freac snap broken, ubuntu refresh?

Something went wrong with my installation of Ubuntu. I went to rip a CD and my installation of freac was unhappy – it wanted me to downgrade. Well, to make a long story short, I ended up installing fuse and all hell broke loose. Settings went missing, right-click on the desktop menu was missing items, yikes! What to do? I reinstalled Ubuntu Desktop Minimal and not only did I get everything back, but my computer feels snappier than ever. However and most importantly, if you installed the Minimal package, be sure to reinstall the Minimal package otherwise you get a whole load of packages you may not want!

sudo apt-get install --reinstall ubuntu-desktop-minimal

A little more info: It seems that snap for freac 1.1.7 isn’t happy but the current state of Ubuntu 22.04.3. I still like freac as a ripper but the snap does not work. I downloaded previous version 1.1.6 from github and had to do install this to get it to run as an AppImage:

sudo apt install libfuse2

Remember to make the AppImage executable. Hey freac, please respond to email. Your software is too good to not work!

EDIT: 01/31/24 freac is back as a snap, and it’s version 1.17. Two issues: I had to turn off “Enable Parallel Processing” under Options>Resources in order to get it stable on my Ubuntu 22.04LTS computer. Second, I had issues with permissions to my /mnt directory with the Snap, but solved it by adding the parameter “–devmode” when installing.

ac3 pulseaudio

When you’re an executive producer and the artist sends you some surround sound files to listen to, well, you better listen to them. Easier said than done when it’s some DTS .cpt files rather than an .iso. I put an SPDIF card in my latest linux box, but ran it to my two-channel receiver. Moving it to my multi-channel receiver, I quickly realized that I was missing all the surround components for Pulseaudio.

Well, I’m not going to make a long story short; I’m not sure if I could retrace my steps even if I wanted to! But, here’s an outline:

After mucking about, I brought everything back to working life by following https://ubuntuhandbook.org/index.php/2022/04/pipewire-replace-pulseaudio-ubuntu-2204/ this very helpful post. Steps 1-4 and a reboot fixed nearly everything, I just had to add the following to get Gnome Sound Control responsive again.

sudo apt install libcanberra-pulse

Starting with a rock-solid two channel sound, it was time for surround drivers. The route was to get the Digital Stereo IEC958 to output to Digital Surround 5.1 IEC958/AC3. This took a couple of big, scary, unguided steps in the dark! First I created /etc/asound.conf and modified /etc/pulse/daemon.conf per https://help.ubuntu.com/community/DigitalAC-3Pulseaudio but honestly the same info is all over the web, with lots of different variations. Choose recent and choose wisely!

Then I did combo of two posts to get the A52 drivers installed. Yep, both fumbling around. First was the two steps from Oblib outlined here https://ubuntuforums.org/showthread.php?t=1608804 It kinda worked but kinda not. Then from this, https://help.ubuntu.com/community/DigitalAC-3Pulseaudio I downloaded and ran the DigitalAC-3PulseaudioInstaller script and then did this extra step to the files I created with Oblib’s post.

sudo cp libasound_module_pcm_a52.so /usr/lib/`uname -i`-linux-gnu/alsa-lib/

Phew! Once that was done, a reboot was in order (after various alsa reload and pulseaudio –starts) and viola, I had this wonderful display on the old Marantz surround-sound receiver.

Even more fun was listening to

speaker-test -c6 -t wav

I know my posts have slowed down over the years, but I still like to be an itjerk every once and a while.

encrypting a drive

I recently had two colleagues pass away at work over the same weekend; one expectedly, the other unexpectedly. Tasked to retrieve/secure/archive their computers, it got me thinking about all the enduring digitalia we leave behind. As with everything on a computer, some of it could be work-related and some of it could be personal. But the fact of the matter is that it is there.

Foremost, the importance of having a valid and accessible Will cannot be understated. Even more so, have your passwords readily available or not – the choice is yours, but should you choose the former, make it easy on those that you leave behind. Work data can be accessed far easier than personal data; there are admins. Personal data of course is up to the person. What are you leaving on your work computer? Personal computer? Cloud storage? Maybe you don’t give a fuck because you’re dead. I don’t know. But it got me thinking… I’ve got multiple computers, drives, websites, social media accounts, etc. and what will become of all that when I die. Circling back, all can be addressed in a Will.

Encryption should be standard practice in 2023. Bitlocker, FileVault and LUKS are easy to setup and use. If you know the password, you’re in, if you don’t. you’re out. Now say you have some digital files that you want to die with you. The best way to deal with that is to delete them before you go. The next best way is to put them on an encrypted drive and through away the key.

Linux systems use the cryptsetup command to implement Linux Unified Key Setup (LUKS). Here’s the steps I took to install and encrypt a drive in my Linux box.

After installing a new drive in my computer, I booted up but got an error. Ugh. It wasn’t initialized. From the error console, I quickly did the following:

lsblk

NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS

sda           8:0    0   1.8T  0 disk 

sdb           8:16   0   3.6T  0 disk /mnt/data

nvme0n1     259:0    0 238.5G  0 disk 

├─nvme0n1p1 259:1    0   512M  0 part /boot/efi

└─nvme0n1p2 259:2    0   238G  0 part /

Great! there’s the new 1.8TB drive on /dev/sda. Now let’s get a file system on it so we can get reboot and not see errors:

sudo mkfs -t ext4 /dev/sda

You could do this with fdisk (which might be better) and also edit /etc/fstab to get the drive to mount, but the idea here behind an encrypted drive is only to access it upon demand. Without intervention, it should be a paperweight.

I installed cryptsetup using:

sudo apt install cryptsetup-bin

To create an entire encrypted drive, I did the following commands. Foremost, reverify that your drive has is the same device name. Then, create a mapping to the partition with a LUKS container, I’ll call mine “cryptpart”. You’ll get a warning about erasing everything that’s on the drive, but that’s fine in my case. Be sure to check cryptsetup’s man for more options. Then enter your passcode twice and never forget it and never write it down. Next step is to create a filesystem inside the LUKS container or it won’t mount. Use the -L option for “label name”. Finally, create a mount point; mine is in /mnt, but you could also make one in /media. Be sure to give it appropriate ownership for access after creating.

lsblk
sudo cryptsetup luksFormat /dev/sda
sudo mkfs.ext4 /dev/mapper/cryptpart
sudo mkdir /mnt/here
sudo chown user:group /mnt/here

That’s it, you’ve created the encrypted drive. Now let’s mount it, and then unmount it:

sudo cryptsetup luksOpen /dev/sda cryptpart
sudo mount /dev/mapper/cryptpart /mnt/here
cd /mnt/here
sudo umount cryptpart
sudo cryptsetup luksClose cryptpart

Easy, right? There are a lot of options, like using crypttab and a keyfile for auto-mounting, but again, I want it to be a paperweight that no-one can access but me. You may want to back the LUKS headers on the drive, or do a luksdump in case of drive failure. Which also brings up the final point to be made: BACK UP EVERYTHING. If you have one drive that’s encrypted, you’ll need another backup drive of it that’s also encrypted.

minidlna, redux

I haven’t used minidlna is quite some time, but as I was trying to get a friend into streaming, I thought it was time for a revisit, not only for my own re-edification, but for two reasons: First, Roon does not support streaming video; minidlna gives me a handy way to do that using VLC. Second, I don’t have all my digital audio in my Roon library. I reserve that for lossless or better digital files that Roon can easily recognize and tag properly.

I started with this old post – which is a GREAT place to start. But had a few issues, foremost, minidlna didn’t load any music from my mounted RAID drive on my computer! To troubleshoot why nothing was there, I checked user permissions on the folder:

sudo -u minidlna ls -al /mnt/data/Music/napster

Access denied! Fair enough.

First thing I did was add the user “minidlna” to the “user” group.

sudo usermod -a -G "user" minidlna

Then verify it added:

user:~/Desktop$ id minidlna
uid=131(minidlna) gid=137(minidlna) groups=137(minidlna),1000("user")

Next, I had to check the permissions of the drive I have at /mnt/data/. Ends up that it was created with 755 so I changed it to 775 so the group had access to the mount point and gave others read and execute:

sudo chmod 775 /mnt/data
sudo chmod o+xr <folder>

Next, reboot and check again. It worked:

I’m using VLC locally as it’s a very easy and useful front end for mindlna/UPnP servers, and Bubblesoft remotely (because I did all those years ago) but further interacting with clients I’ll save for the next post.

Quick note: Artwork wasn’t turning up when I added it, but after I killed minidlna and did a rescan, it appeared.

sudo service minidlna stop
sudo minidlnad -R

On the web:
Minidlna

---

roon arc

Just announced today is Roon ARC, a new app for Android and iOS that allows streaming outside your home network! That’s a huge feature, and one that I’m sure will pay huge dividends for the company as having your music “on the go” was one of two features missing from Roon. (The other? Yes, it’s the ability to add your own reviews, bios, etc.).

I first updated my core, desktop, etc. to Roon 2.0, and then downloaded Roon ARC to my cell phone. I next opened the desktop application to configure Settings>Roon ARC. Before this connected, I had to open the following firewall port in UFW on Ubuntu box (see above, looks like it’s configurable):

sudo ufw allow 40229/tcp comment roonarc

I then cut wifi on my phone and guess what, I’m streaming! Now Roon, please add ARC to the Microsoft Store so I can get it on my Surface Go when I travel.

On the Web:
Roon 2.0

dnscrypt-proxy

Time to setup dnscrypt-proxy on my new Ubuntu 22.04 LTS box. I found the best way to do this was to also install resolvconf and use that to ensure that /etc/resolv.conf always get the dnscrypt port of 127.0.2.1. Previously I’ve used a bunch of different methods, but for this distro, I’m happy with my results.

sudo apt udpate
sudo apt install dnscrypt-proxy resolvconf
sudo nano /etc/dnscrypt-proxy/dnscrypt-proxy.toml

Here you can change the settings for dnscrypt, by altering the server_names line (e.g. [‘cisco’], [‘cloudflare’]). Also ensure that the listen_addresses is empty. Restart the service if you make changes.

sudo systemctl restart dnscrypt-proxy

Next, open your Network Manager and go to the IPv4 settings. Turn off Automatic DHCP and set the address to 127.0.2.1. Restart the NetworkManager service.

sudo systemctl restart NetworkManager

Finally, edit the following resolvconf file to use the dnscrypt’s address in /etc/resolv.conf by adding the following line: nameserver 127.0.2.1

sudo nano /etc/resolvconf/resolv.conf.d/head

Now restart your computer.

You can test a number of ways. If you used [‘cisco’] you can do the following. Note in the ANSWER section “dnscrypt enabled”.

dig txt debug.opendns.com
; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> txt debug.opendns.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28688
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;debug.opendns.com.		IN	TXT

;; ANSWER SECTION:
debug.opendns.com.	59	IN	TXT	"server m45.chi"
debug.opendns.com.	59	IN	TXT	"flags 20040022 0 50 180000000000000000003950000000000000000"
debug.opendns.com.	59	IN	TXT	"originid 585506578"
debug.opendns.com.	59	IN	TXT	"actype 2"
debug.opendns.com.	59	IN	TXT	"bundle 13458843"
debug.opendns.com.	59	IN	TXT	"source 76.229.202.213:57968"
debug.opendns.com.	59	IN	TXT	"dnscrypt enabled (7158645166363443)"

;; Query time: 4 msec
;; SERVER: 127.0.2.1#53(127.0.2.1) (UDP)
;; WHEN: Fri May 06 10:48:39 CDT 2022
;; MSG SIZE  rcvd: 313

Another way of checking is to visit https://www.dnsleaktest.com/ which will tell you your DNS resolver.

The only thing I don’t get is this: Why does this use the old address? For another day.

dnscrypt-proxy -resolve google.com -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml 
Resolving [google.com] using 127.0.0.1 port 53

Unable to resolve: [read udp 127.0.0.1:35375->127.0.0.1:53: read: connection refused]

ubuntu 22.04lts jammy jellyfish

Now that the new box is built, it’s off to make it work. As previously stated, I downloaded Ubuntu 22.04 LTS on DVD, but it had issues loading. I quickly made a bootable USB drive and was off to the races. I chose a minimal install without encryption and with updates. I can’t be bothered entering a password after every reboot, let alone remotely; but foremost, there’s nothing on the computer that needs to be encrypted.

Once completed, I first got the RAID1 with my music configured by creating a mount point, adding it to /etc/fstab and made an alias for it in my home folder. I then downloaded Roon, made it executable, installed its dependencies (curl, ffmpeg, cifs-utils) and then ran the installation script. On my Windows computer, I signed into Roon Desktop (btw, remember to sign out of any previous installations), added my music libraries and – most importantly – restored the latest backup of my previous Roon Core!

Next up was getting Duckdns so I can login remotely, UFW because it’s open for remote access, and configuring SSH for my website’s production host. Most of this was simple, though I did have to temporarily enable PasswordAuthentication on the production host for keys, and I also needed to reconfigure my router with the MAC address for the new motherboard to access the computer via port forwarding.

I then set to install the applications I need. Some are little tweaks like numlockx, while others were from that list I made – Audacious, Brasero, MOC, Easytag, etc, while fre:ac was a snap. I have issues with dt14-tmeter, which has always been prickly (fixed 04/26/22), and Totem which crashes and doesn’t play correctly under Wayland. I also imported bookmarks into Firefox and did quick run through of my top sites to get their passwords remembered.

I’m on the fence about tweaking out the UI, as the older I get the less I care about having it my way: Ubuntu and Gnome are good enough out of the box. I’m sure at some point I’ll get bored and add Gnome Extensions, Tweaks, get the Snap-free Firefox, change the colors etc, but for now, the computer is fine as it is. In the meantime, I will continue to use Xorg as everything seems to run best under it, including Totem, Audacious, etc.

One the web:
https://ubuntu.com/download/desktop

byopc 2022

With the arrival of Ubuntu 22.04 LTS, aka Jammy Jellyfish, it’s time to build a new Linux box. Hard to believe that another four years has already passed. I’m still happy with the old one, but the fans are a bit noisy, and I’d like to up performance. Note that this computer is an “always-on” dedicated music server for Roon software, containing a 4TB RAID1 with my music collection. And that’s just about all I use it for: ripping CDs to the library, running Roon server, the occasional DVD or CD burn, and of course, having the Linux environment at home to keep my itjerk skills up.

Over the years, I’ve found myself gravitate almost exclusively to the Windows environment for “day to day” computing. Why? It’s just fine for me. Other than running a few applications (mostly InDesign), the vast majority of my desktop experience is inside a web browser. Yours too, probably. And as someone that’s spent the past 20+ years in desktop support, I’m completely agnostic about Mac vs Windows vs Linux. Whatever costs less should be one’s top choice, not some brand fetish. Whether it’s a Dell or any Apple, Windows or macOS or Ubuntu, a properly maintained computer is both safe and secure. “Better” is subjective.

I’ve chose an Intel i3-10105 processor for the computer because a) it’s the cheapest I could find ($89) and b) it gives me plenty of “boost” from the current G4400 Pentium; more cores/threads/cache, faster clock, and only mildly less power efficiency (65w vs 54w). For the motherboard, I’ll need an LGA 1200 socket and a quick look at the Microcenter website yields the ASUS H510M-E Prime Intel microATX for $85. I’ll throw in a very fast 256GB NVMe M.2 drive for $32 for the boot drive and that’s about all I need. I have 8GB of DDR4 2133 RAM from the previous build that to reuse (along with case, power supply, etc). That’s a total bill of $202 for new computer “guts”.

The very first thing to do is ensure I have a backup of the RAID1. I’m going to transfer the RAID card and drives to the new mobo, which should go without a hitch (it did), but having a fresh backup gives me 100% peace of mind. I’m getting a new M.2 boot drive, so I’ll have the previous SSD to copy things over. Then, I’ll be sure to get a list of programs I’ll need to reinstall along with bookmarks, config files and my bash history (a wealth of knowledge!). With an initial minimum install of Ubuntu, I’ll need a few things, but mostly they and their dependencies relate to Roon, CD ripping and playback (notably Fre:AC and it’s config files!), plus a few DVD programs like Handbrake, DeeVeeDee and DVDAE. No need to bring extra software baggage to a clean install; if I forgot something, I can always install later.

One thing about the installation: maybe I’m getting old or maybe the lighting was just bad, but I did have to recheck some of my connections inside the case. RAM wasn’t clipped completely, USB header was off and I didn’t push the audio plug in all the way! The old SPDIF card I had doesn’t have the right pin config, so I’ll splurge $17 for a new one.

After downloading Ubuntu 22.04 LTS, I burned a DVD of the iso but it didn’t work. So I quickly made a USB drive and installation was fine. I did a minimal install, no encryption (PITA to enter a password and no way to do it remotely). I did get a couple boot warnings, but after I updated the mobo’s BIOS and the ACPI warning went away, while enabling VMX in the BIOS advanced settings corrected that. Still have “SGX disabled in BIOS” to deal with. One other thing, when the computer boots, it doesn’t display the RAID card’s screen. Hmmm.

Now on to Jammy Jellyfish!

roon firewall update

For some reason which I now forget, I signed up for the beta channel for Roon’s Linux server software. It updates maybe once a month, and very recently (with 1.8.x) everything stopped working right. A quick jump to the community boards and I found out that Roon Labs had changed the ports required for the software. Even more astonishingly, it’s undocumented. Here’s what I’m using.

22/tcp                     ALLOW       Anywhere                  
9003/udp                   ALLOW       192.168.0.0/24       # roon
9330:9339/tcp              ALLOW       192.168.0.0/24       # roon
8008:8009/tcp              ALLOW       192.168.0.0/24       # roon
30000:30010/tcp            ALLOW       192.168.0.0/24       # roon
8010                       ALLOW       Anywhere             # chromecast
1194/udp                   ALLOW       192.168.0.0/24       # roon
22/tcp (v6)                ALLOW       Anywhere (v6)        
8010 (v6)                  ALLOW       Anywhere (v6)        # chromecast

new raid1

The linux computer crashed. Upon restart, it wanted a disk check. Fair enough. But then when it rebooted, it went to the recovery console. Uh, oh, something is up. I went to Advanced Options and did a dpkg check, which found a few things to correct before I could reboot back into the GUI. At first I thought the OS drive was bad, but it ends up that the data drive was the one that had the error.

Upon the next reboot, my RAID card gave me a warning, “HDD may be not available. Please contact…” but when I went into the RAID menu, all drives were good. Hmmm. Does the ASMedia really read the disks’ SMART status? Once inside Ubuntu I then checked the SMART status of my drives using smartctl:

sudo smartctl -d sat --all /dev/sdx -H

The OS drive was fine, but the RAID said DISK IS LIKELY TO FAIL SOON, even though the RAID menu reported both disks as fine. While smarctl is very useful, it cannot look inside the ASMedia controller to let me know which disk was failing. Card said fine, OS said not fine. Who do I trust? Ubuntu. Bottom line: SMART is not to be ignored.

First, I immediately did a backup. Success. I then popped down to my local Microcenter and purchased two new (price matched!) 4TB Seagate IronWolf drives and setup a new RAID1. Why? Foremost, all the drives were still working, no data had been lost. So why not start fresh, reset the clock on the drives to Late 2021 and gain an extra TB of space?

It’s just a lot of time to complete a restore, but everything is safe again.