Software – Braille Alphabet Soup

Installing Rocket.Chat on Ubuntu Xenial 16.04

16/02/201916/02/2019 James Leave a comment

This is a simple tutorial to get Rocket.Chat running on a Ubuntu Xenial 16.04 server (You’ll be perfectly fine to run through the same process on a different Ubuntu version such as 18.04 if you’d prefer) In this case we’re installing this on a fresh server and we’ll be installing Rocket.Chat as a Snap and using NGINX as a reverse proxy, as well as setting up an SSL certificate via Let’s Encrypt. With this you’ll be able to get Rocket.Chat up and running within ~10 minutes, from there you can go on and make further server configuration changes for security and so on, as well as configure Rocket.Chat in more depth – which won’t be covered within the scope of this tutorial.

Let’s first start with some updates.

sudo apt-get update

sudo apt-get upgrade

Basic UFW setup

Let’s setup a basic firewall using UFW. First install UFW if it’s not installed –

sudo apt-get install ufw

Setup the default access rules –

sudo ufw default deny incoming

sudo ufw default allow outgoing

Setup the firewall rules that we’ll want –

sudo ufw allow 22/tcp

sudo ufw allow 80/tcp

sudo ufw allow 443/tcp

Enable the firewall –

sudo ufw enable

You can check the status of ufw with –

sudo ufw status

If you add or remove rules you should reload ufw with –

sudo ufw reload

If you need to disable ufw you can do so with –

sudo ufw disable

Install Fail2Ban

sudo apt-get install fail2ban

Install Rocket.Chat as a Snap

Install Snap if it’s not already installed –

sudo apt-get install snapd

Install Rocket.Chat –

sudo snap install rocketchat-server

At this point the Rocket.Chat service will have automatically started, you can check if it’s running with –

sudo service snap.rocketchat-server.rocketchat-server status

Install and configure NGINX to use as a reverse proxy + SSL setup

Install NGINX –

sudo apt install nginx

sudo systemctl start nginx

sudo systemctl enable nginx

Remove the default NGINX site –

sudo rm /etc/nginx/sites-enabled/default

Create the NGINX config for Rocket.Chat

sudo vim /etc/nginx/sites-available/rocketchat.conf

Once inside vim, you should have the following (edit “yourserver.com” to be your actual domain that you’re going to use for this server) –

server {
     listen 80;
 
     server_name yourserver.com; 

     location / {
     proxy_pass http://localhost:3000/; 
     }
 }

Enable the new configuration by creating a link to it from /etc/nginx/sites-available/ –

sudo ln -s /etc/nginx/sites-available/rocketchat.conf /etc/nginx/sites-enabled/

Test the configuration –

sudo nginx -t

Assuming no errors are reported, reload the NGINX config with –

sudo nginx -s reload

SSL Setup using Let’s Encrypt + Certbot

Install Certbot and run it –

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
sudo certbot --nginx

Follow the prompts on screen and you should be issued a valid Let’s Encrypt SSL certificate. Make sure you do choose to force a HTTPS redirect when prompted.

Certbot with automatically deal with SSL certificate renewal, a cron will automatically be created under /etc/cron.d/certbot. You can test the renewal process as a dry run via –

sudo certbot renew --dry-run

Certbot will have update the NGINX configuration, test that the config is valid with –

sudo nginx -t

Assuming no errors are reported, reload the NGINX config with –

sudo nginx -s reload

Onto Rocket.Chat itself!

At this point you’ll have a working Rocket.Chat installation running. You can browse to https://yourserver.com and you should be presented with the Setup Wizard screen to create the first user whom will by the Admin by default.

Once logged in, you should get a pop-up stating something along the lines of – The setting Site URL is configured to http://localhost and you are accessing from https://yourserver.com - Do you want to change to https://yourserver.com ? – You’ll want to click YES.

At this stage you’ll want to setup Rocket.Chat itself, so please refer to their documentation here – https://rocket.chat/docs

~Extra~

You can install a Discord style dark theme using this here! https://github.com/0x0049/Rocket.Chat.Dark

Updating Slack status to reflect Zoiper5 call state using Slack API.

27/01/201927/01/2019 James Leave a comment

Github page – https://github.com/james-reed/zoiper-slack-status

I wanted a simple way of having my Slack status automatically update when I take a phone call using Zoiper. The majority of VoIP handsets or softphones support the opening of a URL during a certain event such as picking up or ending a call – which can be leveraged for various uses as you can imagine. Zoiper supports this method, but also has ability to execute files/applications on such events. In this particular project, when a phone call is answered Zoiper will launch set-status-in-call.pyw and pass the incoming caller ID using {number} which is one of a few supported Zoiper variables.

Full list of Zoiper variables here

If an incoming call from 0212345678 is answered, then the Slack status will change to Currently in a call with 0212345678 with the telephone_reciever emoji set.

Once the call is hung up, Zoiper will launch set-status-clear.pyw on that particular event which then clears the Slack status out.

The use of the .pyw extension will make the code execute in the background instead of popping up a command window or similar – as you’ll see if running this on Windows.

Setup

You’ll want to install Python on your device. This has been tested using Python v3.6.x but should be fine with ~v2 if you’re using that.
You will need the Python “requests” module which can be installed with pip install requests
You will need your Slack API token. At the time of writing it’s possible to grab this by logging into the Slack via your web browser and then using the developer tools in your web browser to perform inspections when making a change such as updating your status. You should be able to comb through and grab your API token – further information on doing this is outside of the scope of this documentation. Once you have your API token, replace the YOUR_SLACK_TOKEN_GOES_HERE variable with your actual token.
Setup your Zoiper client as per the following screenshots. In Zoiper5 you can add Event Rules under Settings > Features > Automation > Edit Open URL Rule

Create a rule for when the call state changes to Answered and point it to set-status-in-call.pyw {number}

Create a rule for when the call state changes to Hang Up and point it to set-status-clear.pyw {number}

Set Slack status phone BLF with Zoiper5 – without API access.

29/07/201827/01/2019 James Leave a comment

I’m sharing in this post an older and not really ideal at all method to automatically change your Slack status when taking a call using Zoiper5. The ideal way to achieve this is to have some integration between your PBX and Slack so that user statuses can be changed based on the extension BLF status. The other ideal way would be to use the Slack API. If you find yourself in a situation where you don’t have permissions to work in either of these realms – this is a janky but working solution!

In this guide we’re using a Windows OS environment, and AutoHotKey.

For this I’m just placing these files on the desktop but you can put them anywhere you’d like, just make sure inside the “slack-set*” scripts you update the Include path for “TrayIcon.ahk” to the location you’ve placed that file.

Download “TrayIcon.ahk”

Download “slack-set-in-call.ahk”

Download “slack-set-call-finished.ahk”

Inside Zoiper5 (you will need a licensed copy to do this)

Create two rules as below –

Go to Settings > Automation > Event Rules > Add Rule

On – Call status change
Call State changes to – Answered
And call direction is – Both Incoming and Outgoing
Do action – Open/Execute Application
Open URL/RUN – C:\Users\james\Desktop\slack-set-in-call.ahk

On – Call status change
Call State changes to – Hangup
And call direction is – Both Incoming and Outgoing
Do action – Open/Execute Application
Open URL/RUN – C:\Users\james\Desktop\slack-set-in-call.ahk

Your Slack status will now automatically change when you take a call and when you hangup that call. This all happens very quickly but obviously due to how this method works, if you focus onto a different app the moment this script runs then it’ll mess up. All this method does is bring the Slack window into focus and slam in a “/status” command. I always have my Slack window open on one of my monitors and haven’t had any issues myself using this crude method.

FreeNAS CPU core and disk temperature check script

20/06/2017 James Leave a comment

This is a nice simple script to display CPU core and disk temperatures on a FreeNAS server. Tested with FreeNAS 9.10.2-U1

Create a file with the following content – Mine is just called “temps_check_script.sh” as an example.

# Write some general information echo System Temperatures - `date` uptime | awk '{ print "\nSystem Load:",$10,$11,$12,"\n" }'# Write CPU temperatures echo "CPU Temperature:" sysctl -a | egrep -E "cpu\.[0-9]+\.temp"# Write HDD temperatures and status echo "HDD Temperature:" for i in $(sysctl -n kern.disks | awk '{for (i=NF; i!=0 ; i--) if(match($i, '/da/')) print $i }' ) ; do echo $i: `smartctl -a -n standby /dev/$i | awk '/Temperature_Celsius/{DevTemp=$10;} /Serial Number:/{DevSerNum=$3}; /Device Model:/{DevVendor=$3; DevName=$4} END {printf "%s C - %s %s (%s)", DevTemp,DevVendor,DevName,DevSerNum }'`; done

Run it with ./temps_check_script.sh – The output looks like this:
System Temperatures - Wed Jun 21 07:53:16 AEST 2017System Load: 0.17CPU Temperature: dev.cpu.3.temperature: 40.0C dev.cpu.2.temperature: 44.0C dev.cpu.1.temperature: 40.0C dev.cpu.0.temperature: 42.0CHDD Temperature: ada0: 27 C - Hitachi HDS5C3020ALA632 (SERIALNUMBERGOESHERE) ada1: 27 C - Hitachi HDS5C3020ALA632 (SERIALNUMBERGOESHERE) ada2: 27 C - Hitachi HDS5C3020ALA632 (SERIALNUMBERGOESHERE) ada3: 28 C - Hitachi HDS5C3020ALA632 (SERIALNUMBERGOESHERE) ada4: 28 C - Hitachi HDS5C3020ALA632 (SERIALNUMBERGOESHERE) ada5: 27 C - Hitachi HDS5C3020ALA632 (SERIALNUMBERGOESHERE) da0: 32 C - TOSHIBA MD04ACA400 (SERIALNUMBERGOESHERE) da1: 31 C - TOSHIBA MD04ACA400 (SERIALNUMBERGOESHERE) da2: 29 C - TOSHIBA MD04ACA400 (SERIALNUMBERGOESHERE) da3: 30 C - TOSHIBA MD04ACA400 (SERIALNUMBERGOESHERE) da4: 31 C - TOSHIBA MD04ACA400 (SERIALNUMBERGOESHERE) da5: 30 C - TOSHIBA MD04ACA400 (SERIALNUMBERGOESHERE

My 4RU Rosewill RSV-L4500 ~22TB usable storage FreeNAS Build

12/11/2016 James Leave a comment

This is my current storage box, which originally started in a Fractal R3 Define case, and had slowly been upgraded over the years.

Rosewill RSV-L4500 Chassis
Seasonic S12II 620W Power Supply
Front fans – 3x Corsair SP120 Performance Edition ~2350 RPM (these are way louder than the stock fans!)
Center bracket fans – 3x Corsair SP120 Quite Edition ~1450 RPM
Rear fans – 2x stock 80mm fans that come with the case
CPU Fan – Noctua NH-L9i
Motherboard – ASUS P8B-X
CPU – Xeon E3-1220 – 3.1ghz (LGA1155)
RAM – 2x – Kingston Technology ValueRAM 8GB 1333MHz DDR3 ECC CL9 DIMM (16GB total)
LSI 9220-8i in IT Mode + motherboard SATA for disks
6x 4TB Toshiba MD04ACA400 in RAIDZ2
6x 2TB Hitachi (5200rpm model) in RAIDZ2

As you can see, it’s pretty damn messy to cable when you have no backplane!

The front fans and also the rear fans are powered using chained molex adaptors which is certainly messy. The center bracket fans are plugged straight into the motherboard. I’m considering one of those fan controllers that have something like 8x 3pin fan headers powered by a single molex, which can then either float in the case or be mounted somewhere. Not sure yet if I should replace the rear 80mm fans or not. There is a single fan header empty near that end of the motherboard, running one off that would be neater than the molex.

It took quite some time to choose a power supply for this build. This PSU was chosen based on how I could distribute the rail amperage for the disks. You will find it’s not really possible to use the chained SATA power due to how close the drives are together when bending the cable. A bunch of SATA power and SATA>Molex splitters have been used, however everything is distributed so that no single cable has too many drives so that the rails are not overloaded.

This box lives under my bed. It’s not running 24/7 (not even close actually), but rather to backup and snatch files to/from perhaps 2/3x a month for ~4 hours each time. Ambient temperatures are pretty high here. I’m yet to do a full load/temp test on the CPU since changing all of the cooling from stock – previously when the ambient temp was ~27c the CPU at ~90% load was hitting ~65c on all cores – not great considering the intel rated max for this CPU is apparently 69c.

I think if you live somewhere with an ambient temperature that sits around 20c, you’d be totally fine using all of the stock cooling for this case.

~2TB free space left on both arrays at this point. I would like to move to having less drives and a smaller form factor in future once drive sizes increase and the prices for drives go down.

Schedule commands in LFTP using “at”

12/11/2016 James Leave a comment

You can schedule downloads and uploads in LFTP in a simple manner by using the “at” command. Anything following the syntax described in this image below should work.

For example –

Mirror/download a remote folder two hours from the current time, using 10 connections + segmentation
at now + 2 hours -- queue mirror --use-pget-n=10 linuxisos/

Mirror/download a remote folder at 1AM tomorrow, using 10 connections + segmentation
at 1:00 tomorrow -- queue mirror --use-pget-n=10 linuxisos/

PC stats monitoring on your phone with Logitech Arx & AIDA64

18/09/201618/09/2016 James Leave a comment

Ever since the original Logitech G15 keyboard came out I’ve really taken a liking to the idea of having a little LCD screen near the keyboard for stat monitoring. I much prefer this to an on-screen overlay. The G15 and G19 are pretty old now and I don’t believe the LCD screen concept ever took off past those models. Logitech now has “Arx” which aims to replace this concept. Logitech have keyboards now with an “Arx dock”, which is basically a phone dock. The idea is that you can use the Arx software on your PC along with the Arx app on your phone to monitor all sorts of things. AIDA64 has support for Arx, so you can pipe your AIDA64 stats into Arx. This is particularly useful when overclocking – you can monitor your temps and resource utlisation while gaming or encoding. You can even take your phone into the bathroom and keep monitoring!

Here is a basic guide on how to get this going. I’m going to assume you do need a Logitech keyboard to use the Arx software, but this may not be the case. There is no technical reason for Arx to require a Logitech keyboard to function, but it’s entirely possible that Logitech stop the software from running if you don’t have one.

arx1 — Enable Logitech Arx support in AIDA64.

arx2 — Setup your template under “LCD Items”.

arx3 — Make sure AIDA64 is enabled within Logitech Arx / Logitech Gaming Software.

logitech-arx-aida64 — Install the Logitech Arx app on your phone. It can auto discover Arx over your network. On your PC you will have to allow your phone to connect to Arx via a popup notification that should appear. When you first run Arx on your phone AIDA64 will suggest a resolution to set within AIDA64’s LCD config, you can see that I’ve already done this in the first screenshot. Once you’ve setup your LCD template in AIDA64, you should be good to go.

Install Tor relay on CentOS 7

28/08/201628/08/2016 James Leave a comment

This is a quick guide to running up a Tor relay on a CentOS 7 server. Firewall config has been omitted, check out these links if you need help with the OS firewall config.
How to setup a firewall using firewalld on CentOS 7
How to migrate from firewalld to iptables on CentOS 7

It’s worth noting that you can score a Tor t-shirt if you run an exit node or relay that satisfies a set criteria:
Tor T-Shirt for contributing!

“Operate a fast Tor relay that’s been running for the past two months: you are eligible if you allow exits to port 80 and you average 250 KBytes/s traffic, or if you’re not an exit but you average 500 KBytes/s traffic.”

Let’s get started.

Create the .repo file below.

vim /etc/yum.repos.d/torproject.repo
[tor] name=Tor repo enabled=1 baseurl=https://deb.torproject.org/torproject.org/rpm/el/7/$basearch/ gpgcheck=1 gpgkey=https://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc

[tor-source] name=Tor source repo enabled=1 autorefresh=0 baseurl=https://deb.torproject.org/torproject.org/rpm/el/7/SRPMS gpgcheck=1 gpgkey=https://deb.torproject.org/torproject.org/rpm/RPM-GPG-KEY-torproject.org.asc

Install Tor through yum.

yum -y install tor

Edit the config file for Tor.

vim /etc/tor/torrc

SOCKSPort 0 Log notice file /var/log/tor/notices.log RunAsDaemon 1 DataDirectory /var/lib/tor #Listen port ORPort 443 #IP Address or DNS name of your relay. Address cheddar.cheese.sexy #The name of your relay. Nickname chsxy #If you're worried about spam then you really don't want to format the email address like I have here. ContactInfo oh boy suddenly all this spam is going to - [email protected] DirPort 9058 # no exits allowed. ExitPolicy reject *:*

Verify the config to make sure there are no issues.

tor -f /etc/tor/torrc --verify-config

Run Tor.

/etc/init.d/tor start Starting tor...done. /etc/init.d/tor status tor (pid 3666) running

Check the log file to make sure everything is running smoothly.

tail -f /var/log/tor/notices.log

Aug 28 04:19:43.000 [notice] I learned some more directory information, but not enough to build a circuit: We need more descriptors: we have 5382/6917, and can only build 50% of likely paths. (We have 77% of guards bw, 79% of midpoint bw, and 81% of exit bw = 50% of path bw.) Aug 28 04:19:43.000 [notice] Bootstrapped 80%: Connecting to the Tor network Aug 28 04:19:44.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Aug 28 04:19:44.000 [notice] Bootstrapped 90%: Establishing a Tor circuit Aug 28 04:19:45.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Aug 28 04:19:45.000 [notice] Bootstrapped 100%: Done Aug 28 04:19:45.000 [notice] Now checking whether ORPort 163.172.170.23:443 and DirPort 163.172.170.23:9058 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Aug 28 04:19:45.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor. Aug 28 04:19:45.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Aug 28 04:19:46.000 [notice] Performing bandwidth self-test...done.

After a couple of hours you should be able to see your relay on one of the various index sites!

Here’s mine.

This particular relay is hosted over at Scaleway.

Lossless video capture without needing fast and huge storage – x264vfw

17/05/201628/08/2016 James Leave a comment

To get the best quality out of your video captures, it’s best to capture losslessly and encode the content post-capture rather than trying to do it in real-time via software encoding or using hardware encoders. Unfortunately normal raw lossless capturing requires very fast storage and a pretty hefty amount of disk space. SSD drives can cope, but depending on the length of your captures you may well need over 2TB of space, which is currently quite expensive in SSD form. An alternative is to use RAID0 arrays or similar. If your storage cannot keep up with the required write speeds you will end up with dropped frames.

A great solution is using the x264vfw codec in lossless mode. You will still have large file sizes (expect past 1GB or more for every minute), however the sizes are much smaller than normal raw lossless capture. This also means the write speeds required for capturing without losing any frames are lower. The highest I’ve seen x264vfw jump in lossless mode is ~60MB/s when a ton of action is going on, otherwise in my captures I’ve seen speeds generally hang around 20MB/s. A standard HDD can cope with this without issue, just make sure the drive isn’t being used by anything else.

For more info on x264vfw, other lossless codecs, and capturing in general – Check out “TheThrillness Blog”.

Bulk Rename Utility – Easy batch renaming in Windows

25/04/201625/04/2016 James Leave a comment

Bulk Rename Utility – Great for when you need to do a mass renaming task in Windows, but you don’t want to spend time writing batch files or working in Powershell. Free for personal use and has enough depth to handle most tasks easily.

Official Site – http://www.bulkrenameutility.co.uk

Download