Tunneling across networks with Nebula.

  exocortex libreops networks services sysadmin howto vpn

Longtime readers have no doubt observed that I plug a lot weird shit into my exocortex - from bookmark managers to card catalogues to just about anything that has an API.  Sometimes this is fairly straightforward; if it's on the public Net I can get to it (processing that data is a separate issue, of course).  But what about the stuff I have around the lab?  I'm always messing with new toys that are network connected and occasionally useful.  The question is, how do I get it out of the lab and out to my exocortex?  Sometimes I write bots to …

Read more...

A little preparation is not a bad thing: Getting Narcan.

  howto medicine united-states opioids narcan naloxone painkillers chronic_pain

Obligatory disclaimer: I AM NOT A MEDICAL DOCTOR.  SEEK PROFESSIONAL ADVICE AND TRAINING.

There's really no good way to start an article about the epidemic of opiate overdoses and deaths in the United States.  It's a terrible thing.  Unlike a lot of articles out there and stereotyping that happens, a nontrivial number of opioid deaths are due to accidental overdoses of painkillers taken by folks who are trying to manage chronic pain.  I say this as someone whose dental health history reads like Hellraiser fanfic.  If you're in so much pain that you can't even think straight most of the …

Read more...

Using Nginx to spoof HTTP Host headers.

  howto libreops nginx xmpp http headers prosody

EDIT: s/alice.bob.com/alice.example.com/ to fix part of the backstory.

Let's say that you have a server (like Prosody) that has one or more subsystems (like BOSH and Websockets).  You want to stick them behind a web server like Nginx so that they can be accessed via HTTP - let's say that you want a browser to be able to communicate with those subsystems for some reason.  Or more likely you have a web application that needs to communicate with them in the same way (because Javascript).  Assuming that the above features are already enabled in Prosody …

Read more...

Integrating Huginn with a Matrix server.

  exocortex howto huginn integration libreops matrix

Throughout this series I've shown you how to set up a Matrix server and client using Synapse and Riot, and make it much more robust as a service by integrating a database server and a mechanism for making VoIP more reliable.  Now we'll wrap it up by doing something neat, building a simple agent network in Huginn to post what I'm listening to into a Matrix Room.  I have an account on libre.fm that my media players log to which we'll be using as our data source.  Of course, this is only a demonstration of the basic technique, you …

Read more...

Making a Matrix server STUN-enabled.

  howto libreops matrix voip stun turn

Previously in this series I showed you how to migrate a Matrix server to use Postgres, a database server designed for busy workloads, such as those of a busy chat server.  This time around I'll demonstrate how to integrate Synapse with a STUN/TURN server to make the voice and video conferencing features of the Matrix network more reliable.  It's remarkably easy to do but it does take a little planning.  Here's why I recommend doing this:

If you are reading this, chances are you're behind a NATting firewall, which means that your device doesn't have a publically routable IP …

Read more...

Converting a Matrix server to use Postgres.

  database howto libreops matrix synapse postgres

In my last post about the Matrix network I covered how to set up a public Synapse server as well as a web-based client called Riot.  In so doing I left out a part of the process for the sake of clarity (because it's a hefty procedure and there's no reason not to break it down into logical modules), which was using a database back-end that's designed for workloads above and beyond what SQLite was meant for.  I'll be the first to tell you, I'm not a database professional, I don't know a whole lot about how to use or …

Read more...

Setting up a private Matrix server.

  chat federation howto libreops server voip distributed-systems fediverse privacy security nginx python matrix synapse

EDIT - 20200804 - Updated the Nginx stanzas because the newer versions of Certbot do all the work of setting up SSL/TLS support for you, including the most basic Nginx settings.  If you have them there you'll run into trouble unless you delete them or comment them out.  Also, Certbot centralizes all of the appropriate SSL configuration and hardening settings into a single includable file (/etc/letsencrypt/options-ssl-nginx.conf) for ease of maintenance.

A couple of years ago I spent some time trying to set up Matrix, a self-hosted instant messaging and chat system that works a little like Jabber, a …

Read more...

Rigging up Raspbian Buster to run on a Pi-Top

  howto libreops linux raspberrypi buster

It doesn't seem that long ago that I put together a Pi-Top and started tricking it out to use as a backup system.  It was problematic in some important ways (the keyboard's a bit wonky), but most of all the supported respin of Raspbian for use with the Pi-Top was really, really slow and a bit fragile.  While Windbringer was busy doing a full backup last week I took my Pi-Top for a spin while out and about, and to be blunt it was too bloody slow to use.  At first I figured that the microSD card I was using …

Read more...

Using Ansible to restart a bunch of services running under systemd in --user mode.

  ansible exocortex howto systemd updates playbooks git

Let's say that you have a bunch of servers that you admin en masse using Ansible.  You have all of them listed and organized in your /etc/ansible/hosts file.  Let's say that each server is running a system service (like my Systembot) running under systemd in --user mode.  (Yes, I'm going to use my exocortex-halo/ repository for this, because I just worked out a good way to keep everything up to date and want to share the technique for everyone new to Ansible.  Pay it forward, you know?)  You want to use Ansible to update your copy of Systembot …

Read more...

Challenge accepted: Archiving a Mastodon account with Huginn

  archives exocortex howto huginn mastodon social_networking

Last weekend I was running short of stuff to hack around on and lamented this fact on the Fediverse.  I was summarily challenged to find a way to archive posts to the Fediverse in an open, easy to understand data format that was easy to index, and did not use any third party services (like IFTTT or Zapier).  I thought about it a bit and came up with a reasonably simple solution that uses three Huginn agents to collect, process, and write out posts as individual JSON documents to the same box I run that part of my exocortex on …

Read more...