techblog.jeppson.org
Open in
urlscan Pro
168.103.182.101
Public Scan
Submitted URL: http://techblog.jeppson.org/
Effective URL: https://techblog.jeppson.org/
Submission: On September 14 via manual from US — Scanned from DE
Effective URL: https://techblog.jeppson.org/
Submission: On September 14 via manual from US — Scanned from DE
Form analysis 3 forms found in the DOM
GET https://techblog.jeppson.org/
<form role="search" method="get" class="search-form" action="https://techblog.jeppson.org/">
<label>
<span class="screen-reader-text">Search for:</span>
<input type="search" class="search-field" placeholder="Search …" value="" name="s">
</label>
<input type="submit" class="search-submit" value="Search">
</form>POST https://www.paypal.com/cgi-bin/webscr
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<div class="paypal-donations">
<input type="hidden" name="cmd" value="_donations">
<input type="hidden" name="bn" value="TipsandTricks_SP">
<input type="hidden" name="business" value="jollysaintnick@gmail.com">
<input type="hidden" name="item_name" value="Techblog.jeppson.org donation">
<input type="hidden" name="rm" value="0">
<input type="hidden" name="currency_code" value="USD">
<input type="image" style="cursor: pointer;" src="https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif" name="submit" alt="PayPal - The safer, easier way to pay online.">
<img class="lazy loading" alt="" src="https://www.paypal.com/en_US/i/scr/pixel.gif" data-src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1" data-was-processed="true">
</div>
</form>GET https://techblog.jeppson.org/
<form role="search" method="get" class="search-form" action="https://techblog.jeppson.org/">
<label>
<span class="screen-reader-text">Search for:</span>
<input type="search" class="search-field" placeholder="Search …" value="" name="s">
</label>
<input type="submit" class="search-submit" value="Search">
</form>Text Content
TECHNICUS
Search
Primary Menu Skip to content
* Virtualization
* Analytics
* CLI
* Networking
* OS
* Mobile
* Web
* Hardware
* Gaming
Search for:
Networking
CONNECT UBIQUITI L2TP VPN WITH NETWORKMANAGER IN ARCH
September 9, 2021 nicholas Leave a comment
I’ve recently moved and needed to connect to my (still existing) home network
from my desktop. I’ve never had to VPN from my desktop before, so here my notes
for getting it working.
CONFIGURATION
1. Install necessary lt2p, pptp, and libreswan packages (I’m using yay as my
package manager)
yay -Sy community/networkmanager-l2tp community/networkmanager-pptp
aur/networkmanager-libreswan aur/libreswan
2. Configure VPN in GNOME settings (close settings window first if it was
already open)
1. Add VPN / Layer 2 Tunneling Protocol (L2TP)
2. Gateway: IP/DNS of VPN
3. User Authentication: Type: password
4. IPsec Settings: Type: Pre-shared Key (PSK)
5. PPP settings: Only check MSCHAPv2, check everything else. MPPE Security:
128-bit (most secure)
TROUBLESHOOTING
If something isn’t working the popup is not very descriptive. Network manager
logs are stored in journald, so the best way to troubleshoot is to follow the
logs: (-f for follow, -u for unit name)
sudo journalctl -f -u NetworkManager
In my case following the networkmanager logs I could see I didn’t have libreswan
fully installed, and installing the libreswan package fixed it.
Arch LinuxL2TPlinuxNetworkManagerUbiquitiVPN
CLI
RSYNC CREATE DIRECTORY TREE ON REMOTE HOST
July 27, 2021 nicholas Leave a comment
I ran into an issue where I want to use rsync to copy a folder to a remote host
into a destination directory that doesn’t yet exist. I was frustrated to find
that rsync doesn’t appear to be able to create a remote directory tree. It would
keep erroring out with this message:
rsync: mkdir "/opt/splunk/var/run/searchpeers" failed: No such file or directory
(2)
I discovered this workaround which allowed me to finally accomplish what I
wanted in one line: create the remote directory structure first, then
synchronize into it. This is done with the --rsync-path option. You can specify
the mkdir -p command beforehand, then add the rsync command after double
ampersand (&&)
My specific use case was to copy a Splunk search peer bundle from one indexer to
another. This was my working one liner:
rsync -aP --rsync-path="sudo mkdir -p /opt/splunk/var/run/searchpeers && sudo
rsync" /opt/splunk/var/run/searchpeers
splunk-idx2.jeppson.org:/opt/splunk/var/run/searchpeers
Success.
copyrsyncscriptingSplunk
CLI, OS
RESTORE FILES FROM REMOTE BORG REPOSITORY DISK IMAGE
May 9, 2021 nicholas Leave a comment
My off-site backup involves sending borgbackup archives of VM images to a remote
synology server. I recently needed to restore a single file from one of the VM
images stored within this borg backup repository on the remote server. My
connection to this server is not very fast so I didn’t want to wait to download
the entire image file to mount it locally.
My solution was to mount the remote borgbackup repository on my local machine
over SSH so I could poke around for and copy the specific file I wanted. This
requires the borgbackup binary to be present on the remote machine. Since it’s a
synology, I simply copied the standalone binary over.
The restore process was complicated by the fact that the VM disk image is owned
by root, so in order to access the file I needed to mount the remote repository
as root.
This is the process:
1. Set BORG_REMOTE_PATH
1. export BORG_REMOTE_PATH=<PATH_TO_BORG_BINARY_ON_REMOTE_SYSTEM>
2. (Arch Linux): install python-llfuse
3. Mount repository over SSH:
1. borg mount
<USER>@<REMOTE_SYSTEM>:<PATH_TO_REMOTE_BORGBACKUP_REPOSITORY>::<BACKUP_NAME>
<MOUNT_FOLDER>
4. Follow disk image mounting process
1. losetup -Pr -f <PATH_TO_MOUNTED_BORGBACKUP>/<FILENAME_OF_VM_IMAGE>
2. mount -o ro /dev/loop0p2 /mnt/loop0/
5. Follow reverse to unmount when done:
1. umount /mnt/loop0
2. losetup -d /dev/loop0
3. borg umount <MOUNT_FOLDER>
Success! I was able to restore an individual file within a raw VM image backup
on a remote Borgbackup repository using this method.
backupborgbackuplinuxrawrestoreSSHVM image
CLI
ACCESS IDRAC6 JAVA CONSOLE IN MAC OS
April 12, 2021 nicholas Leave a comment
I needed to access my aging Dell PowerEdge R610 iDRAC console on my shiny new
13″ Macbook Pro M1. Unfortunately just like in Linux I ran into the “Connection
failed” problem described in this post.
It was actually pretty easy to do for Mac. I installed the latest java for Mac
from Oracle’s website. Once installed, I needed to find the location of the Java
home directory for my mac. I found this stackoverflow discussion which directed
me to use the /usr/libexec/java_home command.
Armed with that command in a subshell I was able to get to the file I wanted to
edit:
sudo vim "$(/usr/libexec/java_home)/lib/security/java.security"
Once there I removed RC4 from the
jdk.tls.disabledAlgorithms
line. It worked! It was an easier process than on Linux or Windows.
iDRACJavaMacOSsecurity
CLI, Web
GUACAMOLE DOCKER QUICK AND EASY
March 10, 2021 nicholas Leave a comment
Apache Guacamole as an awesome HTML5 remote access gateway. Unfortunately it can
be very frustrating to set up. They have docker images that are supposed to make
the process easier, but I still ran into a lot of problems trying to get
everything configured and linked.
Fortunately, a docker compose file exists to make Guacamole much easier to set
up. Simply follow the instructions as laid out in the github readme:
* Install docker & docker-compose
* Clone their repository, run the initial prep script (for SSL keys & database
initialization), and bring it up with docker-compose:
git clone "https://github.com/boschkundendienst/guacamole-docker-compose.git"
cd guacamole-docker-compose
sudo ./prepare.sh
sudo docker-compose up -d
Done! If you didn’t change anything in the docker-compose.yml file, you will
have a new instance of Guacamole running on HTTPS port 8443 of your docker host.
If you need to make changes (or if you forgot to run the prepare.sh file with
sudo), you can run the reset.sh script which will destroy everything. You can
then modify docker-compose.yml to suit your needs:
* Whether to use nginx for HTTPS or just expose guacamole on port 8080
non-https (in case you already have a reverse proxy set up)
* postgres password
Config files for each container are located within various folders in your
guacamole-docker-compose folder. This can all be changed by editing the
docker-compose.yml file.
Note this does configuration does not work with WOL, but as I do not use this
feature I don’t mind.
TROUBLESHOOTING
docker ps will show running containers (docker ps -a shows all containers) If
one is not running that should be, docker logs <container name> gives valuable
insight as to why. In my case guacd was erroring out because I hadn’t
initialized the database properly. Running the reset.sh script and starting
over, this time running as sudo, did the trick.
dockerdocker-composeguacamole
Web
SYNCHRONIZE INTERNET CALENDAR TO GOOGLE CALENDAR MORE FREQUENTLY
March 1, 2021 nicholas Leave a comment
Despite having my own e-mail server I still use Google Calendar for some things.
I have an ICS file for the calendar for the Covid vaccination clinic I’m
volunteering at. I ran into some frustrating sync problems when I tried to
import it into my calendar. Google Calendar’s ICS sync process takes up to 12
hours, which was frustrating. I also had some mobile clients that wouldn’t even
see the calendar imported from the ICS file.
I luckily found this post from Derek Antrican on stack exchange that outlines a
script that you can configure to run at any given interval which will take all
events in that ICS file and add/update/remove your calendar to match. It works
beautifully. It’s a Google Apps script that you must copy into your own Google
Scripts account to run.
First, go to the script here. Then go to Overview (i) and click “Make a Copy” in
the top right (page icon.) Once the scripts are copied to your own
script.google.com account, follow the instructions for configuring the script
for your desired ICS URLs and other options, then click run.
My calendars are all synchronized and happy now.
calendarGoogleGoogle Appsscripting
CLI
MOUNT LVM PARTITIONS IN FREEBSD
February 13, 2021 nicholas Leave a comment
I’ve been playing around with helloSystem, an up and coming FreeBSD desktop
environment that mirrors the MacOS experience quite well. Since it’s based in
FreeBSD I’ve had to brush up on a few FreeBSD-isms that are distinctly different
from Linux.
Since I’m dual booting this helloSystem BSD system alongside my Arch Linux
install, I want to be able to access files on my Arch system from the BSD
system. My Arch system uses LVM, which posed a challenge as LVM is a distinctly
Linux thing.
To get it to work I needed to load a couple modules (thanks to the FreeBSD
forums for help)
* fuse
* geom_linux_lvm
You can do this at runtime by using the kldload command
kldload fuse
kldload /boot/kernel/geom_linux_lvm.ko
To make the kernel module loading survive a reboot, add them to
/boot/loader.conf
geom_linux_lvm_load="YES"
fuse_load="YES"
You can now scan your BSD system for LVM partitions:
geom linux_lvm list
The LVM partitions are listed under /dev/linux_lvm. The last step is to mount
them with FUSE:
fuse-ext2 -o rw+ /dev/linux_lvm/NAME_OF_LVM_PARTITION /mnt/DESIRED_MOUNT_FOLDER
rw+ indicates a read/write mount.
freeBSDfuseLVMmount
CLI
CREATE A LOCAL YUM REPOSITORY
January 3, 2021 nicholas Leave a comment
I had a need to copy some specific RPM files locally to my machine, but have the
general YUM database recognize them (not using yum localinstall.) I found this
lovely howto that explains how to do it.
In my case, I created a folder for one RPM I wanted in the local yum repository.
I then installed the createrepo package, used it on my new directory containing
my RPMs, then added a repository file pointing to the new local repository.
mkdir yumlocal
cp <DESIRED RPM FILES> yumlocal
yum install createrepo
cd yumlocal
createrepo .
The last piece was to create a yum repo file local.repo
[local]
name=CentOS-$releasever - local packages for $basearch
baseurl=file:///path/to/yumlocal/
enabled=1
gpgcheck=0
protect=1
That was it! Now I could use yum install <NAME OF PACKAGE IN LOCAL REPO FILE>
and it works!
CentOSrepoyum
CLI
GET YOUTUBE AUDIO WITH METADATA
December 22, 2020 nicholas Leave a comment
Taken from here
yay -S atomicparsley
youtube-dl --extract-audio -f bestaudio[ext=m4a] --add-metadata
--embed-thumbnail YOUTUBE_URL
downloadyoutube
CLI, Web
TRANSCRIBE AUDIO WITH GOOGLE CLOUD SPEECH-TO-TEXT API
December 21, 2020 nicholas Leave a comment
I had a few audio files of an interview done with a late relative that I wanted
to have Google transcribe for me. I wanted to supply an audio file and have it
spit out the results. There are many ways to do this but I went with using the
Google Cloud Platfrom speech-to-text API.
First I signed up for a GCP free trial via
https://cloud.google.com/speech-to-text/ For my usage, it will remain free as
0-60 minutes of transcription per month is not charged:
https://cloud.google.com/speech-to-text/pricing
Next, I needed to create GCP storage bucket as audio more than 10 minutes long
cannot reliably be transcribed via the “uploading local file” option. I did this
following the documentation at
https://cloud.google.com/storage/docs/creating-buckets which walks you through
going to their storage browser and creating a new bucket. From that screen I
uploaded my audio files (FLAC in my case.)
Then I needed to create API credentials to use. I did this by going speech API
console’s credentials tab and creating a service account, then saving the key to
my working directory on my local computer.
Also on said computer I installed google-cloud-sdk (on Arch Linux in my case, it
was as simple as yay -S google-cloud-sdk)
With service account json file downloaded & google-cloud-sdk installed I
exported the GCP service account credentials into my BASH environment like so
export GOOGLE_APPLICATION_CREDENTIALS=NAME_OF_SERVICE_ACCOUNT_KEYFILE_DOWNLADED_EARLIER.json
I created .json files following the format outlined in command line usage
outlined in the quickstart documentation. I tweaked to add a line “model”:
“video” to get the API to use the premium Video recognition set (as it was more
accurate for this type of recording.) This is what my JSON file looked like:
{
"config": {
"encoding":"FLAC",
"sampleRateHertz": 16000,
"languageCode": "en-US",
"enableWordTimeOffsets": false,
"model": "video"
},
"audio": {
"uri":"gs://googlestorarge-bucket-name/family-memories.flac"
}
}
I then used CURL to send the transcription request to Google. This was my
command:
curl -s -H "Content-Type: application/json" -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) https://speech.googleapis.com/v1/speech:longrunningrecognize -d @JSON_FILE_CREATED_ABOVE.json
If all goes well you will get something like this in response:
{
"name": "4663803355627080910"
}
You can check the status of the transcription, which usually takes half the
length of the audio file to do, by running this command:
curl -H "Authorization: Bearer "$(gcloud auth application-default print-access-token) -H "Content-Type: application/json; charset=utf-8" "https://speech.googleapis.com/v1/operations/ID_NUMBER_ACQUIRED_ABOVE"
You will either get a percent progress, or if it’s done, the output of the
transcription.
Success! It took some time to figure out but was still much better than manually
transcribing the audio by hand.
APIcloudcURLGCPGoogleJSONspeech-to-text
POSTS NAVIGATION
1 2 … 32 Next →
WELCOME
This blog is meant as a dumping ground for my technical musings. It is mostly
for my own sake but I am making it public in the off chance that it might be
useful to someone else.
If you find the content on this site useful, please donate to contribute to
server costs. Thank you!
TAGS
* Active Directory
* apache
* awk
* BASH
* CentOS
* CentOS 7
* crouton
* Debian
* DNS
* find
* firewall
* for loop
* freeBSD
* freeNAS
* grep
* hardware
* KVM
* linux
* LVM
* migration
* Mint
* mount
* mysql
* openvpn
* owncloud
* PCI passthrough
* php
* ProxMox
* rsync
* samba
* scripting
* sed
* Sophos UTM
* Splunk
* SSH
* Ubuntu
* ubuntu 14.04
* varnish
* VPN
* Windows
* Windows 10
* wordpress
* xen
* Xenserver
* ZFS
ARCHIVES
* September 2021 (1)
* July 2021 (1)
* May 2021 (1)
* April 2021 (1)
* March 2021 (2)
* February 2021 (1)
* January 2021 (1)
* December 2020 (2)
* November 2020 (1)
* October 2020 (1)
* August 2020 (2)
* July 2020 (1)
* June 2020 (2)
* May 2020 (5)
* April 2020 (4)
* March 2020 (4)
* February 2020 (8)
* January 2020 (1)
* December 2019 (2)
* November 2019 (1)
* October 2019 (5)
* September 2019 (1)
* August 2019 (8)
* July 2019 (2)
* June 2019 (2)
* May 2019 (1)
* April 2019 (3)
* March 2019 (3)
* February 2019 (1)
* January 2019 (2)
* December 2018 (6)
* November 2018 (5)
* October 2018 (3)
* September 2018 (4)
* August 2018 (5)
* July 2018 (4)
* June 2018 (7)
* May 2018 (2)
* April 2018 (4)
* March 2018 (5)
* February 2018 (1)
* January 2018 (2)
* December 2017 (6)
* October 2017 (3)
* September 2017 (1)
* August 2017 (4)
* June 2017 (2)
* May 2017 (1)
* April 2017 (3)
* March 2017 (5)
* February 2017 (3)
* January 2017 (3)
* December 2016 (3)
* November 2016 (3)
* October 2016 (7)
* August 2016 (8)
* July 2016 (4)
* June 2016 (4)
* May 2016 (2)
* April 2016 (5)
* March 2016 (2)
* February 2016 (8)
* January 2016 (4)
* December 2015 (4)
* November 2015 (4)
* October 2015 (2)
* September 2015 (4)
* August 2015 (4)
* July 2015 (8)
* June 2015 (2)
* May 2015 (4)
* April 2015 (4)
* March 2015 (6)
* February 2015 (10)
* January 2015 (10)
* December 2014 (8)
* November 2014 (8)
* October 2014 (13)
* September 2014 (19)
* August 2014 (9)
* July 2014 (1)
NICK'S TECHNICAL MUSINGS
SEARCH
Search for:
RECENT COMMENTS
* Koen De Mol on LDAP nested group membership query
* Koen De Mol on LDAP nested group membership query
* James Pond on Generate SuperMicro IPMI license
* Rob on create podman services with podman-compose
* Centos: Install WordPress di LAMP Dengan SELinux – KLoningSpoon on Install
WordPress on CentOS 7 with SELinux
RECENT POSTS
* Connect Ubiquiti l2tp vpn with NetworkManager in Arch
* rsync create directory tree on remote host
* Restore files from remote borg repository disk image
* Access idrac6 java console in mac OS
* Guacamole docker quick and easy
CATEGORIES
* Analytics
* CLI
* Gaming
* Hardware
* Mobile
* Networking
* OS
* Virtualization
* Web
Free DNS
Proudly powered by WordPress