Time to setup dnscrypt-proxy on my new Ubuntu 22.04 LTS box. I found the best way to do this was to also install resolvconf and use that to ensure that /etc/resolv.conf always get the dnscrypt port of 127.0.2.1. Previously I’ve used a bunch of different methods, but for this distro, I’m happy with my results.
Here you can change the settings for dnscrypt, by altering the server_names line (e.g. [‘cisco’], [‘cloudflare’]). Also ensure that the listen_addresses is empty. Restart the service if you make changes.
sudo systemctl restart dnscrypt-proxy
Next, open your Network Manager and go to the IPv4 settings. Turn off Automatic DHCP and set the address to 127.0.2.1. Restart the NetworkManager service.
sudo systemctl restart NetworkManager
Finally, edit the following resolvconf file to use the dnscrypt’s address in /etc/resolv.conf by adding the following line: nameserver 127.0.2.1
sudo nano /etc/resolvconf/resolv.conf.d/head
Now restart your computer.
You can test a number of ways. If you used [‘cisco’] you can do the following. Note in the ANSWER section “dnscrypt enabled”.
I have a teen that refuses to do homework. You know, gets a “zero”. Thus, I take the phone away. However, teen needs a computer for homework. Fine. But you know when she gets on to the computer, she’s going to go to all those sites where “screenagers” waste their time. That’s fine. I’m going to show you how to block individual sites using OpenDNS and your Router. [Note that I’m going to use terminology for my Netgear, but chances are if you’re bothered to read this, you’ll know what I’m talking about. Also, while my Netgear router has a “Blocked Sites” function, it doesn’t work. Useless!]
DNS can be set in many places: local computer, router, modem. I’m not quite sure what trumps what, but I believe that’s the line. Using your router for DNS is better than using your modems – my AT&T modem does not allow it to change! Setting on an device level, well, that’s a lot of work. Also, I have to believe that most “screenagers” don’t know what DNS even is. So, here we go.
The first step is to open your router’s settings and go to Internet Settings (also called WAN). Set the Primary and Secondary numbers to OpenDNS, 22.214.171.124 and 126.96.36.199. Now, all requests originating form your router will go through OpenDNS. I’m sure there is some chatter on whether using Cisco-owned product is all that good, but from what I’ve read, it’s one of the better choices out there for the home user. What you may give up in privacy, you’ll gain in secure web browsing.
The second step is to let OpenDNS know that request from your router are yours. Okay, that may sound all scary and Big Brother, but let’s not pretend that our web surfing is anonymous. It’s not. You buy your internet from someone, or are you really getting it for free from a leaky neighbor or a nearby Starbucks?
To sign up for an OpenDNS account, go to their website and sign up for a free Home account. All it requires is an email address. Once completed, open their Dashboard from a computer on your home network. Under settings, add your local network: it’s going to be the IP address of your modem. Give it name, and save it. OpenDNS will now associate requests from that IP as yours. Under Web Content Filtering, you’ll see two areas. The top is a predefined set for a variety of “undesirable” sites – if I had teenage boys, I’d sure as hell use this to block the “naughty bits”. The bottom section allows individual site blockage. Here’s what I wanted:
Give it about five-ten minutes (they say three) and those sites are as good as gone! While a web browser may give a different warning (usually a cert error), dig one deeper with nslookup, you’ll see what’s going on:
Couple of points: First, you’ll probably need to run Cisco’s OpenDNS-Updater program as your ISP provides your modem with a dynamic host; exact same thing as if you were running a DynamicDNS service like DuckDNS. Second, a really smart kid could probably figure out how those sites are being blocked. My kid is smart, but if she was really that smart, she’d just do her homework in the first place.
Comments Off on no wayland
Posted by itjerk on April 27, 2022
Having run Ubuntu 22.04 LTS for a week now, I tracked a lot of the “misbehavior” down to the Wayland display server protocol. Totem never quite loaded correctly, if it even ran, while seemingly innocuous tasks like dropping a file on Audacious also proved troublesome. So until Ubuntu figures out Wayland’s inadequacies, I’m back to using good ol’ Xorg.
When you log in to Ubuntu, there’s a gear in the bottom right screen to choose which display server you want to use. But to make it a little more foolproof, simply edit Wayland out of existence:
sudo nano /etc/gdm3/custom.conf
#Uncomment the line below to force the login screen to use Xorg WaylandEnable=false
You can always check which display you are using with: echo $XDG_SESSION_TYPE x11
Comments Off on ubuntu 22.04lts jammy jellyfish
Posted by itjerk on April 23, 2022
Now that the new box is built, it’s off to make it work. As previously stated, I downloaded Ubuntu 22.04 LTS on DVD, but it had issues loading. I quickly made a bootable USB drive and was off to the races. I chose a minimal install without encryption and with updates. I can’t be bothered entering a password after every reboot, let alone remotely; but foremost, there’s nothing on the computer that needs to be encrypted.
Once completed, I first got the RAID1 with my music configured by creating a mount point, adding it to /etc/fstab and made an alias for it in my home folder. I then downloaded Roon, made it executable, installed its dependencies (curl, ffmpeg, cifs-utils) and then ran the installation script. On my Windows computer, I signed into Roon Desktop (btw, remember to sign out of any previous installations), added my music libraries and – most importantly – restored the latest backup of my previous Roon Core!
Next up was getting Duckdns so I can login remotely, UFW because it’s open for remote access, and configuring SSH for my website’s production host. Most of this was simple, though I did have to temporarily enable PasswordAuthentication on the production host for keys, and I also needed to reconfigure my router with the MAC address for the new motherboard to access the computer via port forwarding.
I then set to install the applications I need. Some are little tweaks like numlockx, while others were from that list I made – Audacious, Brasero, MOC, Easytag, etc, while fre:ac was a snap. I have issues with dt14-tmeter, which has always been prickly (fixed 04/26/22), and Totem which crashes and doesn’t play correctly under Wayland. I also imported bookmarks into Firefox and did quick run through of my top sites to get their passwords remembered.
I’m on the fence about tweaking out the UI, as the older I get the less I care about having it my way: Ubuntu and Gnome are good enough out of the box. I’m sure at some point I’ll get bored and add Gnome Extensions, Tweaks, get the Snap-free Firefox, change the colors etc, but for now, the computer is fine as it is. In the meantime, I will continue to use Xorg as everything seems to run best under it, including Totem, Audacious, etc.
Comments Off on byopc 2022
Posted by itjerk on April 18, 2022
With the arrival of Ubuntu 22.04 LTS, aka Jammy Jellyfish, it’s time to build a new Linux box. Hard to believe that another four years has already passed. I’m still happy with the old one, but the fans are a bit noisy, and I’d like to up performance. Note that this computer is an “always-on” dedicated music server for Roon software, containing a 4TB RAID1 with my music collection. And that’s just about all I use it for: ripping CDs to the library, running Roon server, the occasional DVD or CD burn, and of course, having the Linux environment at home to keep my itjerk skills up.
Over the years, I’ve found myself gravitate almost exclusively to the Windows environment for “day to day” computing. Why? It’s just fine for me. Other than running a few applications (mostly InDesign), the vast majority of my desktop experience is inside a web browser. Yours too, probably. And as someone that’s spent the past 20+ years in desktop support, I’m completely agnostic about Mac vs Windows vs Linux. Whatever costs less should be one’s top choice, not some brand fetish. Whether it’s a Dell or any Apple, Windows or macOS or Ubuntu, a properly maintained computer is both safe and secure. “Better” is subjective.
I’ve chose an Intel i3-10105 processor for the computer because a) it’s the cheapest I could find ($89) and b) it gives me plenty of “boost” from the current G4400 Pentium; more cores/threads/cache, faster clock, and only mildly less power efficiency (65w vs 54w). For the motherboard, I’ll need an LGA 1200 socket and a quick look at the Microcenter website yields the ASUS H510M-E Prime Intel microATX for $85. I’ll throw in a very fast 256GB NVMe M.2 drive for $32 for the boot drive and that’s about all I need. I have 8GB of DDR4 2133 RAM from the previous build that to reuse (along with case, power supply, etc). That’s a total bill of $202 for new computer “guts”.
The very first thing to do is ensure I have a backup of the RAID1. I’m going to transfer the RAID card and drives to the new mobo, which should go without a hitch (it did), but having a fresh backup gives me 100% peace of mind. I’m getting a new M.2 boot drive, so I’ll have the previous SSD to copy things over. Then, I’ll be sure to get a list of programs I’ll need to reinstall along with bookmarks, config files and my bash history (a wealth of knowledge!). With an initial minimum install of Ubuntu, I’ll need a few things, but mostly they and their dependencies relate to Roon, CD ripping and playback (notably Fre:AC and it’s config files!), plus a few DVD programs like Handbrake, DeeVeeDee and DVDAE. No need to bring extra software baggage to a clean install; if I forgot something, I can always install later.
One thing about the installation: maybe I’m getting old or maybe the lighting was just bad, but I did have to recheck some of my connections inside the case. RAM wasn’t clipped completely, USB header was off and I didn’t push the audio plug in all the way! The old SPDIF card I had doesn’t have the right pin config, so I’ll splurge $17 for a new one.
After downloading Ubuntu 22.04 LTS, I burned a DVD of the iso but it didn’t work. So I quickly made a USB drive and installation was fine. I did a minimal install, no encryption (PITA to enter a password and no way to do it remotely). I did get a couple boot warnings, but after I updated the mobo’s BIOS and the ACPI warning went away, while enabling VMX in the BIOS advanced settings corrected that. Still have “SGX disabled in BIOS” to deal with. One other thing, when the computer boots, it doesn’t display the RAID card’s screen. Hmmm.
Comments Off on Microsoft Surface Go 3
Posted by itjerk on March 13, 2022
Yeah, I’m a jerk, I bought one. $379 from their website, delivered in a couple days. It booted into Windows 11 and all is good except screen sharing cuts out though after a minute or so. Wonder why? Sold the orignal Surface Go on eBay for $156.50 plus shipping.
Comments Off on wireless display
Posted by itjerk on January 31, 2022
Every since I found out my Surface Go wasn’t Windows 11 capable, I started to plot ways to get rid of it. Well, not any more. It can function as a Wireless Display for my desktop computer! Now that I’ve started working on The Strawberry Bricks Companion, I found the need for a second display as my main monitor is filled with Adobe InDesign. A quick google search and I found that the Surface is indeed able to function as a wireless display, and here’s how:
First step is to enable the wireless display feature set for Windows on the Surface. Go to Apps>Optional Features and then search for “wireless display” and install. Next on the Surface, open Windows settings and go to Projecting to this PC. There, enable the first option to “Available Everywhere” and turn power source off. (You can adjust the specific settings as you wish, these worked for me.) That’s it for the Surface. To connect to the Surface from my desktop, I just go to Settings> Displays, find the Multiple Display option and click connect! Viola! I have two displays.
Now you may be asking, why don’t you have two monitors? Well, my original Scan Design computer desk from the late 80s isn’t that big, so I opted for one 24″ monitor. Given my eyesight (I have single vision glasses just for computer work), it fits my needs.
Comments Off on roon firewall update
Posted by itjerk on December 27, 2021
For some reason which I now forget, I signed up for the beta channel for Roon’s Linux server software. It updates maybe once a month, and very recently (with 1.8.x) everything stopped working right. A quick jump to the community boards and I found out that Roon Labs had changed the ports required for the software. Even more astonishingly, it’s undocumented. Here’s what I’m using.
Comments Off on new computers
Posted by itjerk on December 26, 2021
My teenage daughters received new computers this Xmas. The younger one (freshman in high school) got the Surface Laptop Go. It was relatively inexpensive at $540 for a 10th Gen i5, 8GB RAM, 128GB model. I also opted for a Microsoft Complete package that runs $84 for two years. It has a touch screen, touch Windows Hello power button, 12.4″ screen with 1536 x 1024 (148 PPI) resolution. On the disappointing end was that it arrived with Windows 10 2004. After a round of updates, I had to use that Windows 11 Installation Assistant to get to Windows 11. Also disappointing is the 720p camera and lack of lighted keyboard. But for what she’ll be doing, web browsing, watching movies and (hopefully) schoolwork, it was a great solution. I just hope it’s durable.
The older daughter (junior in high school) made the pitch for an Apple MacBook Air, as she didn’t want “some janky-ass Surface computer that I’ll never like”. Fair enough, all of her friends have Apple computers. Ordered on a Tuesday evening, it arrived the next morning at 9:30am in an Apple Store bag, hand delivered to my door (for $9.00 extra). It was a base model, with M1 chip, 8GB RAM and 256GB SSD, costing $899 (with Education pricing). The Air has a superior Retina screen (though without touch capabilities) and a lighted keyboard (good to see that touch bar gone). I also opted for annual Applecare at $70 per year. Kids, right?
Those Dell Latitude 3190s? Not sure if I’ll scrap or sell them, they got some heavy use during the pandemic and you know, kids put stickers all over their laptops! But I did upgrade them to Windows 11 (one required me to turn on TPM in the BIOS) before doing a Reset this PC that (among other things) cleared the TPM before restoring the OS. That’s comforting.
Comments Off on windows 11
Posted by itjerk on December 8, 2021
Windows 11 is upon us. A fleet of new Lenovo M70s prompted to upgrade out of the box, while my newish Dell Vostro mading me use the Windows 11 Installation Assistant tool. Given the clean-look of Windows 10, I was initially a little underwhelmed with the new look, but with all new OSes, I’ve grown love the new-found elegance that is Windows 11. I do have one little beef: PLEASE add a TaskBar Corner Overflow setting for SHOW ALL.