Fabian Franke

intentionally left blank

come on dovecot, shut up!

Sometimes it is calming to watch your server logs scroll by, mh, a wonky IP wants to ssh into my box, oh a new email is coming in, hehe no spammer, this email is going to be rejected.. But some log entries are just an annoyance. Oh, my email client is logging in again and out.. and in again. Let’s get rid of these. I use syslog-ng for all logging porposes so I will only focus on its configuration possibilities.

I have 3 main logfiles, boring cron output, all things mail and everything else.

1
2
3
destination mail { file("/var/log/mail.log"); };
destination cron { file("/var/log/cron.log"); };
destination messages { file("/var/log/messages"); };

Settings for dovecot dovecot login/logout messages:

1
2
filter f_imaplogin { program("dovecot") and (match("(imap-login:.*|.* Disconnected:.*)" value("MESSAGE"))) };
filter f_mail { facility(mail) and not filter(f_imaplogin); };

And as a second example of useless log entries I want to eradicate log entries by monit which tests if my sshd is still running in its every cycle.

1
2
filter f_monitssh { program("sshd") and message("Connection closed by 10.11.12.13") };
filter f_messages { not facility(mail,cron) and not filter(f_monitssh); };

As cron is fine and boring, no filtering here

1
filter f_cron { facility(cron); };

That’s basically it. Now the only thing left to do is telling syslog-ng where to put all these precious log entries.

1
2
3
log { source(src); filter(f_messages); destination(messages); };
log { source(src); filter(f_cron); destination(cron); };
log { source(src); filter(f_mail); destination(mail); };

Restart your syslog-ng and enjoy the silence.

Easy flattr integration for octopress

As you can see at the date below, this post is quite old, but was not published until now. Perhaps someone can still use it..

Today Manu spend about five minutes to hook me up on Octopress. After playing around with it for some time I did a quick search for some plugins. I couldn’t locate a flattr plugin so I had to fire up vim.

After trying to build a jekyll plugin at first, I think I found an easy solution when you want to include a flattr button on per post basis.

Let’s dive right in..

At first consult http://developers.flattr.net/button/ to get the flattr script loader in its freshest version and put it inside the custom head html file.

source/_includes/custom/head.html
1
2
3
4
5
6
7
8
9
10
11
12
13
<script type="text/javascript">
/* <![CDATA[ */
    (function() {
        var s = document.createElement('script'), t = document.getElementsByTagName('script')[0];

        s.type = 'text/javascript';
        s.async = true;
        s.src = 'http://api.flattr.com/js/0.6/load.js?mode=auto';

        t.parentNode.insertBefore(s, t);
    })();
/* ]]> */
</script>

Let’s use a simple option to activate a flattr button for a specific post.

The yaml head for this post
1
2
3
4
5
6
7
8
---
layout: post
title: "Easy flattr integration for octopress"
date: 2012-01-03 22:05
comments: true
categories: octopress, ruby, liquidtags, flattr
flattr: true
---

Now we need a query to check the flattr setting within each post and display it where applicable.

source/_layouts/post.html
1
2
3
4
5
6
7
8
9
10
11
...
<p class="meta">
      {% include post/author.html %}
      {% include post/date.html %}{% if updated %}{{ updated }}{% else %}{{ time }}{% endif %}
      {% include post/categories.html %}

      {% if page.flattr == true %}
      <div class="flattr" style="float: right; margin-top: -1.75em;"><a class="FlattrButton" style="display:none;" title="{{ @page.title }}" data-flattr-uid="{{ @site.flattr_user }}" data-flattr-button="{{ @site.flattr_button }}" data-flattr-tags="{{ @page.categories | join:',' }}" data-flattr-category="rest" data-flattr-lang="{{ @site.flattr_lang }}" href="{{ @site.url }}{{ @page.url }}"></a></div> 
      {% endif %}
</p>
...

I wanted the button on the right side of the meta section at the bottom of a post, so it would only show up when a single post is displayed.

Feel free to to find a different spot for the snippet, you just have to copy/paste the {% if page.flattr == true %}..{% endif %} block to any place you desire. If you want the button not aligned to the right delete style="float: right; margin-top: -1.75em" from the div tag. I have to admit the margin-top style is a crude hack..

Beware: This file could change with every octopress update. I havn’t found a suitable place for the code within the source/_includes/custom/ files for my needs. So, check after each update if the button code is still there.

Finally we need new settings:

_config.yml
1
2
3
4
5
...
# Flattr
flattr_user: your_flattr_username
flattr_lang: en_GB
flattr_button: compact

The three values should be pretty self-explanatory:

  • your Flattr Username
  • the language you are going to use for your posts (see flattr help for more information)
  • the style of the flattr button - at the time of writing you can choose between compact and default

When everything went well, the flattr button should show up with the next page generation on activated posts.

gem install and ssl errors

1
2
3
4
5
6
fabian@heartofgold $ gem install somecoolgem
ERROR:  Could not find a valid gem 'somecoolgem' (>= 0), here is why:
          Unable to download data from http://gems.rubyforge.org/ -
          SSL_connect returned=1 errno=0 state=SSLv3 read server
          certificate B: certificate verify failed
          (https://s3.amazonaws.com/production.s3.rubygems.org/latest_specs.4.8.gz)

Sounds common? There is a really easy solution in 3 steps:

  1. $ brew install curl-ca-bundle (if you don’t have Homebrew installed, then there is a surprise step)
  2. $ export SSL_CERT_FILE=/usr/local/opt/curl-ca-bundle/share/ca-bundle.crt
  3. put the last one somewhere inside your .zshrc/.bashrc

tmuxinator: Save tmux pane and window layouts

Tmux inside OS X Terimal with some panes

While using tmux daily makes your life easier and more colorful you have to admit that creating your default working environment sucks. At least if you use windows and panes. CTRL+V CTRL+H CTRL++ CTRL+- galore

Stop growing grey hair over it, Tmuxiantor is here to help you.

The installation is thanks to RubyGems easy as pie

tmuxinator installation
1
$ gem install tmuxinator

Now for some sample configuration,

create a new layout
1
$ tmuxinator new daily

will open your default $Editor with a sample config

daily.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# ~/.tmuxinator/daily.yml

name: daily
root: ~/

# Optional tmux socket
# socket_name: foo

# Runs before everything. Use it to start daemons etc.
# pre: sudo /etc/rc.d/mysqld start

# Runs in each window and pane before window/pane specific commands. Useful for setting up interpreter versions.
pre_window: rbenv shell 2.0.0-p247

# Pass command line options to tmux. Useful for specifying a different tmux.conf.
# tmux_options: -f ~/.tmux.mac.conf

# Change the command to call tmux.  This can be used by derivatives/wrappers like byobu.
# tmux_command: byobu

windows:
  - editor:
      layout: main-vertical
      panes:
        - vim
        - guard
  - server: bundle exec rails s
  - logs: tail -f logs/development.log

The first indentation create windows, the second sets options and panes. The interesting part is the layout options, either use the tmux default or use your own.

Sure you want your own, or? Open a shell and execute tmux list-windows or call it via the tmux prompt.

daily.yml
1
2
fabian@heartofgold ~ tmux list-windows
1: ~* (4 panes) [208x59] [layout 3682,208x59,0,0[208x29,0,0{95x29,0,0,0,112x29,96,0[112x22,96,0,1,112x6,96,23,2]},208x29,0,30,3]] @0 (active)

Copy the highlighted part from your output:

1: ~* (4 panes) [208x59] [layout 3682,208x59,0,0[208x29,0,0{95x29,0,0,0,112x29,96,0[112x22,96,0,1,112x6,96,23,2]},208x29,0,30,3]] @0 (active)

and use it as layout option in your tmuxinator config:

daily.yml
1
2
3
4
5
6
7
8
windows:
  - local:
      layout: 3682,208x59,0,0[208x29,0,0{95x29,0,0,0,112x29,96,0[112x22,96,0,1,112x6,96,23,2]},208x29,0,30,3]
      panes:
        - weechat
        - multitail /var/log/system.log
        - watch -n1 'ping -c1 hetzner.de | grep avg'
        - date

Before you start make sure to add the following lines to your tmux.conf or tmuxinator won’t be able to locate panes and windows and therefore not start any programs for you.

.tmux.conf
1
2
3
4
5
# start window numbering at 1
set -g base-index 1

# start pane numbering at 1
set -g pane-base-index 1

From now don’t start tmux directly, use $ tmuxinator daily or even shorter $ mux daily to load tmux and your saved layout.

Below another example, my octopress tmuxinator setup that I use right now to write this lines.

octopress.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# ~/.tmuxinator/octopress.yml

name: octopress
root: ~/octopress/

pre_window: rbenv shell 1.9.3-p194

windows:
  - editor:
      layout: eb15,156x49,0,0{80x49,0,0,11,75x49,81,0[75x36,81,0,12,75x12,81,37,13]}
      panes:
        - vim
        -
        - rake watch
          # no need for rake preview, since I use pow.cx

Update:

Thanks to Theodoros Ploumis for mentioning Teamocil. Unfortunately his comment has left this blog because of a stupid configuration error (Protip: Know and check your own discus shortnames..).

Public Keys für E-Mail Crypto

Auf /keys/ habe ich meine aktuellen S/Mime und GPG Keys abgelegt.

GPGTools für OS X ist nicht nur vor einer Weile schick, sondern auch einfach zu benutzen geworden. Ein neuer GPG Schlüssel lässt sich damit im GPG Schlüsselbund innerhalb von Sekunden oder 3 Mausklicks erstellen. Damit sollte E-Mail Kryptographie am Mac so bequem geworden sein das es fast keine Ausrede mehr gibt sie nicht zu verwenden.

Der Vorteil von S/Mime im Gegensatz zu GPG ist eine vorhandene Integration in der iOS Mail.app. Schlüssel hierfür gibt es zum Beispiel bei StartSSL.

Das GPG Plugin für Mail kommt allerdings auch prima damit zurecht wenn von beiden Arten Zertifikate vorhanden sind.

GPG Mail Plugin

OS X CoreStorage Volume - shrink and create new

Just a quick tip on how to shrink an existing CoreStore volume and create a new volume inside the free space. Since the gui Disk Utility won’t offer this feature you have to jump the shell again.

1
2
3
diskutil corestorage list
diskutil corestorage resizeVolume 953ED8ED-4373-4A2E-AA0B-747D3EEC1FDE 710G
diskutil corestorage createvolume 953ED8ED-4373-4A2E-AA0B-747D3EEC1FDE jhfs+ cleanOsInstall 45G

At first you have to grab the UUID of the volume that should be shrinked (in my case it is 953ED8ED-4373-4A2E-AA0B-747D3EEC1FDE).

Next step is the actual shrinking, 710G is the new target size. With another quick look at diskutil corestorage list you can verify how big the old volume is and how much space is availabe inside the logical volume family.

Next and final step, create the new Volume inside the LVF with a journaled HFS+ file system, named cleanOsInstall and 45G space.

Done.

BTW, make sure to have a backup of the whole drive ;)

changing a file vault 2 disk password

Changing the password of a file vault 2 protected disk is fairly easy:

At first fire up the terminal and execute diskutil corestorage info /Volume/DriveWhichNeedsaNewPassword

If you are key-stroke aware you can abbreviate corestorage with cs.

1
2
3
4
5
6
7
8
9
10
11
12
13
fabian@heartofgold ~ diskutil corestorage info /Volumes/Time\ Machine
Core Storage Properties:
   Role:                       Logical Volume (LV)
   UUID:                       111DA74D-EDC4-498B-AE2C-50E07ACAE7CA
   Parent LVF UUID:            34B66F83-1680-493E-AEDF-1409F51A898A
   Parent LVG UUID:            718CDEB9-01F1-4FFA-BB1B-FE1EE92F9881
   Device Identifier:          disk3
   LV Status:                  Online
   Conversion Status:          Complete
   Content Hint:               Apple_HFS
   LV Name:                    Time Machine
   Volume Name:                Time Machine
   LV Size:                    499445116928 B

Copy the UUID (in this case this would be 111DA74D-EDC4-498B-AE2C-50E07ACAE7CA) of the drive and run disktuil corestorage changeVolumePassPhrase theUUID. Enter the old password, then twice the new one and after a few seconds you are done

1
2
3
4
5
6
7
8
fabian@heartofgold ~ diskutil corestorage changeVolumePassphrase 111DA74D-EDC4-498B-AE2C-50E07ACAE7CA
Old passphrase:
New passphrase:
Repeat new passphrase:
Started CoreStorage operation
Logical Volume passphrase has been changed
Core Storage LV UUID: 111DA74D-EDC4-498B-AE2C-50E07ACAE7CA
Finished CoreStorage operation

SSH/SCP Connection stalled

1
somerandomfile.tbz2                         0%   256KB   3.1 KB/s   - stalled -

Note to myself: If you are trying to SCP a file and get greeted with a nerv-racking -stalled- after a few seconds, check your ~/.ssh/config for enabled compression. Disabling the compression did the trick for me after some rageful weeks.

If it still stalls, try disabling the ControlMaster options.

yet another alfred screenshot extension

Why another alfred screenshot extension?

Crawling the web for the right extension takes about the time to write a new one.

Why I wanted a screenshot solution that is not Skitch?

When using a custom server you have to click the share button, wait for the image to be uploaded and thereafter you have to click again to copy the URL. Two clicks too much, every time. (When using skitch’s own server the URL is copied to your clipboard automatically after the upload.)

My wish list was short:

  • select a window or an area of the screen
  • optional: give me some seconds after selecting the area to pull up some menus
  • optional: edit the screenshot before uploading
  • optional: no upload, but move the image to my octopress media folder
  • random filenames
  • auto upload
  • get the URL copied to the clipboard after finishing the upload

Copy the code from the gist, edit the local destination and server settings inside the configuration block after the comments and use the following Alfred.app (beware: Powerpack feature (You don’t own it yet? What are you waiting for, it’s awesome) settings or any other application starter of your desire.

The checked action checkbox means that you can trigger the extension from Alfred’s file navigation, pretty handy for uploading some existing local file.

(If you didn’t guess: After editing a screenshot, overwrite the original file to upload the edit.)

Grab the extension right here. Just double click to import it in your alfred installation, configure the paths and you are done.