the itjerk

my adventures with technology

status = vote2020

I’ve been very busy with work. Who knows what kind of shit show November will be, so I’ve been working away upgrading hundreds of computers. Windows 10 feature 2004, and Catalina 10.15.5-7. I’ve also been knocking the old Windows 7s and High Sierras on the head. Remember, there’s no badge of honor in a seven to thirteen year old computer. It’s done, it had a good life. There’s more power in that new iPhone.

Anyway, I’m still here, doing well, being safe, wearing a mask and keeping the social distance as best an itjerk can. Hope you are too. Let’s fix this mess in November #Vote2020 #fu45 #CupOJoe #bidenharris

dr14.tmeter

Wow, figured out how to install this nifty python program that calculates dynamic range on flac files. Ubuntu 20.04 ships with Python3. There’s some drama between python versions 2 and 3 (e.g. latter merely a release candidate), so the best way is to first get pip and use it to install the program DR14-T.meter:

sudo apt update
sudo apt install python3-pip

Now we can use pip3 to install the dependencies, and then dr14.tmeter

sudo -H pip3 install numpy scipy
sudo -H pip3 install DR14-T.meter

Alternatively, you can use pip3 to install just for a specific user (in ~/):
pip3 install DR14-T.meter --user

to calculate the dynamic range of an album, switch to the directory and run
dr14_tmeter ./

Scan Dir: /Music/Yes/1971_The_Yes_Album

02_Clap.flac: DR 15
01_Yours_Is_No_Disgrace.flac: DR 11
03_Starship_Trooper-_a._Life_Seeker_-_b._Disillusion_-_c._Würm.flac: DR 12
04_I’ve_Seen_All_Good_People-_a._Your_Move_-_b._All_Good_People.flac: DR 10
05_A_Venture.flac: DR 11
06_Perpetual_Change.flac: DR 11
DR = 12

– The full result has been written in the files: dr14.txt
– located in the directory:
/Music/Yes/1971_The_Yes_Album

Success!
Elapsed time: 5.60 sec

On the web:
DR14_T.meter

further down the pandemic road…

I hope everyone is hanging in there, observing social distancing and wearing a mask. Life goes on for the itjerk: work, family, music, technology, cooking… Being safe and register to vote in November. #changewemust

uncomplicated firewall (ufw)

RoonUFW
I run a Roon Server or “Core” on my Ubuntu box to supply music to various endpoints on my local subnet. Because the computer also has a window to the outside world, I run a firewall, ufw. Like its namesake, it’s easy to configure, you can get the basics here. Anyway, I need to open a few ports so Roon Server can be discovered on my subnet, by creating an application profile and then adding a rule to the firewall.

First, we’ll create a file “roon” in the following location:
$ cd /etc/ufw/applications.d/
$ sudo touch roon
$ sudo nano roon

Here’s what’s in the file:
[Roon]
title=Roon Server
description=Roon Labs Core Music Server
ports=9003/udp|9100:9200/tcp

Note the context of the ports entry: The pipe separates udp from tcp, and ranges are set with a colon (and individual ports with a comma). Once you create the file, you can quickly check syntax by running ufw status, and it will let you know if you made any errors, which is handy. Once that’s created, it’s easy enough to add the rule to ufw, and check status again to see it working:

$ sudo ufw allow from 192.168.1.0/24 to any app roon
$ sudo ufw status

Status: active
To Action From
— —— —-
Roon ALLOW 192.168.1.0/24

I should note that the reason I’m doing this is because Roon doesn’t document what ports need to be open, and I’m having an issue with one piece of hardware being recognized on reboot. There’s probably another series of ports that I need to open up, so having a profile is an easy way to trouble shoot; once I make changes, I can edit the profile then update ufw with the following command:

$ sudo ufw app update Roon

Since Roon uses randomized ports, my interim fix is to allow access to the server from the endpoint in question:

$ sudo ufw allow from [endpoint ip]

Nothing scary here folks, just some computer and network basics.

wireguard vpn

On my to-do list for my newly christened Ubuntu box was to install a VPN. I had previously used OpenVPN-AS (Access Server), which is a lite version (two user) of OpenVPN that uses a web interface for most configuration. I also considered using “regular” OpenVPN but to be honest, there’s a fair amount of work in setting up keys, and I didn’t want to use scripts downloaded from github. Enter WireGuard.

Here’s the pitch. “WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec (and OpenVPN), while avoiding the massive headache. It intends to be considerably more performant than OpenVPN.” In short, it’s easy to configure, lightweight to use, and it’s already in the Ubuntu 20.04LTS repo.

To install WireGuard, we install the program, create keys, configure the virtual network device (wg0), and then configure the client (Android).

#install WireGuard
$ sudo -i
$ apt update && install wireguard

#generate server keys (these are stored in /etc/wireguard/)
$ umask 077; wg genkey | tee privatekey | wg pubkey > publickey
cat publickey

#configure the WireGuard interface wg0 (leaving peer empty for now)
$ cd /etc/wireguard
$ nano wg0.conf

[Interface]
Address = 192.168.6.1/24
SaveConfig = true
ListenPort = [port]
PrivateKey = [server privatekey]

[Peer]
PublicKey = [client publickey]
Allowed IPs = 192.168.6.2/32

#open port on firewall for WireGuard to listen
$ ufw allow [port]/udp

#enable and start Wireguard server
$ sudo systemctl enable wg-quick@wg0
$ sudo systemctl start wg-quick@wg0
$ sudo systemctl status wg-quick@wg0

#now that the service is started, let’s stop it, and configure our client.
#first we create client (keys we’re not going to save them)
$ sudo systemctl stop wg-quick@wg0
$ wg genkey | (
read privk
echo "android-private-key: $privk"
echo "android-public-key: $(echo "$privk" | wg pubkey)"
)

#edit wg0.conf and enter the publickey for your client, then restart WireGuard
$ sudo systemctl start wg-quick@wg0
$ sudo systemctl start wg-quick@wg0

#now let’s create a config_file for the client.
$ exit
$ cd ~/Desktop
$ nano config_file

[Interface]
#client
PrivateKey = [client privatekey]
Address = 192.168.6.2/24

[Peer]
#server
PublicKey = [server publickey]
AllowedIPs = 192.168.6.0/24
Endpoint = [ip or host name]:[port]
PersistentKeepalive = 15

#save the file and generate a qrcode to scan with your phone
$ qrencode -t utf8 < config_file

That’s it! I installed the WireGuard app on my Pixel phone, selected QR code for the connection and scanned the image, then the app asked me to name my new connection. All set, I connected and viola, I have my own VPN server.

Couple of notes. Pay attention to the IP addresses and masks; they must be exact. You can use whatever port you want for WireGuard to listen, and it works well with DuckDNS dynamic hostname. Multiple peers can be configured as well. The Android app could do a better job “hiding” both keys, but there you are.

On the web:
WireGuard

duplicate files

Finding duplicate files is big part of my Ubuntu data cleanup plan. Here’s some tips: Fdupes finds duplicate files via checksum; the first command will summarize what it finds in a recursive search, while the latter will delete the files (N means NO CONFIRMATION!). Warning: there’s no going back! The third command will change the date of pictures to what’s in the jpegs header, for easier sorting.

fdupes -rSm .
fdupes -rdN .
jhead -ft *

microsoft surface go 4/64

I have had a Microsoft Surface Pro 3 for quite a few years now. It’s a “hand-me-down” from work, that gives me access to Active Directory, etc. when I’m not in the office. Nice computer, but it’s showing its age, type pad is glitchy, front camera doesn’t work – but what do you expect for free?

I’ve been using that and what amounts to be a terrible tablet (Lenovo Tab 7) – painfully slow, always needs updates, poor battery life – in my man cave for running Roon controller, and that old Surface for running REW, Room EQ Wizard software. Here’s the thing. This room is my sanctuary. Once I’m at home, I leave my phone in the kitchen, not to be bothered. I want to sit in the sweet spot when I play digital music, and not get up; one must get up to play vinyl! So, the desktops won’t do. Plus, I need the portability of a notebook or laptop for room correction. So having a Windows computer that can do all that, and a few other things – having a working webcam – is a real bonus. Yes, the itjerk loves Windows, and that old Surface.

IMG_20200428_142828
I looked on CDWG’s site and found the Microsoft Surface Go 10″ Pentium Gold 4415Y 4GB RAM 64GB EDU in stock for $390. Wow. In stock! Plus, as an EDU edition it comes with a license for Windows 10 Pro. So a couple days later, here I am settling in with my new Go. It’s very elegant hardware, with a screen that’s great on my eyes, though maybe a bit small. But the kickstand and touch screen are fantastic! I didn’t initially get the cover type pad, but will, eventually.

The Surface Go was only current to Windows build 1809, which meant a ton of updates. I know what I’m getting into with a Pentium with 4GB RAM. It’s just fine to run a few applications and surf the web; after all, I’m not planning on using Adobe Creative Cloud on it. But updating to the current 1909 build took a long time. The tablet has one USB-C port and one 3.5mm audio out – minimal to say the least. Thankfully it doesn’t use that USB-C for charging; speaking of which, that’s one universal ding the Surface Go gets – battery life. Another thing to look out for is disk space. 64GB is pretty paltry, especially considering I only had 14.5GB free after all those updates (though running Disk Cleanup freed 38GB, including 32GB from the Previous Windows version). TGFTC? (Thank God For The Cloud)!

All in all, it’s great solution because as a Windows notebook, I can do more than I could with an Android tablet, and as a tablet it’s much more convenient and less expensive than a notebook.

One the web:
Meet Surface Go – Portable Power – Microsoft Surface

ubuntu 20.04 lts

Yes, the latest LTS distribution of Ubuntu, 20.04 aka Focal Fossa, has been released. I’m raring to upgrade my desktop but there’s always a bit of work involved. Of course, with the COVID-19 pandemic in full swing, I’ve got plenty of time on my hands. But a few other things first. Watch this space.

Here’s my thoughts:
1. I need my Ubuntu server to be dedicated to music (and video); that’s why I got into the Linux game in the first place, and I’m all-in with Roon. I’ll do a clean install of 20.04, get 99% of it setup in no time at all.
2. The local copy of my production website(s) needs to go to a virtual machine. Great solution to a small problem.
3. Backup for photos and documents. Why not pay for a cloud service? I don’t like the idea of having a few hard drives laying around, I’m too OCD for that. Get it organized, put it in the cloud.

Now that’s a plan.

farewell, dvd?

I have some DVDs. I don’t know what to do with them. Playing DVDs is passé, right? Everyone has at least a couple services they subscribe to (we have Netflix and Amazon Prime), and everything is on Youtube anyway. But I thought maybe I could rip them to my computer.

In order to rip them to disk, I first installed libdvd-pkg (which allows Ubuntu to decrypt and play DVDs), configured it, and finally installed Handbrake, which is the software that rips the DVDs. Easily done from the command line:
sudo apt-get update
sudo apt-get install libdvd-pkg
sudo dpkg-reconfigure libdvd-pkg
sudo apt-get install handbrake

Ripping DVDs takes a time – it’s pretty much in real time, a rather boring, cpu-intensive and disk-intensive chore. Then, what do I do with all these gigabytes on my drive? I’m not watching them on my computer, no, that’s passé too.
yessongs
Step in VLC media player. Under Playback>Renderer lo and behold I find my Vizio TV. Now I’m Chromecasting away… as long as port 8010 is open!

Another physical format bites the dust.

covid-19

We have entered uncharted territories with COVID-19, as the threat is serious for the elderly and those with underlying conditions. Let’s all do our part to “flatten the curve.” As most everyone is out of school, work, etc., here’s some tips I shared at work, slightly modified for your work from home (WFH) experience.

  • Ensure your laptop or home computer is updated and in good working condition, with the appropriate drive and VPN software installed. Battery not holding a charge? Buy a new one!
  • Work from the Cloud. Use Google Drive, Box, Dropbox, OneDrive, etc. to have access/share your files and data from wherever you may be. Remember, best to use whatever service your organization subscribes to.
  • Export your bookmarks from your work or office computer. Use a single browser exclusively for work on your home computer. And remember, when your work VPN is on, it’s exactly like you’re at the office (remember NSFW).
  • Have a business/team/group continuity plan in place, including a calling tree, and make sure it is up to date.
  • CLEAN YOUR KEYBOARD AND MOUSE. Paper towels and 70% EtOH are effective cleaning and disinfecting them. Avoid using your keyboard and mouse while eating, and wear gloves if you need to share your workstation.
  • Prioritize. Some things can wait and don’t be afraid to say “no.”

Stay safe everyone. We’ll get through this!