Quick and easy: Debian and Ubuntu major upgrade

Ubuntu

  1. Update system: sudo apt update && sudo apt upgrade
  2. Remove unnecessary packages and configuration files: sudo apt autoremove --purge
  3. Reboot sudo reboot
  4. Install update manager (mostly already installed): sudo apt install update-manager-core
  5. Check for new Version: sudo do-release-upgrade -c
  6. Start upgrade: sudo do-release-upgrade and follow terminal prompts

Debian

  1. Update System sudo apt update && sudo apt full-upgrade
  2. Reboot sudo reboot
  3. Update release package repos: sudo sed -i'.bak' 's/bullseye/bookworm/g' /etc/apt/sources.list (for 11 to 12, replace names with the right versions!)
  4. Start upgrade: sudo apt update && sudo apt dist-upgrade
  5. Reboot: sudo reboot

Quick and easy: Reset root password

  1. Reboot machine and press <shift> to configure GRUB
  2. Select the entry you normaly boot, e.g. Ubuntu and press <e> to temporary modify the entry
  3. Search the line which begins with linux /boot/vmlinuz[...]
  4. Remove everything and including the ro, e.g. ro quiet splashor ro maybe-ubiquity
  5. Replace it with rw init=/bin/bash
  6. Press F10 to boot the system
  7. Use passwdto change the root password

Fix register protocol handler for mailto links in Firefox and Roundcube

I recently played with Mailcow and also tried out SOGo briefly. After logging in, SOGo triggers a infobar message in the browser asking whether you want to set SOGo as the default application for mailto links in the browser. No, I just don't want to it at the moment. So I quickly clicked on "Not now". After a few days I then migrated my Roundcube and wanted to set it as the default application for mailto links, but no popup appears. Even manual calls via the browser console do not help:

window.navigator.registerProtocolHandler('mailto', location.href.split('?') [0] + '?_task=mail&_action=compose&_to=%s', “test”)

Resetting the page settings, cookies, permessions etc. does not help either. It turns out that Firefox saves the "hide message" in the permissions.sqlite file and doenst clear the entry or i dont know how. FF enters a mailto-infobar-dismissed for the domain there. I removed line with SQLite editor, restarted Firefox and tada, it works.

tl;dr:

Register mailto handler doen't work with Roundcube for a domain after the popup (infobar) has been clicked away? Removed the mailto-infobar-dismissed for the (sub-)domain from permissions.sqlite

FileWare Apple VPP Token “The server has revoked the sToken.”

If you get this error The server has revoked the sToken from FileWave while syncing, the ABM portal password recently changed. So the server tokens becomes invalid and user has to renew the location tokens (Source).

To renew the token, login into ABM, go to Payments and Billing and download the Content Tokens. In FileWave go to Token configuration, Double Click the current token and import the file. Sync and you are done. Do not try to add a new token, this won´t work.

Add Let’s Encrypt (certbot) to FileWave MDM on Debian

  1. Install certbot
    apt update && apt install certbot

  2. Make sure http (80) is open on the machine

  3. Run sudo certbot certonly --standalone and follow the assistant

  4. Create script /usr/local/bin/certbot-renew.sh with the following content:

    #!/bin/bash
FQDN="filewave.example.com"
/bin/certbot renew
cp -uf /etc/letsencrypt/live/${FQDN}/fullchain.pem /usr/local/filewave/certs/server.crt
cp -uf /etc/letsencrypt/live/${FQDN}/privkey.pem /usr/local/filewave/certs/server.key
yes | /usr/local/filewave/python/bin/python /usr/local/filewave/django/manage.pyc update_dep_profile_certs
/usr/local/bin/fwcontrol server restart
exit 0

  5. Make script excutable with sudo chmod +x /usr/local/bin/certbot-renew.sh

  6. Run script for testing /usr/local/bin/certbot-renew.sh

  7. Add new job to /etc/crontab:

    0 5 * * 6 root /usr/local/bin/certbot-renew.sh

    [via]https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-debian-11[/via]
    [via]https://www.reviewmynotes.com/2022/10/filewave-and-lets-encrypt.html[/via]

TIL: Python tips and tricks collection

This blog post is a collection of Python tips and tricks that I have found useful over the years. I will keep updating this entry as I learn more.

  • How to add a custom CA Root certificate to the CA Store used by pip in Windows?

    pip config set global.cert path/to/ca-bundle.crt
pip config list

  • Generate requiements.txt
    Use pipreqs

    pip install pipreqs
pipreqs /path/to/project

    or pip freeze. But, freeze saves all packages in the environment including those that you don´t use in your current project!

    pip freeze

Counter Strike: Source won’t start on NixOS

After the latest update of my NixOS machine, Counter Strike: Source wont start. Starting Steam from console shows the following error message

[...]
src/tcmalloc.cc:278] Attempt to free invalid pointer 0x94d1af0 
/home/user/.local/share/Steam/steamapps/common/Counter-Strike Source/hl2.sh: line 73: 14550 Aborted                 (core dumped) ${GAME_DEBUGGER} "${GAMEROOT}"/${GAMEEXE} "$@

I could fixed the problem by

  • copy the libmimalloc.so from Half-Life 2 bin-folder (/home/user/.local/share/Steam/steamapps/common/Half-Life 2/bin/libmimalloc.so) to Conter-Strike: Source bin-folder
  • Rename existing libtcmalloc_minimal.so.4 to libtcmalloc_minimal.so.4~ or similar
  • rename libmimalloc.so to ibtcmalloc_minimal.so.4

The game now starts 🙂

Synology HyperBackup to Hetzner Storage Box

Its possible to use Hetzner Storage Box as HyperBackup target with the following settings.

Preparations

  • Log in to StorageBox Administration from Hetzner
  • Select StorageBox
  • Create SubAccount (Optional)
    • Activate: Allow SSH
    • Activate: Allow external accessibility
    • User name and password will be displayed after saving (ONLY ONCE!)

Setup

  • Install HyperBackup package
  • Backup destination > File server > rsync
    • ServerType: rsync-compatible server
    • Server name: <uXXXX.your-storagebox.de>
    • Transmission encryption: On
    • Port: 23
    • Username: uXXX-subXXX
    • Password: XXX
    • Backup module: /home/
    • Directory: <backup name>

Logging from PHP to Docker logs (stdout)

If you run your PHP application inside a docker container, you could write (debug) output to the docker log. This is useful if you want to see the output of your application in the docker logs.

Commands

$out = fopen('php://stdout', 'w'); //output handler
fputs($out, "Output goes here...."); //writing output operation
fclose($out); //closing handler

Example

function _log($msg) {
    $msg = "myApp - " . date("c") . ": " . $msg."\n";
    $out = fopen('php://stdout', 'w');
    fputs($out, $msg);
    fclose($out);
}

Fixing Windows Hello PIN on Windows 11 (0x80090016)

This is the second time, my Lenovo X13s (Windows-on-ARM) machine wont boot and ask for the BitLocker key. After using the recovery key, and login with password, i can't set a new Windows PIN which is needed for biometric (fingerprint or face recognition) login. I get the error message Something went wrong. Try again later (0x80090016).

tl;dr

To fix this, you need to delete the folder C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\NGC and reboot the system. After that, i was able to set a new PIN.

Steps

  1. takeown /f C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\NGC /r /d y
  2. icacls C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\NGC /grant administrators:F /t
  3. Delete C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\NGC
  4. Reboot