tag:blogger.com,1999:blog-48963119811148960422024-03-26T19:47:23.833-04:00Tech TipsThis is my blog about the various computer problems I have come across and my solutions to them as well as any other tech related things that I want to talk about.Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.comBlogger101125tag:blogger.com,1999:blog-4896311981114896042.post-80496069296872685982024-03-23T16:45:00.004-04:002024-03-25T18:10:26.245-04:00Dockerize my LAMP webserver<p>As my main SSD is running low on estimated life remaining, I am attempting to containerize my projects so that they can be easily moved. The primary one is my Linux Apache MySQL PHP (LAMP) webserver that I use for lists and MythWeb.</p><p>For this project I will be using docker compose to put a nginx reverse proxy in front of Apache so that it can direct the direct the traffic, handle ssl encrpytion, and authentication. We will first be setting it up on some dev ports (9080/9443) so that we can test before replacing the existing servers.</p><p><br /></p><h2 style="text-align: left;">Move docker data onto zfs</h2><p></p><ul style="text-align: left;"><li>This will keep the images and logs on zfs instead of my root drive</li><li>It will also require any image to be downloaded again and rebuilt</li><li>Stop dockerd</li><ul><li><span style="font-family: courier;">sudo systemctl stop docker</span></li><li><span style="font-family: courier;">sudo systemctl stop docker.socket</span></li></ul><li>Move the docker data</li><ul><li><span style="font-family: courier;">sudo mkdir /storage/containers/dockerd</span></li><li><span style="font-family: courier;">sudo rsync -avh --progress /var/lib/docker/ /storage/containers/dockerd</span></li><li><span style="font-family: courier;">sudo mv /var/lib/docker /var/lib/docker.old</span></li></ul><li>edit <span style="font-family: courier;">/etc/docker/daemon.json</span></li></ul><blockquote><span style="font-family: courier;">{<br /> "data-root": "/storage/containers/dockerd",<br /> "storage-driver": "zfs"<br />}</span></blockquote><ul style="text-align: left;"><li>Restart dockerd</li><ul><li><span style="font-family: courier;">sudo systemctl start docker.socket</span></li><li><span style="font-family: courier;">sudo systemctl start docker</span></li></ul></ul><p></p><p><br /></p><h2 style="text-align: left;">General Setup</h2><ul style="text-align: left;"><li>Create a place to store all the files</li><ul><li>this should be on your zfs dataset</li><li><span style="font-family: courier;">sudo mkdir -p /storage/containers/webserver</span> </li></ul><li>We will use this as the root directory for all of the below configs</li><li>Create the needed subdirs</li><ul><li><span style="font-family: courier;">cd /storage/containers/webserver</span></li><li><span style="font-family: courier;">sudo mkdir -p letsencrypt/etc letsencrypt/data letsencrypt/logs</span></li><li><span style="font-family: courier;">sudo mkdir -p nginx/www/html</span></li><li><span style="font-family: courier;">sudo mkdir -p lists/build lists/mysql lists/www/html/lists</span></li></ul></ul><p style="text-align: left;"><br /></p><p></p><h2 style="text-align: left;">First setup nginx</h2><p></p><ul style="text-align: left;"><li>Setup valid users for authentication</li><ul><li><span style="font-family: courier;">sudo htpasswd -c nginx/www/htpasswd username</span></li></ul><li>Copy the existing letsencrypt certs</li><ul><li><span style="font-family: courier;">sudo mkdir -p letsencrypt/etc/live/this.example.com</span></li><li><span style="font-family: courier;">sudo cp /etc/letsencrypt/live/this.example.com/* letsencrypt/etc/live/this.example.com/</span></li></ul><li>create a <span style="font-family: courier;">docker-compose.yml </span>with the following contents:</li></ul><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><span style="font-family: courier;"><div><span style="font-family: courier;"><b># Begin docker-compose.yml</b></span></div></span><span style="font-family: courier;">version: '3.4'</span><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">services:</span></div><div><span><span style="font-family: courier;"> nginx:</span></span></div><div><span style="font-family: courier;"><span> </span><span> container-name: 'nginx-proxy'</span></span></div><div><span style="font-family: courier;"><span> </span><span> hostname: 'nginx-proxy'</span></span></div><div><span style="font-family: courier;"><span> </span><span> image: nginx:latest</span></span></div><div><span style="font-family: courier;"><span> </span><span> ports:</span></span></div><div><span><span style="font-family: courier;"><span> </span><span> </span><span> - </span>"9080:80"</span></span></div><div><span><span style="font-family: courier;"><span> </span><span> </span><span> - "9443:443"</span></span></span></div><div><span style="font-family: courier;"><span> </span><span> volume:</span></span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> - ./prod.conf:/etc/nginx/conf.d/default.conf</span></span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> - ./nginx/www:/www</span></span></div><div><span style="font-family: courier;"><span> </span><span> </span><span> - ./letsencrypt/etc:/etc/letsencrypt</span></span></div><span style="font-family: courier;"> </span><span style="font-family: courier;"> </span><span style="font-family: courier;"> - ./letsencrypt/data:/data/letsencrypt</span><div><span style="font-family: courier;"><span><b># End docker-compose.yml</b></span></span></div></blockquote><div><ul style="text-align: left;"><li>create a <span style="font-family: courier;">prod.conf </span>with the following contents:</li></ul></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><span style="font-family: courier;"><b># Begin prod.conf</b></span></div></div><div><div><span style="font-family: courier;">server {</span></div></div><div><div><span><span style="font-family: courier;"> listen 80;</span></span></div></div><div><div><span><span style="font-family: courier;"><span> listen [::]:80;</span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span> server_name this.example.com;</span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><br /></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span> location / {</span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span> </span><span> rewrite ^ https://$host:9443$request_uri? permanent;</span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span> }</span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><br /></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span> # for cerbot challenge</span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span> location /.well-known/acme-challenge {</span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span> </span><span> allow all;</span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span> </span><span> root /data/letsencrypt;</span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span> }</span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span>}</span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><br /></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span>server {</span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span> listen 443 ssl;</span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span> listen [::]:443 ssl;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span> http2 on;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span> server_name this.example.com;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><br /></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> ssl_certificate /etc/letsencrypt/live/this.example.com/full chain.pem;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> ssl_certificate_key /etc/letsencrypt/live/this.example.com/privkey.pem;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><br /></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> auth_basic "Your Server Message";</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> auth_basic_user_file /www/htpasswd;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><br /></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> location / {</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> </span><span> root /www/html;</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span><span> }</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span>}</span></span></span></span></span></span></span></span></span></span></span></span></div></div><div><div><span><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><b># End prod.conf</b></span></span></span></span></span></span></span></span></span></span></span></span></div></div></blockquote><div><p></p><ul style="text-align: left;"><li>create a <span style="font-family: courier;">nginx/www/html/index.html</span> that will link to our actual contents, here is my example:</li></ul></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div style="text-align: left;"><span style="font-family: courier;"><html> </span></div></div><div><div style="text-align: left;"><span style="font-family: courier;"><body></span></div></div><div><div style="text-align: left;"><span style="font-family: courier;"><span> <p></span></span></div></div><div><div style="text-align: left;"><span><span style="font-family: courier;"><span> </span><span> <a href="lists/">Lists</a></span></span></span></div></div><div><div style="text-align: left;"><span><span style="font-family: courier;"><span> </p></span></span></span></div></div><div><div style="text-align: left;"><span><span><span style="font-family: courier;"><span> <p></span></span></span></span></div></div><div><div style="text-align: left;"><span><span><span><span style="font-family: courier;"><span> </span><span> <a href="mythweb/">MythWeb</a></span></span></span></span></span></div></div><div><div style="text-align: left;"><span><span><span><span style="font-family: courier;"><span> </p></span></span></span></span></span></div></div><div><div style="text-align: left;"><span style="font-family: courier;"></body></span></div></div><div><div style="text-align: left;"><span style="font-family: courier;"></html></span></div></div></blockquote><div><p></p><p></p><ul style="text-align: left;"><li>Now test the server</li><ul><li><span style="font-family: courier;">sudo docker-compose up --build</span></li></ul><li><span style="font-family: inherit;">Visit your site in a browser</span></li><li><span style="font-family: courier;">Ctrl+C</span> to stop the server</li></ul><p></p><p></p><p><br /></p><h2 style="text-align: left;">Setup MythWeb</h2><p></p><ul style="text-align: left;"><li>Add the mythweb section to <span style="font-family: courier;">docker-compose.yml </span>so that it looks like:</li></ul></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div style="text-align: left;"><span style="font-family: courier;"><b># Begin docker-compose.yml</b></span></div></div><div><div style="text-align: left;"><span style="font-family: courier;">version: '3.4'</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><div><span style="font-family: courier;">services:</span></div></div></div><div><div><div><span style="font-family: courier;"> nginx:</span></div></div></div><div><div><div><span style="font-family: courier;"> container-name: 'nginx-proxy'</span></div></div></div><div><div><div><span style="font-family: courier;"> hostname: 'nginx-proxy'</span></div></div></div><div><div><div><span style="font-family: courier;"> image: nginx:latest</span></div></div></div><div><div><div><span style="font-family: courier;"> ports:</span></div></div></div><div><div><div><span style="font-family: courier;"> - "9080:80"</span></div></div></div><div><div><div><span style="font-family: courier;"> - "9443:443"</span></div></div></div><div><div><div><span style="font-family: courier;"> volume:</span></div></div></div><div><div><div><span style="font-family: courier;"> - ./nginx/prod.conf:/etc/nginx/conf.d/default.conf</span></div></div></div><div><div><div><span style="font-family: courier;"> - ./nginx/www:/www</span></div></div></div><div><div><div><span style="font-family: courier;"> - ./letsencrypt/etc:/etc/letsencrypt</span></div></div></div><div><div><span style="font-family: courier;"> </span><span style="font-family: courier;"> </span><span style="font-family: courier;"> - ./letsencrypt/data:/data/letsencrypt</span><div><span style="font-family: courier;"><span> mythweb:</span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span> </span><span> container-name: 'myth-http'</span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span> </span><span> hostname: 'myth-http'</span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span> </span><span> image: dheaps/mythbackend:mythweb</span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span> </span><span> ports:</span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span> </span><span> </span><span> - "7080:80"</span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span> </span><span> environment:</span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span> </span><span> </span><span> - DATABASE_HOST=localhost</span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - DATABASE_NAME=mythconverg</span></span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - DATABASE_USER=mythtv</span></span></span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - DATABASE_PASSWORD=YourSuperSecretPassword</span></span></span></span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - TZ=America/New_York</span></span></span></span></span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span> </span><span> volumes:</span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> # This will have mysql connect over sockets instead ports</span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></div></div></div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span><span><span><span><span> </span><span> <span> </span></span><span>- </span></span></span></span></span></span></span></span></span></span></span></span></span></span></span><span style="font-family: courier;">/var/run/mysqld/mysql.sock</span><span style="font-family: courier;">:</span><span style="font-family: courier;">/var/run/mysqld/mysql.sock</span></div></div></div><div><div><div><span style="font-family: courier;"><b># End docker-compose.yml</b></span></div></div></div></blockquote><div><p></p></div><div><p></p><ul style="text-align: left;"><li>Add the mythweb sections to <span style="font-family: courier;">prod.conf</span> so that it looks like this:</li></ul></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><span style="font-family: courier;"><b># Begin nginx/prod.conf</b></span></div></div><div><div><span style="font-family: courier;">server {</span></div></div><div><div><span style="font-family: courier;"> listen 80;</span></div></div><div><div><span style="font-family: courier;"> listen [::]:80;</span></div></div><div><div><span style="font-family: courier;"> server_name this.example.com;</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;"> location / {</span></div></div><div><div><span style="font-family: courier;"> rewrite ^ https://$host:9443$request_uri? permanent;</span></div></div><div><div><span style="font-family: courier;"> }</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;"> # for cerbot challenge</span></div></div><div><div><span style="font-family: courier;"> location /.well-known/acme-challenge {</span></div></div><div><div><span style="font-family: courier;"> allow all;</span></div></div><div><div><span style="font-family: courier;"> root /data/letsencrypt;</span></div></div><div><div><span style="font-family: courier;"> }</span></div></div><div><div><span style="font-family: courier;">}</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;">server {</span></div></div><div><div><span style="font-family: courier;"> listen 443 ssl;</span></div></div><div><div><span style="font-family: courier;"> listen [::]:443 ssl;</span></div></div><div><div><span style="font-family: courier;"> http2 on;</span></div></div><div><div><span style="font-family: courier;"> server_name this.example.com;</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;"> ssl_certificate /etc/letsencrypt/live/this.example.com/fullchain.pem;</span></div></div><div><div><span style="font-family: courier;"> ssl_certificate_key /etc/letsencrypt/live/this.example.com/privkey.pem;</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;"> auth_basic "Your Server Message";</span></div></div><div><div><span style="font-family: courier;"> auth_basic_user_file /www/htpasswd;</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;"> location / {</span></div></div><div><div><span style="font-family: courier;"> root /www/html;</span></div></div><div><div><span style="font-family: courier;"> }</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;"><span> location /mythweb {</span></span></div></div><div><div><span style="font-family: courier;"><span><span> </span><span> # Use this to preserve port number</span></span></span></div></div><div><div><span style="font-family: courier;"><span><span> </span><span> return 301 $scheme://$http_host/mythweb/;</span></span></span></div></div><div><div><span style="font-family: courier;"><span><span> }</span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span> location /mythweb/ {</span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span> </span><span> proxy_pass http://myth-http:80/mythweb/;</span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span><span> </span><span> proxy_buffering off;</span></span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span><span><span> </span><span> proxy_set_header X-Real-IP $remote_addr;</span></span></span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span> </span><span> proxy_set_header X-Forwarded-Proto $scheme;</span></span></span></span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span> </span><span> # using $http_host so that the links will include port</span></span></span></span></span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span> </span><span> proxy_set_header X-Forwarded-Host $http_host;</span></span></span></span></span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span> </span><span> proxy_set_header X-Forwarded-Port $server_port;</span></span></span></span></span></span></span></span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span><span> }</span></span></span></span></span></div></div><div><div><span style="font-family: courier;">}</span></div></div><div><div><span style="font-family: courier;"><b># End nginx/prod.conf</b></span></div></div></blockquote><div><ul style="text-align: left;"><li>Now test the server</li><ul><li><span style="font-family: courier;">sudo docker-compose up --build</span></li></ul><li><span style="font-family: inherit;">Visit your site in a browser</span></li><li><span style="font-family: courier;">Ctrl+C</span> to stop the server</li></ul><p style="text-align: left;"><br /></p><h2 style="text-align: left;">Setup MySQL and Apache</h2><div><ul style="text-align: left;"><li>Note: we are using MYSQL_HOST environment variable so that the PHP can easily switch what MySQL instance to connect to</li><li>Create a directory to hold related files</li><ul><li><span style="font-family: courier;">mkdir -p lists/build</span></li><li><span style="font-family: courier;">mkdir -p lists/mysql</span></li></ul><li>Copy your HTML/PHP files into lists/www/html/</li><ul><li><span style="font-family: courier;">sudo mkdir -p lists/www/html/lists</span></li><li><span style="font-family: courier;">sudo cp /var/www/html/lists/* lists/www/html/lists/</span></li></ul><li>Add the MySQL and Apache sections to docker-compose.yml</li></ul></div></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;"><b># Begin docker-compose.yml</b></span></div></div></div><div><div><div><span style="font-family: courier;">version: '3.4'</span></div></div></div><div><div><div><span style="font-family: courier;"><br /></span></div></div></div><div><div><div><div><span style="font-family: courier;">services:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> nginx:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> container-name: 'nginx-proxy'</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> hostname: 'nginx-proxy'</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> image: nginx:latest</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> ports:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - "9080:80"</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - "9443:443"</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> volume:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - ./nginx/prod.conf:/etc/nginx/conf.d/default.conf</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - ./nginx/www:/www</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - ./letsencrypt/etc:/etc/letsencrypt</span></div></div></div></div><div><div><div><span style="font-family: courier;"> </span><span style="font-family: courier;"> </span><span style="font-family: courier;"> - ./letsencrypt/data:/data/letsencrypt</span><div><span style="font-family: courier;"> mythweb:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> container-name: 'myth-http'</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> hostname: 'myth-http'</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> image: dheaps/mythbackend:mythweb</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> ports:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - "7080:80"</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> environment:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - DATABASE_HOST=localhost</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - DATABASE_NAME=mythconverg</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - DATABASE_USER=mythtv</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - DATABASE_PASSWORD=YourSuperSecretPassword</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - TZ=America/New_York</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> volumes:</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> # This will have mysql connect over sockets instead ports</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"> - </span><span style="font-family: courier;">/var/run/mysqld/mysql.sock</span><span style="font-family: courier;">:</span><span style="font-family: courier;">/var/run/mysqld/mysql.sock</span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span> lists-www:</span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span> </span><span> container-name: 'lists-www'</span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span> </span><span> hostname: 'lists-www'</span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span> </span><span> build: './lists/build'</span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span> </span><span> environment:</span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span> </span><span> </span><span> - MYSQL_HOST=lists-mysql</span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span> </span><span> volumes:</span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span> </span><span> </span><span> - ./lists/http.conf:/etc/apache2/httpd.conf</span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - ./lists/www:/var/www</span></span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> # This is just where I keep my lists and isn't required</span></span></span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - /home/user/Documents/lists:/home/user/Documents/lists</span></span></span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span> lists-mysql:</span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span> </span><span> container-name: 'lists-mysql'</span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span> </span><span> hostname: 'lists-mysql'</span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span> </span><span> image: mysql:latest</span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span> </span><span> ports:</span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span> </span><span> </span><span> - "4306:3306"</span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span> </span><span> environment:</span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span> </span><span> </span><span> - MYSQL_ROOT_PASSWORD=AnotherSuperSecretPassword</span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span> </span><span> volumes:</span></span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><span><span><span><span><span><span><span><span><span><span> </span><span> </span><span> - ./lists/mysql:/var/lib/mysql</span></span></span></span></span></span></span></span></span></span></span></div></div></div></div><div><div><div><div><span style="font-family: courier;"><b># End docker-compose.yml</b></span></div></div></div></div></blockquote><div><div><p></p></div></div><div><div><ul style="text-align: left;"><li>Create <span style="font-family: courier;">lists/build/Dockerfile</span></li></ul></div></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><span style="font-family: courier;"><b># Begin lists/build/Dockerfile</b></span></div></div><div><div><span style="font-family: courier;">FROM php:apache</span></div></div><div><div><span style="font-family: courier;">RUN apt-get update && docker-php-ext-install mysqli pdo pdo_mysql</span></div></div><div><div><span style="font-family: courier;"><b># End </b></span><b style="font-family: courier;">lists/build/Dockerfile</b></div></div></blockquote><div><div><ul style="text-align: left;"><li>Create <span style="font-family: courier;">lists/http.conf</span></li></ul></div></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><span style="font-family: courier;"><b># Begin lists/http.conf</b></span></div></div><div><div><span style="font-family: courier;"><VirtualHost></span></div></div><div><div><span style="font-family: courier;"><span> ServerName this.example.com</span></span></div></div><div><div><span style="font-family: courier;"><span><span> ServerAdmin admin@this.example.com</span></span></span></div></div><div><div><span style="font-family: courier;"><span><span><span> DocumentRoot /var/www/html</span></span></span></span></div></div><div><div><span style="font-family: courier;"></VirtualHost></span></div></div><div><div><span style="font-family: courier;"><b># End lists/http.conf</b></span></div></div></blockquote><div><div><ul style="text-align: left;"><li>Now test the server</li><ul><li><span style="font-family: courier;">sudo docker-compose up --build</span></li></ul><li>While the test server is up load data into your MySQL instance</li><ul><li>Note: Don't use localhost or MySQL will ignore the port and use sockets</li><li><span style="font-family: courier;">sudo mysql -p -h 127.0.0.1 --port=4306</span></li></ul><li><span style="font-family: inherit;">Visit your site in a browser</span></li><li><span style="font-family: courier;">Ctrl+C</span> to stop the server</li></ul></div><p style="text-align: left;"><br /></p><h2 style="text-align: left;">Move to production</h2><div><ul style="text-align: left;"><li>Edit the configs</li><ul><li>in <span style="font-family: courier;">docker-compose.yml</span> replace <span style="font-family: courier;">9080</span> with <span style="font-family: courier;">80</span> and <span style="font-family: courier;">9443</span> with <span style="font-family: courier;">443</span></li><li>in <span style="font-family: courier;">nginx/prod.conf </span>replace <span style="font-family: courier;">9443</span> with <span style="font-family: courier;">443</span></li></ul><li>Stop the normal apache and keep it from starting at boot</li><ul><li><span style="font-family: courier;">sudo systemctl stop apache2</span></li><li><span style="font-family: courier;">sudo systemctl disable apache2</span></li></ul><li><span style="font-family: inherit;">Stop the normal certbot</span></li><ul><li><span style="font-family: courier;">sudo systemctl disable certbot.timer</span></li></ul><li>Have docker compose start at startup</li><ul><li><span style="font-family: courier;">/etc/systemd/system/docker-compose-webserver.service</span></li></ul></ul></div></div><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;"><b># Begin /etc/systemd/system/docker-compose-webserver.service</b></span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><span style="font-family: courier;"><b># Only include mysql.service if dependent on it for mythweb</b></span><br /><div><span style="font-family: courier;">[Unit]</span></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">Description=Docker Compose Webserver Service</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">Requires=docker.service</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><span style="font-family: courier;">Wants=mysql.service</span><div><span style="font-family: courier;">After=docker.service mysql.service</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;"><br /></span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">[Service]</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">Type=oneshot</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">RemainAfterExit=yes</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">WorkingDirectory=/storage/containers/webserver</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">ExecStart=/usr/bin/docker-compose up --build -d</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">ExecStop=/usr/bin/docker-compose down</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">TimeoutStartSec=0</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;"><br /></span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">[Install]</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;">WantedBy=multi-user.target</span></div></div></div></blockquote><blockquote style="border: medium; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><span style="font-family: courier;"><b># End /etc/systemd/system/docker-compose-webserver.service</b></span></div></div></blockquote></blockquote><div><div><ul style="text-align: left;"><ul><li>Load and start docker-compose-webserver</li><ul><li><span style="font-family: courier;">sudo systemctl daemon-reload</span></li><li><span style="font-family: courier;">sudo systemctl enable docker-compose-webserver</span></li><li><span style="font-family: courier;">sudo systemctl start docker-compose-webserver</span></li></ul></ul></ul><p style="text-align: left;"><br /></p></div><h2 style="text-align: left;">Setup the certificate renewal</h2><div><ul style="text-align: left;"><li>Unfortunately, the site needs to be live before we can test/setup certificate renewal, so make sure you did the steps above</li><li>Remove the certs that we copied in, as certbot needs a blank folder or it will add <span style="font-family: courier;">-0001</span> to our hostname directory</li><ul><li><span style="font-family: courier;">sudo rm -rf ./letsencrypt/etc/*</span></li></ul><li>Use staging (the test environment) to check the commands</li></ul><span style="font-family: courier;">sudo docker run -it --rm \</span></div><div><span style="font-family: courier;"> -v ./letsencrypt/data:/data/letsencrypt \</span></div><div><span style="font-family: courier;"> -v ./letsencrypt/etc:/etc/letsencrypt \</span></div><div><span style="font-family: courier;"> -v ./letsencrypt/logs:/var/logs/letsencrypt \</span></div><div><span style="font-family: courier;"> certbot/certbot \</span></div><div><div><span style="font-family: courier;"> certonly --webroot \</span></div><div><span style="font-family: courier;"> --register-unsafely-without-email --agree-tos \</span></div><div><span style="font-family: courier;"> --webroot-path=/data/letsencrypt \</span></div><div><span style="font-family: courier;"> --staging \</span></div></div><div><span style="font-family: courier;"> -d this.example.com</span></div><div><ul style="text-align: left;"><li>If the above worked then we can try a live renewal (which is rate limited)</li></ul><div><span style="font-family: courier;">sudo docker run -it --rm \</span></div><div><span style="font-family: courier;"> -v ./letsencrypt/data:/data/letsencrypt \</span></div><div><span style="font-family: courier;"> -v ./letsencrypt/etc:/etc/letsencrypt \</span></div><div><span style="font-family: courier;"> -v ./letsencrypt/logs:/var/logs/letsencrypt \</span></div><div><span style="font-family: courier;"> </span><span style="font-family: courier;">certbot/certbot \</span></div><div><span style="font-family: courier;"> certonly --webroot \</span></div><div><span style="font-family: courier;"> --email youremail@domain.com --agree-tos --no-eff-email \</span></div><div><span style="font-family: courier;"> --webroot-path=/data/letsencrypt \</span></div><div><span style="font-family: courier;"> -d this.example.com</span></div><ul style="text-align: left;"><li>If the above worked then we schedule automatic renewal</li><li>Create if does not exist <span style="font-family: courier;">/lib/systemd/system/cerbot.service</span></li></ul></div></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;"><b># Begin certbot.timer</b></span></div></div></div><div><div><span style="font-family: courier;">[Unit]</span></div></div><div><div><span style="font-family: courier;">Description=Run certbot twice daily</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;">[Timer]</span></div></div><div><div><span style="font-family: courier;">OnCalendar=*-*-* 00,12:00:00</span></div></div><div><div><span style="font-family: courier;">RandomizedDelaySec=43200</span></div></div><div><div><span style="font-family: courier;">Persistent=true</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;">[Install]</span></div></div><div><div><span style="font-family: courier;">WantedBy=timers.target</span></div></div><div><div><span style="font-family: courier;"><b># End certbot.timer</b></span></div></div></blockquote><div><div><ul style="text-align: left;"><li>Edit/create <span style="font-family: courier;">/lib/systemd/system/cerbot.service</span></li></ul></div></div><blockquote style="border: none; margin: 0px 0px 0px 40px; padding: 0px; text-align: left;"><div><div><div><span style="font-family: courier;"><b># Begin certbot.service</b></span></div></div></div><div><div><span style="font-family: courier;">[Unit]</span></div></div><div><div><span style="font-family: courier;">Description=Certbot</span></div></div><div><div><span style="font-family: courier;">Documentation=file:///usr/share/doc/python-certbot-doc/html/index.html</span></div></div><div><div><span style="font-family: courier;">Documentation=letsencrypt.readthedocs.io/en/latest</span></div></div><div><div><span style="font-family: courier;"><br /></span></div></div><div><div><span style="font-family: courier;">[Service]</span></div></div><div><div><span style="font-family: courier;">Type=oneshot</span></div><div><span style="font-family: courier;"># ExecStart=/usr/bin/certbot -q renew</span></div><div><span style="font-family: courier;">WorkingDirectory=/storage/containers/webserver</span></div></div><div><div><span style="font-family: courier;">ExecStart=docker run --rm \</span></div></div><div><div><span style="font-family: courier;"> -v ./letsencrypt/data:/data/letsencrypt \</span></div></div><div><div><span style="font-family: courier;"> -v ./letsencrypt/etc:/etc/letsencrypt \</span></div></div><div><div><span style="font-family: courier;"> -v ./letsencrypt/logs:/var/logs/letsencrypt \</span></div></div><div><div><span style="font-family: courier;"> </span><span style="font-family: courier;">certbot/certbot \</span></div><div><span style="font-family: courier;"> renew --quiet --webroot \</span></div></div><div><div><span style="font-family: courier;"> --email youremail@domain.com --agree-tos --no-eff-email \</span></div></div><div><div><span style="font-family: courier;"> --webroot-path=/data/letsencrypt</span></div></div><div><div><span style="font-family: courier;">PrivateTmp=true</span></div></div><div><div><span style="font-family: courier;"><b># End certbot.service</b></span></div></div></blockquote><div><div><ul style="text-align: left;"><li>Enable the service</li><ul><li><span style="font-family: courier;">sudo systemctl daemon-reload</span></li><li><span style="font-family: courier;">sudo systemctl enable certbot.timer</span></li></ul></ul></div><p style="text-align: left;"><br /></p><h2 style="text-align: left;">Debug</h2><div><ul style="text-align: left;"><li>If you see errors like `Cannot create container for service`</li><ul><li>view all containers:</li><ul><li><span style="font-family: courier;">docker ps -a</span></li></ul><li>you can remove the offending container with:</li><ul><li><span style="font-family: courier;">docker rm <container-name></span></li></ul></ul></ul><p style="text-align: left;"><br /></p></div><h2 style="text-align: left;">Next Steps</h2><div><ul style="text-align: left;"><li>Put mythbackend and its MySQL instance in docker</li></ul><p style="text-align: left;"><br /></p></div><p></p><h2 style="text-align: left;">Appendix</h2><p>Sources</p><p></p><ul style="text-align: left;"><li>Docker</li><ul><li><a href="https://docs.docker.com/reference/cli/dockerd/#daemon-configuration-file">https://docs.docker.com/reference/cli/dockerd/#daemon-configuration-file</a></li><li><a href="https://tienbm90.medium.com/how-to-change-docker-root-data-directory-89a39be1a70b">https://tienbm90.medium.com/how-to-change-docker-root-data-directory-89a39be1a70b</a></li><li><a href="https://mrkandreev.name/snippets/how_to_move_docker_data_to_another_location/">https://mrkandreev.name/snippets/how_to_move_docker_data_to_another_location/</a></li><li><a href="https://www.guguweb.com/2019/02/07/how-to-move-docker-data-directory-to-another-location-on-ubuntu/">https://www.guguweb.com/2019/02/07/how-to-move-docker-data-directory-to-another-location-on-ubuntu/</a> <br /></li><li><a href="https://stackoverflow.com/questions/68634012/how-to-fix-docker-storage-driver-overlay2-problem">https://stackoverflow.com/questions/68634012/how-to-fix-docker-storage-driver-overlay2-problem</a></li><li><a href="https://docs.docker.com/storage/storagedriver/select-storage-driver/">https://docs.docker.com/storage/storagedriver/select-storage-driver/</a></li></ul><li>Apache/LetsEncrypt</li><ul><li><a href="https://www.linkedin.com/pulse/use-apache-ssllets-encrypt-docker-leon-sczepansky/">https://www.linkedin.com/pulse/use-apache-ssllets-encrypt-docker-leon-sczepansky/</a></li><li><a href="https://www.humankode.com/ssl/how-to-set-up-free-ssl-certificates-from-lets-encrypt-using-docker-and-nginx/">https://www.humankode.com/ssl/how-to-set-up-free-ssl-certificates-from-lets-encrypt-using-docker-and-nginx/</a></li><li><a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Simple-Apache-docker-compose-example-with-Dockers-httpd-image">https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/Simple-Apache-docker-compose-example-with-Dockers-httpd-image</a></li><li><a href="https://letsencrypt.org/docs/staging-environment/">https://letsencrypt.org/docs/staging-environment/</a></li></ul><li>PHP</li><ul><li><a href="https://doc4dev.com/en/create-a-web-site-php-apache-mysql-in-5-minutes-with-docker/">https://doc4dev.com/en/create-a-web-site-php-apache-mysql-in-5-minutes-with-docker/</a></li><li><a href="https://thriveread.com/apache-php-with-docker-mysql-and-phpmyadmin/">https://thriveread.com/apache-php-with-docker-mysql-and-phpmyadmin/</a></li></ul><li>nginx</li><ul><li><a href="https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/">https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/</a></li><li><a href="https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/How-to-setup-Nginx-reverse-proxy-servers-by-example">https://www.theserverside.com/blog/Coffee-Talk-Java-News-Stories-and-Opinions/How-to-setup-Nginx-reverse-proxy-servers-by-example</a></li><li><a href="https://stackoverflow.com/questions/41605137/how-to-remove-a-subdirectory-from-the-url-before-passing-to-a-script">https://stackoverflow.com/questions/41605137/how-to-remove-a-subdirectory-from-the-url-before-passing-to-a-script</a></li><li><a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/">https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/</a></li><li><a href="https://www.hostwinds.com/tutorials/create-use-htpasswd">https://www.hostwinds.com/tutorials/create-use-htpasswd</a></li></ul><li>MySQL</li><ul><li><a href="https://earthly.dev/blog/docker-mysql/">https://earthly.dev/blog/docker-mysql/</a></li></ul><li>MythTV</li><ul><li><a href="https://hub.docker.com/r/dheaps/mythbackend">https://hub.docker.com/r/dheaps/mythbackend</a></li></ul><li>Systemd</li><ul><li><a href="https://stackoverflow.com/questions/43671482/how-to-run-docker-compose-up-d-at-system-start-up">https://stackoverflow.com/questions/43671482/how-to-run-docker-compose-up-d-at-system-start-up</a></li><li><a href="https://unix.stackexchange.com/questions/363728/which-is-the-correct-way-to-disable-a-systemd-timer-unit">https://unix.stackexchange.com/questions/363728/which-is-the-correct-way-to-disable-a-systemd-timer-unit</a></li><li><a href="https://www.redhat.com/sysadmin/systemd-oneshot-service">https://www.redhat.com/sysadmin/systemd-oneshot-service</a></li></ul></ul><div><br /></div><p></p></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-63508194938684873292024-02-02T21:03:00.001-05:002024-02-18T22:38:49.696-05:00New VNC client for ChromeOS<p></p><p style="text-align: left;">As RealVNC discontinued their ChromeOS version and it was giving me issues with disconnections, I decided to look for a replacement.<br /></p><p style="text-align: left;"><br /></p><h2 style="text-align: left;">The search</h2><p style="text-align: left;"></p><ul style="text-align: left;"><li>xtightvncviewer</li><ul><li>Bad connection dialog</li><li>Does not handle ChromeOS scaling properly</li><li>No client window scaling without changing host resolution</li></ul><li>ssvnc</li><ul><li>Bad connection dialog</li><li>Does not handle ChromeOS scaling properly</li><li>No client window scaling without changing host resolution</li><li>Puts 2 icons on the dock</li><li>Supports ssh/ssl encryption</li></ul><li>tigervnc-viewer</li><ul><li>Acceptable connection dialog</li><li>Does not handle ChromeOS scaling properly</li><li>No client window scaling without changing host resolution</li><li>Support TLS encryption</li></ul><li>vinagre</li><ul><li>Acceptable connection dialog</li><li>Handles ChromeOS scaling properly</li><li>Suppports client window scaling without changing host resolution</li><li>Dock icon didn't load properly</li><li>Touchpad scrolling does not work</li><li>No longer maintained, superseded by Gnome Connections</li></ul><li>Gnome Connections</li><ul><li>Slick looking connections page</li><li>Handles ChromeOS scaling properly</li><li>Supports client window scaling without changing host resolution</li><li>Supports TLS encryption</li><li>Touchpad scrolling does not work</li><li>Does not remember/resize window when connecting</li></ul></ul><div>After my search I decided to go with TigerVNC viewer, but will keep Gnome Connections installed as it may eventually overtake it. Below is how I installed each</div><div><br /></div><h2 style="text-align: left;">Installing TigerVNC viewer</h2><div><ul style="text-align: left;"><li>Launch terminal</li><ul><li><span style="font-family: courier;">sudo apt install tigervnc-viewer</span></li></ul><li>Configure it to scale properly</li><ul><li>First determine your Chromebooks scaling</li><ul><li>Settings -> Displays -> Display size</li></ul><li>Test to make sure it is what you like, where .8 == 80% from above</li><ul><li><span style="font-family: courier;">/usr/bin/sommelier -X --scale=.8 /usr/bin/xtigervncviewer</span></li></ul><li>Edit xtightvncviewer.desktop</li><ul><li><span style="font-family: courier;">cp /usr/share/applications/xtigervncviewer.desktop ${HOME}/.local/share/applications/</span></li><li><span style="font-family: courier;">vi ${HOME}/.local/share/applications/xtigervncviewer.desktop</span></li><li>find "Exec"</li><li>and set it to the command that you tested</li></ul></ul><li>Launch the App</li><ul><li>Search Key -> TigerVNC</li></ul><li>Connect</li><ul><li>192.168.1.XXX:1</li></ul></ul><div><br /></div></div><p></p><h2 style="text-align: left;">Installing Gnome Connections</h2><ul style="text-align: left;"><li>Resize your linux storage size</li><ul><li>Settings -> Advanced -> Linux development environment -> Disk size "Change"</li><li>I set it to 16 GB</li></ul><li>Launch terminal</li><ul><li>Make sure apt is up to date</li><ul><li><span style="font-family: courier;">sudo apt update</span></li><li><span style="font-family: courier;">sudo apt upgrade</span></li></ul><li>Install flatpak</li><ul><li><span style="font-family: courier;">sudo apt install flatpak</span></li><li><span style="font-family: courier;">flatpak --user remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo</span></li><li>Restart the linux container by right clicking on your terminal icon and select "Shut down Linux"</li></ul><li>Install and start Gnome Connections</li><ul><li><span style="font-family: courier;">flatpak install flathub org.gnome.Connections</span></li><li><span style="font-family: courier;">flatpak run org.gnome.Connections</span></li></ul><li>Add your VNC server</li><ul><li>192.168.1.XXX:5901</li><li>Make sure to select VNC</li></ul></ul></ul><div><br /></div><h2 style="text-align: left;">Appendix</h2><p style="text-align: left;">Sources:</p><p style="text-align: left;"></p><ul style="text-align: left;"><li><a href="https://www.reddit.com/r/Crostini/comments/b04od4/is_there_anyway_to_change_the_scaling_for_linux/">https://www.reddit.com/r/Crostini/comments/b04od4/is_there_anyway_to_change_the_scaling_for_linux/</a></li><li><a href="https://www.reddit.com/r/Crostini/comments/8vhta1/fix_for_resolution/">https://www.reddit.com/r/Crostini/comments/8vhta1/fix_for_resolution/</a></li><li><a href="https://www.reddit.com/r/Crostini/wiki/howto/adjust-display-scaling/">https://www.reddit.com/r/Crostini/wiki/howto/adjust-display-scaling/</a></li><li><a href="https://flatpak.org/setup/Chrome%20OS">https://flatpak.org/setup/Chrome%20OS</a></li><li><a href="https://flathub.org/apps/org.gnome.Connections">https://flathub.org/apps/org.gnome.Connections</a></li></ul><p></p><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-52702277628878338692024-01-26T22:49:00.001-05:002024-01-26T22:49:16.991-05:00Miscellaneous Minecraft Matters<p style="text-align: left;">I wanted to host a Minecraft server for me and my daughter to be able to play on. After some research, using a docker container surfaced as the easiest way to do this. Also I wanted to use Steam Link to be able to play, so I needed to add a shortcut to Minecraft in Steam.</p><p style="text-align: left;">Below are the steps that I used to accomplish this</p><p style="text-align: left;"><br /></p><h2 style="text-align: left;">Minecraft Bedrock Docker Server </h2><p></p><ul style="text-align: left;"><li><a href="https://github.com/itzg/docker-minecraft-bedrock-server">https://github.com/itzg/docker-minecraft-bedrock-server</a></li><li>find your players XUID</li><ul><li>I did this by starting the server connecting and looking at the server output</li></ul><li>create a <span style="font-family: courier;">docker-compose.yml</span> file where OPS has your players XUIDs in a comma separated list and ALLOW_LIST_USERS has the player names and XUIDs that you want to be able to login</li></ul><div><div></div><blockquote><div><span style="font-family: courier;">version: '3.4'</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">services:</span></div><div><span style="font-family: courier;"> bds:</span></div><div><span style="font-family: courier;"> image: itzg/minecraft-bedrock-server</span></div><div><span style="font-family: courier;"> environment:</span></div><div><span style="font-family: courier;"> EULA: "TRUE"</span></div><div><span style="font-family: courier;"> GAMEMODE: creative</span></div><div><span style="font-family: courier;"> DIFFICULTY: peaceful</span></div><div><span style="font-family: courier;"> SERVER_NAME: "Our World"</span></div><div><span style="font-family: courier;"> OPS: "1234,5678"</span></div><div><span style="font-family: courier;"> ALLOW_CHEATS: "true"</span></div><span style="font-family: courier;"> ALLOW_LIST: "true"<br /></span><span style="font-family: courier;"> ALLOW_LIST_USERS: "player1:1234,player with spaces:5678"</span><div><span style="font-family: courier;"> ports:</span></div><div><span style="font-family: courier;"> - "19132:19132/udp"</span></div><div><span style="font-family: courier;"> volumes:</span></div><div><span style="font-family: courier;"> - /storage/containers/minecraft/world1:/data</span></div><div><span style="font-family: courier;"> stdin_open: true</span></div><div><span style="font-family: courier;"> tty: true</span></div></blockquote><div></div></div><p></p><p></p><ul style="text-align: left;"><li>start the container</li><ul><li><span style="font-family: courier;">docker-compose up</span></li></ul><li>A <span style="font-family: courier;">permissions.json</span> file will be created giving the specified players ops powers</li><li>Note: even though your server is local the Playstation/Xbox/Switch version will not be able to connect without a PS Plus/Xbox Live/Nintendo Online subscription</li><ul><li><a href="https://bugs.mojang.com/browse/BDS-1634">https://bugs.mojang.com/browse/BDS-1634</a></li></ul></ul><div><br /></div><p></p><h2 style="text-align: left;">Adding a shortcut to Minecraft in Steam</h2><p></p><ul style="text-align: left;"><li>Find out where Minecraft was stored</li><ul><li>Paste the following into an explorer window:</li><ul><li><span style="font-family: courier;">%LocalAppData%\Packages\</span></li></ul><li>Find the folder like:</li><ul><li><span style="font-family: courier;">Microsoft.MinecraftUWP_<seemingly_random_letters_and_numbers></span></li></ul><li>The seemingly random letters and numbers are the app id, we will need them for later</li></ul><li>In Steam go to your Library and click "ADD A GAME" and then "Add a Non-Steam Game..."</li><li>Navigate to <span style="font-family: courier;">C:\Windows</span> and select <span style="font-family: courier;">explorer.exe</span></li><li>You will see a new entry in your library called explorer</li><li>Right click on it -> Properties</li><li>Choose an appropriate icon</li><li>Rename it</li><li>Click "SET LAUNCH OPTIONS"</li><li>type/paste in the following:</li><ul><li><span style="font-family: courier;">shell:appsFolder\<your-app-id>!App</span></li></ul><li><span style="font-family: inherit;">Click "OK"</span></li><li><span style="font-family: inherit;">Click "CLOSE"</span></li><li><span style="font-family: inherit;">You should now be able to launch Minecraft from Steam</span></li></ul><p></p><p><br /></p><h2 style="text-align: left;">Appendix</h2><p style="text-align: left;">Sources:</p><p></p><ul style="text-align: left;"><li><a href="https://linustechtips.com/topic/547779-add-universal-apps-and-purchased-windows-store-games-to-steam-library-and-how-to-pin-steam-games-to-windows-taskbar-and-start-menu/">https://linustechtips.com/topic/547779-add-universal-apps-and-purchased-windows-store-games-to-steam-library-and-how-to-pin-steam-games-to-windows-taskbar-and-start-menu/</a></li></ul><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-5318757384845410272024-01-04T20:55:00.000-05:002024-01-04T20:55:04.849-05:00Changing a zpool from ashift=9 to ashift=12<p>I wanted the additional write speed on my nas drives that come from aligning the ashift value with physical sector size of my hard drives (ashift=9 is 512 bytes and ashift=12 is 4KB). Unfortunately, you cannot change ashift on an existing zpool, so you will have to backup the data, destroy the pool, recreate it, and then restore the data.</p><p><br /></p><h2 style="text-align: left;">Prereq</h2><p></p><ul style="text-align: left;"><li>pv (to monitor the process/speed)</li><ul><li><span style="font-family: courier;">sudo apt-get install pv</span></li></ul><li>encrypted zfs data with the "wrong" ashift value that you want to migrate</li></ul><div><br /></div><h2 style="text-align: left;">Process to move</h2><ol style="text-align: left;"><li>Stop any process that writes to your storage that you want to move</li><li>Setup temporary storage location</li><ul><li><span style="font-family: courier;">sudo zpool create external-storage mirror /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-XXXXXXX /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-XXXXXXX</span></li><li><span style="font-family: courier;">sudo zfs create -o encryption=aes-256-gcm -o keylocation=prompt -o keyformat=passphrase external-storage/encrypted</span></li></ul><li>Create a snapshot</li><ul><li><span style="font-family: courier;">sudo zfs snapshot storage/encrypted@migrate-20231229</span></li><li><span style="font-family: courier;">sudo zfs list -t snapshot</span></li></ul><li>Copy snapshot over</li><ul><li><span style="font-family: courier;">sudo bash -c 'zfs send storage/encrypted@migrate-20231229 | pv | zfs recv external-storage/encrypted/backup'</span></li></ul><li>Ensure that all files have been backed up</li><li>Unmount the datasets</li><ul><li><span style="font-family: courier;">sudo zfs unmount storage/encrypted</span></li></ul><li>Destroy the old zpool</li><ul><li><span style="font-family: courier;">sudo zpool destroy storage</span></li></ul><li>Create the new zpool</li><ul><li><span style="font-family: courier;">sudo zpool create storage mirror /dev/disk/by-id/ata-WDC_WD60EFZX-68B3FN0_WD-XXXXXXX ata-WDC_WD60EFZX-68B3FN0_WD-XXXXXXX</span></li></ul><li>Ensure is setup with the correct ashift value</li><ul><li><span style="font-family: courier;">sudo zdb -C storage | grep ashift</span></li></ul><li>Create a temporary file to contain your passphrase because since zfs recv is using stdin to pull in the data it cannot prompt for it</li><ul><li><span style="font-family: courier;">echo "super-secret" > /home/example/passphrase.txt</span></li></ul><li>Copy snapshot back</li><ul><li><span style="font-family: courier;">sudo bash -c 'zfs send external-storage/encrypted/backup@migrate-20231229 | pv | zfs recv -o encryption=aes-256-gcm -o keylocation=file:///home/example/passphrase.txt -o keyformat=passphrase storage/encrypted'</span></li></ul><li>Change from a file to prompt for password</li><ul><li><span style="font-family: courier;">sudo zfs change-key -o keylocation=prompt storage/encrypted</span></li></ul><li><span style="font-family: inherit;">Remove the temp passphrase</span></li><ul><li><span style="font-family: courier;">rm /home/example/passphrase.txt</span></li></ul><li><span style="font-family: inherit;">Check that all your files are back in place</span></li><li><span style="font-family: inherit;">Now if you want you can destroy the backup <b>or</b> export it and keep the backup</span></li><ul><li><span style="font-family: courier;">sudo zpool destroy external-storage</span></li><li><span style="font-family: inherit;"><b>OR</b></span></li><li><span style="font-family: courier;">sudo zpool export external-storage</span></li></ul></ol><div style="text-align: left;"><div><br /></div><h2 style="text-align: left;">Appendix</h2><div>If you see an error like:</div><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">cannot receive new filesystem stream: zfs receive -F cannot be used to destroy an encrypted filesystem or overwrite an unencrypted one with an encrypted one</span></li><li>That means that you cannot copy to the encrypted dataset. What I did to get around this was to instead copy to a child of the encrypted dataset.</li></ul><p style="text-align: left;"></p><p>Sources:</p><p></p><div style="text-align: left;"><ul style="text-align: left;"><li><a href="https://gist.github.com/kapythone/dbdbf7ad1961c606e62e215e5d30de98">https://gist.github.com/kapythone/dbdbf7ad1961c606e62e215e5d30de98</a></li><li><a href="https://mtlynch.io/zfs-encrypted-backups/">https://mtlynch.io/zfs-encrypted-backups/</a></li><li><a href="https://unix.stackexchange.com/questions/532619/encryption-of-existing-dataset-in-zfs-zol-0-8/575439#575439">https://unix.stackexchange.com/questions/532619/encryption-of-existing-dataset-in-zfs-zol-0-8/575439#575439</a></li><li><a href="https://charsiurice.wordpress.com/2016/05/30/checking-ashift-on-existing-pools/">https://charsiurice.wordpress.com/2016/05/30/checking-ashift-on-existing-pools/</a></li></ul></div></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-24527942439905059862024-01-01T16:53:00.001-05:002024-01-14T23:05:24.926-05:00Migrating from eCryptFS to native zfs encryption<p></p><div>I wanted to move from eCryptFS on top of a zfs dataset to a more standard and speedier encryption approach which is native zfs encryption. Here is the process that I went through.</div><div><br /></div><h2 style="text-align: left;">Process</h2><ol style="text-align: left;"><li>Ensure your backups are up to date!</li><li>Upgrade the zpool</li><ul><li>ensure you are on a recent version of zfs and not zfs-fuse (see previous <a href="https://zmodemz.blogspot.com/2023/12/adventures-with-zfs.html">post</a>)</li><li><span style="font-family: courier;">sudo zpool upgrade storage</span></li></ul><li>Create the destination dataset</li><ul><li><span style="font-family: courier;">sudo zfs create -o encryption=aes-256-gcm -o keylocation=prompt -o keyformat=passphrase storage/new-encrypt</span></li></ul><li>Set/change the mount point (optional)</li><ul><li><span style="font-family: courier;">sudo zfs set mountpoint=/storage/new-encrypt storage/new-encrypt</span></li></ul><li>Move the files over</li><ul><li><span style="font-family: courier;">sudo rsync -avh --progress --remove-source-files /storage/encrypted/* /storage/new-encrypt/</span></li><li><span style="font-family: courier;">-z / --compress </span><span style="font-family: inherit;">is not needed and would slow down a local transfer</span></li></ul><li>Remove the left over directories</li><ul><li><span style="font-family: courier;">sudo find /storage/encrypted/ -type d -empty -delete</span></li></ul><li>Verify no files are left:</li><ul><li><span style="font-family: courier;">ls -al /storage/encrypted</span></li><li>if any files exist then repeat the rsync</li></ul><li>Unmount the encryptfs</li><ul><li><span style="font-family: courier;">sudo umount /storage/encrypted</span></li></ul><li>Remove/comment the entry from /etc/fstab</li><ul><li><span style="font-family: courier;">sudo vi /etc/fstab</span></li></ul><li>Unmount the zfs dataset</li><ul><li><span style="font-family: courier;">sudo zfs unmount storage/.encrypted</span></li></ul><li>Test destroying the zfs dataset</li><ul><li><span style="font-family: courier;">sudo zfs destroy -n storage/.encrypted</span></li></ul><li>Destroy the zfs dataset</li><ul><li><span style="font-family: courier;">sudo zfs destroy storage/.encrypted</span></li></ul><li>Change the name of new-encrypt</li><ul><li><span style="font-family: courier;">sudo zfs rename storage/new-encrypt storage/encrypted</span></li></ul><li>Update mountpoint (if required)</li><ul><li><span style="font-family: courier;">sudo zfs set mountpoint=/storage/encrypted storage/encrypted</span></li></ul></ol><div>If everything works then the new zfs native encrypted dataset slots right into where the old one was and all your samba shares should be fine.</div><div><br /></div><h2 style="text-align: left;">Appendix</h2><div>Sources:</div><div><ul style="text-align: left;"><li><a href="https://rucore.net/en/luks-ecryptfs-or-zfs-encryption-choosing-a-way-to-protect-your-data-in-linux/">https://rucore.net/en/luks-ecryptfs-or-zfs-encryption-choosing-a-way-to-protect-your-data-in-linux/</a></li></ul></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-88147796114473848852023-12-13T22:43:00.002-05:002023-12-28T22:14:16.318-05:00Adventures with ZFS<p>As part of plan to improve my backup strategy, I was testing out different zfs configurations to see what might be the best option.</p><p><br /></p><h2 style="text-align: left;">The Problem</h2><p>I was having trouble testing out using native zfs encryption</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo zfs create -o encryption=aes-256-gcm -o keylocation=prompt -o keyformat=passphrase test-pool/test-encrypt</span></li><li><span style="font-family: courier;">invalid property 'encryption'</span></li></ul><p></p><p style="text-align: left;"><br /></p><h2 style="text-align: left;">Checking zfs version</h2><p>So first I checked the zfs version:</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo modinfo zfs | grep version</span></li><ul><li><span style="font-family: courier;">version: 0.8.3-1ubuntu12.15</span></li></ul><li><span style="font-family: courier;">zpool version</span></li><ul><li>returned an error, which I found weird</li></ul><li><span style="font-family: courier;">zpool upgrade -v</span></li><ul><li>returned a maximum version of 23</li><li>expected a maximum version of 28</li></ul><li>Did some googling and found out that I may have the older zfs-fuse installed</li><li><span style="font-family: courier;">dpkg -s zfs-fuse</span> </li><ul><li>confirmed my suspicion and told me that I had 0.7.0 installed</li></ul></ul><p><br /></p><h2 style="text-align: left;">Replace zfs-fuse with zfsutils-linux</h2><p></p><ul style="text-align: left;"><li><b>* Unmount all zfs datasets*</b></li><ul><li>I didn't do this step, but you definitely should to prevent data errors</li><li><span style="font-family: courier;">sudo zfs unmount <zpool>/<dataset></span></li></ul><li><span style="font-family: courier;">sudo apt remove zfs-fuse</span></li><li><span style="font-family: courier;">sudo apt install zfsutils-linux</span></li><li>Here I rebooted the system</li><li><span style="font-family: courier;">sudo zpool status</span></li><ul><li><span style="font-family: courier;">no zpools available</span></li></ul><li><span style="font-family: courier;">sudo zpool import -a</span></li><ul><li>listed my zpool with its last use</li></ul><li><span style="font-family: courier;">sudo zpool import -f <zpool></span></li><li><span style="font-family: courier;">sudo zpool status</span></li><ul><li>now correctly showed my zpool</li></ul></ul><p></p><p><br /></p><h2 style="text-align: left;">Test setup</h2><div><ul><li>I am using 2 disks that have a raw speed of 150 MB/s (benchmarked using dd on a single disk)</li><li>Creating the test pool</li><ul><li><span style="font-family: courier;">sudo zpool create test-pool mirror /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-<serial_number> /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-<serial_number></span></li><li><b>or</b></li><li><span style="font-family: courier;">sudo zpool create test-pool -o ashift=9 mirror /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-<serial_number> /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-<serial_number></span></li></ul><li>Creating test dataset</li><ul><li><span style="font-family: courier;">sudo zfs create test-pool/test</span></li><li><span style="font-family: courier;">sudo zfs create -o encryption=aes-256-gcm -o keylocation=prompt -o keyformat=passphrase test-pool/test-encrypt</span></li></ul><li>Disable caching</li><ul><li><span style="font-family: courier;">sudo zfs set primarycache=none test-pool/test</span></li><li><span style="font-family: courier;">sudo zfs set secondarycache=none test-pool/test</span></li></ul><li>10 back-to-back copies of a 5GB file and waiting for the numbers to stabilize</li><ul><li><span style="font-family: courier;">sudo rsync --progress Downloads/Win11_22H2_English_x64v1.iso /test-pool/test/</span></li></ul><li>Deleting the zpool when done testing</li><ul><li><span style="font-family: courier;">sudo zpool destroy test-pool</span></li></ul></ul></div><p style="text-align: left;"><br /></p><h2 style="text-align: left;">Results of the upgrade and test</h2><p>The good news is that I am seeing a 2-3X speed up on my existing zpool setup with ashift=9 from doing the upgrade. It also appears that native encryption has a minimal impact (as long as your processor has AES-NI). Here are the numbers that I was seeing</p><p></p><ul style="text-align: left;"><li>zfs-fuse 0.7.0:</li><ul><li>ashift=9, no encryption: 35-45 MB/s</li><li>ashift=12, no encryption: 70-72 MB/s</li></ul><li>zfsutils-linux 0.8.3:</li><ul><li>ashift=9, no encryption: 108-117 MB/s</li><li>ashift=9, native encryption: 105-117 MB/s</li><li>ashift=12, no encryption: 134-141 MB/s</li><li>ashift=12, native encryption: 133-139 MB/s</li></ul></ul><div><br /></div><p></p><h2 style="text-align: left;">Appendix</h2><p>Article on setting up native zfs encryption:</p><p></p><ul style="text-align: left;"><li><a href="https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/">https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/</a></li></ul><p></p><p>checking zfs version:</p><p></p><ul style="text-align: left;"><li><a href="https://www.reddit.com/r/zfs/comments/8bxxhu/how_do_i_check_which_version_of_zfs_i_have/">https://www.reddit.com/r/zfs/comments/8bxxhu/how_do_i_check_which_version_of_zfs_i_have/</a></li><li><a href="https://askubuntu.com/questions/423355/how-do-i-check-if-a-package-is-installed-on-my-server">https://askubuntu.com/questions/423355/how-do-i-check-if-a-package-is-installed-on-my-server</a></li></ul><p></p><p>zfs-fuse being super outdated:</p><p></p><ul style="text-align: left;"><li><a href="https://github.com/openzfs/zfs/issues/10329">https://github.com/openzfs/zfs/issues/10329</a></li><li><a href="https://github.com/pscedu/zfs-fuse">https://github.com/pscedu/zfs-fuse</a></li></ul><p></p><p>Importing missing zpool:</p><p></p><ul style="text-align: left;"><li><a href="https://serverfault.com/questions/585228/zfs-import-unable-to-find-any-pools">https://serverfault.com/questions/585228/zfs-import-unable-to-find-any-pools</a></li></ul><div>More about ashift:</div><div><ul style="text-align: left;"><li><a href="https://jro.io/truenas/openzfs/#tuning">https://jro.io/truenas/openzfs/#tuning</a></li><li><a href="https://louwrentius.com/zfs-performance-and-capacity-impact-of-ashift9-on-4k-sector-drives.html">https://louwrentius.com/zfs-performance-and-capacity-impact-of-ashift9-on-4k-sector-drives.html</a></li></ul><div>rsync stats:</div></div><div><ul style="text-align: left;"><li><a href="https://unix.stackexchange.com/questions/65077/is-it-possible-to-see-cp-speed-and-percent-copied">https://unix.stackexchange.com/questions/65077/is-it-possible-to-see-cp-speed-and-percent-copied</a></li></ul></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-68108446548591413132023-12-09T10:54:00.000-05:002023-12-09T10:54:48.072-05:00Updating Crucial MX500 Firmware in Linux<p>On my Crucial MX500, I was noticing a high level of write amplification, which is when you tell it to write 1GB of data, but it actually uses 10GB of writes to the nand flash. To try to fix this, I decided to see if a firmware update would help with this. </p><p><br /></p><h2 style="text-align: left;">Identifying the Problem</h2><div>Substitute <b>/dev/sdX</b> with you drive</div><div><ol style="text-align: left;"><li>Get the smart attributes</li><ul><li><span style="font-family: courier;">sudo smartctl -A /dev/sdX</span></li></ul><li>write down the values for 247 and 248, I will refer to thus as A</li><li>wait a few days and repeat steps 1 and 2, I will refer to this as B</li><li>Now lets calculate</li><ol><li>247C =247B - 247A</li><li>248C = 248B - 248A</li><li>(247C + 248C) / 247C</li></ol><li>I was seeing values ranging from 10-100, when I believe the typical range should be 1-2.5</li></ol><div><br /></div><ul style="text-align: left;"></ul></div><h2 style="text-align: left;">Performing the Update</h2><p><b>Caution</b>: Before doing any of this be sure that you have up to date backups!</p><p>Substitute <b>/dev/sdX</b> with your drive</p><p></p><ul style="text-align: left;"><li>Use smartctl to check what firmware version you currently have installed so you can download the correct version</li><ul><li><span style="font-family: courier;">sudo smartctl -i /dev/sdX</span></li><li>Example line: <span style="font-family: courier;">Firmware Version: M3CR020</span></li></ul><li>Download the correct firmware for your device:</li><ul><li><a href="https://www.crucial.com/support/ssd-support/mx500-support">https://www.crucial.com/support/ssd-support/mx500-support</a></li></ul><li>Mount the iso</li><ul><li><span style="font-family: courier;">sudo mkdir /mnt/iso</span></li><li><span style="font-family: courier;">sudo mount -o loop,ro MX500_M3CR023_update.iso /mnt/iso</span></li></ul><li>Create a directory to extract the files to</li><ul><li><span style="font-family: courier;">mkdir mx500</span></li><li><span style="font-family: courier;">cd mx500</span></li></ul><li>Do the extraction</li><ul><li><span style="font-family: courier;">gzip -dc /mnt/iso/boot/corepure64.gz | cpio -idm</span></li></ul><li>List the drives</li><ul><li><span style="font-family: courier;">sudo ./sbin/msecli -L</span></li></ul><li>Perform the Update</li><ul><li><span style="font-family: courier;">sudo ./sbin/msecli -U -v -i ./opt/firmware/ -n /dev/sdX</span></li></ul></ul><div><span style="font-family: courier;"><br /></span></div><p></p><h2 style="text-align: left;">Conclusion</h2><p>It seemed to help but has not completely resolved the problem</p><p><br /></p><h2 style="text-align: left;">Appendix</h2><p>Sources:</p><p></p><ul style="text-align: left;"><li><a href="https://medium.com/@vdboor/upgrading-crucial-firmware-on-linux-76056254539">https://medium.com/@vdboor/upgrading-crucial-firmware-on-linux-76056254539</a></li></ul><div>Others experiencing a similar write amplification issue:</div><ul style="text-align: left;"><li><a href="https://www.reddit.com/r/buildapc/comments/efyo32/write_amplification_problem_with_mx500_500_gb/">https://www.reddit.com/r/buildapc/comments/efyo32/write_amplification_problem_with_mx500_500_gb/</a></li><li><a href="https://www.techpowerup.com/forums/threads/mx500-rapid-erase-cycles-seems-to-be-poor-wear-levelling.287023/page-4">https://www.techpowerup.com/forums/threads/mx500-rapid-erase-cycles-seems-to-be-poor-wear-levelling.287023/page-4</a></li></ul><div>Guide for calculating Write Amplification:</div><div><ul style="text-align: left;"><li>(PDF) <a href="https://www.micron.com/-/media/client/global/documents/products/technical-note/solid-state-storage/tnfd22_client_ssd_smart_attributes.pdf">https://www.micron.com/-/media/client/global/documents/products/technical-note/solid-state-storage/tnfd22_client_ssd_smart_attributes.pdf</a></li></ul></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-73331782452456218972023-12-08T14:19:00.003-05:002024-01-04T21:10:51.537-05:00Migrating from Unifi USG-3P to UDM Pro<h2 style="text-align: left;">Decision</h2><p>As my USG-3P was getting on in age and no longer getting updates, I have been shopping around for a replacement. Below were the main competitors for me.</p><p>UXG-Lite:</p><p></p><ul style="text-align: left;"><li>Price: $129 (plus tax and shipping)</li><li>WiFi: None</li><li>Unifi controller: No</li><li>CPU: Two A53 cores at 1 GHz</li><li>Memory: 1 GB of DDR3L</li><li>Storage: N/A </li><li>IPS/IDS max throughput: claimed 1Gbps (subject to third party verification)</li><li>Unifi Protect: No support</li></ul><div>UDR:</div><div><ul style="text-align: left;"><li>Price: $199 (plus tax and shipping)</li><li>WiFi: 6 (however, this was to be deployed in my basement so not much help)</li><li>Unifi controller: Yes</li><li>CPU: Two A53 cores at 1.35 GHz</li><li>Memory: 2 GB of ?DDR3L?</li><li>Storage: 128 GB SSD</li><li>IPS/IDS max throughput: ~700Mbps</li><li>Unifi Protect: would need a SD card</li></ul><div>UDM Pro:</div></div><div><ul style="text-align: left;"><li>Price: $379 --Black Friday $279-- (plus tax and shipping)</li><li>WiFi: No</li><li>Unifi controller: Yes</li><li>CPU: Four A57 cores at 1.7 GHz</li><li>Memory: 4 GB of DDR4</li><li>Storage: 16 GB eMMC</li><li>IPS/IDS max throughput: ~3.5Gbps</li><li>Unifi Protect: Hard drive slot</li><li>Bonus: LAN + WAN SFP+ ports for 10Gbps networking</li></ul><div><br /></div></div><div>To me the extra money was worth it to get the UDM Pro for the Black Friday price of $279, but I would probably not for $379. It just seems like a much more capable product that provides the option to expand later (>1Gbps networking, Unifi Protect).</div><div><br /></div><h2 style="text-align: left;">Initial Impressions</h2><div><div>Positives:</div><ul style="text-align: left;"><li>Shipping box contained lots of air pillows</li><li>High quality foam protecting the device in device packaging</li><li>Build quality is superb</li><li>Slide out foam screw holder was a nice organizational touch</li></ul><div>Negatives:</div><ul style="text-align: left;"><li>Single use plastics used to wrap:</li><ul><li>UDM Pro itself</li><li>Rack mount ears</li><li>Instructions, really????</li></ul></ul></div><h2 style="text-align: left;">Installation</h2><div>Background:</div><div><ul style="text-align: left;"><li>This guide was written using Unifi Network 8.0.7</li><li>USG-3P network address is 192.168.1.1</li><li>Unifi controller is hosted at https://192.168.1.2:8443</li></ul></div><div>Requires:</div><div><ul><li>Internet connection</li><li>Laptop with an ethernet port or a PC that can be hardwired</li><li>2x ethernet cords (Only 1 is needed if you have an already hardwired PC)</li></ul></div><div>Here are the steps that I used:</div><div><ol style="text-align: left;"><li>Create a backup from your current Unifi controller on a laptop</li><ol><li>Navigate to https://192.168.1.2:8443</li><li>Settings -> System -> Backups</li><li>Click on `Download`</li><li>Select number of days (I chose 7)</li><li>Click `Download`</li></ol><li>Connect a <b>LAN</b> port on your current network to the <b>WAN</b> port on UDM Pro</li><ul><li>This is to provide it with internet access</li></ul><li>Power on the UDM Pro</li><li>Allow it to update (this took several minutes)</li><li>Connect a laptop to the <b>LAN</b> port on the UDM Pro</li><ul><li>May be helpful to disable WiFi on laptop</li></ul><li>Setup Wizard on UDM Pro</li><ol><li>Navigate to https://unifi/ (for me https://192.168.0.1 also would have worked)</li><li>Login with your Unifi account</li><li>Do <b>NOT</b> restore from Backup, skip this step</li><li>Finish the setup Wizard</li></ol><li>Update the Network Application</li><ul><li>You want it to be >= Unifi controller Network version</li></ul><li>Restore the backup</li><ol><li>Network -> Settings -> System -> Backups</li><li>Click on `Restore`</li><li>Select the backup you created above</li><li>Click on `Restore`</li><li>UDM Pro will restart</li></ol><li>UDM Pro web UI will become unresponsive</li><ul><li>At this point I used the touch screen to reboot the UDM Pro</li><li>However, this could be unnecessary and may possibly be resolved by forcing the laptop to get a new DHCP address</li></ul><li>Ensure your restore happened correctly</li><ol><li>Navigate to https://192.168.1.1</li><li>Check that the network settings are correct and that your access points are there (but they won't be connected)</li></ol><li>Swap out the USG-3P for the UDM Pro</li><li>Migrate the Access Points from Unifi controller to UDM Pro</li><ol><li>Navigate to https://192.168.1.2:8443</li><li>Settings -> General</li><li>Click on `Export Site` on the bottom</li><li>You can save the export file, but we won't be using it</li><li>Click continue on the `Export Site` dialog</li><li>Click continue on the `Migrate Site` dialog (no action needed)</li><li>Type in the IP address of the UDM Pro (192.168.1.1)</li><li>Select the Access Points to migrate</li><li>Click `Migrate Devices`</li><li>Check in another tab/window that they migrated to the UDM Pro</li><li>Click on `Remove Devices`</li></ol><li>Done!</li></ol><div>All in all, it took me about 1.5 hours, but this included unboxing, attaching the rack mount ears, mounting in the rack, and some research. The good news is that the network downtime was less than 5 minutes!</div></div><div><br /></div><div><br /></div><h2 style="text-align: left;">Overall Impressions</h2><div>Positives:</div><div><ul style="text-align: left;"><li>The migration went smoothly, once I pieced together what needed done</li><li>Network performance is great</li><li>IPS has already started blocking network scans</li></ul></div><div>Negatives:</div><div><ul style="text-align: left;"><li>Will not fit in a 12" rack that is flush mounted</li><ul><li>AC plug is very far to one side and almost didn't have enough clearance for the 2x4 supporting my network rack, wish it was more centered</li><li>Possibly could be resolved by a 90 degree power connector</li></ul><li>There doesn't seem to be a way to manage the screen</li><ul><li>It will go into a screensaver mode during the day and turn off at night</li><li>However, I cannot find settings to change the times for this behavior</li><li>Update 2024-01-04:</li><ul><li>To change this you have to set the local account as "Super Admin" on https://unifi.ui.com -> UDM Pro -> OS Settings (At the top looks like a UDM Pro with a gear icon on the bottom right) -> Admins & Users</li><li>Then you can update it https://192.168.1.1/console-settings</li><li>I set night mode to start at 10:01 PM and end at 10:00 PM thus keeping the screen off for most of the day</li></ul></ul></ul>Other thoughts:</div><div><ul style="text-align: left;"><li>Lack of detailed official documentation on migration process</li><li>Topology is wrong because I have a non-Unifi switch and there isn't a way to manually fix</li></ul></div><div><br /></div><div>Research that I found:</div><div><ul style="text-align: left;"><li><a href="https://www.reddit.com/r/UNIFI/comments/yfyrib/good_current_guide_to_migrate_to_a_new_controller/">https://www.reddit.com/r/UNIFI/comments/yfyrib/good_current_guide_to_migrate_to_a_new_controller/</a></li><li><a href="https://fydelia.zendesk.com/hc/en-us/articles/360011466220-Migrating-UniFi-APs-to-another-controller">https://fydelia.zendesk.com/hc/en-us/articles/360011466220-Migrating-UniFi-APs-to-another-controller</a></li><li><a href="https://help.ui.com/hc/en-us/articles/360008976393-UniFi-How-to-Migrate-from-Cloud-Key-to-Cloud-Key-or-UDM">https://help.ui.com/hc/en-us/articles/360008976393-UniFi-How-to-Migrate-from-Cloud-Key-to-Cloud-Key-or-UDM</a></li><li><a href="https://reimling.eu/2022/01/migrate-ubiquiti-unifi-security-gateway-usg-to-unifi-dream-machine-pro-udm-pro/">https://reimling.eu/2022/01/migrate-ubiquiti-unifi-security-gateway-usg-to-unifi-dream-machine-pro-udm-pro/</a></li><li><a href="https://community.ui.com/questions/Unable-to-uninstall-install-applications-on-UDM-Pro/54f23f0e-9500-44fc-8516-c130986ff24a">https://community.ui.com/questions/Unable-to-uninstall-install-applications-on-UDM-Pro/54f23f0e-9500-44fc-8516-c130986ff24a</a></li></ul></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-35412028189533498112023-10-05T18:59:00.000-04:002023-10-05T18:59:19.401-04:00Upgrade PS4 Slim HDD to SSD<div>As I had finally filled my PS4's ~500 GB hard drive, it was time for an upgrade. I decided to go with a SSD in the hope that load times would improve for some of my games.</div><div><br /></div><h2 style="text-align: left;">Before you start</h2>Required parts and tools to upgrade a hard drive in a PS4 slim:<div><ul style="text-align: left;"><li>New SSD/HDD</li><ul><li>I used a 2TB Crucial MX500 2.5" SSD that I picked up for around $100</li></ul><li>USB hard drive big enough to backup all your applications and save files</li><ul><li>Should be FAT or exFAT formatted</li><li>I used a 1 TB 5400 RPM hard drive</li></ul><li>USB Flash drive at least 1 GB of size for the PS4 firmware</li><li>Screwdriver</li><li>Micro USB cable and PS4 controller (must be wired for installing system software)</li><li>Your PSN sign in information</li></ul><div><br /></div><h2 style="text-align: left;">Prep work</h2><div>First, I had to format the 1 TB USB hard drive. I formatted it in Linux by following these steps:</div><ul style="text-align: left;"><li><span style="font-family: courier;">/dev/sdd</span> for me</li><li>remove all existing partitions using parted</li><li>add a single partition</li><ul><li><span style="font-family: courier;">sudo parted -a optimal /dev/sdd mkpart primary 0% 100%</span></li></ul><li>format it to exFAT</li><ul><li><span style="font-family: courier;">sudo mkfs.exfat /dev/sdd1</span></li></ul><li>Safely remove hardware:</li><ul><li><span style="font-family: courier;">sudo eject /dev/sdd</span></li><li><span style="font-family: courier;">sudo udisksctl power-off -b /dev/sdd</span></li></ul></ul><div><br /></div><div>Second, I prepared the USB flash drive with firmware using these steps:</div><div><ul style="text-align: left;"><li>Download the PS4 console reinstallation file</li><ul><li>https://www.playstation.com/en-us/support/hardware/ps4/system-software/</li></ul><li>Create a PS4 folder on the top level</li><li>Create a UPDATE folder in the PS4 folder</li><li>Place the PS4UPDATE.PUP file in the PS4/UPDATE/ path</li></ul></div><div><br /></div><h2 style="text-align: left;">Backing up your data</h2>Then have the PS4 create a backup:</div><div><ul style="text-align: left;"><li>Note: took roughly 1.5 hours for me</li><li>Sync all trophies with Playstation Network</li><li>Plug the USB hard drive into the PS4</li><li>Settings -> System -> Backup and Restore</li><li>Select Backup</li><li>Set the filename</li><li>Start the backup</li><li>Note: PS4 will restart and then begin the backup</li></ul><div><br /></div><div>Once the backup is complete, turn off the PS4 and unplug the USB hard drive.</div><div><br /></div><h2 style="text-align: left;">Physical Replacement</h2><div><br /></div><div>To replace the hard drive I followed these steps:</div><div><ul style="text-align: left;"><li>Note: all pictures have bottom facing up</li><li>Slide the cover off<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkQk7yxdF25paH8pFtwJoYG7D2xrmJ4svWHLVFTBw5-bIvdvRyRYGZ4YPG9DynMxdY5TZ8YHMixKawP75ISL-lu80YQ5ebX6wU6EQx_FdYqtxzZQxsbpCinzchB4B9KGAUwzH0FVu_8kQr0yKzEMq4YYdRFagx_DP8sY6vSfcOE1Zgn74hL_yHm1y-3fs/s4032/PXL_20230924_113828907.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3024" data-original-width="4032" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkQk7yxdF25paH8pFtwJoYG7D2xrmJ4svWHLVFTBw5-bIvdvRyRYGZ4YPG9DynMxdY5TZ8YHMixKawP75ISL-lu80YQ5ebX6wU6EQx_FdYqtxzZQxsbpCinzchB4B9KGAUwzH0FVu_8kQr0yKzEMq4YYdRFagx_DP8sY6vSfcOE1Zgn74hL_yHm1y-3fs/s320/PXL_20230924_113828907.jpg" width="320" /></a></div></li><li>Remove the single screw holding drive sled in place<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7j4vyBwXs2n9wT2-fSGBVickdtkAu3jbC2CrWehyphenhyphenM_ZllksTWwyyHvhGBU44UYq7MivV832YPVqA0fx72ccCD9HqGz2pb7mp_41sTVRmvQa2_tFXZKVJRI1ZiW_XBOrhY54qkX0IMheQfFqtmgVO2XoDSaR8WKmKSkJzrzWV7NbRch1syPL3cIG8_0WM/s4032/PXL_20230924_113843585.jpg" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="3024" data-original-width="4032" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7j4vyBwXs2n9wT2-fSGBVickdtkAu3jbC2CrWehyphenhyphenM_ZllksTWwyyHvhGBU44UYq7MivV832YPVqA0fx72ccCD9HqGz2pb7mp_41sTVRmvQa2_tFXZKVJRI1ZiW_XBOrhY54qkX0IMheQfFqtmgVO2XoDSaR8WKmKSkJzrzWV7NbRch1syPL3cIG8_0WM/s320/PXL_20230924_113843585.jpg" width="320" /></a></div></li><li>Pull on ribbon to remove the drive sled<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDASrNiOXgc_C1KkyWN2aMTpY0dPESSHYBv-VuF9U1k0BYzG992CErckQn7Pprnm4jvDqx6kuCWpsCAgYrjzKvmDQdZX6sJ-iAxdXdqEtHuFQw984yvr5khNiIGGzBr7NkC7DO9PP0LHebCVTDemUEA49RByGoEWU9hUm9P6trlCiJ0x8HnOrlHFZEqzE/s4032/PXL_20230924_113916431.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="4032" data-original-width="3024" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDASrNiOXgc_C1KkyWN2aMTpY0dPESSHYBv-VuF9U1k0BYzG992CErckQn7Pprnm4jvDqx6kuCWpsCAgYrjzKvmDQdZX6sJ-iAxdXdqEtHuFQw984yvr5khNiIGGzBr7NkC7DO9PP0LHebCVTDemUEA49RByGoEWU9hUm9P6trlCiJ0x8HnOrlHFZEqzE/s320/PXL_20230924_113916431.jpg" width="240" /></a></div></li><li>Remove 4 screws holding the HDD in the sled</li><li>Fasten SSD in place with the 4 screws</li><li>Slide drive sled back into place</li><li>Secure drive sled with the single screw</li><li>Slide the cover back on</li></ul><div><br /></div><h2 style="text-align: left;">Software installation and restore</h2><div>Install the system software:</div><div><ul style="text-align: left;"><li>Plug the USB flash drive into the PS4</li><li>Turn the PS4 on in safe mode by holding the power button until you hear a second set of beeps</li><li>Plug in the controller using the USB cable</li><li>Initialize PS4 (Reinstall System Software)</li></ul></div><div><br /></div><div>Then have the PS4 restore the backup:</div><div><ul style="text-align: left;"><li>Note: took roughly 1.5 hours for me</li><li>Plug the USB hard drive into the PS4</li><li>Turn on the PS4</li><li>Settings -> System -> Backup and Restore</li><li>Select Restore PS4</li><li>Pick the backup file</li><li>Confirm</li><li>Note: PS4 will restart and then begin restoring the backup</li></ul><div><br /></div></div><div>After completing, restart the PS4 and remove the USB hard drive.</div><div><br /></div><div>You will need to sign into the Playstation Network again as the process will have logged you out.</div></div><div><br /></div><h2 style="text-align: left;">Appendix</h2>PS4 HDD upgrade sources:</div><div><ul style="text-align: left;"><li><a href="https://www.playstation.com/en-us/support/hardware/ps4-upgrade-hdd/">https://www.playstation.com/en-us/support/hardware/ps4-upgrade-hdd/</a></li><li><a href="https://www.playstation.com/en-us/support/hardware/ps4/system-software/">https://www.playstation.com/en-us/support/hardware/ps4/system-software/</a></li><li><a href="https://www.playstation.com/en-us/support/hardware/ps4-back-up-and-restore-with-external-storage/">https://www.playstation.com/en-us/support/hardware/ps4-back-up-and-restore-with-external-storage/</a></li></ul><div><br /></div><div>Formatting hard drive sources:</div><ul style="text-align: left;"><li><a href="https://unix.stackexchange.com/questions/38164/create-partition-aligned-using-parted">https://unix.stackexchange.com/questions/38164/create-partition-aligned-using-parted</a></li><li><a href="https://unix.stackexchange.com/questions/551030/why-does-parted-need-a-filesystem-type-when-creating-a-partition-and-how-does-i">https://unix.stackexchange.com/questions/551030/why-does-parted-need-a-filesystem-type-when-creating-a-partition-and-how-does-i</a></li><li><a href="https://unix.stackexchange.com/questions/35508/eject-usb-drives-eject-command">https://unix.stackexchange.com/questions/35508/eject-usb-drives-eject-command</a></li></ul><br /></div><div><br /></div><div><br /></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-78144597057347318322023-04-07T18:49:00.000-04:002023-04-07T18:49:15.628-04:00Hiding mount icons for ZFS disk<p> </p><p>As I was tired of seeing mount icons for my zfs drives on my desktop, it was time to add some more udev rules. This time i chose to set the rule by ID_SERIAL instead of KERNEL to be more confident about which drive will be ignored in case of moving them around on SATA headers.</p><p>Determine the ID_SERIAL for each of the drives:</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">udevadm info /dev/sdb | grep ID_SERIAL=</span></li><li><span style="font-family: courier;">udevadm info /dev/sdc | grep ID_SERIAL=</span></li></ul><p></p><p>Add to /etc/udev/99-hide-disks.rules (a single line for each rule):</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">ENV{ID_SERIAL}=="WDC_WD60EFZX-68B3FN0_WD-XXXXXXYK", ENV{UDISKS_IGNORE}="1"</span></li><li><span style="font-family: courier;">ENV{ID_SERIAL}=="WDC_WD60EFZX-68B3FN0_WD-XXXXXX7K", ENV{UDISKS_IGNORE}="1"</span></li></ul><p></p><div>Then have udev read from the files:</div><div><ul style="text-align: left;"><li><span style="font-family: courier;">sudo udevadm control --reload</span></li></ul></div><p><br /></p><p>Sources:</p><p></p><ul style="text-align: left;"><li><a href="https://askubuntu.com/questions/822308/how-do-i-hide-the-desktop-icon-for-my-encrypted-swap-partition">https://askubuntu.com/questions/822308/how-do-i-hide-the-desktop-icon-for-my-encrypted-swap-partition</a></li><li><a href="https://superuser.com/questions/611101/udev-rules-ignore-device">https://superuser.com/questions/611101/udev-rules-ignore-device</a></li></ul><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-72220768241319227352023-01-16T12:22:00.002-05:002023-01-16T12:22:27.985-05:00First AMD build - Ryzen 7700X<p> As my Intel Q6600 overclocked from 2.4GHz to 2.93 GHz was showing its age, it was time to replace this ~13 year old system that had been through many graphic card upgrades. It has also lasted thru 3 fan failures/replacements (cpu fan, back fan, and side panel fan) and the 200mm fan at the top of the Antec 900 was causing weird noises so I had it unplugged.</p><p> I have been looking at replacing it for some time (since Intel 9th gen), but had never pulled the trigger.</p><p> I purchased the Be Quiet 500FX case during their anniversary sale, as it met most of my criteria:</p><p></p><ul style="text-align: left;"><li>Good quality interior fans with at least 2 for intake and 1 for exhaust</li><li>USB C on the front panel</li><li>Glass side panel</li><li>Bottom mounted PSU with shroud for hiding/managing cables</li><li>Affordable price ($119.99, cheaper than the 500DX at the time)</li><li>The included RGB fans were a bonus</li><li>The one miss was no 5.25" bays for an optical drive, but I can use an external one</li></ul><div> Microcenter was running 4 promotions that were tempting:</div><div><ul style="text-align: left;"><li>Intel 11700K + Asus Z590-Plus TUF WiFi for $299.99 (recently dropped to $249.99)</li><li>Intel 12700K + Asus Z690-Plus TUF WiFi DDR4 for $349.99</li><li>Ryzen 5600 + Gigabyte X570S AORUS Pro for $329.98</li><li>Ryzen 5700X + Gigabyte X570S AORUS Pro for $399.98</li><li>Ryzen 7700X + Asus X670E-Plus TUF WiFi + 32GB G.Skill DDR5 6000 CL36 for $679.99</li></ul><div> The first 3 options would also require a G.Skill 32GB 3600 CL18 memory kit for $95.</div></div><div> The biggest draw for the last option is the promised support for new processors through at least 2025. As I am planning to use this platform for the next 10 years or so, a simple drop in processor upgrade is a major selling point. Also the PCIe 5.0 graphics and NVMe slots, allow for upgrades for the future.</div><div> The 11700K would be the highest power draw and also would not have PCIe 5.0. The 12700K has the high socket pressure that bends CPUs, so I would have to do the washer mod or replace the ILM as I think the bending would cause low reliability for the long term. The Ryzen 5600 would be only 6 cores and is the lowest performer. The Ryzen 5700X is getting really close to the Ryzen 7700X price once you factor in the memory price.</div><div><br /></div><div>Other Items that I picked up to complete the build:</div><div><ul style="text-align: left;"><li>Scythe Fuma 2 Rev. B - $65.99 @ Microcenter</li><ul><li>Dual tower with 2 fans</li><li>8 heat pipes</li></ul><li>Western Digital SN750 SE 1TB - $99.99 @ Microcenter ($79.99 after bundle discount)</li><ul><li>TLC flash</li><li>DDR4 cache</li></ul><li>Corsair HX750 Platinum - $109.99 @ Newegg</li><li>Asus BW-16D1X-U - $124.99 @ Microcenter</li><ul><li>No Bluray playing software, but I will use VLC</li></ul><li>MSI Radeon RX 480 4GB transfered over from my existing build</li></ul><div>Build notes:</div></div><div><ul style="text-align: left;"><li>The power supply cables could use an extra inch or two to make building easier (or perhaps cable extensions)</li><li>The 24 pin motherboard power cable was too stiff to route like normal through the cable bar and had to go diagonally through the top</li><ul><li>cable extensions could solve this "problem"</li></ul><li>I had to move one of the fans to fan header 1 on the Be Quiet fan controller to get the motherboard to detect the PWM control</li><li>I had to remove the back fan to be able to not scrape the motherboard on the standoffs while installing it</li><li>I should have plugged in the 2x 8 pin EPS cables before mounting the motherboard</li></ul></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-41975622283612140662022-12-09T11:30:00.001-05:002022-12-09T11:30:26.097-05:00FAHControl on Chromebook<div>As I wanted to be able to control my folding from my Chromebook, but the official FAH Control still has a Python2 dependency, I had to use a workaround to get it to work.</div><ol style="text-align: left;"><li>Download:</li><ul><li>The deb file from: <a href="https://github.com/cdberkstresser/fah-control/releases">https://github.com/cdberkstresser/fah-control/releases</a></li><ul><li>found it in this thread: <a href="https://foldingforum.org/viewtopic.php?t=34757&sid=e7eec792658e20ad2da3a89e905685c6&start=15">https://foldingforum.org/viewtopic.php?t=34757&sid=e7eec792658e20ad2da3a89e905685c6&start=15</a></li></ul></ul><li>Install some requirements:</li><ul><li>In a linux terminal run:</li><li><span style="font-family: courier;">sudo apt install python3-gi gir1.2-gtk-3.0</span></li></ul><li>Right click the deb file and select install with Linux</li></ol><div>Now I wanted to add an icon to the launcher for being able to quickly launch it</div><ol style="text-align: left;"><li>Get a suitable icon. Here is what I chose</li><ul><li><a href="https://icons.iconarchive.com/icons/papirus-team/papirus-apps/512/FAHControl-icon.png">https://icons.iconarchive.com/icons/papirus-team/papirus-apps/512/FAHControl-icon.png</a></li></ul><li>Move the icon file into the "Linux files" directory</li><li>Create the applications directory:</li><ul><li><span style="font-family: courier;">mkdir -p .local/share/applications</span></li></ul><li>Create the shortcut</li><ul><li><span style="font-family: courier;">touch .local/share/applications/FAHControl.desktop</span></li></ul><li>Put the following in it</li></ol><p></p><p></p><blockquote><p><span style="font-family: courier;">[Desktop Entry]</span></p><p><span style="font-family: courier;">Name=FAHControl</span></p><p><span style="font-family: courier;">Comment=Folding at Home Control interface</span></p><p><span style="font-family: courier;">GenericName=FAH</span></p><p><span style="font-family: courier;">X-GNOME-FullName=Folding at Home Conrol</span></p><p><span style="font-family: courier;">Exec=/usr/bin/FAHControl</span></p><p><span style="font-family: courier;">Terminal=false</span></p><p><span style="font-family: courier;">Type=Application</span></p><p><span style="font-family: courier;">Icon=/home/XXX/FAHControl-icon.png</span></p><p><span style="font-family: courier;">Categories=Settings</span></p><div></div></blockquote><div><br /></div><div>Sources:</div><div><ul style="text-align: left;"><li><a href="https://support.google.com/pixelbook/thread/708306/how-do-i-add-linux-apps-to-the-home-screen?hl=en">https://support.google.com/pixelbook/thread/708306/how-do-i-add-linux-apps-to-the-home-screen?hl=en</a></li></ul></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-73755666552010934992022-12-09T10:32:00.000-05:002022-12-09T10:32:08.913-05:00Ventoy: Ultimate Boot USB<p></p><div>I learned about <a href="https://github.com/ventoy/Ventoy/blob/master/README.md">Ventoy</a> from <a href="https://www.youtube.com/@ThioJoe/featured">ThioJoe</a> on Youtube in this <a href="https://www.youtube.com/watch?v=CuonyS3xdwg">video</a>. It is a bootable USB image that allows you to place ISOs on the drive and then choose which one to boot. This allows one USB drive to act as a master install/rescue/debug drive.</div><div><br /></div><h3 style="text-align: left;">Linux Instructions:</h3><ol style="text-align: left;"><li>Download from github: <a href="https://github.com/ventoy/Ventoy/releases">https://github.com/ventoy/Ventoy/releases</a></li><li>Extract</li><ul><li><span style="font-family: courier;">tar xvzf ventoy-*-linux.tar.gz</span></li></ul><li> run Web UI</li><ul><li><span style="font-family: courier;">cd ventory-*/</span></li><li><span style="font-family: courier;">sudo ./VentoyWeb.sh</span></li></ul><li>Use browser to go to http://127.0.0.1:<port></li><ul><li>Format the USB drive</li><li><b>WARNING</b>: This will delete all data/files off the USB drive</li></ul><li>Refresh local drives</li><ul><li><span style="font-family: courier;">sudo partprobe</span></li></ul><li>Open the USB folder and copy in ISOs</li></ol><div><br /></div><h3 style="text-align: left;">What I put on the USB drive:</h3><div><ul style="text-align: left;"><li>Windows 11 install ISO: <a href="https://www.microsoft.com/software-download/windows11">https://www.microsoft.com/software-download/windows11</a></li><li>Memtest86: <a href="https://www.memtest86.com/tech_booting-cd-dvd.html">https://www.memtest86.com/tech_booting-cd-dvd.html</a></li><li>Linux install ISOs (also work as LiveCDs): Choose your favorite distro or have as many as will fit on your USB stick</li></ul></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-22048955118959180292022-09-02T22:36:00.001-04:002022-11-09T14:09:49.087-05:00Saving data off a scratched DVD<p>I had a DVD with files on it that I needed. Unfortunately, it was giving me errors when trying to pull them off. Here is what I did to try to recover as much data as possible.</p><ul style="text-align: left;"><li>Install ddrescue and a gui for visualizing its progress</li><ul><li><span style="font-family: courier;">sudo apt-get install gddrescue ddrescueview</span></li></ul><li>Run a first pass with no retries to get as much info as possible</li><ul><li><span style="font-family: courier;">ddrescue -dn -b2048 /dev/sr0 disk.img disk.mapfile</span></li></ul><li>Retry failed blocks</li><ul><li><span style="font-family: courier;">ddrescue -d -r5 -b2048 /dev/sr0 disk.img disk.mapfile</span></li></ul><li>Description of the options:</li><ul><li><span style="font-family: courier;">/dev/sr0</span>: the dvd drive</li><li><span style="font-family: courier;">disk.img</span>: the file to create</li><li><span style="font-family: courier;">disk.mapfile</span>: the mapfile that keeps track of the status of the recovery</li><li><span style="font-family: courier;">-d</span>: Use direct disc access for input (aka, no caching)</li><li><span style="font-family: courier;">-n</span>: Skip the scraping phase</li><li><span style="font-family: courier;">-b2048</span>: block size of 2048, use for cdroms and dvd</li><ul><li>defaults to 512</li></ul><li><span style="font-family: courier;">-r5</span>: retry 5 passes</li><ul><li><span style="font-family: courier;">-1</span> for infinite passes</li></ul></ul></ul><p>Sources:</p><ul style="text-align: left;"><li><a href="https://www.gnu.org/software/ddrescue/manual/ddrescue_manual.html#Optical-media">https://www.gnu.org/software/ddrescue/manual/ddrescue_manual.html#Optical-media</a><br /></li></ul><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-15520579280090671392022-06-28T20:42:00.000-04:002022-06-28T20:42:01.408-04:00New 27" 1440p monitor VX2758-2KP-MHD<p> With the falling prices of monitors and the aging small 20" 1680x1050 LCD that I was using I decided it was time for an upgrade.</p><p><br /></p><h2 style="text-align: left;">The Search </h2><p>The types and models I was looking at were</p><ul style="text-align: left;"><li>24" 1080p 144Hz (6bit + 2 dithering)<br /></li><ul><li>AOC 24G2 ~179.99</li><li>Viewsonic XG2405 ~179.99</li></ul><li>24" 1200p 75Hz</li><ul><li> Asus Proart PA248QV ~199.99<br /></li></ul><li>27" 1440p 144Hz (8bit + 2 dithering)</li><ul><li>Viewsonic VX2758-2KP-MHD ~219.99</li><li>LG 27GL850-B ~346.99</li></ul></ul><p> The prices that I listed above are the lowest that I have seen. I went with the Viewsonic VX2758-2KP-MHD due to the increased resolution and screen real estate over a 24" for the relatively small sum of $40 especially since the prices on the 24" monitors were generally higher at the time.</p><p><br /></p><h2 style="text-align: left;">Review</h2><div><div>Pros</div><div><ul><li>Monitor assembled easy</li><li>No dead pixels</li><li>Good color reproduction</li><li>Freesync support with up to 144Hz<br /></li></ul><div>Cons</div></div><div><ul style="text-align: left;"><li>OSD does not work without input</li><ul><li>doesn't allow you to change inputs</li><li>is somewhat remedied by it auto selecting the active input</li></ul><li>OSD uses the older style non-joystick style button inputs</li><li>Monitor occasionally does not register displayport input and requires a power cord unplug to fix</li><li>Driver install does not work properly (see below)</li></ul>Known downsides before purchase and other thoughts<br /></div><div><ul style="text-align: left;"><li>No height adjustment, but I did not need this particular feature and is not expected at this price point</li><li>1ms MPRT/3ms GTG pixel response is a bit of an exaggeration and would only happen at highest overdrive setting which comes with lots of inverse ghosting between 60-120Hz: <a href="https://www.youtube.com/watch?v=ukKev6cPZhY">https://www.youtube.com/watch?v=ukKev6cPZhY</a><br /></li><li>Buttons are on the right side, so not optimal for dual side by side monitors as one monitor will always have its buttons blocked<br /></li></ul> <div><br /></div></div></div><h2 style="text-align: left;">Monitor Driver install</h2><ul style="text-align: left;"><li><a href="https://www.viewsonic.com/us/productresources">https://www.viewsonic.com/us/productresources </a><br /></li><li><a href="https://www.viewsonic.com/us/vx2758-2kp-mhd.html#downloads">https://www.viewsonic.com/us/vx2758-2kp-mhd.html#downloads</a></li><li>Unfortunately, the installer will say it didn't find a suitable version, but do <b>NOT</b> hit "ok". Instead go to device manager and have it search the location that the installer decompressed the files to. After that installs the driver, you can then go back and hit "ok" on the installer.</li></ul><div><br /></div><div><br /></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-58501652378712462552022-04-11T21:24:00.000-04:002022-04-11T21:24:16.340-04:00Ubiquiti network setup<p>I wanted to follow the common security guidance of having 3 wireless networks/VLANs: Normal, IOT, and Guest</p><p></p><ul style="text-align: left;"><li>Normal would contain the TV, printer, computers, and google devices for casting to TV</li><li>IOT would contain the smart outlets, garage door sensor, and other smart devices</li><li>Guest would be just for visitors</li></ul><p></p><p>Ubiquiti has a nice easy default for isolating a guest network, so I just used that.</p><p>However, I needed to add a rule to prevent the IOT and Normal networks from comunicating, because applying a similar isolation policy to the IOT network prevented the Belkin smart switches from communicating.</p><p><br /></p><h2 style="text-align: left;">Add the networks</h2><p>Settings -> Networks -> Add New Network</p><p></p><ul style="text-align: left;"><li>IOT</li><ul><li>Network Name: IOT</li><li>Advanced</li><ul><li>VLAN ID: 2</li></ul></ul><li>Guest</li><ul><li>Network Name: Guest</li><li>Advanced</li><ul><li>VLAN ID: 3</li><li>Device Isolation: True</li></ul></ul></ul><div style="text-align: left;"><br /></div><h2 style="text-align: left;">Add the wireless network</h2><div>Settings -> WiFi-> Add New WiFi Network</div><div><ul style="text-align: left;"><li>Add a 2.4 GHz and a 5 GHz wireless network for each of the new networks</li></ul><br /></div><p></p><h2 style="text-align: left;">Add the firewall rule</h2><p>I followed this guide, but the screens have changed in newer version: <a href="https://help.ui.com/hc/en-us/articles/115010254227-UniFi-USG-Firewall-How-to-Disable-InterVLAN-Routing">https://help.ui.com/hc/en-us/articles/115010254227-UniFi-USG-Firewall-How-to-Disable-InterVLAN-Routing</a></p><p>Settings -> Traffic & Security -> Global Threat Management -> Firewall -> Create New Rule</p><p></p><ul style="text-align: left;"><li>Type: LAN In</li><li>Description: Isolate IOT from LAN</li><li>Enabled: True</li><li>Rule Applied: Before Predefined Rules</li><li>Action: Drop</li><li>IPv4 Protocol: All</li><li>Source</li><ul><li>Source Type: Network</li><li>Network: IOT</li><li>Network Type: IPv4 Subnet</li></ul><li>Destination</li><ul><li>Destination Type: Network</li><li>Network: LAN</li><li>Network Type: IPv4 Subnet</li></ul></ul><p></p><p><br /></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-61901432249596726422022-03-12T21:32:00.006-05:002022-03-12T21:33:59.174-05:00Cleaning up old vmlinuz and initrd files in /boot<p> I noticed that updates were taking a long time on the kernel step. So I expanded what it was doing and it was attempting to build really old versions (3.13)</p><h2 style="text-align: left;">Purge from apt-get</h2><div><ul style="text-align: left;"><li>Figure out which package to remove</li><ul><li><span style="font-family: courier;">dpkg -S /boot/vmlinuz-3.13.0-36-generic</span></li></ul><li>Remove the package</li><ul><li><span style="font-family: courier;">sudo apt-get purge linux-image-3.13.0-36-generic</span></li></ul><li>If you have many to remove, you can use bash expansion like so:</li><ul><li><span style="font-family: courier;">sudo apt-get purge linux-image-3.13.0-{36,37,39}-generic</span></li></ul><li>Regenera<span style="font-family: inherit;">te initrd</span></li><ul><li><span style="font-family: courier;">sudo update-initramfs -u -k all</span></li></ul><li>Update grub</li><ul><li><span style="font-family: courier;">sudo update-grub</span></li></ul><li>If initramfs is still generating stuff for old kernel, you can remove like so</li><ul><li><span style="font-family: courier;">sudo update-initramfs -d -k 3.13.0-36-generic</span></li><li>Note: bash expansion does not work for this command</li></ul></ul><h2 style="text-align: left;">Sources</h2></div><div><ul style="text-align: left;"><li><a href="https://askubuntu.com/questions/912473/can-i-delete-old-vmlinuz-in-boot-manually">https://askubuntu.com/questions/912473/can-i-delete-old-vmlinuz-in-boot-manually</a></li><li><a href="https://askubuntu.com/questions/1001285/why-are-old-initrd-files-of-uninstalled-kernels-filling-up-boot-partition">https://askubuntu.com/questions/1001285/why-are-old-initrd-files-of-uninstalled-kernels-filling-up-boot-partition</a></li></ul></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-8430570403056565922022-03-12T21:29:00.002-05:002023-12-10T22:40:41.396-05:00Replacing drives in ZFS<p> As my two 3TB WD Red drives (purchased before the SMR controversy) in Raid 1 were starting to fill up and the price of bigger drives came down, it was time for an upgrade. I purchased two 6TB WD Red Plus drives to replace them (~$105 each before tax). I went with this particular drive and size because of the speed (5640 rpm) to keep the drives quiet and cool. Most NAS drives are going to the higher rpm of 7200.</p><h2 style="text-align: left;">Checking the drives</h2><div>I used an external enclosure to test each of the drives before adding them to the ZFS Pool</div><div><ul style="text-align: left;"><li>Determine the drive</li><ul><li>For these examples I used /dev/sdX, but you need to use the device letter applicable to you</li><li><span style="font-family: courier;">ls /dev/sd*</span></li></ul><li>Check initial SMART attributes</li><ul><li><span style="font-family: courier;">sudo smartctl -A /dev/sdX</span></li></ul><li>SMART short test</li><ul><li><span style="font-family: courier;">sudo smartctl --test=short /dev/sdX</span></li></ul><li>Check SMART test status</li><ul><li><span style="font-family: courier;">sudo smartctl -c /dev/sdX</span></li></ul><li>Check SMART attributes</li><ul><li><span style="font-family: courier;">sudo smartctl -A /dev/sdX</span></li></ul><li>Write Zeros to the entire disk</li><ul><li>Warning: This will <b>erase</b> the entire disk and you will lose anything stored on it</li><li><span style="font-family: courier;">sudo dd if=/dev/zero of=/dev/sdX bs=1M status=progress</span></li></ul><li>Check SMART attributes</li><ul><li><span style="font-family: courier;">sudo smartctl -A /dev/sdX</span></li></ul><li>SMART extended test</li><ul><li>I had problems with this test being stuck at 90% remaining due to the drive stopping spinning</li><li>The solution it to make sure the drive is spinning and then kicking off the test and a command to keep the drive active</li><li><span style="font-family: courier;">sudo dd if=/dev/sdX of=/dev/null count=1</span> # Read one 512 byte block from drive</li><li><span style="font-family: courier;">sudo smartctl --test=long /dev/sdX</span> # Kick off the test</li><li><span style="font-family: courier;">sudo watch -d -n 60 smartctl -a /dev/sdX</span> # Make sure the drive doesn't spin down. Will also show test status</li></ul><li>Power Off the drive</li><ul><li><span style="font-family: courier;">sudo udisksctl power-off -b /dev/sdX</span></li></ul><li><span style="font-family: inherit;">Disconnect the drive</span></li><li><span style="font-family: inherit;">Repeat for the next drive</span></li></ul><div><br /></div></div><h2 style="text-align: left;">Adding the drives to the pool</h2><div>At this point I hooked both drives up to the SATA connectors inside the server, but had to disconnect the front panel USB to access the open SATA port and disconnect the DVD drive. Now it was time to add them to the pool to get data replicated to them.</div><div><ul style="text-align: left;"><li>Get current status</li><ul><li><span style="font-family: courier;">sudo zpool status</span></li></ul><li>Get the drive ids</li><ul><li><span style="font-family: courier;">ls -l /dev/disk/by-id/</span></li></ul><li>Attach them to a current drive to put them in the same mirror</li><ul><li>Run this command with the values substituted for both drives:</li><ul><li><span style="font-family: courier;">sudo zpool attach [poolname] [original drive to be mirrored] [new drive]</span></li></ul><li>If you get an error like: <span style="font-family: courier;">devices have different sector alignment</span></li><ul><li>than add: <span style="font-family: courier;">-o ashift=9 </span></li><li><span style="font-family: inherit;">There are performance penalties for running a 4K drive as a 512B one, but supposedly there are storage size advantages</span></li><li><span style="font-family: inherit;">Update 2023-12-10: Apparently it is a quite large performance difference: 35-45MB/s vs 70-72MB/s</span></li></ul><li>Here is what I ran (serial 1 and 2 are the existing drives while 3 and 4 are the new ones:</li><ul><li><span style="font-family: courier;">sudo zpool attach storage /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-SERIAL#1 /dev/disk/by-id/ata-WDC_WD60EFZX-68B3FN0_WD-SERIAL#3 -o ashift=9</span></li><li><span style="font-family: courier;">sudo zpool attach storage /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-SERIAL#2 /dev/disk/by-id/ata-WDC_WD60EFZX-68B3FN0_WD-SERIAL#4 -o ashift=9</span></li></ul></ul><li><span style="font-family: inherit;">Check on the status:</span></li><ul><li><span style="font-family: courier;">sudo zpool status</span></li></ul><li><span style="font-family: inherit;">Wait for the resilvering to complete</span></li><ul><li><span style="font-family: inherit;">Estimated time was ~33 hours</span></li><li><span style="font-family: inherit;">Actual runtime was ~18 hours copying around 2TB of data</span></li></ul><li>Optional scrub to verify all data</li><ul><li><span style="font-family: courier;">sudo zpool scrub [POOLNAME]</span></li></ul><li>Wait for it to finish</li><ul><li>Estimated time was ~13 hours</li><li>Actual time was ~10 hours<br /></li></ul></ul><div><br /></div></div><h2 style="text-align: left;">Remove the old drives</h2><div><ul style="text-align: left;"><li>Remove the old disks from the pool:</li><ul><li><span style="font-family: courier;">sudo zpool detach [POOLNAME] [DISKNAME]</span></li></ul><li><span style="font-family: inherit;">What I ran:</span></li><ul><li><span style="font-family: courier;">sudo zpool detach storage /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-SERIAL#1</span></li><li><span style="font-family: courier;">sudo zpool detach storage /dev/disk/by-id/ata-WDC_WD30EFRX-68EUZN0_WD-SERIAL#2</span></li></ul><li><span style="font-family: inherit;">Check on the status</span></li><ul><li><span style="font-family: courier;">sudo zpool status</span></li></ul><li><span style="font-family: inherit;">Shutdown the server and remove the drives</span></li></ul></div><div><br /></div><h2 style="text-align: left;">Expand the Quotas</h2><div><ul style="text-align: left;"><li>Check current usage and quotas</li><ul><li><span style="font-family: courier;">df -k /storage/mythtv /storage/.encrypted</span></li><li><span style="font-family: courier;">sudo zfs get quota storage/mythtv</span></li><li><span style="font-family: courier;">sudo zfs get quota storage/.encrypted</span></li></ul><li>Set new quotas, total storage available was 5.45T</li><ul><li><span style="font-family: courier;">sudo zfs set quota=1.5T storage/mythtv</span></li><li><span style="font-family: courier;">sudo zfs set quota=3.9T storage/.encrypted</span></li></ul><li><span style="font-family: inherit;">While editing my zfs containers, I decided to turn off compression since i wasn't seeing any gains</span></li><ul><li><span style="font-family: courier;">sudo zfs set compression=off storage/.encrypted</span></li></ul></ul></div><div style="text-align: left;"><br /></div><h2 style="text-align: left;">Sources</h2><div><ul style="text-align: left;"><li>Drive Check</li><ul><li>Initial inspiration: <a href="https://superuser.com/questions/1252662/initial-testing-of-new-hard-drives-in-linux">https://superuser.com/questions/1252662/initial-testing-of-new-hard-drives-in-linux</a></li><li>Keeping the drive spinning: <a href="https://superuser.com/questions/766943/smart-test-never-finishes">https://superuser.com/questions/766943/smart-test-never-finishes</a></li><li>Power Off the drive: <a href="https://askubuntu.com/questions/532586/what-is-the-command-line-equivalent-of-safely-remove-drive">https://askubuntu.com/questions/532586/what-is-the-command-line-equivalent-of-safely-remove-drive</a></li></ul><li>Adding to zpool</li><ul><li><a href="https://www.sotechdesign.com.au/how-to-add-a-drive-to-a-zfs-mirror/">https://www.sotechdesign.com.au/how-to-add-a-drive-to-a-zfs-mirror/</a></li><li><a href="https://superuser.com/questions/1265328/how-to-create-zfs-mirror-with-disks-of-different-sector-sizes">https://superuser.com/questions/1265328/how-to-create-zfs-mirror-with-disks-of-different-sector-sizes</a></li></ul><li>Performance difference of ashift=9 vs ashift=12</li><ul><li><a href="https://louwrentius.com/zfs-performance-and-capacity-impact-of-ashift9-on-4k-sector-drives.html">https://louwrentius.com/zfs-performance-and-capacity-impact-of-ashift9-on-4k-sector-drives.html</a></li></ul><li>Removing from zpool</li><ul><li><a href="https://www.truenas.com/community/threads/remove-disk-from-mirror-in-freenas-11.56494/">https://www.truenas.com/community/threads/remove-disk-from-mirror-in-freenas-11.56494/</a></li></ul></ul></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-26388070185309574702021-12-23T23:12:00.003-05:002023-03-19T17:58:39.179-04:00Copying Linux HDD to a new SSD<p>I wanted to upgrade my old 250GB WD Blue HDD to a newer 512GB Crucial SSD, but was having problems getting the data transfered over. I tried clonezilla to no avail probably probably because the HDD had sector size of 512 bytes and the SSD uses 4k bytes. In the end, I resorted to copying everything over manually. Here are the steps that I used For these steps /dev/sdX is the existing drive and /dev/sdZ is the new one, which became one letter less after the existing drive is removed (sdY).</p><h2 style="text-align: left;">Prequisites</h2><ul style="text-align: left;"><li>Have a linux live USB to be able to boot with</li><li>Install grub-efi-amd64:</li><ul><li><span style="font-family: courier;">sudo apt-get install grub-efi-amd64</span></li></ul></ul><p><br /></p><h2 style="text-align: left;">Linux Live USB Steps</h2><div>Boot off of your linux live USB so that the data on the drive you are copying is static.</div><p style="text-align: left;"><br /></p><h3 style="text-align: left;">Existing Partition Formats</h3><div>Here is what my existing drive looks like, and I was going to keep the same structure.</div><p></p><ul style="text-align: left;"><li>sdX1 - EFI - 512MiB - flags hidden<br /></li><li>sdX2 - root - 95.37GiB<br /></li><li>sdX3 - home - 129.48GiB<br /></li><li>sdX4 - swap - 7.54GiB<br /></li></ul><p><br /></p><h3 style="text-align: left;">Create new partitions using gparted</h3><div>Using gparted I created the following partitions. Description is not a field in gparted, but I listed it below for clarification.</div><ul style="text-align: left;"><li>sdZ1</li><ul><li>description: EFI</li><li>Free space preceding: 1MiB (This is the default that came up for me and from what I read should be used for aligning the physical sectors)</li><li>size: 512MiB</li><li>type: fat32</li><li>flags: hidden, esd, boot</li></ul><li>sdZ2</li><ul><li>description: root</li><li>size: 153,600MiB</li><li>type: ext4</li></ul><li>sdZ3</li><ul><li>description: home</li><li>size: 257,291MiB</li><li>type: ext4</li></ul><li>sdZ4</li><ul><li>description: swap</li><li>size: 65,536MiB (I went with 64GiB as the server has 20GiB of RAM and I am thinking of upgrading to 32GiB and this would put me at 2x of that)</li><li>type: linux-swap</li></ul></ul><p></p><p><br /></p><h3 style="text-align: left;">Mount</h3><div>Mount all the drives to get ready to copy them</div><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo mount /dev/sdX1 /mnt/hdd1</span></li><li><span style="font-family: courier;">sudo mount /dev/sdX2 /mnt/hdd2</span></li><li><span style="font-family: courier;">sudo mount /dev/sdX3 /mnt/hdd3</span></li><li><span style="font-family: courier;">sudo mount /dev/sdZ1 /mnt/ssd1 <br /></span></li><li><span style="font-family: courier;">sudo mount /dev/sdZ2 /mnt/ssd2</span></li><li><span style="font-family: courier;">sudo mount /dev/sdZ3 /mnt/ssd3</span></li></ul><p><br /></p><h3 style="text-align: left;">Copy the data</h3><div>Description of rsync options:</div><div><ul style="text-align: left;"><li>a - archive mode; equals -rlptgoD (no -H,-A,-X)</li><li>A - preserve ACLs (implies -p)</li><li>H - preserve hard links</li><li>X - preserve extended attributes</li><li>x - don't cross filesystem boundaries (this is very important)</li><li>v - increase verbosity</li></ul></div><div>Perform the actual copies, depending on file size this can take a while.</div><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">cd /mnt/hdd1</span></li><li><span style="font-family: courier;">sudo rsync -aAHXxv --stats --progress . /mnt/ssd1</span></li><li><span style="font-family: courier;">cd /mnt/hdd2</span></li><li><span style="font-family: courier;">sudo rsync -aAHXxv --stats --progress . --exclude={"dev/*","proc/*","sys/*","tmp/*","run/*","mnt/*","media/*","lost+found"} /mnt/ssd2</span></li><li><span style="font-family: courier;">cd /mnt/hdd3</span></li><li><span style="font-family: courier;">sudo rsync -aAHXxv --stats --progress . /mnt/ssd3 --exclude={"lost+found"}</span><br /></li></ul><p><br /></p><h3 style="text-align: left;">Edit the UUIDs copied</h3><div>Determine the new UUIDs to use</div><p></p><p></p><p></p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo blkid /dev/sdZ2 # for /</span></li><li><span style="font-family: courier;">sudo blkid /dev/sdZ3 # for /home</span></li><li><span style="font-family: courier;">sudo blkid /dev/sdZ4 # for swap<br /></span></li></ul>Replace the UUIDs in fstab (<b>NOT</b> PARTUUID) for <b>/</b> and <b>/home</b> and <b>swap</b><span style="font-family: courier;"><br /></span><ul style="text-align: left;"><li><span style="font-family: courier;">sudo vi /mnt/ssd2/etc/fstab</span></li></ul><p>Replace the UUID for swap in initramfs resume</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo vi /mnt/ssd2/etc/initramfs-tools/conf.d/resume</span></li></ul><p></p><p><br /></p><h2 style="text-align: left;">Change booting to use new drive</h2><h3 style="text-align: left;">GRUB</h3><ul style="text-align: left;"><li>boot using old install</li><ul><li><span style="font-family: courier;">sudo update-grub</span></li><li>check <span style="font-family: courier;">/boot/grub/grub.cfg</span> to ensure it is using the correct UUID for sdZ2 </li></ul><li>boot using new install</li><ul><li><span style="font-family: courier;">sudo mkdir /boot/efi</span></li><li><span style="font-family: courier;">sudo mount /dev/sdZ1 /boot/efi</span></li><li><span style="font-family: courier;">sudo grub install --target=x86_64-efi /dev/sdZ</span></li><li><span style="font-family: courier;">sudo update-grub</span></li></ul><li>shutdown</li><li>remove old hd</li><li>boot using new install</li><ul><li><span style="font-family: courier;">sudo update-grub </span></li></ul></ul><p></p><p><br /></p><h3 style="text-align: left;">Bonus Section</h3><p>Because I did not get grub installed on the new drive before removing the old one, I got stuck at the grub prompt so the steps that I used to boot were:</p><ul style="text-align: left;"><li><span style="font-family: courier;">ls</span></li><li><span style="font-family: courier;">set root=(hd2,2)</span></li><li><span style="font-family: courier;">linux /boot/vmlinuz<tab complete to most recent version> root=/dev/sdY2</span></li><li><span style="font-family: courier;">initrd /boot/init<tab complete to same version as above></span></li><li><span style="font-family: courier;">boot</span></li></ul><div><span style="font-family: courier;"><br /></span></div><div><span><h2 style="font-family: Tinos;">TRIM</h2><p style="text-align: left;"><span style="font-family: inherit;">Ensure that trim is enabled and works:</span></p><div><ul style="text-align: left;"><li><span style="font-family: inherit;">Check that it is enabled to run weekly</span></li><ul><li><span style="font-family: courier;">systemctl status fstrim.timer</span></li></ul><li><span style="font-family: inherit;">Check that trimming actually works</span></li><ul><li><span style="font-family: courier;">sudo fstrim -v /</span></li></ul></ul><br /></div><h2 style="text-align: left;">Update 2022-07-26: NOATIME</h2><div>As the ssd was seeing more writes then I would like, I realized that it was writing the access times, which I really didn't need. To fix this we add it in <span style="font-family: courier;">/etc/fstab</span> to this line and then reboot:</div><div><ul style="text-align: left;"><li><span style="font-family: courier;">UUID=XXXX / ext4 defaults<b>,noatime</b> 0 1</span></li></ul><div><br /></div><div><h2 style="text-align: left;">Update 2023-02-03: Swappiness</h2></div><div>Updated the swappiness setting to hopefully save more ssd writes</div><div><ul style="text-align: left;"><li>in <span style="font-family: courier;">/etc/sysctl.conf</span> add:<br /></li><ul><li><span style="font-family: courier;">vm.swappiness = 10</span></li></ul><li>reboot</li><li>check the setting:</li><ul><li><span style="font-family: courier;">cat /proc/sys/vm/swappiness</span><br /></li></ul></ul><p> </p></div></div></span></div><h2 style="text-align: left;">Sources</h2><div><ul style="text-align: left;"><li><a href="https://newbedev.com/how-to-best-clone-a-running-system-to-a-new-harddisk-using-rsync">https://newbedev.com/how-to-best-clone-a-running-system-to-a-new-harddisk-using-rsync</a></li><li><a href="https://ostechnix.com/backup-entire-linux-system-using-rsync/">https://ostechnix.com/backup-entire-linux-system-using-rsync/</a></li><li><a href="https://itectec.com/ubuntu/ubuntu-how-to-transfer-ubuntu-to-ssd-but-keeping-home-on-hdd/">https://itectec.com/ubuntu/ubuntu-how-to-transfer-ubuntu-to-ssd-but-keeping-home-on-hdd/</a></li><li><a href="https://askubuntu.com/questions/1116778/how-to-set-the-resume-variable-to-override-these-issues">https://askubuntu.com/questions/1116778/how-to-set-the-resume-variable-to-override-these-issues</a></li><li><a href="https://www.howtogeek.com/449691/what-is-swapiness-on-linux-and-how-to-change-it/">https://www.howtogeek.com/449691/what-is-swapiness-on-linux-and-how-to-change-it/</a></li><li><a href="https://askubuntu.com/questions/103915/how-do-i-configure-swappiness">https://askubuntu.com/questions/103915/how-do-i-configure-swappiness</a> </li></ul> <br /></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-41579137702183315752021-12-03T21:45:00.001-05:002021-12-14T22:01:23.719-05:00Xubuntu Server Ubgrade 16.04 to 18.04 to 20.04<p style="text-align: left;">As I have been busy the past few months, I failed to notice that 16.04 went past it's support window and hasn't been getting updates. Here are the steps that I went through to get current and fix the issues that I encountered</p><h2 style="text-align: left;">Perform the Upgrade</h2><div>I upgraded using the GUI to walk me thru the steps</div><ul style="text-align: left;"><li>upgrade to 18.04</li><ul><li><span style="font-family: courier;">sudo do-release-upgrade -f DistUpgradeViewGtk3</span></li></ul><li>reboot</li><li>upgrade to 20.04</li><ul><li><span style="font-family: courier;">sudo do-release-upgrade -f DistUpgradeViewGtk3</span></li></ul><li>When prompted for debian-sys-maint password find it here:</li><ul><li><span style="font-family: courier;">sudo cat /etc/mysql/debian.cnf</span></li></ul></ul><p></p><p><br /></p><h2 style="text-align: left;">Getting Unifi Web working again</h2><p>127.0.0.1:8443 was giving a 404 error</p><p></p><ul style="text-align: left;"><li>Check the logs</li><ul><li><span style="font-family: courier;">tail -n 50 /usr/lib/unifi/logs/server.log</span></li><ul><li><span style="font-family: courier;">[2021-10-24TXX:XX:XX,XXX] <db-server> INFO db - DbServer stopped</span></li></ul><li><span style="font-family: courier;">tail -n 50 /usr/lib/unifi/logs/mongod.log</span></li><ul><li><span style="font-family: courier;">2021-10-24TXX:XX:XX.XXX-XXXX F CONTROL [initandlisten] ** IMPORTANT: UPGRADE PROBLEM: The data files need to be fully upgraded to version 3.4 before attempting an upgrade to 3.6; see http://dochub.mongodb.org/core/3.6-upgrade-fcv for more details.</span></li></ul></ul></ul><p></p><p>So I needed to upgrade the mongo data files, but can't do that in version 3.6 so I used a combination of the following posts</p><p></p><ul style="text-align: left;"><li><a href="https://community.ui.com/questions/Unifi-controller-on-Ubuntu-18-04/93b00b88-7542-40ba-bb0b-a80a84415e1d">https://community.ui.com/questions/Unifi-controller-on-Ubuntu-18-04/93b00b88-7542-40ba-bb0b-a80a84415e1d</a></li><li><a href="https://docs.mongodb.com/manual/release-notes/3.6/#upgrade-procedures">https://docs.mongodb.com/manual/release-notes/3.6/#upgrade-procedures</a></li><li><a href="https://stackoverflow.com/questions/48318487/error-while-upgrading-mongodb-from-3-2-to-3-6">https://stackoverflow.com/questions/48318487/error-while-upgrading-mongodb-from-3-2-to-3-6</a></li></ul><p></p><div>Here are the actual steps that I used:</div><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo apt-get install docker.io</span></li><li><span style="font-family: courier;">sudo docker run --name mongo-migrate -v /var/lib/unifi/db:/data/db -p 127.0.0.1:27888:27017 -d mongo:3.4</span></li><li><span style="font-family: courier;">mongo localhost:27888</span></li><ul><li><span style="font-family: courier;">db.adminCommand( { getParameter: 1, featureCompatibilityVersion: 1 } )</span></li><li><span style="font-family: courier;">db.adminCommand( { setFeatureCompatibilityVersion: "3.4" } )</span></li><li><span style="font-family: courier;">exit</span></li></ul><li><span style="font-family: courier;">sudo docker stop mongo-migrate</span></li><li><span style="font-family: courier;">sudo chown -R unifi:unifi /var/lib/unifi/db</span></li><li><span style="font-family: courier;">sudo systemctl restart unifi</span></li></ul><p></p><p><br /></p><h2 style="text-align: left;">Fixing MythTV</h2><p>I was seeing the following Fatal Error when accessing mythweb:</p><p></p><blockquote><span style="font-family: courier;">!!NoTrans: You are missing a php extension for mysql interaction. Please install php-mysqli or similar!!</span></blockquote><p></p><p>I solved this error with the following steps:</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">apt-get install php7.4</span></li><li><span style="font-family: courier;">sudo a2dismod php7.0</span></li><li><span style="font-family: courier;">sudo a2enmod php7.4</span></li><li><span style="font-family: courier;">sudo systemctl restart apache2</span></li></ul><p></p><p>It then became this error:</p><p></p><blockquote><span style="font-family: courier;">!!NoTrans: MasterServerIP or MasterServerPort not found! You may need to check your mythweb.conf file or re-run mythtv-setup!!</span></blockquote><p></p><p>I determined this to be an error with mysql</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">tail -n 100 /var/log/mysql/error.log</span></li><ul><li><span style="font-family: courier;">2021-10-24TXX:XX:XX.XXXXXXZ 0 [ERROR] [MY-000067] [Server] unknown variable 'query_cache_limit=1M'.</span></li><li><span style="font-family: courier;">2021-10-24TXX:XX:XX.XXXXXXZ 0 [ERROR] [MY-000067] [Server] unknown variable 'query_cache_size=16M'.</span></li></ul><li><span style="font-family: courier;">sudo vi /etc/mysql/my.cnf</span></li><ul><li>commented out the 2 lines regarding query_cache</li></ul><li><span style="font-family: courier;">sudo systemctl restart mysql</span></li></ul><p></p><p>This got mysql running but, mythweb still had the same error. I tried a reboot of the server, but that didn't seem to help. It turns out that I needed to change the bind_address</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo vi /etc/mysql/my.cnf</span></li><ul><li><span style="font-family: courier;">bind-address = 127.0.0.1,192.168.X.X</span></li></ul></ul><p></p><p><br /></p><h2 style="text-align: left;">VNC</h2><p>I needed to fix my vnc setup and came across this:</p><p></p><ul style="text-align: left;"><li>vnc4server is no longer in the repo</li><li>tightvncserver works with the exception of window buttons. This is due to it not supporting Render: https://bugs.launchpad.net/ubuntu/+source/xfwm4/+bug/1860921</li><li>Solution: Use tigervncserver</li></ul><p></p><p>Here are the steps that I used:</p><p></p><ul style="text-align: left;"><li><span style="font-family: courier;">sudo apt-get install tigervnc-standalone-server</span></li><li><span style="font-family: courier;">touch ${HOME}/.Xresources</span></li><li><span style="font-family: courier;">tigervncserver :1 -geometry 1366x768 -depth 24 -localhost no</span></li></ul><p></p><p><br /></p><h2 style="text-align: left;">Let's Encrypt</h2><p><b>Update 2021-12-14</b>: Apparently, the upgrade broke my Let's Encrypt certificate, but fixing it was easy enough, I just needed to install 2 packages: <span style="font-family: courier;">sudo apt-get install certbot python3-certbot-apache</span></p><p><br /></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-5074927899453260662021-08-13T23:37:00.000-04:002021-08-13T23:37:51.529-04:00Raspberry Pi 4 Print Server: Part 3<p>Time for the final setup steps</p><h1 style="text-align: left;">General Setup</h1><div><p>Changing the hostname:</p><p></p><ul><li><span style="font-family: courier;">hostnamectl set-hostname <new hostname></span></li></ul></div><div>Broadcasting the hostname:</div><div><ul style="text-align: left;"><li><span style="font-family: courier;">sudo apt install samba</span></li><li><span style="font-family: courier;">sudo apt install libnss-winbind</span></li><li>install wsdd</li><ul><li><span style="font-family: courier;">git clone</span></li><li><span style="font-family: courier;">group: nogroup</span></li><li><span style="font-family: courier;">/usr/local/bin/wsdd</span></li><li><span style="font-family: courier;">cp etc/systemd/wsdd.service /etc/systemd/system/</span></li><li><span style="font-family: courier;">sudo systemctl daemon-reload</span></li><li><span style="font-family: courier;">sudo systemctl enable wsdd</span></li><li><span style="font-family: courier;">sudo systemctl status wsdd</span></li></ul></ul></div>Controlling the fan and Power button:<p></p><p></p><ul style="text-align: left;"><li><a href="https://github.com/meuter/argon-one-case-ubuntu-20.04">https://github.com/meuter/argon-one-case-ubuntu-20.04</a></li><li>Run this on the Raspberry Pi</li><ul><li><span style="font-family: courier;">cd /tmp/</span></li><li><span style="font-family: courier;">wget https://raw.githubusercontent.com/meuter/argon-one-case-ubuntu-20.04/master/argon1.sh</span></li><li><span style="font-family: courier;">chmod a+x argon1.sh</span></li><li><span style="font-family: courier;">sudo ./argon1.sh</span></li></ul></ul><span style="font-family: courier;"><br /></span><h1 style="text-align: left;">Printer Setup</h1>Installing CUPS and Printer Drivers for SCX-4623f<p></p><div><ul style="text-align: left;"><li>Run this on the Raspberry Pi</li><ul><li><span style="font-family: courier;">sudo apt install cups printer-driver-splix</span></li></ul><li>For different models of printers you can look here: <a href="https://packages.ubuntu.com/search?keywords=printer-driver&searchon=names">https://packages.ubuntu.com/search?keywords=printer-driver&searchon=names</a></li></ul><div>Unfortunately CUPS requires a user/pass combination and the default is for root, so I set a password for root</div></div><div><ul style="text-align: left;"><li><span style="font-family: inherit;">Run this on the Raspberry Pi:</span></li><ul><li><span style="font-family: courier;">sudo su -</span></li><li><span style="font-family: courier;">passwd</span></li></ul></ul><div>Forward the CUPS UI to your laptop</div></div><div><ul style="text-align: left;"><li><span style="font-family: inherit;">Run this on your laptop</span></li><ul><li><span style="font-family: courier;">ssh -L 6631:localhost:631 ubuntu@192.168.1.XX</span></li></ul></ul><div>You can now open a browser and go to <a href="http://localhost:6631">http://localhost:6631</a> on your laptop for adding the printer and checking "Share printers connected to this system" on the "Administration" tab. For the user use "root" and use the password that you set above. Optionally, you can check "Allow remote administration" to skip the ssh command in the future and go directly to http://192.168.1.XX:631</div></div><div><br /></div><div>You should now be able to see the printer on your network!</div><div><br /></div><h1 style="text-align: left;">Scanner Setup</h1><h3 style="text-align: left;">Raspberry Pi Setup</h3><div><ul style="text-align: left;"><li>Install sane</li><ul><li><span style="font-family: courier;">sudo apt install sane</span></li></ul><li>Check for the scanner</li><ul><li><span style="font-family: courier;">sudo sane-find-scanner</span></li><li><span style="font-family: courier;">sudo scanimage -L</span></li><li><span style="font-family: courier;">cd /tmp</span></li><li><span style="font-family: courier;">sudo -u saned scanimage -x 100 -y 100 -d xerox_mfp:libusb:XXX:XXX --format=png -p > image.png</span></li><li>if you hear it scanning than it works and proceed, if not add saned user to lp group and try again</li><ul><li><span style="font-family: courier;">sudo usermod -a -G lp saned</span></li></ul></ul><li>Have saned listen to local network</li><ul><li>edit <span style="font-family: courier;">/etc/sane.d/net.conf</span></li><ul><li>add the local network (eg. 192.168.1.0/24)</li></ul></ul><li>Configure saned socket to load (you do not need the saned service itself)</li><ul><li><span style="font-family: courier;">sudo systemctl start saned.socket</span></li><li><span style="font-family: courier;">sudo systemctl enable saned.socket</span></li></ul></ul><h3 style="text-align: left;"><span style="font-family: inherit;">Laptop Setup</span></h3><ul style="text-align: left;"><li>install xsane</li><ul><li><span style="font-family: courier;">sudo apt install xsane</span></li></ul><li>edit <span style="font-family: courier;">/etc/sane.d/net.conf</span></li><ul><li>add the ip address of the Raspberry Pi (eg 192.168.1.XX)</li></ul></ul>Start xsane and happy scanning!</div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-41152295737529808372021-08-10T21:38:00.000-04:002021-08-10T21:38:25.209-04:00Rasberry Pi 4 Print Server: Part 2<p>These are the steps that I went thru to update the firmware and get Ubuntu Server 20.04 LTS installed on my Raspberry Pi 4 2GB from my Chromebook</p><p>Prerequisites:</p><p></p><ul style="text-align: left;"><li>Raspberry Pi</li><li>SD Card and USB Flash Drive</li><li>Chromebook:</li><ul><li>Have the Linux Virtual Machine enabled</li><li>Have Chromebook Recovery Utility installed</li><ul><li><a href="https://chrome.google.com/webstore/detail/chromebook-recovery-utili/jndclpdbaamdhonoechobihbbiimdgai">https://chrome.google.com/webstore/detail/chromebook-recovery-utili/jndclpdbaamdhonoechobihbbiimdgai</a></li></ul></ul></ul><div>Firmware Update Steps:</div><div><ol style="text-align: left;"><li>Download the latest firmware from: <a href="https://github.com/raspberrypi/rpi-eeprom/releases">https://github.com/raspberrypi/rpi-eeprom/releases</a></li><li>Insert your SD Card into your Chromebook</li><li>Copy the Contents of the Zip file onto the SD Card</li><li>Uses Files to eject your SD Card and then remove from Chromebook</li><li>Boot your Raspberry Pi using the SD Card</li></ol></div><div>Ubuntu Steps:</div><p></p><p></p><ol style="text-align: left;"><li>Download 64-bit Ubuntu Server for Rasberry Pi from here: <a href="https://ubuntu.com/download/raspberry-pi">https://ubuntu.com/download/raspberry-pi</a></li><li>In Files: Move it from Downloads to your Linux Files</li><li>On the Linux Command Prompt run:</li><ul><li><span style="font-family: courier;">xz -d ubuntu-20.04.1-preinstalled-server-arm64+raspi.img.xz</span></li></ul><li>In Files: Right click the IMG file and click Zip selection</li><li>Insert your SD Card or USB Drive you want to use</li><li>Write the image to your removable media:</li><ol><li>Open Chromebook Recovery Utility</li><li>Click the Setting Wheel next to the close window button</li><li>Click "Use local image"</li><li>Use files to select the zip file you just created</li><li>Wait for the progress bar to complete TWICE (once for unpacking, once for writing)</li><li>Exit Chromebook Recovery Utility</li></ol><li>Ubuntu 20.04 preinstalled servers uses cloud-init on first boot, you can find out more here:</li><ul><li><a href="https://cloudinit.readthedocs.io/en/latest/topics/examples.html">https://cloudinit.readthedocs.io/en/latest/topics/examples.html</a></li></ul><li>Setup your WiFi</li><ol><li>Open <span style="font-family: courier;">/system-boot/network-config</span> in a text editor</li><li>Uncomment (remove the # from the front of the line) the wifis section and update it with your wireless network and password</li><blockquote><div><span style="font-family: courier;">wifis:</span></div><div><span style="font-family: courier;"> wlan0:</span></div><div><span style="font-family: courier;"> dhcp4: true</span></div><div><span style="font-family: courier;"> optional: true</span></div><div><span style="font-family: courier;"> access-points:</span></div><div><span style="font-family: courier;"> "YourWifiNameHere":</span></div><div><span style="font-family: courier;"> password: "YourPasswordHere"</span></div></blockquote><div><br /></div><div><li>Or for a fixed IP</li><blockquote><div><span style="font-family: courier;">wifis:</span></div><div><span style="font-family: courier;"> wlan0:</span></div><div><span style="font-family: courier;"> addresses: [192.168.1.XX/24]</span></div><div><span style="font-family: courier;"> gateway4: 192.168.1.1</span></div><div><span style="font-family: courier;"> nameservers:</span></div><div><span style="font-family: courier;"> addresses: [192.168.1.1]</span></div><div><span style="font-family: courier;"> dhcp4: false</span></div><div><span style="font-family: courier;"> optional: true</span></div><div><span style="font-family: courier;"> access-points:</span></div><div><span style="font-family: courier;"> "YourWifiNameHere":</span></div><div><span style="font-family: courier;"> password: "YourPasswordHere"</span></div></blockquote><div><br /></div></div><li>Save the File</li></ol><li>If you are using a SD Card, you are finished and can:</li><ol><li>Eject the removable media using the Files app</li><li>Remove it from the laptop</li></ol></ol><div>If you are using a USB Flash Drive, follow these additional steps:</div><ol style="text-align: left;"><li>Decompress vmlinux</li><ol><li>Share the <span style="font-family: courier;">system-boot</span> partition with Linux</li><ul><li>In the files app, right click it and click "Share with Linux"</li></ul><li>Open the terminal</li><ol><li><span style="font-family: courier;">cd /mnt/chromeos/removable/system-boot</span></li><li><span style="font-family: courier;">zcat vmlinu<b>z</b> > vmlinu<b>x</b></span></li></ol></ol><li>Update /system-boot/config.txt to have the pi4 section look like:</li><ul><blockquote><div><div><div><span style="font-family: courier;">[pi4]</span></div><div><span style="font-family: courier;">max_framebuffers=2</span></div><div><span style="font-family: courier;">dtoverlay=vc4-fkms-v3d</span></div><div><span style="font-family: courier;">boot_delay</span></div><div><span style="font-family: courier;">kernel=vmlinux</span></div><div><span style="font-family: courier;">initramfs initrd.img followkernel</span></div></div></div><div></div></blockquote></ul><li>Install a script that will do this after installing updates (currently this cannot be done on a Chromebook because the <span style="font-family: courier;">writable</span> partition is mounted read-only --oh the irony--)</li><ol><li>Create a file on <span style="font-family: courier;">/system-boot</span> (<span style="font-family: courier;">/system-boot/firmware </span><span style="font-family: inherit;">if logged into the pi</span>) called <span style="font-family: courier;">auto_decompress_kernel</span> and paste the code that is at the end of the blog</li><li>Create a file in <span style="font-family: courier;">/writable/etc/apt/apt.conf.d</span> called <span style="font-family: courier;">999_decompress_rpi_kernel</span> and paste the following single line into it:</li><ul><li><span style="font-family: courier;">DPkg::Post-Invoke {"/bin/bash /boot/auto_decompress_kernel"; };</span></li></ul><li>Share the writable partition with Linux</li><ul><li>In the files app, right click it and click "Share with Linux"</li></ul><li>Open the terminal</li><ol><li><span style="font-family: courier;">cd /mnt/chromeos/removable/writable/etc/apt/apt.conf.d</span></li><li><span style="font-family: courier;">chmod +x 999_decompress_rpi_kernel</span></li></ol></ol></ol><div>You can now install the SD card or USB drive into the Raspberry Pi and start it up. You will need to login and change the password and then reboot (<span style="font-family: courier;">sudo reboot now</span>) before it will connect to WiFi</div><div><br /></div><div><div><br /></div><div><span style="font-family: courier;">auto_decompress_kernel</span></div><div></div><blockquote><div><span style="font-family: courier;">#!/bin/bash -e</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">#Set Variables</span></div><div><span style="font-family: courier;">BTPATH=/boot/firmware</span></div><div><span style="font-family: courier;">CKPATH=$BTPATH/vmlinuz</span></div><div><span style="font-family: courier;">DKPATH=$BTPATH/vmlinux</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">#Check if compression needs to be done.</span></div><div><span style="font-family: courier;">if [ -e $BTPATH/check.md5 ]; then</span></div><div><span style="font-family: courier;"> if md5sum --status --ignore-missing -c $BTPATH/check.md5; then</span></div><div><span style="font-family: courier;"> echo -e "e[32mFiles have not changed, Decompression not needede[0m"</span></div><div><span style="font-family: courier;"> exit 0</span></div><div><span style="font-family: courier;"> else echo -e "e[31mHash failed, kernel will be compressede[0m"</span></div><div><span style="font-family: courier;"> fi</span></div><div><span style="font-family: courier;">fi</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">#Backup the old decompressed kernel</span></div><div><span style="font-family: courier;">mv $DKPATH $DKPATH.bak</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">if [ ! $? == 0 ]; then</span></div><div><span style="font-family: courier;"> echo -e "e[31mDECOMPRESSED KERNEL BACKUP FAILED!e[0m"</span></div><div><span style="font-family: courier;"> exit 1</span></div><div><span style="font-family: courier;">else echo -e "e[32mDecompressed kernel backup was successfule[0m"</span></div><div><span style="font-family: courier;">fi</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">#Decompress the new kernel</span></div><div><span style="font-family: courier;">echo "Decompressing kernel: "$CKPATH".............."</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">zcat $CKPATH > $DKPATH</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">if [ ! $? == 0 ]; then</span></div><div><span style="font-family: courier;"> echo -e "e[31mKERNEL FAILED TO DECOMPRESS!e[0m"</span></div><div><span style="font-family: courier;"> exit 1</span></div><div><span style="font-family: courier;">else</span></div><div><span style="font-family: courier;"> echo -e "e[32mKernel Decompressed Succesfullye[0m"</span></div><div><span style="font-family: courier;">fi</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">#Hash the new kernel for checking</span></div><div><span style="font-family: courier;">md5sum $CKPATH $DKPATH > $BTPATH/check.md5</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">if [ ! $? == 0 ]; then</span></div><div><span style="font-family: courier;"> echo -e "e[31mMD5 GENERATION FAILED!e[0m"</span></div><div><span style="font-family: courier;"> else echo -e "e[32mMD5 generated Succesfullye[0m"</span></div><div><span style="font-family: courier;">fi</span></div><div><span style="font-family: courier;"><br /></span></div><div><span style="font-family: courier;">#Exit</span></div><div><span style="font-family: courier;">exit 0</span></div></blockquote><div></div></div><div><br /></div><div>Sources and Thanks to:</div><div><ul style="text-align: left;"><li><a href="https://www.raspberrypi.org/documentation/installation/installing-images/chromeos.md">https://www.raspberrypi.org/documentation/installation/installing-images/chromeos.md</a></li><li><a href="https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#1-overview">https://ubuntu.com/tutorials/how-to-install-ubuntu-on-your-raspberry-pi#1-overview</a></li><li><a href="https://www.raspberrypi.org/forums/viewtopic.php?t=278791">https://www.raspberrypi.org/forums/viewtopic.php?t=278791</a></li><li><a href="https://www.explorelinux.com/raspberrypi-4-usb-boot-no-sd-card/">https://www.explorelinux.com/raspberrypi-4-usb-boot-no-sd-card/</a></li></ul><div><div></div></div></div><div><br /></div><div><br /></div><p></p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-56582070159885973872021-08-10T21:31:00.001-04:002021-08-10T21:31:56.464-04:00Raspberry Pi Print Server: Part 1<p>As I still have our perfectly functional Samsung SCX-4623f laser printer and scanner, but wanted to be able to place it away from my server. I looked at a few different options, but decided on a Raspberry Pi to be my best option. Below are the several options that I considered.</p><h2 style="text-align: left;">The Choices</h2><h4 style="text-align: left;">IOGear GPSU21 or other print server</h4><div><ul style="text-align: left;"><li>Price: $40-50</li><li>Does not list SCX-4623f as compatible</li><li>Requires Ethernet connection so not as flexible</li><li>Printer Only, No Scanner function</li></ul><h4 style="text-align: left;">Raspberry Pi</h4><div><ul style="text-align: left;"><li>Price: Varies based on options</li><li>Requires more time to setup</li><li>A learning experience/project</li><li>Wouldn't need to find new owner for existing printer</li></ul></div><h4 style="text-align: left;">Repurposing an old laptop</h4><div><ul style="text-align: left;"><li>Price: Free*</li><li>Not power or space efficient</li></ul></div><h4 style="text-align: left;">Hooking a laptop up every time we want to print</h4><div><ul style="text-align: left;"><li>Inconvenient</li><li>Can't print from phones</li></ul></div><h4 style="text-align: left;">New Printer/Scanner with built-in wireless</h4></div><div><ul style="text-align: left;"><li>Price: ~$200</li></ul><div><br /></div><h2 style="text-align: left;">Parts</h2><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPsasmkYXTiyF28fsRpMiZPy-fSu1kD5ai-7QuP_8qKnPERu_Uig5TBUknXUw8Zf-cFGqsqfOXhX4mzqEZSZO51NnAlHcsMIYmxxp6tIAh1AD46SUGpKN_b9RqIRGE9ov4HRZKt6Ywro8/s5333/DSC_0301.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPsasmkYXTiyF28fsRpMiZPy-fSu1kD5ai-7QuP_8qKnPERu_Uig5TBUknXUw8Zf-cFGqsqfOXhX4mzqEZSZO51NnAlHcsMIYmxxp6tIAh1AD46SUGpKN_b9RqIRGE9ov4HRZKt6Ywro8/s320/DSC_0301.JPG" width="320" /></a></div><div><br /></div>Here are the parts that I went with:</div></div><div><ul style="text-align: left;"><li>Raspberry Pi 4 2GB ($30-35 at Microcenter)</li><ul><li>Another option was the Raspberry Pi 3 B+ ($25-30 at Microcenter), but I wanted the faster processor and more memory</li></ul><li>Raspberry Pi Power Supply ($7-10 at Microcenter)</li><li>GeeekPi Raspberry Pi 4 Aluminum Heatsinks 20PCS ($8 Amazon)</li><ul><li>This is 5 sets of 4 different sized heatsinks, so i now have plenty of spares</li></ul><li>Argon One v2 ($20-25 Amazon)</li><li>Samsung Fit 64GB USB ($11-12 Amazon)</li></ul><div>Total price before tax: $82</div></div><div><br /></div><div>Raspberry Pi 4 with 2GB of RAM because it was not much more than either the 1GB version or Raspberry Pi 3B.</div><div><br /></div><div>You can get cheaper cases, but I liked the Argon the best. I considered many full coverage heatsink cases, but those left the GPIO pins and the sides of the board exposed and I didn't want the chance of those getting shorted or something getting in. There were other full aluminum housing, but I couldn't find any reviews about whether those affected the wifi range. So it was basically between the Argon One and Flirc. I chose the Argon over the FLIRC because it redirects all the connections to the back and has a fan with a controller.</div><div><br /></div><div>Even though the Argon One has heatsinks for the CPU and RAM, it did not have any for the Ethernet, USB, or Power Chip. Since the Argon One applies the power thru the GPIO headers and not the USB C port on the Pi, I figured that the power chip would not need cooled. However, since I am unsure about how much of a load scanning might put on the USB chip, I wanted a heatsink for that. Several other brand of heatsinks that I looked at had questionable reviews about how strong the thermal adhesive was.</div><div><br /></div>I went with a USB drive over a SD card because of the faster speed and increased reliability, but looking back I think I would change that. The USB boot feature of the Raspberry Pi and Ubuntu 20.04 aren't quite there.<br /><div><br /></div><h2 style="text-align: left;">Assembly</h2><div class="separator" style="clear: both; text-align: left;">First take the top of the Argon and see the exposed underside of the GPIO pins along the back (top of pic)</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiIaYdM5e8WTRYmEtSZ2VR7G3QFV0RQlcVAaAFWActjx3FIK2_ykGGshHaVQumJGURSkVMnVS2kVJjn2FxyNGTsuklrLsIu6w7eVVX54XU47AQNtudZJBXYVSsUzok6OpbDxO96pjN5rk/s5333/DSC_0302.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjiIaYdM5e8WTRYmEtSZ2VR7G3QFV0RQlcVAaAFWActjx3FIK2_ykGGshHaVQumJGURSkVMnVS2kVJjn2FxyNGTsuklrLsIu6w7eVVX54XU47AQNtudZJBXYVSsUzok6OpbDxO96pjN5rk/s320/DSC_0302.JPG" width="320" /></a></div><div><br /></div>I used electrical tape to cover the underside of the GPIO pins so my additional heatsinks will not accidentally short them<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKd-nZ4_rMXvT3fStr_mMkUjHXWr6sxy6QEDpjgdEvCzBbQKHtP9iwnx8Np2uqyxZF3t4LsPkDrOnXK83sXS27ovn1IbZ0uhR36vLdU4I-MN2zk3q-kCC3S46XFIUn68sOrJp0iOxnZ6I/s5333/DSC_0303.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKd-nZ4_rMXvT3fStr_mMkUjHXWr6sxy6QEDpjgdEvCzBbQKHtP9iwnx8Np2uqyxZF3t4LsPkDrOnXK83sXS27ovn1IbZ0uhR36vLdU4I-MN2zk3q-kCC3S46XFIUn68sOrJp0iOxnZ6I/s320/DSC_0303.JPG" width="320" /></a></div><div><br /></div>Install the Argon daughter board onto the Pi<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0ZQnedsC66ra9MEi9YSc8bRBpAtGTo6uS6RlWcJOpslCFACbfWsYTkpp7TQZy6tc5GP_bYpCaiJcH8TSt6FEEunNaVvVrIvBOLWanU-WFmgYkjjkaKv23ElmOvbpWNnF8ByYqa4y4SUg/s5333/DSC_0304.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0ZQnedsC66ra9MEi9YSc8bRBpAtGTo6uS6RlWcJOpslCFACbfWsYTkpp7TQZy6tc5GP_bYpCaiJcH8TSt6FEEunNaVvVrIvBOLWanU-WFmgYkjjkaKv23ElmOvbpWNnF8ByYqa4y4SUg/s320/DSC_0304.JPG" width="320" /></a></div><div><br /></div>I then placed the heatsinks on the ethernet and USB controller<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0iqTkdfdNCnIBtZruSshkwxKdOPar6YM3Iqxeg9HdtrTybgaVD2FY4d5F8zCG17nID8bsND_J80YUtUdca0WkNJp52EVXoOfYMyeAXa6Ipl95aTJXYc58IebzeNlYMYaY859o8rU3A6M/s5333/DSC_0305.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0iqTkdfdNCnIBtZruSshkwxKdOPar6YM3Iqxeg9HdtrTybgaVD2FY4d5F8zCG17nID8bsND_J80YUtUdca0WkNJp52EVXoOfYMyeAXa6Ipl95aTJXYc58IebzeNlYMYaY859o8rU3A6M/s320/DSC_0305.JPG" width="320" /></a></div><div><br /></div>Place the thermal pads on the Argon lid and then place the Pi and daughter board into the top of the Argon case<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFN5yWfjNxJXQ3QJ-l2Ass5QSkl5u0sjuZhTkwR28VxlDew6VsijrJK7zli3OJwBzr7cHyGbdvWAwDOdR0VXrUgIk8cc9SAc6Rg0_-MTQB-1zq-4pyMBtMG-iZT1R5U_dhdlzaZT-NdtY/s5333/DSC_0306.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjFN5yWfjNxJXQ3QJ-l2Ass5QSkl5u0sjuZhTkwR28VxlDew6VsijrJK7zli3OJwBzr7cHyGbdvWAwDOdR0VXrUgIk8cc9SAc6Rg0_-MTQB-1zq-4pyMBtMG-iZT1R5U_dhdlzaZT-NdtY/s320/DSC_0306.JPG" width="320" /></a></div><div><br /></div>Use the short screws to keep them in place<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLEpHAWQ_cK_JDFc_ybjGQ50fQ0-TmsSKoZX7ZLdmjNqNfgOzqysLzBoSWt8rZa0FPx032j4WHYX6ogeI99_eXBNvRERYLzgkNipGlBvdnUdHFvvYjcFaSGCnEJF4HmoGfch_5Hya9dgw/s5333/DSC_0308.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLEpHAWQ_cK_JDFc_ybjGQ50fQ0-TmsSKoZX7ZLdmjNqNfgOzqysLzBoSWt8rZa0FPx032j4WHYX6ogeI99_eXBNvRERYLzgkNipGlBvdnUdHFvvYjcFaSGCnEJF4HmoGfch_5Hya9dgw/s320/DSC_0308.JPG" width="320" /></a></div><div><br /></div>Install the long screws and the rubber feet<br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1NM5Kz6mpTFjb8TTccsxB_IZCuytUb5jZgAfXDYJdjXDmGnCC0QDs2wbhHAFzYQzDsrLm98Z2AlrQ3nKIVjG1hyM07Ln4KTkk0nKnXYcaqz2al3OdZHWn47NORaJV9v-TTKCiSNYaX1I/s5333/DSC_0310.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="3000" data-original-width="5333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1NM5Kz6mpTFjb8TTccsxB_IZCuytUb5jZgAfXDYJdjXDmGnCC0QDs2wbhHAFzYQzDsrLm98Z2AlrQ3nKIVjG1hyM07Ln4KTkk0nKnXYcaqz2al3OdZHWn47NORaJV9v-TTKCiSNYaX1I/s320/DSC_0310.JPG" width="320" /></a></div><br /><div><br /></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-13086033254844376622021-01-16T22:09:00.000-05:002021-01-16T22:09:17.765-05:00Brother MFC-7360N and Windows 10 64bit<p>A friend of mine recently got a new Windows 10 laptop and was trying to install the drivers for their Brother MFC-7360N from Brother's website (<a href="https://support.brother.com/g/b/downloadlist.aspx?c=us&lang=en&prod=mfc7360n_all&os=10013">https://support.brother.com/g/b/downloadlist.aspx?c=us&lang=en&prod=mfc7360n_all&os=10013</a>), but the setup would always get stuck saying to connect the printer with USB when they already had.</p><p>First step was to check Device Manager, which had a USB Composite Device with a yellow triangle that said something about an "operation failed". I immediately thought this was the problem and had them uninstall it. However, it always came back with the same yellow triangle no matter what we did.</p><p>I then googled "install brother printer on windows 10 usb composite device" and came across this post (<a href="https://appuals.com/brother-printer-usb-composite-device-error-code-10/">https://appuals.com/brother-printer-usb-composite-device-error-code-10/</a>) and it said that the printer required a firmware update to work with Windows 10 via USB. The other option would be to strictly use it as a network printer.</p><p>We then used their old laptop with Windows 7 on it to install the updated firmware from the same brother site.</p><p>After the printer was updated, installing the driver in Windows 10 worked like normal!</p>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0tag:blogger.com,1999:blog-4896311981114896042.post-84879858141125602942020-07-30T22:21:00.000-04:002020-07-30T22:21:45.583-04:00Let's Encrypt SSL Certificate for Dynamic DNS HostAs I was tired of having to add an exception when wanting to visit my personal website, I decided it was time to use Let's Encrypt to get a signed SSL certificate. Luckily it was easier than I thought. Here are the simple steps that I followed.<div><ol style="text-align: left;"><li>Add the ppa repository</li><ul><li><span style="font-family: courier;">sudo add-apt-repository ppa:certbot/certbot</span></li></ul><li>Install the cli tool</li><ul><li><span style="font-family: courier;">sudo apt install python-certbot-apache</span></li></ul><li>Run the cli tool</li><ul><li><span style="font-family: courier;">sudo certbot --apache -d <dynamic dns host name></span></li></ul><li>Answer the questions that included:</li><ul><li>Email Address</li><li>Select which conf file to add to (For me it was /etc/apache2/sites-available/default-ssl.conf)</li></ul><li>Check that my SSL certificate was now signed</li></ol><div><br /></div></div><div>TODO: Automate the renewal</div><div><br /></div>Jeffhttp://www.blogger.com/profile/04161533111366918795noreply@blogger.com0