice after a short power outage. Didn’t do much anyway except keep a couple of machines in a their own little subnet in which the pi-hole was located.

Replaced it with… NETGEAR GS108Tv2 8-Port Gigabit managed switch and flatten the network a little. Everything was peachy with that set up, but the pihole was still on 172.16.0.0/24… reconfigured that with pihole -r and all looked well except for the pi-hole could not ping outside of the LAN. Grrr! Much hair pulling until…

pi@pihole:~ $ ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
From 192.168.2.101 icmp_seq=1 Destination Host Unreachable
^Z
[11]+  Stopped                 ping 1.1.1.1
pi@pihole:~ $ clear

pi@pihole:~ $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         172.16.0.1      0.0.0.0         UG    202    0        0 eth0
default         192.168.2.1     0.0.0.0         UG    303    0        0 wlan0
default         192.168.2.1     0.0.0.0         UG    304    0        0 wlan1
192.168.2.0     0.0.0.0         255.255.255.0   U     202    0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     303    0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     304    0        0 wlan1

.
.
.
pi@pihole:~ $ sudo route del -net 0.0.0.0 gw 172.16.0.1 metric 202 dev eth0
.
.
.
pi@pihole:~ $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.2.1     0.0.0.0         UG    303    0        0 wlan0
default         192.168.2.1     0.0.0.0         UG    304    0        0 wlan1
192.168.2.0     0.0.0.0         255.255.255.0   U     202    0        0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U     303    0        0 wlan0
192.168.2.0     0.0.0.0         255.255.255.0   U     304    0        0 wlan1
pi@pihole:~ $ ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=59 time=20.9 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=59 time=21.3 ms

DICE!

Lord knows when I purchased the Archer, but it was a good few years ago, and I sure as eggs didn’t spent that much on it. What gives?

Sep 112018
 

Of Apple-Pyes: A poem, by Mr. [Leonard] Welsted.

OF all the delicates which Britons try,
To please the palate, or delight the eye;
Of all the several kinds of sumptuous fare,
There’s none that can with apple-pye compare,
For costly flavour, or substantial paste,
For outward beauty, or for inward taste.

WHEN first this infant dish in fashion came,
Th’ ingredients were but coarse, and rude the frame;
As yet, unpolish’d in the modern arts,
Our fathers eat brown bread instead of tarts:
Pyes were but indigested lumps of dough,
’Till time and just expence improv’d them so.

KING Coll (as ancient annals tell)
Renown’d for fiddling and for eating well,
Pippins in homely cakes with honey stew’d,
Just as he bak’d (the proverb says) he brew’d.

THEIR greater art succeeding princes shew’d,
And model’d paste into a nearer mode;
Invention now grew lively, palate nice,
And sugar pointed out the way to spice.

BUT here for ages unimprov’d we stood,
And apple-pyes were still but homely food;
When god-like Edgar, of the Saxon line,
Polite of taste, and studious to refine,
In the dessert perfuming quinces cast,
And perfected with cream the rich repast:

Hence we proceed the outward parts to trim,
With crinkumcranks adorn the polish’d rim,
And each fresh pye the pleas’d spectator greets
With Virgin fancies and with new conceits.

DEAR Nelly, learn with care the pastry art,
And mind the easy precepts I impart;
Draw out your dough elaborately thin,
And cease not to fatigue your rolling-pin:
Of eggs and butter, see you mix enough;
For then the paste will swell into a puff,
Which will in cmmbling sound your praise report,
And eat, as housewives speak, exceeding short:
Rang’d in thick order let your quincies lie;
They give a charming relish to the pye:
If you are wise, you’l1 not brown sugar slight, T
he browner (if I form my judgment right)
A tincture of a bright vermil’ will shed
And stain the pippin, like the quince, with red.

WHEN this is done, there will be wanting still
The just resewe of cloves, and candy’d peel;
Nor can I blame you, if a drop you take
Of orange water, for perfuming sake;
But here the nicety of att is such,
There must not be too little, nor too much;
If with discretion you these costs employ,
They quicken appetite, if not they cloy.

NEXT in your mind this maxim firmly root,
Never o’er-charge your pye with costly fruit:
Oft let your boclkin thro’ the lid be sent,
To give the kind imprison’d treasure vent;
Lest the fermenting liquors, mounting high
Within their brittle bounds, disdain to lie;
Insensibly by constant fretting waste,
And over-run the tenement of paste.

TO chuse your baker, think and think again,
You’1l scarce one honest baker find in ten:
Adust and bruis’d, I’ve often seen a pye
In rich disguise and costly ruin lie;
While the rent crust beheld its form o’erthrown,
Th’ exhausted apples griev’d their moisture flown,
And syrup from their sides run trickling down.

O BE not, be not tempted, lovely Nell,
While the hot piping odours strongly swell,
While the delicious fume creates a gust,
To lick th’ o’erflowing juice, or bite the crust:
You’ll rather stay (if my advice may rule)
Until the hot is temper’d by the cool;
Oh! first infuse the luscious store of cream,
And change the purple to a silver stream;
That smooth balsamick viand first produce,
To give a softness to the tarter juice.

~~ from The Country Housewife’s Family Companion, 1750

Aug 242018
 

Delia Smith’s (kinda) — le pâté grossier

Gluten Free Homemade Rustic French Pâté

It’s in foreign because Number One Son with his most excellent French shamed me into realising that I have been resting on my regarde-mon-stylo, pre-O-level French for too long, and that I really should make more of an effort. How hard can it be, really? On the similarities betwixt English and French, did Dumas not say that English was just French badly pronounced?

Soooo, with apologies to Francophones, and recognition that no google translates were harmed in my butchering of the language, an homage to pâté…

Les ingrédients

  • 350 g [450] de porc haché (ca. 90% belly; 10% shoulder)
  • 1 cuillère à café pleine de thym frais haché
  • 120 ml de vin blanc sec
  • 25 ml de cognac (single malt whisky),
  • [1 oeuf]
  • 450 g [see #1 and belly pork] de rashers de porc britanniques, avec autant de gras que possible
  • 275 g [235] de bacon britannique fumé à sec
  • 225 g [650] de foie de porc britannique (of fucking course)
  • 20 baies de genièvre
  • 20 grains de poivre noirs entiers
  • 1 cuillère à café pleine de sel
  • ¼ [NONE] cuillère à café arrondie macis moulu
  • 2 [4] grosses gousses d’ail écrasées

[]s == my modifications

Pour garnir:
feuilles de laurier fraîches
quelques baies de genièvre supplémentaires

le Méthode

  • Préchauffez le four … 170°C [150ºC]
  • Hacher la viande très finement (ou utiliser un robot culinaire, le foie en dernier parce qu’il est le plus sale).
  • Mélangez bien le vin et l’armagnac (ou Glenlivet Founder’s Reserve FTW), l’ail, le poivre noir, le sel marin de Maldon, le thym du jardin, que l’on a broyé avec soin dans un pilon et un mortier.
  • Mettez en une terrine ou une moule de pain, ~~~faites des mots grossiers avec~~~ décorer des baies de genièvre et des feuilles de laurier, au bain-marie au four pendant 90 minutes.
  • Laisser refroidir (ne pas égoutter les jus environnants) puis, lorsque le pâté est froid, placer une double bande de papier d’aluminium sur le dessus et mettre quelques poids pour le presser pendant au moins quelques heures.
  • EAT!

Purchased this on a whim. Quite decent, really:

Jun 162018
 

Getting pretty annoyed with keeping track of which browser on which machine has which add blockers installed, so it’s time for a more holistic approach. Enter, stage left, the Pi-hole. In short it:

…acts as a forwarding DNS server, which means if it doesn’t know where a domain is, it has to forward your query to another server that does. When you install Pi-hole, it knows where the ad-serving domains are (because you tell it), so it doesn’t forward those requests.

With a Rapsberry Pi 3 model b and a 64GB micro SD card, a set-up that is beefier than it needs to be, but who knows what the Pi will be used for in the future…

#1 Get Raspbian, and format micro SD card— after much jiggling with the unlock tab on the adapter and delicately repeatedly inserting-half-inserting into 2012 Macbook Pro’s gunked-up card reader port…

$ wget http://director.downloads.raspberrypi.org/raspbian/images/raspbian-2018-04-19/2018-04-18-raspbian-stretch.zip

$ unzip -a 2018-04-18-raspbian-stretch.zip

$ diskutil list
...
/dev/disk3 (internal, physical):
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:     FDisk_partition_scheme                        *62.0 GB    disk3
   1:               Windows_NTFS                         62.0 GB    disk3s1

$ sudo diskutil eraseDisk FAT32 RASPBIAN MBRFormat /dev/disk3
...
Finished erase on disk3

$ df -h
/dev/disk3s1    62Gi  1.5Mi   62Gi     1%       0                   0  100%   /Volumes/RASPBIAN

$ sudo diskutil unmount /dev/disk3s1
Volume RASPBIAN on disk3s1 unmounted

$ sudo dd if=/Users/yearluk/Downloads/2018-04-18-raspbian-stretch.img of=/dev/disk3 bs=4m

#2 First boot on the Pi, change hostname, and run the installer…

$ sudo apt update
$ sudo apt upgrade
$ sudo nano /etc/hostname
pihole
...
$ curl -sSL https://install.pi-hole.net | bash

#3 Select eth0 as the interface, and 1.1.1.1 (Cloudflare) and 8.8.8.8 (Google) as the upstream DNS providers.

IP: 192.168.2.23/24
Default Gateway: 192.168.2.1

Log queries and select web-gui option.

admin password xxxxxxx

install log at /etc/pihole/install.log

web gui 192.168.2.23/admin

As easy as Pi 🙂

Set up SSH and VNC access (just a couple of checkboxes in Raspberian’s GUI), enable wi-fi (DCHP– 192.168.0.104)

Expand blacklists…

curl -s https://tspprs.com/dl/fraud | pihole -g
curl -s https://tspprs.com/dl/ads | pihole -g
curl -s https://tspprs.com/dl/spam | pihole -g
curl -s https://tspprs.com/dl/scam | pihole -g
curl -s https://tspprs.com/dl/ransomware | pihole -g
curl -s https://tspprs.com/dl/phishing | pihole -g
curl -s https://tspprs.com/dl/tracking | pihole -g

Unbound and setting up resolving/recursive DNS (rather than merely forwarding)

What’s the difference? With forwarding, if a name has not been previously associated with an IP (ie. ached on the pi-hole), the request is sent upstream and the result cahed.

Aaand in recursive… request is sent to ROOT servers for resolving say, “.us”, and thence to TLD name servers. Domain lookup will go to AUTHORATATIVE servers handling “yearl” (and subdomains), and all will be relayed and chached locally. So, a few more steps? Why do this? Neither Cloudflare nor Google (or whatever my upstream DNS would have been) will know where I am going. So, err privacy. Why not do this? It will take longer for the first resolution of a name.

Install the recursive DNS resolver:

sudo apt install unbound

Update list of primary root servers:

wget -O root.hints https://www.internic.net/domain/named.root
sudo mv root.hints /var/lib/unbound/

Configure unbound:

sudo nano /etc/unbound/unbound.conf.d/pi-hole.conf
...
server:
    verbosity: 1
    port: 5353
    do-ip4: yes
    do-udp: yes
    do-tcp: yes

<h1>May be set to yes if you have IPv6 connectivity</h1>

<pre><code>do-ip6: no

# Use this only when you downloaded the list of primary root servers!
root-hints: "/var/lib/unbound/root.hints"

# Trust glue only if it is within the servers authority
harden-glue: yes

# Require DNSSEC data for trust-anchored zones, if such data is absent, the zone becomes BOGUS
harden-dnssec-stripped: yes

# Don't use Capitalization randomization as it known to cause DNSSEC issues sometimes
# see https://discourse.pi-hole.net/t/unbound-stubby-or-dnscrypt-proxy/9378 for further details
use-caps-for-id: no

# Reduce EDNS reassembly buffer size.
# Suggested by the unbound man page to reduce fragmentation reassembly problems
edns-buffer-size: 1472

# TTL bounds for cache
cache-min-ttl: 3600
cache-max-ttl: 86400

# Perform prefetching of close to expired message cache entries
# This only applies to domains that have been frequently queried
prefetch: yes

# One thread should be sufficient, can be increased on beefy machines
num-threads: 1

# Ensure kernel buffer is large enough to not loose messages in traffic spikes
so-rcvbuf: 1m

# Ensure privacy of local IP ranges
private-address: 192.168.0.0/16
private-address: 172.16.0.0/12
private-address: 10.0.0.0/8
</code></pre>

And start unbound and validate:

sudo service unbound start
dig yearl.us @127.0.0.1 -p 5353
...
; &lt;&lt;>> DiG 9.10.3-P4-Raspbian &lt;&lt;>> yearl.us @127.0.0.1 -p 5353
;; global options: +cmd
;; Got answer:
;; ->>HEADER&lt;&lt;- opcode: QUERY, status: NOERROR, id: 26331
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;yearl.us.          IN  A

;; ANSWER SECTION:
yearl.us.       3585    IN  A   104.28.19.121
yearl.us.       3585    IN  A   104.28.18.121

dig sigok.verteiltesysteme.net @127.0.0.1 -p 5353
...
NOERR
...

And then set custom upstram DNS in the pi-hole webgui to “127.0.0.1#5353”

Some basic Pi (Debian Stretch base) stuff…

Basic Pi config:

$ sudo raspi-config

Move over, ifconfig!

$ hostname -I
192.168.2.23 192.168.0.104

$ ip -4 addr show | grep global
    inet 192.168.2.23/24 brd 192.168.2.255 scope global eth0
    inet 192.168.0.104/24 brd 192.168.0.255 scope global wlan0

$ cat /etc/resolv.conf
# Generated by resolvconf
nameserver 127.0.0.1

What’re my interfaces default gateways?

$ ip route | grep default | awk '{print $3}'
192.168.2.1
192.168.0.1

Can configure a static IP via /etc/network/interfaces or /etc/dhcpcd.conf Might do this when moving the Pi from the 192.168.2.0 subnet to the router “guarding” 192.168.0.0

$ sudo route add default gw 192.168.0.1 eth0
$ sudo /etc/init.d/networking restart

EDIT (2018-06-19): Pi-hole was running quite nicely over wi-fi (assigned to 192.168.0.0), went to put it on the LAN and after removing SD card to placement of the Pi board inso some case the SD card decided to go fuck up. Anyhoo repeated above steps with a new (32GB) SD card, and all appears to be peachy-creamy.



Jun 012018
 

My local radio station has a quiz every once in a while. The questions are hardly “University Challenge”, but there is one question that always is fiendishly tricksy and slippery: to identify a place in the county from an anagram of it.

Constantly getting all but one question correct, it is, of course time to cheat use lateral thinking.

#1 get a list of place names. A gazetteer should do.

#2 Build an index (hash). First thoughts were to md5 the names, but there’s an easier way: equalise case, remove spaces and punctuation, order the string…

places = Hash.new([])

File.open("./places.txt", "r") do |file|
  while line = file.gets
    place = line.chomp
    # kill possesives!!
    places_hash = line.chomp.downcase.delete(' ').delete("'")
    places[places_hash.chars.sort.join]+= [place]
  end
end

File.open("places_hash", "w") do |file|
  Marshal.dump(places, file)
end

puts places.inspect

#3 Simply pull out the entry that matches the key…

places = nil

File.open("places_hash", "r") do |file|
  places = Marshal.load(file)
end

wrangler = "REPLACE_ME"

rewrangler = wrangler.downcase.delete(' ').delete("'")
sorted_wrangler = rewrangler.chars.sort.join
answer = places[sorted_wrangler]

answer = answer[0] ||= "nowhere to be found in Shropshire!"
puts "wrangler: #{wrangler} \n\nIt's probably... #{answer}"

And that’s all she wrote… a basic anagram solver.

program output

program output

May 252018
 

Happy GDPR Day!

With the slew of new cookie warnings and privacy notifications and such, it’s time to do something with those annoying domains from content farms that so often pepper search engine results.

Step 1: install Tampermonkey extension

Step 2: set to writing a bunch of JS. But wait, surely someone else has already done this… they have:
https://greasyfork.org/en/scripts/1682-google-hit-hider-by-domain-search-filter-block-sites So a big, BIG thank you to Jefferson Scher.

EDIT: Another script to restore “old” youtube. The non-sucky version (the one with ‘up next’ right below the video being played)… https://cable.ayra.ch/tampermonkey/data/youtube_old_design.user.js