My convoluted Subsonic server setup

By , 2016-05-15 21:23

Since ending my colo server plan, my Subsonic server hasn’t been running. I used to just have all my media synced to the Proxmox server I had in colo, then bind-mounted that folder to the OpenVZ container that was running Subsonic.

I’ve now moved my Proxmox/Subsonic server to a little Zotac ZBOX on my LAN that only has one local disk so I figured I wouldn’t sync all my music over locally when it could just directly access it from my new FreeNAS box. Turns out this is a little bit more complex than I thought – here are the steps I did to get it working:

  1. Get all music onto the FreeNAS box. For this I’m still using BTsync. One client is on my Mac, sharing my iTunes library, the other is in a FreeNAS jail.
  2. Install Subsonic in an LXC container on the Proxmox server.
  3. Create an NFS export on the FreeNAS server and mount it as storage on Proxmox. I just used the “Add storage” option in the Proxmox Web UI rather than adding it to fstab, because I was lazy.
  4. Configure the LXC bind mount. Essentially, in /etc/pve/104.conf :
     mp1: /mnt/pve/freenas,mp=/mnt/freenas
  5. Set up Subsonic to scan the /mnt/freenas/music folder.
  6. Realize that Subsonic has issues with non-ASCII characters in filenames. Fix it by adding “export LANG=en_CA.UTF-8” to the start script.
  7. Realize that Subsonic has no access to write to the NFS share, since the GIDs on the FreeNAS box and the Subsonic container don’t match. I use GID 500 = users as my main group on FreeNAS, so I created a group freenasusers with GID 500 in the Subsonic container and added the subsonic user to this group.

Probably missed some steps, but that’s the gist of it. I really need to get my blogging and documentation back on track.

How to get postfix to deliver root’s mail locally when using a smarthost

By , 2015-12-09 10:40

When setting up Postfix on Ubuntu/Debian as “Internet Site with smarthost” to use an external smtp relay, automatic e-mails intended for “root” (such as cron job error reports) get sent out to the smarthost with a To: address of This can cause a problem as the smarthost doesn’t know where to deliver these messages to, since has no MX record.

The fix for this is (go figure) in the Postfix README:

Delivering some but not all accounts locally

A drawback of sending mail as “” (instead of “”) is that mail for “root” and other system accounts is also sent to the central mailhost. In order to deliver such accounts locally, you can set up virtual aliases as follows:

1 /etc/postfix/
2     virtual_alias_maps = hash:/etc/postfix/virtual
4 /etc/postfix/virtual:
5     root     root@localhost
6     . . .


Execute the command “postmap /etc/postfix/virtual” after editing the file.

Oddly, just adding the line

root: root@localhost

to /etc/aliases doesn’t work. You really need to do the steps outlined in the manual.


By , 2015-08-18 09:55




The magical feeling of being a sysadmin

By , 2015-04-07 21:18

It’s really cool what we can do with computers these days. I generally take technology for granted, but sometimes I am just in awe of what is possible.


With the ubiquity of the Internet
It’s all too easy to forget
How amazing it is, that with relative ease –
Just a few strokes of the keys
A sysadmin can ssh to a box running Unix
On the other side of the world, or just across town.
And with just a few clicks
Bounce that Windows box that’s gone down.



Image credit:

Written for OPS235 Course – Exam Preparedness

By , 2015-03-29 23:40


I feel ready for the OPS235 exam. There are a few areas I need to brush up on, but overall I feel I have a grasp  of most of the course content.


  • CentOS installation
  • KVM administration via GUI
  • Package/software installation and updates
  • tar and file archiving/management
  • fstab and partition management


  • Knowledge of specific commands and arguments/switches (rely on man pages)
    • iptables syntax
    • lvm commands
  • CentOS/RedHat-specific commands and conventions (used to Debian/Ubuntu)
  • SELinux
  • Memorization of .conf file structures

Exam review topics

  • KVM network configuration
  • User and group management

Written for OPS235 Course – Software and Installation Process

By , 2015-03-29 23:30

lamp-featuredSoftware installed


Apache is an open-source web server software maintained by the Apache Software Foundation and the open-source community. It can be extended using modules, and is well-documented and well-supported. It is usually the de-facto standard Web server on Linux, although lately new and customized Web servers such as nginx have been becoming more popular for dynamic, high-traffic sites.


PHP is a server-side scripting language mainly used for web development. By writing PHP rather than plain HTML, developers are able to create pages that are dynamically generated by the server on the fly depending on parameters provided. The Zend PHP interpreter is open-source software, and is available as a module for multiple Web servers on Linux, Windows, BSD and other OSes.


MySQL is an open source relational database management system (RDBMS). It is open-source software, released under the GPL and sponsored by Oracle Corporation. The software is available at no cost, although there are also some paid versions. It has widespread use in Web applications, such as WordPress and MediaWiki, and is also used by large sites such as Facebook and YouTube.

LAMP stack

Together, CentOS (Linux), Apache, MySQL and PHP form an implementation of a LAMP stack. This stack provides a consistent, portable environment for Web developers.


WordPress is an open-source blogging platform and CMS. It is written in PHP, and uses a MySQL database for text content storage and metadata. It provides an easy-to-use user interface, and is highly extensible and customizable with a large number of user-creatable themes and plugins. WordPress powers some prominent sites such as, and

Problems encountered during installation

  • The systemctl command was not available, since this install of CentOS is using upstart rather than systemd.
  • There was no default index page created during the install of httpd. As a result, accessing HTTP on the Centos3 VM server gave an HTTP error 403 (Access denied) – the default Apache configuration denies directory listings.
  • The c6host machine was not able to access the HTTP service on centos3 because its iptables was not configured to allow inbound traffic on port 80.
  • When configuring iptables on centos3, running iptables -A INPUT -p tcp –dport 80 -j ACCEPT was notsufficient.
    • The -A option appends the rule to the end of the INPUT chain, however, there was a pre-existing explicit rule rejecting all packets.
       REJECT     all  --             reject-with icmp-host-prohibited
    • To move the new rule above the reject rule, the incorrect rule had to be removed by running iptables -D INPUT -p tcp –dport 80 -j ACCEPT
    • Then, find the line numbers by running iptables -L –line-numbers
       Chain INPUT (policy ACCEPT)
       num  target     prot opt source               destination
       1    ACCEPT     all  --             state RELATED,ESTABLISHED
       2    ACCEPT     icmp --  
       3    ACCEPT     all  --  
       4    ACCEPT     tcp  --             state NEW tcp dpt:22
       5    REJECT     all  --             reject-with icmp-host-prohibited
    • Use iptables -I INPUT 5 -p tcp –dport 80 -j ACCEPT to insert the new rule above the existing rule 5.
    • Running iptables -L –line-numbers again gives the following output:
      Chain INPUT (policy ACCEPT)
      num  target     prot opt source               destination
      1    ACCEPT     all  --             state RELATED,ESTABLISHED
      2    ACCEPT     icmp --  
      3    ACCEPT     all  --  
      4    ACCEPT     tcp  --             state NEW tcp dpt:22
      5    ACCEPT     tcp  --             tcp dpt:80
      6    REJECT     all  --             reject-with icmp-host-prohibited
  • The contents of the WordPress .tar.gz file were extracted to /root/wordpress. Moving this directory to /var/www/html resulted in the Apache process not being able to read the wordpress subdirectory. Copying (cp -R) avoids this issue.
  • When configuring the WordPress connection to MySQL, the WordPress documentation said to run the query
    mysql> GRANT ALL PRIVILEGES ON databasename.* TO "wordpressusername"@"hostname"
        -> IDENTIFIED BY "password";

    to allow access to the database. However, since the MySQL server and Apache/WordPress are installed on the same host, we need to use “localhost” rather than “centos3” for the hostname.

Trick PHP into thinking SSL/HTTPS is on

By , 2014-10-15 08:53

Not sure of the implications of this/best practices, but I just added

$_SERVER['HTTPS'] = 'on';

to my index.php.

Reason for this is that I am running a php app behind a reverse proxy, with the connection between the app server and the reverse proxy being plain HTTP, but the connection between the client and the reverse proxy is HTTPS.


Enabling DVD playback on Ubuntu 14.04

By , 2014-08-02 21:37

I don’t really play DVDs on my PCs much anymore, but my brother have me the full boxed set of Freaks and Geeks (great show, cancelled too soon). Running on a fresh install of Ubuntu 14.04, I popped in the DVD and was prompted by “Video Player” aka Totem to install some additional codecs. I obliged, but after the installation, the DVD still wouldn’t play. It turns out that because of legal issues, the libdvdcss2 library is no longer included in the Ubuntu repositories. However, the libdvdread4 package does provide a script to easily install it.

Once you have libdvdread4 installed, run following script:

# sudo /usr/share/doc/libdvdread4/

Restart your video player and enjoy your DVD.

Screenshot from 2014-08-03 01:35:17


By , 2014-07-31 15:32

I noticed that my workstation has been up essentially since I made my last blog post.
129 days and counting.

 $ uptime
 15:22:40 up 129 days,  2:41,  5 users,  load average: 1.88, 1.91, 1.93

This system also hasn’t been re-installed since November 2012. The initial install was done using the Ubuntu 12.10 “Quantal Quetzal” CD on November 20, 2012. I’ve since upgraded to every interim release – 13.04, 13.10 and now 14.04, and used a host of different desktop environments and window managers (currently using i3). The PC actually hasn’t been rebooted since installing 14.04; I only restarted X.

matt@work:/var/log/installer$ ls -l
total 1532
-rw------- 1 root   root   1303 Nov 20  2012 casper.log
-rw------- 1 root   root   3856 Nov 20  2012 debug
-rw-r--r-- 1 root   root 420116 Nov 20  2012 initial-status.gz
-rw-r--r-- 1 root   root     59 Nov 20  2012 media-info
-rw------- 1 root   root 747016 Nov 20  2012 partman
-rw------- 1 syslog adm  377562 Nov 20  2012 syslog
-rw------- 1 root   root     17 Nov 20  2012 version
matt@work:/var/log/installer$ sudo cat media-info 
Ubuntu 12.10 "Quantal Quetzal" - Release amd64 (20121017.5)



Windows XP

By , 2014-03-22 15:03

Windows XP is going out of support next month.. This means Microsoft will no longer provide security updates or any patches for the OS, leaving users of the 12-year old version of Windows more vulnerable to emerging threats.

On this occasion, let’s take a moment to put dear old WinXP’s age in perspective. But first, some mood music:

When Windows XP was released…

Bill Gates was still CEO of Microsoft.


Gates with his new baby. Also Alias.

Friends, Buffy the Vampire Slayer, The X-Files, Frasier and Sex and the City were still airing new episodes.


Vampires were still scary.

Friends Gets 11 Emmy Nominations

The one where Monica and Chandler are married and Rachel is freaking out.

We had yet to see shows like The Office, Arrested Development, House and How I Met Your Mother.

house-md_0001 2

There was no Gregory House in 2001.

The current-gen iMac had a CRT display.


This was the competition.

There was only The Matrix.

matrix_revisited copy

This was true in 2001.

The “War on Terror” had only just begun.

The President of the USA.

The President of the USA.

The BlackBerry 950 was the current model.


Portable productivity for the business professional.

Custom theme by me. Based on Panorama by Themocracy

BOFH excuse #70: nesting roaches shorted out the ether cable

%d bloggers like this: