Linux, BSD, Servers and Computer Hardware Articles
If I remember correctly this was:
SuperMicro Full Tower
Gigabyte EP45-UD3P Motherboard
E8400 Overclocked to 4 GHz
2x 2GB Corsair XMS 800 MHz DDR2
Radeon X300SE
Apogee GT waterblock
MCP 655 pump
77 Bonneville heatercore
Homemade PVC reservoir tank
No fans are directly on the heatercore, but all case fans are blowing out (exhaust) to create negative pressure. The side vents, and empty drive bays were closed off, thus, forcing all intake through the radiator.
I quite often find that when I’m setting up something that I’m going to use myself, the extra layers are just annoying. Kodi/XBMC is great, but if you don’t care to set it up right it can feel clunky… to me anyway. That said, I do want some comforts in my solution.
No manually typing out long file names!
No cryptic, long commands
I give you btv, a wrapper I wrote for MPV. It is meant to be used over SSH.
Log in via SSH, change directory to the file(s) you want to play and type btv, it will list out the available video formats in that dir. Hit the corresponding number, press enter and it will start playing. It does so with nohup, so you can exit the ssh session or whatever — it’ll keep playing. If you run it again, while something is playing, it will pause for you. If you run it while something is open and paused, it resumes.
You can also manually set args with:
–stop
–pause
–resume
–play (filename)
–status
You’ll have to configure the correct audio/video outputs for your own setup. This is mine, on a pi5. If you have no audio, pulse/pipewire is probably the reason. Just stop the service(s).
Source available along with some of my other projects:
Finally, 146 uninterrupted days of solid uptime, I’ve switched the site from the Pi 5 over to a Lenovo Tiny PC. Upcoming post about my new setup, involving NGINX and Alpine. I’ve been an Apache HTTPD user since 2005, but the times they are-a changing… and I think I’ve got some interesting goodies to share. Stay tuned.
In the meanwhile, if some things don’t work or are partially missing, it is because changing servers is like pulling teeth… you kind of just need to yank and get it over with.
Feel free to report via the “Forum” with bugs… I had to botch up the server stats to get it working on Alpine/NGINX because several things were a bit different. It is half done… behold, the incredibly low memory footprint of the new setup! Just 70MB!
That picture is of the PiFrame, Pi Zero 2 powered clock… it uses scripts running on my webserver — which I’d forgotten to port over to the new VM!!
Anyways, coming soon is a write up about moving to NGINX/Alpine, and the new “Big Digits” code for the PiFrame, see the picture?
As stated last time; When you’re no longer serving DNS from the same machine as your DHCP server, local hostnames may become an issue.If you’re like me, all the things you actually would be needing to access by name in that matter already have static addresses and /etc/hosts file entries. I had an idea that I thought should be shared though.
This is a little script I wrote. What it does, is takes the dhcp.leases file on an OpenWRT router and produces a correctly formatted hosts file. In the previous article, I offered my custom config, and you’ll see the option to have dnsmasq parse your /etc/hosts file — this is for that.
Weather you have 4 devices on your network, 40 or however many you’ve got, this is an easy way to get the local hostnames working on your new custom DNS setup.
Here is the code for Leases2Hosts, you can run it right on OpenWRT.
#!/bin/sh
# OpenWrt Leases2Hosts 0.01 -- BTA 03.13.2025 -- LostGeek.NET
# Transforms OpenWrt dhcp leases file into format suitable for external DNS server
LEASES_FILE="/tmp/dhcp.leases"
OUTPUT_FILE="/tmp/dhcp.hosts"
# Set domain suffix (leave blank to disable)
DOMAIN_SUFFIX=".lan"
# Ensure the leases file exists
[ -f "$LEASES_FILE" ] || { echo "Leases file not found!"; exit 1; }
# New hosts file header
echo "# Generated by Lease2Hosts" > "$OUTPUT_FILE"
# Process the leases file using BusyBox-compatible awk
awk -v suffix="$DOMAIN_SUFFIX" '
{
ip = $3;
hostname = $4;
# Ignore entries where hostname is "*"
if (hostname == "*") next;
# Ensure hostname is not a MAC address (contains colons)
if (index(hostname, ":") > 0) next;
# Ensure hostname is only letters, numbers, dots, and dashes
if (match(hostname, /^[a-zA-Z0-9.-]+$/)) {
if (suffix != "") {
print ip, hostname, hostname suffix;
} else {
print ip, hostname;
}
}
}' "$LEASES_FILE" >> "$OUTPUT_FILE"
echo "Hosts file:"
echo "-----"
cat $OUTPUT_FILE
echo "-----"
echo "Hosts file written: $OUTPUT_FILE"
You can run this once and be done, if you don’t always add and change devices. It can also be auto started via a cron job.
I think there is even a way to have an event-based trigger so perhaps it could run as soon as a new lease is given to a unique device. I’ll leave that up to the reader though!
For those who don’t know, what this does is reads the DHCP leases file; this has the IPs and hostnames of all DHCP clients on your network. It also has mac addresses though, and may contain nameless entries, both of which you obviously don’t want in your hosts file. I’d imagine this could be very useful if you’ve got a network full of machines, VMs, or IoT devices… heck, even a family with laptops, smartphones and tablets.
It produces output as follows: 10.0.0.1 workstation1 workstation1.local 10.0.0.2 laptop1 laptop1.local etc…
From the dhcp.leases file, which looks something like this: *1621306452 c8:3d:6b:55:f1:e5 10.0.0.22 Roku * 1772607384 2c:ab:67:3d:90:5d 10.0.0.29 piframe 01:2c:cf:67:3d:90:5d etc…*
Quite ugly — notice the double MAC?? Well, that happens, especially on modern cell phones which hide their mac as a privacy feature, and on cheap-o devices which don’t have the mac set in stone.
Originally MACs weren’t supposed to just be changed on a whim but rather burned into the device’s eprom. My script aims to sort out all of this non-sense. I have had excellent results using the script, however please review it before using the generated list. If you understand shell script basics and awk, you can gauge your own confidence in it being fairly safe, but I shall make no such guarantee.
Using cron and scp, you can automate putting this new hosts file on your DNS server. However, I’d recommend that you use it simply to save you time in formatting a hosts file from a large lease pool — and it seems to do so quite well.
Doesn’t say so according to their official schedule, but 14.5 RELEASE is up on the web.
Since 14.1 or 14.2 the 14 series no longer works on my T400. Unsure exactly why, but it only boots in safemode… So, fresh 13.5 it is! According to their release schedule, RELEASE announcement isn’t until March 11th.
There is indeed an image though, in my case: FreeBSD-13.5-RELEASE-amd64-memstick.img and I’m half way through installing it right now.
Official Schedule:
https://www.freebsd.org/releases/13.5R/schedule/
13.5 Images Download (AMD64)
https://download.freebsd.org/releases/amd64/amd64/ISO-IMAGES/13.5/
In my experience, neither opkg’s command line interface, nor Luci’s web interface will allow you perform all available upgrades, all in one go.They make you do each one, one at a time. Maybe for safety reasons?
If you accept the risks involved and want to save some time like I did, make yourself a script:
#!/bin/sh
opkg update
upgradables=$(opkg list-upgradable | awk '{print $1}') || exit 0
[ -z "$upgradables" ] && echo "No packages to upgrade." && exit 0
echo "Upgrade: $upgradables"; read -p "Enter y/n: " r
[ "$r" = "y" ] && opkg upgrade $upgradables
This is genuinely quite useful, and it also is a very good bash scripting example that I wanted to share.
Save it, chmod +x, rock and roll.
Probably should keep a copy on your workstation too, because unless you put it somewhere on the router that’ll survive reboots it may get lost during one.
PiHole is a thing, so is AdGuard Home— these are both excellent, and work well. They’re easy. you don’t have to be a network administrator to get up and running.I’ve been a satisfied PiHole user for about a year, but I wanted something a little cleaner. Here is what I don’t like about PiHole:
So, let’s talk about doing the exact same thing, with the normal dnsmasq package that your distro comes with
IMO, the special sauce of PiHole is Stephen Black’s hosts list. This is what PH uses out of the box, to block ads, trackers and other malicious sites. Available on github here: https://github.com/StevenBlack/hosts
This file is laid out like a normal hosts file (0.0.0.0 somename.com) and we need to change that to something dnsmasq will understand. Dnsmasq needs it written like this, address=/somename.com/0.0.0.0
We can do that with a simple script. In my case, I wrote one which will grab the list for me, format it for dnsmasq and then put it in the dnsmasq.d config directory. Note, this does mean you’ll need to run with sudo, or do this in a way that you’re putting it in with the correct permission to do so.
#!/bin/bash
BLOCKLIST_URL="https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
BLOCKLIST_FILE="/tmp/stephenblack_hosts"
OUTPUT_FILE="/etc/dnsmasq.d/100_stephenblack.conf"
# Download, process, and create dnsmasq config
wget -q -O "$BLOCKLIST_FILE" "$BLOCKLIST_URL" && \
awk '!/^#/ && NF > 1 {print "address=/" $2 "/0.0.0.0"}' "$BLOCKLIST_FILE" > "$OUTPUT_FILE" && \
systemctl restart dnsmasq && \
echo "Blocklist update and dnsmasq configuration complete!" || \
{ echo "Error occurred."; exit 1; }
Now, to get this to work, you’ll have to edit /etc/dnsmasq.conf and comment or add conf-dir=/etc/dnsmasq.d This is a massive file, so use search in your editor. Because the file is so large, make yourself a different file in dnsmasq.d called 99_custom.conf and we can put DNS related stuff in there. Here is mine, it has most of what one might want to play with dns-wise.
# Custom Configuration file for dnsmasq.
# ---------------------------------------
# These are the most relevant, DNS related options.
# All DHCP related options are in /etc/dnsmasq.conf
# To set upstream servers here; in case resolv.conf changes
no-resolv
server=1.1.1.1
server=9.9.9.9
# If you don't want dnsmasq to poll /etc/resolv.conf for changes
#no-poll
# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv
# Uncomment these to enable DNSSEC validation and caching:
# (Requires dnsmasq to be built with DNSSEC option.)
#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
#dnssec
# Replies not DNSSEC signed may be legitimate. Because the domain
# is unsigned, or may be forgeries. Dnsmasq can check unsigned replies.
#dnssec-check-unsigned
# Change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
#resolv-file=
# Use upstream DNS server in order, or any available.
#strict-order
# Add other name servers here, (if non-public domains).
#server=/localnet/192.168.0.1
# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/lan/
# Add domains which you want to force to an IP address here.
# This is also how ad-blocking works. (point @ 0.0.0.0)
#address=/double-click.net/127.0.0.1
# Run dnsmasq as...
#user=
#group=
# Use specific network interface, bind to LAN (only) if doing NAT.
# You don't want to make your DNS avail to the public internet.
#bind-interfaces
# Set the cache size here. Default is 100, max is 10000
cache-size=10000
# If you want to disable negative caching (non-working names)
#no-negcache
# May serve potentially stale date, you can set a custom time-to-live
local-ttl=900
# For debugging purposes, log all queries (will use many MB in a day)
#log-queries
# Good idea if you're passing out this DNS server directly to clients
addn-hosts=/etc/hosts
# Option to disable ipv6, shouldn't need to enable
#no-ipv6
I’ve got no-resolv set here, because if you tell your router to hand out this machine for DNS then it’ll get only itself as a source and well, you won’t have working DNS. So either keep no-resolv and set your upstream servers in this custom file, or make sure you’re not using anything which is going to overwrite your resolv.conf entries.
For those interested, here’s how you could deal with that:
Adding dns-nameservers 1.1.1.1 9.9.9.9 to /etc/network/interfaces (if you’re using ifupdown)
Putting supersede domain-name-servers 1.1.1.1, 9.9.9.9; into your /etc/dhcp/dhclient.conf file, should you be using dhclient for a dynamically assigned address. Good idea to do this, if you use any NICs with DHCP unless you told dnsmasq to ignore resolv.conf.
And well, I think that’s about it. The last step is going into your router, setting the machine /w dnsmasq as the DNS server… and of course, adding any names you want/need to resolve on your LAN to the DNS server’s /etc/hosts file.
Enjoy!
I’ve been setting up a Lenvo tiny system, which came with an M.2 wifi card. I’m going to probably replace it with another Intel GB / 2.5 GB adapter at some point, but right now I don’t really have a reason to. It is always a little scary when you make major changes to your network configuration on a headless system. This box isn’t physically far away, but it is indeed tucked away in another part of the house and I have no desire to bring a monitor over to it.
I realized, the wifi could serve a purpose in case I bork the bridge config somehow, or something unexpected breaks my configuration. Because I used wifi for the Debian netinstall, ifupdown already connects to wifi on boot, so there’s my failsafe. However, I don’t want or need that to stay up after the wired network is up. So I came up with this:
@reboot sleep 60 && ping -c 3 -I br0 10.0.0.1 >/dev/null 2>&1 && ifdown wlp2s0
Put this in root’s crontab, 60 seconds after cron starts it will try to ping something on the LAN, trying three times. If it can ping successfully, we bring down our backup interface. Beautiful.
This would make even more sense with a cheap USB network adapter just to have a failsafe if you’re experimenting and don’t want to lock yourself out of a system without a monitor (or even a physical serial port, for that matter).
Fail-safe, for what? – long version, for those so-inclined
Well, I wanted to be able to easily network some VMs on this thing, so I set up bridged networking. For those who don’t know, this is how Proxmox lets your VMs basically all share a NIC and each get a DHCP lease from your main network, no double-NAT nonsense, and no need to configure static routes either. I briefly did try ProxMox on this thing, and not to talk down of it but there is a reason I don’t use it… has way too much going on out of the box that I’ll never use. It is a great product, and it definitely has its place but I like the minimal-manual style of setting things up. If I wanted to take advantage of the cluster / high availability features or ZFS snapshots then it is a great way to save you a ton of hassle manually setting up some pretty complicated stuff… But I’m not doing anything that fancy. Proxmox IMO is overkill if you just need to run a few VMs, jails or containers. It is convenient as a “poor man’s KVM” though.
When the words “New sign in” are in the same message as “Windows”, something probably isn’t good! If you’re like me anyway
My heart just about stopped seeing a new sign in from Windows pop up as an alert. I did some digging, and quickly noticed that it must be a mistake… TLDR; it was.
Because Mozilla managed to piss off the entire internet with their new Terms of Service, updated to comply /w California law, I gave LibreWolf a spin… and signed into a google service at some point.
Much to my relief, I did NOT get hacked. Librewolf reports a Windows user-agent. Yes, even on Linux. I mean, from a privacy standpoint I don’t care & it does make sense. Linux users are only 2% – 4% of the desktop market share, so looking like another Win user is good if you want to be further anonymous.
Anyways, Louis Rossman has a really good take on the whole situation… The video is worth a watch. I’ll likely ditch FireFox in time, but this whole debacle isn’t as bad as it first seemed thankfully. Video Link
Just had to share this though… Because you know, the same thing happened to more than just me!!
In that post, I explain that my T400 ThinkPad experiences X.org crashes on average once or twice a day. This was on both Debian 12, and FreeBSD 13. On FireFox from the main repo, FF ESR, and even on the latest FireFox which I went out of the way to get V134 set up on Debian Stable. I thought this fixed the problem, but I was wrong.
Pretty sure it has something to do with the machine’s ancient GMA 4500 (or the 915 driver) and some GL stuff which when it tries to run, X just immediately crashes.
Just wanted to say that I’ve been running Alpine Linux on the old ThinkPad, and my web experience has been rock solid. No more issues. I occasionally boot back into Debian, and still happening there but whatever. At some point I’ll do the necessary digging if the problem persists so I can properly report the bug.
But anyway, Debian is nice for old machines. Debian without systemd is quite light and nimble, indeed. But Alpine? Alpine is like an arrow and a feather, as one. HIGHLY recommended! I’ve been running it off a 16 GB SATA DOM in the ultra bay. https://alpinelinux.org