Posts for: #Tech

FFMPEG Fun

Below is a script that can be used to convert all files in the directory to AV1 #!/bin/bash set -e find * -type f -iname '*.mkv' | grep -v av1 | while read -r mkv; do file=${mkv%.*} av1="${file}-av1.mkv" if [ -f "${av1}" ]; then echo "${av1} already there" # echo "${file} -> ${av1}" else echo "converting ${file} --> ${av1}" ffmpeg -i "${mkv}" -c:v libsvtav1 -crf 35 "${av1}" < /dev/null && echo "${av1}" >> completed.
MORE →

Mesh Central layout

----------------------------- | | | internet | | | ----------------------------- || || || || \/ ----------------------------- | | | NGINX | |===========| 80 => 443 |==================| || | 443/tcp SSL http2 | || || | | || || ----------------------------- || 4430/tcp 5000/tcp || || || || \/ \/ ------------------------------ --------------------------------- | | | | | meshcentral | | remotely | | http://127.0.0.1:4430 | | http://127.0.0.1:5000/ | | | | | ------------------------------ ---------------------------------
MORE →

N5095 iGPU

First we need to find the iGPU type lspci | grep VGA This should return something like 00:02.0 VGA compatible controller: Intel Corporation Device 4e55 (rev 01) Add the following to /etc/modprobe.d/i915.conf, replace 4e55 with your type options i915 enable_guc=3 options i915 force_probe=4e55 Now to we need to rebuild the initramfs to add the above update-initramfs -u Install the required firmware files You need to enable the non-free source apt install -y firmware-misc-nonfree intel-media-va-driver-non-free
MORE →

Windows TCP Port Test without Telnet

Run the following in powershell Test-NetConnection -ComputerName HOSTNAME -Port PORT Something like the following will be the output. TcpTestSucceeded is the output you should be concerned with. ComputerName : google.com RemoteAddress : 142.250.191.142 RemotePort : 80 InterfaceAlias : Wi-Fi SourceAddress : 192.168.1.5 TcpTestSucceeded : True
MORE →

Apt Fun

I don’t like IPv6 since all it does is cause issues, here is how to disable it for APT, you could do it system wide as well if you wanted echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4 How to install stuff with apt, but exclude some items, all you need to do is add a - to the end of the package for example apt install -t bullseye-backports cockpit cockpit-networkmanager-
MORE →

Telegraf and S.M.A.R.T. data

Looks like the config recommendation for native ping causes issue with sudo Changing this [Service] CapabilityBoundingSet=CAP_NET_RAW AmbientCapabilities=CAP_NET_RAW to this [Service] AmbientCapabilities=CAP_NET_RAW and it fixes the issues
MORE →

NTFY via systemd on bootup/shutdown

This send a NTFY on bootup and shutdown nano /etc/systemd/system/ntfy-notify.service [Unit] Description=Sends NTFY on bootup/shutdown After=multi-user.target [Service] Type=oneshot ExecStart=/usr/bin/curl -d "%H booted up" 'http://ntfy.sh/topic' ExecStop=/usr/bin/curl -d "%H shutting down" 'http://ntfy.sh/topic' RemainAfterExit=yes [Install] WantedBy=multi-user.target systemctl daemon-reload systemctl enable ntfy-notify.service
MORE →

Proxmox Fun

A few fun tips for Proxmox How to migrate VM to new host not in cluster Create NFS share on a system Add NFS share as backup endpoint on new and old server Run a backup of the system you want to migrate, I shut the VM down, but it’s no needed On new host go to the NFS storage in the GUI and go to backups You will see the backed up data
MORE →

Win11 a lil’ more Win10

After upgrading to Windows 11 there’s a few things I can’t handle. One is the new taskbar and the other is the right click menu. To fix them you can do the following. To fix the taskbar is using ExplorerPatcher. It might flag as a virus FYI. USE AT YOUR OWN RISK To fix the right click menu open cmd and run reg add HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 /ve /d "" /f
MORE →

Local User Win11 Install

By default Windows 11 requires a Microsoft Account to install. To bypass this do the following: Hit Shift + F10 Type oobe\bypassnro and hit enter The computer will reboot
MORE →

MergerFS with ZFS filesystems

By default mergerfs appears to try and mount before ZFS is mounted which causes the mergerfs filesytem to fail. To fix this we just need to add x-systemd.requires=zfs-mount.service to the /etc/fstab entry For example my /etc/fstab entry is below: /hdd*/mergerfs /data fuse.mergerfs splice_read,threads=4,allow_other,cache.readdir=true,cache.files=off,fsname=mergerfs,use_ino,dropcacheonclose=true,link_cow=true,category.create=mfs,cache.entry=120,cache.attr=120,x-systemd.requires=zfs-mount.service 0 0
MORE →

Xiaomi Opple Battery Replacement

Below is how to replace the battery on the Opple remote. It’s not as easy as it is with the others, but it’s still pretty simple. You can use a spudger or a flat head screw driver First remove the middle key with the spudger, if you push down on one of the sides it makes it easier to lift the other Now remove the screw from the middle. Now remove the top button.
MORE →

Grafana with Screenly OSE

To use Grafana Bearer tokens you need to be able to inject headers which you can’t do in the OSS version of Screenly. To get around this you can just run a NGiNX proxy on the host and reverse proxy to the Grafana server and use NGiNX to inject the required headers. I HAVEN’T TESTED THIS YET ON SCREENLY OSE, BUT SINCE IT’S JUST RUNNING ON RAPSBERRY PI OS THERE SHOULDN’T BE AN ISSUE, I WILL BE TESTING EVENTUALLY
MORE →

AmazonSES Limit by IP and Hostname

Below is the IAM policy required to limit AmazonSES SMTP sending to IP and hostname { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "ses:SendRawEmail", "Resource": "Amazon_Resource_Name_(ARN)", "Condition": { "IpAddress": { "aws:SourceIp": [ "ENTER.IP.HERE.THANX/32" ] } } } ] }
MORE →

Nextcloud Fun

How to share more than one calendar via link. First share the calendar like you usually would to get a public link. Then you can combine the keys like below: These two are the individual calendars https://next.my.domain/apps/calendar/p/hjfu37fhcneydyxh https://next.my.domain/apps/calendar/p/2u487fiuwf22fe98 You just take the part after the last / (slash) and add a - (dash) between more than one like below https://next.my.domain/apps/calendar/p/hjfu37fhcneydyxh-2u487fiuwf22fe98 This link will show all calendars. Just split any calendars you want to share with the - (dash)
MORE →

rsync Fun

Only copy specific file extentions in folder rsync -a --include '*/' --include '*.mp3' --exclude '*' source/ target/ Speed up rsync over SSH without needed to change any configs. arcfour is faster, but no longer enabled by default meanwhile aes128-ctr is rsync -avhP -e "ssh -c aes128-ctr" /src/ user@ip:/dst/ rsync ssh with non standard port rsync -avhP -e "ssh -p number" /src/ user@ip:/dst/ rsync ssh with non standard port and show full progress
MORE →

Headscale with Android

I based this post on HERE Just for reference, the things I did to make it work: git clone https://github.com/tailscale/tailscale-android.git nano tailscale-android/cmd/tailscale/backend.go change: func (b *backend) Start(notify func(n ipn.Notify)) error { b.backend.SetNotifyCallback(notify) return b.backend.Start(ipn.Options{ StateKey: "ipn-android", }) } to: func (b *backend) Start(notify func(n ipn.Notify)) error { b.backend.SetNotifyCallback(notify) prefs := ipn.NewPrefs() prefs.ControlURL = "https://myheadscale.domain.com" opts := ipn.Options{ StateKey: "ipn-android", UpdatePrefs: prefs, } return b.backend.Start(opts) } nano Dockerfile Add the below to the file:
MORE →

Resolvconf BS

Install resolvconf sudo apt install resolvconf Edit the base file with what you want to always be in the file sudo nano /etc/resolvconf/resolv.conf.d/base Have resolvconf rebuild the base sudo resolvconf -u
MORE →

SystemD Fun

Show logs from when systemd service last restarted. (This needs systemd > v232) journalctl _SYSTEMD_INVOCATION_ID=$(systemctl show -p InvocationID --value SERVICE_NAME.service) | head -n15 NFS Mount with NFS and /etc/fstab From all of my reading over the years it’s always been said to add _netdev to the /etc/fstab mount, but that never worked for me. After more reading it appears that was for SystemV which is dead. I figured it out after much Googleing.
MORE →

SSH Cheatsheet

Connect via SSH client with a different user by default nano ~/.ssh/config Add the following to the file above: Host * User DEFAULT_USER Force Password auth ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no user@host
MORE →

Docker and UFW

For UFW and Docker I use a program called UFW-Docker To use it do the following: wget -O /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker chmod +x /usr/local/bin/ufw-docker ufw-docker install Allow tailscale VPN to all docker containers This is based on the issue HERE ufw route allow from 100.64.0.0/10 to any You should now be good to accept anything from the tailscale network
MORE →

Headscale with Windows

This is how to get the Windows client with headscale. I’m happy to finaly get it working. Headscales docs are HERE, but I’m adding some more info since I wasn’t able to get it to work the first time If you’ve already installed tailscale on the machine make sure to delete the C:\Users\<USERNAME>\AppData\Local\Tailscale directory Download the Official Windows Client HERE and install it. You can either do option A or B Option A Manually edit the registry
MORE →

Comments: