Sunday, 27 January 2019

Nextcloud on OpenSuse 15.0 Part 2

Now we've got the latest Nextcloud (15.X) running more or less satisfactorily on OpenSuse 15.0, it's now time to do a bit more detailed configuration.

First of all we need to set up a cron job to do the regular housekeeping that nextcloud needs. Currently, it kicks off this activity whenever a page loads but as more content gets added this begins to become a bottleneck. So, in a terminal session do the following as root:
  1.  crontab -u wwwrun -e
  2. This brings up an editor (vim) for the cron jobs assigned to the user wwwrun (which is the account nextcloud runs under). The editor commands are somewhat cryptic...to go into insert mode, press i and the cursor will move to the top of the screen
  3. Enter (or cut and paste) the following: */5  *  *  *  * php -f /srv/www/htdocs/nextcloud/cron.php
  4. Do not press Enter! 
  5. Now you are done, press Escape to get out of editing mode and then :q to quit and save.
  6. This will have scheduled the Nextcloud housekeeping to run every 5 minutes
Now, we need to tell Nextcloud that what has been done.
  1. In a browser, log into Nextcloud as the admin and navigate to the Settings | Basic Settings screen
  2. In the top Background Jobs section, click on Cron (you have to enter the admin password again to confirm).
Now it makes sense to update the Nextcloud config to ready for external access.
  1. Navigate to /srv/www/htdocs/nextcloud/config/ and open config.php in kate (or your text editor of choice).
  2. In the trusted domains_array add some entries after 0 => 'localhost', so that the Nextcloud server will work when accessed via other URL's besides localhost. I would suggest the following (adapted to your setup)...
    1. 1 => 'the-ip-address-of-the-server',
    2. 2 => 'servername.domain.com',
    3. 3 => 'servername.localdomain',

Saturday, 26 January 2019

NextCloud on OpenSuse 15.0

Most of the install guides (https://en.opensuse.org/SDB:Nextcloud and https://en.opensuse.org/SDB:LAMP_setup) use the command-line but a lot can be done using Yast. Do this logged on as root or else you will need to enter the root password a lot and preface command line instructions with sudo.
  1. Get the LAMP stack is installed and running...
    1. Yast | Software | Software Management | View | Patterns
    2. Tick Web and LAMP Server under Server Functions and press Accept
    3. Yast | System | Services Manager
    4. Select apache2  set the Start Mode to On Boot, and then press Start to start it immediately. Repeat for mariadb. Then press Ok.
  2. Get MariaDB set up properly...
    1. Fire up a terminal session and run mysql_secure_installation
    2. Press enter since there is no current MariaDB root password and then select Y to set one - enter your new MariaDB root password twice
    3. Select Y for the rest of the options
  3. Set up a database for Nextcloud...
    1. Fire up a terminal session (or keep using the previous one) and run mysql -u root -p
    2. You will be prompted for the password you entered above
    3. To create the database type create database nextcloud; and then press Enter. Don't forget the semicolon at the end.
    4. Then create a user ID and password for Nextcloud to access the database. Type create user ncdbuser@localhost identified by 'your-password-here'; and then press Enter
    5. Now give the Nextcloud ID access to the database. Type grant all privileges on nextcloud.* to ncdbuser@localhost identified by 'the-same-password-above'; and then press Enter
    6. Now type exit; and press Enter to finish
  4. Enable PHP so that Nextcloud can run
    1.  Fire up a terminal session (or keep using the previous one) and run a2enmod php7
    2. Then restart the apache webserver with apachectl restart
  5. Now install Nextcloud. The version that install with OpenSuse 15.0 is 13.0.2 but, as of writing 13.0.8 is in the update repository. If you have a vanilla install of OpenSuse the Update Repositories should already added to the Software Management module.
    1. Yast | Software | Software Management | Search | nextcloud
    2. Tick nextcloud and then press Accept
    3. A whole load of dependencies will display, press Continue
  6. Now configure Nextcloud.
    1. Fire up a web browser and navigate to locahost/nextcloud
    2. You should see a login screen as asking you to create an admin account and password for Nextcloud. Enter a new user ID and password here (these should be different from the previous userID's and passwords). DO NOT PRESS the Finish Setup button yet!
    3. Select MySQL as the database and boxes for entering the details entered in section 3 will appear ("ncdbuser", "your-password", "nextcloud" and "localhost").
    4. Then you can press the Finish Setup button 
  7. You will now be logged in to Nextcloud as the admin user. Logout (option under the top right icon)
This is an older version of Nextcloud so you need to update but, at least on my install the permissions and a couple of other things are a bit messed up and the online updater won't work. To fix this, do the following in a terminal as root:
  1. cd /srv/www/htdocs
  2. chown wwwrun.www nextcloud
  3. cd nextcloud
  4. chown wwwrun.www * -R
  5. chown wwwrun.www .*
  6. chmod +x occ
  7. rmdir search
Now, in a browser, log in to Nextcloud again as the admin. Do the following...
  1. Click on the top right icon and select Settings
  2. Part way down the screen under the Version heading you should see there is a new version 14.X available (otherwise log on and off again and see if it does a rescan for updates). 
  3. Click to use the Web Updater
  4. You should then allow it to check that the updater will work (if you have reset the permissions above that should go through OK).
  5. Click to carry on with the Web Updater,  you should be taken to an update screen with a list of all the bits to be updated. This is a fresh install so they should all be fine.
  6. Press the button at the bottom to go ahead with the update 
Once that is done you will once more be logged in to the updated Nextcloud instance as an admin. Repeat the above procedure again since there will now be a 15.X update available - at the time of writing that's it, 16.X isn't out yet.

We are not done yet, although we now have Nextcloud 15.X running it now needs a bit of tuning...
  1. In the browser, go to the menu top right and select Settings. Under the Overview | Security and Setup Warnings there is a short list of things to fix...
  2. First of all get the database straightened out after the upgrades. In a terminal, logged on as root, do the following
    1. cd /srv/www/htdocs/nextcloud
    2. sudo -u wwwrun ./occ db:add-missing-indices
    3. sudo -u wwwrun ./occ db:convert-filecache-bigint
    4. The last command will warn you about taking hours, it won't since the install is fresh, so press Y
  3. When running these commands you will notice them complaining about the PHP memory limit so lets change that.
    1. In Dolphin, navigate to /etc/php7/apache2 and click on php.ini. It should open in the kate text editor. 
    2. Scroll down until you find the line memory_limit = 128M and change it to memory_limit = 512M
    3. Save the file and exit
    4. Now navigate to /etc/php7/cli and repeat the process there.
  4. Now lets set up some caching to improve performance...
    1. In Yast go to Yast | Software | Software Management | Search | apcu and check php7-APCu
    2. Then search for php7-opcache and check it
    3. Press Accept to install the packages
    4. In Dolphin, navigate to /etc/php7/apache2 and click on php.ini. It should open in the kate text editor. 
    5. Scroll down until you find the [opcache] section. Remove the leading semicolon and edit (if required) the following lines:
      1. opcache.enable=1
      2. opcache.enable_cli=1
      3. opcache.memory_consumption=128
      4. opcache.interned_strings_buffer=8
      5. opcache.max_accelerated_files=10000
      6. opcache.revalidate_freq=1
      7. opcache.save_comments=1
    6. Now add a new section [apc] at the end with the line apc.enable_cli=1
    7. Save the file and exit
    8. Now navigate to /etc/php7/cli and repeat the process there.
    9. Now navigate to /srv/www/htdocs/nextcloud/config/config.php and open it in the kate editor
    10. Just before the last line add in  'memcache.local' => '\OC\Memcache\APCu',
    11. Save the file
    12. Restart the web server in a terminal using apache2ctl restart
  5. Log on to Nextcloud and there should be a lot less things in the Settings | Overview. I don't care about the CalDav and CardDav issues since it only really affects Apple stuff - which I don't have any of.
However, SSL really does need to be set up, but that is for another posting...

One last thing. I just had a look in the logs and it was full of error messages about using "...a fallback version of the intl extension". Fire up Yast, install php7-intl and then restart apache (again). Problem solved.

Monday, 26 November 2018

OpenSuse 15.0 DHCP Problems

Just patched OpenSuse on my Lenovo C30 and DHCP appears to have stopped working.

It transpires that the DHCP server is rather old and can't deal with newer DHCP requests (it needs RFC 2132 rather than RFC 4361).

The problem is described on Bugzilla.

To save you time, all that needs to be done is to create /etc/wicked/local.xml which contains:

<config>
  <addrconf> 
    <dhcp4> 
      <create-cid>rfc2132</create-cid>
    </dhcp4>
  </addrconf>
</config>

Then restart the wicked service to pick up the new settings with:
systemctl restart wickedd
 
 

Tuesday, 23 October 2018

Unihertz Atom Part 2

Some further observations on the Unihertz Atom now I've had it for a bit...
  1. It's a lot faster than the Jelly Pro, which sometimes felt like a compromise compared to a full sized Android phone. The Atom is as responsive as anything I've used (Samsung Galaxy's and a Sony Xperia Z5).
  2. The GPS is miles better than the Jelly. In fact it seems to get a position lock faster than any of the other devices I have access too - nearly instantaneous. This I find quite remarkable considering the Jelly generally took a few minutes.
  3. The battery life is excellent - even setting it up with lots of downloads and syncing it still gave me nearly 2 days of use. Overnight with Wifi and 4G on it only dropped a couple of percent. The question is: do I charge every two days to try and preserve battery life considering it's not removable?
  4. On a USB PD charger it seems to charge very quickly: 30-85% in under half an hour. It does slow down after reaching around 90% but that's enough charge for a day of operation in half an hour.
  5. Fingerprint reader seems to work very well for me. I would estimate that it works first time 90%+ of the time.
  6. The Calender widget is not as good as the Jelly one, too much screen space wasted on a small screen. That will need replacement.
  7. Even after updates the Jelly is ahead on Android patch level - consequently, I expect more updates soon. 
And now a few more config details now...
  1.  Nova launcher works quite well on the Jelly, and now Atom, since it allows you ta lot of flexibility resizing widgets. In particular, it allows you remove widget padding to maximise their size, and I use full screen widgets to make the most of limited screen real estate.
  2. I use a dark theme on the phone since I find white-on-black easier to read. 
  3. On the first home screen I have a full screen calendar using Simple Calendar Widget which is much more space efficient (and neater) than the inbuilt widget.
  4. On the second-through-fourth home screens I have full screen aquamail widgets for each of my main email accounts. These are all set to update every 15-mins and AquaMail is white-listed under Settings|Smart Assistant|Power save manager  to ensure that it is able to run in the background correctly.
  5. One the fifth screen I have a full screen BBC News widget, also whitelisted like Aquamail so it updates regularly.
  6. On the sixth screen have three widgets running taking up a third of the screen height but at full width: BBC Weather, Music and TuneIn Radio Pro.
  7. There are no app icons on any home screens but the dock at the bottom also scroll sideways to reveal new icon sets. I have set it to hold four icons (one is always the Apps button).
This way I can get to all my key info one-handed by just side scrolling the screen with my thumb. Unlocking using a PIN is actually easier than using the fingerprint reader if the phone is held one handed since the button is so low. This is something most phone makers get wrong and I blame Apple for encouraging that design stupidity. The Xperia Z5 Compact with its fingerprint sensor on the side actually worked better for one handed operation (but only for right handers).     

Thursday, 18 October 2018

Unihertz Atom Setup

Just got a Unihertz Atom phone to replace (partially) my Jelly Pro. It's quite a bit thicker but an awful lot faster. Hopefully the additional power consumption of the CPU and RAM is covered by the bigger battery. With Android 8.1 the Jelly gives me a day of good usage, which is much better than it managed with the Android 7.0 that it shipped with.

My setup on the Jelly developed over several iterations but I intend to largely replicate it on the Atom so here it is.

First of all, after letting Android update, I need to disable various bits, both to improve battery life and limit the amount of data I send to Google. In the Apps Lis,t I disable, force stop and delete the data of...
  • Drive - I'm not going to be working on any documents and presentations on a screen this small!
  • Duo - Cute, don't need
  • Gboard - Only marginally usable on a device this small
  • Gmail - Crap
  • Google - If I really need it, I can fire it up in a browser, didn't miss it on the jelly
  • Google Pay Movies - Are you kidding me, on that screen?
  • Google Play Music - I've got my own stuff ripped
  • Keep - Nope
  • Maps - I want proper downloadable maps
  • Pedometer
  • Photos - Not really going to use this for photo viewing 
  • Talkback - Not needed
  • Trackback - Not needed
  • Zello - I want to use the PTT button for something else
I also disable Backup (under the Google section in Settings) since I have Nextcloud for that. The PTT button is linked to the Camera App (under Smart Assistant| Shortcut button) - mainly for taking pictures of receipts for expenses.

Now the Apps that I do install:
  • AquaMail - much better than Gmail, especially the widgets and multiple account handling
  • BBC iPlayer - Mainly for things linked from the News App
  • BBC News - again a nice widget
  • BBC Weather 
  • Fujifilm Camera Remote - for my X-T20
  • CardDAV-Sync - My contacts sync to my NextCloud server, not Google
  • DROIDCam - My GPD Pocket doesn't have a Webcam, which is generally a good thing for privacy, sometimes, however...
  • FolderSync Pro - Syncs the rest of the stuff on the phone with NextCloud, mainly my music
  • HERE WeGo - Downloadable maps and navigation courtesy of the ex-NavTech/Nokia guys
  • Minuum - Keyboard/predictive text for small screens/fat fingers
  • Nova Launcher - it's just better
  • PasswdSafe - No Google/Chrome you're not doing password autofill for me either
  • TuneIn Radio Pro - It's got a headphone socket!
Next, I fire up HERE WeGo and start the download of maps for all of Europe and N. America which will keep it busy while I set up email and Next Cloud sync...

   

Friday, 3 August 2018

Shoehorning Duallies - The Lenovo C30

Just picked up a Lenovo C30 from ebay, which looks like at least one company thinks like me as far as cramming a lot into a small case. In this case, a more or less EATX dual Socket 2011 motherbard in a case rather smaller than a regular PC case.

I'll be going into this into a bit more detail in a later posting but first a few observations:

  1. The BIOS was rather old and Lenovo has done quite a good job at releasing regular updates to cover Intel's security holes - both in the Management Engine firmware and the whole Meltdown/Spectre debacle. However, the CDROM-based EFI BIOS update failed - judging from the error message, the EFI code on the board was too old to run the update script. So I go to use the DOS update using a Rufus generated bootable USB key - I'm running Linux on this so the Windows update was not an option. This gave me an out-of-memory error which was somewhat annoying - fortunately the error message was accompanied by the command line that flash.bat was trying to execute. Entering this manually, without the overhead of command.com and Lenovo's wrapper code, worked fine.
  2. The motherboard is identical to the considerably larger Lenovo D30  but with half the RAM slots missing (8 instead of 16) to allow better airflow - the D30 has RAM cooling fans but the S30 relies on passive airflow. However, I think that a D30 motherboard would work fine with all the slots if I stick to low voltage DDR3L. If one comes up for a good price I may try that. As it is, 16GB DDR3 DIMMS are getting quite cheap on eBay and 128GB is probably enough.
  3. The C30 is quiet - even with all the cores maxed out running SETI it hardly makes any sound.
  4. There are several versions of the C30 and early ones, the 10xx series, don't support Ivy-Bridge Xeons but the 13xx series do. Most sellers don't distinguish and, frankly, if they're just shifting the boxes that they have, then I wouldn't expect them to know. Lenovo's documentation isn't the clearest on this either. I bought one with dual E5-2609 v2 chips to ensure that it was the right version - and then promptly swapped the CPU's for something less feeble. 
  5. I'm waiting for the more beastly e5 v2 Xeons to come down a bit in price. In pairs, they hold their own against current single socket cpu's in multithreaded benchmarks rather well. I suspect that this is because multithreading tends to be memory constrained and a dual 2011 platform has 8 channels of DDR3 which isn't bettered by today's Epyc and Xeon Gold's. While they do give up a bit in bandwidth (DDR3 1866 vs DDR4 2666) the latency is almost the same - which counts for a lot as thread numbers and consequent randomness of memory accesses rise. 

Thursday, 19 July 2018

Intel Quad Port PRO/1000PT and PCI-E revisited

I was really annoyed that I had to put the Intel Quad Port PRO/1000PT right next to the video card in my new build since it wouldn't work in a PCI-E 3.0 slot - and, in fact, would stop the machine from booting if inserted. That was making the video card 5-10C hotter since it was passively cooled and needed a bit of air circulation.

So I dove into the BIOS and found that I could set the PCI-E version for the PCI-E 3.0 slots (but not the 2.0 slot for some reason). This could be just the thing - so I set the problematic PCI-E slot to PCi-E 2.0 mode, remembering that Supermicro still numbers the slots as if the PCI-X slots that aren't there on the X9SRI are still there, and moved the network card over. Lo and behold! The machine booted.

Unfortunately, this was as a result of the network card just not working at all, as opposed to actively stopping the boot process. Obviously there is a subtle difference between a PCI-E 2.0 slot and a PCI-E 3.0 in 2.0 mode - remember, this is an Intel network card in a motherboard with an Intel CPU and chipset. Moderately unimpressed with both Intel and the mess that seems to be PCI-E standards.

A search for Intel documentation reveals that the low profile PT-cards are actually PCI-E 1.0a (which I wasn't aware even existed) which should work with PCI-E 2.0. Finding this was a lot harder than in the past as Intel seem to have expunged or broken links for older products. I remember when they used to have really good legacy support not so long ago (i.e. 18 months!). So I drop down to PCI-E 1.0 in the BIOS and finally everything works OK.

Outcome, a cooler, working system and increased disillusionment with Intel and the whole PCI-E mess. PCI/PCI-66/PCI-X either inter-operated or was keyed so you couldn't make a broken configuration - this is not progress, guys!