I finally wired up the big LEDs and made an acrylic mounting board for all the parts. I laser cut holes in the board and tapped them with an M3 tap. That allowed me to mount the circuit boards directly to the mounting board. I used Dupont connectors to wire everything up which gives a very neat finish I think.
Sometimes you want to preserve file permissions under subdirectories in linux with ACLs but that’s not the whole story. If you want multiple users to be able to read and write to these files, and the group permissions to stay correct, you need to set ACLs and also group +s on the subdirectories. This is to ensure new files and directories are also created with the correct permissions and group ownership.
I wrote a small script that takes a group and a directory as parameters, and recursively fixes the permissions and set new ACL and group permissions so in future, new files will have the correct permissions.
I put set-acl-permissions on github.
It blindly recursively sets permissions so be careful. Also, it may well contain bugs that could cause catastrophic failures.
A while ago I broke my favourite mug. After a long and difficult search I found a new mug. A mug with the periodic table of elements entry for uranium on it. It also glows in the dark. Gav from the hacker space has a Geiger counter so I took the opportunity to measure the radioactivity of my mug. Luckily it’s not radioactive at all. Only 0.106μSv/h (micro Sieverts per hour).
Sometimes you might need to copy a whole directory from a remote host, but the remote host does not have enough space to tar the whole thing up and then sftp it off. The solution is to tar/bzip the directory and stream it directly to your local host:
ssh root@remotehost 'tar cjf - /path/to/somedirectory' | pv -cN tar > somedirectory.tar.bz2
Using pv (pipe viewer) gives you extra progress bar goodness:
tar: 176MB 0:09:14 [ 371kB/s] [ <=> ]
I’ve been on a quest to find a good remote for MythTV. My first try was with a Logitech Harmony. Those things are nasty horrible pieces of crap. I’d never touch one again. Programming it is a nightmare. It does not have a generic PVR option so you have to fake it to make it work with Mythtv by telling it its another device and learning those codes in LIRC. It is a very slow device with what felt like a 500ms delay with each keypress. It also tried to know what state your equipment was in so that it could turn things on and off, but of course it would always be out of sync and then you’d have to go through this process of turning things on and off until it was in sync again.
Enter the HP MediaSmart IR remote, also known as HP RC2285202/01. These devices used come with a media player box that HP used to sell. As far as I can tell, its not in production anymore but the remotes are readily available on Ebay.
- Dedicated IR codes for the PVR. On previous universal remotes I have used, I was unable to find a “code” setting that would make all the buttons active, that I could then learn in LIRC.
- Back-lit keys. All the keys seem to be backlit. Some universal remotes either only backlight a few keys or have no backlight at all.
- Cheap. A$23 with USB receiver, delivered.
- Universal remote. Can control 5 devices including your PVR.
- Punch Through. Some buttons like volume and mute can punch through from the TV or Amp, to the PVR device. IE. you can make it turn the volume up on the amp when you press the volume button when in PVR or TV modes.
- Takes standard AA batteries.
There are a few downsides too:
- Difficult to get going (solved now that you have found this blog post)
- Punch through does not work on all buttons. Namely Power and Source. This is annoying but solvable with a pulse-eight CEC adapter
I spent many hours trying to work out why it would not work on my system. In the end it came down to two things.
For some reason LIRC does not work correctly with MCEUSB receivers that are plugged into USB3 sockets.
You need to tell the kernel to treat the receiver as lirc rather than anything else, in order for LIRC to be able to connect to it:
$ sudo sh -c "echo lirc > /sys/class/rc/rc6/protocols" $ sudo cat /sys/class/rc/rc6/protocols rc-5 nec rc-6 jvc sony mce_kbd [lirc]
The word [lirc] surrounded with square brackets tells you it worked.
I implemented this at boot time by adding
to /etc/rc.local and then in /etc/rc-scripts/start-lirc
#!/bin/bash echo "Making lirc the default for rc" echo lirc > /sys/class/rc/rc0/protocols echo "Starting lircd" /etc/init.d/lirc start
Remove lirc from the normal startup process:
$ sudo update-rc.d lirc remove
Test your configuration (retrieve HP-RC2285301-01.conf below):
$ sudo /usr/sbin/lircd -n -d /dev/lirc0 -P ./lirc.pid HP-RC2285201-01.conf $ irw
And when you press the keys on your remote, you should see some output from irw.
- Don’t bother with the install script. I found it to be broken. And when it breaks during install, it leaves you in a state that’s very hard to understand and fix. In the end it was easier to install FreeSWITCH by hand, get that working, to the extend that you can make inter extension calls, then proceed with the FusionPBX install.
- Install FreeSWITCH by following the Quick Install Guide.
- Commit the entire FreeSWITCH configuration to git so its easy to roll back when you reinstall FusionPBX. Switch to a new branch before making further changes.
cd /usr/local/freeswitch git init echo 'db/*' >> .gitignore echo 'log/*' >> .gitignore echo '.svn*' >> .gitignore git add -A git commit -m "Initial Commit" git checkout -b try1
- Get the latest version of FusionPBX from svn.
cd /usr/src svn checkout http://fusionpbx.googlecode.com/svn/trunk/ fusionpbx cd fusionpbx cp -a fusionpbx /var/www/fusionpbx
- Create a fusionpbx site for apache and enable it. Note that this makes fusionpbx appear at the root of your site. Create fille called fusionpbx in your /etc/apache2/sites-available directory and put the following in it:
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName freepbx.example.com DocumentRoot /var/www/fusionpbx <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/fusionpbx/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug CustomLog /var/log/apache2/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost>
Then enable the site with
- after installing FusionPBX, commit the entire configuration to git to make rolling back easier. Switch to a new branch before making further changes.
- set up a FQDN for the box running FreeSWITCH and FusionPBX
- use ACL to allow www-data to make changes to the /usr/share/asterisk directory
And after you install and you realise it didn’t quite go as planned
- Reset the postgresql database:
root@fusionpbx: # su - postgres postgres@fusionpbx:~$ psql postgres=# drop database fusionpbx; postgres=# create database fusionpbx; postgres=# alter user fusionpbx with password 'XXXX'; grant ALL PRIVILEGES ON DATABASE fusionpbx to fusionpbx;
- revert your FreeSWITCH configuration using git
- revert your FusionPBX configuration using git
I needed to allow access to my Dashing dashboard over ssl from the Internet. I decided to proxy it behind Apache and get Apache to do all the SSL heavy lifting, mainly because I couldn’t work out if and how you could enable SSL within Dashing itself.
It turned out to be quite simple to implement. I simply created a vhost configuration for my dashboard and enabled it in Apache.
Create a file called dashboard in /etc/apache2/sites-available/ with the following content:
<VirtualHost *:80> ServerName dashboard.example.com Redirect permanent / https://dashboard.example.com/ </VirtualHost> NameVirtualHost *:443 <VirtualHost _default_:443> SSLEngine On SSLCertificateFile /etc/ssl/CAcert.cert.pem SSLCertificateKeyFile /etc/ssl/private/key.pem ServerAdmin webmaster@localhost ServerName dashboard.example.com ErrorLog "/var/log/apache2/dashboard-error_log" CustomLog "/var/log/apache2/dashboard-access_log" common <Proxy *> Order allow,deny Allow from all </Proxy> ProxyPass / http://mylocalserver.example.com:3030/ ProxyPassReverse / http://mylocalserver.example.com:3030/ </VirtualHost>
Ensure the proxy modules are enabled:
$ sudo a2enmod proxy Enabling module proxy. To activate the new configuration, you need to run: service apache2 restart $ sudo a2enmod proxy_http Enabling module proxy_http. To activate the new configuration, you need to run: service apache2 restart $
Enable the new dashboard site:
$ sudo a2ensite dashboard
Check your configuration is working before restarting apache:
$ sudo apachectl configtest Syntax OK $ sudo service apache2 restart [ ok ] Restarting web server: apache2 ... waiting . $
Don’t forget to delegate your dashboard.example.com hostname to resolve to your apache server’s IP address.
Now visit http://dashboard.example.com/name_of_your_dashboard. Your browser should automatically get redirected to https://dashboard.example.com/name_of_your_dashboard and you should see your dashboard.
Our heated towel rail’s brackets broke from old ages recently. After investigating getting a new towel rail and finding out they were quite expensive, I decided to try and design and 3D print new brackets for it.
The first cut of the design turned out to have too little space for the nuts. A second draft with a little more space and it worked perfectly.
The top left of the above image shows the broken parts and the bottom center shows 2 of the 3d printed replacement parts.
Have you ever wanted to give several users permission to work on files within a directory, but then struggled with what permissions and user:group ownership to set them to so users can always edit the files?
You might think the solution is to make the parent directory owned by a common group, lets say dev, and then try and make the permissions flow through to the files within. This doesn’t work though, and new files will still be created with the user’s umask, typically 644, which is no good as it results in the other users not being able to edit the file.
The solution lies in ACLs (Access Control Lists). Thanks to Pelle at Stackoverflow for making such a concise set of steps to set this up. Blatantly copied here:
First add the acl option to the mounted partition where the directory is you want to apply this to. Add the acl option to the mount point in /etc/fstab:
/dev/xvda1 / ext3 errors=remount-ro,acl 0 1
Then remount the filesystem to enable it:
# mount -oremount /
Then set the permissions using the setfacl command:
# setfacl -dm u::rwx,g::rwx,o::r /shared/directory
Test by creating a new file in /shared/directory:
/shared/directory$ touch test /shared/directory$ ls -al test -rw-rw-r-- 1 jason dev 0 Feb 20 12:37 test
Marvel in the wonders of modern filesystems.