Before diving in the list, I must mention that as an Amazon Associate I earn from qualifying purchases.
Coppertone, water proof, SPF50 HERE
QWORQS – A blog by Yazeed Almadaeen
Before diving in the list, I must mention that as an Amazon Associate I earn from qualifying purchases.
Coppertone, water proof, SPF50 HERE
I am writing a post about this device because I was positively surprised by it
I have a TV connected to an android TV box, neither the TV nor the android box have bluetooth, So i have tried quite a few bluetooth transmitters, where you connect the AUX jack from the TV out to the transmitter, and the transmitter automatically pairs with the bluetooth speakers, never went well, either the voice is really bad, or it does not work, this is all until i found this little cool guy
So, how those transmitters usually work is you power the thing from USB, then connect the auxiliary jack, to my surprise, even though this did have a 3.5MM aux jack, it was detected by my android box as a USB sound card, and it worked without me doing anything
It doubles as a BT receiver too, but those are all over the place, and not exactly why i like this, So now it is clear what they mean by 3IN1, it has a jack for input, output and also works as USB sound ! Amazing stuff
I will here assume you already have a remote Linux machine that you can SSH into with putty, the instructions are simple from this point on
1- Basic putty settings, assuming you have already downloaded putty from chiark.greenend.org.uk, now open putty, enter the IP of the server you wish to tunnel through, and save it with a name, the steps are…
– Open putty,
– enter the IP of your remote machine
– give it a name of your choice
– save (You don’t need to save now, you will save again in a bit, but you can do it anyway)
2- Go to Connection and expand it, then expand SSH, then select Tunnels, this will show a dialogue such as the below, fill in the data as follows
3- From the menu on the left, go back to Session, and click the save button again (So that the new tunnel settings are saved for next time)
4- You are almost done, Now double click the saved session name or select it and hit open, the remote machine should now prompt you to enter a username and a password, once you enter those, you have a tunnel ready on your localhost (127.0.0.1) on port 8081, next we will setup Firefox to use that tunnel
1- Go to firefox settings (Click the accordion menu to the right, and chose settings), once open, scroll down under general, until you find the Network Settings section, click the settings button in that section
Clicking settings above will show the following popup dialogue, setup your system as follows
Now, to verify that you are conencted to the remote machine, google the following
what is my ip
and google should tell you what your IP address is, at this stage, it should be the same as the remote machine’s IP (Not yours)
Let’s encrypt is a Certificate Authority (CA) run by Internet Security Research Group (ISRG), and is sponsored by some of the biggest name in the web industry
You are probably here to create a certificate, not get a history lesson ! so Let me cut the chase, for those who want to know more, there is always wikipedia (Let’s encrypt on Wikipedia)
So let’s encrypt provides certificates for domain names, including wildcard certificates (Which I will get to by the end of this article), What we are going through here is the manual process, which serves to give you a taste of how things work, in practice, you are encouraged to use on of the automated methods for multiple reasons, one compelling such reason is that Let’s encrypt issues certificates valid for three months only ! You don’t want to have to cater to your certificate every three months do you ?
To simplify things, I will create a step by step video to demonstrate the creation process ! and post it here, but for now, I will simply take you through the steps, in this tutorial, all you need is SSH access to any server including one you have at home ! or even maybe a virtual machine running Linux inside your windows computer, anything goes, once you have a certificate, you can move it to your production server, this allows me to keep this as general as possible, and this is done using the –manual option, So without further ado, let me get to it
1- login to a linux server and install certbot, the tool that allows you to get certificates from let’s encrypt, On the official website, they promote the use of SNAP, here, I will skip snap and use Debian’s repository ! simpler and there is no need to get into snap
apt install certbot
Now that you have certbot, let us create a certificate for the domain example.com (replace it with your own)
certbot certonly --manual --preferred-challenges http
The –preferred-challenges directive allows you to specify what challenge (http or dns) you would like to perform, the manual plugin is basically the same as webroot plugin but not automated, which is a hassle to keep up to date as this form of issuance needs to be renewed manually every 3 months, (You can take extra steps to automate this) which i will describe later on another post to keep things tidy
Now, as soon as you enter the above, you will enter an interactive dialogue with the following steps
Note: If you want to create a wildcard certificate for your domain name, let’s encrypt allows the use of the * wildcard, but only supports DNS challenge, so the command must reflect that, So when asked for a domain, simply enter *.example.com (or -d ‘*.example.com’), should work normally
As soon as you are in, you will be asked 1- An email for notifications 2- Do you agree to the terms of service ? 3- Would you like to subscribe to the newsletter ? 4- enter your domain names (you should enter both example.com and www.example.com separated by either a comma or a space) 5- Create a file containing just this data: Pg1xJ.........-88 And make it available on your web server at this URL: http://example.com/.well-known/acme-challenge/Pg1...........xuu_0 6- Now you need to create the 2 challenge files, one for exmaple.com and the other for WWW.example.com Create a file containing just this data: Ud4m81x..............zupbWEz-88 And make it available on your web server at this URL: http://www.example.com/.well-known/acme-challenge/Ud4........550 (This must be set up in addition to the previous challenges; do not remove, replace, or undo the previous challenge tasks yet.) -------------------------- IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem Your key file has been saved at: /etc/letsencrypt/live/example.com/privkey.pem Your certificate will expire on 2023-03-11. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
At this stage, there are things you should remain aware of
1- DO NOT RENAME OR MOVE THE CERTIFICATES, they need to be in place for renewal if you decide to not automate and check on your certificates every 3 months.
2- Copy (Don’t move) them to the ssl directory, and add them to your config files, the only files you will need to include in your nginx or apache2 config are as follows
For apache 2, you need to use the following 2 lines, modify the path to the files to wherever you have placed them
SSLCertificateFile /etc/apache2/ssl/example.com/fullchain.pem SSLCertificateKeyFile /etc/apache2/ssl/example.com/privkey.key
And for nginx
ssl_certificate /etc/nginx/ssl/allspots.com/fullchain.pem; ssl_certificate_key /etc/nginx/ssl/allspots.com/privkey.pem;
So, restart apache or nginx, and you should be able to see the certificate in action, so this is the simplest way to use let’s encrypt, in my next post, I will
Now, after 3 months, the simplest way to renew the certificate is to issue the command
certbot certonly --force-renew -d example.com www.example.com
Yes you can, but not the latest, CodeIgniter support was dropped at one point, but nothing is stopping you from using the old version of clockwork !
Clockwork is maintained by itsgoingd, with the relevant projects here (https://github.com/itsgoingd)
Clockwork’s codeigniter support was dropped with Clockwork 2, but you can still use Clockwork V1.x (Statement from itsgoingD himself here https://github.com/itsgoingd/clockwork/issues/333), Version 1 can be downloaded at (https://github.com/itsgoingd/clockwork/tree/v1), 1.6 seems to be the last V1 published.
But there are a few caveats, for example, what browser extensions work with Clockwork V1.6 ?
Whenever i get the following message
mount /dev/sdd1 /hds/sgt2tb The disk contains an unclean file system (0, 0). Metadata kept in Windows cache, refused to mount. Falling back to read-only mount because the NTFS partition is in an unsafe state. Please resume and shutdown Windows fully (no hibernation or fast restarting.) Could not mount read-write, trying read-only
resolves the issue, and produces the following message
Mounting volume... The disk contains an unclean file system (0, 0). Metadata kept in Windows cache, refused to mount. FAILED Attempting to correct errors... Processing $MFT and $MFTMirr... Reading $MFT... OK Reading $MFTMirr... OK Comparing $MFTMirr to $MFT... OK Processing of $MFT and $MFTMirr completed successfully. Setting required flags on partition... OK Going to empty the journal ($LogFile)... OK Checking the alternate boot sector... OK NTFS volume version is 3.1. NTFS partition /dev/sdd1 was processed successfully
The same mount command you see here will now work flawlessly
mount /dev/sdd1 /hds/sgt2tb
I am still unsure what process from the mentioned above is responsible, as this oftentimes pops up on drives that were never system drives, so there is no hibernation file problem
You can do this in many ways, the most popular of which is SAMBA, but this is not the software we are using, here we are using SSHFS
The software this post is about is SSHFS, if you are reading this, you probably know what SSH is (Secure shell), and FS stands for File System
Ironically, you will only need to have SFTP and not SSH with shell access, so here is the first surprise, Now, to continue with this tutorial, you might want to visit the page I have posted here to create that user and give him/her access to the directory to be mounted, don’t worry, there is a link back here at the bottom of that page !
So, now that you have created that user account on the remote system, let’s get down to business
You will need 2 peices of software, or 3 if you would like to use private/public key authentication
For the following software, look on their websites for the latest installers for your version of Windows (Usually you are looking for the msi of the 64bit version of windows)
1- WinFsp, short for Windows File System Proxy, What this basically does is enabled the developer of SSHFS-Win to make it look like a windows drive, not some separate SFTP application where you have to move the files manually, when you present it as a drive, you can modify files directly on it, which is the main advantage, and it will do the work in the background, it is a driver that presents itself on/to windows as a disk, while cheating the disk contents from another application, the github page for it is at https://github.com/winfsp/winfsp, or to save you time, Just go directly to the download page here https://github.com/winfsp/winfsp/releases/tag/v1.11 , When presented with optional components, if you are not a developer, you will only ever need the Core package, which is the installer’s default
Once WinFsp is installed, we are done with the part that allows us to display file systems that are not really filesystems, the next step is to have something feed that with data from an actual filesystem somewhere else ! via SFTP, and that software would be
2- SSHFS-Win, which is the system that sits in the middle, between the SFTP server, and WinFsp which is an illusion of a hard drive on your windows machine ! it’s home on github is at https://github.com/winfsp/sshfs-win, To get the latest from this one, go here https://github.com/winfsp/sshfs-win/releases and look for the one that says latest (Not pre-release), download and install it
There is no software to install on the remote side, as most Linux systems already have the functionality ! and you have already setup a user in the previous post that I pointed you to a minute ago, So let us mount !
Now, you can (But don’t do it just yet) open file explorer in Windows, right click “This PC”, and click on Map Network Drive, A dialogue appears, enter your connection string, which should be something like
You should then be prompted with a password dialogue box, you enter the SFTP password, and you should now be all set, but why are we not doing this right now ? we are not doing this because when you create files in that drive, they will remotely have rwx permissions for owner, and no permissions for group or others, wo work around this, you need to pass the following arguments to the mount
which is only available via command line and does not survive reboots, a better alternative is to use sshfs-win-manager, which seamlessly mounts those remote file systems using SFTP , the long and short of it is that it just works
Another program that has a different set of permission issues (I can write files, but can’t write to them again even though i own the files on the remote system and the permissions should allow) is SiriKali (https://github.com/mhogomchungu/sirikali), you should be able to find the line to download for your platform here (https://mhogomchungu.github.io/sirikali/)
SiriKali also allows you to use other types of authentication which are beyond the scope of this post
So in SiriKali, you need to fill the above information, luckily that information is loaded by default.
Remember to select the checkboxes you need,
One problem i face when developing using Hyper-v is that I need static addresses, and the default switch keeps changing the ip range
The simplest solution to this is to create a new switch of type internal ! this only connects the virtual machines to each other (Static IP etc…), and can not access the internet
Right after creating an INTERNAL switch in the switch manager, you go to “Manage network adapter settings” on the host computer, and assign an IP such as 10.10.20.1 to the adapter and a subnet of 255.255.255.0, no gateway, and nothing but those IPs.
Once that is done, you add a second adapter to all the virtual machines, and in the /etc/network/interfaces file, you leave eth0 the way it was (For internet) and add a metric 10 under the last line for eth0, then add the following stanza for the new adapter (Assuming eth1), eth 1 has a higher cost in it’s metric, so unless the remote is on the eth1 subnet, it will go through the eth0
auto eth1 iface eth1 inet static address 10.10.20.41/24 metric 100
And you are done, those virtual machines can address each other with their 10.10.20.x addresses, and access the outside world via the other network interface.
This tutorial is done on a debian 11 system… it should work for wildcard (For all subdomains under a domain), but also for subdomains or the primary domain, obviously, all you need to do is replace the * which denotes wildcard with the subdomain of your choice, so *.qworqs.com is wildcard, yazeed.qworqs.com is a subdomain 😉 so let us get started
Let’s encrypt has certainly revolutionized the world of SSL certificates (By making them free), but when it comes to wildcard certificates, let’s encrypt will require more than just generating the certificate, it will require a system that automatically alters DNS at your registrar, and differs from registrar to registrar.
So while I am developing, and need a wildcard SSL, I can simply generate a self signed wildcard security certificate, and teach my browser to accept it, and that is that, so here is how to generate that certificate !
So let us get started, first let us create a public and private key in one go, and a folder to store them !
cd /etc/ssl sudo mkdir qworqs.com sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/qworqs.com/wildcard-ss.key -out /etc/ssl/qworqs.com/wildcard-ss.crt
I will personally skip selecting a strong Diffie-Hellman group… this file though goes somewhere else in the nginx directory, and can be generated like the following, but again, I don’t need it atm.
sudo openssl dhparam -out /etc/nginx/dhparam.pem 4096
Now you are done with creating everything you need, the next step is to install them into your nginx configuration
So all you need is to add the following 2 lines into your server section within the website config file 😉
ssl_certificate /etc/ssl/qworqs.com/wildcard-ss.crt; ssl_certificate_key /etc/ssl/qworqs.com/wildcard-ss.key;
Now all you need is to restart nginx, and you should get a warning in your browser, I accept the warning, then make it permanent in firefox from the settings
Settings -> Privacy & Security -> Security -> Certificates -> View Certificates... -> Servers Then switch it from temporary to permanent
And that’s that
Every company has it’s own procedures, and sometimes it’s own standard for the following documents, but this is the most common, the order is loosely relevant to prerequisites and chronological order
I have put them down in a table to simplify
In this document, a client refers to a party that receives the code, (any of the steakholders), Implementation lead and developer refer to the programmers, system analyst refers to a system analyst.
|Document description||Who writes it||Who is it written for|
|SOW||Statement of work||Project management, Chief Information Officer, third-party contractor, So from the developers perspective, any client such as the above||Implementation Lead|
|MRD||Marketing requirements document||Marketing department||All steakholders including Implementation lead|
|The user requirements document|
User requirements specification
This document is basically the client outlining the features the developers are to implement
|Project management with help from system analysts (Clients)||Implementation lead and any relevant stakeholders|
|SRS||A software requirements specification sheet|
A description of a software system to be developed, laying out functional and non-functional requirements- or features
This document bridges the gap between user/client and developer
Also serves as an agreement
|Business Analyst, System Analyst, and developers|
|TRD||Technical requirements document|
Written by the developers based on the requirement documents submitted by the client, this is an extensive document that connects functionality, features, and purpose together, creating this document is a very lengthy process and it requires “Technical writing skills” as it is meant to convey the whole system to non technical steakholders.
|FSD||Functional specification document|
|FRD||Functional Requirements Document|
|PRD||Product requirements document.|
This document communicates the capabilities the product will need.
|SRD||Software Requirements Document|
written statement of what the software will do or should do.
|FRS||Far more detailed than an SRS||Implementation lead or System Analyst.|
|Product backlog||It is the prioritized list of task-level details needed to execute the strategic plan outlined in the product roadmap.|
|Sprint Backlog||Drawn from the product backlog, this is the list of cross-functional team plans to work on in the next sprint.|
A user’s manual (Not for the developers)