Instagram Since Last Time

Instagram Since Last Time
Our baby lake is getting brighter all the time—now hosting pelicans!#urbanwildlife #greisbach #birds
Instagram Since Last Time
Community daycare. 4 adults, 50+ goslings.
Instagram Since Last Time
Doing laundry. A cat’s work is never done.
Instagram Since Last Time
Spring migration. I had to stand In front of a sewer grate because one little one wouldn’t hop the curb.
Instagram Since Last Time
How do I know I might have a fungus gnat issue and where I might find the source?
Instagram Since Last Time
I was going to do a cool time lapse of my #sourdough rising in the oven but the camera just couldn’t see it. So here’s me doing the dishes instead
Instagram Since Last Time
Exciting day: the Sandhills cranes are flying overhead and our compost bins arrived. First pickup isn’t until mid May but we’ve already stored up our first bag!#compost #birdwatching #springmigration

900: My Library in 2021

I own 863 books. Well I might own a few more here and there (books that I have worked on  but not necessarily “read” etc.) but my main library — of mostly SF/Fantasy — consists of 863 titles. It took me almost 40 years to accumulate those.

Yes, I have a spreadsheet. I also haven’t bought a new book in 10 years…for certain definitions of “book.”

Ebooks

On the other hand, today I bought my 900th ebook.

For Xmas in December 2009, L bought me my first ereader—a Sony Reader PRS-600 (read about it here). I was suspicious but willing to give it a chance. On January 1, 2010 I bought my first ebook: March to the Stars by David Weber and John Ringo from Baen for $5 usd (the same book is now $6.99). I chose a Baen book (and generally still do) because of their non-drm policy.

So, since 2010, I have accumulated more ebooks in ~10 years than I did in the preceding 45. That says something about me, but I am not sure exactly what 🙂

Number 900?

I decided on Steven Brust’s The Baron of Magister Valley —a very under-marketed book published last year that I didn’t realize even existed until very recently. I have been trying very, very hard not to acquire any new books in order to get my To-Read pile down. I can happily announce that, other than a pile of “backup book” (classics and freebies that I have in case of emergency but don’t really intend to read unless I have to), I was down to 3. Woohoo!

So I went on a buying spree: A Desolation Called Peace by Arkady Martine, Martha Wells’ Fugitive Telemetry —number 6 of awesome The Murderbot Diaries and The Assassins of Thasalon (Penric & Desdemona) from Lois McMaster Bujold. Which brought my  ebook count to 899.

 

Well, what’s a fella to do? Buy another book of course. Despite it costing $14.99. Seriously? Fifteen bucks?

Whatever.

But it’s done. And now happy reading!

NGINX Proxy Manager

 

What’s it all about?

My home server was just revolutionized! I’ve run several websites on my home network for years for testing purposes. Recently I was doing some work for hire and I needed to open them up to the wider internet. In the past I would just open up a bunch of port forwards and be happy.

Port forwarding: generally web traffic travels though various devices on a port 80 (http) or port 443 (https). You can open up other ports on your router and forward them to specific devices e.g.  external traffic sent to http:macblaze.ca:8083  —> internal route 192.168.1.250:80

This results in opening a bunch of ports on your router (insecure) and having to give clients and others oddlooking urls like macblaze.ca:8083. 

And recently Shaw has upgraded their routers to use a fancy fancy web interface that actually removes functionality in the name of making things easier. So my linux server, which had a virtual NIC (network interface card) with a separate IP, didn’t show up on their management site and I was unable to forward any external traffic to it.

But up until this week it was a c’est la vie sort of thing as I struggled to try and figure out how to get the virtual NIC to appear on the network. And then I saw this video about self hosting that talked about setting up a reverse proxy server.

NGINX Proxy Manager

Find it here: nginxproxymanager.com

Turns out this was what I was supposed to be doing all along. A reverse proxy senses incoming traffic and routes it not via the port but by the dns name. So now that I have it set up I can just add a CNAME to my dns setup like testserver.myserver.com and it will send it to my home IP on the normal port 80. My router lets it through, passes it to the proxy server which then parses the name and then sends it on to the proper machine/service. So then whenever I set up a new project I can go and add testserver2.myserver.com and the proxy server will send it to where it belongs on my internal setup.

So cool.

My Set Up

I used to have some ports going to my Mac mini server and some ports to my Linux machine. Now all traffic is directed to the linux box. It runs NGINX Proxy Manager (NPM) on a Docker container and receives traffic on port 80. I moved the two websites hosted on that box to ports 8090 and NPM now sorts them based on the various CNAMEs I added to my hosting.

CNAMEs

CNAMEs are canonical names — akin to forwarding in a weird way. www.macblaze.ca is a CNAME for macblaze.ca. So if for some reason the IP address changes for macblaze.ca then www.macblaze.ca will still go to the right place. If I set up a domain myserver.com which points to the IP that is assigned to our house by our ISP (Shaw, Telus etc.) I can then set up the CNAME testserver.myserver.com which will be handled internally. If our IP ever changes (which it used to do quite often) now I only have to change the one record and all the CNAMES will still work.

Docker

Docker is a virtualized container system. I haven’t a lot of experience with it but this iteration of the NGINX proxy is a GUI based  implementation of the command line version and the developer decided to set it up as container (sort of a mini virtual computer) so he could easily roll out updates as necessary.  So my poor old Linux box is now running virtualized software on top of being a web server and a linux sandbox. Not bad for something from 2009. I will start playing a bit more with docker because it allows you to build a container and implement it with all sorts of things without affecting the main machine and, best of all, be able to throw out any changes and start again. we will see if the  old PC is up to it or not.

I  also installed docker-compose in order for Docker to run “headless” in the background.

Here’s a good video on the process:

 

The Process

Docker

(From the video)

Update the Linux system:
sudo apt update
sudo apt upgrade
sudo apt install docker.io

Start
sudo systemctl start docker
sudo systemctl enable docker
sudo systemctl status docker

Check to see if its working by checking the version: docker -v

Then test by installing a test container:
sudo docker run hello-world

Docker-Compose

sudo apt install docker-compose

To verify: docker-compose version

Then check permissions:
docker container ls
If you are  denied:
sudo groupadd docker
sudo gpasswd -a ${USER} docker
su - $USER

NGINX Reverse Proxy

Make a directory (make sure you have permissions on it)

  • sudo mkdir nginx_proxy_manager

I had to change permissions. Then create a file in the directory:

nano docker-compose.yaml

Copy the setup text from https://nginxproxymanager.com/guide/#quick-setup and change passwords

  • Be sure to change the passwords

Then compose:
docker-compose up -d

This grabs the specified docker containers, sets up the program and database and creates the virtual machine that is running the NGINX Reverse Proxy server.

You should be able to access the GUI at [http://127.0.0.1:81]

Set up

At this point it is a simple matter of adding a proxy host. Be sure to take advantage of the free SSL offered through Let’s Encrypt ( a non profit Certificate Authority).

  1. click add proxy host
  2. Add domain name (the CNAME), IP to forward it to and the port
  3. Go to SSL tab
  4. Select “Request a New Certificate” from the dropdown
  5. Select Force SSL (this will auto forward all http requests to https), agree tot eh terms and add a contact email

You should be good to go. Go ahead and add as many proxies as you have CNAMEs and servers.

Remember

And remember to close down all the ports on your router if you’d been like me and opened a bunch. Now you should only need 80 (http) and 443 (https).

Like I said—it’s been life changing for organizing my environment.

Instagram Since Last Time

Instagram Since Last Time
There. After almost 2 years, a perfectly hand-sliced loaf of bread. I’ll probably never be able to do it again. Brought to you by “Even More COVID-driven Inane Content R Us.”#bakewithjack #crackedwheat #freshbread
Instagram Since Last Time
Walking in a winter wonder… what?!?
Instagram Since Last Time
A few weeks ago I almost killed my starter with neglect, which allowed some mold to set in. Best thing that could have happened because it forced me to give it some love. #sourdough #bakewithjack
Instagram Since Last Time
One more with glaze!
Instagram Since Last Time
No hot cross buns in the shelf? #bakewithjack to the rescue. But I just made a very poor supper decision ? #hotcrossbuns #breadforsupper #thatglazeisdelicious #yeg #baking

Tweet not…

As I haven’t been posting a lot of interesting content over the last few years and since I have been automatically  uploading my tweets on a weekly basis, it has kind of made the blog look kinda unappealing. So I decided to block all the Tweeting reposts from the main feed. You can still find them all here: https://macblaze.ca/?cat=9  or in the menu under Categories and they will continue to accumulate in the background.

Hopefully the blog will now look a little bit more like a blog.

Here’s a cat pic to seal the deal.

Why?

Mostly because I don’t like other entities controlling my content. So I repost all my twitter and instagram posts on my own server. At some point I intend to do the same thing for Facebook but it isn’t as easy do to their security etc. I do however download all my content from Facebook and store a copy in my own archives. Paranoid? No, but I do like to be in control 🙂

Some great writing…not.

A “scientific” journal.

High Quality & Rigorous Review Process
The peer-review process of articles is never compromising and the quality is undoubtedly of high standards. The journal imbibes a thorough, neat and clean peer review process by very eminent and world’s leading scientific experts, thereby flushing out the cognizance paucity and empowering access to relevant information timely, about the upcoming and ever-changing developmental process. The journal is primarily based on values centered on loyalty, commitment, scientific accuracy, and ethics. Our rigorous review process accomplishes our core aspiration to give just right and accurate information to the global citizens.

—https://www.scivisionpub.com/why-scivision-publishers

Sigh.

Instagram Since Last Time

Instagram Since Last Time
Signs of spring!
Instagram Since Last Time
I haven’t been able to decide whether to move the glass studio to the basement. As a result it’s become a ‘pile’ rather than a workbench. And of course no glass is getting produced. But it’s warming up and I could move back to the garage in a few months. Decisions-decisions!
Instagram Since Last Time
Homemade chicken soup stock and fresh buns. My 20-year-old self is wonder who the hell I’ve turned into!?
Instagram Since Last Time
Proofreading is “easier” with a little help…
Instagram Since Last Time
The hardest part of making a no knead loaf is deciding what to eat with it. #nokneadbread

Gmail and Filters

Further to my previous post about Apple Mail Issue I have been having issues on my new mac with threading conversations. Normally this isn’t much of an issue but I subscribe to the Standard Ebooks Google Group because that is what they use to track projects and keeping the various projects grouped together is pretty important.

Normally what one does is create a rule on the server (iCloud, your webmail etc.) and the  server will automatically sort the mail before it gets to your desktop or phone. For example I have all mu linked in emails go straight into a LinkedIn folder or anything related to ebooks purchased routed to an Ebook folder. This means they don’t bing my phone and aren’t sitting in my inbox and I can check them later at my leisure. But for some reason Google had to be different. For the longest time I had the rule on my laptop which was always on and it would sort the gmail emails and then synch that back up to the cloud—a bit of a hack but I couldn’t be bother to try and figure out what Gmail was doing. But the new mini  goes into a deeper sleep and doesn’t sort—so I decided to figure out the actual correct solution.

I will save all my the swearing at Google. Suffice it to say that against all conventions, Gmail does not use simple folders but has this weird-assed system of labels and a given email can exist in the inbox and in the label at the same time—which is exactly what I didn’t want.

To Fix it

Go to mail.google.com and sign in to you account

Go to  Settings (the gear in the upper left)

Click See all settings

Go to/Click Labels

Click Create new label
be sure (show in IMAP) is checked

Then go to Filters and blocked addresses

Click Create a new filter

Add your criteria. I wanted all emails from standardebooks@googlegroups.com to move to a new folder so I selected From: and entered that address; but I could have selected Subject: etc. to filter by whatever made sense…

Click Create filter

Check Skip the Inbox (Archive it)
and
Check Apply the label: Whatever you chose in the step above

Then Click Create Filter

This will “archive the email — basically removing it from the inbox without marking it as read — and then label it with which ever “folder” you want it to appear in. Then by the time you desktop or phone synchs with the server the email will be moved and not appear in your inbox.

SOOO convoluted. As an aside I find most of what Google apps (gmail, sheets, etc.) do is to make a simple thing more complicated rather than a complicated thing more simple. But then again I prefer a computer does what I tell it to rather than what some anonymous programmer decides is simplest, so maybe it’s just me.

Update to Apple Mail Issue

In Apple Mail Issue I had talked about sorting conversations and threading correctly and frankly rebuilding the mailboxes only worked for a while. Now I have deleted the gmail account entirely and added it back as an IMAP account rather than using Apple & Google’s “secure method.” This entails changing the security setting to allow “less secure apps” and manually adding the IMAP account. So far so good, but we will have to wait and see if this works any better.

Apple Mail Issue

For future reference…

I was having an issue in which emails in a thread were not displaying the correct contents. This was happening primarily with my gmail IMAP account from the Standards Ebook mailing list which made it particularly frustrating.

I tried deleting and or rebuilding the mailboxes and even deleted the whole gmail mailbox (~/Library/Mail/v7/AFD4138D-113E-4798-BA9B-A928C0A9EC44/) all to no avail.

Finally I came across this Mail shows wrong message body (finding the right term to Google makes it so much easier…)

The Solution:

  • Quit mail.
  • Go to ~/Library/Mail/v7/MailData/
  • Delete
    Envelope Index
    ExternalUpdates.storedata
    and any variants
  • Restart Mail and let it rebuild (this will take some time).

So far this seems to be working…