Archive

Evil shell genius

Jono Lange was committing acts of great evil in Bash earlier today. I gave him a few pointers and we agreed that it was sufficiently evil that it deserved a blog post. So, if you find yourself wishing you could get pretty desktop notifications when long-running shell commands complete, see his post here for the details.


HP Microserver Remote Access helper

I've only had the Remote Access card installed in my HP Microserver for a few hours and already I am bored of accessing it by first logging into the web UI, then navigating to the right bit of the UI, then clicking a button to download a .jnlp file and then running that with javaws(1). Instead, I have written some Python that will login for you, fetch the file and execute javaws. Much better! You can find the code: here and you'll want to have python-httplib2 installed.


HP Microserver Remote Access Card

I've been using an HP ProLiant Microserver (N36L) as my fileserver at home, for about a year and it's been a really reliable little workhorse. Today I gave it a bit of a spruce up with 8GB of RAM and the Remote Access Card option. Since it came with virtually no documentation, and since I can't find any reference online to anyone else having had the same issue I had, I'm writing this post so Google can help future travellers. When you are installing the card, check in the BIOS's PCI Express options that you have set it to automatically choose the right graphics card to use. I had hard coded it to use the onboard VGA controller. The reason for this is that the RAC card is actually a graphics card, so the BIOS needs to be able to activate it as the primary card. If you don't change this setting, what you will see is the RAC appear to work normally, but its vKVM remote video feature will only ever show you a green screen window, with the words "OUT OF RANGE" in yellow letters. Annoyingly, I thought this was my 1920x1080 monitor confusing things, so it took me longer to fix this than it should have, but there we go.


What is the value of negative feedback on the Internet?

I'm sure we've all been there - you buy something on eBay or from a third party on Amazon, and what you get is either rubbish or not what you asked for. The correct thing to do is to talk to the seller first to try and resolve your problem, and then when everything is said and done, leave feedback rating the overall experience. Several times in the last year I have gone through this process and ended up feeling the need to leave negative feedback. The most obvious case was some bluetooth headphones I'd bought from an eBay seller in China that were so obviously fake that it was hilarious he was even trying to convince me I was doing something wrong. In each of these cases, I have been contacted shortly after the negative feedback to ask if I will remove the feedback in return for a full/partial refund. This has tickled the curious side of my brain into wanting to know what the value of negative feedback is. The obvious way to find out would be to buy items of various different price and then leave negative feedback and see how far the sellers are prepared to go to preserve their reputations. The obvious problem here is that this would be an unethical and unfair way to do science. Perhaps it would be possible to crowd-source anecdotes until they count as data?


Dear Apple

I just woke up here in London and saw the news about Steve Jobs. It's early and, as usual for this time of day, my seven month old son is playing next to me. He has no concept of what my iPhone is, but it holds his fascination like none of his brightly coloured toys do. Only iPad can cause him to abandon his toys and crawl faster. I'd like to thank you all, including Steve, for your work. You have brought technology to ordinary people in a way that delights them without them having to know why. Please keep doing that for a very long time


Terminator 0.96 released

I've just pushed up the release tarball and PPA uploads for Terminator 0.96. It's mainly a bug fix release, but it does include a few new features. Many thanks to the various community folks who have contributed fixes, patches, bugs, translations and branches to this release. The changelog is below:

terminator 0.96:

* Unity support for opening new windows (Lucian Adrian Grijincu)   * Fix searching with infinite scrollback (Julien Thewys #755077)   * Fix searching on Ubuntu 10.10 and 11.04, and implement searching by regular expression (Roberto Aguilar #709018)   * Optimise various low level components so they are dramatically faster (Stephen Boddy)   * Fix various bugs (Stephen Boddy)   * Fix cursor colours (#700969) and a cursor blink issue (Tony Baker)   * Improve and extend drag&drop support to include more sources of text, e.g. Gtk file chooser path buttons (#643425)   * Add a plugin to watch a terminal for inactvity (i.e. silence)   * Fix loading layouts with more than two tabs (#646826)   * Fix order of tabs created from saved layouts (#615930)   * Add configuration to remove terminal dimensions from titlebars (patch from João Pinto #691213)   * Restore split positions more accurately (patch from Glenn Moss #797953)   * Fix activity notification in active terminals. (patch from Chris Newton #748681)   * Stop leaking child processes if terminals are closed using the context menu (#308025)   * Don't forget tab order and custom labels when closing terminals in them (#711356)   * Each terminal is assigned a unique identifier and this is exposed to the processes inside the terminal via the environment variable TERMINATOR_UUID   * Expand dbus support to start covering useful methods. Also add a commandline tool called 'remotinator' that can be used to control Terminator from a terminal running inside it.   * Fix terminal font settings for users of older Linux distributions


Migrations

To the cloud! I'm officially done hosting my own Wordpress blog. Not because it's particularly hard, but because it's quite boring. I would have done a straight export/import into a wordpress.com blog, but their options for hosting on a personal domain are pretty insane - if you want to host your blog on domain.com or www.domain.com you have to just point the entire domain at the wordpress.com DNS servers. I'm not prepared to trust my domain to a bunch of PHP bloggers, so instead I've shoved the blog over to Blogger (by way of a very helpful online conversion tool), but this still presents a few niggles around URLs. You can have Blogger send 404s to another vhost, so for now I just have a tiny little vhost somewhere else which uses mod_rewrite to catch the old page names and attempt to catch the blog post names. Ideally I'd fetch all the old post URLs and make a proper map to the new ones, but I can't really be bothered to do that, so I just went for the approximate:

RewriteRule ^/archives/(\[0-9\]{4})/(\[0-9\]{2})/(\[0-9\]{2})/(\[a-zA-Z0-9\\-\]{1,39}).\*$ http://www.tenshu.net/$1/$2/$4.html \[R=301,L\]

Another obvious sticking point is that Wordpress categories become Blogger labels, so another rewrite rule can take care of them (although not so much if you've used nested categories, but again I can't really be bothered to account for that):

RewriteRule ^/archives/category/(.)(.\*) http://www.tenshu.net/search/label/${upmap:$1}$2 \[R=301,L\]

Also cloudified so far is the DNS for tenshu.net - I'm trying out Amazon's Route53 and it seems to be pretty good so far. Next up will be email and then I can pretty much entirely stop faffing around running my own infrastructure :)


Monitoring an Apple Airport Express/Extreme with Munin

So you have an Apple Airport (Express or Extreme), or a Time Capsule, and you want to monitor things like the signal levels of the connected clients? I thought so! That's why I wrote this post, because I'm thoughtful like that. While it's not necessary, I'd like to mention that this was made possible by virtue of Apple having put out an SNMP MIB file. Without that, finding the relevant OIDs would have been sufficiently boring that I wouldn't have bothered with this, so yay for that (even if the MIB is suspiciously ancient). So if you don't need the MIB file, what do you need?

Having all of those things, how do you use it? Simple! - Place the munin plugin somewhere (doesn't really matter where, but the munin package probably put the other plugins in /usr/share/munin/plugins/) - Make sure you have a hostname or IP address for your Airport(s). If you have more than one you should either make sure they have static IPs configured, or that the one doing DHCP has static leases configured for all the other Airports. - Create a symlink for each of the types of graph for each of your Airports. Assuming that your Munin machine can resolve your Airport as 'myairport' you'd want to make the following symlinks: - cd /etc/munin/plugins/ - ln -s /path/to/snmp__airport snmp_myairport_airport_clients - ln -s /path/to/snmp__airport snmp_myairport_airport_signal - ln -s /path/to/snmp__airport snmp_myairport_airport_noise - ln -s /path/to/snmp__airport snmp_myairport_airport_rate

There is an explicit assumption that your SNMP community is the default of 'public'. If it's not then you'll need to hack the script. Otherwise, you're done! Now you win pretty graphs showing lots of juicy information about your Airport. Yay! You're welcome ;)


Old and new: Mixing irssi and iPhones for fun and no profit

Introduction

I use irssi for IRC and an iPhone for pocket Internets; These two choices are both excellent, but they're not terribly compatible - typing in irssi on an iPhone via SSH is quite slow and annoying.

Obviously the thing to do is run an iPhone IRC client, but then I'm signing in and out all the time and I have multiple nicknames - what I want is a way to be connected to the same IRC session as normal, but from my phone using the excellent IRC client Colloquy. By taking advantage of several different pieces of Free Software, this is entirely doable! When we're not connected to IRC, messages which trigger irssi's highlight will be forwarded to the iPhone as a Push Notification.

Preparation

These are the tools we are going to use to make this happen: - A patched irssi (don't worry though, the patch is tiny) - An irssi script (just some Perl really) - irssi-proxy - stunnel - Colloquy Mobile (from the iPhone App Store)

Throughout I will be assuming that you're running Ubuntu 10.04 (Lucid Lynx) as this is the currently most recent LTS release and thus most suited to servers. Also it's what I run, and this is my fun evening project :)

Although it will not be necessary to download it, I would like to note the original location of the patch and script that this method relies on. You can obtain both here.

Instead, we are going to install a patched irssi from one of my PPAs, but if you do not care for this idea, the above URL will let you build your own patched irssi and contains the colloquy_push.pl script.

Installation

These commands will install the patched irssi and the colloquy_push.pl script:

sudo add-apt-repository ppa:cmsj/irssi-colloquy-push
sudo apt-get update
sudo apt-get install irssi

(If you don't have add-apt-repository available, it's in the python-software-properties package).

Configuration

irssi-proxy

The first step is to load irssi-proxy. This is distributed as a plugin library in the irssi package, you can load it with:

/load proxy
/set irssiproxy_bind 127.0.0.1
/set irssiproxy_password PICKAGOODPASSWORD
/set irssiproxy_ports network1=31337 network2=31338 network3=31339

Obviously you'll need to replace PICKAGOODPASSWORD with a password, preferably a good one. Also you'll need to replace network1/network2/network3 with the names of the networks you've configured in irssi (which you can see with the command /network list) and switch them to different ports if you want.

Finally you should run /save so irssi writes out its config file with all of these changes. Et voila, we have a running proxy, but as you noticed, we forced it to listed on 127.0.0.1, so we can't yet connect to it from the Internet. The reason we've done this is that irssi_proxy is not able to directly offer encrypted connections. It would be a bad idea to allow all our proxy password and general IRC traffic to flow around unencrypted (even though many IRC server connections are unencrypted).

Stunnel

Stunnel is a very simple tool that lets you  add SSL support to anything listening on a TCP socket. To get started, install the stunnel4 package and edit /etc/default/stunnel4 and change ENABLED=0 to ENABLED=1.

Now we need to construct /etc/stunnel/stunnel.conf. The default contains various options we don't really care about, but one important one is the cert = line - we need an SSL certificate for this to work. You can either buy one or generate your own (a so-called "snake-oil" certificate). There are many guides to generating a .crt file and this is left as an exercise for the reader. With that file in place somewhere, edit stunnel.conf to point at it.

The final step for stunnel is to add port configurations. Jump to the bottom of the file and add a section like this for each of the ports irssi_proxy is listening on:

[myfirststunnel]
accept=123.123.123.123:31337
connect=127.0.0.1:31337

What we have done here is told stunnel to listen on our public IP on the same port that it will then connect to on 127.0.0.1. This might seem confusing, but I think it makes sense that the port numbers stay directly mapped between tunnels and proxy ports. Restart the stunnel4 service and you should see the appropriate ports being listened on.

colloquy_push.pl

This is the irssi script which glues all the magic together - it receives special commands from the iPhone version of Colloquy and uses those to pass on Push Notifications when necessary. To load it, type /script load colloquy_push.pl and you probably want to symlink /usr/share/irssi/scripts/colloquy_push.pl into ~/.irssi/scripts/autorun/.

Colloquy

Now configure a new IRC Connection in Colloquy on your iPhone. Enter its hostname/IP and the port you have stunnel listening on (the port settings are in Advanced) and enable SSL. Finally, set Push Notifications to On and you're done.

Shortcomings

The script, while excellent, has one or two drawbacks - it's not yet able to detect when you're watching irssi, so it may well send lots of notifications to your phone unnecessarily (I'm looking into expanding it to detect if you're running in screen/tmux and are attached), also it doesn't have any concept of sleeping hours, so you may get woken up by notifications! Nonetheless, this is an excellent way to use your awesome iPhone and not sacrifice the magnificence of irssi!


GStreamer thread oddness

I sometimes find myself in a place where there are a number of Icecast streams going out at once and I'm interested in finding better ways of monitoring these. It seems like a nice option would be a window showing a visualisation of each stream. I quickly whipped up some python to do this, but it almost always locks up when I run it, but I'm not sure if I've done something fundementally wrong or if I've found a bug somewhere. If you are a gstreamer expert, please take a look a this code and let me know what I should do next! If you know a gstreamer expert, please try and bribe them to read this post ;)