Tag: linux

Posted on

Recent geekage

I’ve had a mess around with stuff recently.  Here’s a summary;

On a server formerly running Microsoft SBS 2015 (or summat) I installed on Software RAIDed a commandline instance of Ubuntu 20.04 server, installed three concurrent versions of Ubuntu desktop and configured to remote in to them from the internet using a web interface called Apache Guacamole.  It is off at the moment; it has no SSL on it, so I’m not inclined to leave it turned on.  It was the combination of:

  1. Reading about Apache Guacamole in a random page, so knowing it was possible
  2. Wanting to have a way of showing potential Linux converts what it is like to use, without them coming to my place of work during Covid.
  3. Wanting to learn how to install virtual PCs within Windows Server by command-line.

It was probably two months ago, so I’m not entirely sure, but I probably used these instructions for the Guacamole side of things, and this I’m sure is the very detailed and useful guide to installing, configuring and deleting virtual machines with remote desktop displays from the command-line.

I migrated my Nextcloud instance off my server and on to a new Raspberry Pi 4b4GB.  The reason was that I had Nextcloud in a Snap.  A Snap is a fully packaged app with all its dependencies built in; Since Nextcloud is a webapp, that includes php, Apache webserver and MySQL (or equivalent) and even the Let’s Encrypt cert-bot, for self-renewing, short-term SSL certificates.  Same as most websites.  Now, if Apache and a Snap with Apache are running on the same server, they can’t be on the same port number.  Changing the port number to 44300 (instead of the default 443) means you can’t use the Snap’s built in Let’s Encrypt cert-bot, only the self-signed bot.  So any visitors via app or web interface have warning messages or compatibility issues, what with non-default ports and self-signed certificate warnings like YOU HAVE JUST HAD ALL YOUR PASSWORDS HACKED BY VISITING A WEBSITE WITH A SELF-SIGNED CERTIFICATE, YOU IDIOT!!! QUICK, PHONE YOUR BANK BEFORE YOUR ACCOUNT IS EMPTIED!!! Or words almost as ominous, I mean, it’s only a self-signed certificate.  I do declare that I am myself, and need no other authority to say that I am who I am or as may be, that I am not who I am, and, or, that I am who I am not, and or, or maybe not, that I am not who I am not.

Got it?

So, Nextcloud is on a Pi with a 2TB HD attached.  Not one of my five or six users would know without me telling them that it was under the stairs, on top of the Guacamole server.

My third geek was to install Ubuntu Server 20.10 on a laptop and install just the packages I wanted to, to have a custom build.  I installed cinnamon then lightdm, expecting to have a desktop on next boot up, but one didn’t link to the other until I did sudo apt reinstall cinnamon.  On boot, I did a sudo apt install firefox thunderbird libreoffice terminator then I tweaked around with a couple of themes. One other tweak was to suppress a tendency for it to pause for a minute at boot to see if the LAN port was going live – useless since it has wireless capability from having the cinnamon desktop installed. It is really tidy, and so I’m inclined to do a similar set up on my guacamole server

Fourth geek – I have wrapped my head around the usage of PGP public and private keys to encrypt emails attachment. You can now send me an encrypted email that only I can read, by using my public key, found at https://digitaltinker.co.uk/digitaltinker.asc

And you’re up to date.

Posted on

Greek Beefly and Goldy Blow

When I’m excusing myself from Netflix (or Amazon) and chill, I’ll usually make a spoonerism and say “I’m going to greek beefly”.  Implies that a bit of Linux stuff is going on.  The other I say is beak griefly.

There you go, an insight.

So, all that I’ve done of late is kept my server, WordPress and plug-ins up to date, just maintenance stuff.  I usually go on once a week or so.

I notice that when I’m applying a WordPress update, the security setting that I used in the first place to install WordPress were too strict for WordPress to update easily.  In other words, I ask WP to update, and it says it can’t; it hasn’t the permission.  It lists all the files it couldn’t write to and rolls back the changes.

But, it only does that for new versions of old files.  I’ve noticed that when trying to add new files to directories without the right permissions, WP reports the error, fails to roll back and often breaks.

Thankfully, I use Amazon to take a snapshot of the volume that holds the websites.  By clicking about 20 clicks over 2 minutes, I perform the following steps on my virtual server

  • I shut it down at the command line sudo shutdown now, then switch to the Amazon console
  • I virtually disconnect the virtual SATA lead from the virtual SSD
  • Virtually clone the snapshot to a new virtual SSD
  • Virtually plug the virtual SATA cable in to the new virtual SSD
  • Virtually press the virtual power button on the virtual front of my virtual server
  • Virtually toss the old virtual SSD in the virtual incinerator

Then I log back in to the server, change the suggested directory permissions and try the WordPress upgrade again.  Given that I’ve installed three independent copies of WordPress on my server, I can create a command to fix the permissions on one, then repeat it in the other two WordPress sites.

cd /var/www/site_1
sudo chmod g+w /wp-includes/long_list_of_many_files
cd ../site_2
[keys up up enter]
cd ../site_3
[up up enter]

I think the last time I did all this, I reversed the permission changes after the upgrade was successful.  This time, I didn’t; I figure that they should have been writeable in the first place.

One other thing I’ve had a play with is Docker – I launched a new instance on Amazon just to try it out.  I don’t think I get it.  If you get the WordPress docker and install it, does it take care of MySQL, Apache, PHP, configured all neatly and ready to go?  And what if I want Nextcloud to run on the same instance?  How does that mesh with the WordPress MySQL?  Is Docker more secure?  Does it impact performance?  Do you get less customisability or control with Docker apps?  I need to read up some more.

Lastly, there was no second Linux meet the month after the first one; I forgot to follow up the meet with a recurring entry on the meetup.com site.  And there were Rail strikes that meant transport was limited.  The second will go ahead 13th December.  It’ll  mostly be a presentation, I guess, a crash course in how I made this site.

And I’ve gone off on a tangent and decided to use a wget script to download sequentially named htm files of Star Trek The Original Series episode transcripts, and scan them with grep for the phrase “I can’t do it Cap’n, I don’t have the power”.  The nearest I got was a question not from Kirk but from McCoy to Scotty.  Episode 77 The Savage Curtain

MCCOY: Can we beam the captain and Spock back up?
SCOTT: We don’t have the power. They’ll come aboard a mass of dying flesh.

There you have it.  A search online for the full phrase invariably brings up an Ace Ventura Pet Detective moment of zaniness from Jim Carey.  I downloaded the animated Star Trek transcripts and the movies and still came up with nothing closer than the above.

I’ve re-read some of my ‘blog today, and realised that I did the “virtual chucking out of the hard drive” shtick before, in one of my earliest posts.  Ho-hum. (Sept 2018)