05-01-2016

Considering moving from Domino-based Blog to Ghost and node.js

Category Domino Web
IBM Domino is no longer my primary platform for doing browser-related stuff. Has not been for a couple of years.
This has led me to look at where to move my blog, to which Blog Content Management System. And it looks like Ghost.
I will sum up what my thoughts and findings have been.

I really would like to move to a model where my content is hosted in a server that is running from my closet. So, not a cloud hosting setup.
I want the new CMS to be free and preferably Open Source.
The new CMS has to run on Linux. CentOS has been my Server operating system of choice for years.

At first i thought to use WordPress or Joomla. Joomla is used to run the website of Convergens, my employer, and using Joomla would give me more insight in that tool, which could enable me to participate in the tech side of managing that website.
Then I found a blog post that said that WordPress, Joomla and Drupal are NOT the Best CMS, which made sense when I read it. There is some reason to not just go for what is the most popular tools and instead look at the best tools for whatever you're doing.
That blog post linked to an interesting blog about 15 Blogging Platforms That Encourage You To Write, and I checked out the ones that would allow me to do self-hosting.
Ghost is in that list.
Ghost really tries to make the blogger focus on the content. And content is king, as we all aught to know.
You write your content in a browser. You have two panes.
- Left for writing
- Right for previewing as you type on the left
You use Markdown for formatting your text. So instead of using HTML-codes or using graphical icons (that proxy unseen HTML-codes), you use simple codes to tell Ghost what you want done with the text.
If you want something bold, you type "**bold**", ff you want a heading you type "# Heading".
Really simple.
And uploading and inserting images is really easy too, done on the fly as you write.
Ghost is based on node.js.

So, right now I look at what work needs to be done to move from the Domino blog - based on the BlogSphere template - that I have been using for years to Ghost.

I have decided to move my content manually from the Notes-database to Ghost.
Yes - copy-pasting and then hand editing afterwards. I have about 400 blog posts, so I find it to be doable. This will allow me to fix some formatting issues I have created some years back when I went from my home made Notes blogging template to BlogSphere.

I have done some research, and I now know how to make Google and other site indexers pick up that I have moved my pages.
This gets done using the HTTP code 301, that tells a browser or a indexing robot that a page has moved.
All BlogSphere URLs in my Domino-based site end with a unique key. An example: http://www.jens.bruntt.dk/domino/jbruntt/bruntt.nsf/d6plinks/JBRT-8XKP5A
On my new Ghost-based blog I have to make sure that entries that I move have the same uniqe key. Probably http://www.jens.bruntt.dk/blog/JBRT-8XKP5A

In front of the Ghost server I will put an Apache HTTP server with a redirection configuration that will look something like this:
RedirectMatch 301 /domino/jbruntt/bruntt.nsf/d6plinks/(.*)$ /blog/$1
I have tested it, and it works just fine. A browser user accessing http://www.jens.bruntt.dk/domino/jbruntt/bruntt.nsf/d6plinks/JBRT-8XKP5A will automatically get redirected (301) to http://www.jens.bruntt.dk/blog/JBRT-8XKP5A.

15-12-2015

Monster-hul i sikkerhed på Netgear CG3000 kabelmodemet

Category Sikkerhed
Jeg har for nyligt sat nogle IP-kameraer op.
Og i den forbindelse oplevede jeg noget mystisk som ledte mig til at finde noget jeg synes er et enormt sikkerhedshul i Netgear CG3000 kabelmodemet.

Det jeg oplevde var at når jeg tændte for et IP-kamera (TRENDnet TV-IP311PI) så havde det en afledt effkt, nemlig at når nogen ude på internettet prøvede at tilgå min webserver - som står inde på mit netværk - så blev de mødt af login-prompten fra mit IP-kamera.

Den side du læser her - som ligger på www.jens.bruntt.dk - hostes på en server der står på mit netværk. Så inde i mit kabelmodem har jeg sat port-forwarding op som gør at alle forespørgsler på port 80 (som er http-protokollen) ledes hen til min webserver.
Tændte jeg mit IP-kamera så var der noget som gjorde, at denne port-forwarding blev ændret til at lede hen til IP-kameraet.
Hvad nu, hvis jeg havde et helt simpelt password på det kamera? gys!

Jeg fandt ud af hvad det var der gjorde at detteher skete. Her er et skærmklip fra kabelmodemets konfiguration
A picture named M2

Som standard er dette kabelmodem sat op til at UPNP-enheder på samme netværk må kontrollere kabelmodemets opsætning, herunder port forwarding. The default setting for UPnP is enabled.
Så IP-kameraet tænder altså, leder efter en firewall med UPNP, og så piller det i opsætningen af firewallen gennem UPNP-protokollen og beder om at port 80-trafik skal styres hen til kameraet.

Det er to problemer i virkeligheden:
At kabelmodemet som standard tillader det.
At IP-kameraet gør det som standard.

Jeg kan godt se, at det er brugervenligt, men det er så sandelig også et kæmpe sikkerhedshul.


15-12-2015

Pushover notification with Icinga 2

Category Server monitoring
Here is the quick guide to making your Icinga 2 do notifications using the Pushover service.
Sorry for the brevity.

You need to create one file - notify_by_pushover2.sh in my example. Permissions on that file need to be like the existing files in the same folder. My script is based on what i learnt from the script found in Using Pushover to push Nagios notifications.

You need to edit four files: commands.conf, templates.conf, notifications.conf and users.conf. This is assuming the out of the box default configuration files are used.
The text that i show in my examples below is text that you should add to the existing configuration files, you should not replace the existing text in those files.

In my example notifications.conf i use some assign where that relate to mail. I am sure this could be done better.

Hope this will help you.
A picture named M2


/etc/icinga2/scripts/notify_by_pushover2.sh
#!/bin/sh

curl -F "token=$PUSHOVERTOKEN" \
-F "user=$PUSHOVERUSER" \
-F "title=$PUSHOVERTITLE" \
-F "message=$PUSHOVERMESSAGE" \
https://api.pushover.net/1/messages

exit 0

/etc/icinga2/conf.d/commands.conf
object NotificationCommand "pushover-host-notification" {
  import "plugin-notification-command"

  command = [ SysconfDir + "/icinga2/scripts/notify_by_pushover2.sh" ]

  env = {
        PUSHOVERUSER = "$user.vars.pushover_user$"
        PUSHOVERTOKEN = "$user.vars.pushover_token$"
        PUSHOVERTITLE = "Icinga Skanderborg"
        PUSHOVERMESSAGE = "$notification.type$ $host.display_name$ $host.state$ $icinga.long_date_time$"
  }
}

object NotificationCommand "pushover-service-notification" {
  import "plugin-notification-command"

  command = [ SysconfDir + "/icinga2/scripts/notify_by_pushover2.sh" ]

  env = {
        PUSHOVERUSER = "$user.vars.pushover_user$"
        PUSHOVERTOKEN = "$user.vars.pushover_token$"
        PUSHOVERTITLE = "Icinga"
        PUSHOVERMESSAGE = "$notification.type$ $host.display_name$ $service.display_name$ $service.state$ $icinga.long_date_time$"
  }
}

/etc/icinga2/conf.d/templates.conf
template Notification "pushover-host-notification" {
  command = "pushover-host-notification"

  states = [ Up, Down ]
  types = [ Problem, Acknowledgement, Recovery, Custom,
            FlappingStart, FlappingEnd,
            DowntimeStart, DowntimeEnd, DowntimeRemoved ]

  period = "24x7"
}

template Notification "pushover-service-notification" {
  command = "pushover-service-notification"

  states = [ OK, Warning, Critical, Unknown ]
  types = [ Problem, Acknowledgement, Recovery, Custom,
            FlappingStart, FlappingEnd,
            DowntimeStart, DowntimeEnd, DowntimeRemoved ]

  period = "24x7"
}

/etc/icinga2/conf.d/notifications.conf
apply Notification "pushover-icingaadmin" to Host {
  import "pushover-host-notification"

  user_groups = host.vars.notification.mail.groups
  users = host.vars.notification.mail.users

  assign where host.vars.notification.mail
  interval = 0 // disable re-notification
}


apply Notification "pushover-icingaadmin" to Service {
  import "pushover-service-notification"

  user_groups = host.vars.notification.mail.groups
  users = host.vars.notification.mail.users

  assign where host.vars.notification.mail
  interval = 0 // disable re-notification
}

/etc/icinga2/conf.d/users.conf
object User "icingaadmin" {
  import "generic-user"

  display_name = "Icinga 2 Admin"
  groups = [ "icingaadmins" ]

  email = "admin@bruntt.dk"
  vars.pushover_user = "YOUR PUSHOVER USER TOKEN HERE"
  vars.pushover_token = "YOUR PUSHOVER APPLICATION TOKEN HERE"

}

11-04-2015

Comment spam gør at jeg lukker for kommentarer når blogentries er ældre end 2 måneder

Category Blog Helbred
Jeg er træt af Comment spam, så jeg har slået låsning af kommentar-funktionen til. Så man kan kun kommentere på en blog-entry i de første to måneder.

Den eneste blog-entry jeg kunne tænke mig at holde kommenteringen åben på er den, hvor der er knapt 200 kommentarer: Status på Achilessenen 16 måneder efter at den sprang. Det er et stykke jeg skrev som en slags opsamling, 16 måneder efter at min Achillessene sprang. Det har været interessant at se, hvor mange forskellige historier der er dukket op med folks oplevelser. Lad mig sige det sådan, at der er godt nok et meget bredt spænd i hvordan sådan en forløb ser ud; forskellige behandlings-metoder, forskellige opfølgnings-kvaliteter efter hjemsendelse, forskellige komplikationer som folk oplever undervejs.
Kendetegnenede for folks kommentarer har været, at man undervejs føler en kæmpe usikkerhed: Hvordan har jeg det når forløbet er slut, hvor stor er risikoen for at senen springer igen både i starten og efter at forløbet er slut.

Translation

Solceller

geocaching

Profile for jbruntt

Jens vægt-o-meter

12/08-06: 96,9 kg
14/10-06: 90,1 kg
14/08-07: 94,3 kg
07/11-07: 88,9 kg
09/11-08: 96,3 kg
03/02-09: 93,6 kg
09/08-09: 96,7 kg
30/12-09: 89.6 kg
25/01-10: 88.9 kg
09/03-10: 87.3 kg
26/08-10: 84.2 kg
15/09-10: 84.8 kg
02/01-11: 86.1 kg
28/09-11: 85.9 kg
05/06-12: 85.8 kg
05/06-13: 84.9 kg

MiscLinks

Visitors