dnscrypt-proxy

Time to setup dnscrypt-proxy on my new Ubuntu 22.04 LTS box. I found the best way to do this was to also install resolvconf and use that to ensure that /etc/resolv.conf always get the dnscrypt port of 127.0.2.1. Previously I’ve used a bunch of different methods, but for this distro, I’m happy with my results.

sudo apt udpate
sudo apt install dnscrypt-proxy resolvconf
sudo nano /etc/dnscrypt-proxy/dnscrypt-proxy.toml

Here you can change the settings for dnscrypt, by altering the server_names line (e.g. [‘cisco’], [‘cloudflare’]). Also ensure that the listen_addresses is empty. Restart the service if you make changes.

sudo systemctl restart dnscrypt-proxy

Next, open your Network Manager and go to the IPv4 settings. Turn off Automatic DHCP and set the address to 127.0.2.1. Restart the NetworkManager service.

sudo systemctl restart NetworkManager

Finally, edit the following resolvconf file to use the dnscrypt’s address in /etc/resolv.conf by adding the following line: nameserver 127.0.2.1

sudo nano /etc/resolvconf/resolv.conf.d/head

Now restart your computer.

You can test a number of ways. If you used [‘cisco’] you can do the following. Note in the ANSWER section “dnscrypt enabled”.

dig txt debug.opendns.com
; <<>> DiG 9.18.1-1ubuntu1-Ubuntu <<>> txt debug.opendns.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28688
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;debug.opendns.com.		IN	TXT

;; ANSWER SECTION:
debug.opendns.com.	59	IN	TXT	"server m45.chi"
debug.opendns.com.	59	IN	TXT	"flags 20040022 0 50 180000000000000000003950000000000000000"
debug.opendns.com.	59	IN	TXT	"originid 585506578"
debug.opendns.com.	59	IN	TXT	"actype 2"
debug.opendns.com.	59	IN	TXT	"bundle 13458843"
debug.opendns.com.	59	IN	TXT	"source 76.229.202.213:57968"
debug.opendns.com.	59	IN	TXT	"dnscrypt enabled (7158645166363443)"

;; Query time: 4 msec
;; SERVER: 127.0.2.1#53(127.0.2.1) (UDP)
;; WHEN: Fri May 06 10:48:39 CDT 2022
;; MSG SIZE  rcvd: 313

Another way of checking is to visit https://www.dnsleaktest.com/ which will tell you your DNS resolver.

The only thing I don’t get is this: Why does this use the old address? For another day.

dnscrypt-proxy -resolve google.com -config /etc/dnscrypt-proxy/dnscrypt-proxy.toml 
Resolving [google.com] using 127.0.0.1 port 53

Unable to resolve: [read udp 127.0.0.1:35375->127.0.0.1:53: read: connection refused]

Advertisement

no wayland

Having run Ubuntu 22.04 LTS for a week now, I tracked a lot of the “misbehavior” down to the Wayland display server protocol. Totem never quite loaded correctly, if it even ran, while seemingly innocuous tasks like dropping a file on Audacious also proved troublesome. So until Ubuntu figures out Wayland’s inadequacies, I’m back to using good ol’ Xorg.

When you log in to Ubuntu, there’s a gear in the bottom right screen to choose which display server you want to use. But to make it a little more foolproof, simply edit Wayland out of existence:

sudo nano /etc/gdm3/custom.conf

#Uncomment the line below to force the login screen to use Xorg
WaylandEnable=false

You can always check which display you are using with:
echo $XDG_SESSION_TYPE
x11

ubuntu 22.04lts jammy jellyfish

Now that the new box is built, it’s off to make it work. As previously stated, I downloaded Ubuntu 22.04 LTS on DVD, but it had issues loading. I quickly made a bootable USB drive and was off to the races. I chose a minimal install without encryption and with updates. I can’t be bothered entering a password after every reboot, let alone remotely; but foremost, there’s nothing on the computer that needs to be encrypted.

Once completed, I first got the RAID1 with my music configured by creating a mount point, adding it to /etc/fstab and made an alias for it in my home folder. I then downloaded Roon, made it executable, installed its dependencies (curl, ffmpeg, cifs-utils) and then ran the installation script. On my Windows computer, I signed into Roon Desktop (btw, remember to sign out of any previous installations), added my music libraries and – most importantly – restored the latest backup of my previous Roon Core!

Next up was getting Duckdns so I can login remotely, UFW because it’s open for remote access, and configuring SSH for my website’s production host. Most of this was simple, though I did have to temporarily enable PasswordAuthentication on the production host for keys, and I also needed to reconfigure my router with the MAC address for the new motherboard to access the computer via port forwarding.

I then set to install the applications I need. Some are little tweaks like numlockx, while others were from that list I made – Audacious, Brasero, MOC, Easytag, etc, while fre:ac was a snap. I have issues with dt14-tmeter, which has always been prickly (fixed 04/26/22), and Totem which crashes and doesn’t play correctly under Wayland. I also imported bookmarks into Firefox and did quick run through of my top sites to get their passwords remembered.

I’m on the fence about tweaking out the UI, as the older I get the less I care about having it my way: Ubuntu and Gnome are good enough out of the box. I’m sure at some point I’ll get bored and add Gnome Extensions, Tweaks, get the Snap-free Firefox, change the colors etc, but for now, the computer is fine as it is. In the meantime, I will continue to use Xorg as everything seems to run best under it, including Totem, Audacious, etc.

One the web:
https://ubuntu.com/download/desktop

byopc 2022

With the arrival of Ubuntu 22.04 LTS, aka Jammy Jellyfish, it’s time to build a new Linux box. Hard to believe that another four years has already passed. I’m still happy with the old one, but the fans are a bit noisy, and I’d like to up performance. Note that this computer is an “always-on” dedicated music server for Roon software, containing a 4TB RAID1 with my music collection. And that’s just about all I use it for: ripping CDs to the library, running Roon server, the occasional DVD or CD burn, and of course, having the Linux environment at home to keep my itjerk skills up.

Over the years, I’ve found myself gravitate almost exclusively to the Windows environment for “day to day” computing. Why? It’s just fine for me. Other than running a few applications (mostly InDesign), the vast majority of my desktop experience is inside a web browser. Yours too, probably. And as someone that’s spent the past 20+ years in desktop support, I’m completely agnostic about Mac vs Windows vs Linux. Whatever costs less should be one’s top choice, not some brand fetish. Whether it’s a Dell or any Apple, Windows or macOS or Ubuntu, a properly maintained computer is both safe and secure. “Better” is subjective.

I’ve chose an Intel i3-10105 processor for the computer because a) it’s the cheapest I could find ($89) and b) it gives me plenty of “boost” from the current G4400 Pentium; more cores/threads/cache, faster clock, and only mildly less power efficiency (65w vs 54w). For the motherboard, I’ll need an LGA 1200 socket and a quick look at the Microcenter website yields the ASUS H510M-E Prime Intel microATX for $85. I’ll throw in a very fast 256GB NVMe M.2 drive for $32 for the boot drive and that’s about all I need. I have 8GB of DDR4 2133 RAM from the previous build that to reuse (along with case, power supply, etc). That’s a total bill of $202 for new computer “guts”.

The very first thing to do is ensure I have a backup of the RAID1. I’m going to transfer the RAID card and drives to the new mobo, which should go without a hitch (it did), but having a fresh backup gives me 100% peace of mind. I’m getting a new M.2 boot drive, so I’ll have the previous SSD to copy things over. Then, I’ll be sure to get a list of programs I’ll need to reinstall along with bookmarks, config files and my bash history (a wealth of knowledge!). With an initial minimum install of Ubuntu, I’ll need a few things, but mostly they and their dependencies relate to Roon, CD ripping and playback (notably Fre:AC and it’s config files!), plus a few DVD programs like Handbrake, DeeVeeDee and DVDAE. No need to bring extra software baggage to a clean install; if I forgot something, I can always install later.

One thing about the installation: maybe I’m getting old or maybe the lighting was just bad, but I did have to recheck some of my connections inside the case. RAM wasn’t clipped completely, USB header was off and I didn’t push the audio plug in all the way! The old SPDIF card I had doesn’t have the right pin config, so I’ll splurge $17 for a new one.

After downloading Ubuntu 22.04 LTS, I burned a DVD of the iso but it didn’t work. So I quickly made a USB drive and installation was fine. I did a minimal install, no encryption (PITA to enter a password and no way to do it remotely). I did get a couple boot warnings, but after I updated the mobo’s BIOS and the ACPI warning went away, while enabling VMX in the BIOS advanced settings corrected that. Still have “SGX disabled in BIOS” to deal with. One other thing, when the computer boots, it doesn’t display the RAID card’s screen. Hmmm.

Now on to Jammy Jellyfish!

ubuntu 20.04 lts

Yes, the latest LTS distribution of Ubuntu, 20.04 aka Focal Fossa, has been released. I’m raring to upgrade my desktop but there’s always a bit of work involved. Of course, with the COVID-19 pandemic in full swing, I’ve got plenty of time on my hands. But a few other things first. Watch this space.

Here’s my thoughts:
1. I need my Ubuntu server to be dedicated to music (and video); that’s why I got into the Linux game in the first place, and I’m all-in with Roon. I’ll do a clean install of 20.04, get 99% of it setup in no time at all.
2. The local copy of my production website(s) needs to go to a virtual machine. Great solution to a small problem.
3. Backup for photos and documents. Why not pay for a cloud service? I don’t like the idea of having a few hard drives laying around, I’m too OCD for that. Get it organized, put it in the cloud.

Now that’s a plan.

ubuntu 18.04 lts

Desktop upgrade time. The latest version of Ubuntu, 18.04 lts “Bionic Beaver,” was released last week, so I decided to upgrade my desktop computer in situ from 16.04LTS. There’s lots of changes between LTS versions, but the big change here was the switch from Compiz/Unity display manager and desktop to Xorg/Gnome. The reason why I upgrade is that the LTS version is supported until 2023, though I have to admit that having a new UI was enticing, especially with Gnome Shell extensions.
sudo update-manager -cd
After the above command to make the upgrade available to Software Updater, I had errors. Nonetheless, Bionic Beaver installed, and I rebooted. The first error was with ca-certificates during upgrade, which is a known Bug #1767453. The second was a broken intramfs, which I solved by updating it for the current kernel, sudo update-initramfs -c -k 4.15.0-20-generic.

Bigger issue I had was with Xorg/Gnome. When I’d go to log in, I’d get an empty screen, though intermittently between reboots it would work. Ugh. So I reinstalled Xorg/Gnome, by doing this:
sudo tasksel install ubuntu-desktop
then uninstalled Compiz/Unity by this:
sudo apt-get purge compiz compiz-plugins-main-default libcompizconfig0

It ends up the issue boiled down to one of the Display Managers, lightdm or gdm3. I decided to purge lightdm and use gdm3, which after the following thorough reinstallation, seems to be working:
apt-get update
sudo apt-get -d install --reinstall gdm3
sudo apt-get remove --purge gdm3
sudo apt-get install gdm3

I also installed gnome-tweak-tool to move the min/max buttons to the left, and the new theme, Communitheme, because after 8 years of Ambiance we all need a new Ubunutu theme! I also found some useful Gnome Shell extensions, which I installed via the “chrome” plugin in Firefox (go figure!). Oh, and this:
gsettings set org.gnome.shell.extensions.dash-to-dock show-apps-at-top true

After the perfunctory sudo apt-get update/dist-upgrade/autoremove, I went through many things, like local copies of websites, Openvpn, etc. and found they worked. MiniDLNA was also running but Logitech Media Server needed to be reinstalled (with a new version: 7.9.1 – 1522157629 @ Fri Mar 30 12:25:29 CEST 2018).

Mostly good, and a nice change of desktop scenery!

phpbb – new website

I have a web property, progressiverock.com, that’s been dormant ever since I rebranded my prog rock site after my book, strawberrybricks.com, a few years ago. One would think that the former URL is worth some money, but to date I have been unsuccessful in finding a buyer. So rather than just serving as a redirect to the latter URL, I decided to install phpbb and relaunch the site as a bulletin board to discuss all things prog rock and generate some brand recognition.

I use Digital Ocean for virtual hosting because it’s cheap (starting at $5/mo) and easy. The process to create a new virtual host “droplet” is simple enough: pick your choice of options (size, memory), hosting location, operating system (you can even get it pre-loaded with LAMP) and then setup the dns records. Within minutes, it was up and running as progressiverock.com.

Immediately after an apt-get update/dist-upgrade, I added some basics to the core system, like openssh server, ufw, postfix/logwatch and apticron. Most were straight forward installs, but for postfix, be sure to setup your A, MX and TX records before you start, and check your logs/errors for what to tweak; I had to add postconf compatibility and manually create the virtual alias map to clear errors I found in mail.log. I also setup sender_canonical because I just have a “no-reply” email system (for now). Also, don’t forget to set your timezone.

After configuring mysql and apache2, I added my rss feed, which needed the php-xml module installed to work. Let’s Encrypt was next, because why not — everyone should be using SSL. I also added awstats, which needed user www-data added to the adm group to correct the errors I generated by cron. The bulletin board software phpbb was quite simple to install; fortunately I remembered some basic mySQL commands to get the database setup beforehand. I then added American English as a language, and found feedpostbot, an extension that uses rss feeds to create topics — perfect for the “Album of the Day.” Forum hierarchy took a little thought, and I’m sure I’ll change it again before it all goes live. My next task is to get a new style for the site, but that my require some outside help. More later.

None of this was complicated, and most steps took but a few minutes to do. My big take away here is that log files and error messages are your friend: listen to them as they tell you exactly what to correct with your installation.

And if you want the domain progressiverock.com, make me an offer that I can’t refuse!

Update: I found the easiest way to prevent spammers from creating accounts is to use Q&A for the Captcha. 100% reduction in bogus accounts.

On the web:
phpBB • Free and Open Source Forum Software

minidlna

When talking about digital music servers other than Squeezebox Server, I feel like a cheater. It’s been my reliable go-to method for serving up my ripped and downloaded music for over a decade now. But not every piece of hardware speaks to it; Beep appeared a while back and saw me install miniDLNA on my linux box, where all my music files reside.

The Digital Living Network Alliance is a trade group that certifies compliance to a standard for delivering digital media. MiniDLNA is an implementation for Ubuntu, and mini it is! No interface (save a bare bones web page at port 8200), it is configured by editing /etc/minidlna.conf.

Set the path to your music; I’m only looking for audio files, so I mark the directory with an A.
#media_dir=/var/lib/minidlna
media_dir=A,/mnt/data/music

Set the database cache directory (important!) and enable logging:
db_dir=/var/cache/minidlna
log_dir=/var/log

Tell it to look for new files or not:
inotify=yes

Enable links outside user-defined media_dirs:
wide_links=yes

Set the name of the server presented to clients. This provides a simple way to check if you’re connecting to you server.
friendly_name=My-MiniDLNA

That’s it! Restart the service after you make changes to the configuration,
sudo service minidlna restart

or rebuild the database if you’ve changed or added music.
sudo service minidlna force-reload

There’s a ton more it can do, including serving videos, pictures, etc, and it also offers per-user configuration as well; but for my purpose my newly acquired Oppo BVD-103 can now stream all the music on my computer.

EDIT: Also including a link for the bubblesoft add-on server. I use this with the Bubblesoft app to access MiniDLNA on my Android phone. Uses java and requires port 58050 to be open.

On the web:
MiniDLNA Ubuntu
ReadyMedia
bubblesoft

raid, finally

I’ve always kept my media on a second drive in my linux box and backed it up to a remote NAS. While a perfectly acceptable setup, what I always wanted was two mirrored drives with all my data. The computer already a WD Red 1TB drive so I thrilled when I found another of the exact same drive for $67. Always a best practice to use the same model when building a mirrored RAID1.

I bought a Syba 2-port SATA RAID controller card that plugged into the empty PCI-e slot on the motherboard. It was only $25, but honestly if I had a motherboard with more features, I wouldn’t have needed it. Nonetheless, after moving the drives around in the case so the power connectors would match up to all the drives, I booted the computer and used CTRL-R immediately to get to the card’s BIOS to setup the RAID. It didn’t initially recognize all the drives, so I booted into Ubuntu and used the program Disks to format the new drive. (I also edited /etc/fstab and took out the reference to the old single drive). Rebooting again, the card recognized both drives, and then setup them up as a RAID1 using the card’s BIOS utility.

Continuing into Ubuntu, I again ran Disks and formatted the new single drive. I then edited /etc/fstab with the new mount point (which I had to create), and then ran a sudo mount -all to access it.

Now it’s time to copy everything back to my new mirrored data drive. Remember, when it comes to data, you must have two copies of everything you’d ever expect to keep. But two drives mirrored are really only one copy (think accidental erase), so I’ll still need to keep a backup of files I want to keep forever.

ubuntu 16.04 xenial xerus

Last week the first point release for Ubuntu 16.04 LTS triggered the update on my 14.04 computer and I went for it. There are several questions that pop up and need an answer for the upgrade to continue, so it’s an attended upgrade. I didn’t pay too much attention to what was upgraded, removed, not supported, etc, I just figured I would figure out whatever I need to.

Drupal 6 didnt work out of the box because 16.04 ships with Php7; but it was easy enough to install Php5.6, with the help of this repository (the guy is an official packager for Debian) so now I again have a local copy of my website.

I also needed to upgrade Logitech Media Server to 7.9, which is a beta version, but once installed, my Slimserver – the thing that got me into linux so many years ago – started working again right away.

I have to admit that with the LTS releases being supported for five years, there really isn’t much of a point to upgrading a desktop. At that point, it’s time for a new computer and a clean install. But for something like my webhost, where I’ve got more investment in webserver, email, etc, it’s easy enough to do twice every 10 years.

On the web: Xenial Xerus