“I’ve had threats since Ali G and in my experience publicising them only does one thing: lead to more threats. We are in a very violent time. If you’re protesting against racism, you’re going to upset some racists.”
Wer in die Atacama-Wüste schaut, marktwirtschaftlich rechnet und sich die Strukturen mal unemotional anschaut, weiß dass weder Elektromobilität noch andere Verbrennungsmotoren wie H2-Verbrenner nicht die Zukunft sind. Die eignen sich gut, um das veraltete (Geschäfts)Modell des ubiquitären Individualverkehrs leisten können. Aber das hat leider keine Zukunft mehr, spätestens wenn man da auch das Verursacherprinzip anwendet. Marktwirtschaft halt, ganz sauber und eiskalt kalkuliert, volkswirtschaftlich.
Uberspace is one of the lesser known free hosters around. With the claim “Hosting on Steroids” they offer free-of-charge hosting for everybody – for a month. They have extremely extensive documentation in their wiki, but Owncloud oCIS wasn’t documented there. And since tools like that require some configuration specific to uberspace, here’s a little howto get it started.
Go to the “Ubernauten” website and register. The first month is for free, the 5 Euro product is enough for testing and running your first oCIS setup. I enter my e-mail-address, my favorite subdomain name (ocis for this blogpost) and confirmed. That’s it, ready to go. Please note the fqdn name of the server the Ubernauten give you, in my case it is hamal.uberspace.de.
You can now try to login via SSH, but that will fail because you haven’t set a password or a SSH-Key.:
The authenticity of host ‘hamal.uberspace.de (18.104.22.168)’ can’t be established.
ED25519 key fingerprint is SHA256:LGidXSzKaOcgBJWPtGEd049A5CDXIUIeqTz3IU/tU2I.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘hamal.uberspace.de,22.214.171.124’ (ED25519) to the list of known hosts.
Password and SSH Key can be entered here (also linked from your datasheet). As you can see in the screen shot, OpenID is also an option. For security, you should use either SSH-Key or Open ID, not the password option. Upload your key, and login again:
# ~/.ssh> ssh email@example.com
Last failed login: Sun Feb 7 19:30:15 CET 2021 from 126.96.36.199 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sun Feb 7 19:15:09 2021
Welcome to Uberspace 7!
Current version: 188.8.131.52
Watch out for changes at: https://manual.uberspace.de/en/changelog.html
Follow us on Twitter for updates: https://twitter.com/ubernauten
Is something unclear or does not work as expected?
=> check the server status: https://is.uberspace.online
=> reach out to our team: firstname.lastname@example.org
Now it’s time to download ocis (via curl):
[ocis@hamal ~]$ curl https://download.owncloud.com/ocis/ocis/1.1.0/ocis-1.1.0-linux-amd64 –output ocis
[ocis@hamal ~]$ chmod +x ocis
Okay, time to start oCIS with ./ocis server, says Owncloud’s manual. But not on Uberspace – where we find some “special” conditions:
- You don’t have root access
- A firewall blocks all ports other than 80,21,22,443 and maybe some more that webdevs need
- oCIS needs port 9200 to be accessible.
NginX to the rescue! Uberspace provides a proxy server that may reroute incoming requests to your local port 9200 – which is where oCIS is listening. So unless we have configured this proxy, the blank Ubernauten default html screen will be visible on ocis.uber.space. Thank God it’s all well documented in the Uberspace Manual, so here’s the steps needed for that:
uberspace web backend set / –http –port 9200
… which configures nginX to forward all requests to port 9200 of the local machine. The command
uberspace web backend list
/ http:9200 => NOT OK, no service
lets you check the success of the command before. Since there’s no local service running to answer, it’s NOT OK, but configuring the port 9200 to be redirected to our little ubenauten server has worked. Before we set up oCIS, we need some environment variables to be set aka exported:
[ocis@hamal ~]$ export OCIS_URL=https://ocis.uber.space
[ocis@hamal ~]$ export PROXY_TLS=false
[ocis@hamal ~]$ export PROXY_HTTP_ADDR=0.0.0.0:9200
[ocis@hamal ~]$ export PROXY_LOG_LEVEL=debug
[ocis@hamal ~]$ export THUMBNAILS_WEBDAVSOURCEBASE_URL=http://localhost:9200/remote.php/webdav/
[ocis@hamal ~]$ ./ocis server
With these lines you have told oCIS to listen to the desired URL, communicate through HTTP with the proxy and which adress to listen on. We set the log level to debug, be sure to unset that once your system is up and running. The last export is a variable that the current oCIS version needed in order to display previews for image files correctly (thumbnails). The command in the last line finally starts oCIS, you will see the following login window:
If you want to login, use the default users as mentioned on the owncloud documentation: Usage
Login to ownCloud Web
Open https://localhost:9200 and login using one of the demo accounts:
richard:superfluidityThere are admin demo accounts:
As a test, you can now drag and drop files into oCIS. That’s it.
During the next days, I will try to get this article into the official Uberspace documentation on github, but that is hard, because it takes quite some time to follow their requirements, and there’s a lengthy style guide for contributors that does not make sense to learn for one-time-committers. It’s fine though for internal work of an editorial team, I guess.
I don’t know if others need that too, but it seems just naturally to post this tiny little piece of bash which is our Nextcloud backup script. And I am perfectly aware that this is SME style, not big iron. 🙂 And if you don’t like Databases or PHP, have a look at Owncloud Infinite Scale.
These two products have been targeting more and more diverging directions since their fork: Owncloud adresses large scale, scalable datacenter customers (like CERN) and promises 10 times faster speed than their own PHP solution, but Nextcloud is carving out market share from MS365 customers with gazillions of apps in their app store and a large PHP community – with all benefits and downsides. Raise your hand if you never had to deactivate some community app to make an update work! 🙂
Important: your MariaDB-Passwort will be in this file, I didn’t spend much time into investigating workarounds, but a chmod 700 of this file (read-write-execute) for root only seems appropriate. The DB is not listening on anything else but localhost, thus I am ready to accept this. If there’s a simple solution I missed, answer on Twitter or drop me a PM/Mail/Matrix message.
The Backup Script
As you can see I am backing up to a separate volume. I have file servers in several locations that fetch their backups (the tar files) from there. I don’t want the root fs run full, thus I don’t do a backup if /backup is not mounted. Alerting is done elsewhere. 🙂 On other systems, I mount the backup drive during such a script’s run. If you’re (like me) a seasoned but unexperienced Bash starter, add some “sleep 30” between the lines to see what’s happening and to easily break the script’s run. And you may or may not want the option –delete for rsync – your mileage may vary – and sorry for wordpress changing dashes and hyphens (Remember “Non-hyphenated is an example of a hyphenated word”).
# Backing up Nextcloud Server
# Database Root password is in here, so chmod 700 this file!
if grep -qs ‘/backup ‘ /proc/mounts; then
echo“Backup disk is mounted. Proceeding with backup from $DIR/.“
echo“Entering nextcloud directory“
echo“Putting NC into maintenance mode“
sudo -u www-data php occ maintenance:mode –on
echo“Backing up folders and config with Rsync:“
# sleep 30
/usr/bin/nice -18 /usr/bin/rsync -Aavz –delete $DIR/ $BACKUPDIR/
echo“Backing up MySQL data base ‘nextcloud’ :“
mysqldump –single-transaction -h localhost -u root -p$DBPASS nextcloud > $BACKUPDIR/nextcloud-sqlbkp_`date +“%Y%m%d“`.bak
sudo -u www-data php occ maintenance:mode –off
/usr/bin/nice -18 /bin/tar -czf $BACKUPTAR $BACKUPDIR
echo“Sorry, Backup disk is not mounted, quitting. CU again tomorrow.“
I have two aliases on my NC servers:
alias ncd=’cd /var/www/nextcloud’
alias occf=’sudo -u www-data php ./occ’
With these I don’t need to bother about different document root directories (Debian/Ubuntu/Suse) nor remember the sudo… syntax (yes, I’m old) :-).
That proves helpful to do a lot of occ commands, like cleaning up the hard way:
occf trashbin:cleanup –all-users
occf versions:cleanup –all-users
clean up all trashbins and remove all old versions of files (yes ALL!).
If you don’t want Nextcloud to slowly fill up your hard drive / storage, add this to the config.php file:
‘trashbin_retention_obligation’ => ‘auto’,
‘versions_retention_obligation’ => 60, ‘auto’,
These two options will make Nextcloud store only files that are younger than 30 in the trashbin and versions of files no longer than 60 days.
“In a recent update, the Raspberry Pi OS installed a Microsoft apt repository on all machines running Raspberry Pi OS without the person’s or admin’s knowledge. Every time a Raspbian device is updated by having this repo, it will ping a Microsoft server. Microsoft telemetry has a bad reputation in the Linux community. Let us see why and how this matters to Linux users.”
Dislaimer: Haven’t checked this yet, I can hardly imagine…
This is help for homeless people in Sacramento, CA, who are living in a car and have a job during daytime. During the current cold snow weather. There’s so many of them that the authorities had to prepare a shelter… Mind the colors.
I recently had to decrypt a PGP/S-MIME encrypted mail. It’s been a long time since I was confronted with that format, and KDE’s Kontact does not seem to support this out of the box– actually only Thunderbird seems to do, and that’s not on my machines. Here’s what I did.
This Mail came in.
With the right PGP-Key I could decrypt it:
Upsii… there’s another encrypted file in there, exactly as the standard RFC from 2001 defines – this way even attachments are hidden from those that don’t have the private PGP key.
Since KDE’s crypto engine couldn’t help, and Thunderbird is not configured on my machines, I went to the command line. I saved the attachment “encrypted.asc” and ran the command “gpg –output uncrypted.asc –decrypt encrypted.asc“:
mfeilner@alquarismi:~/Downloads> gpg –output uncrypted.asc –decrypt encrypted.asc
gpg: WARNUNG: Unsichere Zugriffsrechte des Home-Verzeichnis `/home/mfeilner/.gnupg’
gpg: verschlüsselt mit 4096-Bit RSA Schlüssel, ID XXXXXXXXXXXXXXXXX, erzeugt 2015-04-24
gpg: verschlüsselt mit 2048-Bit RSA Schlüssel, ID XXXXXXXXXXXXXXXXX, erzeugt 2018-12-25
… and that way I got a file named uncrypted.asc that I could open with my favorite text editor or emacs.
“How individuals with dark personality traits react to COVID-19 – People high in narcissism and psychopathy were less likely to engage in cleaning behaviors. People with narcissism have a negative response to the pandemic as it restricts their ability to exploit others within the social system.: science”
How individuals with dark personality traits react to COVID-19 – People high in narcissism and psychopathy were less likely to engage in cleaning behaviors. People with narcissism have a negative response to the pandemic as it restricts their ability to exploit others within the social system. from science
Von Bildungsbehörde unterdrückte Corona-Studie: Einzelne Person löste Masseninfektion an Hamburger Schule aus – Wissen – Tagesspiegel Mobil
Since early 2020 I’ve been telling my friends that I doubt there is a back to pre-corona thing. And I told them this is a stress test for societies, health systems, but also for the variety of authoritarian systems or non-authoritarism. I didn’t foresee that China and some Asia countries can party again while the free western world is locked in, but who would?
“People talk about the return to normality, and I don’t think that is going to happen,” says Frank Snowden, a historian of pandemics at Yale, and the author of Epidemics and Society: From the Black Death to the Present. Snowden has spent 40 years studying pandemics. Then last spring, just as his phone was going crazy with people wanting to know if history could shed light on Covid-19, his life’s work landed in his lap. He caught the coronavirus. Snowden believes that Covid-19 was not a random event. All pandemics “afflict societies through the specific vulnerabilities people have created by their relationships with the environment, other species, and each other,” he says. Each pandemic has its own properties, and this one – a bit like the bubonic plague – affects mental health. Snowden sees a second pandemic coming “in the train of the Covid-19 first pandemic … [a] psychological pandemic”.
“Loss of smell can be life-changing; it removes an important part of your sense of self,” says Chrissi Kelly, founder of the UK-based charity AbScent, which supports people who have lost the ability to smell. “Smell signals give depth to our social interactions. Erase all that, and your experience of the world is two-dimensional.”
#Linux has some mighty PDF Toolkits. One of them is pdftk. I am using it so that we don’t have to bother anymore about orientation of Files on the scanner. We just delete the wrong ones. 🙂
!/bin/bash(use the right upticks ` in the basename line, wordpress messes them up…)
ls *pdf -1 > $INFILE
while IFS=”²” read -r line
'basename $line | rev | cut -c 5- | rev‘
pdftk “$line” cat 1-endwest output “$PDF”_left.pdf
pdftk “$line” cat 1-endeast output “$PDF”_right
pdftk “$line” cat 1-endsouth output “$PDF”_upsidedown.pdf
On October 22nd 2020, Markus Feilner had a presentation on “Open Source in the field of Mixed Reality” in the event “Bubble Out”.
“Bubble Out” is a series of events about new impulses and connection out of the bubble for museums and other cultural and memorial institutions, so-called GLAMs, from Baden-Württemberg. The events include inspiring evening programs with surprising insights and offer the opportunity to connect and discuss innovative topics with members of different branches than IT. Weeks before the event, Markus was on the jury of “Open Culture BW meets VR” and was allowed to present the keynote at the award ceremony. He held the laudatio speech for the winner of the award “Most Innovative”, which was the team of the Game “Apollonia’s nightmare”: Judith Langer, Stefan Bregenzer, Jan Detting, Louis Trouillier, Ben Ruff, all students of Hochschule Furtwangen.
Spoiler: Donwilhelmsit hat eine lange Reise hinter sich, durchs ganze Sonnensystem und wieder zurück zu Erde. Was ich nicht verstehe: Ich dachte, der Mond war ein Teil der Erde?