icinga logo

Icinga2 email via ssmtp

I have been playing around with Icinga2 for some monitoring at home. I wanted to monitor a few of my external services. Since my email is one (or the primary) of them I needed alert notifications to be sent via something else. So I setup ssmtp and have email sent through a gmail account.

Make sure to enable the account to be accessible by less secure methods for this to work. If anyone comes across a way to not have to enable that, please let me know. Continue reading


Reinstalling another hosts packages on a new host with pkg

A while back I had to reinstall my Raspberry Pi 2 due to a faulty SD card. I decided to try something with pkg and it worked well so I wanted to share it here.

I copied my pkg database from the old SD card and then ran pkg upgrade -f which worked exactly how I hoped, and installed all the packages that I had previously had installed.

I did have to change the url in my /usr/local/etc/pkg/repos/FreeBSD.conf to url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest", from quarterly as FreeBSD:11:armv6/quarterly/ was not populated at the time. (it is now, just making a note of it)

This was all done on FreeBSD 11.0-RC1 #0 r303979: Fri Aug 12 17:12:13 UTC 2016 root@releng2.nyi.freebsd.org:/usr/obj/arm.armv6/usr/src/sys/RPI2 arm.


Thinkpad X220

I got myself a new (used) laptop the other day.
As there was some conflicting information regarding the compatibility with FreeBSD I just wanted to get this out there into the search engines.

I haven’t had time to play around with it too much but installing FreeBSD 10.2-RELEASE (actually PCBSD 10.2) most things seem to work out of the box. Wifi, graphics, sound, touchpad, webcam and sleep.

There are a still couple of things that I will have to look into, such as suspend to disk and two finger scroll.

Edit-20160229: Updated title to reflect the correct model (X220)

Dmesg below. Continue reading


Log remote hosts to a separate log with syslog in FreeBSD

In FreeBSD you can easily let remote hosts log to your system without installing any third party applications. When doing so you might want to separate your remote hosts logs from the local hosts logs which is also easy to do.

Add this to the bottom of your /etc/syslog.conf on the host accepting the logs:
*.* /path/to/remote-host.log

The trick is @ which is a handy short for the local hostname, so by negating it like above you get the separation you want.

Works on FreeBSD11.0-Current, check man syslog.conf(5) if this doesn’t work for you.


SHA512 hashes in OS X

While messing about with my new Raspberry Pi the other day, I realized I didn’t know how to generate SHA512 hashes on my Mac to validate the integrity of my FreeBSD images.

As suspected it’s not that much more work than what I’m used to on FreeBSD (just “sha512 file“).

In OS X just run
shasum -a 512 file
and it gives you the hash of the file.

I’ll just leave this here as a note for the next time when I forget this in the future.

I validated that the shasum perl wrapper exists on both OS X El Capitan (10.11.1) and OS X Yosemite (10.10.5), still YMMV.


Favourite command of the day – kodi-send

This is an update of a post I wrote a couple of years ago about triggering an update of OpenELECs media library since the XBMC project has since changed its name to Kodi.

For the videos now use:
OpenELEC:~ # kodi-send --action="KODI.updatelibrary(video)"

Also worth noting is that nowadays root seems to be the default login.


Accessing the OS X clipbord in VIM

I’m a vi kind of guy and uses various flavors of it a lot. One thing that took me all too long before I got around to set up was proper access to the OS X clipboard from vim.

There are all kinds of howtos on this out there, so I will just cut to the chase but one thing to point out is that depending on compile options you might have good access to the clipboard already. One way to check is by running :echo has('clipboard') in vim. If it returns 0, you don’t have it compiled with the clipboard. This is the case for the all the vim’s I have checked that ships with OS X. If yours is different please leave a comment with some details about OS X and vim versions.

In your .vimrc add the following lines
" paste on new line (after current) from OS X clipboard
map pbp o<Esc>:.!pbpaste<CR><CR>

" copy visual selection to OS X clipboard
vmap pbc :w !pbcopy<CR>

It’s probably obvious to anyone who has used vi what these lines do, but they map pbp to run the external commands pbpaste (paste from OS X clipboard) and the visual selection alias pbc to run pbcopy.

Pbpaste and pbcopy are available by default as a part of OS X.


Removing widgets in OS X

I was in a cleaning mood the other day and while scanning through my hard drive I saw a ton of files that I realized belonged to old Dashboard widgets that I no longer use.

Scrollback was gone along with the path and surprisingly there is no “remove widget” feature available in Dashboard, only one to get more of them.

So for future reference, widgets get installed either in /Library/Widgets or in ~/Library/Widgets. (~ is the unix shorthand for the current users home directory, so in my case /Users/henrik)

Removing just six old widgets I got rid of 9772 files occupying 76MB in total so in my opinion it was well worth the few seconds it took me to delete them, YMMV though.


A dashboard for digging through break-in attempts

While I have been between jobs lately (no, not that kind. The good kind where I have been fortunate to get some time to relocate etcetera) I have been hacking a bit on something to visualize and dig through the data of failed login attempts of a blog I run. I send all login attempts that does not come over SSL to a pseudo login page that just logs it, that is the kind of thing I do for fun -what do other people do?

So I have been collecting this data set and I was running some shell scripts on it, but I wanted a dashboard.
Boring story cut short I threw some Bootstrap, jqplot, PHP, a shell script for importing my log and a sqlite3 database at the wall and this is what stuck.

One of the nice things with using Bootstrap is that people are spared from my web design, and also that I get a responsive layout for free.

Lilith dashboard version 0.1

This is where it is at right now, this first version however just gave me a thousand more ideas of features I want to add to it in the future.

It has already given me some interesting insight into the patterns of the -presumedly- bots trying to log in, such as that 72% of the IPs only appear once and that Sunday is by far the most busy day. Another interesting pattern is that most login attempts keep coming in threes from different IPs at almost the same time trying the same combination(see the last section with the last 10 rows from the log).

I plan on making this available as open source, but there is some major cleanup needed first..

Sounds good? Let me know in the comments. I do like feedback, but please keep it above the belt!


Nagios on the Raspberry Pi

I have been playing around a bit with running Nagios on the Raspberry Pi for a while now and it works pretty well.

Even though I did the simplest kind of install of Nagios 3 with apt-get there was a couple of things that needed poking at to get external commands running.

Firs make sure that your webserver user is a member of the nagios group, and secondly change the group permissions lite below.

construct:/usr/lib/nagios/plugins# chmod g+w /var/lib/nagios3/rw

The above should be pretty self explanatory. I have no memory of actually adding the www-data user to the nagios group, but make sure that is done or the external commands wont work.

I’m currently monitoring 16 hosts – with a total of just about 30 checks which has to be seen as very little – and so far there has been no issues due to the Pies limitations.

Nagios circular map

Though it’s mostly just to test it still gives me some situational awareness which is always nice.