Tuesday, September 18, 2018

WebODM install on openSuse

Although docker image for ODM available online i tried to install it on native Linux environment.

I started with the git hub page https://github.com/OpenDroneMap/WebODM , as per the instructions we need to install following dependencies.



  • PostgreSQL (>= 9.5)
  • PostGIS 2.3
  • Python 3.5
  • GDAL (>= 2.1)
  • Node.js (>= 6.0)
  • Nginx (Linux/MacOS) - OR - Apache + mod_wsgi (Windows)
  • Redis (>= 2.6)


As per instruction i tried "apt-get install binutils libproj-dev gdal-bin nginx" but it failed to install gdal and libproj, so i tried to install softwares one by one.

Install dev/devel version of every package, dev/devel version contain source code for the respective package which is necessary for the whole build. 

Postgres

installed all of them postgre, postgre-server, postgrees-devel ..and postgre-contrib

it installed postgre10

Postgis

my package manager did not find this in default server list. I dont want to additional servers. So i tried with sources. Downloaded the source package "postgis-2.4.6dev" .Unzipped and started configure.
 Now it need c compile, installed gcc but still complained about c11 support, solved with install gcc-g++

additional package needed Geos, GDAL, Proj4 all three need to be installed through source files try to install geos 3.7

You will also need to install and/or build LibXML2 and JSON-C.

after all dependencies installed you will complete configure

then make and make install

Install all of the rest

Install python3, nodejs, nginx, redis

start redis, start postgres

Now copy the webodm source to local file system, create database, configure webodm .Follow the instructions on rest of the page that will without any problem.

All the best for your ODM Server.



Tuesday, December 24, 2013

Domain Name Portability as easy as MNP

Hi friends have you ever registered a domain name for your personal site, business, photo collection or group,  there are several companies like Godaddy, bigRock, HostGator, indialinks which are selling domains at very cheap rate  INR 90/-, these cheap price offers are like a trap for newbies.

For example bigrock sells a .com domain at INR 90/- only , this cheap price attracts the customer but when you go to the panel it reveals all the limitations, godaddy has a limitation to number of edits in the control panel. Some times the services may be OK but the renewal price is 2 times of the market price INR 1000/- for .com domains , so the user want to know change the provider. well now how can he do that, if u are unsatisfied with only the hosting service then u can change the hosting only , u have to do only one edit, change the nameserver entry. if u want get fully disconnected from the provider then there is a option which needs some conditions like MNP for mobile phone service providers i.e. the domain most 60 days old from registration date or from last reactivation(not renewal) date. And it will give u 1 year domain rent Free from the provider as per ICANN rule. 

Domain Transfer Guide

Please read this step-by-step domain transfer guide to ensure a quick and easy transfer.
  • Verify that it's at least 60 days after your registration date or last domain transfer.

    In accordance with ICANN rules, you cannot transfer your domain to another provider until 60 days after your domain has been registered or previously transferred within the last 60 days.
  • Make sure your domain is unlocked

    Locked domains cannot be transferred. If your domain is locked, you can unlock the same from your current registrar's control panel.
  • Check your administrative contact email address

    Your current Domain Registrar and new Registrar both will send an email to your domain administrative contact to confirm your domain transfer. If you can't receive the confirmation, you won't be able to complete the transfer. If your administrative contact email address is incorrect, please change it from your current registrar's control panel.
  • Get your Domain Authorization Code

    Domain Authorization Code acts like a Password of your domain name and it is assigned by Domain Registrar when you register or transfer domain name. Domain Names can not be transferred without Authorization Code.
  • Apply for Domain Transfer with IndiaLinks

    Login to your control panel and apply for domain transfer. Your account manager will send you a confirmation as soon as your domain transfer is completed. A Domain transfer can take upto 10 days once domain transfer is authorized by the administrative contact.
  • FREE 1 year extension

    Once your domain is transferred, we will add 1 year to your domain's expiry date at no additional cost.
  • Seemless Transfers

    All domain transfers are seemless. During transfer process, name servers of your domains are not altered. You will not face any downtime due to domain transfer process.

Please note

  • ICANN rules prohibits transfer of domain name which have been registered or transferred within last 60 days.
  • If you have renewed an expired domain name with your current registrar, please wait for atleast 45 days from the previous expiry date before you apply for transfers. You will not be eligible for free 1 year extension for such domains if you transfer them within this period.
References:
http://archive.icann.org/en/transfers/policy-12jul04.htm
http://in.godaddy.com/agreements/showdoc.aspx?pageid=DOMAIN_NC&prog_id=GoDaddy
http://support.hostgator.com/articles/domain-names/how-can-i-transfer-my-domain-to-you
http://www.bigrock.in/content.php?action=transfer_guide

Thursday, November 7, 2013

ebox Zentyal .. i hate that

last night i was working for fbconnect for one of my applications, well they have changed the rules, if u want your application to run out of sandbox(i.e. visible to all users) you need both an http and https link for the app canvas, ok next step is to start ssl server with apache. well i enabled the ssl mod with apache and all thing gone. deactivated ssl again everything up with apache restart.

debugging into things found that two different instants of apache running with different PIDs and the second instance is also does not response ubuntu service restart command.

Second instance running with another conf file /var/lib/zentyal/conf/apache2.conf with a root folder at /var/lib/zentyal/dynamicwww/ and /usr/share/zentyal/www and listening on 443 (which was the problem which kills the apache instance)

first i tried to change the reset password and listening port with dpkg-reconfigure command, but it was all silent command no reply. i tried to uninstall ebox/zentyal and all its module

as i had installed with
apt-get install ebox
apt-get install ebox-network
apt-get install ebox-usergroups
apt-get install ebox-samba
so for the reverse i should replace install with "remove" or "purge", but still that wicked apache was running on port 443

i tried a lot of things to stop that, install uninstall, remove purge ...

lastly which did worked is

apt-get purge ebox
apt-get autoremove (which removes zentyal-samba or the ebox-samba)
and most essential step
apt-get purge zentyal-core (i was missing this everytime as the name was different)

now the service stopped yet to activate ssl mod on apache !!!!!!


Saturday, July 7, 2012

Multi Boot Pendrive (Grub on USB)


Boot ISO Files directly from USB using Grub2 from Linux. Here is one way to create a Multiboot USB Flash Drive from a running Ubuntu (I used the Live CD). You may eventually need a large Flash Drive or USB Hard Drive in order to include every bootable ISO entry. I will add more Bootable ISO files to the grub.cfg file as I find time to test them. Contact me to submit working Bootable Linux ISO grub.cfg entries for inclusion.
I. Format your USB Flash Drive to use a Single Partition:
Open a terminal and type sudo su
Type fdisk -l (and note which device is your USB Drive)
Type fdisk /dev/sdx (replacing x with your actual usb device)
Type d (to delete the existing partition)
Type n (to create a new partition)
Type p (for primary partition)
Type 1 (to create the first partition)
Press Enter (to use the first cylinder)
Press Enter again (to use the default value as the last cylinder)
Type a (for active)
Type 1 (to mark the first partition active “bootable”)
Type w (to write the changes and close fdisk)
II. Create a Fat32 Filesystem on the USB Flash Drive:
Type umount /dev/sdx1 (to unmount the mounted partition)
Type mkfs.vfat -F 32 -n MULTIBOOT /dev/sdx1 (to format the partition as fat32)
III. Install Grub2 on the USB Flash Drive:
Type mkdir /media/MULTIBOOT (to create a directory for the mountpoint)
Type mount /dev/sdx1 /media/MULTIBOOT (to mount the USB)
Type grub-install –force –no-floppy –root-directory=/media/MULTIBOOT /dev/sdx (to install Grub2)
Type cd /media/MULTIBOOT/boot/grub (to change directory)
Type wget pendrivelinux.com/downloads/multibootlinux/grub.cfg (to get the grub.cfg file)
IV. Test to make sure your USB Device Boots into Grub2:
Reboot your Computer, and enter your BIOS or Boot Menu. Set the Boot Order to boot from the USB Device. Save your changes and Reboot. If all goes well, you should be presented with a Grub2 Boot Menu.
V. Adding the Bootable ISO files:
Type cd /media/MULTIBOOT (assuming USB is still mounted here)
Follow the instructions for the ISO Distro you would like to add below. Simply click to expand the instructions.
Ubuntu 10.10 IS0
Type wget “releases.ubuntu.com/10.10/ubuntu-10.10-desktop-i386.iso” -O ubuntu.iso
Or rename your existing ISO ubuntu.iso and copy it to the USB device
Linux Mint 10 Gnome IS0
Type wget ftp.heanet.ie/pub/linuxmint.com/stable/10/linuxmint-10-gnome-cd-i386.iso -O linuxmint10.iso
Or rename your existing ISO linuxmint10.iso and copy it to the USB device
DBAN IS0
Type wget “downloads.sourceforge.net/project/dban/dban/dban-2.2.6/dban-2.2.6_i586.iso?r=&ts=1292340298&use_mirror=surfnet” -O dban.iso
Or rename your existing ISO dban.iso and copy it to the USB device
TinyCore IS0
Type wget “distro.ibiblio.org/pub/linux/distributions/tinycorelinux/2.x/release/tinycore-current.iso” -O tinycore.iso
Or rename your exisitng ISO tinycore.iso and copy it to your USB device
Memtest86+
Type wget memtest.org/download/4.10/memtest86+-4.10.zip
Type unzip memtest86+-4.10.zip
Type cp memtest86+-4.10.bin memtest86+.bin
Or extract the contents of your memtest86+ zip. Rename the bin to memtest86+.bin and copy it to your USB device
Link: http://www.pendrivelinux.com/boot-multiple-iso-from-usb-via-grub2-using-linux/

Zero Configuration Proxy Setup (WPAD)


Zero configuration proxy is advanced version of Auto PAC. It uses some additional techniques. As you know in proxy auto config system, you have to enter the pac url (the url directed to proxy autoconfig file) in the browser settings. So its a bit lengthy to configure all the clients PC (Although you can instruct the users with a splash/proxy welcome page).


So the next technology comes in is WPAD (Web Proxy Auto Discovery Protocol), this makes you free from the above task, this WPAD will publish the pac file which will be automatically configured at the browser.


How To Configure

WPAD can be configured in two ways, it can be published on DHCP server or the DNS server, All the DHCP server has priority this is not used because firefox and non-window chrome does not support WPAD -DHCP.

ok if u want to use the DHCP then just install a web server on the same machine where DHCP server is running, if you are using windows ICS (Internet connection Sharing) then its a DHCP server also so you can host the pac file in that pc. But you should use the DNS for better support.

ok if you choosed the DNS then you have to place the pac file on a server adress on any of its parent level adresses.

For example the address of the DNS is
\
pc.dept.physics.com
then you can use a location wpad.dept.physics.com
wpad.physics.com


MIME Type Settings on the webserver
Even though most clients will process the script regardless of the MIME type returned in the HTTP request, for the sake of completeness and to maximize compatibility, the web server should be configured to declare the MIME type of this file to be either application/x-ns-proxy-autoconfig or application/x-javascript-config.MIME type configuration is necessary.

open the Apache configuration file, search for
any of these lines

 AddType application/x-compress .Z
 AddType application/x-gzip .gz .tgz
 AddType application/x-tar .tgz
 AddType image/x-icon .ico
 AddType application/vnd.wap.wmlc .wmlc
 AddType application/x-httpd-php .phtml .pwml .php5 .php4 .php3 .php2 .php .inc
 AddType text/vnd.wap.wml .wml
 AddType text/vnd.wap.wmlscript .wmls
 AddType text/vnd.wap.wmlscriptc .wmlsc
 AddType image/vnd.wap.wbmp .wbmp

add this line


        AddType application/x-ns-proxy-autoconfig .pac
or

           AddType  application/x-javascript-config  .pac


There is little evidence to favor the use of one MIME type over the other. It would be, however, reasonable to assume that application/x-ns-proxy-autoconfig will be supported in more clients than application/x-javascript-config as it was defined in the original Netscape specification, the latter type coming into use more recently.

Captive Portal with Transparent Proxy

Captive portal and transparent proxy both are good, the only difference at client end is that In captive Portal the first page is a advertising or agreement or login or all of these. But proxy server generally comes with system login window, where you cannot communicate (Show agreement / advertisement / notice about data limit) with the user.

So if we can add this thing to our proxy server then our proxy server will be enough to act like a captive portal. This can be done by adding splash page. Detail documentation is also available at the squid site.

But here is the idea in few lines skipping the long manual files.

Splash page is a page to which an user is redirected on first HTTP request ( the first page request). This sets a session for the user at the server. If the user goes silent for long duration(configurable) it will again redirect the user to the splash page.


NOTE: in the examples below:



  • The session overall timeout is 7200 seconds. Once this length of time has passed, the splash screen will be shown again to the user. If you want a fixed timeout, use the "-T" option instead (available in version 1.1 of the session helper).
  • The session is checked once every 60 seconds at most. This means that the splash screen will be shown to the user for 60 seconds, during which time they will not be able to browse any other websites.
  • The ACL is called "splash_page". This can be changed as required.
  • It is assumed that the Squid helpers are installed in /usr/local/sbin/squid. Change this as required for your installation.
  • A session database file is required. Create an empty file "/var/lib/squid/session.db" and ensure it is writeable to by the Squid user




For Squid versions less than 3.2


# mind the wrap. this is one line:
external_acl_type splash_page ttl=60 concurrency=100 %SRC /usr/local/sbin/squid/squid_session -t 7200 -b /var/lib/squid/session.db

acl existing_users external splash_page

deny_info http://example.com/splash.html existing_users

http_access deny !existing_users


Squid 3.2 and after




# mind the wrap. this is one line:
external_acl_type splash_page ttl=60 concurrency=100 %SRC /usr/local/sbin/squid/ext_session_acl -t 7200 -b /var/lib/squid/session.db

acl existing_users external splash_page

http_access deny !existing_users

# Deny page to display
deny_info 511:/etc/squid/splash.html existing_users



You may find that when using the example above that the splash page is not always displayed to users. That is because other processes on the user's computer (such as automatic security updates) can reset the session counter, so it is that process rather than the user's browsing which receives the splash screen.
The following configuration example adds in a url_regex rule to force the user to browse to a particular website before the session is reset. This example is for Squid 3.2 and later, but can be adapted for earlier versions.
# Set up the session helper in active mode. Mind the wrap - this is one line:
external_acl_type session concurrency=100 ttl=3 %SRC /usr/lib/squid3/ext_session_acl -a -T 10800 -b /var/lib/squid/session/

# Pass the LOGIN command to the session helper with this ACL
acl session_login external session LOGIN

# Set up the normal session helper. Mind the wrap - this is one line:
external_acl_type session_active_def concurrency=100 ttl=3 %SRC /usr/lib/squid3/ext_session_acl -a -T 10800 -b /var/lib/squid/session/

# Normal session ACL as per simple example
acl session_is_active external session_active_def

# ACL to match URL
acl clicked_login_url url_regex -i a-url-that-must-match$

# First check for the login URL. If present, login session
http_access allow clicked_login_url session_login

# If we get here, URL not present, so renew session or deny request.
http_access deny !session_is_active

# Deny page to display
deny_info 511:/etc/squid/splash.html session_is_active



Transparent proxy Setup


I don't know whether it is a certified terminology or not, but the system which is famous as transparent proxy is very interesting. If u don't want to annoy your clients for the proxy updates like port change server address change. Here in this configuration the user will acess through a proxy without any configuration (its not about auto proxy file or auto proxy protocol). Although auto proxy gives the same thing but in that case you have to configure the DNS also.

  The main hack used here is the packet redirection. All the http packets coming to the Router is redirected to the proxy port of the server.

Redirect the all HTTP traffic (Editing iptables of router)
If you would like to redirect the all HTTP traffic through the proxy without needing to set up a proxy manually in all your applications you will need to add some rules

iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

Where eth1,eth0 are the LAN, WAN devices and 192.168.0.1 is the IP address of your LAN device.

I guess  this is enough for geeks, rest of the things are easy but this will block all other ports like ftp smtp pop, so you have to configure for all these ports also.