Posted on

Portable Music Players & Linux

This article briefly describes some issues with managing portable music players on Linux, particularly the Apple Ipod Shuffle and the Sandisk Clip Jam (it's replacement).

Quod Libet

Quod Libet is absolutely zero help with managing portable music players (with a single exception, the generation of playlist.m3u files). This is a big regret since it has much of what I need in a music manager, including: - Low resource utilization - Relatively fast and stable when indexing large collections - Ability to edit metadata on individual and groups of files - Dark theme Therefore, I have to look outside of QL in order to manage portable music players.

Playlists in Quod Libet

Based on my workflow and media organization in Quod Libet, what I generally do for a playlist is clean up a set of albums/tracks from one or more artists and one or more albums, then create a playlist out of that. This generally means the complete contents of one or more albums organized under one or more artists. This allows me to use the Export as Playlist plugin which generates an *.m3u file with some pathing that needs to be cleaned up.

Sandisk Clip Jam Playlist Lament

My review of the Sandisk Clip Jam is a lament to SCJ Playlists: > Since playlists are important for portable media players, they should have a well-thought-out approach. Unfortunately this is not the case. One has to monkey about with .m3u files and actually edit them by hand. Sad and a bit nuts as well. > > Several issues: > > The namespace is effectively 7 characters, so don't have directories with playlists that might conflict on those first 7 characters. > > There are three "quick" playlists but no way to get them out of the way, so there is always "click, click, click" to get past them since they are the first three. I don't care to make playlists on the go, so please let me make these go away. > > .m3u file needs to have the full path of the location, e.g., Music/Joy Division/Peel Sessions/01 Exercise One.mp3 > > Unlike as stated in the documentation and forums, the music files do not need to be in the same directory as the playlist file, and they can be stacked all in Music with referenced directories and subdirectories underneath. > > CRLF for returns > > Obviously this is a nasty and brutish way of handling playlists, and so various scripting is needed to get things working without a huge amount of ongoing time being wasted. > > Also, the cheap and huge earbuds (unwearable in my medium-sized ears) are really a waste. No one really expects anything good to be bundled, so save the earth a little. > > Overall the device itself is pretty decent, except for the glaring problem noted above.

How to Create and Edit Sandisk Clip Jam *.m3u Playlists

The key is to use a media player/manager to generate the .m3u playlist, and then search/replace to change the paths in the files to match that of the Sandisk Clip Jam, which is generally Music/Artist/Album. Since my audio library has the very same structure, it is not difficult to copy entire albums and artists (with their albums) to the Sandik Clip Jam. As noted above, the playlists need to have the same Music/Artist/Album/Track structure. However, the playlists themselves can repose in the same Music directory. *Note: VLC can also perform the function of generating playlists, though my choice is Quod Libet, using the Export as Playlist plugin which generates an *.m3u file. After creating the playlists and editing them, copying wholesale the directory structure into Music completes the operation. Updates begin in Quod Libet and then a delete/recopy is necessary (akin to Ipod/Itunes operations)

GTKpod for Ipod Audio Management

[GTKpod](creating/editing playlists and ) is one of the last relatively decent and straightforward Ipod (only) managers. Capable of drag-and-drop audio and creating/editing playlists. Installation is available from the Gnome Software Manager and elsewhere.

Posted on

Managing Fonts in Debian

Microsoft Core Fonts Installer

Check to see if this is installed via apt-cache

sudo apt-cache search ttf-mscorefonts-installer

More Fonts with Installers

More fonts to install, if needed

ttf-liberation
fonts-liberation
ttf-uralic
fonts-uralic
ttf-root-installer
ttf-freefont
ttf-dustin
ttf-linux-libertine
fonts-linuxlibertine
fonts-dustin
ttf-staypuft

Copy Fonts to Directories

/usr/share/fonts
/usr/share/X11/fonts
/usr/local/share/fonts
~/.fonts

Note, better/easier to symlink to /usr/share/fonts/ if organized with a set of font directories. Example:

sudo ln -s /home/jeff/drive/github/code-128-font/fonts /usr/share/fonts/code-128-fonts

Rebuild the Font Cache

sudo fc-cache -fv

List all Installed and Cached Fonts

fc-list

Reconfigure Fonts

This may be needed to support bitmap fonts.

dpkg-reconfigure fontconfig-config
Posted on

Epub Editing Tools

Tools change over time, but it seems that in the Epub world we have more of the same. As of November 2018: - Calibre's Epub Editor is pretty nifty - Sigil development stalled, then picked up again - Pagina Epub Checker is still under development and useful - Pandoc with or without some kind of TeX, LaTeX, or XeLaTeX -- the last one is better for font support Things haven't really changed over the past X years, much. Certainly not since the 2017 note on Epub tools.

Some Pandoc Resources

Posted on

Kindle Paperwhite 4th Gen

I've used a Kindle since the Kindle Keyboard (3rd gen), and since then purchased and used the DX for a while (the much larger model). On 06 September 2012 the Kindle Paperwhite was released and I registered mine on 10 September. I broke that model within six months by wedging it in a bag that had too many objects in it, but Amazon sent out a replacement free-of-charge (which included free shipping, and I live outside the United States). Well folks, the first generation Paperwhite has served me well, and I did not feel a need for an upgrade, at the prices that were available for fancy versions like the Voyage and Oasis, or non-Kindle devices such as what Kobo offers. However, at this point, on the eve of the release of the fourth generation of the paperwhite, that has changed, and I intend to upgrade.

Specifications of First and Fourth Generation Paperwhite

Generation Dimensions Weight Lighting Screen Storage Bluetooth Audible Waterproof
First Gen 117 x 169 x 9.1 mm 213 grams 4 led 212 ppi 2gb no no
Fourth Gen 116 x 167 x 8.2 mm 182 grams 5 led 300 ppi 8/32gb yes IPX8

Reasons to Upgrade

At 12% smaller (mainly due to thinness) and 15% lighter, less is more, and this is a significant motivator to upgrade. Storage is not an issue for me, and 8gb will be fine. The increased quality of the lighting 5 vs. 4 led) and screen resolution (300ppi vs. 212ppi) are nice, but not essential. Bluetooth audible is ok. I don't use audible now but might later. I certainly would not upgrade for that feature. The waterproof quality, combined with dimensions/weight and screen, is what puts this over the edge in terms of a desire to upgrade.

Open Source, Open Content

While I do use a Kindle, most of my content I have in PDF and Epub formats. PDF is not very readable on the Kindle and I rarely do it. However, Epubs are easy to convert using Calibre, an open source, cross platform library and ebook management tool. The DeDRM toolkit is very useful for stripping out the nasty DRM that comes with Kindle ebooks. I prefer unlocked files as my main library repository. Also, many ebooks are available at a variety of locations including Library Genesis, a resource of unparalleled breadth and depth. I prefer to use the Kindle device due to its quality hardware, and ease of access of their ebook offerings (I do regularly purchase content from Amazon). The DRM they use I simply work-around/ignore. In the past I've rooted both the Kindle Keyboard (3rd Gen), Kindle DX, and Kindle Paperwhite, though my current version is using stock Kindle software on the device. I'm not irrevocably mated to Kindle and Amazon, but it is my current preferred platform.

Posted on

Octavo Touch-Type Form Factor

In this post I outline what I would consider a compelling form factor, one which existed for a while, but which may be is returning for certain niche uses.

Usability and Useful Form Factors

While the term notebook has been taken over to mean a laptop computer that is much larger on average than a standard physical lined-paper notebook, that in my experience is best sized as Duodecimo or 12mo. With a size of 4.75-5" x 7.25-7.5". I consider this one of the handiest form factors for books. However, dealing with a computing device with a touch-typable keyboard (less than 100% in size, but still able to achieve 80-wpm typing with less than 5% error rates (above standard practice), one needs a different size: Octavo. Technically this could be 7"-10" in length and 4.5"-6" in width.

Handheld PCs - Mobilepro - Jornada - Viao P

The various form factors of H/PCs from the late 1990s through the 2000s ranged from the diminuative HP Jornada to the quite similar NEC Mobilepro and Sony Viao P: - 7.4"-9.7" length - 3.7"-5.2" width - 0.8"-1.3" thickness - 6.5"-8.1" screen diagonal - 510g-770g weight The 9.6" x 4.7" x 0.8" (24 x 12 x 2 cm) and 500g (or lighter) is possibly the best form factor, with 88% standard keyboard it supports full touch-typing. The NEC Mobilepro has 79% sized keyboard, which is certainly adequate for small to medium-sized fingers of an adult male. For the purposes of touch-typing, the Jornada is likely too small for a majority of touch typists. However, it is likely possible to do a clever keyboard layout that still supports touch-typing, and get the length somewhere around 8.5", shaving off an inch or so, while keeping the same screen dimensions (if desired).

Screen Sizing and Usability

The screen of the Viao P is 1,600 x 768 in 7.99" which is ~222 ppi. Even when having a slightly smaller form factor, it should be possible to get close to a 9" screen, which would go a long way to making for a much more usable device. The Viao P is a nearly 2:1 aspect ratio. In landscape mode, this maked for cramped reading. However, in portrait mode, this is much more usable in terms of reading for documents and websites. The question is, at what size does reading standard websites become possible? The 768 pixel height is too small for most websites, which do not appear able to handle such widths, and devices with this are trapped in a no-man's land of almost, but not quite, mobile. Resizing web pages can reduce general legibility.

What is Not Needed in an Octavo Device

Generally there are several misgivings regarding an Octavo-class device, as we are calling this design thought experiment. These are things that such a device does poorly, at best, including: - Webcam (actually, this might be very useful, esp. to replace the handheld) - Speakers (moderately adequate are good enough) - Trackpad / Pointing devices (touchscreen covers it) For the first four items, simply dispense with them. There is no need for a webcam, speakers, a trackpad, pointing devices, and the like.

Ports Aplenty

Include the following: - Headphone Jack - MicroSD Card Slot - 2 x USB C for power, HDMI out, etc. Bluetooth and WIFI as necessary evils, but support decent USB C dongles that can include HDMI, additional USB, RJ45, for docking purposes.

ChromeOS to the Rescue - Or Not

The one major issue regarding such small devices are the poorly designed and bloated operating systems that go on these. Focus on the streamlined, secure, and regularly updated ChromeOS, including support for Android and Linux apps. This seems way more appropriate than a version of Windows, which is unfortunately the standard. ChromeOS can deal with Battery Life much better than other general purpose operating systems. In addition, Debian is a better option if the distribution supports the various hardware components/drivers. That said, Windows 10 is the go-to OS for full-featured laptops and netbooks. Debian is generally possible on most standard platforms.

Flip/Convertable Chromebook

Having a flip/hinge mechanism and of course touchscreen support means that the 9" screen is a small tablet form factor as well as a touch-type keyboard device.

E-ink & Ebook Reading

A final improvement on the back of this device would be an E-ink display, and especially the ability to read ebooks.

Convergence and Device Unity

Currently, I bring my 200g Kindle Paperwhite to read. It isn't too far to be able to integrate what is effectively a Kindle, a Tablet, and a Keyboard.

Tablets Advantages and Disadvantages

To be honest, many tablets are very close to what is desired (not including e-ink) as bluetooth keyboards can be added to things like the Huawai Mediapad M5 (which is an 8" screen in 300g), or the cheaper, heavier Lenovo Tab 4. The Huawai comes in at 8.4"x4.9"x0.3" and has a 2560 x 1600 screen. A great form factor and with accessories such as bluetooth keyboards and cases, this is already mostly a viable computing platform.

PDA, Palmtop, UMPC - 2018

While this was originally published in August, 2018 it turns out that there are three brands producing models that more-or-less meet/match these specifications and needs. These are more recently being referred to as PDAs (Personal Digital Assistants), Palmtops, and/or UMPC (Ultra-Mobile Personal Computers). Whatever the computer niche, they are a welcome return of this form factor. These are: Planet Gemini, GPD Pocket, and One Mix Yoga, and most recently the Topjoy Falcon.

Planet Gemini

First or rather most recently there is the Planet Gemini -- the name refers to twin OS support: Android and Linux (which is to say, Linux and Linux) -- which is specifically attempting to recreate the Psion (and indeed has a designer who was involved in it). This is the smaller of the three, with only a 6" screen, and weighting 320 grams. Also, it is the only one which is in its first generation / initial release.

GPD Pocket, GPD Pocket 2

The GPD Pocket 2 is on presale as of October, 2018.

One Mix Yoga, One Mix 2 Yoga

By the company One Computer is a smashup of model names one, mix (at least not miix) and yoga. Still, this is the larger of the three brands, weighing in at 515 grams. It is an upgraded processor at 1ghz core-m Kaby Lake, with 256gb PCIe. A solid offering.

Topjoy Falcon

Topjoy Falcon is the most recent netbook launched on Kickstarter in October, 2018.

Overview of Current PDA/UMPC/Palmtops

Model | Weight | Screen | Dimensions | Processor | Ram | Storage | Camera | 4g | 2-in-1 | SD-Card | Price -------------- | ------ | ------------------ | ---------------- | ------------------ | --- | ----------- | ------ | --- | ------ | ------- | ----- Planet Gemini | 320g | 6" 2160x1080 18:9 | 17 x 8 x 1.5 cm | MediaTek 6797T | 4gb | 64gb eMMC | Front | yes | no | yes | $599* GPD Pocket 2 | 467g | 7" 1920x1200 16:10 | 18 x 11 x 1.5 cm | intel Core M-5Y10 | 8gb | 128gb eMMC | none | no | no | no | $699* One Mix 2 Yoga | 515g | 7" 1920x1200 16:10 | 18 x 11 x 1.7 cm | intel Core M3-7Y30 | 8gb | 256gb PCIe | none | no | yes | yes | $649** Topjoy Falcon } 650g | 8" 1920x1200 16:10 | 20 x 13 x 2.0 cm | intel Silver N5000 | 8gb | 128/256 SSD | none | no | yes | no | $499* *Prices are current/sale prices at Geekbuying or Direct/Kickstarter/Indiegogo **Note also the One Mix Yoga at $449

Other Form Factors

While Octavo is first and foremost a smallest functional full keyboard, there are other options that are interesting (and moreso than a wrist watch), such as Runcible.

Posted on

LMDE3 Cinnamon Modifications

Here are some ways of getting things tweaked. Your mileage may vary.

Mint-Y-Dark

This theme has some hardcoded colors in PNG files. Grayscale them with ImageMagick, as follows:

for file in /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/*.png; do convert "$file" -colorspace Gray "$file"; done
for file in /usr/share/themes/Mint-Y-Dark/gtk-3.0/assets/*.png; do convert "$file" -colorspace Gray "$file"; done

Edit the /usr/share/themes/Mint-Y-Dark/gtk-2.0/gtkrc file for color. Replace #8fa876 with #993333 for a nice red to go with Mint-X-Red Icons. I prefer scrollbars with 15px width. Edit the /usr/share/themes/Mint-Y-Dark/gtk-3.0/gtk.css file for color and scrollbar width. Replace #8fa876 with #993333 for a nice red to go with Mint-X-Red Icons. I prefer scrollbars with 15px width. Double the size of the following .png files in /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/ - slider-vert.png - slider-vert-active.png - slider-vert-insens.png - slider-vert-prelight.png - trough-vertical-active.png - trough-vertical.png

convert /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert.png -resize 200% /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert.png
convert /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert-active.png -resize 200% /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert-active.png
convert /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert-insens.png -resize 200% /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert-insens.png
convert /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert-prelight.png -resize 200% /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/slider-vert-prelight.png
convert /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/trough-vertical-active.png -resize 200% /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/trough-vertical-active.png
convert /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/trough-vertical.png -resize 200% /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets/trough-vertical.png

Cinnamon Theme

Unfortunately there are also lots of .svg files in /usr/share/themes/Mint-Y-Dark/cinnamon/ (both in subdirectories of /common-assets/ and /dark-assets/) with colors also hard-coded into them (bizarre, to say the least). These cannot be handled with ImageMagic convert, but rather either need to go through a process of conversion, grascaling, then converting back into .svg format (such as with Autotrace), or some other tool which can directly deal with color inside .svg files. Edit the /usr/share/themes/Mint-Y-Dark/cinnamon/cinnamon.css file for color and scrollbar width. Replace #8fa876 with #993333 for a nice red to go with Mint-X-Red Icons.

Atom Application Scrollbars

Atom does not inherit these gtk configuration/theme settings and needs its Atom Scrollbars to be Configured Manually.

Posted on

Scrollbars in Atom, Firefox, Cinnamon

Scrollbar usability is shoddy and slipping across wide swaths of the web and software in general. Of course I am getting older, which means this is more and more of an annoyance. We know already, and for some time, how to do scrollbar usability and accessibility. Putting aside voice commands, just the bare minimum of finger and mouse pointer usability seems to hard for so many projects, and for so long. - Jakob Nielsen on Scrollbar Usability

Modifying Scrollbars in Atom Editor

Atom Editor requires several CSS overrides to get scrollbars modified.

Modifying / Customizing Scrollbars in Firefox

[Firefox has been without -webkit scrollbar functionality for the last 5 months, no wait, for the last 9 years... no wait, for the last 18 years. The work-arounds for this situation are a PITA. The only way to really deal with this is at the operating system level.

Modifying / Customizing Scrollbars in Linux Mint (and other Gtk windowing environments)

Editing Gtk themes for Linux Mint and other distributions takes a lot of effort of digging around. In many cases the CSS is imported in binary format for Adwaita, the Gtk3 base theme, and override ~/.config/gtk-3.0/gtk.css file doesn't work. While for Mate and Gnome there are tools, there is no tool to edit the scrollbar in Cinnamon. So, besides the gtk-2.0 and gtk-3.0 various files, there are the .svg files for things like the scrollbar, which are hidden in a gtk-2.0 subdirectory, for example: - /usr/share/themes/Mint-Y-Dark/gtk-2.0/assets in .png file format or is that - /usr/share/themes/Mint-X/gtk-2.0/images/scroll in .svg file format It is all a quandry and the Linux Mint folks really need to be a bit better organized, no matter how disorganized their upstream Gtk cousins may be. Suffice it to say there are many different files, and different file syntaxes at work here. Some examples: - Gnome Developer gtkscrollbar - Linux Questions: How to enable scrollbar arrow? - Question about GtkScrollbar Class in Custom Theme - Cinnamon issues - scrollbar configuration in Sys Wrestling with these issues, I've been able to get some things working (e.g., arrows) and others not (e.g., widths), at various times, depending on the base theme that is enabled and edited. That said, I've still been unable to get the Nemo scrollbar to stop disappearing when not hovered/clicked/being scrolled. This is simply pathetic usability and accessibility. Don't hide important navigation elements. If scrolling is not possible (e.g., all content is viewed on a screen, and there is no part to scroll to) then by all means hide/remove the scrollbar. But when I am viewing a directory structure with more rows of files yet to see, hiding the scrollbar removes important information from the display.

Posted on

OpenVPN on Debian

OpenVPN on Debian is the second step in securing an operating system. Below we include ufw firewall installation and configuration as well.

Related Artices in Debian Services and Applications - Debian on AWS Lightsail - OpenVPN on Debian + UFW Firewall - Nginx and Letsencrypt on Debian - PHP & MariaDB on Debian

- Grav CMS on Debian

Note: install and configure ufw prior to openvpn installation and configuration

apt-get install ufw
sudo ufw allow http
sudo ufw allow https
sudo ufw allow 1194/udp
sudo ufw allow ssh
sudo ufw status
sudo ufw enable
sudo service ufw restart

; set the default to DROP Edit the ufw config file

nano /etc/default/ufw
  • Change line from DROP to: DEFAULT_FORWARD_POLICY="ACCEPT"
  • Save Edit the before.rules
nano /etc/ufw/before.rules

Add the START OPENVPN RULES as follows:

#
# rules.before
#
# Rules that should be run before the ufw command line added rules. Custom
# rules should be added to one of these chains:
#   ufw-before-input
#   ufw-before-output
#   ufw-before-forward
#
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.10.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
# Don't delete these required lines, otherwise there will be errors
*filter

Save file Enable UFW

ufw enable

Check status

ufw status

Next install and configure the OpenVPN Server

Note: do this as root as it may not work otherwise, even with sudo

sudo apt-get install -y openvpn easy-rsa
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz > /etc/openvpn/server.conf
nano /etc/openvpn/server.conf
  • uncomment push "redirect-gateway def1 bypass-dhcp"
  • uncomment/modify push "dhcp-option DNS 84.200.69.80"
  • uncomment/modify push "dhcp-option DNS 84.200.70.40"
  • uncomment user nobody
  • uncomment group nogroup Save file. Note at some point the file should look like this:
port 1194
proto udp
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
reneg-sec 0
ca ca.crt
cert fir.crt
key fir.key  # This file should be kept secret
dh dh2048.pem
server 10.10.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher AES-256-CBC   # AES 256
;cipher DES-EDE3-CBC  # Triple-DES
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 0

Next, enable forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

Enable forwarding again:

nano /etc/sysctl.conf

Uncomment net.ipv4.ip_forward=1

Next Configure and Build Certificates

Copy scripts and templates as follows:

cp -r /usr/share/easy-rsa/ /etc/openvpn
mkdir /etc/openvpn/easy-rsa/keys
nano /etc/openvpn/easy-rsa/vars
  • Change export KEY_ variables (there are six of them) to match the organization
  • Change the export KEY_NAME="EasyRSA" to your servername
  • Change the line export KEY_CONFIG=$EASY_RSA/whichopensslcnf $EASY_RSAtoexport KEY_CONFIG=/etc/openvpn/easy-rsa/openssl-1.0.0.cnf`
  • Save and exit Next, generate the dh parameters
openssl dhparam -out /etc/openvpn/dh2048.pem 2048

Next, clean up and build the ca, as follows:

cd /etc/openvpn/easy-rsa
chmod 0755 *
source ./vars
./clean-all
./build-ca

Generate Certificate and Key for the Server

Note: servername is your servername

./build-key-server servername

Note it will ask you to hit enter to accept variables multiple times, do that, and any additional questions just use enter. When it asks to sigh the cert and commit the cert, use y and y. Next, move the certs/keys, but make sure to change the servername as above:

cp /etc/openvpn/easy-rsa/keys/{servername.crt,servername.key,ca.crt} /etc/openvpn

Verify files were copied:

ls -la /etc/openvpn

Start the service and check status:

service openvpn start
service openvpn status

Make sure you see Active: active (exited) since...

Generate Client Certs

Note that clientname is the client name, but in reality it is actually for the servername, so you know what/where you will connect to. The main point is to rename the clientname.ovpn file to servername.ovpn after it has concatenated and moved to the client. Note: can use one client cert for everyone as long as the following line is added to the server.conf file: duplicate-cn

cd /etc/openvpn/easy-rsa
./build-key clientname

Next, copy and rename the client.conf to clientname.ovpn

cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn/easy-rsa/keys/clientname.ovpn

Edit the .ovpn file:

nano /etc/openvpn/easy-rsa/keys/clientname.ovpn

Should be something like:


-----BEGIN CERTIFICATE----- -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- -----END PRIVATE KEY----- key-direction 1 client dev tun remote 1.2.3.4 1194 udp resolv-retry infinite nobind tun-mtu 1500 user nobody group nogroup persist-key persist-tun pull tls-client push "redirect-gateway def1" mssfix 1450 tun-mtu-extra 32 reneg-sec 0 ;ca ca.crt ;cert client.crt ;key client.key ns-cert-type server comp-lzo verb 3

Note that the concatenated (unified) OpenVPN profile includes the ca, cert, and key. This can be done as follows (fix the below, it puts stuff at the end, not begining:

echo '' >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
cat /etc/openvpn/ca.crt >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
echo '' >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
echo '' >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
cat /etc/openvpn/easy-rsa/keys/clientname.crt >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
echo '' >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
echo '' >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
cat /etc/openvpn/easy-rsa/keys/clientname.key >> /etc/openvpn/easy-rsa/keys/clientname.ovpn
echo '' >> /etc/openvpn/easy-rsa/keys/clientname.ovpn

One can scp the file from server to client with the following command from the client:

scp -i /home/usr/drive/.ssh/servername.pem admin@servername:etc/openvpn/easy-rsa/keys/clientname.ovpn /home/usr/drive/.ssh/clientname.ovpn

Change names of drives and users as applicable.

Posted on

Debian on AWS Lightsail

This is a setup of several items, starting with Debian 9 on Amazon AWS Lightsail. This has server basics and apt, and then follows with links to additional articles. In general, after several years of running CentOS on Linode, and then Amazon Linux AMI on EC2 and Lightsail, I find that Debian 9 is simply faster, just as secure, and at least slightly easier to use. While there are many flavors of linux, clearly two particular lineages predominate: RHEL/CentOS/AMI and Debian/Ubuntu/Mint. Either are just as valid, though of course niche requirements may make one or the other more attractive. Android and ChromeOS are even more popular, but we are dealing with server OS here. For me, Debian on the desktop via LMDE3 (Linux Mint Debian Edition) is currently a favorite.

AWS Lightsail is a decently priced VPS package. Equivalents can be found in various first and second tier cloud providers such as Digital Ocean, Vultr, Linode, and perhaps even Azure and Google Cloud, who knows? Anyone with any experience with AWS can leverage this with Lightsail, though the main web interface is a bit different.

Related Artices in Debian Services and Applications - Debian on AWS Lightsail - OpenVPN on Debian + UFW Firewall - Nginx and Letsencrypt on Debian - PHP & MariaDB on Debian

- Grav CMS on Debian

Choose Debian Distribution

On Lightsail as of late 2018 Debian 9.5 is an option. - Install PHP from special repository sources (found in the Running PHP on Debian article) - Install special packages from Backports when needed (such as certbot) - Use apt install PACKAGE -y -t stretch-backports Example:

sudo apt install -y python-certbot-nginx -t stretch-backports

Packages available from Distributions

Update Debian

sudo apt update -y
sudo apt update -y -t stretch-backports update

Upgrade Debian

Do some checks and then execute upgrade and dist-upgrade: Note: accept the locally modified files for upgrading when asked.

sudo apt upgrade -y
sudo apt upgrade -y -t stretch-backports

Note: can have system service restarts be done automatically, when asked.

Upgrade Debian Distribution

This will change from one release to the next if there is a next one for the version being run (e.g., stable).

sudo apt dist-upgrade -y

Next, run the command to reload the terminal session:

hash -r

Steps in Configuration

Server Basics Steps

  • Configure servername, ip addresses
  • Apt, Configure repositories, Update, Upgrade, Clean, etc.

Servername, IP Addresses

For private IP Addresses

ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

For a public IP address (esp. Amazon AWS Elastic IP)

curl -4 icanhazip.com

Apt Sources List

ls -la /etc/apt

and see what is in subdirectories

Installed packages

dpkg-query -l

apt-get commands

Note, this is largely obsolete with the apt command set -- need to UPDATE this section below

apt-get clean
apt-get autoclean
apt-get dist-upgrade
apt-get clean
apt-get check
apt-get autoremove
  • autoclean deletes .deb files from local cache
  • clean deletes .deb files from distribution installation
  • autoremove removes previous, but no longer needed dependencies
  • dist-upgrade deals with dependencies, not just applications, and will add/remove/upgrade them
  • apt-get check will check for dependencies missing note: difference between apt-get remove xyz vs. apt-get purge xyz, as the first preserves configuration files (for possible later use)

Completely Remove Packages

sudo apt-get --purge remove package-name
Posted on

IPA Keyboard Layout

Well, it turns out, there is no such thing, per se, as an IPA Keyboard Layout, at least not in the sense that there are keyboard layouts for various languages and layout styles (e.g., English, Dvorak, etc.). This seems to me to be a tremendous oversight, though it obviously came about because someone thought supporting the entire Unicode space for the IPA was a great idea, and the only idea. There are two things needed to have an IPA Keyboard Layout that would be functional for someone working in one or a few select languages: - A Keyboard Layout File, such as discussed here for X11 support (Linux) - One or more fonts that provide the support needed -- which includes a wide variety of unicode symbols plus the specific ipa unicode extension block. And preferrably fonts with multi-lingual support so that a mixture of IPA and one or more languages would by typographically elegant, or at least not jarringly unaesthetic.

IPA Character Support for a Given Language

The first step is to get a useful/functional/popular mapping of a language to IPA characters. For a language with diverse dialects, some standard form needs to be determined. Along with this is the likelihood of supporting two languages. For example, if the target language is Thai, the supporting/documenting language is likely English or another foreign language. Both Thai and English IPA character spaces need to be determined, and together they should map out the shared space, in a Venn-like diagram.

Determine Key Mapping Desired for Charcter Space

A simplistic approach would be taking the 26 characters in English and mapping those keys (lowercase and uppercase) to obvious matches, and expanding into punctuation keys as needed. Requirements for dead keys and multi-keystrokes in general might be avoidable. The main approach should be to reuse as much of the current set of wheels available rather than re-inventing one's own.

Build Keycap File and Print Keycaps

It seems straightforward to have keycaps that would support two languages and IPA. This would provide a nice intermediary, additional script which could support both of the other two languages. For some languages which maintain a large portion of the alphabetic character space in English, a third (fourth) script might be able to be acommodated, such as: English, IPA, Thai, and Vietnamese; perhaps even English, Indonesia, IPA, Thai, and Vietnamese.