NAS – Improving Owncloud speed


This part continues from the NAS – Part 4: Owncloud.

By default Owncloud can be a quite slow program. The setup which I have is no different. My setup grabs all the files from the network, causing a delay. To improve this I will be using the RAM disk suggested at:


In the past I mounted the network location directly to ‘/var/www/owncloud/’ but this isn’t possible anymore, as I want this folder to be used for the RAM disk.
Lets create a new mount point named ‘/media/network’ and change our fstab to reflect this change.

sudo mkdir -p /media/network
sudo nano /etc/fstab

Unmount and remount everything again and verify that it is mounted.

sudo umount /var/www/owncloud
sudo mount -a
df -h

Now we shall create the RAM disk. Verify that your installation is less than 192MB big (hint du).

sudo mount -t tmpfs -o size=192m tmpfs /var/www/owncloud

And add it to the fstab file.

sudo nano /etc/fstab
tmpfs       /var/www/owncloud tmpfs   nodev,nosuid,noexec,nodiratime,size=192M   0 0

To verify that it is working as desired, please reboot the machine and check if it is mounted. (We don’t want missing files)

sudo reboot
df -h

Now install unison, unison is the tool I will use to synchronize the files from the network disk to the ‘/var/www/owncloud’ directory. It has its quirks but in my case it works fine.

sudo apt-get install unison

Start by synchronizing our old files to the new RAM disk.

sudo unison /var/www/owncloud /media/network -ignore 'Path {data}' -force /media/network -confirmbigdel=false

Once this is done we need to create our synchronization scripts.

cd /home/owncloud

The first script will load the files from the network source. It will stop Apache2 whilst synchronizing the data to the ‘/war/www/owncloud’ folder. Also there is a force option to explicit force the download from the ‘/media/network’ location. If we don’t force this, unison will detect the newly created RAM disk as a newer version and will commence deleting the files we need to run Owncloud!
When everything is done, a tmp file will be written to flag that the unison cron job may synchronize files.

service apache2 stop
unison /var/www/owncloud /media/network -ignore 'Path {data}' -force /media/network -batch -confirmbigdel=false
ln -s /media/network/data /var/www/owncloud/data
chown -R www-data:www-data /var/www/owncloud
service apache2 start
touch /tmp/owncloud-initialized

The second job is our sync job. This is a two way sync, any changes made on the owncloud server and on the network source will be propagated to all.

if [ -f $FILE ];
	unison /media/network /var/www/owncloud -batch -ignore 'Path {data}'

Make em executable.

chmod +x ./
chmod +x ./

The last part of our scripting needs is the startup job. It’s pretty simple, this will just run our ‘’ script.

sudo nano /etc/init/unison.conf
description "Owncloud File Sync"
author "Robbert Lambrechts"
env HOME=/home/owncloud
start on runlevel [2345]
pre-start script
    echo "Starts Owncloud sync..."
end script
post-stop script
    echo "Ends Owncloud sync..."
end script
exec /home/owncloud/

Allow executing the startup script.

sudo chmod +x /etc/init/unison.conf

The last part is just allowing the sync job to run. This is done to apply changes.

sudo crontab -e
*/5 * * * * /home/owncloud/

That’s it. One fast Owncloud to serve files.

Read More

Troubleshooting AsRock C2750D4I


In the past I’ve made a post about the unstability of the AsRock C2750D4I. Guess what, problems aren’t gone with this motherboard.
I am suspecting the RAID controller of the motherboard. When the server experiences heavy load, at least two disks disconnect, bringing down the software RAID.


Let’s start by finding out the disk layout of my RAID5.

cat /proc/mdstat
md5 : inactive sde1[3](S) sdh1[1](S) sdf1[0](S) sdd1[4](S)
      11720536064 blocks super 1.2

This shows that my RAID is spread across sde1, sdh1, sdf1 and sdd1. The last error logs from dmesg showed my that sdh1 went down and sdf1 went down before the RAID crash.

So let’s try to find some more information about these two crashed drives.

sudo lshw -c disk

The result will show you a little bit more information about each drive.

       description: ATA Disk
       product: SAMSUNG HD103SI
       physical id: 0.0.0
       bus info: scsi@2:0.0.0
       logical name: /dev/sda
       version: 1AG0
       serial: S20XJDWS700323
       size: 931GiB (1TB)
       capabilities: partitioned partitioned:dos
       configuration: ansiversion=5 sectorsize=512 signature=0007f8a5
       description: ATA Disk
       product: SAMSUNG HD103SI
       physical id: 0.0.0
       bus info: scsi@3:0.0.0
       logical name: /dev/sdb
       version: 1AG0
       serial: S20XJDWZ118279
       size: 931GiB (1TB)
       capabilities: partitioned partitioned:dos
       configuration: ansiversion=5 sectorsize=512 signature=00071895
       description: ATA Disk
       product: KINGSTON SVP200S
       physical id: 0.0.0
       bus info: scsi@5:0.0.0
       logical name: /dev/sdc
       version: 502A
       serial: 50026B7331033DD9
       size: 55GiB (60GB)
       capabilities: partitioned partitioned:dos
       configuration: ansiversion=5 sectorsize=512 signature=91a29a16
       description: ATA Disk
       product: ST3000DM001-1CH1
       vendor: Seagate
       physical id: 0.0.0
       bus info: scsi@6:0.0.0
       logical name: /dev/sdd
       version: CC24
       serial: Z1F27VHM
       size: 2794GiB (3TB)
       capabilities: gpt-1.00 partitioned partitioned:gpt
       configuration: ansiversion=5 guid=0556e5e5-1e62-42f4-a89c-29813a6f4a18 sectorsize=4096
       description: ATA Disk
       product: Hitachi HDS5C303
       vendor: Hitachi
       physical id: 0.0.0
       bus info: scsi@7:0.0.0
       logical name: /dev/sde
       version: MZ6O
       serial: MCE9215Q0B5MLW
       size: 2794GiB (3TB)
       capabilities: gpt-1.00 partitioned partitioned:gpt
       configuration: ansiversion=5 guid=ec9054e2-94c3-4d74-8fea-2d34ce0b92ac sectorsize=4096
       description: ATA Disk
       product: Hitachi HDS5C303
       vendor: Hitachi
       physical id: 0.0.0
       bus info: scsi@8:0.0.0
       logical name: /dev/sdf
       version: MZ6O
       serial: MCE9215Q0BHTDV
       size: 2794GiB (3TB)
       capabilities: gpt-1.00 partitioned partitioned:gpt
       configuration: ansiversion=5 guid=2f6f5a9b-441e-467d-861c-852e2bdefb5e sectorsize=4096
       description: ATA Disk
       product: WDC WD40EFRX-68W
       vendor: Western Digital
       physical id: 0.0.0
       bus info: scsi@9:0.0.0
       logical name: /dev/sdg
       version: 80.0
       serial: WD-WCC4E1653628
       size: 3726GiB (4TB)
       capabilities: gpt-1.00 partitioned partitioned:gpt
       configuration: ansiversion=5 guid=4ac4a5a9-ccd1-42c5-907a-9272c076a15c sectorsize=4096
       description: ATA Disk
       product: TOSHIBA DT01ACA3
       vendor: Toshiba
       physical id: 0.0.0
       bus info: scsi@10:0.0.0
       logical name: /dev/sdh
       version: MX6O
       serial: 63NZKNRKS
       size: 2794GiB (3TB)
       capabilities: gpt-1.00 partitioned partitioned:gpt
       configuration: ansiversion=5 guid=24069398-46d0-4b01-9e8e-2530cb9f1cf8 sectorsize=4096

The logical name field shows that my Toshiba (sdh) drive and my Hitachi drive (sdf) where impacted by the last drive/SATA error on the board. This information can be used to physically track the SATA cables to the correct drive.
So now that we have the disk names, we need to find out which controller is the culprit for throwing these errors.

First let’s identify the bus addresses of all SATA controllers available on the motherboard.

sudo lshw -c storage

The connected controller in the bus info field.

       description: SATA controller
       product: 88SE9172 SATA 6Gb/s Controller
       vendor: Marvell Technology Group Ltd.
       physical id: 0
       bus info: pci@0000:04:00.0
       version: 11
       width: 32 bits
       clock: 33MHz
       capabilities: storage pm msi pciexpress ahci_1.0 bus_master cap_list rom
       configuration: driver=ahci latency=0
       resources: irq:55 ioport:c040(size=8) ioport:c030(size=4) ioport:c020(size=8) ioport:c010(size=4) ioport:c000(size=16) memory:df410000-df4101ff memory:df400000-df40ffff
       description: SATA controller
       product: 88SE9230 PCIe SATA 6Gb/s Controller
       vendor: Marvell Technology Group Ltd.
       physical id: 0
       bus info: pci@0000:09:00.0
       version: 11
       width: 32 bits
       clock: 33MHz
       capabilities: storage pm msi pciexpress ahci_1.0 bus_master cap_list rom
       configuration: driver=ahci latency=0
       resources: irq:56 ioport:d050(size=8) ioport:d040(size=4) ioport:d030(size=8) ioport:d020(size=4) ioport:d000(size=32) memory:df610000-df6107ff memory:df600000-df60ffff
       description: SATA controller
       product: Atom processor C2000 AHCI SATA2 Controller
       vendor: Intel Corporation
       physical id: 17
       bus info: pci@0000:00:17.0
       version: 02
       width: 32 bits
       clock: 66MHz
       capabilities: storage msi pm ahci_1.0 bus_master cap_list
       configuration: driver=ahci latency=0
       resources: irq:48 ioport:e0d0(size=8) ioport:e0c0(size=4) ioport:e0b0(size=8) ioport:e0a0(size=4) ioport:e040(size=32) memory:df762000-df7627ff
       description: SATA controller
       product: Atom processor C2000 AHCI SATA3 Controller
       vendor: Intel Corporation
       physical id: 18
       bus info: pci@0000:00:18.0
       version: 02
       width: 32 bits
       clock: 66MHz
       capabilities: storage msi pm ahci_1.0 bus_master cap_list
       configuration: driver=ahci latency=0
       resources: irq:54 ioport:e090(size=8) ioport:e080(size=4) ioport:e070(size=8) ioport:e060(size=4) ioport:e020(size=32) memory:df761000-df7617ff

Now for each driven we can search the corresponding SATA controller address, this is listed as the pci values found above.

sudo udevadm info -q all -n /dev/sde | grep DEVPATH
E: DEVPATH=/devices/pci0000:00/0000:00:03.0/0000:02:00.0/0000:03:01.0/0000:04:00.0/ata8/host7/target7:0:0/7:0:0:0/block/sde
sudo udevadm info -q all -n /dev/sdd | grep DEVPATH
E: DEVPATH=/devices/pci0000:00/0000:00:03.0/0000:02:00.0/0000:03:01.0/0000:04:00.0/ata7/host6/target6:0:0/6:0:0:0/block/sdd
sudo udevadm info -q all -n /dev/sdf | grep DEVPATH
E: DEVPATH=/devices/pci0000:00/0000:00:04.0/0000:09:00.0/ata9/host8/target8:0:0/8:0:0:0/block/sdf
sudo udevadm info -q all -n /dev/sdh | grep DEVPATH
E: DEVPATH=/devices/pci0000:00/0000:00:04.0/0000:09:00.0/ata11/host10/target10:0:0/10:0:0:0/block/sdh

The last number before /ata is the device which it is connected to. So this means that sde and sdd are connected to an ATA device at 0000:04:00.0 which equals to the Marvell 88SE9172 SATA 6Gb/s Controller.
The drives sdf and sdh are connected to the ATA device at 0000:09:00.0, which translates to the Marvell 88SE9230 PCIe SATA 6Gb/s Controller.

Which is the asshole throwing me errors.

Now with these information we can unplug the disks, from the controller throwing the errors. The location of the Marvell 88SE9230 is explained in the manual at You can verify the physical existence on the board, together with the disk names found previously.

So I rerouted all disks (I prefer 3Gbps SATA above a dysfunctional 6Gbps any day) and since then the NAS has been stable.

Read More

Google App Engine – goapp: ‘C:\Program’ is not recognized as an internal or external command

Today (24/07/2014) I installed the Google Apps components from the Google SDK installer. However when I try to run my goapps application with the command: ‘goapp serve myapp/’

I am receiving an error: ‘C:\Program’ is not recognized as an internal or external command. The problem here is that the ‘goapp.bat’ file tries to access an executable file in the ‘C:\Program Files\Google\Cloud SDK\…’ folder. Because Windows is (still) super terrible at handling spaces in folder names in scripts, it fails.

The solution is to go to the ‘C:\Program Files\Google\Cloud SDK\google-cloud-sdk\platform\google_appengine’ folder and edit the ‘goapp.bat’ file.
At the bottom of the file you will see:

:: Note that %* can not be used with shift.
%GOROOT%\bin\%EXENAME% %1 %2 %3 %4 %5 %6 %7 %8 %9

Now add some quotes to this last line and your problem should be fixed.

:: Note that %* can not be used with shift.
"%GOROOT%\bin\%EXENAME%" %1 %2 %3 %4 %5 %6 %7 %8 %9

Once these changes are saved, go to the ‘C:\Program Files\Google\Cloud SDK\google-cloud-sdk\bin\’ folder. There’s ‘goapp.cmd’ file that gets added to the Windows path. Rename this file to ‘goapp.bck’ and copy your ‘goapp.bat file’.
In this last file change the last line again to:

:: Note that %* can not be used with shift.
"%GOROOT%\..\..\platform\google_appengine\goapp" %1 %2 %3 %4 %5 %6 %7 %8 %9

That’s it. Ugly, but it works…

Original Github issue: windows 7 C:/Program Files/… #688

Read More

NAS – Part 6: Health checks mdadm


This post builds on part 2: NAS – Part 2: Software and services. It’s a detection script to see if your RAID is failing. In the past I’ve had my fair share of failed RAID configurations.

I do know the package mdadm can send alerts, however this small script which can be extended to detect specific changes in RAID/system configuration without using the built in reporting.


First let’s start by installing mailutils. This package is needed

sudo apt-get install mailutils

Next up is the ‘ssmtp’ package. This package will allow you to send a mail.

sudo apt-get install ssmtp

Create the ssmtp directory (if it doesn’t exists).

sudo mkdir /etc/ssmtp/

And create an ssmtp.conf file.

sudo nano /etc/ssmtp/ssmtp.conf

This ssmtp.conf requires a username(author) and password(authpass). Also a mail hub (smtp, example:


To test your configuration you can try to send a test mail. Just change ’’ to your email adress.

echo "This is a test" | mail -s "Test"

If everything works you are ready to create your cron job script. (I will create this script in my user directory, however you can create this wherever you want.)

cd ~

The underscore of ‘cat /proc/mdstat’ is used by mdadm to notify you of any failing RAID disks. So I’ll be checking for this character.

EMAIL="<target email>"
FROM="<from email>"
cat /proc/mdstat > /tmp/cron-email
if grep -q "_" "$EMAILMESSAGE"; then
   mail -aFrom:$FROM -s "$SUBJECT" "$EMAIL" < $EMAILMESSAGE

Let’s assign execute rights to our script.

sudo chmod +x ./

That’s it! Now assign this to a cron job. I assigned my cron job to run daily.
Also happy scripting (when extending this script).

Read More

NAS – Part 5: DNS


The final step to my NAS is keeping my dynamic IP bound to a DNS host. I am using to manage and handle the dynamic DNS.

This script is adapted and based on th script found at:


This following script will change all hosts assigned to your account to the current IP you are running this script from.

#insert SHA-1 hash here (format): username|password
echo "Calling $info_url ..."
ip=$(dig @ | grep "" | grep "0" | awk '{ print $5} ')
echo "Current IP is: $ip"
# get the current dns settings...
for each in `curl -s "$info_url"`
        domain=`echo "$each" | cut -d"|" -f1`
        dns_ip=`echo "$each" | cut -d"|" -f2`
        update_url=`echo "$each" | cut -d"|" -f3`
        echo "$domain ..."
        if [ "$ip" != "$dns_ip" ]
                echo "Updating $dns_ip =>$ip ..."
                curl "$update_url" >> log
        echo "OK"

Now run this with a job in crontab to update your DNS.

crontab -e

Read More

Windows 3.11 with qemu-kvm – Part 1: Xubuntu


For my little Windows 3.11 PaaS system I fell on a dead track with VirtualBox. So I’ve been researching another way to virtualize Windows 3.11 and I found qemu. Below is my little take at emulating Windows 3.11.

Installing qemu-kvm

Installing is pretty easy, just grab all needed packages. I am using the package ‘virt-manager’ as a GUI frontend.

sudo apt-get install qemu qemu-kvm libvirt-bin bridge-utils virt-manager

Next up is to add your current user to the correct groups. This ensures that your virtual machines can be run with your current user.

sudo adduser `id -un` libvirtd
sudo adduser `id -un` kvm

Now to check if everything is ok run virsh. This should return an empty list of virtual machines.

virsh -c qemu:///system list

If you get following error, then you need to change the permissions of your ‘libvirt-sock’ file.

error: failed to connect to the hypervisor
error: Failed to connect socket to '/var/run/libvirt/libvirt-sock': Permission denied
sudo chown legacy:libvirtd /var/run/libvirt/libvirt-sock

Next up is create a virtual machine. For this part I will be using Windows 3.11. However you could use any operating system.

Before we can start creating the virtual machine, I like to create my virtual disks myself. In my template I am using a C:\ drive of 100MB for the system and a data disk of 200MB.

qemu-img create -f qcow2 ~/qemu/template/boot.img 100M
qemu-img create -f qcow2 ~/qemu/template/data.img 200M

Next up, go to your menu and select the ‘Virtual Machine Manager’. This piece of software is a GUI frontend.

In this frontend GUI press the upper left icon to start the wizard to create a new virtual machine.

Give the virtual machine a name, in my case: TEMPLATE. And select ‘Local install media’.

Both types I’ll leave as ‘Generic’. Also select the install image. My windows 3.11 source is an ISO file.

Select the amount of memory and CPU. In the virtual machine manager there is a little bug that won’t allow you to assign less than 50MB. But this shouldn’t be a problem, we’ll fix this later. As for CPU, use one.

Press the ‘Select managed…’ option here and navigate to the disks you’ve made with the ‘qemu-img’ command. The type will be wrong (raw) but we will fix this later too.

Last step of the wizard. Here by default the hypervisor will be ‘kvm’. My recent findings have found this to cause some stability issues with Windows 3.11. Select qemu instead. As architecture select i686. This is your default 32-bit architecture.

So that’s it. Create the image and let’s continue. Once your virtual machine is created select the blue ‘i’ button to edit the machine a little bit further.

Press the ‘Memory’ tab and assign 32MB. 32 should be enough for Windows 3.11.

Next go to ‘Boot options’ and activate floppy and hard drive. The floppy should go first before we boot from hard drive.

Once this is done, fix your disk one. Select ‘qcow2’ as type and make sure the disk bus is ‘IDE’.

After this assign the second hard drive. Press the ‘Add hardware button’ below and select ‘Storage’. From this menu assign the existing image as disk two.

Last step is the floppy drive. Add a new storage drive and select floppy from the dropdown list and press Finish.

That’s it now your virtual machine is configured to run.

Installing Windows 3.11 / MS-DOS

Next step would be to install the operating system. From the settings page you can connect and disconnect floppies to install your operating system. Press the ‘Disconnect’ button to disconnect the floppy image and press ‘Connect’ to reconnect an image.

Here we go, one fresh MS-DOS 6.22 install.

I won’t explain the other details of installing Windows 3.11, as this post will only cover qemu-kvm. However a little hint: you will need the tools listed on

Managing with virtsh

Managing a running virtual machine is very easy. The tool to use for this is called ‘virsh’.

To suspend a machine use ‘virsh suspend’ followed by your virtual machine name. (In my case ‘TEMPLATE’). A suspend will keep your machine in RAM. However it won’t be using any other system resources (except disk space).

virsh suspend TEMPLATE

To resume a suspended state, use ‘resume’.

virsh resume TEMPLATE

To fully dump your running virtual machine use save. This will create an image file of your running config and will unload any RAM assigned to this machine.

virsh save TEMPLATE ~/qemu/template/suspend

First time you will need to change the rights of your suspend image as by default it will be owned by ‘root’. If you try to resume a suspended machine owned by root you will get a permission denied error.

sudo chown `id -un` ~/qemu/template/suspend

To resume a saved virtual machine you can use the ‘restore’ command followed by your image file.

virsh restore ~/qemu/template/suspend

To view the stats of your virtual machine you can use following command:

virsh -c qemu:///system list

It will show the state of your machines. A machine which has been saved to disk won’t show up in this table though.

 Id    Name                           State
 23    TEMPLATE                       running

More information about managing your virtual machine with virsh can be found at:

Changing media with virsh

To view all your media assigned to an image you can use the ‘domblklist’ command.

virsh domblklist TEMPLATE

This will output a table showing you the assigned disks.

Target     Source
hda        /home/legacy/qemu/template/boot.img
hdb        /home/legacy/qemu/template/data.img
hdc        /home/legacy/qemu/resources/windows.iso
fda        /dev/sdb

Example: to change the floppy with the command line use ‘change-media’. First disconnect the floppy drive.

virsh change-media TEMPLATE fda --eject

Verify that it has been disconnected.

virsh domblklist TEMPLATE
Target     Source
hda        /home/legacy/qemu/template/boot.img
hdb        /home/legacy/qemu/template/data.img
hdc        /home/legacy/qemu/resources/windows.iso
fda        -

Now insert a new floppy image.

virsh change-media TEMPLATE fda ~/qemu/resources/tools.img --insert

There we go, the floppy is now usable in the virtual machine.

virsh domblklist TEMPLATE
Target     Source
hda        /home/legacy/qemu/template/boot.img
hdb        /home/legacy/qemu/template/data.img
hdc        /home/legacy/qemu/resources/windows.iso
fda        /home/legacy/qemu/resources/tools.img

This example used a floppy image, however it is also possible to swap out disk drives and CD-ROM drives too.

That’s about it for the Xubuntu part. Next topic will probably cover this in an AWS – Amazon EC2 instance.

Read More

NAS – unstable C2750D4I

When configuring my NAS I noticed that the ASrock C2750D4I behaves rather sloppy. Uptime never reached more than 24 hours.
Online I can find other people who are experiencing the same issues with this board:

This is how I made it stable (been running 7 days now without reboots)

NIC drivers

A quick glance at the Intel website shows an update for the NIC:
Let’s install it:

cd ~
tar xvf igb-5.1.2.tar.gz
cd ~/igb-5.1.2/src
sudo make install

Edit the modules file and add ‘igb’.

sudo nano /etc/modules

Let’s check if it loads.

sudo modprobe igb

Reboot the machine and verify if the new drivers are loaded.

sudo reboot
modinfo igb


filename:       /lib/modules/3.13.0-24-generic/kernel/drivers/net/igb/igb.ko
version:        5.1.2
license:        GPL
description:    Intel(R) Gigabit Ethernet Network Driver
author:         Intel Corporation, 

Last step cleanup the files.

sudo rm -rf ~/igb-5.1.2
sudo rm ~/igb-5.1.2.tar.gz

Disable Intel Speedstep

Disable your Intel Speedstep and C-Bit in the BIOS. The manual states that Intel Speedstep could ‘make your system unstable’. On this board, yes it does.

SATA cables + Boot disk to Intel controller

The manual recommended the use of the Intel RAID controller for OS disks. (Which I didn’t) So I swapped the SATA cable with a more expensive one (found some postings of people reporting e better stability using better SATA cables), and moved the boot disk to the Intel SATA controller.

These steps solved my instability with this board. Whilst on paper this board is the most awesome buy you could do (passive cooled, 12 SATA ports, quad core Atom, 20 Watt). In reality it’s as picky as a spoiled toddler. Definitely a not buy. At the price of ~€350 this is quite an expensive pain in the ass.

However, is there a comparable product?

Read More

AWS – Using Amazon as frontend for your home server


Owncloud is pretty awesome, it provides me with my files everywhere I want on the world. However sometimes accessing my files is rather trivial. Think in terms of hotel lobbies, public access points. Sometimes there are some real restrictions on ports being used. By default my ISP blocks all server traffic below 1024, which is in my opinion a rather rude. I want my files! Luckily we can use the Amazon t1.micro (free tier) to provide a solution to this.

Preparing the Amazon image

So select a free tier Amazon t1.micro. This should be free the first year so no worries. As for configuration. Open the SSL and HTTPS port. Once this instance is running login to the instance as ‘ec2-user’ with your certificate file.

Installing HAProxy

Before we can compile we need to install the build tools.

sudo yum install -y make gcc openssl-devel pcre-devel pcre-static

Now download HAProxy and build it.

cd ~
tar -xzf haproxy-1.5-dev24.tar.gz
cd haproxy-1.5-dev24
make clean
sudo make install

By default HAProxy is installed in the /usr/local folder, create a logical link or change the variable from the make.

sudo ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy

Because we installed from source, there is no service script. So let’s create one.

sudo nano /etc/init.d/haproxy
# haproxy
# chkconfig:   - 85 15
# description:  HAProxy is a free, very fast and reliable solution \
#               offering high availability, load balancing, and \
#               proxying for TCP and  HTTP-based applications
# processname: haproxy
# config:      /etc/haproxy/haproxy.cfg
# pidfile:     /var/run/
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
prog=$(basename $exec)
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
check() {
    $exec -c -V -f /etc/$prog/$prog.cfg
start() {
    $exec -c -q -f /etc/$prog/$prog.cfg
    if [ $? -ne 0 ]; then
        echo "Errors in configuration file, check with $prog check."
        return 1
    echo -n $"Starting $prog: "
    # start it up here, usually something like "daemon $exec"
    daemon $exec -D -f /etc/$prog/$prog.cfg -p /var/run/$
    [ $retval -eq 0 ] && touch $lockfile
    return $retval
stop() {
    echo -n $"Stopping $prog: "
    # stop it here, often "killproc $prog"
    killproc $prog
    [ $retval -eq 0 ] && rm -f $lockfile
    return $retval
restart() {
    $exec -c -q -f /etc/$prog/$prog.cfg
    if [ $? -ne 0 ]; then
        echo "Errors in configuration file, check with $prog check."
        return 1
reload() {
    $exec -c -q -f /etc/$prog/$prog.cfg
    if [ $? -ne 0 ]; then
        echo "Errors in configuration file, check with $prog check."
        return 1
    echo -n $"Reloading $prog: "
    $exec -D -f /etc/$prog/$prog.cfg -p /var/run/$ -sf $(cat /var/run/$
    return $retval
force_reload() {
fdr_status() {
    status $prog
case "$1" in
        [ ! -f $lockfile ] || restart
        echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}"
        exit 2

And assign execute rights.

sudo chmod +x /etc/init.d/haproxy

Configuration of HAProxy

now to configure HAProxy create the config file.

sudo mkdir -p /etc/haproxy
sudo nano /etc/haproxy/haproxy.cfg

To forward an HTTPS port use the mode TCP. This example forwards from the IP (example). It proxifies (or tunnels) port 22443 to 443 and 22222 to 2222.

       maxconn 10000
       timeout connect 500s
       timeout client 5000s
       timeout server 1h
frontend https_proxy
        mode tcp
        bind *:443
        default_backend https_servers
frontend ssh_proxy
        bind *:2222
        mode tcp
        default_backend ssh_servers
backend ssh_servers
        mode tcp
        server ssh
backend https_servers
        mode tcp
        server server1

This should do it. Your SSH and HTTPS connection are routed trough Amazon.

As for Owncloud (version 6.x), you will need to add your domain (example: to the config/config.php file:

  'trusted_domains' =>
  array (
    0 => '...........',

Read More

NAS – Part 4: Owncloud


Owncloud is simply amazing. It’s like a Dropbox at home.
For my NAS I will be running this program in an instance in a virtual machine. This is done because I’ll be opening this machine to the outside of the world. Also it’s much easier to backup and dispose.

The VMWare instance

Let’s start with configuring the VMWare instance. I’ll be using the Ubuntu LTS server edition for this instance, as it uses less system resources than a full desktop environment.

Configure the VMWare instance according to the following specifications:
– CPU: 2 virtual CPU’s (1 thread each)
– RAM: 512 MB
– Disk: 6GB
– Operating System: Ubuntu 14.04 LTS

Whilst installing I used ‘automatic updates’ so I don’t have to manage this VMWare instance and I also installed OpenSSH server during the install procedure.

Installing Owncloud

Start by installing all needed packages and dependencies for Owncloud. Also enable the Apache2 headers and rewrite module.

sudo apt-get install apache2 php5 php5-gd php-xml-parser php5-intl php5-sqlite php5-mysql smbclient curl libcurl3 php5-curl php5-json php-apc
sudo a2enmod rewrite
sudo a2enmod headers
sudo service apache2 restart

Installing Owncloud is quite easy, just download the package, extract and fire up a web browser.

cd ~
tar -xjvf owncloud-6.0.0a.tar.bz2
sudo cp -r owncloud /var/www/
rm -rf ~/owncloud
rm -rf ~/owncloud-6.0.0a.tar.bz2

Fix all rights in the ‘/var/www’ folder:

sudo chown -R www-data:www-data /var/www/

That’s about it, now you can follow the http:///owncloud link and configure your Owncloud. You will need a MySQL database for this application.

Optional: Moving Owncloud to RAID1 share

I prefer to move my data and Owncloud to a network share which is backed by a RAID1 configuration. In case one of my automatic updates shits the server.

Create a mount point for your data. I’ll be using \\\owncloud as share. The username will be ‘www-data’. As Apache2 uses this username to read and write.
Create the account on the host system and create the share directory.

sudo smbpasswd -a www-data
sudo mkdir -p /media/raid1/owncloud
sudo chown -R www-data:www-data /media/raid1/owncloud/

Add the share to samba.

sudo nano /etc/samba/smb.conf
comment = Raid 1 secure backup storage
path = /media/raid1/owncloud
valid users = www-data
public = no
browseable = no
writable = yes

On the Owncloud instance install the ‘cifs-utils’ package.

sudo apt-get install cifs-utils

Create the folder to mount and mount the network share.

sudo mkdir -p /mnt/network/tmp
sudo mount -t cifs -o user=www-data,password=password // /mnt/network/tmp

Test your share and move all data.

sudo mv /var/www/owncloud/* /mnt/network/tmp/

Now for the fstab file, create a credentials file.

sudo nano /home/owncloud/.cloudcredentials

Add the username and password to the credentials file.


Restrict access to this credentials file.

sudo chmod 600 /home/owncloud/.cloudcredentials

Add the mount to the ‘/etc/fstab’ file.

sudo nano /etc/fstab
// /var/www/owncloud cifs credentials=/home/owncloud/.cloudcredentials,iocharset=utf8,sec=ntlm 0 0 

That’s it, happy file synchronizing.

Read More

LegacyNET – Introduction


Just an introduction to one of my side projects.

One late evening I decided to get creative for a while. So I came up with the design for a semi-PaaS Windows 3.11 system.
Because it’s fun. I’ve always loved legacy systems because of their simplicity. Simplicity which allows me to grasp the history of complex current generation systems. The main purpose would be to see if I can meld old technology together with new technology.
It hasn’t been done before. At least not that I know of. And if I wanted to create an up-to-date system/design which would serve a business purpose, I would prefer to get paid for doing this. This is my spare time.
Gaming. You have to admit it, old-school games are fun. Anyone can download and install a DosBox and play Warcraft 2 games offline. However netplay on a server would be awesome.


This is the initial design I’ve had in mind, it lacks quite a lot of advanced features. The goal is to use as much out of the box components as possible. I don’t want to write my own servers or other components as this will take a huge amount of time and will likely not scale at all.


Front-end (

This front-end GUI utilizes a regular HTTP/Apache2 web server to serve a graphical interface for users to:
a) Manage their account and credentials
b) Manage ‘friendly nodes’ which allow inter access network
c) Manage system messages and messages between users
d) Manage their virtual instance (reset/start/stop)

RDP gateway

This gateway is an Amazon EC2 instance (t1.micro) configured with HAProxy to proxy RDP connections to each instance and shield the node server from other external traffic. Each instance will receive an RDP port 3500 + n to connect.

Node 0

The actual physical system. In my case this will be an old Dell XPS M1530 which should provide enough resources for the initial setup.
Each VirtualBox instance will be configured with (based on a template):
– 32 MB RAM
– 100 MB of system storage (drive C:)
– 200 MB of user storage (drive D:)
– 800 x 640 resolution RDP connection
– Private IP address 192.168.x.100 + n connected trough an internet gateway (192.168.x.1)
– Windows 3.11 with networking capacities

A reset of an instance wipes drive C: (and repairs it from the template) but should keep all data on the D: drive.

Node Manager

Installed on each node, this manager allows JSON calls between the front-end component and physical state of the system. It will allow the GUI to send messages concerning:
a) System utilization
b) Instance management

Communication between node and front-end should be done using HTTPS and will utilize Apache2 to server HTTPS traffic.

Feasibility study

Study 1: RDP connection

Goal: Complete an RDP connection trough the internet and see if the performance of the RDP connection is enough for a Windows 3.11 instance running at 800×640. This RDP connection should use the VirtualBox RDP capabilities (found in the extra bundle).
Level: Critical
Status: Completed
Results: All objectives have been met.

Study 2: Clone template with VirtualBox

Goal: This test should create and maintain a new instance created from a previous Windows 3.11 instance (called template).
Level: Critical
Status: Ongoing

Study 3: Separate hosts on virtual LAN segment

Goal: This feasibility study should test if there is no traffic possible between each host configured in an internal networking mode. Preferably by using iptables and/ or Coyote Linux for routing network traffic.
Level: High
Status: Ongoing

Final notes

This system is far from perfect, and a lot of work needs to be done. I still need to confirm two feasibility statuses. If study 2 fails, this project will be scrapped.
This a project which is done entirely in my spare time the release date will be when it’s done.

Read More