Category: Software

All things computer software.

Categories
Software

Installing Graylog 3 in a TrueNAS 12.0 Jail (FreeBSD)

Graylog is an enterprise log aggregation and management framework similar to Splunk. Graylog, the company, is based in Houston, Texas (yay!) and boasts over 40k installations. What am I trying to accomplish by using Graylog at home? Well, my initial requirement is to collect logs from my network routers and incorporate that into my existing network monitoring using InfluxDB and Grafana. I’m a client of Comcast Xfinity and my network performance has really been poor in mid to late 2020. After multiple calls to Comcast and several tech visits, I’ve setup my own monitoring to “show” Comcast that I’m not getting the bandwidth they are billing me for. Log retention is low on my routers and cable modem (data rolls off quickly), a goal of this project is to retain at least 30-90 days of log messages from all network devices.

While I didn’t find this other post until after I wrote my post; I will cross link to this other post on essentially the same thing 😉 https://sign13.wordpress.com/setting-up-graylog-in-a-freenas-jail/

In TrueNAS Core 12.0, use the add Jail wizard

Step 1: Create the Graylog Jail

I’ll setup Graylog in a TrueNAS Core 12.0 Jail which will be running FreeBSD 12.2 release. The jail configuration isolates the software and configuration from other applications running on TrueNAS and it provides a stable environment with a large storage pool for log retention. In the Jails menu on TrueNAS Core 12.0, select the add button and the wizard will prompt you for input to create the Jail. Name your jail graylog and select the FreeBSD software release, then hit Next. I chose DHCP for my Networking configuration which will allow me easy SSH access to the “host”. Select Next and then select Submit to create the Jail. This tutorial will assume you have an understanding of basic Unix and SSH commands. After the wizard completes, you will want to click on the greater-than symbol in the graylog jail row in TrueNAS to show the jail details including the IP address. In this instance my graylog jail is 192.168.1.32 (take note!). In my network router I configured DHCP to give the same IP4 address to the MAC address for the graylog jail and to resolve the DNS hostname of graylog (so I don’t need to remember the IP4 address)

Test that the jail is up by pinging the “host”

rich@eragon:~$ ping graylog
PING graylog.pavlovs.ky (192.168.1.32) 56(84) bytes of data.
64 bytes from graylog.pavlovs.ky (192.168.1.32): icmp_seq=1 ttl=64 time=0.691 ms
64 bytes from graylog.pavlovs.ky (192.168.1.32): icmp_seq=2 ttl=64 time=0.619 ms
64 bytes from graylog.pavlovs.ky (192.168.1.32): icmp_seq=3 ttl=64 time=0.684 ms
64 bytes from graylog.pavlovs.ky (192.168.1.32): icmp_seq=4 ttl=64 time=0.752 ms
64 bytes from graylog.pavlovs.ky (192.168.1.32): icmp_seq=5 ttl=64 time=0.537 ms
^C
--- graylog.pavlovs.ky ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4006ms
rtt min/avg/max/mdev = 0.537/0.656/0.752/0.073 ms

Step 2: Setup SSH access and a local user

You will need to ssh into your TrueNAS box and use the iocage or the jexec command to remote into the jail on your first access. This is because you won’t have a local user account yet and the SSH daemon isn’t running. SSH into your TrueNAS (mine is named kidney) and type the JLS command to see the JID number of your jail. This will change with every restart so don’t write it down or memorize it. Use the jexec command to remote in.

kidney% jls
   JID  IP Address      Hostname                      Path
    12                  graylog                       /mnt/PavPool/iocage/jails/graylog/root
kidney% sudo jexec 12 /bin/tcsh 

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

Password:
root@graylog:/ #

You will notice that you are now in a shell (a tcsh shell if you followed my above instructions) in the jail. Please note bash is not installed yet. You will be logged in as root. Update the packages and install bash first; you will need bash when you create your local user. You will also install the sudo package and configure it. sudo allows non-root users to run privileged commands. 

root@graylog:/ # pkg update
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
root@graylog:/ # pkg install bash sudo

Now you need to configure sudo by executing the visudo command. This command will edit the sudoers file to tell the system that your local account is allowed to run priveliged commands. Scroll down in the vi window until you see User Privilege

##
## User privilege specification
##
root ALL=(ALL) ALL

You should add a new row by putting cursor under the row with root like above and hitting the i key to insert. Type your user row as follows:


rich ALL=(ALL) ALL

Substitute username rich for whatever your username is. You may wonder that you haven’t created the user yet and that is ok! We will create the user next. Type SHIFT ZZ (that is hold the shift key and then type Z twice) to save the file.

Then, add your local user to enable easy logins as something other than root (not good to remote into things as root). In this example my local login name is rich with unix id of 1000 on all my boxes including TrueNAS <<< this is important. Type adduser to create the rich user with uid of 1000. 

root@graylog:/ # adduser
Username: rich_
Full name: Rich P
Uid (Leave empty for default): 1000
Login group [rich_]: 
Login group is rich_. Invite rich_ into other groups? []: 
Login class [default]: 
Shell (sh csh tcsh bash rbash git-shell nologin) [sh]: bash
Home directory [/home/rich_]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password:

Next, edit the /etc/rc.conf file and add this line to the end of the file

sshd_enable="YES"

Next, start the sshd service to test that it works

root@graylog:/ # service sshd start

Now, try to ssh into your TrueNAS jail from your localhost 

rich@eragon:~$ ssh graylog
Password for rich@graylog:
Last login: Fri Dec  4 18:11:47 2020 from eragon.pavlovs.ky
FreeBSD 12.2-RC3 7c4ec6ff02c(HEAD) TRUENAS 

Welcome to FreeBSD!

To make it more secure you can add an SSO component or add ssh keys to each of your jails (i.e. no more typing your password). You should have convenient SSH access to your jail. Remember, with great power comes great responsibility. Also remember that you are no longer logging in as root so you’ll need to run sudo on privileged commands. Sudo should be all setup and we’ll test it in the next step.

Step 3: Install Graylog Packages

Type the following to install the graylog, elasticsearch and mongodb packages. 

[rich@graylog ~]$ sudo pkg update
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.

[rich@graylog ~]$ sudo pkg install graylog elasticsearch6 mongodb44

Update 14-Dec: Updated post based on comments/feedback. I had made a mistake on the packages I used, which was corrected by a reader.

It may take a few mins to download and install those packages. MongoDB will be used for the graylog configuration only. All log data will be stored in the elasticsearch cluster. These packages are downloaded from FreeBSD fresh ports which is a very extensive software pkg repository. Please note as of this writing in Dec 2020, version 3.3.1 is the latest FreeBSD graylog package available but graylog itself is shipping version 4.0.2 on the graylog.org website.

Step 4: Configure Software

None of the above software will be running after it’s installation. Don’t start the services yet. First, edit /etc/rc.conf to tell TrueNAS to autostart the software when the jail starts. Add these lines to the end of the file.

graylog_enable="YES"
elasticsearch_enable="YES"
mongod_enable="YES"

Next, edit the /usr/local/etc/elasticsearch/elasticsearch.yml file to change a few parameters. Add the following to the bottom of the file and save it. 

cluster.name: graylog

Start the mongoDB and the elasticsearch components by typing:

[rich@graylog ~]$ sudo service elasticsearch start

[rich@graylog ~]$ sudo service mongod start

Notice the output of the above service commands, if there are any errors starting the commands it should prompt you. You can check if both services are running by typing a netstat command.

[rich@graylog ~]$ netstat -an | grep -i listen

tcp4       0      0 127.0.0.1.9200         *.*                    LISTEN     
tcp6       0      0 ::1.9200               *.*                    LISTEN     
tcp4       0      0 127.0.0.1.9300         *.*                    LISTEN     
tcp6       0      0 ::1.9300               *.*                    LISTEN     
tcp4       0      0 *.22                   *.*                    LISTEN     
tcp6       0      0 *.22                   *.*                    LISTEN     
tcp4       0      0 127.0.0.1.27017        *.*                    LISTEN

This command shows which TCP ports are being listened to by server processes like mongo and elasticsearch. You will notice that 9200 and 9300 are elasticsearch. 22 is SSHD and 27017 is mongo. If your output from a netstat is similar then you are doing good so far. Now, we need to configure graylog and then start the service for the first time. The graylog config will be in the /usr/local/etc/graylog directory. 

[rich@graylog ]$ cd /usr/local/etc/graylog

[rich@graylog ]$ sudo cp graylog.conf.example graylog.conf

[rich@graylog ]$ sudo cp log4j2.xml.example log4j2.xml   

[rich@graylog ]$ sudo mkdir server 

[rich@graylog ]$ sudo touch server/node-id 

[rich@graylog ]$ cd ..

[rich@graylog ]$ sudo chown -R graylog:graylog graylog

This will setup the initial config directory and change the owner of the files to graylog user and graylog group. That user and group should have been created when you pkg installed graylog. If you don’t have that user or group then go back to the package install step and check you did that correctly. Change directory back to /usr/local/etc/graylog and edit the graylog.conf file and ensure the variables are set as such.

is_master = true
node_id_file = /usr/local/etc/graylog/server/node-id
root_username = admin
root_timezone = UTC
bin_dir = /usr/local/share/graylog
data_dir = /usr/local/var/lib/graylog
plugin_dir = /usr/local/share/graylog/plugin

http_bind_address = 192.168.1.32:9000

message_journal_dir = /usr/local/var/lib/graylog/journal

The above config parameters are scattered throughout the config file. Your http_bind_address will be the jail ip4 address. Ensure that all those directories like the journal directory exist and are owned by graylog:graylog. Next, set the hashed admin password and seed by running these two commands on the command line. 

pwgen -N 1 -s 96

echo -n yourpassword | shasum -a 256

Edit the graylog.conf file and follow the instructions to paste the password_seed and root_password_sha2 to set those values and then save the file. There are instructions inline in the conf file on the password seed and root password if you are confused. Make sure the file is only readable to the graylog user and group. Now you can finally start the Graylog service

[rich@graylog ]$ sudo service graylog start

[rich@graylog ]$ sudo tail -f /var/log/graylog/server.log

Tail the /var/log/graylog/server.log file to ensure it starts correctly and no fatal errors. It takes a minute or two to startup.

Step 5: Test Jail Restart to Ensure Auto-Launch

If graylog started up correctly, go ahead and stop the jail in the TrueNAS Jails menu. Click the Edit Jail menu item under the graylog jail properties and in the Basic Properties sheet you will check the Auto-start checkbox and click save. Next you can click the start button on the graylog jail and wait a few min for everything to start up. You then should be able to access the graylog UI at http://<your ip address>:9000 (please note that you need to fill in your ip address and it will be different than mine.)

Further tutorials will include hardening + adding SSL and configuring syslog inputs.

Categories
Hardware Software

Create a WiFi-Repeater using DD-WRT and an old Asus Router

Asus WiFi routers are great! … says the guy who owns two and just bought a third on Amazon yesterday. I’m not one to waste old hardware and I was thinking that I’d like to flash my old Asus routers with the DD-WRT firmware so I can transform them into WiFi-Repeaters!

Savvy readers will say, “But Rich, Asus already has AiMesh technology to do that. Why do you need DD-WRT?

My response. “AiMesh only works on recent Asus models, it doesn’t work on my N66R for instance. DD-WRT works perfectly fine and breaths new life into that obsolete model”.

So now that we have established why we’d want to do this, let’s roll up our sleeves and get to flashing….

dd-wrt router database

Step 1: Do Your Research

Flashing the firmware of a WiFi router is not trivial; first and foremost you need to visit dd-wrt.com and see if your router is supported. Search the router database for your manufacturer model (e.g. asus). Some WiFi routers have multiple (confusing) retail names for the same hardware and some retail names have multiple different hardware revisions! Check the serial number and the hardware revision indication on the label of your WiFi routers, my RT-N66U is hardware revision B1. Checking the router database, my hardware revision from 2011 is supported and a fresh firmware file as of 2019!

Save the .trx firmware file to your Computer

Step 2: Download the firmware file to your desktop or laptop

You need to prepare by saving a copy of the .trx firmware file to your local computer (desktop or laptop) that you will use to flash the WiFi router. The file is not very large; about 22 Mb in this example. Please note there are various build numbers in the pulldown combo box. I chose the latest file. You can download multiple .trx files from different builds, but make sure to take notes of which file is which so you aren’t confused later.

Step 3: Read the flashing instructions at least twice

Remember the old Carpenters saying, “Measure twice, cut once”. Flashing the firmware of a router is a bit like baking a cake; you need to follow a list of instructions precisely or the end product will not be good (edible?). In my instance, the first line of the instructions says “Note that the two existing hardware revisions, “A1” and “B1”, of this router are significantly different. This page is about revision “A1”, typically referred to as RT-AC66U, without the revision. For information about the “B1” revision, see Asus_RT-AC66U_B1.” Now, I follow the new link to updated instructions and I see hardware revision A1 and B1 instructions are radically different. I notice the next block of bolded text, “it is recommended that you flash an RT-AC68U build. RT-AC66U builds are optimized for revision A1 and will not work with this router.” Wow, I was really lucky there. I could have ruined this router by flashing the wrong firmware that I downloaded in the previous step. I follow the updated instructions to download the AC68U firmware file.

Step 4: Connect your computer to the Wifi router to flash the firmware

You will most likely do this step several times before you get it right. Follow the linked instructions, steps 1-14. Make sure you are not rushed and I always like to have a bit of music playing to help keep stress levels down. Steps 1-4 are simple, please remember to disconnect from any other WiFi routers and connect a cat6 cable from your computer to the router you want to flash. Make sure you connect to the LAN port, not the WAN port. Steps 5-9 explain how to put your Asus router in “rescue mode” to enable the flashing of firmware. While there is a firmware flash mode in the typical Asus menu, it will not allow you to flash a 3rd party firmware like dd-wrt. If you followed the steps correctly, your power LED will be flashing slowly and 192.168.1.1 will show a simple webpage entitled ASUSTek – CFE miniWeb Server. Step 10 tells you to “Restoredefault NVRAM values” and step 11 prompts you to browse for the .trx firmware file on your computer and click upload. It will take maybe a minute or two to transfer the file at which point the webpage will say flashing the firmware, please wait a few moments. I asked how long are a few moments? It says the router will reboot when complete. Be patient, wait at least 15-20 min to let the firmware file flash and you’ll know when it’s done when the router reboots and the power light goes solid (no blink). Now, I used the AC68U firmware file like the instructions warned me to do but that didn’t work (I tried 3 times). On a lark I used the n66u firmware .trx file I originally downloaded and it worked like a champ! go figure….

Configure your new router

Step 5: Configure your newly flashed DD-WRT router

After the router reboots from the flash, connect via your PC which is still connected via the CAT6 cable to http://192.168.1.1 which is the default IP address for your WiFi router. You might also see a WiFi SSID of dd-wrt on your network. When you first connect you will be prompted to choose a login name and password for your router. Make sure you don’t forget these as they are the admin credentials. For me, this router is a second router on the network (i.e. it’s not my primary router). If I was try and connect it to my main network, I would get an IP address conflict for 192.168.1.1 which is the actual IP address of my primary router. In the setup tab in the Network Setup section I changed the routers IP address to 192.168.1.2 and set the subnet mask to 255.255.255.0. I set the gateway to 192.168.1.1 and I set my DNS to 192.168.1.133 (which is my pihole server << more on that in another blog post). I disabled the WAN connection type and gave my router the name lung (you see my primary router is always named heart). I hit save and apply settings and I believe the router restarted. I can now plug this router via CAT6 cable into my primary router to check that they happily co-exist.

Step 6: Setup the WiFi repeater

AiMesh and DD-WRT WiFi repeater mode essentially allow you to extend your WiFi coverage and you can leverage one band (2.4 GHz for example) to do the bridge and rebroadcast on another band. There are so many combinations here I’m not entirely sure which one is best. I stumbled upon a great Youtube channel called Behfor that walks you thru the what’s and the why’s of your WiFi router and setting up the repeater. Look for the video entitled Dual Band DD-WRT Repeater Bridge. I’m still playing around with this part 😉 Let me know if this was helpful or if you are using WiFi Repeater.

Categories
Software

Minecraft MineOS running on FreeNAS 11.3

My kids love to play Minecraft; it’s a fun game that has remained extremely popular for a decade (a rare feat). Everyone in the family has an account and much of the fun of Minecraft is playing together in a shared world. I will teach you how to setup shared worlds (and back them up) using MineOS software on FreeNAS / TrueNAS.

Step 1: Install MineOS FreeNAS Plugin

The folks at IXSystems must be big fans of Minecraft because they packaged a Minecraft server solution along with backup utilities and Plex. MineOS is a free plugin to allow you to host Minecraft servers on your FreeNAS box. Within Plugins menu item on FreeNAS web GUI select MineOS and select INSTALL. Give it a name, I chose mineos and select plugin details >>> mostly select DHCP vs. NAT for networking. DHCP will create a fresh Jail, use DHCP to configure networking and install the MineOS software.

If your plugin installation is successful it will look similar to the above image. Note the IPv4 address and click the Manage link to be redirected to the MineOS login page. The default username is mcserver and the default password is mcserver.

When you login, you should see a web GUI similar to the above. In this example I have two (2) servers running. Your example will show no servers running (which is totally ok!). The Dashboard link (circled above) will return you to this menu for any point in MineOS.

Why MineOS?

MineOS is an open source project from William Dizon (looks like it’s been around since 2010). Essentially a Web GUI for administering your Minecraft servers along with utilities to backup and upgrade your world. It’s useful to move an server or daemon process off you local host or laptop to provide improved resiliency and uptime and allow for dedicated resources. You can also setup port forwarding on your wifi router along with a dynamic dns name to allow folks from outside your local area network (LAN) to connect to your Minecraft server. MineOS also allows you to upgrade your world from various versions of Minecraft releases and try out new exciting systems like direwolf and feed the beast (more on this later).

Step 2: Download Server Profile Jars

Minecraft Java Edition is packaged and released as Java Archive (JAR) files from Mojang.com. Your Minecraft launcher application on Windows, Mac or Linux will automation this download when you select the game version. In MineOS you will need to click on the Profiles menu item (on the left), select Mojang from the ID column and then click the Green Download button. You know that you are successful if you see the check and Downloaded next to the Jars you requested. Be careful and do not try and get every Jar at once; the Web GUI doesn’t have a throttle.

If you have errors Downloading Server Jars, do the following:

  1. Stop and Start the Mineos Jail in FreeNAS. Sometimes, I’ve seen it where the networking (to the outside world) doesn’t work correctly the first time. I don’t think this is a problem anymore but worth trying.
  2. Make sure you know where Mineos is trying to save those Jars and that you have write access and enough space. We’ll get into customizing where these Jars are saved in a later article.

Step 3: Create Your First Server

Back on the MineOS menu, please select the “Create New Server” menu item. You will be presented with a dialog to name the server; I chose the name of server01 (boring, I know). All fields with light-gray text will default to those values, i.e. the port will be set to 25565 (which is the default for Minecraft). You might want to change the Level-Name to something interesting. Set the difficulty and gamemode and click create new server. Please note it doesn’t actually start the server yet (we’ll do that next) and most if not all these items can be changed with the exception of the server name.

Step 4: Start Your First Minecraft Server

In the MineOS web GUI go back to the Dashboard and select the server you created.

The Server At A Glance dashboard is very informational. If the server is down, as it will be initially, the server status will be RED. In the Server Actions box, you need to choose the Minecraft server profile you downloaded from Step 2 (in this case 1.16.3). You should ensure that broadcast to LAN and start server on boot checkboxes are checked. In the Java settings you need to select the JAR file from Step 2 (in this case minecraft_server.1.16.3.jar. I like to set the max Java heap (memory) size on the Java runtime to between 1024 and 2048 Mb (1 to 2 Gb). -Xms means minimum Heap size; it’s ok to leave that blank.

Then click Accept EULA and click start to run the server.

If all goes well your Server should show up on the status page and if you click on the latest log link on the left you should see something similar to the below

In your Minecraft Java client you should select Multiplayer and add the server IP that your MineOS is running on to connect to the server (in this case 192.168.1.12). Once you connect, the latest log will show a connection log message for each player. Enjoy!

Categories
Hardware Software

Use a TiVo as a Video Capture Card + Archive to Plex, FreeNAS / TrueNAS

I’ve been a loyal TiVo customer for more than 16 years which feels awkward to type. TiVo never really cracked into the mainstream, it has always been a premium product and it has since gone thru many acquisitions and CEOs in recent years. I currently own a TiVo Bolt and several TivoHDs. The TiVo is a DVR (Digital Video Recorder) which is a market they practically invented along with a competitor named ReplayTV. I’m not a heavy television watcher but I do watch sports and particularly NHL Hockey. The TiVo can setup a “season pass” on a particular sports team and record all games (i.e. Dallas Stars). My TiVo Bolt has a 500 GB internal HD which is capable of holding many dozens of shows; the Dallas Stars are on a historic Stanley Cup run and I wanted to archive some games for watching later / posterity. The TiVo has native Plex App support so I wondered if I could pull the recorded MPEG shows off the TiVo and archive them in a Sports Plex Library on my FreeNAS server (which has many TBs of storage and ZFS!).

Update 25-Oct-20: The Dallas Stars lost the cup to the Tampa Bay Lightning in 6 games. It was exciting hockey and I’m sure glad I have the series on my Plex. I’m excited for next season, looks like we’ve signed most the team back with the exception of Corey Perry and Matthias Janmark.

Step 1: The Fair Use Doctrine

Am I legally allowed to record and save a show from my TiVo to the Plex? Accord to the Fair Use Doctrine the answer is yes.

I can legally record a broadcast TV program (from a Cable TV feed I pay a monthly fee for) on a recording device such as a Video Cassette Recorder, Digital Video Recorder or computer for my personal use. Recording programming for later viewing is called “Time Shifting” and is a legally supported act. I can view the recorded content as many times as I want, I can make additional copies of the recorded content and I can distribute copies of the content to other people in person. Educational uses of recorded TV content receive additional protection. It is legal to record a TV program and play it for a class. I can also edit and parody the recorded content as long as the new version adds new value (insight, understanding, aesthetics) to the original. 

I can’t hold public exhibitions, rebroadcast, distribute on peer-to-peer networks or sell a TV broadcast recording. Fair use does not protect mass distribution of recorded content or the ability for a person to make a financial profit from a copyrighted recording.

The TV recording copyright laws for the U.S. are rooted in the Sony Corporation V. Universal City Studios court case–commonly known as the beta max case. The Supreme Court determined that “video tape recorders” did not infringe on the TV programming copyrights and the potential financial loss to copyright holders from TV recording would be negligible. The case made it legal to produce and sell TV recording devices and for people in the U.S. to record TV programming.

Step 2: How Do I get my Shows off the TiVo?

Let me introduce you to a wonderful little piece of software called pyTivo. This open source software which is not affiliated in any way with TiVo, Inc provides similar functionality to the TiVo Desktop software for Micro$oft Windows and Apple Macintosh. Namely this software allowed you to push and pull MPEG video files from my TiVo and I have been a happy user for over 10 years. The software runs on a host (or a NAS or wifi-router) on your local area network and listens via multi-cast IP for connected TiVo devices. The software is very simple to install and very light requiring only Python, ffmpeg (to transcode) and the tivodecode utility to decrypt TiVo video files. I setup a Jail on my FreeNAS 11.3 server where I wanted to install pyTivo. I had previously setup a share called sports on my medialibrary directory on my NAS pool. I kept the sports folder seperate from Movies or Television on the Plex and in the medialibrary since Plex expects a certain naming structure for Television shows or Movies. I installed the required software:

rich@kidney$ pkg add ffmpeg git tivodecode
rich@kidney$ cd ~/
rich@kidney$ git clone git://repo.or.cz/pyTivo/wmcbrine.git
rich@kidney$ mv wmcbrine pyTivo
rich@kidney$ cd pyTivo
rich@kidney$ cp pyTivo.conf.dist pyTivo.conf
rich@kidney$ vi pyTivo.conf
rich@kidney$ ./pyTivo.py

Step 3: Configuration of pyTivo and First Download

Jot down the IP address of the Jail you configured in Step 2. Fire up your favorite web browser and head over to that address and port 9032 (which is the default, you can change this). The pyTivo user interface is very simplistic. It will initially only show you a Settings link which you must configure for first use.

I’ve circled the most important settings and how I’ve configured them. The paths to ffmpeg and tivodecode and tdcat binaries must resolve. You can test the fully qualified path names to those binaries on the FreeNAS ssh command line. Please note that I compiled a fresh version of tdcat and tivodecode from wcmcbrines git repo as the stock FreeBSD tivodecode binary seg faulted for me. I set my beacon address to the multi-cast for my local subnet and I ensured that my FreeNAS box was on the same local subnet as my TiVos. The togo_path is important. This is where all shows downloaded from the TiVo will be saved local to the pyTivo installation. As previously mentioned I created a sports mount point to my medialibrary share on my ZFS pool. Lastly, I filled in the TiVo MAK (Media Access Key) for my particular account. This is a secret key used to decrypt shows recorded on my personal TiVo — Do not share this key! You can find your MAK on tivo.com when you login to your account. Save changes and restart your pyTivo to ensure changes take affect. Make sure on the command line that pyTivo.conf has been updated with the information you input in the Settings menu. When you restart pyTivo you should see a listing of your TiVo’s and if you input a correct MAK key then you should be able to connect and browse a listing of shows on the Tivo.

If you click on a folder you should see a listing of shows with a description of each one along with the runtime, the file size and the date it was recorded. The exclamation point next to each show means these shows will be deleted shortly as needed for space. Remember: I only have a 500 GB model…

So, each Dallas Stars hockey game is 3.5 to 4 hours and it’s about 7 GB of 720p video recorded at 4 Mbs. I can of course play around with how this is recorded on the TiVo Bolt itself but this seems to be a good compromise of space/size vs. quality. Honestly I want to avoid any transcoding and just focus on decrypting and downloading to the NAS.

Click the check next to each show you want to download and check the bottom boxes to decrypt, save meta data and transfer as mpeg-ts. As far as I understand the mpeg-ts doesn’t transcode and just copies the raw file from the TiVo.

Rename each file and add .mpg extension; the text file will contain meta data for the video.

Quick Update 23-Sep-20: You don’t need to rename the file extension to .mpg for the Plex file scanner to “see” the video files. Just make sure the file permissions allow Plex at minimum to read the file. A simple check of chmod 777 could help spot if that is the issue. The file will come into Plex with the default filename as the Title. You can “enrich” this information manually in the Plex UI if you wish. Plex seem to take 3 or so stills from the video file to use as the poster in Plex. These seem to be fine for me in most cases.

Step 4: Add Tivo function user to run PyTivo Jail

In the FreeNAS web console, select Accounts and Users and click on the Add button. Fill in the new user details, in my case I created the user tivo and most important set the UID (user id) to a unique number higher than 1000. In my case I chose uid 1010. Next set the group for the tivo function user to something that you use with your media, in my case the media group. You can setup a home directory if you wish (it’s not necessary). Click save to create that user.

Ssh into your tivo FreeNAS Jail using the following command

root@kidney$ jls tivo
root@kidney$ sudo jexec 8 /bin/tcsh  <<whereas 8 is your tivo jail id>>

root@tivo$ whoami

Now that you are in your Tivo jail as a the root user which you can see from the command line. Users and groups created within a FreeNAS jail are only visible in that jail. Meaning you can create users here but they are unique to that jail and are not in your overall FreeNAS system. But, you can create a new user in the jail and use the same UID and GID as the users and groups you setup in the overall FreeNAS system. That way any file saved will show tivo and group media in both the Jail and in FreeNAS and via shares. To do this run the following commands within the Tivo jail:

root@tivo:/mnt/sports # pw groupadd media -g 8675309
root@tivo:/mnt/sports # pw groupshow media
media:*:8675309:


root@tivo:/mnt/sports # adduser
Username: tivo
Full name: TiVo Functional User
Uid (Leave empty for default): 1010
Login group [tivo]: media
Login group is media. Invite tivo into other groups? []: 
Login class [default]: 
Shell (sh csh tcsh git-shell nologin) [sh]: 
Home directory [/home/tivo]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]: 
Username   : tivo
Password   : *****
Full Name  : TiVo Functional User
Uid        : 1010
Class      : 
Groups     : media 
Home       : /home/tivo
Home Mode  : 
Shell      : /bin/sh
Locked     : no
OK? (yes/no): yes
adduser: INFO: Successfully added (tivo) to the user database.
Add another user? (yes/no): no
Goodbye!

In the above instance I had already created a media group in FreeNAS with 8675309 as the group id (I guess I was in a comical mood that day! Jenny Jenny … lol ).

Step 5: Setting pyTivo process to Autostart as tivo user

Update: 25-Oct-20: This one took me a bit of time to figure out. I followed this guide which was written for another python program called octoprint. In the guide they talk about writing an rc script to start the program and in particular to run it as a daemon. I did a bit of tinkering and I got it to work with pyTivo. Please note that pyTivo currently still needs python 2.7. 

!/bin/sh
 PROVIDE: pytivod
 REQUIRE: DAEMON LOGIN NETWORKING
 KEYWORD: shutdown
 . "/etc/rc.subr"
 base_path="/usr/local/bin"
 name="pyTivo"
 desc="pytivo daemon"
 rcvar="pytivod_enable"
 pidfile="/var/run/${name}.pid"
 command="$location/$name/$name.py"
 command="/usr/sbin/daemon"
 command_args="-p ${pidfile} -u tivo -f -c ${base_path}/${name}/${name}.py"
 command_interpreter="/usr/local/bin/python2.7"
 load_rc_config $name
 run_rc_command "$1"

The rc script with the above content was saved in /usr/local/etc/rc.d as pytivod and I made sure to set the script as executable. I also made sure that pytivod_enable=”YES” is in the /etc/rc.conf file within the Jail. Restart the Jail and check that the process has auto-started and that the process is running as the tivo user. This is really, really important for me as I want all files to be owned by tivo:media on the TrueNAS and I can set the plex user and the tivo user to be in the media group so they have read/write access to those files.

Step 6: Add Plex Library for Other Videos

In your Plex web user interface add a new Video Library, make sure you choose other videos. I named the library sports for NHL and MLB games. In the Plex user interface you can scan for new media files and update the title and other details from the meta data text file. In the Other Videos category it’s really very simple and it doesn’t scan and enrich the filenames. I will need to add a renamer function to add series name and episode number to the filename of the files if I want a more seamless “Television Shows” experience on Plex. I’m still working on that part and I’ll update this posting when I get somewhere with that.

Categories
Hardware Software

Floppy Disks on Linux in 2020

I setup a USB floppy disk drive on my Ubuntu Linux computer in the summer of 2020 because “Hey, Why Not?”. I have one box of diskettes, they are 2HD unformatted. When I plugged it in, I knew that it was /dev/sdc because the Disks utility showed it as that. I needed to format the diskettes as VFAT (i.e. DOS compatible) and 1.44Mb capacity. I then wanted to mount the disk in my filesystem. In Unix there is a consistent filesystem starting with the root (“/”) directory. I wanted this in /media/floppy, so I did the following:

% sudo apt install ufiformat
% sudo ufiformat -i /dev/sdc
vendor:  Y-E DATA
product: USB-FDU
write protect: off
media type: 2HD
status      block size   kb
formatted    2880  512 1440
formattable  2880  512 1440
formattable  1232 1024 1232
formattable  2400  512 1200

% sudo ufiformat -f 1440 /dev/sdc
geometry: track=80, head=2, sector=18, block=512
done  

% sudo mkdir /media/floppy
% sudo mount /dev/sdc /media/floppy
Categories
Hardware Software

Ubuntu Apple Magic Mouse Woes

I’ve been running System 76’s Pop OS as my desktop OS for a few weeks now. I switched from MacOS to Linux full time this year; previously i had at least one MacOS iMac and then one or two Linux boxes. Now, since my sad mac woes where my hard disk failed (or was failing SMART checks) and I tried to fix which left the iMac running sub-par — I built a Linux box and switched full time. If felt like an awakening of sorts as I’d been praising the beauty and small form factor of the iMacs when the hardware was dreadfully underwhelming. More detail on my Linux box later, this post is about Apple HID or Human Interface Devices. I just like my Apple keyboards, trackpads and mice. I’m still using them on my Linux box happily but there is one thing that has been grating me — emulation of a 3 button mouse which by default pastes clipboard content.

So, modern Linux by default support Apple’s Magic Mouse and it provides all the touch features you’ve been used to on MacOS. Unfortunately, it also emulates a 3 button Unix mouse where the middle button pastes from the clipboard. This is so frustrating as the middle click area is awkwardly close to the left click area. I googled and “fixed” this by executing the following command line:

% sudo rmmod hid_magicmouse
% sudo modprobe hid_magicmouse emulate_3button=0

This is quick and it seems to have survived a reboot so I hope it sticks. It essentially turns off the middle button click but leaving left and right and the other various touch features.

I read this on a forum recently and I though it was very appropriate

Honestly, I won’t say the transition has been entirely painless – it does take time to adjust to a new operating system, but I have to say, my biggest regret is that I didn’t ditch Apple’s computers sooner. I love my iPhone but honestly it does feel like Apple just isn’t all that interested in their desktop / laptop computers recently.

Categories
Hardware Software

FreeNAS 11.3 + Asterisk VOIP, Cisco IP Phone 7942

Create your own PBX for VOIP and run it all from within your FreeNAS 11.3 server in a Jail — no WebGUI needed for Asterisk as long as you are comfortable with the command line. I see a lot of folks talking about using FreePBX which looks amazing but honestly I just want to run this in a FreeNAS jail and Asterisk is really all you need. I purchased 11 Cisco 7942 IP Phones for $40 (including FedEXshipping) from Goodwill which is such a deal considering these phones were on sale new until February 2016 for $455.00 USD! Now this phone is a trip to configure for SIP especially if you are going to handcraft the XML which is how we are going to do it (there is plenty of documentation on line to help you). I will draw heavily on an blog article I read from whizzy.org and I will add bits that worked for since I had a slightly different setup. Many thanks to Will Cooke who wrote the article, I’ve literally read it a dozen times and I get a bit more each time I read it. No joke this took me a solid 10 days during Covid-19 lockdown to figure out (obviously not 10 days straight — I set small goals and would keep at it until I got a bit farther…). OK, on to the steps…

Step 1 — Setup FreeNAS Jail

Let’s get a FreeNAS Jail setup and download Asterisk. We won’t configure Asterisk yet, just download and install. We’ll focus on the latest Asterisk version 16. Also, we will want to use SIP for VOIP, Asterisk can do much more but everything is SIP now-a-days.

Step 2 — Setup your Wifi Router for TFTP and NTP

I don’t want to install any specialty software (like a TFTP server or Cisco Call Manager). I have a very capable ASUS router that is flashed with the ever popular Merlin firmware, so I figured I’d enable NTP and TFTP on it. Why does this matter? Well, you see, when a Cisco IP Phone boots it first tries to get an IP4 address via DHCP and next it looks for a local TFTP server to load it’s config. You can specify in the phone the IP address of the TFTP server but by default it’ll look at the same gateway server that it got it’s DHCP address from. ASUS Merlin uses DNSMasq binary for various DNS services and you can enable TFTP within DNSMasq with a few quick steps.

  • Flash your router with the latest supported Merlin firmware.
  • Login to your routers web GUI, mine is at 192.168.1.1, default login is admin
  • In Administration >> System >> Change router password, set the new login name and password. Make sure it’s a strong password.
  • In Administration >> System >> Persistent JFFS2 Partition, click Yes on BOTH Format and Enable persistent JFFS
  • Before we leave this page, On Basic Config, select Yes to Enable Local NTP Server and Intercept NTP queries. You must then set you Timezone and Daylight Savings parameters.
  • Continuing on this page, Find Service and set Enable SSH to “LAN Only”
  • Click Apply
  • Next, install a FAT32 formatted USB thumb-drive in one of the routers USB slots.
  • REBOOT your router. When it comes back up ensure that all the setting you set were applied. NOTE, in Administration >> System >> Persistent JFFS2 Partition >> Format will now be set to “No” and that is correct.
  • In an SSH Terminal on your Mac, Windoze or Linux box, connect to your router with ssh <login>@192.168.1.1 use the login and password from the earlier step. You will be prompted to save the server key for your first login, type y or yes.
  • In your SSH session, do the following:
cd /jffs/configs
vi dnsmasq.conf.add
<hit the i key to insert and type>
enable-tftp
tftp-root=/tmp/mnt/<some directory on that USB thumbdrive>/tftproot
<hit esc key to break out of insert mode>
<hit SHIFT and ZZ to save>
  • While you are still in your SSH session cd to /tmp/mnt and find your USB drive. I set mine to mount as data so I cd’ed to /tmp/mnt/data
  • Create the tftproot directory by typing mkdir tftproot
  • Set the permissions on that directory to 777 and set the owner to nobody via the chmod and chown commands
  • Restart your router again via the web GUI which will end your SSH session.
  • When your router is back up check that TFTP service is listening (it’s running on port 69 😉 ) You should see something like this
<user>@<router>:/jffs/configs# netstat -an | grep 69
...
udp        0      0 127.0.0.1:69            0.0.0.0:*                           
udp        0      0 192.168.1.1:69          0.0.0.0:*

Remember this tftproot directory on the USB thumbdrive because you are going to be referencing it a lot. I basically have a terminal window opened and ssh’ed to that directory which I used to create all the XML files to configure the Cisco IP Phones. Remember that every file and subdirectory needs to be chmod’d to 777 and chown’d to nobody so the Cisco phone can read them.

Step 3 — Download the SIP Firmware from Cisco

Remember that I said everything is SIP now-a-days? Well, Cisco used another protocol called Cisco Skinny and I bet 9 times out of 10 any Cisco IP phone that you find used will have the Skinny protocol on it rather than SIP. It’s fairly easy to update the phones. Let’s get the latest software. You do will need to register an account to download the files, it’s free.  At the time of writing the latest version is of SIP firmware for the Cisco IP Phone model 7942 is 9.4.2 SR 3 dated 15th February 2017, even though these phones are end-of-life.  Bizarre, but good for us.  Thanks Cisco! <<< this last comment is from Will Cooke which I thought was funny so I copied it here. You should get the software package labeled “7942 and 7962 SIP IP Phone Firmware Files Only” which is about a 6 Meg zip file. Download it and copy the zip to the tftproot folder and uncompress it. Please remember to set permission on all extracted files to 777 and owner to nobody. BTW, the 7942 and the 7962 are the same phones but the 42 has 2 “lines” and the 62 has 6 “lines”.

Step 4 — Flash the phone with SIP Firmware via the TFTP server

Take your Cisco phone and turn it over. On the back side there is a port labeled 10/100 SW which stands for Switch or the connection to the network switch to be more exact. If you network switch supports PoE (Power over Ethernet) than all you need to do is plug a CAT5 or CAT6 patch cable from the switch to the 10/100 SW labeled port. I have a Cisco Meraki Gb PoE Ethernet switch so I’m all set! If you don’t have a PoE capable switch then you need a power adapter which you can get on Amazon. When you plug in the phone it will attempt to boot and connect to whichever service it was configured for — this won’t work and the phone will spin on registering or it’ll say “Unprovisioned”. What you want to do is flash the firmware that you just downloaded.

  • Unplug and then plug the network or power back in and hold down the # key (only takes a few seconds on 7942 model)
  • Eventually you will see the “line” lights start to flash orange.  When the line lights are flashing type 123456789*0#  This will start firmware download mode.
  • The screen will go black for a moment and then go through the process of getting an IP address and connecting to the TFTP server Once connected to the TFTP server the software download will start. You can check the server logs on your router to see the connection, the DHCP and finally the TFTP file requests. Note: that it’ll ask for some files that you won’t have and that’s ok for now since we’re focusing on the firmware.
  • The upgrade takes 5-10 min normally. The phone will reboot once download is complete and present you with an “Unprovisioned” message on the screen.  This is good news!  The phone firmware has now been updated — go to the next step, else continue to the next bullet item here.
  • If the phone sticks at the “Upgrading screen with the Cisco logo” for more than 10 min with no visible activity then you are in whats called the “Boot Loop”. I had this on about 5 of my phones; I don’t know what causes it but I’ll tell you how to fix it.
  • Unplug the phone and replug it again and hold # as it boots (like before) and instead of 1234567890*# do 3491672850*# (notice the pattern of your fingers with each sequence so you can repeat it without even thinking in the future). The “lines” will flash RED this time.
  • Do not do anything to the phone until it completely resets and comes back up functional. This essentially formats the flash and only keeps the Cisco Native Unix (CNU). It takes 10+ minutes and for a while it looks like the phone isn’t doing anything (but it is). Be Patient. Your phone will automatically reboot and hopefully this time it’ll connect to the TFTP server and begine the Firmware install.
  • You can repeat this process if you ever need to, I did it on my first phone a dozen or more times without any apparent impact to the phone.

Step 5 — Configure the SIP extension in Asterisk

Will Cooke mentioned an important piece of information in mind: The Cisco 7941 can only deal with 8 character passwords, so keep your SIP authentication secret to 8 characters. I haven’t checked if 7942 improves this, YMMV. Ssh to your FreeNAS server and use jexec to ssh into the Asterisk jail. When you are at the command line, do the following:

cd /usr/local/etc/asterisk
vi sip.conf

<add these lines at the bottom>

[1001]
deny=0.0.0.0/0.0.0.0
secret=password
context=from-internal
host=dynamic
type=friend
nat=no

<hit shift ZZ to save it>
<then run this command>

asterisk -r

<at the Asterisk CLI Command Line Interface, type>

reload

Step 6 — Create Phone XML Config and Upload to the TFTP Server

As Will Cooke states: Please take the time to read this section fully, this is the part that is most troublesome. The Cisco 7942 is very picky about it’s config file and even a small mistake will stop the phone from working. I spent many days on this step; it will not be uncommon for you to spend many days as well on this. These settings are specific to the 79×[1,2] series of phones running v9.x.x of the SIP firmware. If you are not using this type or hardware or software then these settings are not for you.

Once the phone has loaded it’s firmware and booted, it will go looking for a file called SEP<PHONE MAC ADDRESS>.cnf.xml.  So if the MAC address of your phone is 11:22:33:44:55:66 then the config file needs to be named SEP112233445566.cnf.xml.  This file needs to be in the root of your TFTP server. The file is CASE SENSITIVE; go back and read that part again. A small typo that thinking a B is an 8 or vice versa will cause hours of “fun” so please check carefully.

Here is my file:

<?xml version="1.0" encodng="iso-8859-1"?>
<device>
  <fullConfig>true</fullConfig>
  <deviceProtocol>SIP</deviceProtocol>
  <sshUserId>admin</sshUserId>
  <sshPassword>cisco</sshPassword>
  <devicePool>
    <dateTimeSetting>
      <dateTemplate>M/D/YA</dateTemplate>
      <timeZone>Central Standard/Daylight Time</timeZone>
      <ntps>
        <ntp>
          <name>IPADDRESSOFROUTER</name>
          <ntpMode>Unicast</ntpMode>
        </ntp>
      </ntps>
    </dateTimeSetting>
    <callManagerGroup>
      <members>
        <member priority="0">
          <callManager>
            <ports>
              <sipPort>5060</sipPort>
            </ports>
            <processNodeName>IPADDRESSOFASTERISK</processNodeName>
          </callManager>
        </member>
      </members>
    </callManagerGroup>
  </devicePool>
  <commonProfile>
    <phonePassword></phonePassword>
    <backgroundImageAccess>true</backgroundImageAccess>
    <callLogBlfEnabled>2</callLogBlfEnabled>
  </commonProfile>
  <loadInformation>SIP42.9-4-2SR3-1S</loadInformation>
  <vendorConfig>
    <settingsAccess>1</settingsAccess>                                            
    <sshAccess>0</sshAccess>  
    <disableSpeaker>false</disableSpeaker>
<disableSpeakerAndHeadset>false</disableSpeakerAndHeadset>
    <pcPort>0</pcPort>      
    <garp>0</garp>          
    <voiceVlanAccess>0</voiceVlanAccess>
    <videoCapability>0</videoCapability>
    <autoSelectLineEnable>0</autoSelectLineEnable>
    <webAccess>0</webAccess>
    <daysDisplayNotActive>1,7</daysDisplayNotActive>
    <displayOnTime>08:00</displayOnTime>
    <displayOnDuration>10:30</displayOnDuration>
    <displayIdleTimeout>01:00</displayIdleTimeout>
    <spanToPCPort>1</spanToPCPort>
    <loggingDisplay>1</loggingDisplay>
    <loadServer></loadServer>
  </vendorConfig>           
  <userLocale>              
    <name>English_United_States</name>
    <uid>1</uid>            
    <langCode>en_US</langCode>
    <version>1.0.0.0-1</version>
    <winCharSet>utf-8</winCharSet>
  </userLocale>             
  <networkLocale>United_Kingdom</networkLocale>
  <networkLocaleInfo>       
    <name>United_Kingdom</name>
    <version>10.5.3.0</version>
  </networkLocaleInfo>      
  <deviceSecurityMode>1</deviceSecurityMode>
  <idleTimeout>10</idleTimeout>
  <authenticationURL></authenticationURL>
  <directoryURL></directoryURL>
  <idleURL></idleURL>       
  <informationURL></informationURL>
  <messagesURL></messagesURL>
  <proxyServerURL></proxyServerURL>
  <servicesURL></servicesURL>
  <transportLayerProtocol>2</transportLayerProtocol>
  <phonePersonalization>1</phonePersonalization>
  <autoCallPickupEnable>true</autoCallPickupEnable>
  <dndCallAlert>1</dndCallAlert>
  <advertiseG722Codec>2</advertiseG722Codec>
<rollover>0</rollover>    
  <joinAcrossLines>0</joinAcrossLines>
  <capfAuthMode>0</capfAuthMode>
  <capfList></capfList>     
  <certHash></certHash>     
  <encrConfig>false</encrConfig>
  <sipProfile>              
    <sipProxies>            
      <backupProxy>IPADDRESSOFASTERISK</backupProxy>
      <backupProxyPort></backupProxyPort>
      <emergencyProxy></emergencyProxy>
      <emergencyProxyPort></emergencyProxyPort>
      <outboundProxy></outboundProxy>
      <outboundProxyPort></outboundProxyPort>
      <registerWithProxy>true</registerWithProxy>
    </sipProxies>           
    <sipCallFeatures>       
      <cnfJoinEnabled>true</cnfJoinEnabled>
      <callForwardURI>x--serviceuri-cfwdall</callForwardURI>
      <callPickupURI>x-cisco-serviceuri-pickup</callPickupURI>
      <callPickupListURI>x-cisco-serviceuri-opickup</callPickupListURI>
      <callPickupGroupURI>x-cisco-serviceuri-gpickup</callPickupGroupURI>
      <meetMeServiceURI>x-cisco-serviceuri-meetme</meetMeServiceURI>
      <abbreviatedDialURI>x-cisco-serviceuri-abbrdial</abbreviatedDialURI>
      <rfc2543Hold>true</rfc2543Hold>
      <callHoldRingback>1</callHoldRingback>
      <localCfwdEnable>true</localCfwdEnable>
      <semiAttendedTransfer>true</semiAttendedTransfer>
      <anonymousCallBlock>0</anonymousCallBlock>
      <callerIdBlocking>0</callerIdBlocking>
      <dndControl>0</dndControl>
      <remoteCcEnable>true</remoteCcEnable>
    </sipCallFeatures>      
    <sipStack>              
      <sipInviteRetx>6</sipInviteRetx>
      <sipRetx>10</sipRetx> 
      <timerInviteExpires>180</timerInviteExpires>
      <timerRegisterExpires>3600</timerRegisterExpires>
      <timerRegisterDelta>5</timerRegisterDelta>
      <timerKeepAliveExpires>120</timerKeepAliveExpires>
      <timerSubscribeExpires>120</timerSubscribeExpires>
     <timerSubscribeDelta>5</timerSubscribeDelta>
      <timerT1>500</timerT1>
      <timerT2>4000</timerT2>
      <maxRedirects>70</maxRedirects>
      <remotePartyID>true</remotePartyID>
      <userInfo>Phone</userInfo>
    </sipStack>             
    <autoAnswerTimer>1</autoAnswerTimer>
    <autoAnswerAltBehavior>false</autoAnswerAltBehavior>
    <autoAnswerOverride>true</autoAnswerOverride>
    <transferOnhookEnabled>true</transferOnhookEnabled>
    <enableVad>false</enableVad>
    <preferredCodec>none</preferredCodec>
    <dtmfAvtPayload>101</dtmfAvtPayload>
    <dtmfDbLevel>3</dtmfDbLevel>
    <dtmfOutofBand>avt</dtmfOutofBand>
    <alwaysUsePrimeLine>false</alwaysUsePrimeLine>
    <alwaysUsePrimeLineVoiceMail>false</alwaysUsePrimeLineVoiceMail>
    <kpml>0</kpml>          
    <stutterMsgWaiting>0</stutterMsgWaiting>
    <callStats>true</callStats>
    <offhookToFirstDigitTimer>15000</offhookToFirstDigitTimer>
    <silentPeriodBetweenCallWaitingBursts>10</silentPeriodBetweenCallWaitingBursts>                         
    <startMediaPort>35900</startMediaPort>
    <stopMediaPort>65564</stopMediaPort>
    <phoneLabel>NewPhone</phoneLabel>
    <natEnabled>false</natEnabled>
    <natAddress></natAddress>
    <sipLines>              
      <line button="1" lineIndex="1">
        <featureID>9</featureID>
        <featureLabel>1008</featureLabel>
        <name>C0255C42118C</name>
        <displayName>1008</displayName>
        <contact>1008</contact>
        <proxy>USECALLMANAGER</proxy>
        <port>5060</port>   
        <autoAnswer>        
          <autoAnswerEnabled>0</autoAnswerEnabled>
          <autoAnswerMode>Auto Answer with Headset</autoAnswerMode>
       </autoAnswer>       
        <callWaiting>1</callWaiting>
        <authName>SIPNAME</authName>
        <authPassword>PASSWORD</authPassword>
        <sharedLine>false</sharedLine>
        <messageWaitingLampPolicy>3</messageWaitingLampPolicy>
        <messagesNumber>*97</messagesNumber>
        <ringSettingIdle>4</ringSettingIdle>
        <ringSettingActive>5</ringSettingActive>
        <forwardCallInfoDisplay>
          <callerName>true</callerName>
          <callerNumber>false</callerNumber>
          <redirectedNumber>false</redirectedNumber>
          <dialedNumber>true</dialedNumber>
        </forwardCallInfoDisplay>
      </line>               
      <line button="2">     
        <featureID>3</featureID>
        <featureLabel>Hold</featureLabel>
      </line>               
    </sipLines>             
    <externalNumberMask></externalNumberMask>
    <voipControlPort>5060</voipControlPort>
    <dscpForAudio>184</dscpForAudio>
    <ringSettingBusyStationPolicy>0</ringSettingBusyStationPolicy>
    <dialTemplate>dialplan.xml</dialTemplate>
    <softKeyFile>softkeys.xml</softKeyFile>
  </sipProfile>              
</device>

Copy this XML file to the root of your TFTP server. You phone will automatically try and load the config; if you are impatient you can hit the settings button on the phone and then hit asterisk key twice then the hash key and finally asterisk key twice ( **#**). This will cause the phone to soft boot and try and load the config. It will probably load the firmware again to finish loading the SIP firmware which is completely natural. If successful after all the reboots, the phone will not show “unprovisioned” and the phone icon next to the “line” button on the right side will NOT have an x in it. Go ahead and make a call!

Troubleshooting

Need to fill this out.

Categories
Software

Game Emulators – GameCube, Wii, PlayStation

www.youtube.com/watch

My boy.

Categories
Software

Fixed Goodreads Plugins

The Goodreads plugins I’ve been using on my blog have been broken for the past few months. When I installed WordPress fresh in a FreeBSD jail I got everything working on WordPress except the Goodreads plugins so I left it for another day. I was seeing a series of error messages in the nginx error logs and I wasn’t sure if the issue was related HTTPS and SSL or another type of issue. Well, today I had a bit of time to dig into the issue and I found that there were in fact four (4) separate issues that needed to be solved (all very sneaky). The first issue related to the cacert.pem file in the curl configuration; I was on to this before but I hadn’t experimented enough to solve it. The second issue was a missing module php73-simplexml which I needed to install (duh!). After that I had an http dom module in a plugin that was throwing regular expression errors and I had to scan the file and escape a series of dashes in the regexp pattern. I also had to correctly define the bookshelf I used in my Goodreads configuration (it had a dash!). Everything seems to be working fine now. The site is looking more profesh now and bonus, no more daily errors in the errorlog!

Categories
Software

Failure!?!

I had big plans for the weekend. I was going to fix both my iMacs (one had a faulty ambient temperature sensor) and the other a faulty lcd video interface. Both seem fixable and in the proper hands and with the proper supplies I’m sure they would be fixed. But, sadly, this weekend was not my weekend to be that guy to fix them. I was working on the Big Mac the 27 in one and in the final stages or reassembly. I had pulled out the ambient temp sensor and visually inspected it. So I was putting it all back and my hands were a bit sweaty and the lcd heavy. Anyways a slip and the video cable ripped out of the mother board. A simple slip has such a drastic outcome. I have to say I was crestfallen. To add insult to injury the ambient temp sensor was still faulty meaning the pins are maybe bent inside connector. I left the machine the way it was and made dinner and played a board game to occupy my mind. I must have been outwardly really sad because my daughters, my mom and Katie all mentioned I sounded sad. Not one to wallow in sadness long I laid in bed and thought. Those machines had a good lifespan. 8 and 10 years old. I also thought that building a nice new pc with modern parts would obviously be more powerful and even run cooler and less power consumption. I had run geekbench before and even my best iMac was woeful in the stats compared to cams more modern setup. So, with that I will build a new pc. Only question is hackintosh or Linux? How about both! I can salvage the two ssds from the iMacs and I have a case. I have that nvidia graphics card. Just need power supply, memory and cpu. I put the iMacs in my closet and I can revisit them again at some later point if I desire. They are not collectible now but who knows in the future.