Categories
Business Technology Tutorial Ubuntu

Installing Formtools on a Server with WordPress

I’m not sure how niche this need is but I was in need of making a quick website and then suddenly needed a quick but robust web form tool. I I thought for sure I had written at least a blog or two about this awesome tool at formtools.org but apparently I have not. I deeply apologize to all the folks and contributors of this awesome and free and open software project. This is indeed the ‘swiss army knife’ of web form tools and I would love to write more about it one day.

For now, I will simply map out how I got the tool working for this specific need.

Disclaimer: I am an untaught system administrator meaning “I learn as I go’ so if there is a better way to do this, cool. I just search a solution and figure it out as I go until it works and improve as I go.

More precise disclaimer:

If you run this tutorial and set it up like I did, keep in mind you will have to back up the hard files and database SEPARATELY of course since this thing has nothing to do with WP and runs by itself. So if you change servers, upgrade WP etc, it will probably wipe it out since it’s in the same directory. Who knows. Probably this ‘forms’ directory we’re creating should live in a totally separate directory outside of WordPress (“WP”) and then have a separate configuration file created in /etc/apache2/sites-enabled/ directory and point to the root that way. However, I just needed it up and going for now so I stuck it in the /var/www/html directory where the rest of WP was functioning perfectly.

Before you begin

Assumptions

  • This assumes you are running an ubuntu server for your WP install
  • You have your super user sudo user (or higher) at your server
  • You already have your WordPress site up and running.

Get Formtools Zip File on Local Machine

  • Install ‘unzip’ tool on your ubuntu server with: sudo apt install unzip
  • Download the most recent Formtools zip file from here somewhere on your local machine. I tried to curl it there. I tried to wget it there, and many other attempts but seemed to keep failing. Hence this method. It seems sftp comes installed on most ubuntu installs which is a great tool – I didn’t even know about before I wrote this post.
  • On your local machine, with command line, navigate to directory where your downloaded formtools zip file is located with cd command

Put the Formtools Zip File on your Ubuntu Server

You can do this with FTP client or whatever method you like but I really like this sftp tool… quick and easy, works just like ssh.

  • In directory where zip file is, connect to WP ubuntu server: sftp username@wordpressserverIPOrDomain.com
  • Enter password
  • Put zip file on server (goes to home directory): put FormTools3.0.20-20191109.zip (of course adjust filename if it’s different)
    Should print out something like this:
sftp> put FormTools3.0.20-20191109.zip 
Uploading FormTools3.0.20-20191109.zip to /home/sysmin/FormTools3.0.20-20191109.zip
FormTools3.0.20-20191109.zip                  100% 8995KB 753.7KB/s   00:11 
  • Type ‘exit’ to get out of sftp thing

Setup Your WP Ubuntu Server for Formtools Installation

  • ssh into your WP server:
    ssh username@wordpressserverIPOrDomain.com
  • Move to your WP directory:
    cd /var/www/html/
  • Create a directory name where your forms will live. NOTE: Make this directory name logical since your forms will have this URL in it. In this case I chose ‘forms’ as the name but do what you feel is best:
    sudo mkdir forms
  • Move back to your home directory on server where your uploaded .zip file shold be sitting
    cd ~
  • Move the zip file to the new directory you made in the midst of your WP install directory:
    sudo mv FormTools3.0.20-20191109.zip /var/www/html/forms
  • Go there to make sure it made it there:
    cd /var/www/html/forms
  • Assuming it made it there, unzip it there:
    sudo unzip FormTools3.0.20-20191109.zip
  • Print what you have in the directory to see that you have both the original Formtools zip file and the newly extracted non-zip version:
    ls
  • Remove the original Formtools zip file as you shouldn’t need it again:
    sudo rm FormTools3.0.20-20191109.zip
  • Get rid of the Formtools directory (a bit long) and move all the files within, one level up into our custom-created ‘forms’ folder where we currently are. This command says, with the * asterisk, ‘move everything in the formtools directory to the /var/www/html/forms directory.
    sudo mv -v formtools/* /var/www/html/forms/
  • Everything should now be good. Might as well wipe away the now-empty ‘formtools’ directory:
    sudo rmdir formtools

Assuming you did everything here you should now be able to go to your domain name where your WP is installed ‘yourdomain.com/forms’ in a browser and be greeted with the install script page for Formtools. From there you’ll have to do your own study on this great tool but hope this helps.

Setting Correct Permissions

After running the pre-flight stuff for the first time I got notified that the ‘upload’ and ‘cache’ directories did not have write permissions. I’m not sure if this will happen to you so I thought I should log it for all of us:

  • Set the owner of the newly created ‘forms’ directory to ‘www-data’ (adjust as you need). the -R sets the owner down the whole directory: sudo chown-R www-data:www-data /var/www/html/forms/
  • Assign the correct permissions to the same directory: sudo chmod -R 755 /var/www/html/forms/

For full disclosure the first time I did these commands I had issues with permissions. However, after messing with permissions again and running exactly as per above, it started working so my theory is that I goofed something in those first commands. If you run into headaches, try assigning permissions again to the main forms folder separately with sudo chmod 755 /var/www/html/forms/ (assuming you are in the html directory when you run it) and then again with the -R sudo chmod -R 755 /var/www/html/forms/. At one point I put the dash in front of the 755 and yeah… don’t do that. HA!

Create the MariaDB Database

Go figure! I thought this thing was going to magically auto-create me a data base but it looks like no such joy shall be mine. Good thing is that I already suffered the pain of learning how to create a database with MySQL so I’ll plop those instructions here and follow them again:

I thought that WP would come with Mariadb version of mysql but it does not. It’s some other version but some of the commands still work.

  • Log in to mysql: sudo mysql -u root -p
  • Enter password: .. I used my Digital Ocean’s sudo user’s password / root user and it seemed to work. What are the odds? woot woot. If you are on a different system you’ll probably have to walk the the setup of a secure mysql admin user/password.

Now I’ll try to create my database with the database name that I already saved to my password manager above. I’ll call the database ‘forms_db’ :

  • Create database with database name ‘forms_db’ (you can call it what you’d like):
    CREATE DATABASE forms_db;
  • Ceate the user and password for the database replacing username and password in the following code with yours between the apostrophes:

CREATE USER 'username_here'@'localhost' IDENTIFIED BY 'new_password_here';

Looking good…

On MariaDB I used to do this, but apparently WP comes with some other MYSQL thing and this next command does NOT work:

GRANT ALL ON forms_db.* TO 'username_here'@'localhost' IDENTIFIED BY 'same_password_here' WITH GRANT OPTION;

  • I searched online and found this which ultimately worked whatever version of mysql WP uses:

GRANT ALL ON forms_db.* TO 'username_here'@'localhost;'

got this response which ultimately seemed to indicate it worked:

‘Query OK, 0 rows affected (0.00 sec)’

  • Flush it like you mean it: FLUSH PRIVILEGES;
  • Get outta dodge: EXIT

yay. got outta dodge…

Finishing Install of Formtools

Now, back to the Form Tools install (yourdomain.com/forms) page now that I have some database user stuff to enter. Here is what I stuck in there, mainly leaving the defaults:

1. Enter Formtools Stuff

database hostname: localhost
datbasename: forms_db
port: 3306
Database username: 'username_here'
Datbase password: 'same_password_here'
Database table prefix: ft_

2. Accept config file
The next screen ‘Create Config File’ seems to be a friendly heads up that it will automatically create the config file based on the info you are submitting. I will accept their friendly offer and click ‘create file’ button.

This went well too.

3. “Create Admin Account”
This part is to give your admin user power over the tool box, much like your wordpress main admin user. Nothing complicated here, fill in the username and password stuff and save credentials safely in your password manager or on the sticky note beside your monitor like most people, har har.

4. Finish up

I got a ‘Clean Up’ message with a ‘Congratulations, Form Tools has been successfully installed!’ so that’s also looking good.

There is a green “log into Form Tools’ button that appears. After clicking it I was greeted with user / password fields and I used the credentials we just created above which successfully logged me in.

Don’t forget my disclaimer at the top. I’m not a qualified system admin. I’ll therefore paste this warning again so you can plan accordingly and adjust:

If you run this tutorial and set it up like I did, keep in mind you will have to back up the hard files and database SEPARATELY of course since this thing has nothing to do with WP and runs by itself.  So if you change servers, upgrade WP etc, it will probably wipe it out since it's in the same directory.  Who knows.  Probably this 'forms' directory we're creating should live in a totally separate directory outside of Word Press and then have a separate configuration file created in /etc/apache2/sites-enabled/ directory and point to the root that way.  However, I just needed it up and going for now so I stuck it in the /var/www/html directory where the rest of WP was functioning perfectly.

The next part is learning how to use form tools which isn’t super intuitive the first round but very powerful. I hope to do a series on this one day but for now hopefully this helps someone.

Have a great day!

Categories
Business suitecrm Technology Tutorial Ubuntu

HOW TO INSTALL SUITECRM ON UBUNTU SERVER

Suitecrm is absolutely awesome, free and open software to run your organization or business. I’ve messed around with various crm’s like Salesforce but SuiteCRM is just so flexible. Oh, and it doesn’t cost any money. Oh, and if you need help or other stuff you can just pay people to build what you need. I haven’t explored all sectors but most business owners I know have found it to be excellent.

I thought I would have to write a long, detailed tutorial on this but thankfully I landed on this really excellent step-by-step tutorial.

I think there is a better way to install PHP, though, rather than copying all those individual PHP packages, but I’m too busy to look that up now. You can try, but this tutorial works. My only concern is that these packages and requirements might change over time so the one-stop-shop for installing all php packages is probably the better way to go.

I followed all the instructions in this tutorial above and successfully ended up with SuiteCRM running on my Ubuntu server on Digital Ocean droplet platform.

However, there were two things not covered which are important:

  1. It was not SSL encrypted HTTPS:// so at the end of all the installation stuff, I needed to do that and
  2. There was no mention of the important step of setting up the cron jobs which is one of the life-blood features of SuiteCRM since it is very good at sending out workflow reminders and other alerts by email. Cron jobs control this. The instructions are on the install page of the last step, as you can see, but I will make it more clear with a start-to-finish tutorial as follows:

Big Step 1 – Set up the Digital Ocean Droplet

  1. Make sure you already have a domain purchased and reserved for your needs. This is optional but I will assume you’re doing this for tutorial.
  2. Initiate your server / droplet
    I won’t give detailed instructions here because there is lots of documentation out there. I selected one with 2GB of ram (at time of writing it’s $10.00 uSD /month for this) only because the teacher recommended it. I didn’t research hardware specs and what I should do. Your needs may be different. I know using Nextcloud Talk uses a bit of RAM but not sure how much for a large conference.. worth investigating perhaps? I might also recommend calling your subdomain ‘nc’ instead of ‘files’ like I did in my example since you might do much more than ‘files’ with NC. “office.domain” or ‘nc.domain’ or ‘cloud.domain’ might make more sense?
  3. In your domain registrar, point your domain to your server’s name host. In my case it will be digital ocean’s which I will pull from the ‘networking’ section after adding the domain to Digital Ocean. In my case I already had a test domain setup, so what I did was set up a subdomain called “files.domain.com”. The reason you want to do this right away is because
  4. Set up your SSH keys
    Before you install the droplet, make sure your SSH keys are set up properly because you are going to use them a lot in the terminal. Here is some ssh tutorial. Note that it’s a little hard for me to find SSH stuff in the DO backend so for the records it’s at settings / security and then a tab (I think…). If you already have a DO space and SSH keys setup, you are already ready and can use those keys again.
  5. SSH into your new server
    ssh root@123.123.123.123

Note 1: Normally at this point when I install a server I do the usual sudo apt update and sudo apt upgrade but the main install script for Postal does this for you it seems.

But… you don’t have a sudo user yet so here you go:

Big Step 2 – Make a sudo (non-root super user) user

Set up a non-root user account on the server. This is to reduce your chances of typing a wrong command and killing all your hard work and data.

This is a nice detailed tutorial on this if you’d like here.

Otherwise, this summaries it:

  • Log into the server as root: ssh root@123.123.123.123
  • Make sysadmin user: adduser sysadmin and follow the prompts (should be password prompt and then a few questions)
  • Add new user to the sudo list: sudo usermod -aG sudo sysadmin
  • Switch to new sysadmin user: su sysadmin
  • (Optional) Test the new-found powers by running this and then cancelling: sudo dpkg-reconfigure tzdata

Helpful note
If you find you are not getting prompted for the questions after running the adduser command, it might be because you accidentally ran useradd command like me… weird how it works both ways…

Big Step 3 – Install SuiteCRM

Installing SuiteCRM, as mentioned above, is as simple as taking the time to follow this really excellent step-by-step tutorial

Big Step 4 – Secure your Installation with LetsEncrypt

SuiteCRM is good for moving company and organizational data, so you better protect that data with encryption.

  1. Add the PPA: sudo add-apt-repository ppa:certbot/certbot
  2. Install the certbot: sudo apt install python-certbot-apache
    Note: on Ubuntu 20, it seems to be this one now, so check if you hit any snags: sudo apt install certbot python3-certbot-apache
  3. Test the syntax of, what I believe, are the conf files and apache conf files: sudo apache2ctl configtest. If you get an ‘OK’ message, continue. If you change anything in your conf files, don’t forget to reload Apache after sudo systemctl reload apache2
  4. Enable the firewall: sudo ufw enable
  5. MISSION CRITICAL Right here and right now, be sure you allow the ssh rule in the firewall rules, otherwise, you’ll get locked out of your server like I did. Thankfully with DO if you do get locked out you can go in through their virtual console, but still…So, simply run this line of code to open up SSH in the firewall: sudo ufw allow ssh
  6. Let https traffic through so that Letsencrypt can do its thing: sudo ufw allow 'Apache Full'
  7. Check the firewall status which should show active, as well as show BOTH 22/tcp and Apache Full enabled for both ipv4 and ipv6. Don’t continue until these are both present: sudo ufw status
  8. RUN IT sudo certbot --apache -d your_domain -d www.your_domain
  9. Most questions are easy to answer. choose option 2 forcing redirects to https
    Note! It seems after you choose this it’s forever impossible to connect with regular http:// on port 80. This may be important? Not sure…
  10. Test your domains here to make sure https:// is working. Try going to them in a browser to see if you can still reach the SuiteCRM pages and then the lock icon is on. If not, make sure you’ve typed in https:// before URL. In the future, if you chose ‘redirect all’ in steap 9 above it should not require typing the https:// unless there is a problem.
  11. Repeat steps 8-10 for other domains (ie. domain2.com) if required adjusting as appropriate
  12. When done all your domains, do a dry run renewal to make sure renewal process is working well too: sudo certbot renew --dry-run

Bonus SubSection! How to get rid of Letsencrypt Stuff When everything goes sideways
Sometimes we make mistakes and things go wrong with SSL certificates. If you want to rule out Letsencrypt and your certs from the equation, it’s not entirely simple to get it out of your system, as I thought it was. So, here is your bonus section in case you need it nearby:

  1. Disable the letsencrypt conf file: sudo a2dissite prestashop-le-ssl.conf
  2. Totally uninstall letsencrypt (‘certbot’) sudo apt remove --purge python-certbot-apache
  3. Purge these dirs of their certs:

rm -rf /etc/letsencrypt
rm -rf /var/log/letsencrypt
rm -rf /var/lib/letsencrypt
rm -rf /path/to/your/git/clone/directory (seemed not applicable)
rm -rf ~/.local/share/letsencrypt (seemed not applicable)

BONUS SECTION – Little Tips on Install Page

From the SuiteCRM install page, a few things I had to spend time learning that I think are worth sharing are:

  • the ‘upload’ button on the logo in the ‘branding’ section doesn’t seem to work at that stage. Does it work if you point the file to directory and then not push upload? to confirm…
  • If you have an email setup that will send emails from the system, then you can have that ready. If you are just doing some testing you can use some fake gmail account if you want, I suppose. Otherwise, if you don’t fill anything in it doesn’t hinder your installation, but you will not have the important email notification functionality.
  • The default install script automatically auto-filled my host field as my website domain. Then I got this error message in red: “The provided database host, username, and/or password is invalid, and a connection to the database could not be established. Please enter a valid host, username and passwordThe provided database host, username, and/or password is invalid, and a connection to the database could not be established. Please enter a valid host, username and password”
    After I changed this auto-filled domain back to localhost (like in the tutorial screenshot) in the host field and pressed ‘next’ everything rolled ahead smoothly again.

Now that you are set up with SuiteCRM, there are a few ‘housekeeping setup things’ I do right after installation, such as cron jobs, setting up your email, etc. You can check that out on my SuiteCRM Post-Installation Housekeeping

I hope this helps you get started with the best CRM around!

Categories
Business Freedom and Privacy Nextcloud Technology Tutorial Ubuntu

Installing Nextcloud on Digital Ocean Ubuntu Server Droplet

Disclaimer: As always, my blogs are not supposed to be a well-written piece of technical literature but instead a better-than-crap version of a messy notepad. I hope it’s clear enough to help someone other than myself but I always check them to make sure at least I can understand it, ha.

It seems that there is a nice blog written and that Nextcloud (NC) is also a ‘snap’ to install on a server.

At some point in the process of learning this I assumed you had to install either NGINX or APACHE2 but, apparently it comes packaged with Apache and no one told me. So good news. Now you know. The other cool thing I learned is that it comes with its own LetsEncrypt easy-installer thing…

I noticed the blog starts by assuming you know how to create a sudo user and do your firewall stuff but let’s not assume that because probably there are others out there like me. Thankfully I’ve already written this for myself elsewhere so I’ll be able to paste those instructions right in this instructional as the first few “Big Steps”.

I will follow this nice blog

Any time you see ‘123.123.123.123’ this is your IP address for your server. Replace it with your actual one, of course.

You should also have a nice password manager set up to save yourself much time and pain as you learn. I recommend keepasxc

Let’s get started

Big Step 1 – Set up the Digital Ocean Droplet

  1. Make sure you already have a domain purchased and reserved for your needs. This is optional but I will assume you’re doing this for tutorial.
  2. Initiate your server / droplet
    I won’t give detailed instructions here because there is lots of documentation out there. I selected one with 2GB of ram (at time of writing it’s $10.00 uSD /month for this) only because the teacher recommended it. I didn’t research hardware specs and what I should do. Your needs may be different. I know using Nextcloud Talk uses a bit of RAM but not sure how much for a large conference.. worth investigating perhaps? I might also recommend calling your subdomain ‘nc’ instead of ‘files’ like I did in my example since you might do much more than ‘files’ with NC. “office.domain” or ‘nc.domain’ or ‘cloud.domain’ might make more sense?
  3. In your domain registrar, point your domain to your server’s name host. In my case it will be digital ocean’s which I will pull from the ‘networking’ section after adding the domain to Digital Ocean. In my case I already had a test domain setup, so what I did was set up a subdomain called “files.domain.com”. The reason you want to do this right away is because
  4. Set up your SSH keys
    Before you install the droplet, make sure your SSH keys are set up properly because you are going to use them a lot in the terminal. Here is some ssh tutorial. Note that it’s a little hard for me to find SSH stuff in the DO backend so for the records it’s at settings / security and then a tab (I think…). If you already have a DO space and SSH keys setup, you are already ready and can use those keys again.
  5. SSH into your new server
    ssh root@123.123.123.123

Note 1: Normally at this point when I install a server I do the usual sudo apt update and sudo apt upgrade but the main install script for Postal does this for you it seems.

But… you don’t have a sudo user yet so here you go:

Big Step 2 – Make a sudo (non-root super user) user

Set up a non-root user account on the server
This is a nice detailed tutorial on this if you’d like here.

Otherwise, this summaries it:

  • Log into the server as root: ssh root@123.123.123.123
  • Make sysadmin user (you can name it what you’d like and don’t have to use ‘sysadmin’): adduser sysadmin and follow the prompts (should be password prompt and then a few questions)
  • Add new user to the sudo list: sudo usermod -aG sudo sysadmin
  • Switch to new sysadmin user: su sysadmin
  • (Optional) Test the new-found powers by running this and then cancelling: sudo dpkg-reconfigure tzdata
  • If this last part worked (and conveniently also set up your time stuff!) then you should be good to move forward with your new non-root user.

Helpful note
If you find you are not getting prompted for the questions after running the adduser command, it might be because you accidentally ran useradd command like me… weird how it works both ways…

From here, follow this blog again and make sure you follow his exact firewall rules. The SSH is already done but the rest seem to be an updated way of doing it, and when I was trying the older way I had nothing but headaches.

I would add these notes to go with the end of his blog where he is talking about checking the non-root user. This is how I had to think about it:

  • To be sure non-root user is working before logging out as root, open new terminal window (so both are open)
  • Try to log in with your new non-root user with ssh sysadmin@123.123.123.123
  • If successful, log out of your root user and continue and you can close the original root terminal window

Big Step 3 – Checking the Ports

Just before beginning the install of Nextcloud via snap, just take a minute to check your ports. I wasted the good part of a day over this.

Before moving on, take a moment to check your ports with a website like this and make sure at least 443 and 80 are open for all the domains you have set up for this box and also the IP address.

Big Step 4 – Follow the Nextcloud Install blog!

Thankfully the same author as the blog above also wrote a blog on how to install the Nextcloud snap. I tried other blogs but they were all dying and I think it’s because something has changed between ubuntu 18.04 and 20.04… not sure, but this nextcloud setup blog was the only one that worked for me.

Some of my notes to go with his great blog:

  • I liked the idea of using a command line to covertly create the user / pass for master admin account, rather than exposing that to the internet and hope no one lands there before you do. It shows that all you have to do is run this:

sudo nextcloud.manual-install <username> <password>
for example
sudo nextcloud.manual-install sammy password

However, when I ran it it hung and never finished:

sysadmin@files:/root$ sudo nextcloud.manual-install sammy password
>

Well, it turns out there must have been something ‘weird’ with the auto-generated password I had. It was loaded with special characters so perhaps one of those characters was not acceptable to the NC database? Not sure, but after I removed special characters from the password (not advised!) it worked fine with the syntax above.

Otherwise, you can go to the non-https web page and configure the admin account yourself via the gui.

Note this: Another way to deal with trusted_domains list

I would also add these notes to go with the ‘trusted_domains’ conversation in the blog. This was a bit new to me and caused me a few headaches over the last few weeks so I wanted to leave a record of ‘another way’ to deal with them.

I was greeted with this issue which i needed to solve.

The blog above has the very simple-looking command to add trusted domains to a list that will allow access to the nextcloud instance. The command is as follows:

sudo nextcloud.occ config:system:set trusted_domains 1 --value=example.com

What was not taught here is what’s going on though. the 1 is the array number that gets logged in a php file somewhere in Whoknowswhereville, USA, so for each one that you add (ie www, ip address, main domain, etc,) be sure to incremement it by one.

The defaul 0 will be ‘localhost’ so start with 1 and work up from there. Note also that you must have all the spaces verbatim. If you don’t have a space after the trusted_domains and after the 1, for example, you’ll have to sudo nano edit your mistake out, ha. So choose your poison. I find the sudo nano method below just as easy now that I know how to do it but I think the this one line command is great too if you are slow and steady.

Without further adoo, if you goof up a trusted_domain entry, you can manually edit the whole thing in the php array.

It took me a while, but I finally found it here:

cd /var/snap/nextcloud/current/nextcloud/config

The file is called ‘config.php’ and to edit it you can just do this and scroll down to the ‘trusted_domains’ array and type them in following the local host example:

sudo nano /var/snap/nextcloud/current/nextcloud/config/config.php

After adding the trusted_domains, I was able to access my NC instance.

Big Step 5 – Secure up the traffic with LetsEncrypt!

Make sure your firewall stuff is done – hint.

Here’s a key lesson: this bad boy doesn’t work with ‘regular lets encrypt’ installation method so if you are in the habit of installing them, slow down and stop. This is the command for installing it with the NC snap:

sudo nextcloud.enable-https lets-encrypt

This was thanks to the blog

But before you actually run that command above, let’s revert back to our friend’s blog above and open up the necessary ports:

sudo ufw allow 80,443/tcp

now go ahead and run the let’s encrypt command above and follow along in the blog to make sure you’re doing it right.

Did you get a failed letsencrypt attempt like I did one time? With a message like this?

To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

If so, you probably have a closed port. See my warnings above.

Big Step 6 – Enjoy

Probably there are some great blogs out there for actually using NC but at least now you can go to your domain and get started.

Have a nice day!

Categories
Technology Tutorial Ubuntu Ubuntu Touch

Getting Started With Quasar and VueJS on Ubuntu

After watching this recommended tutorial I decided to try out this Quasar thing. My true hope is that we can eventually add Ubuntu Touch as one of the buildable outputs at the end of app creation as it apparently might not be that hard with Cordova… but I digress…

I’m not an experienced developer yet so getting started with all these different ‘things’ I had to install with the terminal was getting a bit concerning. I decided to document my journey so that others can hopefully follow along and save some research and time.

So, if your goal is to be able to, without a great deal of pain, create a good looking app to run on Ubuntu, this might just help.

Without further adoo here are the steps that I took to get set up on my Ubuntu 18 LTS machine so that I’m ready to start using the Quasar framework. I left very brief notes to show what you are actually doing so that it’s not some random terminal script from some random blog:

  1. Install npm
    sudo apt install npm
  2. Download and install NVM (a thing to help you install and manage nodejs. Ubuntu repository for NPM is apparently not reliably up to date so that’s why we are using NVM. NOTE: Before beginning, check this page to make sure the following script I’m about to give you is up to date as it changes from time to time. Oh, and if you want to have a dance party and learn more about the details of NVM, this video is good. curl -o https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash
  3. Install LTS version of Nodejs (you can do whatever version you want as well easily but I’m not bothering to show that in this tutorial): nvm install --lts
  4. Check to make sure what you installed was what you wanted nvm ls
  5. Install the Vue CLI which is apparently what real developers developing VueJS stuff use. I got a few ‘warning’ messages after running this about my OS but probably life will continue…note also that when running this script my whole computer slowed down: sudo npm i -g @vue/cli
  6. Install Quasar – the framework that apparently makes doing a lot of stuff easier: sudo npm i -g @quasar/cli

Now I’m off to try to actually do this tutorial

Some Follow-Up Updates from the first tutorial Journey

Might as well leave a few notes that might help you along the way. If you were doing this Quasar tutorial and had an issue with hot reload not opening, I figured out how to get it working by just running quasar dev again and that seemed to kickstart the hot reload option. I had this happen a few times when i made changes and nothing new showed on the hot reload app.

In order to get highlights working properly in VS Code like teacher’s you should get the extensions for Vue and Sass since they may not be installed. I used:

octref.vetur (Vetur) for Vue because this has html auto-complete as well (another one I tried didn’t…) and

syler.sass-indented for sass stuff

Converting your New App into an Electron App and then Building for Ubuntu with a Debian package

For some reason it doesn’t really say explicitly anywhere in the tutorial above nor on the Quasar site, how to build for Ubuntu / Linux. I assume most developers ‘just know’ this but I didn’t so I had to search and find. For your benefit,

Installing for Ubuntu

Very hard to figure this out for a noob but after a full day of time spent I figured out how to turn this Electron app into an ubuntu native app running in the launcher and everything (exciting moment for a noob, I say!)

I feel like there should be a way to do this right in Quasar with a terminal tag during the build but it seems not.

First, you need to install this by running this on your Quasar dev machine:

npm install -g electron-installer-debian

Then, you build the app with the Quasar electron instructions, but for me it was as simple as running this:

quasar build - m electron

After you run that you’ll find two directories, one of which I still don’t know what it does. The two directories were “my-app-name-linux-x64” and “Unpackaged”

I then created a directory in my quasar project folder at the top level called ‘installers’

I then took the following command which I pulled off the read me page above:

electron-installer-debian --src dist/app-linux-x64/ --dest dist/installers/ --arch amd64

And adjusted the ‘src’ (source) to point to my app-named directory in the electron folder and the ‘dest’ (destination) to the installer directory I created. You can do what you’d like but mine looked like this therefore:

electron-installer-debian --src dist/electron/my-app-name-linux-x64/ --dest installers/ --arch amd64

The result was a fully effective .deb installer file which installed without a hitch and really ended the above tutorial on a high note.

Important note: I had this error:

Creating package (this may take a while)
Error: could not find the Electron app binary at “dist/electron/Quasar App-linux-x64/my-app-name”. You may need to re-bundle the app using Electron Packager’s “executableName” option.

This took a long while to trouble shoot but the issue was nothing more than opening the package.json file and making sure that the following two entries match and probably have dashes in the names (haven’t confirmed that need but it worked with them so I’m sticking to it!)

“name”: “my-app”,
“productName”: “my-app”,

Hope this also saves someone some hair pulling

Cordova Stuff and Ubuntu Touch (raw notes for later)

Cordova is apparently our best hope to get Quasar stuff to be able to convert easily to the Ubuntu Touch framework so I’ll leave my quick notes although they are quick, dirty, and probably fairly useless. I don’t think it can support Electron as per above.

First, apparently… cordova was not installed yet when I ran quasar build -m cordova it never told me that… I had to install cordova with some command that I cannot seem to now find…

Also interesting is that the build let’s you build without error even if you have caps problem in command such as typing ‘Cordova’ instead of ‘cordova’. Neato.

A little late in the game this link was sent to me which I somehow didn’t find before beginning even though I searched. I would have started right here so hopefully this documentation link helps someone save some time.

More to follow, hopefully…

Categories
Technology Tutorial

HOW TO CLICK AN ITEM IN A SUBMENU (UL) LIST USING PYTHON, SELENIUM

I spent literally 3 days trying to simply click a logout link with Selenium. I searched every stackoverflow post I could find until I found this one.

I had tried pretty much everything I could to try to click the logout link which was the fifth item down in the move-over list.

I tried find_element_by_xpath, find_element_by_id, find this, find that, blah blah blah

Finally, it was indeed the find_element_by_css_selector that worked.

The only thing is I still do not know WHY the xpath option didn’t work for this list while the others did. Hmm. Whatever. Probably will figure it out later….HOW TO CLICK AN ITEM IN A SUBMENU (UL) LIST USING PYTHON, SELENIUMThe only thing is I still do not know WHY the xpath option didn’t work for this list while the others did. Hmm. Whatever. Probably will figure it out later….

so, here is a code block of what worked for me to move to a mouse-over menu and click the menu’s submenu item using Selenium and python (my css selector is just a fake example of course so paste your correct one in):

Edit: I also realized I had to click on the button *above* the actual unordered list (UL) element to trigger the drop down. This tip for the ‘main_menu’ element below might also help someone.

main_menu = driver.find_element_by_xpath("//*[@id='with-label']")

actions.move_to_element(main_menu).perform()

time.sleep(2)

WebDriverWait(driver, 10).until(EC.visibility_of_element_located((By.CSS_SELECTOR, ".css-selector-thing > ul:nth-child(2) > li:nth-child(6) > a:nth-child(1)")))

driver.find_element_by_css_selector(".css-selector-thing > ul:nth-child(2) > li:nth-child(6) > a:nth-child(1)").click()
Categories
Freedom and Privacy Life Skills Nextcloud Technology Tutorial Ubuntu

HOW TO MAKE A NEXTCLOUD PI BOX WORK AS REVERSE PROXY TO YUNOHOST

Background

The situation was that I wanted to test out the very cool project Yunohost but I already had Nextcloudpi (another awesome project!) running on my local network. I already had a DDNS service (No-ip) running which was pointing to my Nextcloudpi (“NCP” moving forward) box, and a second DNS service that I set up which pointed to my router for the purpose of Yunohost (“YH” moving forward). You can read about that cool DNS solution in my other blog post, by the way, as it works really well and gives a bit more power.. and it’s free.

The problem was that ports 443 and 80 were being used by NCP but YH needed them as well. The only options appeared to be:

a) change the ports of one of the machines (complicated because clients outside of the LAN in the world webs won’t know those ports) or
b) figure out what a ‘reverse proxy’ is and then make it work

The challenge was that NCP was using Apache whilst YH uses NGINX – both of which are capable of reverse proxy. So, in order to do this I ended up doing some learning of both although it turns out it wasn’t really needed after all. C’est la vie…at least I learned some things!

At the end of the journey of trying about 10,000 different settings in the Apache default configuration file that comes with NCP (and other Apache installs) called “000-default.conf” it started working after adding just two lines to my configuration which seemed not to be in any other tutorial online for some reason. The key two lines that were needed were:

SSLEngine On
SSLProxyEngine On

Without those two lines it would just never work even though the rest of my settings were right.

Ok, enough of my hard journey story, let’s log the actual configuration and steps so that anyone who wants to do the same setup can save the pain!

Assumptions

Before we begin, I will assume that you already have the following set up:

  1. Server A (in my case NCP) running Apache which is already successfully reachable and working from the outside world. Through this machine Server B will be reached.
  2. Server B (in my case YH) running whatever (I think) but in my case it’s running NGINX and this box is the one we are trying to make visible to the outside world through ports 80 and 443
  3. You have a domain (nameofyourdomain.com in this tutorial) which you own and which is already successfully hitting your router (You can test by pinging the domain and seeing the IP address of your router show up). You can do this with my other tutorial mentioned above as well. You can also get a free ‘domain’ from services like No-ip if you don’t care what the domain looks like.
  4. You have full access to SSH into both machines, but in this case Server A is the critical one.
  5. You are using an Ubuntu environment and have know how to open a Terminal and use it (roughly)
  6. You are willing to learn and try things if this doesn’t perfectly work as per this specific example. I’ll give you a few resource links as well to help you in case your set up needs tweaking.

Let’s Begin – Setting up Apache Default Config on Server A

  1. ssh into Server A (format ssh username@your.IP.Address )
  2. Change directory (cd) to your Apache2 sites-available directory. In my case it looks like this but if you aren’t using NCP it might be different
    cd /etc/apache2/sites-available
  3. Type this command to back up your Server A apache settings. If you mess anything up you can restore this one and delete the default and rename it back to original name.

sudo cp 000-default.conf 000-default.backup

  1. Check to make sure the new file with .backup is showing up by typing ‘ls’. If it’s there then proceed.
  2. Copy the sample configuration below into your clipboard
  3. Open the default Apache config file with this command (if you haven’t used nano before probably good to do a quick online overview) for editting:
    sudo nano 000-default-conf
  4. you may have some settings already in this file (you should) at the top. Scroll down to the bottom of whatever is there and then paste in the sample you have copied from below with the control + shift + v (If you don’t hold shift it won’t paste)
  5. Go through the newly-pasted configs and adjust to your settings changing domain names and ip addresses to yours.
  6. Control x to save and exit, ‘y’ to save modified buffer and ‘enter’ key to write your changes
  7. Restart apache with this command to see if it works (this will shut down whatever stuff is running on Server A so probably good idea to do this wisely if the server is currently being used by others…:

sudo systemctl restart apache2

If you get nice silence from your terminal, and no ‘journalctl’ messages, then things are going the right direction.

Run Let’s Encrypt Manually for SSL certs on Server A

For this step, to be honest, I’m not sure if you need to do it because certs are already on both boxes for NCP and YH. But you might not have that so I’ll provide the steps since after I did them nothing was worse and everything was working… I would love to get some feedback on this step.

  1. Install Let’s Encrypt tools:
    sudo apt-get install python-certbot-apache
  2. Run it
    sudo certbot --apache -d example.com -d www.example.com

Let’s Finish – Test Server B

Go to your domain from outside your LAN (just to make sure you are getting a real test) and try to hit Server B. I find mobile phone data plans are good for this kind of testing, otherwise, call your grandma and ask her what happens when she goes to nameofyourdomain.com…

If it works, you’re done.

If it doesn’t you might need to tweak your settings.

Sample Configuration – copy this and adjust to your set up

Your IP address will obviously be changed to the correct one where your Server B is. Copy everything in the code block below.

 <VirtualHost *:80>
    ServerAdmin name@nameofyourdomain.com
    ServerName nameofyourdomain.com
    ServerAlias www.nameofyourdomain.com

   ProxyPreserveHost on
   ProxyPass / http://192.168.1.37:80/
   ProxyPassReverse / http://192.168.1.37:80/

</VirtualHost>

#Listen 443

<VirtualHost *:443>

    SSLEngine On
    SSLProxyEngine On

     ServerAdmin name@nameofyourdomain.com
     ServerName nameofyourdomain.com
     ServerAlias www.nameofyourdomain.com

     ProxyPreserveHost on
     ProxyPass / https://192.168.1.37:443/
     ProxyPassReverse / https://192.168.37:443/
</VirtualHost>

FULL Sample Configuration Reference (DO NOT COPY THIS ONE)

This is what my config looked like when everything was done and working.

The ‘Rewrite engine’ stuff here was added by Lets Encrypt when it was run so it ‘should’ appear in your config after you run it after initial settings have been added. Same with the ‘Include’ stuff and the SSL certificate stuff at the bottom of the second entry.

<VirtualHost *:80>
    ServerAdmin name@nameofyourdomain.com
    ServerName nameofyourdomain.com
    ServerAlias www.nameofyourdomain.com

   ProxyPreserveHost on
   ProxyPass / http://192.168.1.37:80/
   ProxyPassReverse / http://192.168.1.37:80/

RewriteEngine on
RewriteCond %{SERVER_NAME} =nameofyourdomain.com [OR]
RewriteCond %{SERVER_NAME} =www.nameofyourdomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

</VirtualHost>

#Listen 443

<VirtualHost *:443>

    SSLEngine On
    SSLProxyEngine On

     ServerAdmin name@nameofyourdomain.com
     ServerName nameofyourdomain.com
     ServerAlias www.nameofyourdomain.com

     ProxyPreserveHost on
     ProxyPass / https://192.168.1.37:443/
     ProxyPassReverse / https://192.168.37:443/

Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/nameofyourdomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nameofyourdomain.com/privkey.pem
</VirtualHost>

Random Keywords and messy spam from the Journey

This next section is merely a copy/paste of all the steps I was trying to try to get this working. The purpose is not to follow any of these instructions but merely to leave as keywords in hopes that other people trying the same things will end up finding this blog and save themself the pain! 🙂 So, don’t use the next section for any form of tutorial but feel free to read and learn.

  1. set up individual virtual host conf files on box 1 else:

We were unable to find a vhost with a ServerName or Address of mydomain.ca.
Which virtual host would you like to choose?


1: nextcloud.conf | mydomain.hopto.org | HTTPS | Enabled
2: ncp.conf | | HTTPS | Enabled
3: 000-default.conf | | | Enabled


Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel):

Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel): c
No vhost exists with servername or alias of mydomain.ca. No vhost was selected. Please specify ServerName or ServerAlias in the Apache config.
No vhost selected

hmm.

finding apache config…

seems like one shouldn’t mess with this… and that lets encxrypt probably does it for you

  1. sudo apt-get install python-certbot-apache (apparently not installed on ncp somehow..)
  2. created basic conf file in /sites-available
  3. restarted apache – worked
  4. added symlink to sites-enabled, restarted apache, breaks
  5. run certbot without enabled…with usual
    sudo certbot –apache -d example.com -d www.example.com

pi@nextcloudpi:/etc/apache2 $ sudo certbot –apache -d mydomain.ca -d www.mydomain.ca
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn’t close to expiry.
(ref: /etc/letsencrypt/renewal/mydomain.ca.conf)

What would you like to do?


1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)


choosing option 2

fail. same error above

now trying to go back to simply 443 config in 000-default but wtihout ssl engine stuff.

now running:
sudo certbot --apache -d mydomain.ca -d www.mydomain.ca

this is something… progress….

the bad part:

Failed redirect for mydomain.ca
Unable to set enhancement redirect for mydomain.ca
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection

the good part

IMPORTANT NOTES:

  • We were unable to set up enhancement redirect for your server,
    however, we successfully installed your certificate.
  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/mydomain.ca/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/mydomain.ca/privkey.pem
    Your cert will expire on 2019-09-14. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
Categories
Freedom and Privacy Life Skills Technology Tutorial Ubuntu

How to Encrypt a Password Around and Merge Multiple PDFs in Ubuntu

For some reason, this is way harder than it should be. I thought I would be able to find a simple ‘pdf stitcher’ software in the Software Centre and just put them in there, arrange them and then export to PDF – with a password. I think this used to be possible with PDF Sam but anyway. This tutorial will hopefully be a long term and reliable way that we can do this in a pinch from any machine.

This is all terminal based so get ready to pump up your terminal skills.

1. Stick PDFs in a Dedicated Folder

Assemble into one directory all the PDFs you plan to stitch together and wrap up with a password. I think the command will only work if they are in one place so this step is important.

2. Install PDFTK

sudo apt install pdftk… I think… but you might need some other package these days… remind me in comments if this is wrong 🙂

3. Go to your PDF directory

Using the CD (change directory) command, navigate to the directory you made in step 1.

4. Run the Command for One Page Only.

This is the basic format for PDFTk showing one file being output with a new name and a password

pdftk [mydoc_old].pdf output [mydoc_new].pdf user_pw [awesomepasswd]

In this case you”ll swap out the filenames accordingly.

*Special note! do not put the square brackets in there. those are just to show you what needs to be swapped out. I actually did this and wasted a lot of time (lol)

Also, take note of this, you ‘might’ get a warning that the PDF has a user password and you can’t do these tasks because you don’t know the owner password. It seems banks do this on their bank statements, which is funny, because they don’t supply a secure way to send banking documents to them and ask me to email…

Error will look like this if you need to work around it:

filename.pdf
has set an owner password (which is not required to handle this PDF).
You did not supply this password. Please respect any copyright.

I found a nice work around to stick it to these bankers which is to use the Ubuntu ‘print’ (ie. printing to your printer) and then change from your printer to ‘print to file’. Side note: If you didn’t know about this built in and super easy PDF feature and you only need to do one PDF at a time and no encryption, this is the way to do it.

The output PDF from this method seems to strip away any of the ‘owner password’ annyoyances. Hint: this is also a good time to rename your individual pdfs to a number in the order you want them to appear in the final merged PDF. I do 001, 002, 003 during this phase making the next section way, way easier.

5. Run the Command for Merging Multiple PDFs

The process is the same as above, but now that you have your folder full of 001, 002, 003 numbered files, here is what you do:

pdftk [001].pdf [002].pdf [003.pdf] output [mydoc_new].pdf user_pw [awesomepasswd]

Once you hit ‘enter’ a new file will appear in the same directory with name ‘mydoc_new.pdf’ and will have 001, 002, 003 in it and be locked behind the password ‘awesomepasswd’.

Pretty handy especially when you have to deal with ‘owner passwords’ in the PDF.

Hope this helps!

Categories
Freedom and Privacy Life Skills Mesh Networks Technology Tutorial Ubuntu

How to Flash OpenWRT onto a Zsun Card

Background

EDIT JAN 7, 2019
Warning! Before beginning this tutorial, note that I have **fried** two Zsun devices nearly immediately after doing these steps. My theory appears to be correct that as soon as you flash to OpenWRT the default power output is way, way too high and so it starts heating up and frying it. Within about 15 minutes of flashing both devices were dead and inaccessible – their SSID didn’t even show up. I am now testing another one where I dropped the power to low and it’s still alive after about 45 minutes. Therefore pay special attention I’m going to test another one now, but in case you find this blog today, you might want to wait a few days for my findings….

I found a lot of pages on the internet showing that it’s possible to flash OpenWRT onto a Zsun Smart Card Reader. A friend gave me a couple and I wanted to try some mesh network ideas. However, for some reason I couldn’t find everything in one spot for Ubuntu, so I’m writing this guide for anyone else who might want to try. There was also a significant bug I encountered which I overcame which might help you if you have tried and failed in the past.

I also recommend staying fully disconnected from your home wifi while you are doing this to avoid confusion. If you have access to an ethernet cable and router this will make things a bit more simple.

What You Will Need

  1. Zsun Reader
  2. micro SD card to insert into reader – BONUS! I just discovered you only need this for the flashing process and then can remove and use again for flashing other devices (microSD not required to function as extender!)
  3. Ubuntu machine with understanding of how to open a Terminal
  4. (optional) A dedicated folder/directory on your computer where you can ‘do all your actions’. I find this reduces risks and helps you keep your files in one place. You can even download this blog to PDF and put it in the same folder.
  5. All the stuff you need in one place on local machine (because your internet will go down while flashing)

Step 1: Download to local machine the File you will need to flash onto the Zsun

I found it really hard to find the file on this page. Here is a direct link to the file and save this in a memorable location on your computer as we’ll need to access it soon.

Direct link to download

Step 2: Make sure your micro SD card is formatted to FAT32

On ubuntu you can do this by pressing the super key, typing ‘disk’and using the disk utility. Note – always unplug all external drives you do not want to accidentally kill! Also pay super-special attention you are not accidentally formatting your own computer’s hard drive (I’ve done this hard life lesson and you don’t want it)

Step 3: Insert empty and correctly formatted card into the Zsun card reader

Self explanatory

Step 4: Plug in Zsun card reader into your computer (or any powered usb slot)

Self explanatory

Step 5: Connect the Zsun to your WIFI network

This is funny because I totally missed this step and (obviously) it has to be connected to the network in order for it to show up in network and be able to access the admin page. I had an attempted connection which failed and then the second time it connected. You connect to it like any wifi network but it won’t ask for a password.

Step 6: Make Card Accessible to Admin

I ‘guess’ that this step in one of the tutorials I read preps the card to be able to access via Samba. Not sure, I could not access the files on the card until I performed this step so let’s do that now. In a browser, copy/paste this:

http://10.168.168.1:8080/goform/Setcardworkmode?workmode=0

It should spit back this:
{"status":"0"}

Note: if you get ‘connection refused’ message in the next step you may have to re-try this command a few times. Make sure you are actually connected by wifi to device. One time I had to do a full computer reboot too and then it seemed to work.

Step 7: Access the Zsun via Samba (SMB)

(reminder this is an Ubuntu tutorial so you might have to do it a different way on your machine if it isn’t the same)

The super painful part of this tutorial for me is that this easy part was subject to a weird Ubuntu bug that tracks back nearly 10 years. If you are bored you can read about it here, but probably, like me, you just want to hack this zsun and then put evertyhing back the way it was. So let’s do that:

Step 8: Overcoming the Ubuntu Samba Username password bug

  1. in a terminal enter this:
    sudo nano /etc/samba/smb.conf
  2. Scroll down into the ‘Authentification’ section.
  3. at the very bottom in the space just above the “Domains” section, paste in (with control shift paste) this:

security = user
client use spnego = no

  1. ctrl x to get out
  2. ctrl y to agree to write the changes

Step 9: Continue with Tutorial and Accesss the Zsun via Samba

  1. Open Nautilus (called ‘Files’ on the launcher) (the file cabinet icon thing…)
  2. Go to ‘Other locations’ on the left menu at the bottom. A ‘Enter server address’ field will appear.
  3. Type in zsun address as follows: smb://10.168.168.1
  4. enter admin/admin pass/user (don’t worry about ‘workgroup’)
  5. when greeted with ‘public’ enter that directory
  6. hit ‘contrl h’ on your keyboard which will show hidden folders. If you don’t do this step you might not think the next step will work since it’s a hidden folder.
  7. You should see ‘trash~’ something. But if you don’t… whatever. Seems to work if it’s fully blank too… Here is where you create the following folder (with the dot/period in front):
    .update if it doesn’t appear after creating this folder, review step 6 above…
  8. Drag and drop the file you downloaded way above (SD100-openwrt.tar.gz) into this new .update folder. Yes, the whole tar file, don’t extract it.
  9. CRITICAL STEP! Before doing step 10, make sure you skip ahead, and deeply familiarize yourself with the steps following it because you will have a short time to do those steps before the device fries and dies. Once you have read it all (especially big step 11 below) then come back here and execute step 10.
  10. After you are sure that the file is done copying in, go to a browser and enter this:

http://10.168.168.1:8080/goform/upFirmWare

When you see this, things should be working:
{"status":2}

Here is a fair-use paste from buddy’s blog

Wait for the reboot into OpenWRT

Wait for long LED flash, then multiple fast flashes – now OpenWRT is booting for the first time.
There will be a long period of (normal slow) flashing, then one long flash, then a whole bunch of very fast flashes. The ZSun Wifi network disappears, and eventually re-appears as OpenWRT.

What he didn’t add that I discovered was when everything is totally done it will be a solid light colour.

SUPER IMPORTANT NOTE (in case you missed my other 20 warnings…) immediately as quickly as possible and reduce transmission power on device! Learn how to do this in Big Step 11 below …if it’s not too late.

Step 10: Log into your new OpenWRT Mini Router!

I have another OpenWRT router going in my house so right away I’m going to log into the new little guy here and change it’s IP address to something different to make sure they don’t conflict. The default OpenWRT is 192.168.1.1 so we’ll access it there now.

You’ll get a browser warning that it’s not secure. No problem, add exception, move forward.

You’ll be greeted with a log in screen with no password set.

Log in.

Step 11: Turn Down Radio Transmission Power to Prevent Deep Fried Zsun!

IMMEDIATELY reduce the transmission power of the device. The default is set to the maximum power and it will fry/kill this device in less than 10 minutes after you flash it. I lost two devices this way so act quickly as follows:

1. Go to network

2. go to ‘wifi’

3. click ‘edit’ on the ‘OpenWRT’ entry

4. Drop transmit power to 4 (lowest)

5. ‘save and apply’ button at the bottom

This will momentarily disconnect you from the device while it makes these settings. From here, assuming my theory above is true, you can start doing other things now such as resetting your device access password:

Go to ‘system’ and ‘system administration’ and create a new user/password

Step 12: Undo whatever we did to that Samba bug above (If you want)

Remember when we fixed that Samba bug above? I’m frankly not sure if that was a secure thing to do so let’s undo it in your computer just in case by going back in the same way, deleting those lines you added, and then saving.

Step 13: Remove microSD

As mentioned above, the microSD is no longer required if you are just using device as a wifi range extender (see this tutorial). You can unplug, remove microSD and plug it in now.

Step 13: Enjoy!

The rest, my friends, is up to you. Hope this helps!

Thanks to the following resources

  1. This nice video helped me create this Ubuntu guide
  2. This great blog entry mentioned at the beginning.
  3. Of course the awesome people who hacked this thing here

Categories
Freedom and Privacy Technology Tutorial Ubuntu

Fixing Wrong Monitor Display in Ubuntu 18.04

What a pain in the hindquarters… I lost about 2 hours of my life after I plugged in a Samsung 40″ monitor after having been using a Samsung 20″ Monitor. When I went back to my 20″ in my office, Ubuntu (I’m using Gnome currently until Unity8 is ready) my laptop continued to falsely detect the monitor as a 40″ still . The result was a bad display of the wrong size. I could not adjust the settings, nor save any changes, etc, etc.

Thankfully, a friend in the UBports community (awesome, awesome community and project by the way) just saved my day, and what was most nice (is that English?) is that it took less than 30 seconds to fix.

So, if you want to erase or delete or get rid of some false monitor detection in your ubuntu machine, this might also help you 🙂

Note before beginning: The monitor may/will still display as the wrong size/name but it will work as it should regardless of the name it has in the display settings.

  1. Open a Terminal
  2. Enter this command rm .config/monitors.xml
  3. Press enter (of course)
  4. Reboot
  5. Enjoy your life again

PS – After searching for hours and blogging this someone did point out that there was an official page with this solution, but yeah. If you don’t find it hopefully this blog will help solution be found.

Categories
Freedom and Privacy Mesh Networks Technology Tutorial Ubuntu

Flashing OpenWRT onto a D-link DIR-615 – The Sequel!

The funny part about this blog is that I spent an entire day searching for how to do this and then I ended up landing on a blog post with the answer… written by ME. in this 2015 blog post Lol or something?

This tutorial assumes you are using Ubuntu and know how to access your terminal and do some basic commands. If not, do a quick study on that before you begin. If you aren’t using Ubuntu on your computer I’m not sure what I can do to help other than encourage you to switch immediately.

This tutorial also assumes that your computer/laptop is plugged directly into the DIR-615 router by ethernet cable and not by wifi. It could probably be done with wifi, but I don’t know and I know it adds an extra layer of complexity I don’t like. So find a cable and plug in to do all this.

1. Download the appropriate image from OpenWRT to your computer.

I got mine by refining a search here.

2. Extract the file into it’s raw ‘.bin’ format.

Mine looks exactly as follows at the time of this writing when it’s sitting in my directory but as versions change and improve this could slightly change be aware:

lede-17.01.4-ar71xx-generic-dir-615-c1-squashfs-factory.bin

3. Using your terminal cd (change directory) to the location where the file is you just extracted in step 2.

4. Make sure your computer is set to a static IP address.

If you don’t know how to do this, search it online as I don’t have a quick link to it right now. “How to set static IP address in Ubuntu’ should find something. Make sure that your static IP address you are setting does not conflict with another device on the router, nor with the router itself at 192.168.0.1.

192.168.0.2 static

NOTE: After this router is flashed you will need to get rid of this static IP address since it won’t match your new router!

5. Pre-enter the following command into your terminal so you are ready to press enter

curl -0vF files=@lede-17.01.4-ar71xx-generic-dir-615-c1-squashfs-factory.bin http://192.168.0.1/cgi/index

Again, the part after the @ symbol in the command above might change depending on the .bin file you are flashing on. This tutorial will likely get old at some point so you may need to swap out a different file name into the command above but the rest should work long term.

6. Power off the router by unplugging the black power cable

Warning. You are about to forever wipe your router’s ‘operating system’ so if you have anything in there you care about this would be the time to get those out!

7. Put pen in the reset button of router and hold it there

8. While still holding reset button, plug in the power cable.

Keep holding the reset button! Don’t let go. The light will be a solid colour (orange, I recall?) but you are waiting for the first flash before executing the next step.

9. As soon as the solid light starts to flash hit the enter key in your terminal and run the curl command you pre-entered in step 5 above

After you hit this command at the perfect moment, things should start to work. When they do, you’ll see some funky html stuff come on the screen that looks like this:
* Hostname was NOT found in DNS cache
* Trying 192.168.0.1…
* Connected to 192.168.0.1 (192.168.0.1) port 80 (#0)
> POST /cgi/index HTTP/1.0
> User-Agent: curl/7.35.0
> Host: 192.168.0.1
> Accept: /
> Content-Length: 3932431
> Content-Type: multipart/form-data; boundary=————————464dbec1925a46d8
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Server: uIP/0.9 (http://dunkels.com/adam/uip/)
< Content-type: text/html
<
backup loader Device is Upgrading the Firmware


  • Don’t turn the device off before the Upgrade jobs done !
` `

More notes for this step
The screen will stay with this html/> script on there and at this point you can keep your eyes on the router as nothing will happen on the screen.
You should see lights flashing and reboots. Wait, wait, wait. Failure seems real but it’s not yet…. For me I was stuck on a green light for a really long time and no updates in terminal.

If after 5 minutes (or so) things appear to be ‘stuck’ at that point you could try unplugging the power cable and plugging it back in again to test.

To test to see if it worked, go to the new access IP address which should be 192.168.1.1. If you are prompted for user/password you succeeded.

A few troubleshooting notes

Something didn’t work? Read these next few points for some inspiration:

  • Did you really make a static IP address in step 4? You might think you did but maybe it didn’t work. Check with ifconfig command and see what IP address your computer/laptop has. If it’s not static, things won’t work right.
  • Were you too fast or too slow with the timing of the curl command in Step 5? Timing is a bit finicky here so you may have to try a few times to nail it.
  • If things are really goofy you ‘may’ need to install the original Dlink .bin file and start from there. I doubt it but there are records of this online so I thought I would mention it. You could get this on there by finding this .bin file online and using your new curl skills from above to flash the original .bin on there first.

Bin file name for DIR-615 = dir615_revC_firmware_311NA.bin

command to flash it on:
curl -0vF files=@dir615_revC_firmware_311NA.bin http://192.168.0.1/cgi/index

Follow up notes

  • Reminder! Turn your computer/laptop back to DHCP mode from static IP otherwise you might not be able to connect at all to your new router! I made this mistake way too many times and easy to forget.
  • After getting things up and running and if you need ddns, reboot device via ssh. when it comes back, then you could try this tutorial I wrote for the No-ip service. Here is a link to that tutorial.