Schwie's Pad

I’m stubbornly keeping macOS Server on my Mac mini running High Sierra, as I love it’s GUI for controlling server components. I understand macOS Server wasn’t a profit leader for Apple, but it was such an elegant solution for some of us! Darn it, my mini will probably get hacked for its server components being out of date before someone pries my fingers off macOS Server.

Anyway, today I noticed I was suddenly having conflicts trying to launch Homebridge on port 8080 after installing a security patch on High Sierra. It appears the security patch messes with macOS Server’s web server settings. Fortunately, mighty Wayne Dixon encountered this issue on Mojave and published a fix. Thanks, Wayne! I changed mine from 8080 to 8081.

For now I’m back in business and reading Wayne’s solution might have tempted me to try Mojave if this mini was compatible and it won’t be unless I also try DOSDude1’s app to load Mojave… Hmmm, I’ll think about it…

Also, I briefly thought someone had hacked my server for their own use of port 8080, but this advice quickly helped me track down what it was with these commands:

sudo lsof -i :80 # checks port 8080

Then I saw something similar to:

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME acwebseca 312 root 36u IPv4 0x34ae935da20560c1 0t0 TCP 192.168.1.3:50585->104.25.53.12:http (ESTABLISHED)

Which showed a service using the PID and we probe that further:

ps -ef 312

To see:

UID PID PPID C STIME TTY TIME CMD 0 312 58 0 9:32PM ?? 0:02.70 /opt/cisco/anyconnect/bin/acwebsecagent -console

Mine showed an Apache2 folder that I led me to Wayne’s fix above.

While moving components over to my new Blacktacular frame, I noticed that I was using the wrong tensioner bolt and inadequate spacers for for my chainline. My Military Green Big Dummy has the new chainring set up, which unfortunately I goofed and left the old 8253 tensioner bolt in place and not enough spacers to reach a 58mm chainline. With the Blacktacular frame, I’m getting it right.

Fortunately, I already had the spacers and the 8255 tensioner bolt in my bag of Rohloff parts, so I installed them. With the corrected 58mm chainline in place, I also noticed the tensioner jockey wheels were trashed after only a year of use, but operating them at a 54mm chainline certainly didn’t help. I’ve faithfully purchased Rohloff jockey wheels, but its always bugged me that they are expensive, plastic, and take a while to get here in the U.S.

Time for a jockey wheel replacement and here’s my latest workaround. I purchased these 10t jockey wheels on eBay. The wheels are aluminum and have removable dust covers, which is key. I removed the dust covers and drilled through them with a 1/4-inch drill bit. Take care to drill slowly and keep the drill bit straight and center. After you fully penetrate the dust cover, you’ll need to ream the whole out by running the drill bit at angles, which I did in a circular motion. Reaming the dust cover with the 1/4-inch bit will make them large enough to slide over the tensioner’s axle and you’ll only need to do this for the upper pulley. I’m sure Rohloff has a good reason for using different size tensioner axles and the lower axles narrower diameter allows it to work with stock 10t jockey wheels.

After replacing the dust covers on the 10t jockey wheel and installing both on tensioner, its back in business and works great. Not to mention it looks good. After drilling out one set of dust covers, I’ll be able to move these dust covers to my next set of jockey wheels when I wear these ones out, which could be as soon as next year?

Minnesota winters are fun; however, the chemicals used by public utilities to fight road ice makes conditions harsh for bicycles. Back in February, the back of my Big Dummy frame rusted and broke off, this was after I applied boiled linseed oil to the inside of the frame twice; once in 2011 and once in 2016.

Surly was kind enough to offer me a crash discount on a new frame. I lusted for the Big Fat Dummy, but I’m still loving my Rohloff rear hub and having recently picked up a second Rohloff, I struggled with leaving my 135mm Speedhubs and having to get new ones with the 190/197mm spacing – that would have cost me several thousand dollars.

I was sad to pull my Military Green frame with swooping top bar out of service, but thanks to Freewheel, it was easy to move my components over to a new Blacktacular frame. Before building it up, I applied boiled linseed oil and while doing it, I noticed why my last Military Green frame failed where it did. The curved bars that rusted through, just behind the rear wheel dropouts, are only 16mm in diameter and getting boiled linseed oil to go back there is difficult. To anyone riding winters with their Dummy, I strongly encourage you to spin the frame in all directions and plug the weep holes to make sure you’re getting a good coating on the curved bars behind the rear dropouts. I’ll keep you posted how long this frame lasts 🙂

I’ve posted ways to update php on macOS Server. My Mac mini is now running macOS Server 5.6.1 on macOS High Sierra and WordPress dutifully reminded me it is time to update php to a supported version, so read on for how it came together.

Before hitting the steps below, High Sierra’s sandboxing and needing to edit system files are difficult unless you boot from recovery mode to temporarily disable SIP, “csrutil disable”. Or, if you have the luxury I have, I was able to boot from my backup and edit my main drive. Doing this allowed me to delete Apple’s libphp7.so file from “/usr/libexec/apache2”.

1. Open Terminal and execute one line of code to get the latest stable php version, 7.3.8 at the time of this post, using the following command (and yes, even though below says 7.3, it will grab 7.3.8):

curl -s http://php-osx.liip.ch/install.sh | bash -s 7.3
sudo pico /Library/Server/Web/Config/apache2/httpd_server_app.conf

The second command allows you to edit “/Library/Server/Web/Config/apache2/httpd_server_app.conf”. Search for the line with “php7_module” and change the file path to point to the new libphp7.so file:

LoadModule php7_module /usr/local/php5/libphp7.so

Notice that this path is different than “/usr/local/php4/php5-7.3.8-20190811-205217”, but the above path has an alias that points to 7.3.8 and should enable future upgrades (hint, when we’re ready for php 7.4 and beyond).

2. Verify that the updated php is running with the following command:

schwie:apache2 bradschwie$ php -version
PHP 7.3.8 (cli) (built: Aug 11 2019 20:50:16) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.8, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.3.8, Copyright (c) 1999-2018, by Zend Technologies
with Xdebug v2.7.2, Copyright (c) 2002-2019, by Derick Rethans

3. To verify that php 7.3.8 is running on your webserver, restart your machine (or restart the Apache web server from Terminal):

sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/server-apachectl graceful

To complete this verification, I recommend temporarily placing an “info.php” file on your webserver to know which php version your webserver is relying on and where the php.ini file is saved. Mine was stored here “/usr/local/php5/lib/php.ini”. I keep the info.php file on my server, but for security purposes I recommend commenting out the body of the file after obtaining your php configuration information.

4. After completing step 3, I moved back to my blog and noticed all sorts of JIT errors. Others recommended disabling JIT from the php.ini file linked above, so I did the same by adding:

pcre.jit=0

5. Finally, my blog was complaining that it didn’t have the imagick php extension. My server has brew, so adding imagick is pretty easy using Mattias’ instructions, but after his step to install imagemagick, install autoconf to avoid errors with the pecl command:

brew install autoconf

So far so good. I’ll keep you posted when I make changes or move along to 7.4.

Last note, I also looked at instructions posted here, but I don’t believe I needed them in the end.

After starting with a clean install of Catalina, I also installed WinShortcutter and found that it no longer properly showed itself properly in System Preferences with the prefpane not fully expanding downward to show all of WinShortcutter’s advanced settings. I also noticed that Tech-Arrow seems to be continuing development of WinShortcutter, but I wanted to continue using Lobotomo’s free version, so that’s why I wrote this.

The issue above might have something to do with Dark Mode in Catalina, as I noticed that even after following the steps below, WinShortcutter’s prefpane doesn’t do Dark Mode like the rest of System Preferences prefpanes. This fix won’t correct that and you should maybe consider Tech-Arrows product if you need that feature.

For this fix, it helps if you have a backed copy of your old system preferences. Lobotomo’s archived forums indicate WinShortcutter’s settings are saved here:

~/Library/Preferences/com.fribi.WinShortcutter.plist

I had the fortune of grabbing a copy of the above .plist from my last back up. If you don’t have a copy, feel free to use mine. I then replaced the existing .plist with the copy from my back up. When I re-entered System Preferences, it failed to import my old WinShortcutter settings, but now the window fully expands to show the advanced settings, woohoo!

I was then able to finish configuring WinShortcutter again, which included getting the Services menu to let me copy Windows files paths for outgoing emails. Tech-Arrow’s user manual led me to configuring Services properly by going to System Preferences->Keyboard->Shortcuts and putting a check next to “Open as Windows Link” and “Copy Path to Clipboard”.

Over the shelter-in-place period, Ella and I broke into making soda pop with our first batch of ginger-ale. We soon realized if we added more yeast and let it ferment longer, we’d get more fizz. We started reading a book on soda pop, but I remembered folks in my ‘hood spoke of making kombucha. Reading more about it, kombucha is made from a SCOBY, a symbiotic culture of bacteria and yeast – how cool! As long as you feed the SCOBY sugared up tea, it will do the job of helping to make a fizzy drink.

The excellent Lindenfelsers’ gave me a perfectly simple recipe: brew 6 cups tea, dissolve 1 cup sugar, and when it cools add your SCOBY to brew for 2-3 weeks. I’m using their basic recipe before I get silly on second fermentations with fruit, but I also wanted to read more about it. For those of you considering breaking into the hobby, here are a few websites I found interesting, with the first one going into some of the science that I gladly appreciate:

1. https://scienceandfooducla.wordpress.com/2015/11/10/kombucha-brewing-the-process/
2. https://ifoodreal.com/flavoring-kombucha-how-to-make-kombucha-fizzy/
3. http://www.picklejarstudios.com/strawberry-rhubarb-kombucha/

I have been brewing kombucha in a large mixing bowl covered with a dish towel and a rubber band around the top. After the first fermenting period is complete, I pour the bowl through a fine-mesh strainer and into another bowl with blended fruit or straight into bottles, always reserving one cup of kombucha from each batch and the SCOBY for your next batch.

For the bottles, I biked to a liquor store and bought a 4-pack of the delicious Grölsch, but you might want to explore other options here:

https://myfermentedfoods.com/kombucha-bottles/

Also, I’ve only been using black tea for the fermentation period, but after I research whether or not caffeine is needed, I may start branching out with tea flavors as Ellen repeatedly told me. Oh, and I also grew a baby SCOBY on the side for Lurch:

Will report back more later, but our first batch of strawberry rhubarb kombucha was definitely tasty and explosively fizzy 🙂 I’m tracking batches with this spreadsheet.

Tested out Batchomatic on my iPhone XS Max today. I perused some other tips before diving in this and found the last part about how to install the .deb a bit unclear, exactly what to tap. I had previously exported .deb files from iOS 13.3 in anticipation of an upgrade to iOS 13.5 before Apple stops signing it.

To re-install tweaks from 13.3 on to 13.5, I used the following general steps:

1. Update or restore your iPhone to iOS 13.5
2. Install AltStore on your Mac and iPhone.
3. On your iPhone, tap Cydia to update it and install Batchomatic, OpenSSH and Filza.
4. Transfer the .deb file containing your tweaks from your Mac to /var/mobile/BatchomaticDebs on your iPhone (I used FileZilla from my Mac to connect to my iPhone).
5. From your iPhone, open Filza and navigate to “/var/mobile/BatchomaticDebs”, tap the .deb file you placed with step 3, and in the upper right hand corner tap “Install” (don’t bother tapping “Extract”, it won’t help you for this exercise).
6. When the install is complete, move back to Cydia->Search, tap Batchomatic’s icon in the upper left corner, tap “Install .deb”, and tap “Proceed”.

Your tweaks should now install. Mine belched an error message about not being able to install Karen’s AppSync Unified, so I went back afterward and installed it manually. Finally, if you have trouble with errors about not being able to install more than 3 apps, I found a couple issues. One, I had Apple’s TestFlight and another developer’s beta, Eat It, on my iPhone. Two, the 13.5 restore brought back AltStore and unc0ver, so I had accidentally tried installing AltStore twice, this Tweet may also help you out of this issue.

On my macbookpro12,1, Time Machine could no longer do backups and I wanted to start a new archive. I didn’t want to lose my previously backed up files nor did I want to start a new backup from scratch as it takes several hours. To repair the existing backup stored on our Time Capsule, I tried using instructions on this guy’s blog.

Sadly, fsck_hfs couldn’t repair my .backupbundle/sparsebundle, so I had to start over anyway! This has happened to me and others a few times in the past, so maybe the instructions above will be useful later. Better yet, copying and pasting the commands above gets old, so I may try the shell script here: https://gist.github.com/ahknight/dec202583a910756c6d9 It also might help to add “fsck_hfs” to your full disk allowed list in System Preferences->Security->Privacy->Full Disk Access. Finally, others have asked me about scheduling Time Machine backups. I may give these instructions a shot at some point, as it may relieve the issues that caused me to write this post.

I still keep AirPort routers in our house, because they perform fine and are relatively easy to manage. Of course, one AirPort Express proved to be stubborn to configure from my macbookpro12,1.

I had revived this AEX just a day ago and wiped it clean, but any follow up attempts to configure from my MacBook Pro resulted in an error while updating the configuration.

The fix was relatively easy. I moved to our Mac mini which has a wired connection to the network and it was able to update the AEX’ configuration. Better news, follow up attempts to change the configuration from my MacBook Pro are now successful.

I understand security is an issue with PPTP VPN connections, but mitigation systems I access have routers that still rely on this protocol. Apple’s macOS began leaving PPTP years ago and with Catalina, the purge is complete. Fortunately, Filip Molcik and his readers have tackled this and I’ve modified their instructions here for connecting with SmartFlex routers as described in the following steps:

1. Open Terminal.app and run the following command (you may need to precede these with ‘sudo’):

mkdir /etc/ppp/peers
cd /etc/ppp/peers
sudo pico pptp_config_file

2. Paste in the following text and replace instances of REMOTE_ADDRESS, USERNAME, and PASSWORD with what is required by your PPTP server (also note, this text includes commands to refuse authentication for EAP, CHAP, and MSCHAP, if you’re connecting to a PPTP server different than a SmartFlex router, you may need to put hashtags on these lines):

pty “/usr/local/bin/pptp REMOTE_ADDRESS –nolaunchpppd”
remoteaddress REMOTE_ADDRESS
user USERNAME
password PASSWORD
# require-mppe-128
# logfile /tmp/pptp_vpn_log.txt
## Other settings
noauth
refuse-eap
refuse-chap
refuse-mschap
redialcount 1
redialtimer 5
idle 1800
mru 1436
mtu 1436
receive-all
novj 0:0
ipcp-accept-local
ipcp-accept-remote
hide-password
looplocal
nodetach
ms-dns 8.8.8.8
usepeerdns
debug
defaultroute

3. Download a copy of Filip’s PPTP library built from Debian:

http://filipmolcik.com/releases/pptp/pptp.zip

And save this file in:

/usr/local/bin

4. To establish the PPTP VPN connection, I’ve found you need to keep the command prompt for Terminal.app in the same directory where the config file is saved from step 1, above. If so, make the connection in Terminal.app with this command:

sudo pppd call pptp_config_file

5. I should make a script for this, but I use it so infrequently I may not bother. For now, I disconnect by opening Activity Monitor, searching for PPTP, highlight it, click the “x” button, and choose “Quit”.

After making the connection, pptp surged to using about 90% of the cpu on my macbook12,1, but it has since settled down. Thanks, Filip!

Should these connections require MPPE in the future, we’ll need to replace the downloaded file in Step 3 with this library.

Last note, my MacBook Pro connects and pings the ip address it receives, but it can’t ping anything else on the network. Will hopefully resolve this soon.