Balcony Tomatoes

Here are some shots of the stuff growing on my balcony this summer.
Yes that’s a fig tree.

[foogallery id=”207″]

Is coffee hurting my elbows?

I started making some serious progress in regaining lost strength this past Spring, when I started up the gym again.
I think I overdid it, because by June my old friend tendonitis started creeping back in. At first it was a minor annoyance that I barely noticed, but after a while it grew into something that became a major detriment to my workouts. In June I also started a new job as a sysadmin at Bell Canada. What I had noticed is my lessened need for coffee. Doing my workouts in the morning seemed to get me going and kept me feeling awake throughout the day. Before long, I had reduced my coffee intake to one cup a week (an espresso) – whereas before I had been consuming 3- 4 coffees daily.

In July the tendonitis (tendonosis??) in my left elbow had gotten so bad again that I decided to take a break. This also coincided with a week-long visit from my mother. I started up my daily coffee habit again. In all, I took about 4 weeks off from the gym. I thought this was going to heal my pain, in fact, I think it did the opposite. To my utter disbelief, I actually developed tennis-elbow in my right arm! I’ve read a few articles online that all seem to hint at a connection between coffee and joint pain.

This morning, after 4 weeks off, I went to the gym. I have not had a coffee yet today. We’ll see how it goes.

The Gym

So I went to the a gym for the first time in 3 years, and it felt pretty good. I had been going to Goodlife Fitness on Queen St. in downtown Ottawa until about the fall of 2014. It’s a fancy gym, expensive, it’s big, and chic, and very metropolitan. There is a juice bar on site. And it’s crowded. One of the reasons I had joined in the first place was their “Open 24 Hours” policy, which I quickly discovered was a bold-faced lie. Being a single father to a small child, and working fulltime, it goes without saying that I wasn’t going to be able to go whenever; I would need something that was open, at times, very early in the morning, or late at night. Several times when I went later in the evening, I was turned away by their friendly staff, who claimed, each time, that the gym needed some kind of maintenance. Thanks for that $74.00 every two weeks sucker.
I had been a gym guy for years. At times I had gotten into pretty good shape, too. Lifting weights cleared my head. It relaxed me, it was my form of meditation. Now, with Goodlife, I felt like I had joined some weird crowded cult. Too many narcisists, too many yahoos. One of the last times I went, they had a DJ spinning abnoxious faux-house. Another time shortly thereafter, I wanted to go in an evening – no dice. “We’re closing early for maintenance” I was told. That was that. I cancelled my membership.
And now it’s been 3 years.
One day my co-worker Ryan told me about the YMCA, which, it turns out, has a location less than a block away from my office. Who knew? He’s since moved on and found a new job, but I’ve joined him down at the Y a couple times now on a guest pass and I like it. 3 years without going to the gym. I came out of there feeling energized, refreshed. Apparently the membership is quite affordable. So far I have found it clean, the equipment is good, it’s not crowded. No show-offs, no cheezy DJ’s. I think I am going to sign up.

Distro Shuffle. The perfect KDE Plasma

Over the last few weeks I’ve grown increasingly tired of Fedora. Sorry. Just too much breaking, too much instability. I miss Linux Mint. I fired up Linux Mint 18.3 KDE edition and did a clean install. To my dismay, I discovered that setting up a ‘Cisco Anyconnect Compatible VPN (openconnect)’ still doesn’t work. I had noticed this in the previous release of Mint. Ok, the usual googling around for 10 – 15 minutes didn’t yield much. There’s an Archlinux Forum post, a few Ubuntu forum discussions and not much in the way of success. Then I remembered that I had saved a text file in my Documents folder to note how I had fixed it the last time. Two packages that had to be installed:

sudo apt-get install network-manager-openvpn-gnome network-manager-openconnect

This fixed the problem. I can now connect to my office’s Cisco Anyconnect VPN service. I should note, and one thing I actually liked about Fedora, is that this worked out of the box. Why isn’t Mint packaging this by default? I also recently tried Manjaro-KDE and was pleasantly surprised that this just worked on that distro as well. I actually found lots I liked on Manjaro, except for the strange fact that I couldn’t get multiple monitors working. After much playing with xrandr and breaking xorg.conf, I still couldn’t get it. But that will be another post.

Filesystem Backup HQ to AWS S3 CIFS + Rclone

They say if you don’t own your data in 3 different places you don’t own it.
With my organization, we maintain a 6.5 TB filesystem on an IBM Storwize v3700, and the storage is hosted via fibre-channel
and a Windows Server 2012 R2 (that doubles as a domain-controller) -now- we want all of this (well not all, just important stuff) duplicated at an AWS S3 bucket.
At first I established a connection to the S3 bucket from another Windows box (EC2 instance) at AWS. Using the VPN tunnel we have to our HQ, I mapped a share from there to HQ that was linked to the S3 bucket using (TNTDrive??) and then from the HQ fileserver I tried stuff with robocopy, and then “Deltacopy”…
Enough nonsense.
I realized the way to go to get data from our local filesystem to S3 was via the AWS CLI. Furthermore, the AWS CLI installed on a linux utility server with access to the filesystem by way of CIFS, NOT from the Windows fileserver itself.
So, the utility server is set up with python-pip, and thusly with awscli with which I can do things like

aws s3 sync /media/'cifs-mountpoint' s3://bucket/Path

This can then be put into a crontab entry, along with any number of additional folder synchronizations.
And there you go, your sort of rsync over awscli. I’m also looking into rclone, which may simplify things even further, we’ll see.

Letsencrypt ssl Certificate HTTPS pfSense Webgui

I was just starting to settle in and get comfortable with the configuration of my shiny brand-new pfsense home firewall/gateway. In no time I had had enough of the ssl warning for the login page. I had already installed the acme package to facilitate getting Letsencrypt certs as needed.
At first I ran into trouble trying to get a cert for the login page. It kept failing. Webroot local folder wasn’t working for me so then I tried standalone HTTP server. Here, I felt I was on the right track but something was still off. Then it struck me. I had NAT rules enabled for my webserver that were messing with it since port 80 and port 443 are natted to those ports on the lan webserver, NOT the WAN interface! Disabled the NAT rules and tried it again and VOILA! One valid Letsencrypt cert for the pfSense webgui login-page!

New Firewall

pfSense What can I say? So much more to learn.
Up until now I had been using ClearOS as my home gateway/firewall solution. In contrast to pfSense, it now seems very…amateur-hour.
There seems to be so much to explore; it’s loaded with so many features it makes your head spin. Very impressive for an open-source, non-commercial firewall. I love the fact that it’s built on FreeBSD. I can SSH to it and do stuff with it there at that level, such as run tcpdump on the outside interface if I want. Or the inside interface. I can install packages. I did a

sudo pkg install htop

and it installed htop! I didn’t even know they had htop for BSD. Again, impressive. When I tried the same thing on OPNsense it didn’t work. Not that I’m suggesting that OPNsense is a lesser product – I’m sure there’s a valid reason installing htop on it that way didn’t work. I may give that pfSense spinoff another run at some point.

Here is the pfSense Dashboard

Sure the OPNsense webgui is a bit prettier. I may give it another go at some point. Playing with firewalls. What else should I be doing with my free time?

à bientôt


They’re Gone

In the morning, I awoke to the sound of unrest in the street. It seemed there were crowds of restless, angry people wandering, many of them walking down the middle of the avenue and across the lanes, disrupting traffic as they went. I could smell smoke. There were fires. Here and there, police sirens could be heard, the electronic scream a reminder of who was still in charge. Something, something unprecedented, was happening.
I launched my browser. No internet connection. OK. So my internet is down too. Hmmm. I checked for email on my phone. Nothing. No network. Outside, a siren, unlike any I had ever heard, began to wail. I was going to have to leave my apartment and go outside if I wanted to know more. I made my coffee, I got dressed. I didn’t even bother taking a shower. I guess I was afraid that I would miss something if I didn’t leave immediately.
Outside, groups of people wandered around. Disorderly, shouting. A police cruiser sped by. “what’s going on? what is happening?” I asked a group of four younger guys as I passed them on my way to the Max. “We don’t know. Nobody’s phone works.”
I continued on my way and again, my brief encounters with strangers produced the same results, people had no idea what was happening, other than nobody’s phone was working. The internet had DIED.
The siren had stopped. I arrived at the Max. Not surprisingly, it was closed, but a crowd was gathered in the parking lot. One got the sense that something awful had happened – was still happening. A lively debate raged between two individuals who speculated on the possible cause of it all.
“They’re hiding something from us!” Shouted a fat, goatee’d hipster type. “That’s just a conspiracy theory” countered the other, a boring looking academic, overly-dressed for the almost riotous mood of the crowd.
In the distance, what sounded like gunshots could be heard. Then an explosion. More police cruisers racing past.
Someone not far behind me told someone else “yeah it started about 2am.”
I would have been in bed sleeping by then. Someone had to know what was happening. I continued my trek to discover the truth. Everywhere was the same. Confusion. Not really much violence – there was the odd fight happening here and there given the number of angry people out and about, yet people generally weren’t angry at each other.

Then, it happened.
Suddenly, and almost throughout, there was tumultuous sound of thousands of smartphone notifications, of many varieties calling out in unison. The effect was amazing, all these people, apart from those who didn’t already have their phones in their hands, pulling theirs out of pockets or purses. I checked mine. I had a single text message. “STAY CALM”.
“What the F***?!”
I could tell by the reaction of a girl nearby that she had received a message much like mine. “Stay calm?” I asked her. She nodded. Everyone had simultaneously received this message. Who sent it? What could it mean? After a minute or so, my phone rang. So did everyone’s.
I looked with nervous anticipation at my screen which simply said “incoming message”. I answered it. I pressed the phone to my ear. What I heard next was the voice of the President of the United States of America. Here is what he said.

“Citizens of the world. Good morning. It is with a heavy heart that I must inform you today of the events of the last 6 hours. it was just after Midnight, Eastern-time, that my joint Chiefs of Staff informed me of the imminent attack. I was briefed that within the hour events would take place in the Middle-East that would plunge our entire planet into the deadliest, and most fiery, final World-war. We had to act, decisively, without hesitation, and immediately, to prevent the further billions of deaths that would have occurred had we waited.
“For this reason, on the advice of Secretary of Defence Mattis as well as that of other military commanders of our Naval, Air and other armed forces, I authorised a full and total nuclear attack on the Russian Federation. All Russian military, nuclear and aerospace capabilities have been swiftly annihilated. Our superior cyber-intelligence and electronic espionage capabilities also allowed for the immediate location and termination of all Russian nuclear-class submarine and ICBM-launch assets. Moscow has been struck with no less than 200 megatons of hydrogen-bomb hell-fire. Every other city in the Russian Federation, with a population of 10,000 people or more, has been hit and is no more. Russia is gone folks.
“Furthermore, Iran is gone. They have met with the same fate. And also Syria. And Turkey. North Korea too. Gone. Good riddance. Today, terrorists the World over learned not to mess with America.
America is great.
“Today a new chapter of peace begins in the World, a peace where America decides things. Today, America is great again.

The President continued to yammer on, and many around me continued to listen. I couldn’t. I hung up. I felt sick. I had always thought that the Russians would have more than put up a fight if it ever came down to it. I never dreamed, ever, that it would come to this. I walked off. Best just go home. The tears began to stream down my face, but I did my best to hide them, just as I passed others who cheered, morons, idiots who didn’t have enough brains to understand geopolitics but just enough appetite for drama and a lust for the pain of others. I hurried on. From time to time I caught glimpses of other faces, shocked, one or two here and there, few and far between the grins of the wicked and foolish. The evil. For what had just happened was truly evil. I imagined a civilisation, suddenly wiped away, banished to the waste-bin of history. History is written by the victors. I staggered home in disbelief.

To be continued…

FFmpeg .wav to mp3 & ogg

Check out this command using ffmpeg:

for f in *.{wav,WAV}; do ffmpeg -i "$f" -c:a libmp3lame -q:a 2 "${f%.*}.mp3" -c:a libvorbis -q:a 4 "${f%.*}.ogg"; done

If you have a folder with a bunch of wav files and want to convert them to mp3 and ogg.
If you only want mp3’s you can just

for f in *.{wav,WAV}; do ffmpeg -i "$f" -c:a libmp3lame -q:a 2 "${f%.*}.mp3"; done

Compose Key on KDE Plasma

The work it can take sometime to get your accent characters working properly… The French language is somewhat cursed – a terrible way to view things – but typing accents can be infuriating on a standard English(American layout) keyboard. That’s where the compose key comes in. A key on the keyboard can be assigned to be the compose key so that you can type things like ‘à’, or ‘ç’ or ‘É’ and any other possible combinations of letters and accents your heart desires.

Upon recently switching to Fedora 26 with KDE Plasma from Linux Mint 18.2 with KDE Plasma, I discovered that assigning the the compose key was a bit more difficult. For one thing, pressing the left-Win (left-Meta) key was actually launching the Application launcher

This just wouldn’t do.

First I right-clicked on the little Fedora icon and selected ‘Application Launcher Settings’. Under Keyboard shortcuts I cleared it out to ‘None’.

Next I opened System Settings and navigated to Input Devices>Keyboard>Advanced.

From here, I expanded ‘Key to choose the 3rd level’ and selected ‘Right Win’ to perform that function. Then, under ‘Position of Compose key’ I picked ‘Left Win’.

This now allows me to create a ‘é’ for instance by pressing the Left Win key, then the ‘e’ followed by the quote key (between colon/semi-colon and Enter).