Technology

Linux & Open Source

Migrating Mail-In-A-Box to a New VPS

Ramen Junkie No Comments

A few years ago, I started running my own mail server using Mail-In-A-Box. Four years or so actually, if the age of my old server was accurate. I have several different email addresses, mostly to better segment out content. I have done this with Reddit, and Twitter, and TT-RSS, and probably other things. In my Mail-In-A-Box I run email for 3 domains, two of mine, one for my wife’s. Overtime I may eventually migrate all of my email to it, at this point, I am a little worried about being blacklisted, so I mostly use it for secondary, receive only, email aggregation.

For a while I’ve been putting off migrating the system to a new VPS. It’s been running on Ubuntu 14.04 since it was created. Newer MiaB won’t run on 14.04 and I can’t distro update the machine. The only choice is to roll a new VPS and migrate the mail.

I use Digital Ocean for my online services, feel free to sign up with the link in the side bar if you want, I get a little kickback if you do. It’s easy to use and affordable. Plus in cases like this, I can spin up an extra VPS, then easily destroy it and spin up a new one, when I discover that MiaB only works up through 18.04, so 20.04, which I used initially, won’t work. Also having the extra server just means a temporary bump in my billing for the month.

The basic process for migrating Mail-In-A-Box is here, in the official documentation. I had a few hiccups along the way but I got them ironed out.

First step was creating the new machine. I mentioned above, I first made a 20.04 machine, but found that doesn’t work, so I killed that and made a new 18.04 machine. Before anything else, I did a few security based housecleaning tasks. The server was creating with Shared Keys log in set up, but it only had a root account. So I created a new user and made them a sudoer. I also copied the SSH keys from root to the user.

adduser Username
usermod -aG sudo Username
cp ~/.ssh /home/Username
chown Username:Username /home/Username/.ssh -R

Next step was to add the new user to the SSH users and secure up that access.

sudo pico /etc/ssh/sshd_config

Then edit:

#Port 22

To a custom port and change:

PermitRootLogin no

Finally add:

AllowUsers Username

Lastly restart the ssh server with sudo service sshd restart. Then test the connection using the regular user. If that works, then disconnect from the root session and continue on the regular user.

I was doing an upgrade but the fresh install guide is here. All I needed was the set up line really, which takes a minute to run but does an initial set up of Mail-in-a-Box.

curl -s https://mailinabox.email/setup.sh | sudo -E bash

The next part was the trickiest bit. I linked the migration article above but I ended up trying to simplify things a bit. On the old machine, I stopped the mailinabox service, so no new mail would come in, then ran the backup python script as described int he article above. I found it was easiest to just connect to the server using Filezilla using SSH FTP, which meant importing my keys to Filezilla. It’s in the settings under SFTP. Something to keep in mind if you set a custom port is you’ll need to add sftp:// before the IP address.

Things are a little tricky here, since root owns the backup folder. I ended up doing a sudo copy into my user home directory, then a chown on the folder to give my user account access to the folder. This meant Filezilla could see the folder and download it to my local machine. There are way to directly transfer between the new and old server, but between custom ports and SSH keys and permissions, I found it was easiest just to download to my local laptop. Afterwards, I connected with SFTP to the NEW server, and pushed the backup folder to the new server. You need the whole folder with the “secret_key” text file and the encrypted folder and files. Basically, this is all the settings and emails.

Next step was to ssh into the New Server, go to the freshly uploaded backup directory, and import the old files, as described in the link. This is two commands run, separately.

export PASSPHRASE=$(cat secret_key.txt)

sudo -E duplicity restore --force file:///home/Username/backup/encrypted /home/user-data/

This takes a minute to run. The next step listed is to rerun the mailinabox set up with “sudo mailinabox”.

I had trouble here. Nginx would not restart. After sound troubleshooting I found it was an issue with SSL. Basically what seemed to happen was the restore, pulled the old SSL certs. Or maybe it was looking for the old SSL certs. Whatever the case, the fix was this process.

rm -rf /home/user-data/ssl/*

The fix was to delete the SSL certificates. then run “sudo mailinabox”. Everything started up. I verified I could log into the control panel and the mailbox using the UP address of the new server. I verified that all my custom DNS records existed, these are needed since the Glue Records point to the Mail-In-A-Box machine but because I host my websites on a separate machine, I have to have DNS records set up appropriately.

One thing I noticed was the SSL Certificates seemed to be wrong, which meant things worked, but would cause annoying security messages. I am not sure if this was related to deleting the certs above, or just that it was still looking for the old IP address. Whatever the case, I did a manual update with certbox for my MiaB Subdomain using

sudo certbot certonly --force-renewal -d Subdomain.Domain.comHere

Another minor issue I ran into, doing this needs to drop a file either in the webroot folder, or spin up a temporary web server to host it’s own file. I couldn’t find the webroot for the custom MiaB set up (it was not /var/www/html) so I temporarily ran “sudo service nginx stop”, then ran the above certbox command, using a temporary webserver option, then “sudo service nginx start” to restart Nginx. NGinx had to be stopped since otherwise it is using Port 80, and the temporary server can’t start to runt he certificate verification process.

Another note, I am not sure if the –force-renewal option is needed above. It didn’t throw out any errors and it fixed the issue, so I left it.

The final step was to go to my Domain Registrar and update the name servers and Glue Records to point to the new Server IP. After a short bit of waiting, eventually the mail server URL connected to the admin and web consoles. I did some test send and receive of emails between my server and gmail to verify everything was working properly. One nice bit, the newer MiaB has a different interface for Roundcube webmail, so I could easily tell if I was going to the new or old server.

Once everything was satisfactory, i went back to Digital Ocean and powered down the old server. If everything is still working in a few days, I will destroy the old server, so I don’t have to keep paying upkeep on it. One thing to keep in mind, both the old and new servers require a specific hostname, so they will be named the same, so double check that you are powering down and deleting the correct server. some easy ways to verify are IP address, or server age. The old server is several years old but the new server is several days old.

Technology

Dead Hard Drive and My Process

Ramen Junkie No Comments

So, I have been pretty sure for a while that the main Hard Drive in my desktop was going out.  It’s probably the oldest drive I own and occasionally it got feisty during reboots.  For a variety of reasons, I kept putting off replacing it.

… and putting it off…. and putting it off…

Then I went down to my office one day, the wife and kids were heading out for the weekend, I had grand plans to waste away my weekend on Overwatch and Battlefield 1.  Those plans came to an abrupt halt because I was greeted with a GRUB error.  My first assumption was that, as has happened before, Windows 10 did an update and screwed things up again.  A good while back I encountered  similar problem and after some troubleshooting I found that my Linux partition had been wiped out.  I reinstalled Ubuntu there and everything booted just fine.  Windows 10 had just done and update and after some searching online there were sporadic reports of similar issues.  After some troubleshooting trying to use a Windows disk to do a Master Boot Record fix and then trying to reinstall Ubuntu again, it became apparent that instead, the drive had failed.

This complicates things a bit.  I pulled out my SpinRite disc and threw it in the drive, hoping it would find and correct the error.  It instead threw out an error partway through the scan.  It’s an older disc, I’m honestly not sure if it’s compatible with the newer set up.  Instead I tried a copy of Norton Ghost to clone the drive to a spare 1TB drive I had in the cabinet.  It looked promising as well, though it also listed that it would take nearly 50 hours to finish.

I guess that meant no Battlefield but Overwatch runs fine on the laptop so a weekend of Overwatch and Netflix it would be.

Unfortunately, the clone crapped out as well after about an hour.

The final solution was to simply reinstall Windows 10, on a new drive.  I never use Ubuntu on the desktop so I opted not to bother reinstalling it.  I downloaded the official Windows 10 recover ISO and ran through the install.  During the install I skipped over entering the CD Key, Windows 10 is supposed to activate itself based on account credentials and hardware on the same machine, time to test that concept out.  The install finishes up and Windows 10 loads up just fine.  It’s even activated as promised in all of the Windows 10 feature lists.

The next task involves getting things back up and running order.

In recent years I’ve pushed a lot of my data off onto either my NAS or into Cloud accessible storage.  This makes this whole task much much easier.  I keep very little irrecoverable data on any one machine these days.  There are a few folders that I will need to recover from the old drive, but nothing super important, and I should be able to simply hook the drive up using a USB drive bay and do normal recovery operations to get to my data.

More interesting through, I ended up saving a ton of time and bandwidth with the games I had on the machine.  At one point I had nearly all of my 1000 Steam Games downloaded and installed, all of my GOG galaxy games and all of my Origin games installed.  These games are spread across several drives of varying size in this machine.  Once I reinstalled Steam, I set up Steam to use each of these drives and it simply detected all of the downloaded games, automatically.  The same happened with GOG Galaxy.  I didn’t see a way to make Origin to reattach to it’s old data so I just dumped that folder and redownloaded things as needed.

Honestly, ultimately this whole debacle has been a bit of a godsend.  I now have a fresh clean Windows 10 install, not one from my Windows 7 upgraded to Windows 10.  I also have a slightly nicer and faster drive as the main drive, which helps performance a bit.  It also gave me an excuse to purge out a lot of cruft I wasn’t really using.  I’ve shifted a lot of my computer use to my laptop, the desktop is primarily used for gaming, so it doesn’t really need anything else installed that doesn’t serve that purpose.

Technology

Self Driving Cars

Ramen Junkie No Comments

Robot Car
Robot Car

Every so often, I’ve seen the “ethical dilemma” of Self Driving cars come up for debate.  Specifically, the scenario goes something like this:

A self driving car is approaching a crowd of children, it can veer off a cliff and kill the occupants, saving the children, what choice does it make?  Who is responsible for the deaths?”

Its a dilemma to be sure, but it’s also completely absurd and effectively a non issue, which is an angle no one seems to really look at or realize.  This specific scenario is completely absurd because, why are a bunch of children blocking a road on the side of a cliff to begin with?  It can be toned down to be a bit more realistic of course, what if it’s a blind corner, maybe the children are just on a street and it’s just a crowd of people and not children.  The children are just there to appeal to your emotional “Think of the children!!” need anyway.  Maybe the alternative is to smash into a building at 60 mph after turning this blind corner into the crowd of people.

No wait, why was the car screwing around any corner where people may be at 60mph?  That’s highway speeds, there’s a reason we have different speed limits after all, open view open areas like highways are faster because we can see farther down the road and we have more room to swerve into other lanes or the shoulder and not into buildings or random crowds of people.

Exceeding the speed limit like that is a human problem, not a robot problem.

So, maybe the car is obeying the speed limit, maybe the brakes have suddenly, inexplicably, failed, and the car simply can’t stop…

No wait, that doesn’t work either.  Brakes generally don’t just “fail”.  A robot car will be loaded with sensors, it will know the instant the brakes display even a little bit of an issue and probably drive off to have itself serviced.  Or at the very least it will alert the driver of the problem and when it reaches a critical stage, simply refuse to start or operate until fixed.  Should have taken it into the shop, that on demand last minute fix service call will probably cost you three times as much while you are late to work.

Looks like ignoring warning signs of trouble is also a human problem, not a robot problem.

So what if there simply isn’t time to react properly because it’s a “blind corner”?  Maybe some idiot is hiding behind a mailbox or tree waiting to jump out in front of your self driving car.  Except this is still more of a human problem than a robot problem.

All of these self driving robot cars, are all going to talk to each other.  You car will know about every crowd of people in a twenty mile radius because all of the other cars will be talking to it and saying things like “Yo dawg, main street’s closed, there’s a parade of nuns and children there,” and the car will simply plan a different route.

They will even tell each other about that suicidal fool hiding behind the tree.

Maybe your car is alone, in the dark in a deserted area.  First, it’s a robot, it doesn’t care about the darkness, if there isn’t some infrared scanner attached telling it there is someone hiding somewhere, it’s going to still see the obstruction.  It will be able to know “How fast could a dog or a person jump out from behind that thing, how wide should I swing around it, how slow should I pass by it.”

It knows, because this is all it does.

Speaking of dogs, or possums, or deers, this also becomes a non issue.  The car will be able to see everything around it, in the dark, because it can “see” better than any human.  It also constantly sees everything in a 360 degree view.  The self driving robot car will never get distracted rubber necking at an accident, it will never be distracted by that “hot chick” walking along the side of the street, it will never road range because some other robot car cut it off (which won’t happen anyway).

It just drives.

And it will do it exceptionally well.

And even if our crazy scenario comes true, even if a self driving car has a freak accident and kills a buss full fo children every year or really every month, it will still kill fewer people than humans kill while driving.

So feel free to waste time debating which deserves to die, the driver or the pack of people, or debate who is responsible, you may as well ask who will be responsible for cleaning up all the poop cars make when they replace the horse and buggy.

Synology NAS

What I Use: Synergy

Ramen Junkie 2 Comments

synergyLast post, I talked a bit about my new Multi Monitor set up.  I mentioned that I use a program called Synergy to handle using multiple machines with one keyboard and mouse.  It’s essentially a virtual KVM, only without the V, since everything has it’s own Video disrt play.

It’s not a free program, but it’s not expensive, and it’s well worth it if you use multiple machines in this manner.

The general gist of it’s use, one machine acts as a server, and other machines connect to it.  The server hosts the mouse and keyboard, and the configuration.  Out of the box, Synergy actually works kind of crappy with a multi monitor involved such as my set up.  The configuration is a simple drag and drop positioning grid, and it doesn’t care about how many monitors are on one system, it assumes one.

synergy_config

You can manually set up a more complex configuration pretty easily.  I’d recommend doing a basic set up and making sure everything is working well before delving into the complex realm.  I’ve found several tutorials online with complex formulas and jargon but the whole set up, in most cases, is a lot simpler.

Start off with your basic set up and save the configuration file.  Now, save it again with some sort of appended name like “edited” or “custom”.  This way you can always reload the original working configuration.  Also, you can save this configuration anywhere but ultimately the program may need to reload it so I would recommend saving it somewhere handy but out of the way, like Documents or even a folder in Documents.

Now, find the file you just saved and open it in notepad.  Find the section labeled “section:links”.  This is the meat of how the program knows where to transition.  It should look something like this:

section: links
pi:
down = Squall
Ixion:
right = Squall
Squall:
up = pi
left = Ixion
end

Notice the directions, up, down, left, right, these are the edges where transitions occur.  You can alter these to make them more precise by adding (x1,x2) to each entry, where x1 is the starting percentage across the screen and x2 is the ending percentage.

synergy_monitors

If you have some complicated positioning, you can futz out some math on the percentages by using the number of pixels /the number of pixels total, but if you have a fairly simple set up like mine, it’s not hard to generalize these percentages.  In my case, this becomes:

section: links
pi:
down(0,100) = Squall(33,66)
left(0,100) = Ixion(0,100)
Ixion:
down(0,100) = Squall(0,33)
right(0,100) = pi(0,100)
Squall:
up(0,33) = Ixion(0,100)
up(33,66) = pi(0,100)
end

Note, that (0,33) is the “first third” across the top of the total width (3 monitors).  The other transition is (33,66) or the second third.  If I had a third monitor on top, it would end up being (66,100), however since I don’t the mouse stays locked within the monitor on the right instead of transitioning anywhere.

With my original generic set up, any upward movement always went to “pi” and going off the left hand edge went to “Ixion”.  In the new set up, everything behaves as expected in a seamless up, down, and across fashion.

Oh, and it works on a Raspberry Pi!

Technology

Multi Monitor Mount

Ramen Junkie 2 Comments

I just wanted to take a moment to share my new multi monitor set up.  Many years ago I was turned on to the idea of using two monitors at my previous job.  having the extra desktop space was great and we ended up adding a second monitor to a lot of the desktops in the office.

Five monitor stand

After building my home office PC, I ended up gathering a few more monitors second hand and eventually had a triple monitor set up at my desk.  I’ve been planning for a while to get a stand that would hold all of the monitors together and clean up desk space but kept putting it off.  When I finally set out to order a stand, I found I could get a 6 monitor stand for almost the same cost as the 3 monitor stand I was looking at, so I figured why not.

So the stand arrived, I used a drill and a hand saw to chop a slit in my desk to slide the mount into, and I went about mounting things.

Unfortunately, the monitor stand isn’t quite designed to fit in a corner, and my monitors are just just just too large to fit on it properly.  Fortunately, I noticed the arms are set up with a long part and a short part, on all four arms.  So I disassembled the arms on the top half and reassembled things so that each of the lower arms had two long bits, which was perfect for the lower monitors to fit together.

Back on an unfortunate note, this means that the upper arms are both really short.  I opted to just pull the one arm off and use just the two monitors on the above section.

This also means I have space to rotate the lower right hand monitor into a vertical alignment if I feel like it.

So why does one need so much screen real estate for.  I’ll admit, it’s probably overkill, and three is probably the most that is really necessary here.  The upper monitors are mostly used for peripheral uses.  The three lower monitors are all hooked to my desktop, I keep Facebook Messenger and Thunderbird (email, Usenet) on the rightmost one, the browser on the left one, and the center one is reserved for whatever the focus is, a game, Photoshop, video editing, sometimes the browser.

The upper center monitor is hooked to one of my Raspberry PiB2s and has XCHAT running connected to my ZNC server.  This is also the same Pi that I host a Minecraft server from.  I tried running Xchat off of the same PiB+ that runs the ZNC server but the lag made things unusable.  The B2 runs things way better than the B+.

The upper left monitor is still kind of undetermined.  It’s limited since it only has a VGA input on it for starters.  Once I get my CHIP with VGA adapter I may stick it on the back of the monitor.  For now I dug out an old Netbook and use it to monitor security cameras.  I’ll probably also use it to display a home automation dashboard if I ever get around to building such a thing with my Arduino boards.  It currently runs Windows 7, mostly because I haven’t been able to find any software on Linux to monitor multiple IP cameras.  The only one available isn’t free, which wouldn’t be a problem but it uses an asinine license system so it’s a reoccurring yearly cost and it’s not cheap.

I really refuse to pay for “license” style software that isn’t constantly providing some some sor tof regular upkeep/service.  A stand alone self run product really shouldn’t cost yearly, but that’s a rant for someplace else.

Everything is tied together using a really nice piece of software called Synergy.

On a technical note, each of the lower monitors is 21″ across the diagonal and the upper monitors are both 19″ across the diagonal.

« Previous PageNext Page »