Linux

05
Oct
2021

How to fix ‘command not found: pio’ even though PlatformIO is installed

Problem:

You have installed PlatformIO on your computer using Visual Studio code, however when you try to run it in your terminal/shell, you see:

$ pio
zsh: command not found: pio

Solution:

PlatformIO is installed in $HOME/.platformio, but not added to the PATH environment variable, so your terminal can’t find it. Add it using

echo "export PATH=\$PATH:/home/${USER}/.platformio/penv/bin" >> ~/.profile

and then logout from your current session and log back in again (or reboot) in order for the changes to take effect. After that, you can run pio from any shell.

Posted by Uli Köhler in Linux, PlatformIO
05
Oct
2021

How to run single command on 3D printer using picocom

In our previous post How to connect to your 3D printer using picocom we showed how to open an interactive serial session on the command line using picocom. But you can also use picocom to run just a single command such as the M997 firmware update command:

echo "M997" | picocom -b 115200 /dev/ttyACM0 --imap lfcrlf --echo

If your USB serial device is named /dev/ttyUSB0 instead of /dev/ttyACM0 you can use this alternative version:

echo "M997" | picocom -b 115200 /dev/ttyACM0 --imap lfcrlf --echo

 

 

Posted by Uli Köhler in 3D printing, Linux
29
Sep
2021

How to install NodeJS 16.x LTS on Ubuntu in 1 minute

Run these shell commands on your Ubuntu computer to install NodeJS 14.x:

curl -sL https://deb.nodesource.com/setup_16.x | sudo -E bash -
sudo apt-get install -y nodejs

Instead of setup_16.x you can also choose other versions like setup_14.x. However, using this method, you can’t install multiple versions of NodeJS in parallel.

Source: Official nodesource documentation

Posted by Uli Köhler in Linux, NodeJS
26
Sep
2021

How to check SSL/TLS certificate expiry using openssl

Use the following command to check the expiry date of a SSL/TLS certificate. This command also includes SNI (server name indication)

echo | openssl s_client -connect techoverflow.net:443 2>&1 | sed --quiet '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -noout -text | grep --after 2 Validity

Remember to replace both instances of techoverflow.net by the domain name to test!

Example output:

Validity
    Not Before: Aug 18 00:00:00 2021 GMT
    Not After : Aug 17 23:59:59 2022 GMT

 

Posted by Uli Köhler in Linux, Networking
16
Sep
2021

How I fixed xHCI host controller not responding, assume dead

Problem:

In Linux, my USB 3.0 hub randomly kept resetting and only recovered after a reboot: All USB devices were offline until I manually rebooted the system. This is the dmesg output:

[ 3685.684555] xhci_hcd 0000:04:00.0: Abort failed to stop command ring: -110
[ 3685.716572] xhci_hcd 0000:04:00.0: Host halt failed, -110
[ 3685.716575] xhci_hcd 0000:04:00.0: xHCI host controller not responding, assume dead
[ 3685.716620] xhci_hcd 0000:04:00.0: HC died; cleaning up
[ 3685.716653] xhci_hcd 0000:04:00.0: Timeout while waiting for setup device command
[ 3685.716820] usb 3-2: USB disconnect, device number 3
[ 3685.716942] usb 4-2: USB disconnect, device number 2
[ 3685.716944] usb 4-2.4: USB disconnect, device number 3
[ 3686.268612] usb 3-2.3: device not accepting address 29, error -22
[ 3686.268694] usb 3-2.3: USB disconnect, device number 29
[ 3686.269109] usb 3-2.4: USB disconnect, device number 4
[ 3686.269114] usb 3-2.4.1: USB disconnect, device number 5
[ 3686.345109] usb 3-2.4.2: USB disconnect, device number 9
[ 3686.573230] usb 3-2.4.3: USB disconnect, device number 7
[ 3686.701272] usb 3-2.4.4: USB disconnect, device number 8

Solution:

I discovered the solution (which basically restarts the xHCI USB device) on the ArchLinux forums:

echo -n "0000:04:00.0" > /sys/bus/pci/drivers/xhci_hcd/unbind
echo -n "0000:04:00.0" > /sys/bus/pci/drivers/xhci_hcd/bind

You need to insert your device ID which you can find in the dmesg output (0000:04:00.0 in my case) and run the code as root.

Posted by Uli Köhler in Linux
12
Sep
2021

How to backup /etc/letsencrypt to local bup repository

The following script backups your Let’s Encrypt folder. I place the script in /etc/letsencrypt/backup.sh

#!/bin/bash
export BUP_DIR=/media/usb1/letsencrypt-myserver.bup
# Init
bup -d $BUP_DIR init

# Save LetsEncrypt directory
bup -d $BUP_DIR index . --exclude csr && bup save -9 --strip-path $(pwd) -n etc-letsencrypt .

# OPTIONAL: Add par2 information
#   This is only recommended for backup on unreliable storage or for extremely critical backups
#   If you already have bitrot protection (like BTRFS with regular scrubbing), this might be overkill.
# Uncomment this line to enable:
# bup fsck -g

# OPTIONAL: Cleanup old backups
bup -d $BUP_DIR prune-older --keep-all-for 1m --keep-dailies-for 6m --keep-monthlies-for forever -9 --unsafe

Typically, you only need to adjust the BUP directory in this line:

export BUP_DIR=/media/usb1/letsencrypt-myserver.bup

In order to automatically backup daily, you can use our script from How to create a systemd backup timer & service in 10 seconds. If you don’t want to read the post, just use this command:

wget -qO- https://techoverflow.net/scripts/create-backup-service.sh | sudo bash /dev/stdin

from the /etc/letsencrypt folder.

Posted by Uli Köhler in Linux
29
Aug
2021

How to add multiple VLANs over single network interface to Synology DSM

Update: This approach works for both Synology DSM version 6.x and 7.x (tested with 6.2 and 7.0). In DSM 7, you won’t see the added network interfaces in the control panel.

I have a Synology NAS running Synology DSM 7. Since I’m running multiple VLANs over a single 10 Gbit/s Ethernet Link, I want the NAS to have multiple sub-network-interfaces. For example, I want it to have not only eth5 (no VLAN) but also eth5.200 for VLAN 200.

In order to do this, I created /usr/local/etc/rc.d/vlan.sh which will be run on NAS startup (most methods described on Synology forums didn’t work for me).

#!/bin/sh
insmod /lib/modules/8021q.ko
ip link del eth5.200

ip link add link eth5 name eth5.200 type vlan id 200
ip addr add 10.82.66.1/24 brd 10.82.66.255 dev eth5.200
ip link set dev eth5.200 up

You will also see those network interfaces in the interface manager (the Synology DSM software will automatically generate config files for them) but they will all be labeled LAN 5, so sometimes you have to click through all of them in order to find the correct one.

In order to setup the interfaces, copy the script to /usr/local/etc/rc.d/vlan.sh, then

sudo chmod +x /usr/local/etc/rc.d/vlan.sh

then run it once using

/usr/local/etc/rc.d/vlan.sh

after which (DSM version 6 only!) you need to configure the IP addresses again in the Synology web interface (just like for any normal network interface).

Adding more VLANs is easy, just repeat all the lines except the insmod line, for example:

#!/bin/sh
insmod /lib/modules/8021q.ko
ip link del eth5.200
ip link del eth5.201

ip link add link eth5 name eth5.200 type vlan id 200
ip addr add 10.82.66.1/24 brd 10.82.66.255 dev eth5.200
ip link set dev eth5.200 up

ip link add link eth5 name eth5.201 type vlan id 201
ip addr add 10.82.67.1/24 brd 10.82.67.255 dev eth5.201
ip link set dev eth5.201 up

This approach using vlan.sh turned out to be both reboot-safe and update-safe, although so far I have not performed the upgrade to Synology DSM 7.x

Posted by Uli Köhler in Linux, Networking
19
Aug
2021

How to automatically re-resolve DNS in Wireguard on Linux

When installing wireguard-tools on Linux, it includes a script called reresolve-dns.sh. This will take care of automatically re-resolving.

According to its documentation, you should run it every 30 seconds or so.

So we can just create a systemd timer to run it every 30 seconds.

Easy way

Use our script

wget -qO- https://techoverflow.net/scripts/install-wireguard-reresolve-dns.sh | sudo bash /dev/stdin

Now you need to enable it for each relevant interface separately, for example for wg0:

systemctl enable --now [email protected]

Hard way

Do manually what our script does.

Create /etc/systemd/system/[email protected]:

[Unit]
[email protected]

[Service]
Type=oneshot
ExecStart=/usr/share/doc/wireguard-tools/examples/reresolve-dns/reresolve-dns.sh %i

Create /etc/systemd/system/[email protected]:

[Unit]
[email protected] timer
[Timer]
[email protected]%i.service
OnCalendar=*-*-* *:*:00,30
Persistent=true
[Install]
WantedBy=timers.target

Now you need to enable it for each relevant interface separately, for example for wg0:

systemctl enable --now [email protected]
Posted by Uli Köhler in Networking, systemd, VPN, Wireguard
19
Aug
2021

How to run systemd timer every 30 seconds

The syntax to run a systemd timer every 30 seconds is:

OnCalendar=*-*-* *:*:00,30

i.e. run on the first (00) and 30th second of every minute.

Posted by Uli Köhler in Linux, systemd
06
Jul
2021

How to fix apt update EXPKEYSIG 1F3045A5DF7587C3

Problem:

When running sudo apt update you see the following error message:

Err:19 https://josm.openstreetmap.de/apt focal InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 130A439C78FC0F87
Reading package lists... Done
W: GPG error: https://josm.openstreetmap.de/apt focal InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 130A439C78FC0F87

Solution:

Add the JOSM key using

wget -q https://josm.openstreetmap.de/josm-apt.key -O- | sudo apt-key add -

After that, the error should be fixed and you can run

sudo apt update

again.

Posted by Uli Köhler in Linux
06
Jul
2021

How to fix apt update EXPKEYSIG 1F3045A5DF7587C3

Problem:

When running sudo apt update you see the following error message:

Err:14 https://repo.skype.com/deb stable InRelease
  The following signatures were invalid: EXPKEYSIG 1F3045A5DF7587C3 Skype Linux Client Repository <[email protected]>

Solution:

Delete and re-add the skype key using using

sudo apt-key del 1F3045A5DF7587C3
curl https://repo.skype.com/data/SKYPE-GPG-KEY | sudo apt-key add -

After that, the error should be fixed and you can run

sudo apt update

again.

Posted by Uli Köhler in Linux
06
Jul
2021

How to automount CIFS/SMB on Alpine Linux

In order to automatically mount CIFS on boot of an Alpine Linux instance, use a line like this in /etc/fstab:

//1.2.3.4/mydrive /mydrive   cifs uid=1000,gid=1000,credentials=/root/.smb-credentials,iocharset=utf8,noperm 0 0

with a standard /root/.smb-credentials like this:

user=myuser
password=raatahteiC1veiza8ahno8lu5quook

and run the following command to enable automount on boot:

rc-update add netmount boot

After a reboot, the filesystem should mount automatically.

Posted by Uli Köhler in Alpine Linux, Networking
04
Jul
2021

How to fix apt update EXPKEYSIG 1DB7590E83C8F643

Problem:

When running sudo apt update you see the following error message:

Err:14 https://ocean.surfshark.com/debian stretch InRelease
  The following signatures were invalid: EXPKEYSIG 1DB7590E83C8F643 Surfshark package maintainer <[email protected]>

Solution:

Download the updated Surfshark release package (which contains the updated key from the repository) from the Surfshark website and install the package e.g. using

sudo dpkg -i ~/Downloads/surfshark-release_1.0.0-2_amd64.deb

After that, the error should be fixed and you can run

sudo apt update

again.

Posted by Uli Köhler in Linux
24
Jun
2021

How to install python-config on Alpine Linux

I recommend to use Python 3.x since Python 2.x is deprecated!

Installing python-config for Python 3.x

The python3-dev apk package provides /usr/bin/python3-config, so you’ll have to symlink that to /usr/bin/python-config:

apk update
apk add python3-dev
ln -sf /usr/bin/python3-config /usr/bin/python-config

Installing python-config for Python 2.x

Just install python2-dev, which installs /usr/bin/python-config

apk update
apk add python2-dev

 

 

Posted by Uli Köhler in Alpine Linux
19
Jun
2021

How to run Jupyter Hub (multi-user mode) using systemd

The following script will install Jupyter Hub in single user mode (i.e. only a single Linux user can login to Jupyter Hub using the web interface).

Prerequisites

First install Python & PIP, then NodeJS, then Jupyter Hub, then configurable-http-proxy :

curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
sudo apt-get install -y nodejs python3-pip
sudo pip3 install jupyterhub
sudo npm i -g configurable-http-proxy

Installing the Jupyter Hub systemd service

Run the following script using sudo!

#!/bin/bash
# This script installs and enables/starts the JupyterHub systemd service
export NAME=JupyterHub

# Create service file
cat >/etc/systemd/system/${NAME}.service <<EOF
[Unit]
Description=${NAME}

[Service]
Type=simple
ExecStart=/usr/bin/env jupyterhub --port=11569
User=root
Group=root

Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target
EOF

# Enable and start service
systemctl enable --now ${NAME}

This script will install a systemd service named JupyterHub autostart it on boot. It is running on port 11569 by default.

Posted by Uli Köhler in Python, systemd
18
Jun
2021

How to run Jupyter Hub (single user mode) using systemd for autostart

Note: This will only allow a single (preconfigured) user to login to Jupyter lab! See How to run Jupyter Hub (multi-user mode) using systemd on how to deploy Jupyter Hub in multi-user mode using systemd, which allows any Unix user to login!

The following script will install Jupyter Hub in single user mode (i.e. only a single Linux user can login to Jupyter Hub using the web interface).

Prerequisites

First install Python & PIP, then NodeJS, then Jupyter Hub, then configurable-http-proxy :

curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
sudo apt-get install -y nodejs python3-pip
sudo pip3 install jupyterhub
sudo npm i -g configurable-http-proxy

Installing the Jupyter Hub systemd service

Run the following script as the user you want to be able to login! Do not run the script using sudo !

#!/bin/bash
# This script installs and enables/starts a systemd service
export NAME=JupyterHub-$USER
export GROUP=$(id -gn $USER)
# Create service file
sudo tee /etc/systemd/system/${NAME}.service <<EOF
[Unit]
Description=${NAME}

[Service]
Type=simple
ExecStart=/usr/bin/env jupyterhub

WorkingDirectory=$HOME
User=$USER
Group=$GROUP

Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target
EOF

# Enable and start service
systemctl enable --now ${NAME}

This script will install a systemd service named JupyterHub-$USER (where $USER is the current user, e.g. uli) and autostart it on boot.

Running multiple services

If you run multiple services, you can run the script for each user and choose a unique port for each service by adding --port=7219 to the /usr/bin/env jupyter hub command, e.g.

ExecStart=/usr/bin/env jupyterhub --port=7192

Alternatively, you can run a single systemwide Jupyter Hub in multi-user mode where multiple users can log in.

Posted by Uli Köhler in Python, systemd
11
Jun
2021

How to run Jupyter Lab as systemd service

If you want to run your Jupyter Lab as a network service on any modern Linux distribution, you can install a systemd service that runs Jupyter. First, you need to install jupyter lab using

sudo pip3 install jupyterlab

In case you don’t have pip3, use sudo apt -y install python3-pip or the equivalent on your distribution.

Note that this script will run Jupyter without token authentication and without password and it will listen on any IP (--ip=0.0.0.0) by default. Either change the command line flags or be aware of the security implications !

#!/bin/bash
# This script installs and enables/starts a systemd service
export NAME=Jupyter

# Create service file
cat >/etc/systemd/system/${NAME}.service <<EOF
[Unit]
Description=${NAME}

[Service]
Type=simple
ExecStart=/usr/bin/env jupyter lab --ip=0.0.0.0 --port 17256 --LabApp.token=''

WorkingDirectory=/home/uli/jupyter
User=uli
Group=uli

Restart=on-failure
RestartSec=5s

[Install]
WantedBy=multi-user.target
EOF

# Enable and start service
systemctl enable --now ${NAME}

You need to change the following entries in the script in order to make it work for you:

WorkingDirectory=/home/uli/jupyter
User=uli
Group=uli

Set the WorkingDirectory to whatever directory you want Jupyter to run in. Note that anyone being able to access the webinterface will basically have full access to that directory!

Set User and Group to the user that should run. Note that running Jupyter as root is not allowed. In case you still want to do it, add the --allow-root flag to the command line options.

Now run the script as root to install the service:

sudo ./install-jupyter-service.sh

Now you can access Jupyter at http://[ip of the computer]:17256.

Changing the configuration

In order to change the configuration, I recommend to edit /etc/systemd/systemd/Jupyter.service (or /etc/systemd/systemd/${NAME}.service if you changed export NAME=Jupyter) directly. After that, run

sudo systemctl daemon-reload
sudo systemctl restart Jupyter

You can also change the installation script and re-run it, but you still need to run daemon-reload and restart.

Running multiple Jupyter instances

In order to run  multiple instances, just run multiple copies of the installation script with different names. For example, use

export NAME=Jupyter-DeepLearning

Debugging Jupyter Lab output

If you have problems with Juypter Lab starting up, use

sudo systemctl status Jupyter

in order to view the status and

sudo journalctl -xfu Jupyter

to view all the logs.

Status output example:

● Jupyter.service - Jupyter
     Loaded: loaded (/etc/systemd/system/Jupyter.service; enabled; vendor preset: enabled)
     Active: active (running) since Fri 2021-06-11 03:44:28 CEST; 4s ago
   Main PID: 48753 (jupyter-lab)
      Tasks: 1 (limit: 14226)
     Memory: 51.7M
     CGroup: /system.slice/Jupyter.service
             └─48753 /usr/bin/python3 /usr/local/bin/jupyter-lab --ip=0.0.0.0 --port 17256 --LabApp.token=

Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.215 ServerApp] nbclassic | extension was successfully loaded.
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.216 LabApp] JupyterLab extension loaded from /usr/local/lib/python3.8/dist-packages/jupyterlab
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.216 LabApp] JupyterLab application directory is /usr/local/share/jupyter/lab
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.219 ServerApp] jupyterlab | extension was successfully loaded.
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.220 ServerApp] Serving notebooks from local directory: /dev/shm
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.220 ServerApp] Jupyter Server 1.8.0 is running at:
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.220 ServerApp] http://uli-desktop:17256/lab
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.220 ServerApp]     http://127.0.0.1:17256/lab
Jun 11 03:44:29 uli-desktop env[48753]: [I 2021-06-11 03:44:29.220 ServerApp] Use Control-C to stop this server and shut down all kernels (twice to skip confirmation).
Jun 11 03:44:29 uli-desktop env[48753]: [W 2021-06-11 03:44:29.224 ServerApp] No web browser found: could not locate runnable browser.

Uninstalling the Jupyter Lab service

In order to just stop and disable autostart (but not uninstall) the jupyter lab service, use

sudo systemctl disable --now Jupyter

After that, you can just remove the service file in order to permanently uninstall the service:

sudo rm /etc/systemd/system/Jupyter.service

You can always reinstall using our installation script.

Note that if you have changed the export NAME=... line, you need to replace Jupyter by the value of Name

Posted by Uli Köhler in Python, systemd
11
Jun
2021

Autoinstall script for systemd timer and associated service

The following script will install a systemd .timer file and the associated .service file  into /etc/systemd/system/ and enable the timer (i.e. start on boot) and start the timer immediately.

#!/bin/bash
# This script installs and enables/starts a systemd timer
# It also installs the service file that is run by the given timer
export NAME=MyService

cat >/etc/systemd/system/${NAME}.service <<EOF
# ADD SYSTEMD SERVICE FILE CONTENT HERE
EOF

cat >/etc/systemd/system/${NAME}.timer <<EOF
# ADD SYSTEMD TIMER FILE CONTENT HERE
EOF

# Enable and start service
systemctl enable --now ${NAME}.timer

In order to modify the script for your systemd service, replace MyService by the desired name of your service in

export NAME=MyService

insert the content of your .service file at

# ADD SYSTEMD SERVICE FILE CONTENT HERE

and insert the content of your .timer file at

# ADD SYSTEMD TIMER FILE CONTENT HERE

Full example

The following complete example installs a systemd service named MyService that runs /usr/bin/python3 myscript.py every two hours:

#!/bin/bash
# This script installs and enables/starts a systemd timer
# It also installs the service file that is run by the given timer
export NAME=MyService

cat >/etc/systemd/system/${NAME}.service <<EOF
[Unit]
Description=${NAME}

[Service]
Type=oneshot
ExecStart=/usr/bin/python3 myscript.py
WorkingDirectory=/opt/myservice
EOF

cat >/etc/systemd/system/${NAME}.timer <<EOF
[Unit]
Description=${NAME} timer

[Timer]
OnCalendar=*-*-* 00,02,04,06,08,10,12,14,16,18,20,22:00:00
Persistent=true

[Install]
WantedBy=timers.target
EOF

# Enable and start service
systemctl enable --now ${NAME}.timer
Posted by Uli Köhler in systemd