Marc's Blog

migrating mysql between servers

2010-08-12

Especially if it's a large bunch of data, just using SSH, gzip and pipes is a good solution imho:

mysqldump -uUSER -pPASS --single-transaction --extended-insert --quick -v DATABASENAME | gzip | ssh -C user@newserver  "gunzip | mysql -uUSER -pPASS DATABASENAME"

Event-driven I/O paper

2010-08-01

Just another paper :)
Link: [pdf]

And here the embedded version:

Another engine switch

2010-07-31

I decided that using a database for my blog was a bit of an overkill. This blog is now running on serious and uses just a plain textfile backend.
Most of the old links should work without a lot of work. There are still some encoding errors here and there, I'll fix those when I have a few minutes of free time and motivation.
Sorry if the RSS feed exploded :)

rooting my t-mobile htc desire

2010-06-26

as usual: you might brick your phone if you don't know what you're doing! so don't!

just a short list what I did to get my htc desire (t-mobile branded) to do what I want it to:

Create Goldcard:instructions
I used diskutil on OSX to flash the goldcard image to the sd card like this:
```
diskutil unmountDisk /dev/disk2

sudo dd if=goldcard.img of=/dev/disk2

diskutil eject /dev/disk2
```
download the bootloader 0.8 flash stuff from modaco and follow the guide (this should give you root)
use unrevoked^2 to permanently flash a recovery image that allows you to do nandroid backups and flash roms
flash whatever tickles your fancy

ingate verschenkt vserver

2010-06-15

Klingt komisch, ist aber so. In einem Blogpost verschenken die Jungs von Ingate.de einen XEN VServer.
Wie man mitmacht? Einfach die Aktion im eigenen Blog erwaehnen :)

Generell bekommt man bei Ingate recht interessante Server.
Hier mal die Daten zum "Basic" Modell:

VServer Basic

5GB Speicherplatz (RAID1)  
200MB RAM garantiert  
200MB Swap  
Traffic Flatrate  
Voller Root-Zugriff per SSH  
IP-Adressen gemaess RIPE  
4,00 Euro / Monat

June 2010 mashups

2010-06-09

It has been a while since last time... there we go :)

Fritzbox 7240 and KabelBW

2010-05-17

Just in case anybody has problems setting up the FritzBox:
You have to reset the modem every time a new MAC accesses it!
--> set up standard "get internet via DHCP" stuff and then power-cycle the cable modem

Dealing with invalid encodings in Ruby 1.9

2010-04-21

If you are trying to work with websites, you'll sooner or later find yourself in the situation that the advertised website encoding is in fact not the encoding of the stuff the server sends you.
This might show up in something like this:

Encoding::UndefinedConversionError: "\xC3" from ASCII-8BIT to UTF-8

In this case, something said the string (aka: website) you look at is ASCII-8BIT encoded, while it is in fact not.
This happened to me while trying to dump some JSON and I ended up having to look at the encode method in ruby 1.9:

ok_string = bad_string.encode("UTF-8", {:invalid => :replace, :undef => :replace})

This works ok for my area as I don't really care about a few missing accents or umlauts. If you actually want to keep the document in an ok form, you might want to look at the .force_encoding() method.

Getting a google voice account for non-US residents

2010-02-28

I found this to be pretty handy because this solution allows you to call any cellphone/landline number in the US for free. I might as well share it:

Things you will need:

Something that will result in you having an american IP (hotspotshield, proxies, ... I used a server in the US and did SSH Forwarding)
a SIP account (you can get them basically everywhere. ekiga probably works. I used my dus.net account.
a service that will forward an american phone number to your SIP account. A good service for that is ipkall
last but not least: a google voice invite <- don't have any atm, sorry

How to do it:

First, you've got to set up ipkall to forward the american phone number to your sip account
Then: Click then invite link with your proxy/forwarding/... active so google will detect a US IP
In the signup process, google will ask for a US phone number, just take the one ipkall gave you
Google will then show you a number and call the american phone number. You have to type in the number you see to verify that you actually are in possession of that number. You sometimes have to check how DTFM signals ("the beeping") are actually handled (in-band, out-of-band). As far as I remember, I used "in-band", the lamest yet easiest solution
After that you should have a google voice account that you can use to call the US for free

After you have an active google voice account, all you have to do is tell google what number to dial. You don't need a proxy for that anymore.
Google will then call your "american landline" first, ipkall will forward this to your SIP account. Upon picking up the phone, google will start dialing the number you set on the website and from then on, it'll be just as if you dialed that number yourself. Just in this case: it's free.
I'm currently also using google voice to make calls to Germany from the US for 2 cents/minute. In that case, I could actually put in my US cellphone number though :)

Getting started with ruby dRuby (drb)

2010-02-10

dRuby is a distributed object system for Ruby. It allows an object in one Ruby process to invoke methods on an object in another Ruby process on the same or a different machine.
The Ruby standard library contains the core classes of the dRuby package.

Because it's really hard to find a good example that is NOT the usual "we'll create a tuplespace" one, I decided to put something up.
This example contains 3 conponents:
a) "rinda": this component is the point where the servers announce theit services and the clients receive information about the servers. Servers and clients automatically find the server thanks to UDP broadcasts

b) the server: basically a wrapper arround a "regular" class file that looks for the rinda server, registers the service there once it has found it and provides the interface to the "regular" class file over the network

c) the client:

rinda:

require 'rinda/ring'
require 'rinda/tuplespace'

# start DRb
DRb.start_service

# Create a TupleSpace to hold named services, and start running
Rinda::RingServer.new Rinda::TupleSpace.new

puts "started rinda service"

# Wait until the user explicitly kills the server.
DRb.thread.join

The Server

require 'drb'
require 'rinda/ring'
# expand the load path
puts "creating the service"
# creating my service
my_service = SomeClass.new
#making it available via DRB (local IP gets detected automatically)
drb_wrapper = DRb.start_service(nil, my_service)


puts "looking for rinda server"
ring_server = Rinda::RingFinger.primary
puts "Found it!--> #{ring_server.__drburi}"

puts "Registering my service"
name = `hostname`
#will be checked every 5 seconds
renewer = Rinda::SimpleRenewer.new(5)
tuple = [:name, my_service, drb_wrapper, "Monitoring Service on #{name}"]
ring_server.write(tuple, renewer)
puts "Registered and running!"

DRb.thread.join

The Client

require 'drb'
require 'rinda/ring'
puts "Getting available Servers"
DRb.start_service
ring_server = Rinda::RingFinger.primary
services = ring_server.read_all [:name, nil, nil, nil]
puts "Services on #{ring_server.__drburi}"
puts "Amount: #{services.size}"
#create an array of hashes
services.map!{|service| {:object => service[1], :uri =>
service[2].__drburi, :description => service[3]} }
#sort them according to IP/URI
services.sort{|srv1, srv2| srv1[:uri] <=> srv2[:uri]}

if you want to execute a function, just use it like a regular object:

bla = Drbobject.new(nil,service[:object])  
bla.some_method

Facebook opens up xmpp chat

2010-02-10

Facebook has officially opened up their facebook chat:

The question is: do I really want that in my roster?
Also: no SSL/TLS?

Visio 2007 Pro in wine

2010-01-30

For a lot of people, visio 2007 professional immediately crashes when you try to open a .vsd file in wine.
Using those .dll overrides, it works like a charm:

Hope this helps somebody :)

refreshing system environment variables in windows

2010-01-19

It is impossible to simply tell a process to "refresh" the system environment variables in Windows. A running process will always have the ones present from when he began executing.
One thing you CAN do, is simply get the current System Environment using vbscript and set it as temporary variables. After the next login, the variables will be there anyway.

Just create a .vbs file:

Set oShell = WScript.CreateObject("WScript.Shell")
filename = oShell.ExpandEnvironmentStrings("%TEMP%\resetvars.bat")
Set objFileSystem = CreateObject("Scripting.fileSystemObject")
Set oFile = objFileSystem.CreateTextFile(filename, TRUE)

set oEnv=oShell.Environment("System")
for each sitem in oEnv 
    oFile.WriteLine("SET " & sitem)
next
path = oEnv("PATH")

set oEnv=oShell.Environment("User")
for each sitem in oEnv 
    oFile.WriteLine("SET " & sitem)
next

path = path & ";" & oEnv("PATH")
oFile.WriteLine("SET PATH=" & path)
oFile.Close

And a matching batch file:

"%~dp0resetvars.vbs"
call "%TEMP%\resetvars.bat"
del "%TEMP%\resetvars.bat"

By launching the batch file, you'll get updated temporary variables in your current process.

found on stackoverflow

How to change the APN on the Palm Pre

2010-01-17

While in the beginning, you actually had to fiddle with an sqlite database, you now can simply edit the APN settings from within them phones menu system. Here is how:

select the phone icon (as if you wanted to make a call)
go to the menu at the top and select preferences:
enable the "manual settings" field and tap on "Edit Network Settings"
Insert your settings

It worked fine for me without any manual settings on simyo (german virtual provider using the eplus network), but I'm sure this will come in handy

Event: Veranstaltung zur Architektur und zum Betrieb sozialer Netzwerke

2010-01-14

StudiVZ, Xing und Co - Die Langsamen werden verlassen. Veranstaltung zur Architektur und zum Betrieb sozialer Netzwerke

Soziale Netzwerke gehören mittlerweile zu den größten von Menschen erstellten IT-Infrastrukturen. Sie stellen enorme Anforderungen an die Architekturen sowie an den Betriebsablauf. Wie werden sie in der Praxis realisiert, damit Millionen von Usern problemlos und schnell kommunizieren können?

Bei der MediaNight stellen Studierende Projektarbeiten vor Das erfahren Interessenten am 22. Januar 2010 ab 12.30 Uhr an der Hochschule der Medien (HdM). Macher und Experten sozialer Netzwerke gestatten einen Blick hinter die Kulissen von StudiVZ oder XING. Gäste sind zu der Veranstaltung herzlich willkommen, die Teilnahme ist kostenlos.

Zum Auftakt stellen Studierende des Master-Studiengangs Computer Science and Media der HdM die Techniken zur Durchführung von Last- und Performancetests, Monitoring und Alarming, Caching und Parallelverarbeitung am Beispiel einer Wikimedia Installation vor. Sie gehen auch auf alternative Architekturen ein. Anschließend beschreibt Heiko Specht, Account Manager bei Gomez Deutschland, München, die Möglichkeiten externen Monitorings. Mit diesem Verfahren stellen die Betreiber großer Websites sicher, dass ihre Inhalte überall auf der Welt in der gewohnten Qualität verfügbar sind. Danach geht Johannes Mainusch, Vice President Operations bei XING, auf die Performance von Websites ein. Unter dem Motto: „Wer langsam ist, wird verlassen" lässt er hinter die Kulissen von XING blicken. Was Clients bei externem Monitoring besser machen können, stellt Jakob Schröter vom Master-Studiengang Computer Science and Media der HdM vor. Den Schlusspunkt setzt Dennis Bemmann, StudiVZ-Gründer und Informatiker. Er geht auf die Skalierbarkeit, den Datenschutz und die Geschichte der Plattform StudiVZ ein und freut sich auf eine rege Diskussion zu den Entwicklungsperspektiven der sozialen Netze.

Die Veranstaltung wird aufgezeichnet. Der Mitschnitt wird auf der Webseite des Studiengangs Medieninformatik bereit gestellt.

PROGRAMM 12.30 Uhr Begrüßung und Einführung ins Thema Prof. Walter Kriha, Studiengang Medieninformatik der HdM 12.45 Uhr Wikimedia - Ausmessen des LAMP Stacks mit Werkzeugen, Studierende des Master-Studiengangs Computer Science and Media der HdM 13.30 Uhr Externes Monitoring Heiko Specht, Account Manager Gomez Deutschland 14.45 Uhr Wer langsam ist wird verlassen - Performance großer Websites, ein Blick hinter die Kulissen von XING Dr. Johannes Mainusch, Vice President Operations XING 16.00 Uhr Client-side Optimizations Jakob Schröter, Master-Studiengangs Computer Science and Media der HdM 16.30 Uhr Skalierbarkeit, Datenschutz und Geschichte von StudiVZ - Technik und Diskussion Dennis Bemmann, StudiVZ Gründer 17.45 Uhr Ende der Veranstaltung Wann? 22. Januar 2010, 12.30 Uhr Wo? HdM, Nobelstr. 10, 70569 Stuttgart, Raum 056 (Aquarium)

UPDATE: Videos sind nun hier verfügbar.

starting batch files from UNC paths

2010-01-12

If you want to execute a batch file from an UNC Path, windows will first tell you that "CMD does not support UNC paths as current directories" and it will switch to some other directory instead.
If you still want to be able to do your stuff without copying everything to your local drive: use pushd and popd.

pushd will automatically connect the given path as a network drive and popd will disconnect it again.
By using %dp0 as a paramter, you're using the path of the batch file and handing it over to pushd :)

pushd "%~dp0"  
[...]  
popd

happy scripting :)

Alternative Infrastructure

2010-01-12

Just a short presentation for a lecture. hacked together, nothing really original :)
PDF [here]

Communitygetriebene Android Systemerweiterungen

2010-01-10

A short (German) presentation of an upcoming paper :)
Slideshare:

PDF available here

Nigerians apparently still active

2010-01-05

I just tried out "eBay Kleinanzeigen" (apparently they bought kijiji) and this is the first thing I recieved (it's german... sorta):

Hallo, Ich werde beim Kauf Ihres Artikels f√ºr meinen Kunden in Nigeria als ein Geschenk und ich Jahreszeit interessant werden Sie von Bank zu Bank √úberweisung oder PayPal zahlen, so werde ich, wie Sie zu mir zur√ºck Mail f√ºr weitere Diskussionen zu Zahlung und Versand des Artikels. Danke James Smith

Oh Mr. Smith... :)

Update, next one:

Hallo, wie Sie tun Sie akzeptieren, 450 EUR f√ºr diesen Artikel auch die Portokosten zu meiner Frau in Gro√übritannien

Update 2; WTF?:

hallo Ich bin der Mrs Rose Mary Lopez, ich bin am Kauf der Artikel bei Ihnen interessiert sind, so m√∂chte ich den aktuellen Status dieses Problem kennen und auch die letzte price.and die Methode der Zahlung per √úberweisung auf das Bankkonto, geben Sie dies bitte zur√ºck zu mir so bald wie m√∂glich an meine E-Mail-Adresse (rosemarylopez2001@gmail.com). Ich warte auf Ihre Antwort. Mit besten Gr√º√üen. Mrs Rose Mary Lopez

Update 3:

Nachricht: Hallo Verk√§ufer der Saison erg√§nzen i bin sehr an diesem Titel und ich interessiert sind, m√∂chten Sie mich wissen lassen, wenn ihr noch Avaialable zum Verkauf email me back asap .. bis janet.linda20009 @ gmail.com

Update 4:

Ich will gerne wissen, ob dieser Position ist noch verf√ºgbar zum Verkauf Zur√ºck zu mir auf: - mrs.marysandra@gmail.com

Update 5:

Hallo, Ich bin am Kauf dieses Artikels bitten lassen Sie es mich wissen, die Gesamtkosten f√ºr diesen Artikel und den Versand nach Nigeria mit DHL interessiert. Und auch senden Sie mir Ihre Bankverbindung, damit ich die Zahlung kann am Montag Morgen, nachdem die Artikel dringend erforderlich Danke (godwinc81@yahoo.com)

Update 6:

Hello You still have this item for sale? you can get back to me with the total cost payment via bank transfer or paypal so kindly reply me back to this email directly: stefaniebrown.aw@googlemail.com

Linux on the MSI Wind U115 with the GMA 500

2010-01-03

The GMA500 chipset which was licensed by Intel but originated at PowerVR has a pretty bad Linux support.
While there IS a driver, it is mostly closed source, shippes its own DRM module and is basically a big bag of hurt.
While there was some stuff to make it run on Ubuntu, I was never really able to have any success with following those guides.
Turns out, the driver used had a bug with the MSI Wind series of netbooks.
Luckily, linux-tipps.blogspot.com had an perfect how-to and a prepatched driver available over here.
I'm now running a fully functional Ubuntu 9.10 with the latest kernel updates and a bunch of applications at about 50% the size of the previous Windows 7 installation. This has the advantage that it actually fits perfectly on the netbooks SDD.

maze solver

2009-12-30

Just submitted my solution to the Ruby programming challenge for newbies #5

put the mouse over the image to see the result :)

Setting up prosody to authenticate against LDAP

2009-12-30

A few years ago, I set up a Jabber server at my university. It worked pretty fine in the beginning, but a lack of updates and a horrible java-overengineering led to the point where the server needed 400 MB of RAM and didn't even consider talking to LDAP anymore.

Since I had no intention of setting up openfire again, I decided to look for other tools.

There is ejabberd, but since I can barely read erlang, let alone write, I decided that I don't really want to deal with ejabberd :)

There also is Tigase, an open-source java based xmpp-server. Since I had bad experience setting up the whole java-enironment, I'd rather not try it again. There also is no support for authenticating against LDAP with Tigase at the time of writing.

The next contestant was Prosody. By simple looking at the website, you see the difference. Where as Tigase and ejabberd are basically a huge, ugly wall of text, prosody is a clean and simple lightweight design.

Prosody is written in Lua. While lua wasn't all thaaat slow to begin with (for a scripting language), since luajit came up, it is only arround 2 times slower than C, according to the benchmarks.

My problem with prosody in the past was the missing LDAP authentication feature. It wouldn't have been all that hard to implement it for somebody that actually knew lua, but I decided that I have other things to do at the moment. This is why this commit cought my eye:

first working version with Cyrus SASL support.

To quote from the ?official website?:

SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols.

Cyrus SASL is a matching library. Here is a quote from its freshmeat page:

The Cyrus SASL library is a generic library for easy integration of secure network authentication to any client or server application. It supports authentication via standard plaintext methods as well as CRAM-MD5 and DIGEST-MD5 shared secret methods and KERBEROS_V4 and GSSAPI Kerberos methods. The SASL protocol framework is used by SMTP, IMAP, ACAP, LDAP, and other standard protocols.

Prosidy uses lua-cyrussasl (which basically can't be found using google) to communicate with the library.

Getting sasl to run and auth against LDAP

While I don't remember everything I installed, here are some packages that seem appropriate:

cyrus-sasl-2.1.22-5.el5
cyrus-sasl-plain-2.1.22-5.el5
cyrus-sasl-lib-2.1.22-5.el5
cyrus-sasl-devel-2.1.22-5.el5
cyrus-sasl-md5-2.1.22-5.el5
cyrus-sasl-ldap-2.1.22-5.el5
cyrus-sasl-ntlm-2.1.22-5.el5

This will also install programs such as "testsaslauthd", "sasl2-sample-client", "sasl2-sample-server", "sasl2-shared-mechlist" and "sasl2-static-mechlist". They are very useful to see if your configuration is actually ok.

Now, set up your /etc/saslauthd.conf:

# cat /etc/saslauthd.conf  
ldap_servers: ldap://ldap1.example.org    
ldap_search_base: ou=userlist,dc=example,dc=org

After this (and maybe a /etc/init.d/saslauthd restart), the testsaslauthd command should work:

# testsaslauthd -u existing_user -p thepassword  
0: OK "Success."  
# testsaslauthd -u blabla -p narf  
0: NO "authentication failed"

This just set up the connection info for the saslauth daemon. To be able to auth against this, you'll need to set up a matching service.
This is basically just a config file that tells the cyrus-sasl library which service to auth against. For this, you'll have to set up your /usr/lib64/sasl2/xmpp.conf (or /etc/sasl2/xmpp.conf )

# cat /usr/lib64/sasl2/xmpp.conf  
pwcheck_method: saslauthd  
mech_list: PLAIN

This means that the service called "xmpp" (from the filename) only accepts plain passwords and uses the saslauth daemon to check them.

Check if this works by starting the sample server:

# sasl2-sample-server -s "xmpp" -m "PLAIN"  
trying 10, 1, 6  
trying 2, 1, 6  
bind: Address already in use

and connect to it using the sample client (probably in another terminal session):

# sasl2-sample-client -s "xmpp" -m "PLAIN" localhost  
receiving capability list... recv: {5}  
PLAIN  
PLAIN  
please enter an authentication id:  
please enter an authorization id: YOURUSERID  
Password: YOURPASSWORD  
send: {5}  
PLAIN  
send: {1}  
Y  
send: {22}  
youruserid[0]youruserid[0]yourpassword  
successful authentication  
closing connection

So far so good. You've set up a proper saslauthd and configured a service called xmpp.

Now:
Getting Prosody
There are installers/packages available for Debian/Ubuntu, Windows, Arch Linux, FreeBSD and Windows. The problem is that, at the time of writing, the sasl support hasn't made it into a stable build yet. That's why I decided to go for the current development version. I simply checked out the git mirror of their official repository (didn't have hg installed):

git clone http://github.com/bjc/prosody.git

As for other libraries, those are the ones:
liblua5.1, libssl (OpenSSL), libidn11

And the lua stuff you need (as far as I can remember):
lua-luasocket, lua-luasec, lua-expat, lua-cyrussasl (see above), lua-filesystem

You can get the them using your distributions package manager, luarocks (for the lua stuff) or download and compile them yourself.

After everything is installed, just do the usual:

./configure --ostype=linux   <-- can be "debian" or "macosx" too  
make    
make install

Configuring Prosody
In my case, the config file was copied to "/usr/local/etc/prosody/prosody.cfg.lua". After you configured the usual stuff (hostname, TLS/SSL, admins, ...) you have to put in the config option for the cyrus support to use the proper service to auth against:

cyrus_service_name = "xmpp"

Currently, there also is a problam that should be fixed within a couple of days: In the file /util/sasl_cyrus.lua, you have to edit line 34.

pcall(cyrussasl.server_init, "prosody")

the "prosody" string has to have the name of your service (e.g. xmpp) for it to work.

This should allow prosody to authenticate against LDAP using cyrus-sasl.
Have fun :)

Update fresh from the prosody chatroom:

(11:35:35 PM) darkrain: One minor thing, is that with the release of 0.7, you'll need to put sasl_backend="cyrus" in the config file
(11:35:41 PM) darkrain: and the default value of cyrus_service_name is "xmpp"
(11:35:54 PM) darkrain: (and the pcall thing has been fixed)
(11:36:01 PM) darkrain: s/One/three/

Online backup and sync with SpiderOak

2009-12-24

I decided that, while my old rsync/unison backup solution was working fine, I needed something else.
I recently got a netbook and wanted to be able to keep my documents between my laptop and the netbook in sync.
While rsync/unison worked ok, there were some encoding errors in filenames and the "manual" start of the backup always felt kinda strange.
I already had dropbox (ref link) on my laptop and was pretty happy with it. It worked fine but the space is limited and the pro account was too expensive for my taste. I also didn't want to store my files unencrypted in the cloud.

While dropbox offers a headless install for e.g. my v-server, it is pretty annoying that dropbox only has ONE folder that it is able to backup and this folder also always syncs completely.

I then stumbled upon Spideroak (ref link). The SpiderOak team immediately appeald to my nerdy side by having an engineering matters section on their site, complete with crypto details (2048 byte RSA and 256 bit AES, using a key created by the key derivation/strengthening algorithm pdkdf2 (using sha256), with 16384 rounds, and 32 bytes of salt).
The service is completely cross platform (I'm currently running it on Ubuntu 9.10 x86_64, 9.04 x86 server and 32bit Windows 7).
The allow people to select which folders they want to backup and which of those they want to sync with other computers.
They offer a commandline mode which has a whole bunch of options:


# SpiderOak --help
Usage: SpiderOak basic command line usage:

Options:
  --version             show program's version number and exit
  -h, --help            show this help message and exit
  -v, --verbose         be verbose: show detailed status information as it
                        happens
  -d NUMBER, --device=NUMBER
                        operate on specified device id (default is the local
                        device)
  -o DIR, --output=DIR  Target dir to restore items to (default is normal
                        download dir)
  --enable-schedule     honor the set activity schedule, even in batchmode
                        (normally the schedule is ignored in batchmode)
  --disable-schedule    disable activity scheduling

  Operational Modes and Commands:
    --backup=TARGET     ad hoc operation: backup whatever exists at TARGET in
                        the filesystem and exit (ignores existing backup
                        selection.)
    --restore=item      Restore a folder, file, or version.
                        Run "--restore help" for more info
    --headless          run in headless mode (without the graphical interface)
    --batchmode         like headless, but will exit when all available work
                        is done
    --sync              like batchmode, but only backup/update synced folders
    --scan, --scan-only
                        scan the filesystem for changes and report a summary
    --build, --scan-and-build-only
                        scan the filesystem, and build all possible file
                        system changes as shelved upload transactions, and
                        exit without uploading them
    --merge             merge and restore the contents of multiple paths from
                        arbitrary devices:  dev1:path1 .. devN:pathN
    --purge=item        purge a folder, file (including historical versions)

  Information Commands:
    --userinfo, --user-info
                        Show user and device info
    --space             Show space usage information by category and by device
    --tree              Show the hierarchy of stored backup folders
    --tree-changelog    Show a log of how the hierarchy of stored backup
                        folders has changed over time
    --journal-changelog=folder_or_journal
                        Show the changelog of a given folder
    --shelved-x, --print-shelved-x
                        Show information about each shelved upload transaction
    --fulllist          Show all folders and files stored on device

  Backup Selection Manipulation Commands:
    --selection, --print-selection
                        Show a list of selected and excluded backup items
    --reset-selection   Reset selection (but preserve excluded files)
    --exclude-file=EXCLUDE_FILE
                        Exclude the given file from the selection
    --exclude-dir=EXCLUDE_DIR
                        Exclude the given directory from the selection
    --include-dir=INCLUDE_DIR
                        Include the given directory in the selection
    --force             Do in/exclusion even if the path doesn't exist

  Maintenance Commands:
    --vacuum            Vacuum SpiderOak's local database (rebuilds indexs and
                        reclaims local disk space)
    --destroy-shelved-x
                        destroy each shelved upload transaction already in
                        progress.
    --repair            repair a local SpiderOak installation
    --rebuild-reference-database
                        rebuild the SpiderOak reference database (can take
                        awhile)
    --billing           print a secure web auto-login URL for billing info

  Dangerous/Support Commands:
    Caution: Do not use these commands unless advised by SpiderOak
    support.  They can damage your installation if used improperly.

    --empty-garbage-bin
                        purge all deleted items on the current device
    --apply-subscription-xact
                        apply all transactions previously received from remote
                        devices -- (not intended for general use -- this
                        normally happens automatically)

  Account Commands:
    --bootstrap=ACCOUNT_DEFINITION_FILE
                        Read a json definition file and use contents to create
                        a new account

There is a lot of tutorials and a faq that also answers technical questions.
The best thing: thanks to an education discount (you can ask me for the voucher code if you don't have an .edu email address from your university), I only pay 5 usd/month for 100 GB of backup space!

To install it on a headless webserver, just download the regular installer package for your distribution and launch spideroak one time using x-forwarding:

be sure you've got the "xauth" package installed
ssh -X your.server.com
/usr/bin/SpiderOak
set up what you want to
finally, add this entry to your crontab:
@reboot /usr/bin/SpiderOak --headless &

This will start SpiderOak on every reboot and backup files according to your wishes.
Some other random facts about SpiderOak:

you can select an ftp/sftp where spideroak should store a copy of the encrypted blocks. this can e.g. be a local NAS. This will speed up restore procedures (I don't use it, but nice to have)
spideroak allows to share files over the web, including picture galleries (all of that password protected)
you can stop uploads and resume them

Migrated to MongoDB

2009-12-22

I decided to procrastinate the hell out of this evening.
I spent the last 5 hours to completely rewriting the backend of my blogging-engine.
It used to be: redis
It now is: mongoDB

I saved TONS of code and have a really simple data-schema now :)
On the downside: the code is really unoptimized at the moment and basically uses a "brute force" approach to a lot of things.

Comparing the two, I have to say:
redis is simpler
MongoDB has awesome query options and is a bit better suited if I ever want to put other stuff on there (which I will!).

biometrische Passfotos selbstgemacht

2009-12-20

This one is in German as the whole "biometric german ID card" deal probably has a 99% German target audience :)

Ich kam unl√§ngst in die Situation mir einen Reisepass ausstellen lassen zu m√ºssen. Das Problem ist, dass man f√ºr diesen Pass nicht irgend ein beliebiges Passbild nehmen kann, sondern ein "biometrisches" ben√∂tigt.
Biometrisch bedeutet in diesem Fall, dass ein Computer mit schlecht geschriebener Software die Gesichtsmerkmale auch noch identifizieren kann.
Das hat zur Folge dass man auf einem biometrischen Passbild folgende Sachen machen sollte:

Gerade in die Kamera schauen (nicht den Kopf schr√§g halten)
Neutraler Gesichtsausdruck (nicht L√§cheln)
Gut Ausgeleuchtetes Bild (keine riesen Schatten im Gesicht, nicht zu hell, nicht zu dunkel, keinen Farbstich)
Kontrastreicher, einfarbiger Hintergrund
Gesicht erkennbar (Keine Haare im Gesicht, nicht die Augen geschlossen, keine M√ºtze im Gesicht, keine Sonnenbrille)
...

Genauere Hinweise mit Beispielen bekommt man bei der Bundesdruckerei.

Ich hatte keine besondere Lust mir einen Fotografen zu suchen und x Euro zu zahlen nur damit jemand eine Kamera bedient und 2 Minuten mit Photoshop (wenn √ºberhaupt) spielt.
Gl√ºcklicherweise besitze ich eine Digitalkamera und bin √ºber die Seite passbild-online.de gestoplert.

Lange rede kurzer Sinn:

Selber vor ruhigem Hintergrund mit Digicam fotographiert
Bild in Gimp (oder einem anderen Programm eurer Wahl) halbwegs zurecht geschnitten (genaue Daten w√§ren: Breite von 35 mm und H√∂he von 45 mm bei Aufl√∂sung von 300 dpi)
Foto zu passbild-online.de hochgeladen
√úberpr√ºfen ob die Biometrischen Verh√§ltnisse Stimmen:
Passbild auf entsprechendes Fotoformat vervielfachen lassen und speichern ("Speichern/Drucken 10x15"):
Zum Fotoservice eures Vertrauens gehen und Bild entwickeln lassen. Ich habe mich mal f√ºr den Mediamarkt entschieden.

Durch die Abholung im lokalen Mediamarkt entstehen gigantische kosten von 8 cent f√ºr 8 Passbilder :)