Author Archives: admin

Installing UniFi controller in Docker Container

Posted on by
Reply

Instructions followed from here. Some changes were made
Commands work on Ubuntu 16.04

Install Docker

sudo apt install -y docker docker.io
systemctl enable docker
systemctl start docker

Install UniFi

sudo docker pull jacobalberty/unifi:latest

Setup Docker Image

The following command sets up a container which we can later manipulate to start and stop the “service”
You can specify where you want the UniFi files to reside if desired. 

sudo docker run -d --init --restart=unless-stopped --name=unifi-controller --net=host --volume=/docker/unifi:/var/lib/unifi -p 8080:8080/tcp -p 8081:8081/tcp -p 8443:8443/tcp -p 8843:8843/tcp -p 8880:8880/tcp -p 8883:8883/tcp -p 3478:3478/udp jacobalberty/unifi:latest

Docker commands

List docker containers

sudo docker container list
367c7a1465ec        jacobalberty/unifi:latest   "/usr/loca/bin/dock…" 15 minutes ago      Up 14 minutes (healthy) unifi-controller

List docker images on system

sudo docker images
jacobalberty/unifi   latest              baebbe301633        9 days ago          711MB

Stop container. Also stops the UniFi service. Change the ID to your container ID.

sudo docker stop 367c7a1465ec

Other notes

When setting up the Docker image, the directory specified was “/docker/unifi” so all the UniFi files are in there and it looks like if you manipulate the files, it makes the changes fine. At least for setting up the SSL certificates.

unifi depends on mongodb-server (<< 1:3.6.0) | mongodb-10gen (<< 3.6.0) ...

Posted on by
Reply

Looks like the issue is that the UniFi server can’t be installed with a version of MongoDB newer then 3.6.0

https://help.ubnt.com/hc/en-us/articles/220066768-UniFi-How-to-Install-Update-via-APT-on-Debian-or-Ubuntu

Fix the issue by installing an older version of MongoDB

wget -qO - https://www.mongodb.org/static/pgp/server-3.4.asc | sudo apt-key add -
echo "deb https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list
sudo apt-get update

Then install MongoDB with

apt install mongodb-org-server

You may run into issues if you already have a version of Mongo installed. Uninstall it and then rerun the above install command.

Preseem – Monitor VLAN Passing Through Server

Posted on by
Reply

You can specify for Preseem to monitor a vlan by opening up the config file in

vi /etc/preseem/config.yaml

The parts in bold are what get added.

bridges:
   br0:
     addressSpace: default
     802.1q:
       inspectDefault: false
       vlans:
         2:
           addressSpace: default
           inspect: true
         10:
           addressSpace: default
           inspect: true

In the above vlan 2 and 10 get added and should now be inspected.

Save the file and restart the services

systemctl restart preseem-netdev-manager.service 
systemctl restart preseem-node-manager.service 
systemctl restart preseem-health-manager.service 
systemctl restart preseem-telegraf.service 
systemctl restart preseem-system-stats-manager.service

You’ll need to wait for it to update in the Preseem interface. May take a day for it to update and start reporting.

VMware ESXI “Disk capacity is greater then the amount available in the datastore”

Posted on by
Reply

The following error appears to be some sort of bug in the Web Interface for VMware. Work around is to download the vSphere client and make the changes through there.
vsphereclient.vmware.com/vsphereclient/VMware-viclient-all-6.0.0.exe

“The disk capacity specified is greater than the amount available in the datastore. Disk space overcommitment can consume all space in the virtual disk and block the virtual machine. Increase the datastore capacity before proceeding or enter a smaller disk size.”

imapsync bulk copy not copying first account in list

Posted on by
Reply

Ran into an issue where it looked like imapsync would fail to connect to the server on the first line when trying to do a bulk move. 

mail.maildomain.com;user1@incredigeek.com;password1;mail.incredigeek.com;user2@incredigeek.com;password2

Was able to work around the issue by Adding a comment line to the top of the file. May have to do with how the script I was using handles the lines.

### Email Import list mail.maildomain.com;user1@incredigeek.com;password1;mail.incredigeek.com;user2@incredigeek.com;password2

Script used to copy

#!/bin/sh
# $Id: sync_loop_unix.sh,v 1.6 2015/11/04 18:23:04 gilles Exp gilles $ 
#Example for imapsync massive migration on Unix systems.
#See also http://imapsync.lamiral.info/FAQ.d/FAQ.Massive.txt
#
Data is supposed to be in file.txt in the following format:
host001_1;user001_1;password001_1;host001_2;user001_2;password001_2; … 
#Separator is character semi-colon ";" it can be changed by any character changing IFS=';' in the while loop below.
# Each line contains 6 columns, columns are parameter values for
--host1 --user1 --password1 --host2 --user2 --password2
and a trailing empty fake column to avoid CR LF part going
in the 6th parameter password2. Don't forget the last semicolon.
# You can add extra options after the variable "$@" Use character backslash \ at the end of each supplementary line, xcept for the last one. You can also pass extra options via the parameters of this script since they will be in "$@" The credentials filename "file.txt" used for the loop can be renamed by changing "file.txt" below. echo Looping on account credentials found in file.txt
echo
file="${1}"
{ while IFS=',' read  h1 u1 p1 h2 u2 p2 fake
    do 
        { echo "$h1" | egrep "^#" ; } > /dev/null && continue # this skip commented lines in file.txt
        echo "==== Starting imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
         imapsync --host1 "$h1" --user1 "$u1" --password1 "$p1" \
                  --host2 "$h2" --user2 "$u2" --password2 "$p2" \
                  "$@" --delete2
         echo "==== Ended imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
         echo
    done 
} < ${file}

How to stream Mikrotik Packet Sniffer to Wireshark

Posted on by
Reply

Setup Packet Sniffer on Mikrotik

Go to Tools -> Packet Sniffer

Mikrotik Packet Sniffer Settings

Configure the Streaming options. Set the Server IP address to the computer you are running Wireshark on

Configure IP address to stream to.

Configure the Filter settings. Unless you want to stream everything from the router to your computer.

Set filter options

Configure Wireshark

Make sure the TZSP is enabled in the “Enabled Protocols” Window. Either by going to “Analyze -> Enabled Protocols” or “Ctrl + Shift + E”

Enable TZSP protocol

Run Wireshark.

Wireshark

Helpful links

https://wiki.mikrotik.com/wiki/Ethereal/Wireshark

Install GrapheneOS on Pixel 3

Posted on by
Reply

Installing GrapheneOS is pretty well documented on the website.

https://grapheneos.org/install

The following are mainly some of my notes. More detailed instructions are available at the above link.

OEM Unlock

Enable developer options

To enable the developer options on Android go to Settings -> About phone -> Tap on Build number until it says your a Developer.

Allow OEM unlocking

Settings -> System -> Advanced (Dropdown) -> Developer options

Allow OEM unlocking

Enable OEM unlcoking

Unlock Bootloader

Boot into the bootloader By

  • Powering down the phone
  • Start up while holding the volume down and power button

Run the following command from a computer with fastboot

sudo fastboot flashing unlock

The screen should change, hit the arrow keys to select Unlock the bootloader and confirm with the power button

Download and Verify Images

Download the proper factory image and files from https://grapheneos.org/releases

The name should say something device-factory-date.zip and device-factory-date.zip.sig
The .sig file is used to verify the image in the below section.

Verify the Keys

The commands to do this are from a Linux computer. There may be alternatives for Windows. You can technically skip this section.

Install signify

sudo apt install signify-openbsd -y

Download the public key from https://releases.grapheneos.org/factory.pub

Run and check that the key and the image match.
The following command assumes you are in the same directory as the image and factory.pub file.

sudo signify-openbsd -Cqp factory.pub -x blueline-factory-2020.03.04.16.zip.sig && echo verified

Install Factory (GrapheneOS) Image

Unzip the factory image and change directories into it

unzip blueline-factory-2020.03.04.16.zip && cd blueline-qq2a.200305.002/

Run the flash script to flash the image to your Pixel.

sudo ./flash-all.sh

Wait for it to flash, may take a long time.

NOTE: I ran into issues with the script as my version of fastboot was old. SEE PROBLEMS HEADING BELOW

Relock bootloader

Boot back up into the recovery menu and lock the boot loader with

fastboot flashing lock

Problems

  • I ran into issues running the flash-all.sh script. My version of fastboot was old. Ended up downloading a newer version and calling all the commands in the script manually.
  • Phone seemed to randomly time out or just hang when trying to run something over fastboot. Unplugging and plugging the phone back in and rerunning the command seemed to resolve the problem.

Using wget to download HTML website

Posted on by
Reply

https://apple.stackexchange.com/questions/100570/getting-all-files-from-a-web-page-using-curl

Replace example.com/website with the website you want to download files from.

wget -r -np -k http://example.com/website/

The above command will download all the files it can find in that web directory, i.e. (html files) This can be helpful if your trying to move a simple HTML site.

The -r option means recursive, the -k option converts the links to local links after it downloads the page.