Montville via Phantom 4

Enjoy the spectacular scenery of the Sunshine Coast Hinterland.

Posted in Drone | Leave a comment

Super Moon

While I was dropping my mother at the airport tonight, I thought I’d try to get a nice shot of the “super moon”. I wasn’t too disappointed with this result!

It’s hard to convey just how bright the moon is. I processed this shot so the detail stands out, but in real life it’s a glowing white ball.

Supermoon

Posted in Photography | Tagged | Leave a comment

Another drone video on the Brisbane River

I tried to do some colour grading here. The range is spot on now, but I think I could increase the saturation a bit. Next time.

Posted in Drone | Leave a comment

LXD on Linode servers

I was recently trying to get LXD working on my Linode server, but was getting this error:

$ lxc launch ubuntu:16.04 wordpress       
Creating wordpress
Starting wordpress
error: Error calling 'lxd forkstart wordpress /var/lib/lxd/containers /var/log/lxd/wordpress/lxc.conf': err='exit status 1'
  lxc 20161010203338.247 ERROR lxc_seccomp - seccomp.c:get_new_ctx:224 - Seccomp error -17 (File exists) adding arch: 2
  lxc 20161010203338.247 ERROR lxc_start - start.c:lxc_init:430 - failed loading seccomp policy
  lxc 20161010203338.247 ERROR lxc_start - start.c:__lxc_start:1313 - failed to initialize the container

The fantastic Stéphane Graber helped me to work out that the default Linode kernel doesn’t have the right bits compiled into it, and I should be using an Ubuntu kernel instead.

So, following the guide at https://www.linode.com/docs/tools-reference/custom-kernels-distros/run-a-distribution-supplied-kernel-with-kvm to upgrade my kernel, it now works.

Posted in tech | Leave a comment

Brisbane River Drone Flight

My second drone video! A bit longer, and has a special appearance by my dog at the end.

Posted in Drone, tech | Tagged | Leave a comment

Droning on!

I went and bought myself a DJI Phantom 4. Holy crap, I’m impressed. 12MP images and 4k video. Not to mention all the other bells and whistles like collision avoidance, auto return to home and when you put it in speed mode, it does 70km/h!

Here’s the first of a couple of videos I put together for it:

Posted in Drone, tech | Tagged | 2 Comments

Webex using Ubuntu LXD containers

If you read my previous post WebEx in Ubuntu LXC containers you’ll have learned how to get Cisco’s Webex running on Ubuntu in a 12.04 container.

I figured it was time to work out how to get it running in the newer LXD containers available in 16.04, here’s how I did it.

Install LXD

apt-get install lxd
sudo lxd init

When it asks you about networking, use the existing lxcbr0 bridge, do not let it use a new bridge as by default it will create lxdbr0. We need to stay on lxcbr0 so that networking continues to work in the old containers.

Create the LXD container

lxd init ubuntu:precise webex

This will download a new 12.04 template if you don’t already have one, it will take a while depending on your Internet connection.

Cheat by copying the old rootfs

I’m not going to rebuild my rootfs from scratch, the old one is perfectly usable! So as root, we can copy it from the old LXC area:

cp -rp /var/lib/lxc/webex/rootfs /var/lib/lxd/containers/webex/

Configure the container

The old container rootfs was a privileged container so we need to do the same on this LXD copy:

lxd config set webex security.privileged true

To make the sound device available you need to set up the sound device in the container. Here I am adding all the devices under /dev/snd/ on my own host, note that yours may differ so edit the commands accordingly:

lxc config device add webex /dev/snd/controlC0 unix-char path=/dev/snd/controlC0
lxc config device add webex /dev/snd/hwC0D0 unix-char path=/dev/snd/hwC0D0
lxc config device add webex /dev/snd/hwC0D3 unix-char path=/dev/snd/hwC0D3
lxc config device add webex /dev/snd/pcmC0D0p unix-char path=/dev/snd/pcmC0D0p
lxc config device add webex /dev/snd/pcmC0D3p unix-char path=/dev/snd/pcmC0D3p
lxc config device add webex /dev/snd/seq unix-char path=/dev/snd/seq
lxc config device add webex /dev/snd/timer unix-char path=/dev/snd/timer

You may remember I was using ssh X forwarding in the old container. We don’t need to do that any more as we can get direct access to the video from the container by using this config:

lxc config device add webex /dev/dri/card0 unix-char path=/dev/dri/card0
lxc config device add webex /dev/dri/controlD64 unix-char path=/dev/dri/controlD64
lxc config device add webex /dev/dri/renderD128 unix-char path=/dev/dri/renderD128
lxc config device add webex /dev/dri/fb0 unix-char path=/dev/fb0
lxc config device add webex /dev/video0 unix-char path=/dev/video0
lxc config device add webex X11 disk source=/tmp/.X11-unix path=/tmp/.X11-unix

Again your devices under /dev/dri may differ a little to mine, change accordingly.

Now, start the container and start a bash shell in it:

lxc start webex
lxc exec webex bash

You’ll now have a root prompt in the container. You can test that sound is working by doing something like:

sudo -u ubuntu aplay /usr/share/sounds/alsa/Front_Center.wav

In root’s home we need to make a script to start firefox for us, it looks like this:

root@webex:~# cat webex.sh  
#!/bin/bash 
DISPLAY=:0 su -c firefox - ubuntu

Make sure to chmod +x webex.sh

Now, all things being good, you can do this to launch Firefox:

lxc exec webex ./webex.sh

Launch Webex as you normally would and verify that it works. If it’s OK, you can remove the old SSH service as it’s not needed any more.

apt-get remove openssh-server

In my next post, I’ll explain how to convert the configuration into a more handy LXD profile that you can use for any container.

Posted in tech | 5 Comments

On Successful Teams …

To build a successful team, you need several facets all working in harmony.

Self-motivation and desire

Successful teams consist of people who are self-motivated and have an innate desire to succeed.

Communication

It’s a cliché but good communication is essential. The team must be open, transparent and share details of its members’ work. Keeping secrets fosters mistrust.

Proactive

Good teams spend less time responding to external events and more time being proactive about making sure they are in control.

Adaptation and resilience

A good team is adaptive and resilient to change. A good team will be prepared to throw away work if it means a more successful outcome by doing something differently.

Decision making

Everyone should know how and by whom decisions are made.

Mutual support

Mutually supportive team members create something that is larger than the sum of their parts. They will be prepared to help each other at any time.

Reliability and predictability

If you are both reliable and predictable, you will succeed. This means not only delivering on time, but reliable to each other in the team.

Posted in tech | Leave a comment

Self-treating Lyme Disease with ozone

Like many people with chronic Lyme Disease, I’ve struggled to get on top of treating it since it’s a very persistent infection. Antibiotics would work to keep the symptoms at bay for a while and then the inevitable resistance came and the symptoms came back.

hocatt

Hocatt Sauna

Late last year I discovered how effective ozone treatment is as a replacement for antibiotics. I initially treated intravenously at a local clinic, where blood is removed and infused with ozone and then replaced. This was amazingly effective! I then then followed this up at the same clinic with some sessions in a Hocatt sauna.

The Hocatt was equally as effective for me as the intravenous delivery. The problem though is that this is a very expensive piece of equipment and naturally the clinic charges a commensurate amount of money to use it.

DIY Time!

Because of the expense, I set about recreating my own ozone treatment. It turns out to be reasonably simple and very effective indeed for me. Please note that this is not general medical advice and it may not work for you, I am just explaining what worked for me.

So here’s my kit:

  • One ozone generator
  • One portable steam sauna tent

That’s literally it. The Ozone machine was AUD $130 and the steam tent was AUD $80 or so, both bought from eBay. This is what it looks like ready to go.

tent+all

The ozone machine is bottom left of the picture and the steam generator is bottom right.

 

 

 

 

 

 

I put a fold-up camping chair inside the tent to sit on.tent+chair

You can see the steam outlet on the floor at the back.

 

 

 

 

 

ozoneClose up of the ozone machine. The cylindrical object is an air dryer which makes the machine more effective at generating ozone. This one makes 500mg an hour.

 

 

 

 

 

ozone-feed

I feed the tubing from the ozone generator into the tent via the zip holes meant for hands at the front.

 

 

 

 

 

steam

And here’s the boiler that generates the steam. It feeds steam via the tube at the side.

 

 

 

 

 

How to use it

The boiler takes about ten minutes to get hot enough to make steam, so set it off and at the same time zip up the tent and start off the ozone generator — I program it for 40 minutes, allowing a ten minute “pre-fill” period and 30 minutes of sauna time for me.

As soon as you hear the boiler boiling, unzip the tent and get in quickly to avoid letting out the ozone gas. It will be a bit smelly, try not to breathe it in, it will irritate your lungs if you breathe too much of it in.

Wrap a towel around your neck and zip up the tent with your head stuck out the top, sealing off your neck as much as you can. OK, now relax for 30 minutes!

Warnings

  • Really, try not to breathe in the ozone, it will damage your lungs.
  • Put the sauna tent OUTSIDE, you don’t want ozone indoors.
  • You need to be able to stand a bit of heat for this to be really effective. If you feel too hot, get out, or open the hand/arm zips to let some heat out.
  • If you feel faint, get out immediately. Your blood pressure might be too low to stand the heat. If you have a BP monitor, do use it!

What to expect

The first few times you do this, you’ll feel pretty whacked, it’s quite intense. For that reason, it’s a good idea to build up to the 30 minutes over a few sessions, or even leave out the steam initially. The last 10 minutes of the 30 are the toughest, but they are also the most effective, so try to get there gently.

I usually get a herx from this between 1-4 hours after getting out. I do not get in and do another session until 2 days after my previous herx has stopped.

Good luck!

 

Posted in Lyme | Tagged | 3 Comments

Yubikey as Google Authenticator on Ubuntu

Second factor authentication (2FA) is a fact of life these days for serious security. Many sites accept and use Google Authenticator which uses a time-based code on your phone that changes every 30 seconds.

A Yubikey as shown is also another 2FA device that is able to work as a USB HID (it appears as a keyboard) and can send one-time codes when the button is pressed, which is loads more convenient than opening up an app on your phone.

yubikeyBecause it doesn’t have a clock, however, it might not seem apparent how you can use it as a Google Authenticator replacement, but there is a way!

Yubico has a few tools that you can use to program the key. On Ubuntu you can grab them by installing the yubikey-personalization package:

sudo apt-get install yubikey-personalization

You will also need a Python script that handles a few things that you need to interact with the Yubikey:

wget https://raw.github.com/xaviershay/yubi-goog/master/yubi_goog.py

Finally, you will need the Google Authenticator secret key. It’s not easy to get this from an existing configured Google Authenticator but if you are using it for SSH it may be on your SSH host in first line of the $HOME/.google_authenticator file. If not, you need to talk to your admin.

OK¸ now you can program your Yubikey. The Yubikey has got two slots for configuration. I put mine in slot 2 but you can use slot 1 as required.

ykpersonalize -2 -o chal-resp -o chal-hmac -o hmac-lt64 -a $(./yubi_goog.py --convert-secret | cat) -y

This will prompt you for the Google Authenticator secret (Change the -1 to a -2 if you want to use slot 2). Now, you are ready to generate the 6-digit codes that Google Authenticator uses.

As I said above, the codes are time-based but the Yubikey doesn’t have a clock so you need to use the yubi_goog.py script to send the right challenge to the key, which will respond with the code:

./yubi_goog.py --yubi-no-sudo

If you used slot 1 instead of slot 2 you’ll need to change the hard-coded slot around line 103 of yubi_goog.py where it constructs the ykchalresp command.

So this is nice but we can make it more convenient by using a global shortcut. I use KDE as my desktop environment but you should be able to adapt this to other desktops.

There may be a better way of sending keystrokes to the focused window in KDE than this, but I am using a program called xte that you  can find in the xautomation package:

sudo apt-get install xautomation

Now, open up your system settings and go into the Workspace/Shortcuts section. Then click on the “Custom Shortcuts”. (This may be under Common Appearance and Behaviour/Shortcuts and Gestures if you’re using an old version of KDE like the one on Trusty 14.04).

Then click the Edit drop down and further select the New → Global Shortcut → Command/URL. This will give you a new shortcut called New Action by default (you can click on that and rename it) which has three tabs on the right, Comment / Trigger / Action.

Under Trigger you can assign a global shortcut. I am using Ctrl-Alt-Y (Y for Yubikey).

Under Action you need to paste some code in the Command/URL text box. Assuming you put yubi_goog.py in /usr/local/bin:

echo str $(/usr/local/bin/yubi_goog.py --yubi-no-sudo) | xte; echo key Return | xte

What this will do now is when you press Ctrl-Alt-Y, it generates a code and passes it to xte along with a Return keypress. xte sends the provided input to the currently focused window.

config.png

Much quicker than opening up the Google Authenticator app every time!

(PS If someone tells me how to do this on Ubuntu desktop I’ll add the instructions here)

Posted in tech | Leave a comment