Auto mount network shares: autofs

Edited to make it work correctly

  • It wasn’t surviving reboots
  • I had given my mac a permanent IP for another reason so I decided to use that
  • I renamed the Calibre Library share to Calibre-Library in order to get rid of the pesky space/em>
  • I was also attempting to get Calibre-Web to run from a LaunchDaemon

Apparently there is a BSD utility called autofs that mounts network drives on demand. And with OS X’s unix underpinnings this means it works on your Mac.

This is revolutionary. If you’ve worked in a server environment or tried to store your iTunes or iPhoto library on an external drive you will know, things like network outages, reboots or even taking your laptop offsite will mean you have to reconnect, which while not arduous, is a bit annoying and often hard to explain to users.

In my case I run Calibre-Web on my mac-mini server but house the calibre db on my personal machine. Which means I resorted to writing a script to reconnect every time I rebooted something…which seemed to be be pretty often.

The code

Disclaimer: this is the code for my old mac mini which is stuck on High Sierra 10.13.6. I have read (see links below) that it works slightly differently for newer versions of OS X.

First off edit the auto_master file to insert the auto_smb line and comment out the /net line:

sudo nano /etc/auto_master

#
# Automounter master map
#
/mount auto_smb
+auto_master # Use directory service
#/net -hosts -nobrowse,hidefromfinder,nosuid
/home auto_home -nobrowse,hidefromfinder
/Network/Servers -fstab
/- -static


Then you will create the config file you specified above (auto_smb):

sudo nano /etc/auto_smb

The first bit is the location of the share. In this case I called it calibre and wanted it to mount in the volumes folder with all the the rest of the regular mounts.

Then you need to add the login information including your name and password and the network location. An IP will work just as well if you are using a static one.

Calibre-Library    -fstype=smbfs,rw ://username:password@192.168.1.20/Calibre-Library

Other Uses

At some point I am going to move L’s ever-growing music library to something like a NAS (network attached storage) and this will be a godsend if it works the way it has so far. Fingers crossed.

Sources

https://useyourloaf.com/blog/using-the-mac-os-x-automounter/

Automount network shares on Mac OS for use in iTunes

automount not working after macOS Catalina updates

Afterword

After all that, it doesn’t solve the problem I thought it would. When my mac hosting the calibre library goes down it send the python code in Calibre-Web into an unrecoverable tailspin. So even though the share comes back up it still needs a restart to make it happy again. So I am only halfway there.

The Enneagram Personality Test

Never heard of it before, but I gave it a shot…

Your primary type is

Seven.

98% MATCH
Type 7 is described as The Enthusiast. Sevens want to have as much fun and adventure as possible and are easily bored.

Nine

97% MATCH

Type 9 is also called The Peacemaker. Nines like to keep a low profile and let the people around them set the agenda.

https://www.truity.com/test/enneagram-personality-test

Sevens are defined by their desire to experience everything good and pleasurable that the world has to offer, while avoiding pain, boredom, and limitations. Although Sevens appear enthusiastic and fun-loving, deep down, they have a fear of getting stuck in negative emotions. Thus, they tend to disconnect from their deeper feelings, instead focusing on their imagination and zest for life to keep them moving forward and gathering new, pleasurable experiences.

Sevens aim to fill every minute with an activity. They approach life as an endless rollercoaster of fun, joyous experiences—and if not fun, at least not sad, bored, anxious, depressed or painful. Sevens use their charm, enthusiasm, imagination, and positive attitude to get as much enjoyment as possible out of every moment of life. Ideally, a Seven aspires to ride a continuous high, avoiding the drearier aspects of reality.

Super power:

Optimism. Your dedication to a glass-half-full mentality keeps you going when others might give up, and gives you the courage to try things that many might see as too risky. You genuinely believe that things usually work out for the best, and with your determination to make things go your way, this is often a self-fulfilling prophecy. You have a tendency to be optimistic even when things are dire, and sometimes this means that you gloss over the negative and are taken by surprise when problems arise. When it comes to important plans, be sure to take time to think about how things could go wrong, even if it feels unnatural and overly pessimistic. Once your due diligence is done, you can move forward with even more confidence that things will work out in your favor.

Two

61% MATCH
Type 2 can be described as The Giver. Twos want to be liked and find ways that they can be helpful to others so that they can be loved and belong.

Three

56% MATCH
Type 3 is also known as The Achiever. Threes want to be successful and admired by other people, and are very conscious of their public image.

Four

68% MATCH
Type 4 is known as The Individualist. Fours want to be unique and to live life authentically, and are highly attuned to their emotional experience.

Five

92% MATCH
Type 5 is described as The Investigator. Fives seek understanding and knowledge, and are more comfortable with data than people.

Six

48% MATCH
Type 6 is also known as The Skeptic. Sixes are preoccupied with security, seek safety, and like to be prepared for problems.

Seven

98% MATCH
Type 7 is described as The Enthusiast. Sevens want to have as much fun and adventure as possible and are easily bored.

Eight

63% MATCH
Type 8 is also known as The Challenger. Eights see themselves as strong and powerful and seek to stand up for what they believe in.

Nine

97% MATCH
Type 9 is also called The Peacemaker. Nines like to keep a low profile and let the people around them set the agenda.

One

43% MATCH
Type 1 can be thought of as The Perfectionist. Ones place a lot of emphasis on following the rules and doing things correctly.

Governments and truth

I wrote this rambling reply to a Cruisers Forum conversation surrounding the Gov’t’s ability to communicate facts. Then I decided not to post it. But it has some thoughts worth preserving so…

[QUOTE=Mike OReilly;3401382]Yes … see even I’m doing a piss-poor job here, and I’m a science writer :redface:.

If your choice is binary: mRNA vs viral vector, it makes perfect sense to go with the one that has slightly less risk, and slightly more efficacy. But none of these choices are binary. There are multiple factors, including availability AND most importantly getting any vaccine sooner rather than later.

The risk of contracting Covid-19 far outweigh the risk of getting a weird blood clot; by something like 10,000 fold. But an honest scientist will tell you the risk is greater with AZ and Jansen than with Pfizer or Moderna, so in some hypothetical situation where you can reduce your risk of contracting the disease to near-zero, it makes sense to hold out for the lower-risk vaccine.

But this all requires an ability to rationally assess risk, and that is something few people know how to do.

It reminds me of the first time I went to see a lawyer. I wanted to know if I could start a business without doing anything other than opening a bank account. An hour of risk assessment, fear mongering and over-explaining worst-case scenarios he wrapped up up with a simple “yes, but you will be personally liable.” Since all I wanted to do was graphic design under a company name it seemed a bit hysterical. I now realize that all that liability he was talking about applied to him as well. If he didn’t do his damnedest to scare the bejesus out of me he would have been “shirking” his responsibilities.

It is really hurting my brain to listen to all the people who b*tch about governments lying and withholding information or just plain being wrong. Do I think this whole thing has been a case-study in communication f*ck-ups? Yes. But the thing most people think the gov’t is there to do isn’t accurate (at least outside the US…they have a weird origin story…). They aren’t primarily responsible for telling us the truth etc.—they are responsible for the common weal. And if anyone has been a parent you know that doesn’t always involve “truth” or “justice.” We can argue about that if you want, but I just want my government to do what needs to be done—I really couldn’t give a damn if they have to mislead me in order to get the rest of the population to line up and toe the line. Up to a point.

Instagram Since Last Time

Instagram Since Last Time
Our baby lake is getting brighter all the time—now hosting pelicans!#urbanwildlife #greisbach #birds
Instagram Since Last Time
Community daycare. 4 adults, 50+ goslings.
Instagram Since Last Time
Doing laundry. A cat’s work is never done.
Instagram Since Last Time
Spring migration. I had to stand In front of a sewer grate because one little one wouldn’t hop the curb.
Instagram Since Last Time
How do I know I might have a fungus gnat issue and where I might find the source?
Instagram Since Last Time
I was going to do a cool time lapse of my #sourdough rising in the oven but the camera just couldn’t see it. So here’s me doing the dishes instead
Instagram Since Last Time
Exciting day: the Sandhills cranes are flying overhead and our compost bins arrived. First pickup isn’t until mid May but we’ve already stored up our first bag!#compost #birdwatching #springmigration

900: My Library in 2021

I own 863 books. Well I might own a few more here and there (books that I have worked on  but not necessarily “read” etc.) but my main library — of mostly SF/Fantasy — consists of 863 titles. It took me almost 40 years to accumulate those.

Yes, I have a spreadsheet. I also haven’t bought a new book in 10 years…for certain definitions of “book.”

Ebooks

On the other hand, today I bought my 900th ebook.

For Xmas in December 2009, L bought me my first ereader—a Sony Reader PRS-600 (read about it here). I was suspicious but willing to give it a chance. On January 1, 2010 I bought my first ebook: March to the Stars by David Weber and John Ringo from Baen for $5 usd (the same book is now $6.99). I chose a Baen book (and generally still do) because of their non-drm policy.

So, since 2010, I have accumulated more ebooks in ~10 years than I did in the preceding 45. That says something about me, but I am not sure exactly what 🙂

Number 900?

I decided on Steven Brust’s The Baron of Magister Valley —a very under-marketed book published last year that I didn’t realize even existed until very recently. I have been trying very, very hard not to acquire any new books in order to get my To-Read pile down. I can happily announce that, other than a pile of “backup book” (classics and freebies that I have in case of emergency but don’t really intend to read unless I have to), I was down to 3. Woohoo!

So I went on a buying spree: A Desolation Called Peace by Arkady Martine, Martha Wells’ Fugitive Telemetry —number 6 of awesome The Murderbot Diaries and The Assassins of Thasalon (Penric & Desdemona) from Lois McMaster Bujold. Which brought my  ebook count to 899.

 

Well, what’s a fella to do? Buy another book of course. Despite it costing $14.99. Seriously? Fifteen bucks?

Whatever.

But it’s done. And now happy reading!

NGINX Proxy Manager

 

What’s it all about?

My home server was just revolutionized! I’ve run several websites on my home network for years for testing purposes. Recently I was doing some work for hire and I needed to open them up to the wider internet. In the past I would just open up a bunch of port forwards and be happy.

Port forwarding: generally web traffic travels though various devices on a port 80 (http) or port 443 (https). You can open up other ports on your router and forward them to specific devices e.g.  external traffic sent to http:macblaze.ca:8083  —> internal route 192.168.1.250:80

This results in opening a bunch of ports on your router (insecure) and having to give clients and others oddlooking urls like macblaze.ca:8083. 

And recently Shaw has upgraded their routers to use a fancy fancy web interface that actually removes functionality in the name of making things easier. So my linux server, which had a virtual NIC (network interface card) with a separate IP, didn’t show up on their management site and I was unable to forward any external traffic to it.

But up until this week it was a c’est la vie sort of thing as I struggled to try and figure out how to get the virtual NIC to appear on the network. And then I saw this video about self hosting that talked about setting up a reverse proxy server.

NGINX Proxy Manager

Find it here: nginxproxymanager.com

Turns out this was what I was supposed to be doing all along. A reverse proxy senses incoming traffic and routes it not via the port but by the dns name. So now that I have it set up I can just add a CNAME to my dns setup like testserver.myserver.com and it will send it to my home IP on the normal port 80. My router lets it through, passes it to the proxy server which then parses the name and then sends it on to the proper machine/service. So then whenever I set up a new project I can go and add testserver2.myserver.com and the proxy server will send it to where it belongs on my internal setup.

So cool.

My Set Up

I used to have some ports going to my Mac mini server and some ports to my Linux machine. Now all traffic is directed to the linux box. It runs NGINX Proxy Manager (NPM) on a Docker container and receives traffic on port 80. I moved the two websites hosted on that box to ports 8090 and NPM now sorts them based on the various CNAMEs I added to my hosting.

CNAMEs

CNAMEs are canonical names — akin to forwarding in a weird way. www.macblaze.ca is a CNAME for macblaze.ca. So if for some reason the IP address changes for macblaze.ca then www.macblaze.ca will still go to the right place. If I set up a domain myserver.com which points to the IP that is assigned to our house by our ISP (Shaw, Telus etc.) I can then set up the CNAME testserver.myserver.com which will be handled internally. If our IP ever changes (which it used to do quite often) now I only have to change the one record and all the CNAMES will still work.

Docker

Docker is a virtualized container system. I haven’t a lot of experience with it but this iteration of the NGINX proxy is a GUI based  implementation of the command line version and the developer decided to set it up as container (sort of a mini virtual computer) so he could easily roll out updates as necessary.  So my poor old Linux box is now running virtualized software on top of being a web server and a linux sandbox. Not bad for something from 2009. I will start playing a bit more with docker because it allows you to build a container and implement it with all sorts of things without affecting the main machine and, best of all, be able to throw out any changes and start again. we will see if the  old PC is up to it or not.

I  also installed docker-compose in order for Docker to run “headless” in the background.

Here’s a good video on the process:

 

The Process

Docker

(From the video)

Update the Linux system:
sudo apt update
sudo apt upgrade
sudo apt install docker.io

Start
sudo systemctl start docker
sudo systemctl enable docker
sudo systemctl status docker

Check to see if its working by checking the version: docker -v

Then test by installing a test container:
sudo docker run hello-world

Docker-Compose

sudo apt install docker-compose

To verify: docker-compose version

Then check permissions:
docker container ls
If you are  denied:
sudo groupadd docker
sudo gpasswd -a ${USER} docker
su - $USER

NGINX Reverse Proxy

Make a directory (make sure you have permissions on it)

  • sudo mkdir nginx_proxy_manager

I had to change permissions. Then create a file in the directory:

nano docker-compose.yaml

Copy the setup text from https://nginxproxymanager.com/guide/#quick-setup and change passwords

  • Be sure to change the passwords

Then compose:
docker-compose up -d

This grabs the specified docker containers, sets up the program and database and creates the virtual machine that is running the NGINX Reverse Proxy server.

You should be able to access the GUI at [http://127.0.0.1:81]

Set up

At this point it is a simple matter of adding a proxy host. Be sure to take advantage of the free SSL offered through Let’s Encrypt ( a non profit Certificate Authority).

  1. click add proxy host
  2. Add domain name (the CNAME), IP to forward it to and the port
  3. Go to SSL tab
  4. Select “Request a New Certificate” from the dropdown
  5. Select Force SSL (this will auto forward all http requests to https), agree tot eh terms and add a contact email

You should be good to go. Go ahead and add as many proxies as you have CNAMEs and servers.

Remember

And remember to close down all the ports on your router if you’d been like me and opened a bunch. Now you should only need 80 (http) and 443 (https).

Like I said—it’s been life changing for organizing my environment.