Private VPN on Ubuntu Server or Raspberry Pi

I can run my own VPN that becomes an encrypted, point-to-point connection from anywhere? Say what? Relatively safe and secure using public wifi?

Yes, it’s true. You can setup PiVPN on your Ubuntu Server or Raspberry Pi device. There are three components to this: PiVPN running on the server, the UFW firewall configuration, and the mobile device app.

First, install PiVPN

curl -L https://install.pivpn.io | bash

Most of the suggested configuration options should be applicable.

Once PiVPN is installed, you will need to add a user.

pivpn -a

Give it a profile name and password. The file will be saved in a folder in your home directory called ‘ovpn’. You will want to save that to a flash drive and then import to your phone/tablet. I used FTP. There are many other ways to do this, but the flash drive method is most secure.

Configure UFW

sudo ufw allow 1194/udp
sudo ufw allow OpenSSH

Ask UFW to generate a list to make sure there are no double entries and delete them! Those double entries can mess up the PiVPN’s ability to connect.

sudo ufw status numbered

sudo ufw delete x ("x" is the double entry)

Now, download “OpenVPN” app in your smartphone app store. It’s free. Then open the app and choose the third option, “OVPN Profile”.

Add the ovpn file you generated on your server. You can choose the “save private key password” if you would like. I use this because my phone has a fingerprint security feature. Once you connect, you will be connected to your home network from anywhere! Perfect security for pubic wifi.

 

 

 

 

Clone a Hard Drive using Ubuntu Live CD

I have a hard drive-duplicator device. It works great if you two of the same drive. But I’ve had issues transferring from an SSD to a regular hard drive (and vice versa).

I looked into buying the EaseUS Disk Copy program (only works in Windows) but now they want a subscription? Hell no to that. So here we are, looking to Ubuntu for our solution!


EDIT: I used the following method to duplicate my Ubuntu Server backup and the copied disk booted into grub (no boot loader). All things considered, one of those duplicators found easily on ebay and Amazon are the best bet. They are much faster and more accurate. For the error I did get using the physical drive duplicator, it was easy to fix. I booted with an Ubuntu Desktop Live USB and used the Disks program to repair. No issues after that. The model I have is a Sabrent EC-HD2B and I have to say it’s pretty nice.

I found a great guide to duplicating hard drives using an Ubuntu Live CD/USB.
Balena Etcher will help you write the Ubuntu Live ISO to a USB disk.


Once you run the Ubuntu Live disk, open a terminal.

Plug in your first drive (the one that you want to copy).

sudo fdisk –l

Take note of what fdisk reports for this drive. It is likely /dev/sda

Now, plug in your second drive (the one you want to overwrite).
Run ‘sudo fdisk –l’ again.
fdisk will likely report this drive as /dev/sda.

Do not confuse the two drives. Here’s a sample statement that will allow your computer to copy the first drive to the second. Replace the drive names as necessary. In this example, sda is the source and sdb is the target:

sudo dd if=/dev/sda of=/dev/sdb

This process can take several hours. Do not turn your machine off until you see a report in your terminal that the process is complete. In my case, it took over 24 hours to copy a 1TB drive with a Mac Mini (Mid 2012)!

Example output when done:

1953525167+0 records in
1953525167+0 records out
1000204885504 bytes (1.0 TB, 932 GiB) copied, 102499 s, 9.8 MB/s

Connect a PC to a Commodore 1541/1571 drive

Did you ever want to transfer files from your old Commodore 1541/1571 drive between your computer and a real drive? Did you also want to use a real Commodore floppy drive with the VICE emulator? Me too! 😉 Both of these things are possible with the zoomfloppy device being offered by Retro Innovations. You can download basically anything you want from arnold.c64.org (or any other commodore software source) and transfer it right to your floppy device so it can be used on a real Commodore 64 or Vic 20.

This device is unlike other solutions that only worked with specially built cables and DOS. You simply plug a USB cable between your zoomfloppy and your computer and then the serial cable between the zoomfloppy and the floppy drive. Once the physical connections are made, you simply run the OpenCBM software to transfer files or backup disks.
Here’s how to install a zoomfloppy device to your Ubuntu computer.

sudo apt-get install libusb-dev build-essential linux-headers-generic git

Install the CC64 Compiler:

cd ~
git clone https://github.com/cc65/cc65.git
cd cc65
make
sudo prefix=/usr make install

Compile and install OpenCBM

cd ~
git clone git://git.code.sf.net/p/opencbm/code opencbm
cd opencbm/opencbm
make -f LINUX/Makefile
sudo make -f LINUX/Makefile install install-all install-plugin-xum1541
sudo ln -s /usr/local/lib/libopencbm.so.0 /usr/lib/libopencbm.so.0

Add udev rules for the ZoomFloppy hardware itself:

sudo pico /etc/udev/rules.d/45-opencbm-parallel.rules

Add this to the bottom of the file, then save and quit:

SUBSYSTEM!="usb_device", ACTION!="add", MODE="0666", GOTO="opencbm_rules_end"
# zoom floppy
ATTRS{idVendor}=="16d0", ATTRS{idProduct}=="0504", GROUP="users", MODE="0666"
LABEL="opencbm_rules_end"

Restart udev:

sudo service udev restart

Check the ZoomFloppy and IEC device status:

cbmctrl detect

Bonus: Get VICE to use the zoomfloppy interface to utilize a real 1541 Commodore Floppy Drive!

1. Settings -> Peripheral Settings -> Device #8 -> Enable IEC Device
2. Settings -> Peripheral Settings -> Device #8 -> Device Type -> Real Device Access

Subsonic issues on Ubuntu Server?

HTTP ERROR: 503 Can’t load server

My subsonic installation was not working! I tried everything (or so I thought) including reinstalling subsonic, looking at my router settings (is 4040 configured properly?) etc. Finally I found the solution: cleaning up a corrupt Subsonic Database. If you are being met with a 503 html error, this could be your fix.
Stop Subsonic

sudo service subsonic stop

Backup your /var/subsonic/db/subsonic.script file
This file contains a handful of SQL statements that will be used later to recreate your users, media directory settings, etc.

sudo cp /var/subsonic/db/subsonic.script /root/

Delete the contents of your /var/subsonic/db/ directory

sudo rm /var/subsonic/db/*

Restore your subsonic.script file

sudo cp /root/subsonic.script /var/subsonic/db/

Start Subsonic

sudo service subsonic start

Your Subsonic media library will now be empty, you’ll want to go to “Settings…” “Media Folders…” and click “Scan media folders now”

Ubuntu and Video Streaming Services

Up until now, I have been frustrated by the lack of support for video streaming services on Ubuntu. For streaming audio, there’s a Spotify snap app conveniently in the Ubuntu Store but nothing for Netflix, Hulu or others.
Today I was poking around and discovered an application called “ElectronPlayer” in the Ubuntu Software store. It supports Youtube, Netflix, Hulu, Twitch and Floatplane. I installed it on my old 2007 iMac running Ubuntu 18.04.3 LTS.


To my surprise, it works very well! I highly recommend this application.

Commodore 64 (Vic 20, Pet, etc) emulator from Raspberry Pi Raspbian

I can confirm this install method (source) worked with a Raspberry Pi 4 using Raspbian Buster.
Compiles Vice and installs into /usr/local/bin. Initial launch reports a sound issue. If you go into settings (F12), there’s a sound configuration you can change to “Alsa”.

# get dependencies – this may take a long time and ~ 1.5 GB
sudo apt install autoconf automake build-essential byacc dos2unix flex libavcodec-dev libavformat-dev libgtk2.0-cil-dev libgtkglext1-dev libmp3lame-dev libmpg123-dev libpcap-dev libpulse-dev libreadline-dev libswscale-dev libvte-dev libxaw7-dev subversion texi2html texinfo yasm libgtk3.0-cil-dev xa65 libsdl2-dev
mkdir -p src
cd src
svn checkout https://svn.code.sf.net/p/vice-emu/code/trunk trunk
cd trunk/vice
./autogen.sh
./configure
make -j4
sudo make install

Ubuntu fstab; mount external drive at boot

Procedure for rescuing an Ubuntu Server when the boot file gets messed up due to a misnamed external hard drive.
Backup the current fstab file:

sudo cp /etc/fstab /etc/fstab.old

List the drives:

sudo blkid

Example output:

/dev/sda1: UUID="8F1B-7691" TYPE="vfat" PARTUUID="eea0152e-f8aa-4d1f-8d44-172261edd5a2"
/dev/sda2: UUID="5be250be-a857-11e8-9dd6-a82066361186" TYPE="ext4" PARTUUID="9ba42200-226c-4e67-a667-649658dfbd0b"
/dev/loop0: TYPE="squashfs"
/dev/loop1: TYPE="squashfs"
/dev/loop2: TYPE="squashfs"
/dev/loop3: TYPE="squashfs"
/dev/sdb1: LABEL="media" UUID="746622C40BE949C9" TYPE="ntfs" PTTYPE="dos" PARTUUID="e2bd323d-a7bb-4be8-83bb-4d547fb45e37"

Edit the fstab file:

sudo pico /etc/fstab

Example:

GNU nano 2.9.3 /etc/fstab
UUID=5be250be-a857-11e8-9dd6-a82066361186 / ext4 defaults 0 0
UUID=8F1B-7691 /boot/efi vfat defaults 0 0
/swap.img none swap sw 0 0
#Device #Mountpoint #fs-type #options #dump #fsck
/dev/sdb1 /media/usb ntfs defaults 0 0

Save, reboot.

Force Ubuntu Server to redirect http to https

If you want to redirect your web address from http to https, you will have to configure your server’s virtual host file.
Edit the virtualhost file to update the port 80 portion; replace “test.com” with your domain name:

sudo nano /etc/apache2/sites-available/test.com.conf

Edit the :80 portion (in bold), replacing <ip_or_host> with your domain name:

<VirtualHost *:80>
        ServerName <ip_or_host>
        Redirect "/" "https://<ip_or_host>"
</VirtualHost>
<VirtualHost *:443>
        ServerName <ip_or_host>
        DocumentRoot /var/www/whateverfolder
        SSLEngine on
        SSLCertificateFile      /etc/ssl/certs/apache-selfsigned.crt
        SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
        <Directory /var/www/whateverfolder/public>
           DirectoryIndex index.php
           AllowOverride All
           Require all granted
        </Directory>
</VirtualHost>

Save the .conf file
Modify the default Apache config file:

sudo nano /etc/apache2/sites-available/000-default.conf

Then add the bold portion (starting with “RewriteEngine on”) to the bottom of the file. Replace example.com with your domain name.

<VirtualHost *:80>
     ServerAdmin admin@example.com
     DocumentRoot /var/www/html/example.com/
     ServerName example.com
     ServerAlias www.example.com
     <Directory /var/www/html/example.com/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        allow from all
     </Directory>
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com [OR]
RewriteCond %{SERVER_NAME} =www.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

Enable the .conf files:

sudo a2ensite test.com.conf
sudo a2ensite 000-default.conf

Reboot your apache server:

sudo service apache2 restart

Test your server config in your web browser by typing in: http://www.example.com

Windows 10 and FAT32

Recently, I needed to format a thumb drive to FAT32 in Windows 10 (adding the BleemSync hack to the Sony PlayStation Classic). I could swear the last time I had to do this, the option was there. Today the only options were exFAT and NTFS. Ugh. Windows! Well, I found a nice free tool that allows you to perform this task: Ridgecrop Consultant’s FAT32 utility. Once you visit their site, click on the picture to download the utility.

There’s another option. You can type ‘cmd’ where it says “Type here to search” from the Windows 10 menu. Once the command terminal is open, type (replacing “X” with the drive letter):

Format /FS:FAT32 X:

This method will likely take hours to format the drive.

Ubuntu Server: Configure the firewall with "ufw"

Ubuntu Server’s firewall is called ufw. If you are running an Ubuntu Server, you definitely want to enable some kind of firewall to keep intruders out of your ports. They likely will perform a port scan and try to find weaknesses. You can prevent this by enabling ufw and then configuring it to open ports that need access and close ones that don’t.
Enable ufw:

sudo ufw enable

Check ufw status:

sudo ufw status

Allow a service to run (example: ftp, telnet, ssh, http):

sudo ufw allow http

Open a port:

sudo ufw allow 22

Close a port:

sudo ufw deny 22

Open a range of ports and specify TCP or UDP:

sudo ufw allow 300:310/tcp

Close a range of ports and specify TCP or UDP:

sudo ufw deny 300:310/tcp

Delete a service:

sudo ufw status numbered
#creates a numbered list of services, example:
[ 1] 21/tcp                     ALLOW IN    Anywhere
[ 2] 22/tcp                     ALLOW IN    Anywhere
[ 3] 80/tcp                     ALLOW IN    Anywhere
sudo ufw delete 3
#replace 3 with the service you want to delete

List applications that ufw can open service for:

sudo ufw app list
#will generate a list similar to this:
Available applications:
  Apache
  Apache Full
  Apache Secure
  CUPS
  OpenSSH
  plexmediaserver
  plexmediaserver-all
  plexmediaserver-dlna

Enable an application such as Apache. This is extremely important for a WordPress installation!

sudo ufw allow in "Apache Full"

Disable ufw:

sudo ufw disable

If you somehow screwed your ufw permissions up, you can reset them all. If you are configuring with SSH, make sure to enable your SSH service before re-enabling ufw!

sudo ufw reset

Hopefully, you have configured all of your services appropriately and have a good working firewall. If somehow this exercise is messing your server up, you can always disable it with “sudo ufw disable” until you can get more help or have more time to experiment. Happy and safe computing!