Bruce's Blog Just another in the neverending world of blogs

24Jun/140

IMAPrunner

Here's a handy little IMAP utility people may find useful. IMAPrunner was an excuse for me to learn a little more about Python programming and to also throw together something useful at the same time.  It's a Python script that lets you associate scripts/commands with mail messages in individual mail folders.

I now have a cron job set up that checks for any e-mails I add to a "spam" folder.  If I receive any spam I just move it to that folder.  IMAPrunner will then pass the spam e-mail onto SpamAssassin, razor, pyzor, etc. and then delete the e-mail automatically. There's really no limit to what you can trigger in response to an e-mail with it.  And I already have a few thoughts for improvements to it...

30Jul/130

Instant Nagios Starter

I was recently contacted by Packt Publishing and asked to review their book Instant Nagios Starter, by Michael Guthrie.  I've actively used Nagios (and forks) for well over a decade now, and have even contributed some code development to it, so I'm intimately familiar with installing, configuring, and managing Nagios environments.

Nagios is an extremely powerful and flexible monitoring platform, and those two attributes also result in it also being a fairly complex piece of software to configure if you've never dealt with it before.  This book does an excellent job of walking you through the steps of installation and basic configuration of Nagios on a CentOS/RHEL system.

Nagios, as with just about any complex piece of software, relies on a number of system configuration settings, files in multiple locations, etc. to run properly.  Instant Nagios Starter does an excellent job of walking you through each and every dependency so that you can get a basic Nagios server up and running in no time at all.  If you're new to Nagios, or need to spin up a new Nagios server and may have only ever worked with existing Nagios setups in the past, then this guide will save you a lot of time and potential aggravation in getting started.

The title of this book is extremely accurate - it will get you started with Nagios in almost no time at all.  If you're looking for anything beyond the basics of setting up Nagios then you'll want something a bit more in depth, and Packt Publishing has you covered there as well since they also have a number of other books on the subject.

Perhaps the only thing that would make this book more valuable would be if Packt Publishing offered a download of a VMWare CentOS instance with Nagios pre-installed (or partially installed) for those who don't want to waste any time installing linux first.

6Apr/120

nagios-plugins patch to check_dig

I use Nagios (actually Icinga) at work and do a lot of tinkering with it.  I recently needed to modify the check_dig command to allow for verifying whether a response is authoritative or not.  This is apparently something that's asked for a lot according to some Google searching that I've done, so I wrote a quick patch, and I've submitted it to the Nagios Plugin project on Sourceforge.  Hopefully they'll accept it, but in the meantime I thought I'd post it here as well so others can make use of it if the have a need for it.

The patch is available two ways depending on your preference.  You can just download a patched version of nagios-plugins-1.4.15.tar.gz, build the plugins as you normally would, and be on your way.  Or you can download the official version of nagios-plugins-1.4.15.tar.gz from Sourceforge and just apply this check_dig patch.  To apply the patch:

[brucep@carbon:~/tmp] tar xvzf nagios-plugins-1.4.15.tar.gz
[brucep@carbon:~/tmp] gunzip check_dig.patch.gz
[brucep@carbon:~/tmp] patch -p0 < check_dig.patch # Note, that's a zero, not the letter o.

Assuming the patch command doesn't report any problems you should be all set.  Just rebuild the plugins and you're good to go.  This adds a '-e' option to the command line.  If you use -e then check_dig will verify that the flags header from dig contains the 'aa' flag.  If the 'aa' flag isn't found then check_dig will return a CRITICAL error.

If you'd like to keep track of the status of the patch on Sourceforge you can check it here.

 

23Dec/091

Sending messages to Growl on a remote Mac (for Irssi integration)

Growl, IRC, and Irssi

Growl, for those who don't know, is a handy utility for Mac OS-X that lets applications unobtrusively display notifications on the screen.  Many applications have buil-in support for popping messages up via Growl.  One handy use is when an IRC or IM application receives a message for you but the application is minimized.  You wouldn't see the message if the app is minimized, but with Growl the application can pop up a message on the screen.

Irssi is a highly customizable IRC client - it calls itself "the client of the future".  One of the many features of Irssi is that you can customize it with perl scripts, and you can find literally hundreds of perl scripts for Irssi with very little effort.

As a professional systems administrator I need to have remote access to the systems I manage, as well as the ability to communicate with my fellow admins.  We run an IRC server that lets us chat with each other whether in the office or remotely.  I could run an IRC client on my Mac at work but the problem with that is accessing it remotely.  Interacting with the desktop remotely is painfully slow, and a text-based IRC client like Irssi in conjunction with a utility like screen lets me keep my client logged into IRC and allows me to access it from virtually anywhere at any time.  Most of us also opt to run our IRC clients on a shell server rather than our own desktop systems since the servers are more easily accessible, and less likely to go down due to hardware problems, power failures, etc.

So on my Mac at work I run Irssi in a screen session on a linux server.  The problem is that I can miss important messages if I don't keep an eye on the Irssi session, and as any sysadmin will tell you it's very easy to get distracted.

I have found a few solutions that hook a remote Irssi session into Growl on your Mac desktop, but none of them had quite the features that I wanted.  So I ended up writing my own, in part to learn a little about Growl & Irssi, and in part to give me those features I desired.  Everything I've written can be downloaded from the link below, and it's all covered by the GPL so feel free to use and modify it as long as you adhere to the GPL.

Features

There were three primary features I was interested in.  The first was that the client and server communicate via TCP so that I could use port forwarding in SSH to ensure a secure connection between Irssi and Growl.  The second was that if I didn't want to rely on an SSH tunnel that the datastream could be optionally encrypted to ensure a secure connection.   Encryption is performed using  Blowfish, and to enable it you just specify an encryption key in the configuration file. If you don't want to use encryption just comment out the encryption key.

The third feature is that the Irssi integration allow me to specify arbitrary text that would trigger Growl popups.  I want Growl to notify me if somebody mentions certain key words or phrases in IRC.  My Growl module allows you to easily add and remove arbitrary strings that will trigger Growl popups so that I can add and change them as desired.

Another feature not related to Irssi that I decided would be handy was to extend it so that I could easily add it to any other environments where I might want remote Growl messages.  To that extent I wrote a command line utility that also lets you send Growl messages, and it supports the same features as the Irssi module.

The scripts should be extremely easy for anybody with minimal perl experience to install.  They do require a number of perl modules, such as the Mac::Growl module that interfaces with Growl, as well as Crypt::CBCeasy for Blowfish encryption and a few others.  See the README file for a complete list of all the modules.

Usage

The README file has complete instructions, but in a nutshell:

  1. Install the appropriate perl modules on both the client and the server
  2. Create the file ~/.growl-server on your Mac with the desired options (see the comments in the included sample)
  3. Run growl-server.pl on your Mac
  4. Place growl.pl in your ~/.irssi/scripts directory on the system where you run Irssi
  5. Edit growl.pl and modify any of the documented options to match those in ~/.growl-server
  6. Load the growl script into Irssi

Optionally, or if you just want to use the command line utility to send Growl messages:

  1. Create the file ~/.send-growl on the system that will be sending Growl messages
  2. Copy send-growl.pl to the system
  3. Run send-growl.pl (use -? or --help to see command line options)

Download remote-growl-0.01.tar.gz here.

12Oct/091

Remotely controlling lights, etc. from a smartphone

I've been thinking for a while how nice it'd be to be able to remotely turn my front walk light on when it's dark out and nobody is home. I'd been considering buying a home automation kit that integrates with a Mac or PC but figured there must be an easier (and cheaper) way of doing it. Then it dawned on me that since I already have a linux server running at home, and have some X10 modules and a serial interface that I've got everything I need, so here's what I did. First, what you need:

  • A linux system running Apache or another web server that supports PHP.
  • The x10 Firecracker kit.  You'll need both the Firecracker module and the x10 transceiver.
  • One or more x10 modules to control remotely.
  • The Bottlerocket software (I used version 0.04c) that communicates with the Firecracker
  • My x10 PHP code.  Use it as-is or use it as a template for writing your own.  It's GPL'd, so have at it.

I'll leave it up to you to set up your web server & PHP support.  There are plenty of resources for it on the web.

Download and install the Bottlerocket software.  Plug the Firecracker module into your PC's serial port, plug the transceiver into a wall outlet and set it's house code to whatever you want.  Use the Bottlerocket software to ensure everything is working.  It's easiest to just try this as root:

# /usr/local/bin/br A7 ON
# /usr/local/bin/br A7 OFF

The above commands should toggle the device with address A7 on and off.  If you encounter any problems then make sure the Home code on both the transceiver and any other x10 modules are all set the same and make sure you're using the right unit number.  Also make sure the serial port is enabled and nothing else is currently using it.

Make sure the serial device can be written to by your web server.  For some reason on my CentOS system the serial console is set to be writable only by the root owner and uucp group.  Apache is running using the apache user, so all I did was add the apache user to the uucp group then restarted Apache.  If you want to test this then simply su to the apache user or use sudo to invoke /usr/local/bin/br as apache and make sure it can also control your x10 device(s).

Install the two files from x10php.tar.gz somewhere on your web server.  The x10.php file you shouldn't need to modify (unless you really want to).  Edit x10-config.php and make sure the $cmd variable points to the br binary, and also include any optional parameters you might want to include.  Modify the $x10_device and $x10_group arrays to suit your needs.  Their format should be very self-explanatory.

Test the PHP scripts by pointing a web browser to the appropriate URL.  You should see a screen that looks something like this:

x10menu

Click on the links to test the devices.  If you have PHP properly installed and set up the Bottlerocket, Firecracker, and permissions on your serial port properly then the devices should respond as expected.

Now for the really neat part...  If you have wifi and a wifi-enabled smart-phone or PDA that you carry with you regularly then you can bookmark URL's that let you quickly & easily turn devices on and off.  For example, using the default settings in the x10-config.php file you would turn on the Front Walk lights via the following URL:

http://(your_linux_box)/x10.php?cmd=ON&id=D16

Just add that as a bookmarked link and call it something like "Turn on Front Walk lights" and if you're outside and need the lights just pull out your smartphone and click on the link.   As long as you're close enough to your wifi it should work without any problems.

Of course if you have a cable modem, FiOS, etc. you should be able to set things up to do this from anywhere, so you can turn on your lights as you're heading home from the store or work or whatever.  If you're going to do this then I'd suggest a few things:

  • Set up basic authentication in your web browser to require a userid & password to access x10.php, otherwise anybody who figures out the URL could turn your devices on/off.
  • Use SSL in conjunction with the above to ensure the userid & password is encrypted when it's sent.
  • Make sure your linux box is firewalled (but open port 80 or 443 or whatever you decide to use) and properly patched.

If you decide to do the above then here's another simple but effective trick.  First, use a service like DynDNS to set up an easy to remember DNS name for your server.  Once you've done that, then modify the URL's in your smartphone to include your userid & password so you don't have to always remember them.  (Many browsers in smartphones don't remember passwords for you).  To do this just update the URL on your smartphone to be in this format:

https://userid:password@DynDNS_hostname/x10.php?cmd=ON&id=D16

Simple, cheap, and effective remote control of your lights & other devices from your smartphone.